diff mbox series

[1/2] python/semanage: explain why sepolicy is imported in a function

Message ID 20190105154551.18768-1-nicolas.iooss@m4x.org (mailing list archive)
State Not Applicable
Headers show
Series [1/2] python/semanage: explain why sepolicy is imported in a function | expand

Commit Message

Nicolas Iooss Jan. 5, 2019, 3:45 p.m. UTC 
Importing modules inside functions is quite uncommon in Python. This is
nevertheless required with sepolicy because it loads the current SELinux
policy when it is imported (and raises ValueError when this fails).

Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
---
 python/semanage/semanage | 1 +
 1 file changed, 1 insertion(+)
diff mbox series

Patch

diff --git a/python/semanage/semanage b/python/semanage/semanage
index 1cb136831422..49add51ec24e 100644
--- a/python/semanage/semanage
+++ b/python/semanage/semanage
@@ -83,6 +83,7 @@  class CheckRole(argparse.Action):
         if not newval:
             newval = []
         try:
+            # sepolicy tries to load the SELinux policy and raises ValueError if it fails.
             import sepolicy
             roles = sepolicy.get_all_roles()
         except ValueError: