rpms/policycoreutils
7
0
Fork 0
Code Issues Pull Requests Releases Activity

policycoreutils-3.5-7

Browse Source 
- python: improve format strings for proper localization
- python: Drop hard formating from localized strings
- sepolicy: port to dnf4 python API (rhbz#2209404)
This commit is contained in:
Petr Lautrbach 2023-08-01 11:38:39 +02:00
parent aa0a78d0f1
commit 05444f27d0
6 changed files with 2740 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

455
0015-python-improve-format-strings-for-proper-localizatio.patch Normal file
View File

@ -0,0 +1,455 @@
From d55f376b3cdff4e4159db32039175f9a5ea105db Mon Sep 17 00:00:00 2001
From: Petr Lautrbach <lautrbach@redhat.com>
Date: Tue, 16 May 2023 15:45:05 +0200
Subject: [PATCH] python: improve format strings for proper localization
Content-type: text/plain
If a string contains more than one unnamed argument it's hard for
translators to proper localize as they don't know which value is
represented by a unnamed argument. It also blocks them to use a
different order of arguments which would make better sense in other
languages.
Fixes:
$ xgettext --default-domain=python -L Python --keyword=_ --keyword=N_ ../audit2allow/audit2allow ../chcat/chcat ../semanage/semanage ../semanage/seobject.py ../sepolgen/src/sepolgen/interfaces.py ../sepolicy/sepolicy/generate.py ../sepolicy/sepolicy/gui.py ../sepolicy/sepolicy/__init__.py ../sepolicy/sepolicy/interface.py ../sepolicy/sepolicy.py
../chcat/chcat:220: warning: 'msgid' format string with unnamed arguments cannot be properly localized:
The translator cannot reorder the arguments.
Please consider using a format string with named arguments,
and a mapping instead of a tuple for the arguments.
../semanage/seobject.py:1178: warning: 'msgid' format string with unnamed arguments cannot be properly localized:
The translator cannot reorder the arguments.
Please consider using a format string with named arguments,
and a mapping instead of a tuple for the arguments.
...
Signed-off-by: Petr Lautrbach <lautrbach@redhat.com>
---
python/chcat/chcat | 6 +-
python/semanage/seobject.py | 130 ++++++++++++++++++------------------
2 files changed, 68 insertions(+), 68 deletions(-)
diff --git a/python/chcat/chcat b/python/chcat/chcat
index 68718ec5f102..c4f592291821 100755
--- a/python/chcat/chcat
+++ b/python/chcat/chcat
@@ -125,7 +125,7 @@ def chcat_add(orig, newcat, objects, login_ind):
if len(clist) > 1:
if cat in clist[1:]:
- print(_("%s is already in %s") % (f, orig))
+ print(_("{target} is already in {category}").format(target=f, category=orig))
continue
clist.append(cat)
cats = clist[1:]
@@ -207,7 +207,7 @@ def chcat_remove(orig, newcat, objects, login_ind):
if len(clist) > 1:
if cat not in clist[1:]:
- print(_("%s is not in %s") % (f, orig))
+ print(_("{target} is not in {category}").format(target=f, category=orig))
continue
clist.remove(cat)
if len(clist) > 1:
@@ -217,7 +217,7 @@ def chcat_remove(orig, newcat, objects, login_ind):
else:
cat = ""
else:
- print(_("%s is not in %s") % (f, orig))
+ print(_("{target} is not in {category}").format(target=f, category=orig))
continue
if len(cat) == 0:
diff --git a/python/semanage/seobject.py b/python/semanage/seobject.py
index d82da4942987..2b1eb44ce8a3 100644
--- a/python/semanage/seobject.py
+++ b/python/semanage/seobject.py
@@ -843,7 +843,7 @@ class seluserRecords(semanageRecords):
for r in roles:
rc = semanage_user_add_role(self.sh, u, r)
if rc < 0:
- raise ValueError(_("Could not add role %s for %s") % (r, name))
+ raise ValueError(_("Could not add role {role} for {name}").format(role=r, name=name))
if is_mls_enabled == 1:
rc = semanage_user_set_mlsrange(self.sh, u, serange)
@@ -855,7 +855,7 @@ class seluserRecords(semanageRecords):
raise ValueError(_("Could not set MLS level for %s") % name)
rc = semanage_user_set_prefix(self.sh, u, prefix)
if rc < 0:
- raise ValueError(_("Could not add prefix %s for %s") % (r, prefix))
+ raise ValueError(_("Could not add prefix {prefix} for {role}").format(role=r, prefix=prefix))
(rc, key) = semanage_user_key_extract(self.sh, u)
if rc < 0:
raise ValueError(_("Could not extract key for %s") % name)
@@ -1088,7 +1088,7 @@ class portRecords(semanageRecords):
(rc, k) = semanage_port_key_create(self.sh, low, high, proto_d)
if rc < 0:
- raise ValueError(_("Could not create a key for %s/%s") % (proto, port))
+ raise ValueError(_("Could not create a key for {proto}/{port}").format(proto=proto, port=port))
return (k, proto_d, low, high)
def __add(self, port, proto, serange, type):
@@ -1110,44 +1110,44 @@ class portRecords(semanageRecords):
(rc, exists) = semanage_port_exists(self.sh, k)
if rc < 0:
- raise ValueError(_("Could not check if port %s/%s is defined") % (proto, port))
+ raise ValueError(_("Could not check if port {proto}/{port} is defined").format(proto=proto, port=port))
if exists:
- raise ValueError(_("Port %s/%s already defined") % (proto, port))
+ raise ValueError(_("Port {proto}/{port} already defined").format(proto=proto, port=port))
(rc, p) = semanage_port_create(self.sh)
if rc < 0:
- raise ValueError(_("Could not create port for %s/%s") % (proto, port))
+ raise ValueError(_("Could not create port for {proto}/{port}").format(proto=proto, port=port))
semanage_port_set_proto(p, proto_d)
semanage_port_set_range(p, low, high)
(rc, con) = semanage_context_create(self.sh)
if rc < 0:
- raise ValueError(_("Could not create context for %s/%s") % (proto, port))
+ raise ValueError(_("Could not create context for {proto}/{port}").format(proto=proto, port=port))
rc = semanage_context_set_user(self.sh, con, "system_u")
if rc < 0:
- raise ValueError(_("Could not set user in port context for %s/%s") % (proto, port))
+ raise ValueError(_("Could not set user in port context for {proto}/{port}").format(proto=proto, port=port))
rc = semanage_context_set_role(self.sh, con, "object_r")
if rc < 0:
- raise ValueError(_("Could not set role in port context for %s/%s") % (proto, port))
+ raise ValueError(_("Could not set role in port context for {proto}/{port}").format(proto=proto, port=port))
rc = semanage_context_set_type(self.sh, con, type)
if rc < 0:
- raise ValueError(_("Could not set type in port context for %s/%s") % (proto, port))
+ raise ValueError(_("Could not set type in port context for {proto}/{port}").format(proto=proto, port=port))
if (is_mls_enabled == 1) and (serange != ""):
rc = semanage_context_set_mls(self.sh, con, serange)
if rc < 0:
- raise ValueError(_("Could not set mls fields in port context for %s/%s") % (proto, port))
+ raise ValueError(_("Could not set mls fields in port context for {proto}/{port}").format(proto=proto, port=port))
rc = semanage_port_set_con(self.sh, p, con)
if rc < 0:
- raise ValueError(_("Could not set port context for %s/%s") % (proto, port))
+ raise ValueError(_("Could not set port context for {proto}/{port}").format(proto=proto, port=port))
rc = semanage_port_modify_local(self.sh, k, p)
if rc < 0:
- raise ValueError(_("Could not add port %s/%s") % (proto, port))
+ raise ValueError(_("Could not add port {proto}/{port}").format(proto=proto, port=port))
semanage_context_free(con)
semanage_port_key_free(k)
@@ -1175,13 +1175,13 @@ class portRecords(semanageRecords):
(rc, exists) = semanage_port_exists(self.sh, k)
if rc < 0:
- raise ValueError(_("Could not check if port %s/%s is defined") % (proto, port))
+ raise ValueError(_("Could not check if port {proto}/{port} is defined").format(proto=proto, port=port))
if not exists:
- raise ValueError(_("Port %s/%s is not defined") % (proto, port))
+ raise ValueError(_("Port {proto}/{port} is not defined").format(proto=proto, port=port))
(rc, p) = semanage_port_query(self.sh, k)
if rc < 0:
- raise ValueError(_("Could not query port %s/%s") % (proto, port))
+ raise ValueError(_("Could not query port {proto}/{port}").format(proto=proto, port=port))
con = semanage_port_get_con(p)
@@ -1195,7 +1195,7 @@ class portRecords(semanageRecords):
rc = semanage_port_modify_local(self.sh, k, p)
if rc < 0:
- raise ValueError(_("Could not modify port %s/%s") % (proto, port))
+ raise ValueError(_("Could not modify port {proto}/{port}").format(proto=proto, port=port))
semanage_port_key_free(k)
semanage_port_free(p)
@@ -1241,19 +1241,19 @@ class portRecords(semanageRecords):
(k, proto_d, low, high) = self.__genkey(port, proto)
(rc, exists) = semanage_port_exists(self.sh, k)
if rc < 0:
- raise ValueError(_("Could not check if port %s/%s is defined") % (proto, port))
+ raise ValueError(_("Could not check if port {proto}/{port} is defined").format(proto=proto, port=port))
if not exists:
- raise ValueError(_("Port %s/%s is not defined") % (proto, port))
+ raise ValueError(_("Port {proto}/{port} is not defined").format(proto=proto, port=port))
(rc, exists) = semanage_port_exists_local(self.sh, k)
if rc < 0:
- raise ValueError(_("Could not check if port %s/%s is defined") % (proto, port))
+ raise ValueError(_("Could not check if port {proto}/{port} is defined").format(proto=proto, port=port))
if not exists:
- raise ValueError(_("Port %s/%s is defined in policy, cannot be deleted") % (proto, port))
+ raise ValueError(_("Port {proto}/{port} is defined in policy, cannot be deleted").format(proto=proto, port=port))
rc = semanage_port_del_local(self.sh, k)
if rc < 0:
- raise ValueError(_("Could not delete port %s/%s") % (proto, port))
+ raise ValueError(_("Could not delete port {proto}/{port}").format(proto=proto, port=port))
semanage_port_key_free(k)
@@ -1362,7 +1362,7 @@ class ibpkeyRecords(semanageRecords):
(rc, k) = semanage_ibpkey_key_create(self.sh, subnet_prefix, low, high)
if rc < 0:
- raise ValueError(_("Could not create a key for %s/%s") % (subnet_prefix, pkey))
+ raise ValueError(_("Could not create a key for {subnet_prefix}/{pkey}").format(subnet_prefix=subnet_prefix, pkey=pkey))
return (k, subnet_prefix, low, high)
def __add(self, pkey, subnet_prefix, serange, type):
@@ -1384,44 +1384,44 @@ class ibpkeyRecords(semanageRecords):
(rc, exists) = semanage_ibpkey_exists(self.sh, k)
if rc < 0:
- raise ValueError(_("Could not check if ibpkey %s/%s is defined") % (subnet_prefix, pkey))
+ raise ValueError(_("Could not check if ibpkey {subnet_prefix}/{pkey} is defined").formnat(subnet_prefix=subnet_prefix, pkey=pkey))
if exists:
- raise ValueError(_("ibpkey %s/%s already defined") % (subnet_prefix, pkey))
+ raise ValueError(_("ibpkey {subnet_prefix}/{pkey} already defined").format(subnet_prefix=subnet_prefix, pkey=pkey))
(rc, p) = semanage_ibpkey_create(self.sh)
if rc < 0:
- raise ValueError(_("Could not create ibpkey for %s/%s") % (subnet_prefix, pkey))
+ raise ValueError(_("Could not create ibpkey for {subnet_prefix}/{pkey}").format(subnet_prefix=subnet_prefix, pkey=pkey))
semanage_ibpkey_set_subnet_prefix(self.sh, p, subnet_prefix)
semanage_ibpkey_set_range(p, low, high)
(rc, con) = semanage_context_create(self.sh)
if rc < 0:
- raise ValueError(_("Could not create context for %s/%s") % (subnet_prefix, pkey))
+ raise ValueError(_("Could not create context for {subnet_prefix}/{pkey}").format(subnet_prefix=subnet_prefix, pkey=pkey))
rc = semanage_context_set_user(self.sh, con, "system_u")
if rc < 0:
- raise ValueError(_("Could not set user in ibpkey context for %s/%s") % (subnet_prefix, pkey))
+ raise ValueError(_("Could not set user in ibpkey context for {subnet_prefix}/{pkey}").format(subnet_prefix=subnet_prefix, pkey=pkey))
rc = semanage_context_set_role(self.sh, con, "object_r")
if rc < 0:
- raise ValueError(_("Could not set role in ibpkey context for %s/%s") % (subnet_prefix, pkey))
+ raise ValueError(_("Could not set role in ibpkey context for {subnet_prefix}/{pkey}").format(subnet_prefix=subnet_prefix, pkey=pkey))
rc = semanage_context_set_type(self.sh, con, type)
if rc < 0:
- raise ValueError(_("Could not set type in ibpkey context for %s/%s") % (subnet_prefix, pkey))
+ raise ValueError(_("Could not set type in ibpkey context for {subnet_prefix}/{pkey}").format(subnet_prefix=subnet_prefix, pkey=pkey))
if (is_mls_enabled == 1) and (serange != ""):
rc = semanage_context_set_mls(self.sh, con, serange)
if rc < 0:
- raise ValueError(_("Could not set mls fields in ibpkey context for %s/%s") % (subnet_prefix, pkey))
+ raise ValueError(_("Could not set mls fields in ibpkey context for {subnet_prefix}/{pkey}").format(subnet_prefix=subnet_prefix, pkey=pkey))
rc = semanage_ibpkey_set_con(self.sh, p, con)
if rc < 0:
- raise ValueError(_("Could not set ibpkey context for %s/%s") % (subnet_prefix, pkey))
+ raise ValueError(_("Could not set ibpkey context for {subnet_prefix}/{pkey}").format(subnet_prefix=subnet_prefix, pkey=pkey))
rc = semanage_ibpkey_modify_local(self.sh, k, p)
if rc < 0:
- raise ValueError(_("Could not add ibpkey %s/%s") % (subnet_prefix, pkey))
+ raise ValueError(_("Could not add ibpkey {subnet_prefix}/{pkey}").format(subnet_prefix=subnet_prefix, pkey=pkey))
semanage_context_free(con)
semanage_ibpkey_key_free(k)
@@ -1448,13 +1448,13 @@ class ibpkeyRecords(semanageRecords):
(rc, exists) = semanage_ibpkey_exists(self.sh, k)
if rc < 0:
- raise ValueError(_("Could not check if ibpkey %s/%s is defined") % (subnet_prefix, pkey))
+ raise ValueError(_("Could not check if ibpkey {subnet_prefix}/{pkey} is defined").format(subnet_prefix=subnet_prefix, pkey=pkey))
if not exists:
- raise ValueError(_("ibpkey %s/%s is not defined") % (subnet_prefix, pkey))
+ raise ValueError(_("ibpkey {subnet_prefix}/{pkey} is not defined").format(subnet_prefix=subnet_prefix, pkey=pkey))
(rc, p) = semanage_ibpkey_query(self.sh, k)
if rc < 0:
- raise ValueError(_("Could not query ibpkey %s/%s") % (subnet_prefix, pkey))
+ raise ValueError(_("Could not query ibpkey {subnet_prefix}/{pkey}").format(subnet_prefix=subnet_prefix, pkey=pkey))
con = semanage_ibpkey_get_con(p)
@@ -1465,7 +1465,7 @@ class ibpkeyRecords(semanageRecords):
rc = semanage_ibpkey_modify_local(self.sh, k, p)
if rc < 0:
- raise ValueError(_("Could not modify ibpkey %s/%s") % (subnet_prefix, pkey))
+ raise ValueError(_("Could not modify ibpkey {subnet_prefix}/{pkey}").format(subnet_prefix=subnet_prefix, pkey=pkey))
semanage_ibpkey_key_free(k)
semanage_ibpkey_free(p)
@@ -1502,19 +1502,19 @@ class ibpkeyRecords(semanageRecords):
(k, subnet_prefix, low, high) = self.__genkey(pkey, subnet_prefix)
(rc, exists) = semanage_ibpkey_exists(self.sh, k)
if rc < 0:
- raise ValueError(_("Could not check if ibpkey %s/%s is defined") % (subnet_prefix, pkey))
+ raise ValueError(_("Could not check if ibpkey {subnet_prefix}/{pkey} is defined").format(subnet_prefix=subnet_prefix, pkey=pkey))
if not exists:
- raise ValueError(_("ibpkey %s/%s is not defined") % (subnet_prefix, pkey))
+ raise ValueError(_("ibpkey {subnet_prefix}/{pkey} is not defined").format(subnet_prefix=subnet_prefix, pkey=pkey))
(rc, exists) = semanage_ibpkey_exists_local(self.sh, k)
if rc < 0:
- raise ValueError(_("Could not check if ibpkey %s/%s is defined") % (subnet_prefix, pkey))
+ raise ValueError(_("Could not check if ibpkey {subnet_prefix}/{pkey} is defined").format(subnet_prefix=subnet_prefix, pkey=pkey))
if not exists:
- raise ValueError(_("ibpkey %s/%s is defined in policy, cannot be deleted") % (subnet_prefix, pkey))
+ raise ValueError(_("ibpkey {subnet_prefix}/{pkey} is defined in policy, cannot be deleted").format(subnet_prefix=subnet_prefix, pkey=pkey))
rc = semanage_ibpkey_del_local(self.sh, k)
if rc < 0:
- raise ValueError(_("Could not delete ibpkey %s/%s") % (subnet_prefix, pkey))
+ raise ValueError(_("Could not delete ibpkey {subnet_prefix}/{pkey}").format(subnet_prefix=subnet_prefix, pkey=pkey))
semanage_ibpkey_key_free(k)
@@ -1617,7 +1617,7 @@ class ibendportRecords(semanageRecords):
(rc, k) = semanage_ibendport_key_create(self.sh, ibdev_name, port)
if rc < 0:
- raise ValueError(_("Could not create a key for ibendport %s/%s") % (ibdev_name, ibendport))
+ raise ValueError(_("Could not create a key for ibendport {ibdev_name}/{ibendport}").format(ibdev_name=ibdev_name, ibendport=ibendport))
return (k, ibdev_name, port)
def __add(self, ibendport, ibdev_name, serange, type):
@@ -1638,44 +1638,44 @@ class ibendportRecords(semanageRecords):
(rc, exists) = semanage_ibendport_exists(self.sh, k)
if rc < 0:
- raise ValueError(_("Could not check if ibendport %s/%s is defined") % (ibdev_name, port))
+ raise ValueError(_("Could not check if ibendport {ibdev_name}/{port} is defined").format(ibdev_name=ibdev_name, port=port))
if exists:
- raise ValueError(_("ibendport %s/%s already defined") % (ibdev_name, port))
+ raise ValueError(_("ibendport {ibdev_name}/{port} already defined").format(ibdev_name=ibdev_name, port=port))
(rc, p) = semanage_ibendport_create(self.sh)
if rc < 0:
- raise ValueError(_("Could not create ibendport for %s/%s") % (ibdev_name, port))
+ raise ValueError(_("Could not create ibendport for {ibdev_name}/{port}").format(ibdev_name=ibdev_name, port=port))
semanage_ibendport_set_ibdev_name(self.sh, p, ibdev_name)
semanage_ibendport_set_port(p, port)
(rc, con) = semanage_context_create(self.sh)
if rc < 0:
- raise ValueError(_("Could not create context for %s/%s") % (ibdev_name, port))
+ raise ValueError(_("Could not create context for {ibendport}/{port}").format(ibdev_name=ibdev_name, port=port))
rc = semanage_context_set_user(self.sh, con, "system_u")
if rc < 0:
- raise ValueError(_("Could not set user in ibendport context for %s/%s") % (ibdev_name, port))
+ raise ValueError(_("Could not set user in ibendport context for {ibdev_name}/{port}").format(ibdev_name=ibdev_name, port=port))
rc = semanage_context_set_role(self.sh, con, "object_r")
if rc < 0:
- raise ValueError(_("Could not set role in ibendport context for %s/%s") % (ibdev_name, port))
+ raise ValueError(_("Could not set role in ibendport context for {ibdev_name}/{port}").format(ibdev_name=ibdev_name, port=port))
rc = semanage_context_set_type(self.sh, con, type)
if rc < 0:
- raise ValueError(_("Could not set type in ibendport context for %s/%s") % (ibdev_name, port))
+ raise ValueError(_("Could not set type in ibendport context for {ibdev_name}/{port}").format(ibdev_name=ibdev_name, port=port))
if (is_mls_enabled == 1) and (serange != ""):
rc = semanage_context_set_mls(self.sh, con, serange)
if rc < 0:
- raise ValueError(_("Could not set mls fields in ibendport context for %s/%s") % (ibdev_name, port))
+ raise ValueError(_("Could not set mls fields in ibendport context for {ibdev_name}/{port}").format(ibdev_name=ibdev_name, port=port))
rc = semanage_ibendport_set_con(self.sh, p, con)
if rc < 0:
- raise ValueError(_("Could not set ibendport context for %s/%s") % (ibdev_name, port))
+ raise ValueError(_("Could not set ibendport context for {ibdev_name}/{port}").format(ibdev_name=ibdev_name, port=port))
rc = semanage_ibendport_modify_local(self.sh, k, p)
if rc < 0:
- raise ValueError(_("Could not add ibendport %s/%s") % (ibdev_name, port))
+ raise ValueError(_("Could not add ibendport {ibdev_name}/{port}").format(ibdev_name=ibdev_name, port=port))
semanage_context_free(con)
semanage_ibendport_key_free(k)
@@ -1702,13 +1702,13 @@ class ibendportRecords(semanageRecords):
(rc, exists) = semanage_ibendport_exists(self.sh, k)
if rc < 0:
- raise ValueError(_("Could not check if ibendport %s/%s is defined") % (ibdev_name, ibendport))
+ raise ValueError(_("Could not check if ibendport {ibdev_name}/{ibendport} is defined").format(ibdev_name=ibdev_name, ibendport=ibendport))
if not exists:
- raise ValueError(_("ibendport %s/%s is not defined") % (ibdev_name, ibendport))
+ raise ValueError(_("ibendport {ibdev_name}/{ibendport} is not defined").format(ibdev_name=ibdev_name, ibendport=ibendport))
(rc, p) = semanage_ibendport_query(self.sh, k)
if rc < 0:
- raise ValueError(_("Could not query ibendport %s/%s") % (ibdev_name, ibendport))
+ raise ValueError(_("Could not query ibendport {ibdev_name}/{ibendport}").format(ibdev_name=ibdev_name, ibendport=ibendport))
con = semanage_ibendport_get_con(p)
@@ -1719,7 +1719,7 @@ class ibendportRecords(semanageRecords):
rc = semanage_ibendport_modify_local(self.sh, k, p)
if rc < 0:
- raise ValueError(_("Could not modify ibendport %s/%s") % (ibdev_name, ibendport))
+ raise ValueError(_("Could not modify ibendport {ibdev_name}/{ibendport}").format(ibdev_name=ibdev_name, ibendport=ibendport))
semanage_ibendport_key_free(k)
semanage_ibendport_free(p)
@@ -1741,11 +1741,11 @@ class ibendportRecords(semanageRecords):
port = semanage_ibendport_get_port(ibendport)
(k, ibdev_name, port) = self.__genkey(str(port), ibdev_name)
if rc < 0:
- raise ValueError(_("Could not create a key for %s/%d") % (ibdevname, port))
+ raise ValueError(_("Could not create a key for {ibdev_name}/{port}").format(ibdev_name=ibdev_name, port=port))
rc = semanage_ibendport_del_local(self.sh, k)
if rc < 0:
- raise ValueError(_("Could not delete the ibendport %s/%d") % (ibdev_name, port))
+ raise ValueError(_("Could not delete the ibendport {ibdev_name}/{port}").format(ibdev_name=ibdev_name, port=port))
semanage_ibendport_key_free(k)
self.commit()
@@ -1754,19 +1754,19 @@ class ibendportRecords(semanageRecords):
(k, ibdev_name, port) = self.__genkey(ibendport, ibdev_name)
(rc, exists) = semanage_ibendport_exists(self.sh, k)
if rc < 0:
- raise ValueError(_("Could not check if ibendport %s/%s is defined") % (ibdev_name, ibendport))
+ raise ValueError(_("Could not check if ibendport {ibdev_name}/{ibendport} is defined").format(ibdev_name=ibdev_name, ibendport=ibendport))
if not exists:
- raise ValueError(_("ibendport %s/%s is not defined") % (ibdev_name, ibendport))
+ raise ValueError(_("ibendport {ibdev_name}/{ibendport} is not defined").format(ibdev_name=ibdev_name, ibendport=ibendport))
(rc, exists) = semanage_ibendport_exists_local(self.sh, k)
if rc < 0:
- raise ValueError(_("Could not check if ibendport %s/%s is defined") % (ibdev_name, ibendport))
+ raise ValueError(_("Could not check if ibendport {ibdev_name}/{ibendport} is defined").format(ibdev_name=ibdev_name, ibendport=ibendport))
if not exists:
- raise ValueError(_("ibendport %s/%s is defined in policy, cannot be deleted") % (ibdev_name, ibendport))
+ raise ValueError(_("ibendport {ibdev_name}/{ibendport} is defined in policy, cannot be deleted").format(ibdev_name=ibdev_name, ibendport=ibendport))
rc = semanage_ibendport_del_local(self.sh, k)
if rc < 0:
- raise ValueError(_("Could not delete ibendport %s/%s") % (ibdev_name, ibendport))
+ raise ValueError(_("Could not delete ibendport {ibdev_name}/{ibendport}").format(ibdev_name=ibdev_name, ibendport=ibendport))
semanage_ibendport_key_free(k)
@@ -2765,7 +2765,7 @@ class booleanRecords(semanageRecords):
try:
boolname, val = b.split("=")
except ValueError:
- raise ValueError(_("Bad format %s: Record %s" % (name, b)))
+ raise ValueError(_("Bad format {filename}: Record {record}").format(filename=name, record=b))
self.__mod(boolname.strip(), val.strip())
fd.close()
else:
--
2.41.0

148
0016-python-Drop-hard-formating-from-localized-strings.patch Normal file
View File

@ -0,0 +1,148 @@
From 9de7df951d5c54de2a58e728a2089a0837f0c72e Mon Sep 17 00:00:00 2001
From: Petr Lautrbach <lautrbach@redhat.com>
Date: Wed, 17 May 2023 12:18:54 +0200
Subject: [PATCH] python: Drop hard formating from localized strings
Content-type: text/plain
It confuses translators and new lines are dropped by parser module anyway.
Signed-off-by: Petr Lautrbach <lautrbach@redhat.com>
---
python/audit2allow/audit2allow | 14 ++++++--
python/semanage/semanage | 60 +++++++++++++---------------------
2 files changed, 34 insertions(+), 40 deletions(-)
diff --git a/python/audit2allow/audit2allow b/python/audit2allow/audit2allow
index 5587a2dbb006..35b0b151ac86 100644
--- a/python/audit2allow/audit2allow
+++ b/python/audit2allow/audit2allow
@@ -234,9 +234,17 @@ class AuditToPolicy:
print(e)
sys.exit(1)
- sys.stdout.write(_("******************** IMPORTANT ***********************\n"))
- sys.stdout.write((_("To make this policy package active, execute:" +
- "\n\nsemodule -i %s\n\n") % packagename))
+ sys.stdout.write(
+"""******************** {important} ***********************
+{text}
+
+semodule -i {packagename}
+
+""".format(
+ important=_("IMPORTANT"),
+ text=_("To make this policy package active, execute:"),
+ packagename=packagename
+))
def __output_audit2why(self):
import selinux
diff --git a/python/semanage/semanage b/python/semanage/semanage
index e0bd98a95c77..4fdb490f7df4 100644
--- a/python/semanage/semanage
+++ b/python/semanage/semanage
@@ -238,30 +238,22 @@ def parser_add_level(parser, name):
def parser_add_range(parser, name):
- parser.add_argument('-r', '--range', default='',
- help=_('''
-MLS/MCS Security Range (MLS/MCS Systems only)
-SELinux Range for SELinux login mapping
-defaults to the SELinux user record range.
-SELinux Range for SELinux user defaults to s0.
-'''))
+ parser.add_argument('-r', '--range', default='', help=_(
+ "MLS/MCS Security Range (MLS/MCS Systems only) SELinux Range for SELinux login mapping defaults to the SELinux user record range. \
+SELinux Range for SELinux user defaults to s0."
+ ))
def parser_add_proto(parser, name):
- parser.add_argument('-p', '--proto', help=_('''
- Protocol for the specified port (tcp|udp|dccp|sctp) or internet protocol
- version for the specified node (ipv4|ipv6).
-'''))
+ parser.add_argument('-p', '--proto', help=_(
+ "Protocol for the specified port (tcp|udp|dccp|sctp) or internet protocol version for the specified node (ipv4|ipv6)."
+ ))
def parser_add_subnet_prefix(parser, name):
- parser.add_argument('-x', '--subnet_prefix', help=_('''
- Subnet prefix for the specified infiniband ibpkey.
-'''))
+ parser.add_argument('-x', '--subnet_prefix', help=_('Subnet prefix for the specified infiniband ibpkey.'))
def parser_add_ibdev_name(parser, name):
- parser.add_argument('-z', '--ibdev_name', help=_('''
- Name for the specified infiniband end port.
-'''))
+ parser.add_argument('-z', '--ibdev_name', help=_("Name for the specified infiniband end port."))
def parser_add_modify(parser, name):
parser.add_argument('-m', '--modify', dest='action', action='store_const', const='modify', help=_("Modify a record of the %s object type") % name)
@@ -348,15 +340,6 @@ def handleFcontext(args):
def setupFcontextParser(subparsers):
- ftype_help = '''
-File Type. This is used with fcontext. Requires a file type
-as shown in the mode field by ls, e.g. use d to match only
-directories or f to match only regular files. The following
-file type options can be passed:
-f (regular file),d (directory),c (character device),
-b (block device),s (socket),l (symbolic link),p (named pipe)
-If you do not specify a file type, the file type will default to "all files".
-'''
generate_usage = generate_custom_usage(usage_fcontext, usage_fcontext_dict)
fcontextParser = subparsers.add_parser('fcontext', usage=generate_usage, help=_("Manage file context mapping definitions"))
parser_add_locallist(fcontextParser, "fcontext")
@@ -372,11 +355,16 @@ If you do not specify a file type, the file type will default to "all files".
parser_add_extract(fcontext_action, "fcontext")
parser_add_deleteall(fcontext_action, "fcontext")
- fcontextParser.add_argument('-e', '--equal', help=_('''Substitute target path with sourcepath when generating default
- label. This is used with fcontext. Requires source and target
- path arguments. The context labeling for the target subtree is
- made equivalent to that defined for the source.'''))
- fcontextParser.add_argument('-f', '--ftype', default="", choices=["a", "f", "d", "c", "b", "s", "l", "p"], help=_(ftype_help))
+ fcontextParser.add_argument('-e', '--equal', help=_(
+ 'Substitute target path with sourcepath when generating default label. This is used with fcontext. Requires source and target \
+path arguments. The context labeling for the target subtree is made equivalent to that defined for the source.'
+ ))
+ fcontextParser.add_argument('-f', '--ftype', default="", choices=["a", "f", "d", "c", "b", "s", "l", "p"], help=_(
+ 'File Type. This is used with fcontext. Requires a file type as shown in the mode field by ls, e.g. use d to match only \
+directories or f to match only regular files. The following file type options can be passed: f (regular file), d (directory), \
+c (character device), b (block device), s (socket), l (symbolic link), p (named pipe). \
+If you do not specify a file type, the file type will default to "all files".'
+ ))
parser_add_seuser(fcontextParser, "fcontext")
parser_add_type(fcontextParser, "fcontext")
parser_add_range(fcontextParser, "fcontext")
@@ -426,9 +414,7 @@ def setupUserParser(subparsers):
parser_add_range(userParser, "user")
userParser.add_argument('-R', '--roles', default=[],
action=CheckRole,
- help=_('''
-SELinux Roles. You must enclose multiple roles within quotes, separate by spaces. Or specify -R multiple times.
-'''))
+ help=_("SELinux Roles. You must enclose multiple roles within quotes, separate by spaces. Or specify -R multiple times."))
userParser.add_argument('-P', '--prefix', default="user", help=argparse.SUPPRESS)
userParser.add_argument('selinux_name', nargs='?', default=None, help=_('selinux_name'))
userParser.set_defaults(func=handleUser)
@@ -901,9 +887,9 @@ def setupImportParser(subparsers):
def createCommandParser():
commandParser = seParser(prog='semanage',
formatter_class=argparse.ArgumentDefaultsHelpFormatter,
- description='''semanage is used to configure certain elements
- of SELinux policy with-out requiring modification
- to or recompilation from policy source.''')
+ description=_(
+ "semanage is used to configure certain elements of SELinux policy with-out requiring modification or recompilation from policy source."
+ ))
#To add a new subcommand define the parser for it in a function above and call it here.
subparsers = commandParser.add_subparsers(dest='subcommand')
--
2.41.0

32
0017-semanage-Drop-unnecessary-import-from-seobject.patch Normal file
View File

@ -0,0 +1,32 @@
From 74b849c9405f1b751e696c7fb2e419fcbd491fab Mon Sep 17 00:00:00 2001
From: Petr Lautrbach <lautrbach@redhat.com>
Date: Wed, 17 May 2023 13:09:58 +0200
Subject: [PATCH] semanage: Drop unnecessary import from seobject
Content-type: text/plain
sepolgen.module is not used for permissive domains
Signed-off-by: Petr Lautrbach <lautrbach@redhat.com>
---
python/semanage/seobject.py | 5 -----
1 file changed, 5 deletions(-)
diff --git a/python/semanage/seobject.py b/python/semanage/seobject.py
index 2b1eb44ce8a3..361205d11c10 100644
--- a/python/semanage/seobject.py
+++ b/python/semanage/seobject.py
@@ -504,11 +504,6 @@ class permissiveRecords(semanageRecords):
print(t)
def add(self, type):
- try:
- import sepolgen.module as module
- except ImportError:
- raise ValueError(_("The sepolgen python module is required to setup permissive domains.\nIn some distributions it is included in the policycoreutils-devel package.\n# yum install policycoreutils-devel\nOr similar for your distro."))
-
name = "permissive_%s" % type
modtxt = "(typepermissive %s)" % type
--
2.41.0

2009
0018-python-update-python.pot.patch Normal file
View File

File diff suppressed because it is too large Load Diff

84
0019-sepolicy-port-to-dnf4-python-API.patch Normal file
View File

@ -0,0 +1,84 @@
From d925b00da35384331df9bf31935398c37117f895 Mon Sep 17 00:00:00 2001
From: Petr Lautrbach <lautrbach@redhat.com>
Date: Sat, 29 Jul 2023 20:33:06 +0200
Subject: [PATCH] sepolicy: port to dnf4 python API
Content-type: text/plain
yum module is not available since RHEL 7.
Drop -systemd related code as it's obsoleted these days - only 2
packages ship their .service in -systemd subpackage
Signed-off-by: Petr Lautrbach <lautrbach@redhat.com>
---
python/sepolicy/sepolicy/generate.py | 38 ++++++++++++----------------
1 file changed, 16 insertions(+), 22 deletions(-)
diff --git a/python/sepolicy/sepolicy/generate.py b/python/sepolicy/sepolicy/generate.py
index 36a3ea1196b1..48602a736953 100644
--- a/python/sepolicy/sepolicy/generate.py
+++ b/python/sepolicy/sepolicy/generate.py
@@ -1264,13 +1264,20 @@ allow %s_t %s_t:%s_socket name_%s;
return fcfile
def __extract_rpms(self):
- import yum
- yb = yum.YumBase()
- yb.setCacheDir()
+ import dnf
- for pkg in yb.rpmdb.searchProvides(self.program):
+ base = dnf.Base()
+ base.read_all_repos()
+ base.fill_sack(load_system_repo=True)
+
+ query = base.sack.query()
+
+ pq = query.available()
+ pq = pq.filter(file=self.program)
+
+ for pkg in pq:
self.rpms.append(pkg.name)
- for fname in pkg.dirlist + pkg.filelist + pkg.ghostlist:
+ for fname in pkg.files:
for b in self.DEFAULT_DIRS:
if b == "/etc":
continue
@@ -1279,9 +1286,10 @@ allow %s_t %s_t:%s_socket name_%s;
self.add_file(fname)
else:
self.add_dir(fname)
-
- for bpkg in yb.rpmdb.searchNames([pkg.base_package_name]):
- for fname in bpkg.dirlist + bpkg.filelist + bpkg.ghostlist:
+ sq = query.available()
+ sq = sq.filter(provides=pkg.source_name)
+ for bpkg in sq:
+ for fname in bpkg.files:
for b in self.DEFAULT_DIRS:
if b == "/etc":
continue
@@ -1291,20 +1299,6 @@ allow %s_t %s_t:%s_socket name_%s;
else:
self.add_dir(fname)
- # some packages have own systemd subpackage
- # tor-systemd for example
- binary_name = self.program.split("/")[-1]
- for bpkg in yb.rpmdb.searchNames(["%s-systemd" % binary_name]):
- for fname in bpkg.filelist + bpkg.ghostlist + bpkg.dirlist:
- for b in self.DEFAULT_DIRS:
- if b == "/etc":
- continue
- if fname.startswith(b):
- if os.path.isfile(fname):
- self.add_file(fname)
- else:
- self.add_dir(fname)
-
def gen_writeable(self):
try:
self.__extract_rpms()
--
2.41.0

14
policycoreutils.spec
View File

@ -11,7 +11,7 @@
Summary: SELinux policy core utilities
Name: policycoreutils
Version: 3.5
Release: 6%{?dist}
Release: 7%{?dist}
License: GPL-2.0-or-later
# https://github.com/SELinuxProject/selinux/wiki/Releases
Source0: https://github.com/SELinuxProject/selinux/releases/download/3.5/selinux-3.5.tar.gz
@ -45,6 +45,11 @@ Patch0011: 0011-python-sepolicy-Improve-man-pages.patch
Patch0012: 0012-sandbox-Add-examples-to-man-pages.patch
Patch0013: 0013-python-sepolicy-Fix-template-for-confined-user-polic.patch
Patch0014: 0014-python-sepolicy-Fix-spec-file-dependencies.patch
Patch0015: 0015-python-improve-format-strings-for-proper-localizatio.patch
Patch0016: 0016-python-Drop-hard-formating-from-localized-strings.patch
Patch0017: 0017-semanage-Drop-unnecessary-import-from-seobject.patch
Patch0018: 0018-python-update-python.pot.patch
Patch0019: 0019-sepolicy-port-to-dnf4-python-API.patch
# Patch list end
Obsoletes: policycoreutils < 2.0.61-2
@ -250,7 +255,7 @@ by python 3 in an SELinux environment.
%package devel
Summary: SELinux policy core policy devel utilities
Requires: policycoreutils-python-utils = %{version}-%{release}
Requires: /usr/bin/make dnf
Requires: /usr/bin/make python3-dnf
Requires: (selinux-policy-devel if selinux-policy)
%description devel
@ -452,6 +457,11 @@ The policycoreutils-restorecond package contains the restorecond service.
%systemd_postun_with_restart restorecond.service
%changelog
* Tue Aug 1 2023 Petr Lautrbach <lautrbach@redhat.com> - 3.5-7
- python: improve format strings for proper localization
- python: Drop hard formating from localized strings
- sepolicy: port to dnf4 python API (rhbz#2209404)
* Fri Jul 21 2023 Fedora Release Engineering <releng@fedoraproject.org> - 3.5-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild