Changeset 61
- Timestamp:
- 05/31/07 08:14:40
(2 years ago)
- Author:
- zcutlip
- Message:
-do a find ! -type d once outside the os.walk loop in order to catch any non-dir files in the root
-do a non-recursive find using -maxdepth 1 since we are already recursing using os.walk
-quote 2nd argment to chcon to protect spaces, etc in filenames
-reworked input file parsing in relabel() to deal with possible relative paths. no longer backwards compatible with older input file format
-disabled -e option--individual file relabeling doesn't appear to work
-
Files:
-
Legend:
- Unmodified
- Added
- Removed
- Modified
- Copied
- Moved
| r48 |
r61 |
|
| 48 | 48 | elif re.match('^/selinux(/.*)?', path): |
|---|
| 49 | 49 | return False |
|---|
| | 50 | elif re.match('^/dev(/.*)?', path): |
|---|
| | 51 | return False |
|---|
| 50 | 52 | return True |
|---|
| 51 | 53 | |
|---|
| … | … | |
| 66 | 68 | print "Indexing extended attributes..." |
|---|
| 67 | 69 | |
|---|
| 68 | | # Traverse the root directory, running indexcon on each subdir |
|---|
| | 70 | #Do the find once outside the for loop to catch any non-dir files in the root |
|---|
| | 71 | cmd_str= "find '%s' -maxdepth 1 ! -type d -printf \'%%Z\t%%p\\n' 2>/dev/null >> %s" % \ |
|---|
| | 72 | (root, ctx_file) |
|---|
| | 73 | if verbose: |
|---|
| | 74 | print path |
|---|
| | 75 | os.system(cmd_str) |
|---|
| | 76 | |
|---|
| | 77 | # Traverse the root directory, running find non-recursively on each subdir |
|---|
| | 78 | |
|---|
| 69 | 79 | for root, dirs, files in os.walk(root): |
|---|
| 70 | 80 | for dirname in dirs: |
|---|
| 71 | 81 | path = os.path.join(root,dirname) |
|---|
| 72 | | |
|---|
| 73 | 82 | # Check to see that the path isn't one we're excluding |
|---|
| 74 | 83 | if is_legal_path(path): |
|---|
| 75 | | #ZJC use find instead of indexcon/searchcon |
|---|
| 76 | 84 | #output in the form of |
|---|
| 77 | 85 | #user_u:object_r:file_t<tab>/path/to/file |
|---|
| 78 | | cmd_str= "find '%s/' -printf '%%Z\t%%p\\n' >> %s" % \ |
|---|
| | 86 | cmd_str= "find '%s' -maxdepth 1 -printf '%%Z\t%%p\\n' 2>/dev/null >> %s" % \ |
|---|
| 79 | 87 | (path, ctx_file) |
|---|
| 80 | 88 | if verbose: |
|---|
| … | … | |
| 93 | 101 | |
|---|
| 94 | 102 | def update_ctx(filename, ctx): |
|---|
| 95 | | cmd = "chcon %s %s" % (ctx, filename) |
|---|
| | 103 | cmd = "chcon %s '%s'" % (ctx, filename) |
|---|
| 96 | 104 | os.system(cmd) |
|---|
| 97 | 105 | |
|---|
| 98 | 106 | def relabel_file(filename, ctx_file): |
|---|
| | 107 | #GIANT FIXME: individual file relabeling doesn't appear to work |
|---|
| | 108 | #and has been disabled. probably something trivial... |
|---|
| 99 | 109 | try: |
|---|
| 100 | 110 | ifile = open(ctx_file, 'r') |
|---|
| … | … | |
| 106 | 116 | regex = re.compile('\.\/', re.VERBOSE) |
|---|
| 107 | 117 | for l in lines: |
|---|
| 108 | | vals = re.split("\s", l) |
|---|
| 109 | | ctx = vals[0]; path = vals[2] |
|---|
| 110 | | # Remove trailing './' from entries in the cwd |
|---|
| 111 | | clean_path = regex.sub('', path) |
|---|
| | 118 | |
|---|
| | 119 | #ZJC Grab the filename, context from the line |
|---|
| | 120 | #remove whitespace (eol markers, etc) from line start/end |
|---|
| | 121 | l=l.strip() |
|---|
| | 122 | |
|---|
| | 123 | #ZJC split line only one time on whitepace, grab both halves |
|---|
| | 124 | ctx,path = re.split('\s+',l,1) |
|---|
| 112 | 125 | |
|---|
| 113 | | # We have this file's context in the context file |
|---|
| | 126 | if verbose: |
|---|
| | 127 | print path |
|---|
| | 128 | # Check to see that the path isn't one we're excluding |
|---|
| 114 | 129 | if (clean_path == filename): |
|---|
| 115 | 130 | update_ctx(filename, ctx) |
|---|
| … | … | |
| 132 | 147 | |
|---|
| 133 | 148 | for l in lines: |
|---|
| 134 | | #ZJC--continue to work with the previous input format |
|---|
| 135 | | #or the new one generated by find |
|---|
| | 149 | #ZJC--continue to work with the previous input format |
|---|
| | 150 | #or the new one generated by find |
|---|
| 136 | 151 | |
|---|
| 137 | 152 | #ZJC Grab the filename, context from the line |
|---|
| 138 | | #remove whitespace (eol markers, etc) from line start/end |
|---|
| | 153 | #remove whitespace (eol markers, etc) from line start/end |
|---|
| 139 | 154 | l=l.strip() |
|---|
| 140 | 155 | |
|---|
| 141 | | #ZJC split line only on time on whitepace, grab the 1st field |
|---|
| 142 | | vals = re.split("\s", l, 1) |
|---|
| 143 | | ctx = vals[0] |
|---|
| 144 | | |
|---|
| 145 | | #ZJC split line only one time on slash, |
|---|
| 146 | | #path is a "/" plus the 2nd field |
|---|
| 147 | | vals = re.split("/", l, 1) |
|---|
| 148 | | path = "/" +vals[1] |
|---|
| | 156 | #ZJC split line only one time on whitepace, grab both halves |
|---|
| | 157 | ctx,path = re.split('\s+',l,1) |
|---|
| 149 | 158 | |
|---|
| 150 | 159 | if verbose: |
|---|
| … | … | |
| 178 | 187 | relabel(ctx_file, verbose) |
|---|
| 179 | 188 | elif opts.has_key('-e'): |
|---|
| 180 | | relabel_file(opts['-e'], ctx_file) |
|---|
| | 189 | print "Individual file relabeling not implemented." |
|---|
| | 190 | exit(-1) |
|---|
| | 191 | #relabel_file(opts['-e'], ctx_file) |
|---|
| 181 | 192 | elif opts.has_key('-h'): |
|---|
| 182 | 193 | usage() |
|---|
Download in other formats:
* Generating other formats may take time.
