sys-apps/policycoreutils/files/policycoreutils-1.10-genhomedircon-reverse.diff


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96

diff -urN policycoreutils-1.10/scripts/genhomedircon policycoreutils-1.8/scripts/genhomedircon
--- policycoreutils-1.10/scripts/genhomedircon	2004-03-24 11:48:00.000000000 -0600
+++ policycoreutils-1.8/scripts/genhomedircon	2004-03-09 09:19:51.000000000 -0600
@@ -6,8 +6,6 @@
 # genhomedircon - Replace HOME_ROOT, HOME_DIR, and ROLE macros in .fc files
 #  with generic and user-specific values.
 #
-# Based off original script by Dan Walsh, <dwalsh@redhat.com>
-#
 # ASSUMPTIONS:
 #
 # If a user has more than one role in FILECONTEXTDIR/users, genhomedircon uses
@@ -24,6 +22,7 @@
 
 import commands, sys, os, pwd, string
 
+FILECONTEXTDIR="/etc/security/selinux/src/policy/"
 EXCLUDE_LOGINS=["/sbin/nologin", "/bin/false"]
 STARTING_UID=100
 
@@ -39,7 +38,7 @@
 			if not prefixes.has_key(prefix):
 				prefixes[prefix] = ""
 	return prefixes
- 
+
 def getUsers():
 	rc = commands.getstatusoutput("grep ^user %s/users" % FILECONTEXTDIR)
 	udict = {}
@@ -66,12 +65,12 @@
 def usage(error = ""):
 	if error != "":
 		sys.stderr.write("%s\n" % (error,))
-	sys.stderr.write("Usage: %s POLICYSOURCEDIR FILE_CONTEXTS\n" % sys.argv[0])
+	sys.stderr.write("Usage: %s FILE_CONTEXTS\n" % sys.argv[0])
 	sys.stderr.flush()
 	sys.exit(1)
-	
+
 def update(filecontext, user, prefs):
-	rc=commands.getstatusoutput("grep -h '^HOME_DIR' %s | grep -v vmware | sed -e 's|HOME_DIR|%s|' -e 's/ROLE/%s/' -e 's/system_u/%s/'" % (filecontext, prefs["home"], prefs["role"], user))
+	rc=commands.getstatusoutput("grep -h '^HOME_DIR' %s | grep -v vmware | sed -e 's|HOME_DIR|%s|g' -e 's/ROLE/%s/' -e 's/system_u/%s/'" % (filecontext, prefs["home"], prefs["role"], user))
 	if rc[0] == 0:
 		print rc[1]
 	else:
@@ -79,11 +78,6 @@
 	return rc
 
 try:
-	if len(sys.argv) != 3:
-		print len(sys.argv)
-		usage()
-
-	FILECONTEXTDIR=sys.argv[1]
 	prefixes = getPrefixes()
 
 	rc=commands.getstatusoutput("grep -h '^HOME' /etc/default/useradd")
@@ -91,20 +85,21 @@
 		homedir = rc[1].split("=")[1]
 	else:
 		sys.stderr.write("%s\n" % (rc[1],))
-		sys.stderr.write("You do not have access to /etc/default/useradd, default /home\n")
+		sys.stderr.write("Do you have access to /etc/default/useradd?\n")
 		sys.stderr.flush()
-		homedir = "/home"
-		
+		sys.exit(1)
 
 	if not prefixes.has_key(homedir):
 		prefixes[homedir] = ""
 
-	# There may be a more elegant sed script to expand a macro to multiple lines, but this works
-	sed_root = "h; s|^HOME_ROOT|%s|" % (string.join(prefixes.keys(), "|; p; g; s|^HOME_ROOT|"),)
-	sed_dir = "h; s|^HOME_DIR|%s/[^/]+|; s|ROLE_|user_|" % (string.join(prefixes.keys(), "/[^/]+|; s|ROLE_|user_|; p; g; s|^HOME_DIR|"),)
+	if len(prefixes) == 1:
+		regex_root = prefixes.keys()[0]
+	else:
+		regex_root = "(%s)" % (string.join(prefixes, "\|"),)
+	regex_dir = "%s/[^/]+" % (regex_root,)
 
 	# Fill in HOME_ROOT, HOME_DIR, and ROLE for users not explicitly defined in /etc/security/selinux/src/policy/users
-	rc=commands.getstatusoutput("sed -e \"/^HOME_ROOT/{%s}\" -e \"/^HOME_DIR/{%s}\" %s" % (sed_root, sed_dir, sys.argv[2]))
+	rc=commands.getstatusoutput("sed -e 's|^HOME_ROOT|%s|g' -e 's|^HOME_DIR|%s|g' -e 's/ROLE_/user_/' %s" % (regex_root, regex_dir, sys.argv[1]))
 	if rc[0] == 0:
 		print rc[1]
 	else:
@@ -115,7 +110,8 @@
 
 	# Fill in HOME and ROLE for users that are defined
 	for u in users.keys():
-		update(sys.argv[2], u, users[u]) 
+		update(sys.argv[1], u, users[u])
+
 except ValueError, error:
 	usage(error)
 except IndexError, error: