From patchwork Thu Nov 7 10:23:37 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Petr Lautrbach X-Patchwork-Id: 11232461 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 333B414E5 for ; Thu, 7 Nov 2019 10:23:53 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id 05EAB2084D for ; Thu, 7 Nov 2019 10:23:53 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="DRu1bTq+" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1733273AbfKGKXw (ORCPT ); Thu, 7 Nov 2019 05:23:52 -0500 Received: from us-smtp-delivery-1.mimecast.com ([205.139.110.120]:36197 "EHLO us-smtp-1.mimecast.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1726866AbfKGKXw (ORCPT ); Thu, 7 Nov 2019 05:23:52 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1573122231; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=0N345fmK7BFXwu0DxYN5YooHxaMXDfrTdK04i1NeQ8M=; b=DRu1bTq+4dVzVhQQISuujZYUmdHKFcKm0xhkED2g1CjmTzfHR/USUQv4dhdnpHkRjvMxA8 dEW0RCatnEGqwODxPVJvbeX9xjClUbCkFDNkWTftlX5Znr/YS2OZbAlZTEA0b3Kje3qqoX PM/rNW4Hz1ZMjDgJ3C3UGNg6JqsCGIA= Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-108-HWyTK64XNgKRMSlrTgQ2fA-1; Thu, 07 Nov 2019 05:23:47 -0500 Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.14]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 7619E800C61 for ; Thu, 7 Nov 2019 10:23:46 +0000 (UTC) Received: from workstation.brq.redhat.com (unknown [10.34.245.65]) by smtp.corp.redhat.com (Postfix) with ESMTP id 8B2185D9CD; Thu, 7 Nov 2019 10:23:45 +0000 (UTC) From: Petr Lautrbach To: selinux@vger.kernel.org Cc: Petr Lautrbach Subject: [PATCH v2] python/sepolicy: Revert "Only invoke RPM on RPM-enabled Linux distributions" Date: Thu, 7 Nov 2019 11:23:37 +0100 Message-Id: <20191107102337.1087390-1-plautrba@redhat.com> In-Reply-To: <4ccc28b3-4e2c-e287-6d3e-4738e27bbbb3@tycho.nsa.gov> References: <4ccc28b3-4e2c-e287-6d3e-4738e27bbbb3@tycho.nsa.gov> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14 X-MC-Unique: HWyTK64XNgKRMSlrTgQ2fA-1 X-Mimecast-Spam-Score: 0 Sender: selinux-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: selinux@vger.kernel.org Commit 73b7ff410c1b ("Only invoke RPM on RPM-enabled Linux distributions") used platform.linux_distribution() function to detect whether the system is rpm based. This function is deprecated since Python 3.5 and it's removed from Python 3.8 - https://bugs.python.org/issue28167 The original problem is already fixed by another commit 671f83b42ba2 ("policycoreutils/sepolicy: Check get_rpm_nvr_list() return value"): $ sepolicy generate --customize -p mypolicy -n testpolicy -d httpd_sys_script_t -w /home Failed to retrieve rpm info for selinux-policy Created the following files: mypolicy/testpolicy.te # Type Enforcement file mypolicy/testpolicy.if # Interface file mypolicy/testpolicy.fc # File Contexts file mypolicy/testpolicy_selinux.spec # Spec file mypolicy/testpolicy.sh # Setup Script Fixes: File "/usr/lib/python3.8/site-packages/sepolicy/generate.py", line 1384, in generate if (platform.linux_distribution(full_distribution_name=0)[0] in ("redhat", "centos", "SuSE", "fedora", "mandrake", "mandriva")): AttributeError: module 'platform' has no attribute 'linux_distribution' Signed-off-by: Petr Lautrbach Acked-by: Stephen Smalley --- The commit hash in the commit message is fixed now. python/sepolicy/sepolicy/generate.py | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/python/sepolicy/sepolicy/generate.py b/python/sepolicy/sepolicy/generate.py index 973edb9d6b91..e8d07e7d65a9 100644 --- a/python/sepolicy/sepolicy/generate.py +++ b/python/sepolicy/sepolicy/generate.py @@ -26,7 +26,6 @@ import re import sepolicy from sepolicy import get_all_types, get_all_attributes, get_all_roles import time -import platform from .templates import executable from .templates import boolean @@ -1178,8 +1177,7 @@ allow %s_t %s_t:%s_socket name_%s; newsh += re.sub("TEMPLATETYPE", self.name, t1) newsh += self.generate_user_sh() - if (platform.linux_distribution(full_distribution_name=0)[0] in ("redhat", "centos", "SuSE", "fedora", "mandrake", "mandriva")): - newsh += re.sub("TEMPLATEFILE", self.file_name, script.rpm) + newsh += re.sub("TEMPLATEFILE", self.file_name, script.rpm) return newsh @@ -1379,7 +1377,6 @@ Warning %s does not exist out += "%s # %s\n" % (self.write_if(out_dir), _("Interface file")) out += "%s # %s\n" % (self.write_fc(out_dir), _("File Contexts file")) if self.type != NEWTYPE: - if (platform.linux_distribution(full_distribution_name=0)[0] in ("redhat", "centos", "SuSE", "fedora", "mandrake", "mandriva")): - out += "%s # %s\n" % (self.write_spec(out_dir), _("Spec file")) + out += "%s # %s\n" % (self.write_spec(out_dir), _("Spec file")) out += "%s # %s\n" % (self.write_sh(out_dir), _("Setup Script")) return out