First crack at argparse parser for semanage.
David Quigley
selinux at davequigley.com
Thu Apr 18 14:00:37 UTC 2013
On 04/18/2013 09:21, Daniel J Walsh wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On 04/18/2013 09:14 AM, David Quigley wrote:
>> I posted this yesterday but sent it from the wrong account so its
>> probably
>> in moderation.
>>
>> Attached is my first crack at the argparse version of semanage.
>> Right now
>> it just parses the command line and spits out the dictionary raw.
>> Please
>> mess around with the command line and make sure that it behaves how
>> you
>> would expect. Some of the names in the dictionary are a bit weird
>> and I'm
>> having trouble getting sensible semantics for fcontext -e but it
>> should be
>> parsing the command lines properly. Also not all of the help text is
>> in
>> place yet. If you want to add some help text either send it to me in
>> an
>> email or send me a patch and I'll apply it to my repo. I still need
>> to
>> commit the latest changes to my github account but once I do you
>> should be
>> able to get the same file from my semanage-argparse repo on github.
>> After
>> we're sure that the parsing works as we'd like and the help messages
>> are
>> sensible to people I'll work on gluing this frontend back onto the
>> seobject
>> class that semanage uses to do that actual policy store
>> manipulations.
>> Someone pointed out that I have some spelling mistakes in there. I
>> will
>> make sure to address them in the next version once I add more help
>> text.
>>
>> Dave
>>
>>
>> -- selinux mailing list selinux at lists.fedoraproject.org
>> https://admin.fedoraproject.org/mailman/listinfo/selinux
>>
>
> David, Miroslav was working on something similar.
>
> I think the big problem with this is going to be handling
>
> Output local customizations
> semanage [ -S store ] -o [ output_file | - ]
>
> Input local customizations
> semanage [ -S store ] -i [ input_file | - ]
That is a possibility. However I believe I can handle that. I have a
custom error handler for the argparse object that will allow me to check
for that case if we never receive a sub-command. I can make a separate
argparse parser for these two commands and if that errors out in a
certain way I kick it back up to the original parser's error handler and
print out the usage instead. Its not the most elegant solution but its
one I can think of off the top of my head.
>
> Once we have this, we need to rewrite all of the man pages to be
>
> semanage-fcontext, semanage-user, semanage-boolean ...
I think regardless of whether the argparse version is done that this is
a good thing to do. This is the way the git man pages are laid out and I
think it has separate benefit even if semanage is never rewritten.
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.13 (GNU/Linux)
> Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
>
> iEYEARECAAYFAlFv83MACgkQrlYvE4MpobNfAQCgzJT6W2TdxE3nElREJnA7JtxY
> F5gAnA2BF4C93Qi1mXoN1008JoTbVwOK
> =gpC2
> -----END PGP SIGNATURE-----
More information about the selinux
mailing list