8:14 a.m.
I posted this yesterday but sent it from the wrong account so its
probably in moderation.
Attached is my first crack at the argparse version of semanage. Right
now it just parses the command line and spits out the dictionary raw.
Please mess around with the command line and make sure that it behaves
how you would expect. Some of the names in the dictionary are a bit
weird and I'm having trouble getting sensible semantics for fcontext -e
but it should be parsing the command lines properly. Also not all of the
help text is in place yet. If you want to add some help text either send
it to me in an email or send me a patch and I'll apply it to my repo. I
still need to commit the latest changes to my github account but once I
do you should be able to get the same file from my semanage-argparse
repo on github. After we're sure that the parsing works as we'd like and
the help messages are sensible to people I'll work on gluing this
frontend back onto the seobject class that semanage uses to do that
actual policy store manipulations. Someone pointed out that I have some
spelling mistakes in there. I will make sure to address them in the next
version once I add more help text.
Dave
8:21 a.m.
On 04/18/2013 03:14 PM, David Quigley wrote:
I posted this yesterday but sent it from the wrong account so its
probably in moderation.
Attached is my first crack at the argparse version of semanage. Right
now it just parses the command line and spits out the dictionary raw.
Please mess around with the command line and make sure that it behaves
how you would expect. Some of the names in the dictionary are a bit
weird and I'm having trouble getting sensible semantics for fcontext
-e but it should be parsing the command lines properly. Also not all
of the help text is in place yet. If you want to add some help text
either send it to me in an email or send me a patch and I'll apply it
to my repo. I still need to commit the latest changes to my github
account but once I do you should be able to get the same file from my
semanage-argparse repo on github. After we're sure that the parsing
works as we'd like and the help messages are sensible to people I'll
work on gluing this frontend back onto the seobject class that
semanage uses to do that actual policy store manipulations. Someone
pointed out that I have some spelling mistakes in there. I will make
sure to address them in the next version once I add more help text.
Dave
--
selinux mailing list
selinux(a)lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/selinux
Hi David,
I I have some patches for you before your latest change. Will send you.
I like it.
Regards,
Miroslav
9:03 a.m.
On 04/18/2013 09:21, Miroslav Grepl wrote:
On 04/18/2013 03:14 PM, David Quigley wrote:
> I posted this yesterday but sent it from the wrong account so its
> probably in moderation.
>
> Attached is my first crack at the argparse version of semanage.
> Right now it just parses the command line and spits out the dictionary
> raw. Please mess around with the command line and make sure that it
> behaves how you would expect. Some of the names in the dictionary are
> a bit weird and I'm having trouble getting sensible semantics for
> fcontext -e but it should be parsing the command lines properly. Also
> not all of the help text is in place yet. If you want to add some help
> text either send it to me in an email or send me a patch and I'll
> apply it to my repo. I still need to commit the latest changes to my
> github account but once I do you should be able to get the same file
> from my semanage-argparse repo on github. After we're sure that the
> parsing works as we'd like and the help messages are sensible to
> people I'll work on gluing this frontend back onto the seobject class
> that semanage uses to do that actual policy store manipulations.
> Someone pointed out that I have some spelling mistakes in there. I
> will make sure to address them in the next version once I add more
> help text.
>
> Dave
>
> --
> selinux mailing list
> selinux(a)lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/selinux
Hi David,
I I have some patches for you before your latest change. Will send
you.
I like it.
Regards,
Miroslav
Sounds good. I pushed the latest version of what I have onto github so
if you want to make patches against that tree that would make life
easier. The link to the github page for it is
https://github.com/dpquigl/semanage-argparse .
8:21 a.m.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 04/18/2013 09:14 AM, David Quigley wrote:
I posted this yesterday but sent it from the wrong account so its
probably
in moderation.
Attached is my first crack at the argparse version of semanage. Right now
it just parses the command line and spits out the dictionary raw. Please
mess around with the command line and make sure that it behaves how you
would expect. Some of the names in the dictionary are a bit weird and I'm
having trouble getting sensible semantics for fcontext -e but it should be
parsing the command lines properly. Also not all of the help text is in
place yet. If you want to add some help text either send it to me in an
email or send me a patch and I'll apply it to my repo. I still need to
commit the latest changes to my github account but once I do you should be
able to get the same file from my semanage-argparse repo on github. After
we're sure that the parsing works as we'd like and the help messages are
sensible to people I'll work on gluing this frontend back onto the seobject
class that semanage uses to do that actual policy store manipulations.
Someone pointed out that I have some spelling mistakes in there. I will
make sure to address them in the next version once I add more help text.
Dave
-- selinux mailing list selinux(a)lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/selinux
David, Miroslav was working on something similar.
I think the big problem with this is going to be handling
Output local customizations
semanage [ -S store ] -o [ output_file | - ]
Input local customizations
semanage [ -S store ] -i [ input_file | - ]
Once we have this, we need to rewrite all of the man pages to be
semanage-fcontext, semanage-user, semanage-boolean ...
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iEYEARECAAYFAlFv83MACgkQrlYvE4MpobNfAQCgzJT6W2TdxE3nElREJnA7JtxY
F5gAnA2BF4C93Qi1mXoN1008JoTbVwOK
=gpC2
-----END PGP SIGNATURE-----
9 a.m.
On 04/18/2013 09:21, Daniel J Walsh wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 04/18/2013 09:14 AM, David Quigley wrote:
> I posted this yesterday but sent it from the wrong account so its
> probably
> in moderation.
>
> Attached is my first crack at the argparse version of semanage.
> Right now
> it just parses the command line and spits out the dictionary raw.
> Please
> mess around with the command line and make sure that it behaves how
> you
> would expect. Some of the names in the dictionary are a bit weird
> and I'm
> having trouble getting sensible semantics for fcontext -e but it
> should be
> parsing the command lines properly. Also not all of the help text is
> in
> place yet. If you want to add some help text either send it to me in
> an
> email or send me a patch and I'll apply it to my repo. I still need
> to
> commit the latest changes to my github account but once I do you
> should be
> able to get the same file from my semanage-argparse repo on github.
> After
> we're sure that the parsing works as we'd like and the help messages
> are
> sensible to people I'll work on gluing this frontend back onto the
> seobject
> class that semanage uses to do that actual policy store
> manipulations.
> Someone pointed out that I have some spelling mistakes in there. I
> will
> make sure to address them in the next version once I add more help
> text.
>
> Dave
>
>
> -- selinux mailing list selinux(a)lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/selinux
>
David, Miroslav was working on something similar.
I think the big problem with this is going to be handling
Output local customizations
semanage [ -S store ] -o [ output_file | - ]
Input local customizations
semanage [ -S store ] -i [ input_file | - ]
That is a possibility. However I believe I can handle that. I have a
custom error handler for the argparse object that will allow me to check
for that case if we never receive a sub-command. I can make a separate
argparse parser for these two commands and if that errors out in a
certain way I kick it back up to the original parser's error handler and
print out the usage instead. Its not the most elegant solution but its
one I can think of off the top of my head.
Once we have this, we need to rewrite all of the man pages to be
semanage-fcontext, semanage-user, semanage-boolean ...
I think regardless of whether the argparse version is done that this is
a good thing to do. This is the way the git man pages are laid out and I
think it has separate benefit even if semanage is never rewritten.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iEYEARECAAYFAlFv83MACgkQrlYvE4MpobNfAQCgzJT6W2TdxE3nElREJnA7JtxY
F5gAnA2BF4C93Qi1mXoN1008JoTbVwOK
=gpC2
-----END PGP SIGNATURE-----
10:04 p.m.
On 04/18/2013 09:21, Daniel J Walsh wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 04/18/2013 09:14 AM, David Quigley wrote:
> I posted this yesterday but sent it from the wrong account so its
> probably
> in moderation.
>
> Attached is my first crack at the argparse version of semanage.
> Right now
> it just parses the command line and spits out the dictionary raw.
> Please
> mess around with the command line and make sure that it behaves how
> you
> would expect. Some of the names in the dictionary are a bit weird
> and I'm
> having trouble getting sensible semantics for fcontext -e but it
> should be
> parsing the command lines properly. Also not all of the help text is
> in
> place yet. If you want to add some help text either send it to me in
> an
> email or send me a patch and I'll apply it to my repo. I still need
> to
> commit the latest changes to my github account but once I do you
> should be
> able to get the same file from my semanage-argparse repo on github.
> After
> we're sure that the parsing works as we'd like and the help messages
> are
> sensible to people I'll work on gluing this frontend back onto the
> seobject
> class that semanage uses to do that actual policy store
> manipulations.
> Someone pointed out that I have some spelling mistakes in there. I
> will
> make sure to address them in the next version once I add more help
> text.
>
> Dave
>
>
> -- selinux mailing list selinux(a)lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/selinux
>
David, Miroslav was working on something similar.
I think the big problem with this is going to be handling
Output local customizations
semanage [ -S store ] -o [ output_file | - ]
Input local customizations
semanage [ -S store ] -i [ input_file | - ]
Once we have this, we need to rewrite all of the man pages to be
semanage-fcontext, semanage-user, semanage-boolean ...
Quick question. What does the -E --extract flag do? Its listed under
local flags but I can't find reference to it in the man page for
semanage.
Dave
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iEYEARECAAYFAlFv83MACgkQrlYvE4MpobNfAQCgzJT6W2TdxE3nElREJnA7JtxY
F5gAnA2BF4C93Qi1mXoN1008JoTbVwOK
=gpC2
-----END PGP SIGNATURE-----
5:28 a.m.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 04/19/2013 11:04 PM, David Quigley wrote:
On 04/18/2013 09:21, Daniel J Walsh wrote: On 04/18/2013 09:14 AM,
David
Quigley wrote:
>>> I posted this yesterday but sent it from the wrong account so its
>>> probably in moderation.
>>>
>>> Attached is my first crack at the argparse version of semanage. Right
>>> now it just parses the command line and spits out the dictionary raw.
>>> Please mess around with the command line and make sure that it
>>> behaves how you would expect. Some of the names in the dictionary are
>>> a bit weird and I'm having trouble getting sensible semantics for
>>> fcontext -e but it should be parsing the command lines properly. Also
>>> not all of the help text is in place yet. If you want to add some
>>> help text either send it to me in an email or send me a patch and
>>> I'll apply it to my repo. I still need to commit the latest changes
>>> to my github account but once I do you should be able to get the same
>>> file from my semanage-argparse repo on github. After we're sure that
>>> the parsing works as we'd like and the help messages are sensible to
>>> people I'll work on gluing this frontend back onto the seobject class
>>> that semanage uses to do that actual policy store manipulations.
>>> Someone pointed out that I have some spelling mistakes in there. I
>>> will make sure to address them in the next version once I add more
>>> help text.
>>>
>>> Dave
>>>
>>>
>>> -- selinux mailing list selinux(a)lists.fedoraproject.org
>>> https://admin.fedoraproject.org/mailman/listinfo/selinux
>>>
David, Miroslav was working on something similar.
I think the big problem with this is going to be handling
Output local customizations semanage [ -S store ] -o [ output_file | - ]
Input local customizations semanage [ -S store ] -i [ input_file | - ]
Once we have this, we need to rewrite all of the man pages to be
semanage-fcontext, semanage-user, semanage-boolean ...
Quick question. What does the -E --extract flag do? Its listed under local
flags but I can't find reference to it in the man page for semanage.
Dave -- selinux mailing list selinux(a)lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/selinux
semanage boolean -E
boolean -1 polyinstantiation_enabled
boolean -1 xguest_connect_network
boolean -1 xguest_mount_media
boolean -1 xguest_use_bluetooth
semanage fcontext -E
fcontext -a -f 'all files' -t etc_t
'/usr/app/grid/product(/.*)?/log(/.*)?'
fcontext -a -e /opt/rh/devtoolset-2/root /
It will extract local customizations, in transaction format. Very similar to
what -o does.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iEYEARECAAYFAlFybdkACgkQrlYvE4MpobOV8wCeOCC+RkHcZEwHVy97ginySkle
a6cAnAimGVPsQpk5YvCf4w/oJO8g0Z84
=zL+l
-----END PGP SIGNATURE-----
7 p.m.
On 4/20/2013 6:28 AM, Daniel J Walsh wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 04/19/2013 11:04 PM, David Quigley wrote:
> On 04/18/2013 09:21, Daniel J Walsh wrote: On 04/18/2013 09:14 AM, David
> Quigley wrote:
>>>> I posted this yesterday but sent it from the wrong account so its
>>>> probably in moderation.
>>>>
>>>> Attached is my first crack at the argparse version of semanage. Right
>>>> now it just parses the command line and spits out the dictionary raw.
>>>> Please mess around with the command line and make sure that it
>>>> behaves how you would expect. Some of the names in the dictionary are
>>>> a bit weird and I'm having trouble getting sensible semantics for
>>>> fcontext -e but it should be parsing the command lines properly. Also
>>>> not all of the help text is in place yet. If you want to add some
>>>> help text either send it to me in an email or send me a patch and
>>>> I'll apply it to my repo. I still need to commit the latest changes
>>>> to my github account but once I do you should be able to get the same
>>>> file from my semanage-argparse repo on github. After we're sure that
>>>> the parsing works as we'd like and the help messages are sensible to
>>>> people I'll work on gluing this frontend back onto the seobject
class
>>>> that semanage uses to do that actual policy store manipulations.
>>>> Someone pointed out that I have some spelling mistakes in there. I
>>>> will make sure to address them in the next version once I add more
>>>> help text.
>>>>
>>>> Dave
>>>>
>>>>
>>>> -- selinux mailing list selinux(a)lists.fedoraproject.org
>>>> https://admin.fedoraproject.org/mailman/listinfo/selinux
>>>>
>
> David, Miroslav was working on something similar.
>
> I think the big problem with this is going to be handling
>
> Output local customizations semanage [ -S store ] -o [ output_file | - ]
>
> Input local customizations semanage [ -S store ] -i [ input_file | - ]
>
> Once we have this, we need to rewrite all of the man pages to be
>
> semanage-fcontext, semanage-user, semanage-boolean ...
>
>
>
> Quick question. What does the -E --extract flag do? Its listed under local
> flags but I can't find reference to it in the man page for semanage.
>
> Dave -- selinux mailing list selinux(a)lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/selinux
semanage boolean -E
boolean -1 polyinstantiation_enabled
boolean -1 xguest_connect_network
boolean -1 xguest_mount_media
boolean -1 xguest_use_bluetooth
semanage fcontext -E
fcontext -a -f 'all files' -t etc_t
'/usr/app/grid/product(/.*)?/log(/.*)?'
fcontext -a -e /opt/rh/devtoolset-2/root /
It will extract local customizations, in transaction format. Very similar to
what -o does.
Ok I'll change the text for that in the next patch.
I'm going to toss up the link to what I just did to see if people like
how I'm handling the code. I'm not a python guru so I'm more than happy
to have constructive criticism.
Dave
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iEYEARECAAYFAlFybdkACgkQrlYvE4MpobOV8wCeOCC+RkHcZEwHVy97ginySkle
a6cAnAimGVPsQpk5YvCf4w/oJO8g0Z84
=zL+l
-----END PGP SIGNATURE-----
4022
days inactive
4025
days old
selinux@lists.fedoraproject.org
7 comments
3 participants
participants (3)
-
Daniel J Walsh -
David Quigley -
Miroslav Grepl