First crack at argparse parser for semanage.

David Quigley selinux at davequigley.com
Thu Apr 18 14:00:37 UTC 2013 

On 04/18/2013 09:21, Daniel J Walsh wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On 04/18/2013 09:14 AM, David Quigley wrote:
>> I posted this yesterday but sent it from the wrong account so its 
>> probably
>> in moderation.
>>
>> Attached is my first crack at the argparse version of semanage. 
>> Right now
>> it just parses the command line and spits out the dictionary raw. 
>> Please
>> mess around with the command line and make sure that it behaves how 
>> you
>> would expect. Some of the names in the dictionary are a bit weird 
>> and I'm
>> having trouble getting sensible semantics for fcontext -e but it 
>> should be
>> parsing the command lines properly. Also not all of the help text is 
>> in
>> place yet. If you want to add some help text either send it to me in 
>> an
>> email or send me a patch and I'll apply it to my repo. I still need 
>> to
>> commit the latest changes to my github account but once I do you 
>> should be
>> able to get the same file from my semanage-argparse repo on github. 
>> After
>> we're sure that the parsing works as we'd like and the help messages 
>> are
>> sensible to people I'll work on gluing this frontend back onto the 
>> seobject
>> class that semanage uses to do that actual policy store 
>> manipulations.
>> Someone pointed out that I have some spelling mistakes in there. I 
>> will
>> make sure to address them in the next version once I add more help 
>> text.
>>
>> Dave
>>
>>
>> -- selinux mailing list selinux at lists.fedoraproject.org
>> https://admin.fedoraproject.org/mailman/listinfo/selinux
>>
>
> David, Miroslav was working on something similar.
>
> I think the big problem with this is going to be handling
>
>        Output local customizations
>        semanage [ -S store ] -o [ output_file | - ]
>
>        Input local customizations
>        semanage [ -S store ] -i [ input_file | - ]

That is a possibility. However I believe I can handle that. I have a 
custom error handler for the argparse object that will allow me to check 
for that case if we never receive a sub-command. I can make a separate 
argparse parser for these two commands and if that errors out in a 
certain way I kick it back up to the original parser's error handler and 
print out the usage instead. Its not the most elegant solution but its 
one I can think of off the top of my head.


>
> Once we have this, we need to rewrite all of the man pages to be
>
> semanage-fcontext, semanage-user, semanage-boolean ...

I think regardless of whether the argparse version is done that this is 
a good thing to do. This is the way the git man pages are laid out and I 
think it has separate benefit even if semanage is never rewritten.

>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.13 (GNU/Linux)
> Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
>
> iEYEARECAAYFAlFv83MACgkQrlYvE4MpobNfAQCgzJT6W2TdxE3nElREJnA7JtxY
> F5gAnA2BF4C93Qi1mXoN1008JoTbVwOK
> =gpC2
> -----END PGP SIGNATURE-----

More information about the selinux mailing list