91 lines
3.2 KiB
Diff
91 lines
3.2 KiB
Diff
|
From 4e6f6c95cfe7ca4a3a9d9e0dbd6e23e4bac2449c Mon Sep 17 00:00:00 2001
|
||
|
From: Petr Lautrbach <plautrba@redhat.com>
|
||
|
Date: Thu, 18 Nov 2021 13:59:08 +0100
|
||
|
Subject: [PATCH] Make seinfo output predictable
|
||
|
|
||
|
There are few places where frozenset is used. Given that frozenset is an unordered
|
||
|
collection the output generated from this is unpredictable.
|
||
|
|
||
|
The following command outputs are fixed using sorted() on frozensets:
|
||
|
|
||
|
seinfo --constrain
|
||
|
seinfo --common
|
||
|
seinfo -c -x
|
||
|
seinfo -r -x
|
||
|
seinfo -u -x
|
||
|
|
||
|
Fixes: https://github.com/SELinuxProject/setools/issues/65
|
||
|
|
||
|
Signed-off-by: Petr Lautrbach <plautrba@redhat.com>
|
||
|
---
|
||
|
setools/policyrep/constraint.pxi | 2 +-
|
||
|
setools/policyrep/objclass.pxi | 4 ++--
|
||
|
setools/policyrep/role.pxi | 2 +-
|
||
|
setools/policyrep/user.pxi | 2 +-
|
||
|
4 files changed, 5 insertions(+), 5 deletions(-)
|
||
|
|
||
|
diff --git a/setools/policyrep/constraint.pxi b/setools/policyrep/constraint.pxi
|
||
|
index d5221a1..77c3e2e 100644
|
||
|
--- a/setools/policyrep/constraint.pxi
|
||
|
+++ b/setools/policyrep/constraint.pxi
|
||
|
@@ -66,7 +66,7 @@ cdef class Constraint(BaseConstraint):
|
||
|
|
||
|
def statement(self):
|
||
|
if len(self.perms) > 1:
|
||
|
- perms = "{{ {0} }}".format(' '.join(self.perms))
|
||
|
+ perms = "{{ {0} }}".format(' '.join(sorted(self.perms)))
|
||
|
else:
|
||
|
# convert to list since sets cannot be indexed
|
||
|
perms = list(self.perms)[0]
|
||
|
diff --git a/setools/policyrep/objclass.pxi b/setools/policyrep/objclass.pxi
|
||
|
index b7ec7b7..8ed2be5 100644
|
||
|
--- a/setools/policyrep/objclass.pxi
|
||
|
+++ b/setools/policyrep/objclass.pxi
|
||
|
@@ -75,7 +75,7 @@ cdef class Common(PolicySymbol):
|
||
|
return other in self.perms
|
||
|
|
||
|
def statement(self):
|
||
|
- return "common {0}\n{{\n\t{1}\n}}".format(self, '\n\t'.join(self.perms))
|
||
|
+ return "common {0}\n{{\n\t{1}\n}}".format(self, '\n\t'.join(sorted(self.perms)))
|
||
|
|
||
|
|
||
|
cdef class ObjClass(PolicySymbol):
|
||
|
@@ -204,7 +204,7 @@ cdef class ObjClass(PolicySymbol):
|
||
|
|
||
|
# a class that inherits may not have additional permissions
|
||
|
if len(self.perms) > 0:
|
||
|
- stmt += "{{\n\t{0}\n}}".format('\n\t'.join(self.perms))
|
||
|
+ stmt += "{{\n\t{0}\n}}".format('\n\t'.join(sorted(self.perms)))
|
||
|
|
||
|
return stmt
|
||
|
|
||
|
diff --git a/setools/policyrep/role.pxi b/setools/policyrep/role.pxi
|
||
|
index 9a0dd39..3af8a3f 100644
|
||
|
--- a/setools/policyrep/role.pxi
|
||
|
+++ b/setools/policyrep/role.pxi
|
||
|
@@ -58,7 +58,7 @@ cdef class Role(PolicySymbol):
|
||
|
if count == 1:
|
||
|
stmt += " types {0}".format(types[0])
|
||
|
else:
|
||
|
- stmt += " types {{ {0} }}".format(' '.join(types))
|
||
|
+ stmt += " types {{ {0} }}".format(' '.join(sorted(types)))
|
||
|
|
||
|
stmt += ";"
|
||
|
return stmt
|
||
|
diff --git a/setools/policyrep/user.pxi b/setools/policyrep/user.pxi
|
||
|
index 9c82aa9..e37af29 100644
|
||
|
--- a/setools/policyrep/user.pxi
|
||
|
+++ b/setools/policyrep/user.pxi
|
||
|
@@ -81,7 +81,7 @@ cdef class User(PolicySymbol):
|
||
|
if count == 1:
|
||
|
stmt += roles[0]
|
||
|
else:
|
||
|
- stmt += "{{ {0} }}".format(' '.join(roles))
|
||
|
+ stmt += "{{ {0} }}".format(' '.join(sorted(roles)))
|
||
|
|
||
|
if self._level:
|
||
|
stmt += " level {0.mls_level} range {0.mls_range};".format(self)
|
||
|
--
|
||
|
2.30.2
|
||
|
|