Bug #280998 - Misc selinux fixes. Thanks to Chris PeBenito
authorZac Medico <zmedico@gentoo.org>
Mon, 10 Aug 2009 17:33:00 +0000 (17:33 -0000)
committerZac Medico <zmedico@gentoo.org>
Mon, 10 Aug 2009 17:33:00 +0000 (17:33 -0000)
<pebenito@gentoo.org> for this patch.

svn path=/main/trunk/; revision=13977

pym/portage/__init__.py
pym/portage/_selinux.py

index d9fe686c1f0f702c473295d906cf4b863565c5e4..b26e8bd9c15cb5016e2c58d263e49f36e8243c88 100644 (file)
@@ -3483,9 +3483,7 @@ def spawn(mystring, mysettings, debug=0, free=0, droppriv=0, sesandbox=0, fakero
                spawn_func = portage.process.spawn_sandbox
 
        if sesandbox:
-               con = selinux.getcontext()
-               con = con.replace(mysettings["PORTAGE_T"],
-                       mysettings["PORTAGE_SANDBOX_T"])
+               con = selinux.settype(mysettings["PORTAGE_SANDBOX_T"])
                selinux.setexec(con)
 
        returnpid = keywords.get("returnpid")
@@ -3496,7 +3494,7 @@ def spawn(mystring, mysettings, debug=0, free=0, droppriv=0, sesandbox=0, fakero
                if logfile:
                        os.close(slave_fd)
                if sesandbox:
-                       selinux.setexec(None)
+                       selinux.setexec()
 
        if returnpid:
                return mypids
@@ -3574,8 +3572,7 @@ def _spawn_fetch(settings, args, **kwargs):
        try:
 
                if settings.selinux_enabled():
-                       con = selinux.getcontext()
-                       con = con.replace(settings["PORTAGE_T"], settings["PORTAGE_FETCH_T"])
+                       con = selinux.settype(settings["PORTAGE_FETCH_T"])
                        selinux.setexec(con)
                        # bash is an allowed entrypoint, while most binaries are not
                        if args[0] != BASH_BINARY:
@@ -3586,7 +3583,7 @@ def _spawn_fetch(settings, args, **kwargs):
 
        finally:
                if settings.selinux_enabled():
-                       selinux.setexec(None)
+                       selinux.setexec()
 
        return rval
 
index 2a50f74344a6a769f1b4f7585d6bf39782849962..1b5f530ceb458b3972527475c90d0a0f77729590 100644 (file)
@@ -61,19 +61,27 @@ def rename(src, dest):
        finally:
                setfscreate()
 
+def settype(newtype):
+       ret = getcontext().split(":")
+       ret[2] = newtype
+       return ":".join(ret)
+
 def setexec(ctx="\n"):
+       if isinstance(ctx, unicode):
+               ctx = ctx.encode('utf_8', 'replace')
        if selinux.setexeccon(ctx) < 0:
                raise OSError("setexec: Failed setting exec() context \"%s\"." % ctx)
 
 def setfscreate(ctx="\n"):
+       if isinstance(ctx, unicode):
+               ctx = ctx.encode('utf_8', 'replace')
        if selinux.setfscreatecon(ctx) < 0:
                raise OSError(
                        "setfscreate: Failed setting fs create context \"%s\"." % ctx)
 
 def spawn(selinux_type, spawn_func, mycommand, opt_name=None, **keywords):
-       con = getcontext().split(":")
-       con[2] = selinux_type
-       setexec(":".join(con))
+       con = settype(selinux_type)
+       setexec(con)
        try:
                return spawn_func(mycommand, opt_name=opt_name, **keywords)
        finally: