-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 04/19/2013 11:04 PM, David Quigley wrote:
> On 04/18/2013 09:21, Daniel J Walsh wrote: On 04/18/2013 09:14 AM, David
> Quigley wrote:
>>>> I posted this yesterday but sent it from the wrong account so its
>>>> probably in moderation.
>>>>
>>>> Attached is my first crack at the argparse version of semanage. Right
>>>> now it just parses the command line and spits out the dictionary raw.
>>>> Please mess around with the command line and make sure that it
>>>> behaves how you would expect. Some of the names in the dictionary are
>>>> a bit weird and I'm having trouble getting sensible semantics for
>>>> fcontext -e but it should be parsing the command lines properly. Also
>>>> not all of the help text is in place yet. If you want to add some
>>>> help text either send it to me in an email or send me a patch and
>>>> I'll apply it to my repo. I still need to commit the latest changes
>>>> to my github account but once I do you should be able to get the same
>>>> file from my semanage-argparse repo on github. After we're sure that
>>>> the parsing works as we'd like and the help messages are sensible to
>>>> people I'll work on gluing this frontend back onto the seobject
class
>>>> that semanage uses to do that actual policy store manipulations.
>>>> Someone pointed out that I have some spelling mistakes in there. I
>>>> will make sure to address them in the next version once I add more
>>>> help text.
>>>>
>>>> Dave
>>>>
>>>>
>>>> -- selinux mailing list selinux(a)lists.fedoraproject.org
>>>>
https://admin.fedoraproject.org/mailman/listinfo/selinux
>>>>
>
> David, Miroslav was working on something similar.
>
> I think the big problem with this is going to be handling
>
> Output local customizations semanage [ -S store ] -o [ output_file | - ]
>
> Input local customizations semanage [ -S store ] -i [ input_file | - ]
>
> Once we have this, we need to rewrite all of the man pages to be
>
> semanage-fcontext, semanage-user, semanage-boolean ...
>
>
>
> Quick question. What does the -E --extract flag do? Its listed under local
> flags but I can't find reference to it in the man page for semanage.
>
> Dave -- selinux mailing list selinux(a)lists.fedoraproject.org
>
https://admin.fedoraproject.org/mailman/listinfo/selinux
semanage boolean -E
boolean -1 polyinstantiation_enabled
boolean -1 xguest_connect_network
boolean -1 xguest_mount_media
boolean -1 xguest_use_bluetooth
semanage fcontext -E
fcontext -a -f 'all files' -t etc_t
'/usr/app/grid/product(/.*)?/log(/.*)?'
fcontext -a -e /opt/rh/devtoolset-2/root /
It will extract local customizations, in transaction format. Very similar to
what -o does.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)
Comment: Using GnuPG with Thunderbird -
http://www.enigmail.net/
iEYEARECAAYFAlFybdkACgkQrlYvE4MpobOV8wCeOCC+RkHcZEwHVy97ginySkle
a6cAnAimGVPsQpk5YvCf4w/oJO8g0Z84
=zL+l
-----END PGP SIGNATURE-----
Ok I'll change the text for that in the next patch.
I'm going to toss up the link to what I just did to see if people like
how I'm handling the code. I'm not a python guru so I'm more than happy
to have constructive criticism.
Dave