policycoreutils/python-sepolicy-Add-sepolicy.load_store_policy-store.patch

From ef359c97c98a8b347c7379a605acff1b2305ee28 Mon Sep 17 00:00:00 2001
From: Petr Lautrbach <plautrba@redhat.com>
Date: Thu, 3 Jan 2019 13:03:38 +0100
Subject: [PATCH 107/170] python/sepolicy: Add
 sepolicy.load_store_policy(store)

load_store_policy() allows to (re)load SELinux policy based on a store name. It
is useful when SELinux is disabled and default policy is not installed; or when
a user wants to query or manipulate another policy.

Related: https://bugzilla.redhat.com/show_bug.cgi?id=1558861

Signed-off-by: Petr Lautrbach <plautrba@redhat.com>
---
 python/sepolicy/sepolicy/__init__.py | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/selinux-python-2.8/sepolicy/sepolicy/__init__.py b/selinux-python-2.8/sepolicy/sepolicy/__init__.py
index fbeb731d..b69a6b94 100644
--- a/selinux-python-2.8/sepolicy/sepolicy/__init__.py
+++ b/selinux-python-2.8/sepolicy/sepolicy/__init__.py
@@ -129,6 +129,13 @@ def get_installed_policy(root="/"):
         pass
     raise ValueError(_("No SELinux Policy installed"))
 
+def get_store_policy(store, root="/"):
+    try:
+        policies = glob.glob("%s%s/policy/policy.*" % (selinux.selinux_path(), store))
+        policies.sort()
+        return policies[-1]
+    except:
+        return None
 
 def policy(policy_file):
     global all_domains
@@ -156,6 +163,11 @@ def policy(policy_file):
     except:
         raise ValueError(_("Failed to read %s policy file") % policy_file)
 
+def load_store_policy(store):
+    policy_file = get_store_policy(store)
+    if not policy_file:
+        return None
+    policy(policy_file)
 
 try:
     policy_file = get_installed_policy()
-- 
2.19.1
Package init 2019-12-25 17:13:11 +08:00			`From ef359c97c98a8b347c7379a605acff1b2305ee28 Mon Sep 17 00:00:00 2001`
			`From: Petr Lautrbach <plautrba@redhat.com>`
			`Date: Thu, 3 Jan 2019 13:03:38 +0100`
			`Subject: [PATCH 107/170] python/sepolicy: Add`
			`sepolicy.load_store_policy(store)`

			`load_store_policy() allows to (re)load SELinux policy based on a store name. It`
			`is useful when SELinux is disabled and default policy is not installed; or when`
			`a user wants to query or manipulate another policy.`

			`Related: https://bugzilla.redhat.com/show_bug.cgi?id=1558861`

			`Signed-off-by: Petr Lautrbach <plautrba@redhat.com>`
			`---`
			`python/sepolicy/sepolicy/__init__.py \| 12 ++++++++++++`
			`1 file changed, 12 insertions(+)`

			`diff --git a/selinux-python-2.8/sepolicy/sepolicy/__init__.py b/selinux-python-2.8/sepolicy/sepolicy/__init__.py`
			`index fbeb731d..b69a6b94 100644`
			`--- a/selinux-python-2.8/sepolicy/sepolicy/__init__.py`
			`+++ b/selinux-python-2.8/sepolicy/sepolicy/__init__.py`
			`@@ -129,6 +129,13 @@ def get_installed_policy(root="/"):`
			`pass`
			`raise ValueError(_("No SELinux Policy installed"))`

			`+def get_store_policy(store, root="/"):`
			`+ try:`
			`+ policies = glob.glob("%s%s/policy/policy.*" % (selinux.selinux_path(), store))`
			`+ policies.sort()`
			`+ return policies[-1]`
			`+ except:`
			`+ return None`

			`def policy(policy_file):`
			`global all_domains`
			`@@ -156,6 +163,11 @@ def policy(policy_file):`
			`except:`
			`raise ValueError(_("Failed to read %s policy file") % policy_file)`

			`+def load_store_policy(store):`
			`+ policy_file = get_store_policy(store)`
			`+ if not policy_file:`
			`+ return None`
			`+ policy(policy_file)`

			`try:`
			`policy_file = get_installed_policy()`
			`--`
			`2.19.1`