Cleaning up semanage
Joe Wulf
joe_wulf at yahoo.com
Fri Dec 14 20:23:19 UTC 2012
I just wanna say that you are pretty awesome, Daniel, to further the community in all the ways you do.
Much thanks!
R,
-Joe
>________________________________
> From: Daniel J Walsh <dwalsh at redhat.com>
>To: David Quigley <selinux at davequigley.com>
>Cc: selinux at lists.fedoraproject.org
>Sent: Friday, December 14, 2012 7:10 AM
>Subject: Re: Cleaning up semanage
>
>-----BEGIN PGP SIGNED MESSAGE-----
>Hash: SHA1
>
>On 12/13/2012 06:30 PM, David Quigley wrote:
>> On 12/13/2012 14:13, David Quigley wrote:
>>> On 12/13/2012 10:41, Konstantin Ryabitsev wrote:
>>>> On Wed, Dec 12, 2012 at 10:03 PM, Dave Quigley
>>>> <selinux at davequigley.com> wrote:
>>>>> I'm actually going to try to pull together just the parsers without
>>>>> any backend functionality to see how feasible this is and how it
>>>>> looks. If we like how it looks and its possible we can move forward
>>>>> with it. I think that since --ftype is a longarg that argparse might
>>>>> be able to handle it. If not then some manipulation of things might
>>>>> be in order (like making an = between --ftype and the -d).
>>>>
>>>> Note that --ftype can be also written as -f. So, really, if you want to
>>>> be fully backwards-compatible, you'll need to correctly parse the
>>>> following:
>>>>
>>>> semanage fcontext -d -f -d /some/dir
>>>>
>>>> -- Konstantin Ryabitsev LinuxFoundation.org Montréal, Québec
>>>
>>>
>>> Which brings up a good question. Is there a test suite we can use to
>>> ensure that the new interface matches the old interface? A regression
>>> suite for semanage would be very useful in this case. We could start with
>>> everything failing and rebuild the interface one at a time untill
>>> everything passes again. -- selinux mailing list
>>> selinux at lists.fedoraproject.org
>>> https://admin.fedoraproject.org/mailman/listinfo/selinux
>>
>>
>> I Haven't typed in all of the help info yet but the link is to a pastbin
>> with the usage information for the semanage login subcommand. I just need
>> to get it to react that way when there are 0 arguments passed in as well.
>> Right now it will print this when you type semanage login -h or --help. I
>> want it to print this on semanage login with no arguments as well.
>>
>> http://pastebin.com/KTtNk0rC -- selinux mailing list
>> selinux at lists.fedoraproject.org
>> https://admin.fedoraproject.org/mailman/listinfo/selinux
>
>I love it. This has been on my long list of cleanups for a while, but we
>never seem to get to it. I looked at this a while ago, and at the time the
>hardest problem I saw was the fact that semanage without arguments was
>difficult to do.
>
> Output local customizations
> semanage [ -S store ] -o [ output_file | - ]
>
> Input local customizations
> semanage [ -S store ] -i [ input_file | - ]
>
>argparser does not allow "optional arguments" like this.
>
>A cleanup of the man page would also be great. The new sepolicy tool suite is
>using argparse and separate man pages for each subcommand, and I really like it.
>
>I think bash-completion eliminates the need for semanage-fcontext Since you
>can do.
>
>semanage <tab><tab>
>boolean fcontext login node port
>dontaudit interface module permissive user
>
>
>-----BEGIN PGP SIGNATURE-----
>Version: GnuPG v1.4.12 (GNU/Linux)
>Comment: Using GnuPG with undefined - http://www.enigmail.net/
>
>iEYEARECAAYFAlDLFz0ACgkQrlYvE4MpobPeuQCggV+uI4VQRgfxV6ahibLQAaV6
>FwYAoLr/skXi3auZzRp6uvt64jReTgzV
>=kd2u
>-----END PGP SIGNATURE-----
>--
>selinux mailing list
>selinux at lists.fedoraproject.org
>https://admin.fedoraproject.org/mailman/listinfo/selinux
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/selinux/attachments/20121214/366d1436/attachment.html>
More information about the selinux
mailing list