389-ds-base

Clone
Source Code
GIT

#50623 Ticket 50622 - ds_selinux_enabled may crash on suse
Closed 3 years ago by spichugi. Opened 4 years ago by firstyear.
firstyear/389-ds-base 50622-dsselinux-suse  into  master

file modified
+5 -3 
@@ -13,11 +13,13 @@ 
 

  

  

  import sys
 

- import selinux
 

- import semanage
 

  

  # Returns 1 for true, 0 for false.
 

  

- sys.exit(selinux.is_selinux_enabled())
 

+ try:
 

+     import selinux

Shouldn't "import semange" also be here?

 
+     sys.exit(selinux.is_selinux_enabled())
 

+ except ImportError:
 

+     sys.exit(0)

Bug Description: SUSE doesn't have the python-selinux module by
default, so this tool crashes as it can't find the python
module for import.

Fix Description: ATtempt to import the library, and on failure
return false for enabled.

https://pagure.io/389-ds-base/issue/50622

Author: William Brown william@blackhats.net.au

Review by: ???

Shouldn't "import semange" also be here?

No, because we don't call anything from semanage .... I don't know why it was added in the first place :)

LGTM iff we don't care about missing python selinux module while selinux is actually running on the system. But this only affects the Perl tools, right?

@mhonek Well, lib389 deps on python-selinux on RHEL/Fedora, but not on SUSE, so the missing module is fine. That's a package maintainer/integrator problem I think, not a lib389 one.

Yes this only affects the perl tools, but I will need to backport this to 1.4.0/1.4.1 because of grumble past administrative mistakes requiring me to support this ....

@mreynolds Are you okay with me pushing this patch to the 1.4.0 and 1.4.1 branches?

rebased onto 54df38e
4 years ago

Pull-Request has been merged by firstyear
4 years ago

389-ds-base is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in 389-ds-base's github repository.

This pull request has been cloned to Github as issue and is available here:
- https://github.com/389ds/389-ds-base/issues/3678

If you want to continue to work on the PR, please navigate to the github issue,
download the patch from the attachments and file a new pull request.

Thank you for understanding. We apologize for all inconvenience.

Pull-Request has been closed by spichugi
3 years ago
Metadata
None
No Tags
Changes Summary 1
+5 -3
file changed
ldap/admin/src/scripts/ds_selinux_enabled.in
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.