convert build scripts to python3

author: cgzones <cgzones@googlemail.com> 2017-03-15 00:32:11 +0100
committer: Jason Zaman <jason@perfinion.com> 2017-03-30 19:37:14 +0800
commit: 9bd79f9a459858f57d172ffcfbf2d6984e727456 (patch)
tree: d43b250a2e0e733e5af9d7a4c698362257b7d3f3 /support
parent: Module version bump for fixes from cgzones. (diff)
download: hardened-refpolicy-9bd79f9a459858f57d172ffcfbf2d6984e727456.tar.gz
hardened-refpolicy-9bd79f9a459858f57d172ffcfbf2d6984e727456.tar.bz2
hardened-refpolicy-9bd79f9a459858f57d172ffcfbf2d6984e727456.zip
7 files changed, 114 insertions, 181 deletions
diff --git a/support/genclassperms.py b/support/genclassperms.py
index 03f31ad0a..a9c634c43 100644
--- a/support/genclassperms.py
+++ b/support/genclassperms.py
@@ -1,4 +1,4 @@
-#!/usr/bin/python
+#!/usr/bin/env python3
 
 # Author: Donald Miner <dminer@tresys.com>
 #
@@ -120,8 +120,10 @@ def get_av_db(file_name):
 		# Figure out whether the next class will be a common or a class.
 		if av_data[0] == "class":
 			common = False
+			keyword = "class"
 		elif av_data[0] == "common":
 			common = True
+			keyword = "common"
 		else:
 			error("Unexpected token in file " + file_name + ": "\
 				+ av_data[0] + ".")
@@ -249,7 +251,7 @@ def gen_class_perms(av_db, sc_db):
 	class_perms = ""
 	for obj in av_db:
 		# Don't output commons
-		if obj.common == True:
+		if obj.common:
 			continue
 
 		# Get the list of permissions from the specified class.
diff --git a/support/genhomedircon b/support/genhomedircon.py
index 355ecb7b1..e14f9fbf3 100644
--- a/support/genhomedircon
+++ b/support/genhomedircon.py
@@ -1,4 +1,4 @@
-#! /usr/bin/env python
+#!/usr/bin/env python3
 # Copyright (C) 2004 Tresys Technology, LLC
 # see file 'COPYING' for use and warranty information
 #
@@ -40,13 +40,13 @@
 #  are always "real" (including root, in the default configuration).
 #
 
-import commands, sys, os, pwd, string, getopt, re
+import subprocess, sys, os, pwd, getopt, re
 
 EXCLUDE_LOGINS=["/sbin/nologin", "/bin/false"]
 
 def getStartingUID():
-	starting_uid = sys.maxint
-	rc=commands.getstatusoutput("grep -h '^UID_MIN' /etc/login.defs")
+	starting_uid = 99999
+	rc=subprocess.getstatusoutput("grep -h '^UID_MIN' /etc/login.defs")
 	if rc[0] == 0:
 		uid_min = re.sub("^UID_MIN[^0-9]*", "", rc[1])
 		#stip any comment from the end of the line
@@ -54,7 +54,7 @@ def getStartingUID():
 		uid_min = uid_min.strip()
 		if int(uid_min) < starting_uid:
 			starting_uid = int(uid_min)
-	rc=commands.getstatusoutput("grep -h '^LU_UIDNUMBER' /etc/libuser.conf")
+	rc=subprocess.getstatusoutput("grep -h '^LU_UIDNUMBER' /etc/libuser.conf")
 	if rc[0] == 0:
 		lu_uidnumber = re.sub("^LU_UIDNUMBER[^0-9]*", "", rc[1])
 		#stip any comment from the end of the line
@@ -63,7 +63,7 @@ def getStartingUID():
 		lu_uidnumber = lu_uidnumber.strip()
 		if int(lu_uidnumber) < starting_uid:
 			starting_uid = int(lu_uidnumber)
-	if starting_uid == sys.maxint:
+	if starting_uid == 99999:
 		starting_uid = 500
 	return starting_uid
 
@@ -80,14 +80,14 @@ def getPrefixes():
 		if u[2] >= STARTING_UID and \
 				not u[6] in EXCLUDE_LOGINS and \
 				u[5] != "/" and \
-				string.count(u[5], "/") > 1:
-			prefix = u[5][:string.rfind(u[5], "/")]
+				u[5].count("/") > 1:
+			prefix = u[5][:u[5].rfind("/")]
 			if not prefix in prefixes:
 				prefixes[prefix] = ""
 	return prefixes
 
 def getUsers(filecontextdir):
-	rc = commands.getstatusoutput("grep ^user %s/users" % filecontextdir)
+	rc = subprocess.getstatusoutput("grep ^user %s/users" % filecontextdir)
 	udict = {}
 	if rc[0] == 0:
 		ulist = rc[1].strip().split("\n")
@@ -113,22 +113,22 @@ def getUsers(filecontextdir):
 	return udict
 
 def update(filecontext, user, prefs):
-	rc=commands.getstatusoutput("grep -h '^HOME_DIR' %s | grep -v vmware | sed -e 's|HOME_DIR|%s|' -e 's/ROLE/%s/' -e 's/system_u/%s/'" % (filecontext, prefs["home"], prefs["role"], user))
+	rc=subprocess.getstatusoutput("grep -h '^HOME_DIR' %s | grep -v vmware | sed -e 's|HOME_DIR|%s|' -e 's/ROLE/%s/' -e 's/system_u/%s/'" % (filecontext, prefs["home"], prefs["role"], user))
 	if rc[0] == 0:
-		print rc[1]
+		print(rc[1])
 	else:
-		errorExit(string.join("grep/sed error ", rc[1]))
+		errorExit("grep/sed error " + rc[1])
 	return rc
 
 def oldgenhomedircon(filecontextdir, filecontext):
-	sys.stderr.flush()
+        sys.stderr.flush()
 
-	if os.path.isdir(filecontextdir) == 0:
-		sys.stderr.write("New usage is the following\n")
-		usage()
+        if os.path.isdir(filecontextdir) == 0:
+                sys.stderr.write("New usage is the following\n")
+                usage()
         #We are going to define home directory used by libuser and show-utils as a home directory root
         prefixes = {}
-        rc=commands.getstatusoutput("grep -h '^HOME' /etc/default/useradd")
+        rc=subprocess.getstatusoutput("grep -h '^HOME' /etc/default/useradd")
         if rc[0] == 0:
                 homedir = rc[1].split("=")[1]
                 homedir = homedir.split("#")[0]
@@ -143,7 +143,7 @@ def oldgenhomedircon(filecontextdir, filecontext):
                         sys.stderr.flush()
 
 
-        rc=commands.getstatusoutput("grep -h '^LU_HOMEDIRECTORY' /etc/libuser.conf")
+        rc=subprocess.getstatusoutput("grep -h '^LU_HOMEDIRECTORY' /etc/libuser.conf")
         if rc[0] == 0:
                 homedir = rc[1].split("=")[1]
                 homedir = homedir.split("#")[0]
@@ -165,7 +165,7 @@ def oldgenhomedircon(filecontextdir, filecontext):
         #this works by grepping the file_contexts for
         # 1. ^/ makes sure this is not a comment
         # 2. prints only the regex in the first column first cut on \t then on space
-        rc=commands.getstatusoutput("grep \"^/\" %s | cut -f 1 | cut -f 1 -d \" \" " %  (sys.argv[2]) )
+        rc=subprocess.getstatusoutput("grep \"^/\" %s | cut -f 1 | cut -f 1 -d \" \" " %  (sys.argv[2]) )
         if rc[0] == 0:
                 prefix_regex = rc[1].split("\n")
         else:
@@ -199,23 +199,23 @@ def oldgenhomedircon(filecontextdir, filecontext):
                 sys.stderr.flush()
                 prefixes["/home"] = ""
 
-	# There may be a more elegant sed script to expand a macro to multiple lines, but this works
-	sed_root = "h; s|^HOME_ROOT|%s|" % (string.join(prefixes.keys(), "|; p; g; s|^HOME_ROOT|"),)
-	sed_dir = "h; s|^HOME_DIR|%s/[^/]+|; s|ROLE_|user_|" % (string.join(prefixes.keys(), "/[^/]+|; s|ROLE_|user_|; p; g; s|^HOME_DIR|"),)
+        # There may be a more elegant sed script to expand a macro to multiple lines, but this works
+        sed_root = "h; s|^HOME_ROOT|%s|" % (prefixes.keys() + "|; p; g; s|^HOME_ROOT|")
+        sed_dir = "h; s|^HOME_DIR|%s/[^/]+|; s|ROLE_|user_|" % (prefixes.keys() + "/[^/]+|; s|ROLE_|user_|; p; g; s|^HOME_DIR|")
 
-	# Fill in HOME_ROOT, HOME_DIR, and ROLE for users not explicitly defined in /etc/security/selinux/src/policy/users
-	rc=commands.getstatusoutput("sed -e \"/^HOME_ROOT/{%s}\" -e \"/^HOME_DIR/{%s}\" %s" % (sed_root, sed_dir, filecontext))
-	if rc[0] == 0:
-		print rc[1]
-	else:
-		errorExit(string.join("sed error ", rc[1]))
+        # Fill in HOME_ROOT, HOME_DIR, and ROLE for users not explicitly defined in /etc/security/selinux/src/policy/users
+        rc=subprocess.getstatusoutput("sed -e \"/^HOME_ROOT/{%s}\" -e \"/^HOME_DIR/{%s}\" %s" % (sed_root, sed_dir, filecontext))
+        if rc[0] == 0:
+                print(rc[1])
+        else:
+                errorExit("sed error " + rc[1])
 
-	users = getUsers(filecontextdir)
-	print "\n#\n# User-specific file contexts\n#\n"
+        users = getUsers(filecontextdir)
+        print("\n#\n# User-specific file contexts\n#\n")
 
-	# Fill in HOME and ROLE for users that are defined
-	for u in users.keys():
-		update(filecontext, u, users[u])
+        # Fill in HOME and ROLE for users that are defined
+        for u in users.keys():
+                update(filecontext, u, users[u])
 
 #############################################################################
 #
@@ -225,7 +225,7 @@ def oldgenhomedircon(filecontextdir, filecontext):
 
 def getDefaultHomeDir():
 	ret = []
-	rc=commands.getstatusoutput("grep -h '^HOME' /etc/default/useradd")
+	rc=subprocess.getstatusoutput("grep -h '^HOME' /etc/default/useradd")
 	if rc[0] == 0:
 		homedir = rc[1].split("=")[1]
 		homedir = homedir.split("#")[0]
@@ -238,7 +238,7 @@ def getDefaultHomeDir():
 			sys.stderr.write("%s\n" % rc[1])
 			sys.stderr.write("You do not have access to /etc/default/useradd HOME=\n")
 			sys.stderr.flush()
-	rc=commands.getstatusoutput("grep -h '^LU_HOMEDIRECTORY' /etc/libuser.conf")
+	rc=subprocess.getstatusoutput("grep -h '^LU_HOMEDIRECTORY' /etc/libuser.conf")
 	if rc[0] == 0:
 		homedir = rc[1].split("=")[1]
 		homedir = homedir.split("#")[0]
@@ -256,7 +256,7 @@ def getDefaultHomeDir():
 	return ret
 
 def getSELinuxType(directory):
-	rc=commands.getstatusoutput("grep ^SELINUXTYPE= %s/config" % directory)
+	rc=subprocess.getstatusoutput("grep ^SELINUXTYPE= %s/config" % directory)
 	if rc[0]==0:
 		return rc[1].split("=")[-1].strip()
 	return "targeted"
@@ -279,37 +279,37 @@ def errorExit(error):
 	sys.exit(1)
 
 class selinuxConfig:
-	def __init__(self, selinuxdir="/etc/selinux", type="targeted", usepwd=1):
-		self.type=type
+	def __init__(self, selinuxdir="/etc/selinux", setype="targeted", usepwd=1):
+		self.setype=setype
 		self.selinuxdir=selinuxdir +"/"
 		self.contextdir="/contexts"
 		self.filecontextdir=self.contextdir+"/files"
 		self.usepwd=usepwd
 
 	def getFileContextDir(self):
-		return self.selinuxdir+self.type+self.filecontextdir
+		return self.selinuxdir+self.setype+self.filecontextdir
 
 	def getFileContextFile(self):
 		return self.getFileContextDir()+"/file_contexts"
 
 	def getContextDir(self):
-		return self.selinuxdir+self.type+self.contextdir
+		return self.selinuxdir+self.setype+self.contextdir
 
 	def getHomeDirTemplate(self):
 		return self.getFileContextDir()+"/homedir_template"
 
 	def getHomeRootContext(self, homedir):
-		rc=commands.getstatusoutput("grep HOME_ROOT  %s | sed -e \"s|^HOME_ROOT|%s|\"" % ( self.getHomeDirTemplate(), homedir))
+		rc=subprocess.getstatusoutput("grep HOME_ROOT  %s | sed -e \"s|^HOME_ROOT|%s|\"" % ( self.getHomeDirTemplate(), homedir))
 		if rc[0] == 0:
 			return rc[1]+"\n"
 		else:
-			errorExit(string.join("sed error ", rc[1]))
+			errorExit("sed error " + rc[1])
 
 	def getUsersFile(self):
-		return self.selinuxdir+self.type+"/users/local.users"
+		return self.selinuxdir+self.setype+"/users/local.users"
 
 	def getSystemUsersFile(self):
-		return self.selinuxdir+self.type+"/users/system.users"
+		return self.selinuxdir+self.setype+"/users/system.users"
 
 	def heading(self):
 		ret = "\n#\n#\n# User-specific file contexts, generated via %s\n" % sys.argv[0]
@@ -318,10 +318,10 @@ class selinuxConfig:
 
 	def getUsers(self):
 		users=""
-		rc = commands.getstatusoutput('grep "^user" %s' % self.getSystemUsersFile())
+		rc = subprocess.getstatusoutput('grep "^user" %s' % self.getSystemUsersFile())
 		if rc[0] == 0:
 			users+=rc[1]+"\n"
-		rc = commands.getstatusoutput("grep ^user %s" % self.getUsersFile())
+		rc = subprocess.getstatusoutput("grep ^user %s" % self.getUsersFile())
 		if rc[0] == 0:
 			users+=rc[1]
 		udict = {}
@@ -351,7 +351,7 @@ class selinuxConfig:
 
 	def getHomeDirContext(self, user, home, role):
 		ret="\n\n#\n# Context for user %s\n#\n\n" % user
-		rc=commands.getstatusoutput("grep '^HOME_DIR' %s | sed -e 's|HOME_DIR|%s|' -e 's/ROLE/%s/' -e 's/system_u/%s/'" % (self.getHomeDirTemplate(), home, role, user))
+		rc=subprocess.getstatusoutput("grep '^HOME_DIR' %s | sed -e 's|HOME_DIR|%s|' -e 's/ROLE/%s/' -e 's/system_u/%s/'" % (self.getHomeDirTemplate(), home, role, user))
 		return ret + rc[1] + "\n"
 
 	def genHomeDirContext(self):
@@ -363,12 +363,12 @@ class selinuxConfig:
 		return ret+"\n"
 
 	def checkExists(self, home):
-		if commands.getstatusoutput("grep -E '^%s[^[:alnum:]_-]' %s" % (home, self.getFileContextFile()))[0] == 0:
+		if subprocess.getstatusoutput("grep -E '^%s[^[:alnum:]_-]' %s" % (home, self.getFileContextFile()))[0] == 0:
 			return 0
 		#this works by grepping the file_contexts for
 		# 1. ^/ makes sure this is not a comment
 		# 2. prints only the regex in the first column first cut on \t then on space
-		rc=commands.getstatusoutput("grep \"^/\" %s | cut -f 1 | cut -f 1 -d \" \" " %  self.getFileContextFile() )
+		rc=subprocess.getstatusoutput("grep \"^/\" %s | cut -f 1 | cut -f 1 -d \" \" " %  self.getFileContextFile() )
 		if rc[0] == 0:
 			prefix_regex = rc[1].split("\n")
 		else:
@@ -406,8 +406,8 @@ class selinuxConfig:
 			if u[2] >= starting_uid and \
 					not u[6] in EXCLUDE_LOGINS and \
 					u[5] != "/" and \
-					string.count(u[5], "/") > 1:
-				homedir = u[5][:string.rfind(u[5], "/")]
+					u[5].count("/") > 1:
+				homedir = u[5][:u[5].rfind("/")]
 				if not homedir in homedirs:
 					if self.checkExists(homedir)==0:
 						warning("%s is already defined in %s,\n%s will not create a new context." % (homedir, self.getFileContextFile(), sys.argv[0]))
@@ -426,14 +426,14 @@ class selinuxConfig:
 		return ret
 
 	def printout(self):
-		print self.genoutput()
+		print(self.genoutput())
 
 	def write(self):
 		try:
 			fd = open(self.getFileContextDir()+"/file_contexts.homedirs", "w")
 			fd.write(self.genoutput())
 			fd.close()
-		except IOError, error:
+		except IOError as error:
 			sys.stderr.write("%s: %s\n" % ( sys.argv[0], error ))
 
 
@@ -445,14 +445,14 @@ class selinuxConfig:
 try:
 	usepwd=1
 	directory="/etc/selinux"
-	type=None
+	setype=None
 	gopts, cmds = getopt.getopt(sys.argv[1:], 'nd:t:', ['help',
 						'type=',
 						'nopasswd',
 						'dir='])
 	for o,a in gopts:
 		if o == '--type' or o == "-t":
-			type=a
+			setype=a
 		if o == '--nopasswd'  or o == "-n":
 			usepwd=0
 		if o == '--dir'  or o == "-d":
@@ -461,8 +461,8 @@ try:
 			usage()
 
 
-	if type==None:
-		type=getSELinuxType(directory)
+	if setype is None:
+		setype=getSELinuxType(directory)
 
 	if len(cmds) == 2:
 		oldgenhomedircon(cmds[0], cmds[1])
@@ -470,12 +470,12 @@ try:
 
 	if len(cmds) != 0:
 		usage()
-	selconf=selinuxConfig(directory, type, usepwd)
+	selconf=selinuxConfig(directory, setype, usepwd)
 	selconf.write()
 
-except getopt.error, error:
-	errorExit(string.join("Options Error ", error))
-except ValueError, error:
-	errorExit(string.join("ValueError ", error))
-except IndexError, error:
+except getopt.error as error:
+	errorExit("Options Error " + error)
+except ValueError as error:
+	errorExit("ValueError " + error)
+except IndexError:
 	errorExit("IndexError")
diff --git a/support/gennetfilter.py b/support/gennetfilter.py
index a7c9036e5..7c9a85c7d 100644
--- a/support/gennetfilter.py
+++ b/support/gennetfilter.py
@@ -1,4 +1,4 @@
-#!/usr/bin/python
+#!/usr/bin/env python3
 
 # Author: Chris PeBenito <cpebenito@tresys.com>
 #
@@ -7,7 +7,7 @@
 #      it under the terms of the GNU General Public License as published by
 #      the Free Software Foundation, version 2.
 
-import sys,string,getopt,re
+import sys,getopt,re
 
 NETPORT = re.compile("^network_port\(\s*\w+\s*(\s*,\s*\w+\s*,\s*\w+\s*,\s*\w+\s*)+\s*\)\s*(#|$)")
 
@@ -20,7 +20,7 @@ PACKET_INPUT = "_server_packet_t"
 PACKET_OUTPUT = "_client_packet_t"
 
 class Port:
-	def __init__(self, proto, num, mls_sens, mcs_cats=""):
+	def __init__(self, proto, num, mls_sens):
 		# protocol of the port
 		self.proto = proto
 
@@ -49,7 +49,7 @@ def print_input_rules(packets,mls,mcs):
 	elif mcs:
 		line += ":"+DEFAULT_MCS
 
-	print line
+	print(line)
 
 	for i in packets:
 		for j in i.ports:
@@ -58,10 +58,10 @@ def print_input_rules(packets,mls,mcs):
 				line += ":"+j.mls_sens
 			elif mcs:
 				line += ":"+j.mcs_cats
-			print line
+			print(line)
 
-	print "post -A selinux_new_input -j CONNSECMARK --save"
-	print "post -A selinux_new_input -j RETURN"
+	print("post -A selinux_new_input -j CONNSECMARK --save")
+	print("post -A selinux_new_input -j RETURN")
 
 def print_output_rules(packets,mls,mcs):
 	line = "base -A selinux_new_output -j SECMARK --selctx system_u:object_r:"+DEFAULT_OUTPUT_PACKET
@@ -69,7 +69,7 @@ def print_output_rules(packets,mls,mcs):
 		line += ":"+DEFAULT_MLS
 	elif mcs:
 		line += ":"+DEFAULT_MCS
-	print line
+	print(line)
 
 	for i in packets:
 		for j in i.ports:
@@ -78,10 +78,10 @@ def print_output_rules(packets,mls,mcs):
 				line += ":"+j.mls_sens
 			elif mcs:
 				line += ":"+j.mcs_cats
-			print line
+			print(line)
 
-	print "post -A selinux_new_output -j CONNSECMARK --save"
-	print "post -A selinux_new_output -j RETURN"
+	print("post -A selinux_new_output -j CONNSECMARK --save")
+	print("post -A selinux_new_output -j RETURN")
 
 def parse_corenet(file_name):
 	packets = []
@@ -96,14 +96,14 @@ def parse_corenet(file_name):
 			break
 
 		if NETPORT.match(corenet_line):
-			corenet_line = corenet_line.strip();
+			corenet_line = corenet_line.strip()
 
 			# parse out the parameters
-			openparen = string.find(corenet_line,'(')+1
-			closeparen = string.find(corenet_line,')',openparen)
+			openparen = corenet_line.find('(')+1
+			closeparen = corenet_line.find(')',openparen)
 			parms = re.split('\W+',corenet_line[openparen:closeparen])
 			name = parms[0]
-			del parms[0];
+			del parms[0]
 
 			ports = []
 			while len(parms) > 0:
@@ -118,33 +118,33 @@ def parse_corenet(file_name):
 	return packets
 
 def print_netfilter_config(packets,mls,mcs):
-	print "pre *mangle"
-	print "pre :PREROUTING ACCEPT [0:0]"
-	print "pre :INPUT ACCEPT [0:0]"
-	print "pre :FORWARD ACCEPT [0:0]"
-	print "pre :OUTPUT ACCEPT [0:0]"
-	print "pre :POSTROUTING ACCEPT [0:0]"
-	print "pre :selinux_input - [0:0]"
-	print "pre :selinux_output - [0:0]"
-	print "pre :selinux_new_input - [0:0]"
-	print "pre :selinux_new_output - [0:0]"
-	print "pre -A INPUT -j selinux_input"
-	print "pre -A OUTPUT -j selinux_output"
-	print "pre -A selinux_input -m state --state NEW -j selinux_new_input"
-	print "pre -A selinux_input -m state --state RELATED,ESTABLISHED -j CONNSECMARK --restore"
-	print "pre -A selinux_output -m state --state NEW -j selinux_new_output"
-	print "pre -A selinux_output -m state --state RELATED,ESTABLISHED -j CONNSECMARK --restore"
+	print("pre *mangle")
+	print("pre :PREROUTING ACCEPT [0:0]")
+	print("pre :INPUT ACCEPT [0:0]")
+	print("pre :FORWARD ACCEPT [0:0]")
+	print("pre :OUTPUT ACCEPT [0:0]")
+	print("pre :POSTROUTING ACCEPT [0:0]")
+	print("pre :selinux_input - [0:0]")
+	print("pre :selinux_output - [0:0]")
+	print("pre :selinux_new_input - [0:0]")
+	print("pre :selinux_new_output - [0:0]")
+	print("pre -A INPUT -j selinux_input")
+	print("pre -A OUTPUT -j selinux_output")
+	print("pre -A selinux_input -m state --state NEW -j selinux_new_input")
+	print("pre -A selinux_input -m state --state RELATED,ESTABLISHED -j CONNSECMARK --restore")
+	print("pre -A selinux_output -m state --state NEW -j selinux_new_output")
+	print("pre -A selinux_output -m state --state RELATED,ESTABLISHED -j CONNSECMARK --restore")
 	print_input_rules(packets,mls,mcs)
 	print_output_rules(packets,mls,mcs)
-	print "post COMMIT"
+	print("post COMMIT")
 
 mls = False
 mcs = False
 
 try:
 	opts, paths = getopt.getopt(sys.argv[1:],'mc',['mls','mcs'])
-except getopt.GetoptError, error:
-	print "Invalid options."
+except getopt.GetoptError:
+	print("Invalid options.")
 	sys.exit(1)
 
 for o, a in opts:
diff --git a/support/policyvers.py b/support/policyvers.py
index 834ff3db8..26e6f15c4 100644
--- a/support/policyvers.py
+++ b/support/policyvers.py
@@ -1,5 +1,6 @@
-#!/usr/bin/python
-from __future__ import print_function
+#!/usr/bin/env python3
+
 import selinux
+
 if selinux.is_selinux_enabled():
 	print(selinux.security_policyvers())
diff --git a/support/pyplate.py b/support/pyplate.py
index bc0b6df8a..28c61088f 100644
--- a/support/pyplate.py
+++ b/support/pyplate.py
@@ -1,3 +1,5 @@
+#!/usr/bin/env python3
+
 """PyPlate : a simple Python-based templating program
 
 PyPlate parses a file and replaces directives (in double square brackets [[ ... ]])
@@ -50,8 +52,7 @@ PyPlate defines the following directives:
 # Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
 #
 
-from __future__ import nested_scopes
-import sys, string, re, io
+import sys, re, io
 
 re_directive = re.compile("\[\[(.*)\]\]")
 re_for_loop = re.compile("for (.*) in (.*)")
@@ -307,7 +308,6 @@ class ExecTemplateNode(LeafTemplateNode):
 
   def execute(self, stream, data):
     exec(self.s, globals(), data)
-    pass
 
 class CallTemplateNode(LeafTemplateNode):
   def __init__(self, parent, s):
@@ -363,7 +363,7 @@ def TemplateNodeFactory(parent):
 
 def is_sequence(object):
   try:
-    test = object[0:0]
+    object[0:0]
   except:
     return False
   else:
diff --git a/support/sedoctool.py b/support/sedoctool.py
index c98a7f34b..de8486316 100644
--- a/support/sedoctool.py
+++ b/support/sedoctool.py
@@ -1,4 +1,4 @@
-#!/usr/bin/python
+#!/usr/bin/env python3
 
 #  Author: Joshua Brindle <jbrindle@tresys.com>
 #	  Caleb Case <ccase@tresys.com>
@@ -17,8 +17,7 @@ import sys
 import getopt
 import pyplate
 import os
-import string
-from xml.dom.minidom import parse, parseString
+from xml.dom.minidom import parseString
 
 #modules enabled and disabled values
 MOD_BASE = "base"
@@ -29,11 +28,6 @@ MOD_DISABLED = "off"
 BOOL_ENABLED = "true"
 BOOL_DISABLED = "false"
 
-#tunables enabled and disabled values
-TUN_ENABLED = "true"
-TUN_DISABLED = "false"
-
-
 def read_policy_xml(filename):
 	"""
 	Takes in XML from a file and returns a parsed file.
@@ -451,7 +445,6 @@ def gen_docs(doc, working_dir, templatedir):
 			interface_parameters = []
 			interface_desc = interface_summary = None
 			interface_name = interface.getAttribute("name")
-			interface_line = interface.getAttribute("lineno")
 			for desc in interface.childNodes:
 				if desc.nodeName == "desc":
 					interface_desc = format_html_desc(desc)
@@ -497,7 +490,6 @@ def gen_docs(doc, working_dir, templatedir):
 			template_parameters = []
 			template_desc = template_summary = None
 			template_name = template.getAttribute("name")
-			template_line = template.getAttribute("lineno")
 			for desc in template.childNodes:
 				if desc.nodeName == "desc":
 					template_desc = format_html_desc(desc)
@@ -540,7 +532,6 @@ def gen_docs(doc, working_dir, templatedir):
 		#generate 'boolean' pages
 		booleans = []
 		for boolean in node.getElementsByTagName("bool"):
-			boolean_parameters = []
 			boolean_desc = None
 			boolean_name = boolean.getAttribute("name")
 			boolean_dftval = boolean.getAttribute("dftval")
@@ -564,7 +555,6 @@ def gen_docs(doc, working_dir, templatedir):
 		#generate 'tunable' pages
 		tunables = []
 		for tunable in node.getElementsByTagName("tunable"):
-			tunable_parameters = []
 			tunable_desc = None
 			tunable_name = tunable.getAttribute("name")
 			tunable_dftval = tunable.getAttribute("dftval")
diff --git a/support/segenxml.py b/support/segenxml.py
index ab8ee5200..383428df2 100644
--- a/support/segenxml.py
+++ b/support/segenxml.py
@@ -1,4 +1,4 @@
-#!/usr/bin/python
+#!/usr/bin/env python3
 
 #  Author(s): Donald Miner <dminer@tresys.com>
 #	     Dave Sugar <dsugar@tresys.com>
@@ -17,21 +17,12 @@
 
 import sys
 import os
-import glob
 import re
 import getopt
 
 # GLOBALS
 
 # Default values of command line arguments:
-warn = False
-meta = "metadata"
-third_party = "third-party"
-layers = {}
-tunable_files = []
-bool_files = []
-xml_tunable_files = []
-xml_bool_files = []
 output_dir = ""
 
 # Pre compiled regular expressions:
@@ -83,7 +74,7 @@ def getModuleXML(file_name):
 		module_file = open(module_if, "r")
 		module_code = module_file.readlines()
 		module_file.close()
-	except:
+	except OSError:
 		warning("cannot open file %s for read, skipping" % file_name)
 		return []
 
@@ -200,7 +191,7 @@ def getTunableXML(file_name, kind):
 		tunable_file = open(file_name, "r")
 		tunable_code = tunable_file.readlines()
 		tunable_file.close()
-	except:
+	except OSError:
 		warning("cannot open file %s for read, skipping" % file_name)
 		return []
 
@@ -250,61 +241,11 @@ def getTunableXML(file_name, kind):
 			for tunable_line in tunable_buf:
 				xml_outfile.write (tunable_line)
 			xml_outfile.close()
-		except:
+		except OSError:
 			warning ("cannot write to file %s, skipping creation" % xmlfile)
 
 	return tunable_buf
 
-def getXMLFileContents (file_name):
-	'''
-	Return all the XML in the file specified.
-	'''
-
-	tunable_buf = []
-	# Try to open the xml file for this type of file
-	# append the contents to the buffer.
-	try:
-		tunable_xml = open(file_name, "r")
-		tunable_buf += tunable_xml.readlines()
-		tunable_xml.close()
-	except:
-		warning("cannot open file %s for read, assuming no data" % file_name)
-
-	return tunable_buf
-
-def getPolicyXML():
-	'''
-	Return the compelete reference policy XML documentation through a list,
-	one line per item.
-	'''
-
-	policy_buf = []
-	policy_buf.append("<policy>\n")
-
-	# Add to the XML each layer specified by the user.
-	for layer in layers.keys ():
-		policy_buf += getLayerXML(layer, layers[layer])
-
-	# Add to the XML each tunable file specified by the user.
-	for tunable_file in tunable_files:
-		policy_buf += getTunableXML(tunable_file, "tunable")
-
-	# Add to the XML each XML tunable file specified by the user.
-	for tunable_file in xml_tunable_files:
-		policy_buf += getXMLFileContents (tunable_file)
-
-	# Add to the XML each bool file specified by the user.
-	for bool_file in bool_files:
-		policy_buf += getTunableXML(bool_file, "bool")
-
-	# Add to the XML each XML bool file specified by the user.
-	for bool_file in xml_bool_files:
-		policy_buf += getXMLFileContents (bool_file)
-
-	policy_buf.append("</policy>\n")
-
-	return policy_buf
-
 def usage():
 	"""
 	Displays a message describing the proper usage of this script.
@@ -388,4 +329,3 @@ elif boolean:
 else:
 	usage()
 	sys.exit(2)
-
author	cgzones <cgzones@googlemail.com>	2017-03-15 00:32:11 +0100
committer	Jason Zaman <jason@perfinion.com>	2017-03-30 19:37:14 +0800
commit	9bd79f9a459858f57d172ffcfbf2d6984e727456 (patch)
tree	d43b250a2e0e733e5af9d7a4c698362257b7d3f3 /support
parent	Module version bump for fixes from cgzones. (diff)
download	hardened-refpolicy-9bd79f9a459858f57d172ffcfbf2d6984e727456.tar.gz hardened-refpolicy-9bd79f9a459858f57d172ffcfbf2d6984e727456.tar.bz2 hardened-refpolicy-9bd79f9a459858f57d172ffcfbf2d6984e727456.zip