From ea93da38a16eb44307b522f8a26f2d8f967fcc01 Mon Sep 17 00:00:00 2001 From: Petr Lautrbach Date: Wed, 22 Nov 2023 12:29:43 +0100 Subject: [PATCH] sepolicy: port to dnf4 python API yum module is not available since RHEL 7. Drop -systemd related code as it's obsoleted these days - only 2 packages ship their .service in -systemd subpackage Signed-off-by: Petr Lautrbach Acked-by: James Carter Acked-by: Ondrej Mosnacek --- python/sepolicy/sepolicy/generate.py | 56 +++++++++++++--------------- 1 file changed, 25 insertions(+), 31 deletions(-) diff --git a/python/sepolicy/sepolicy/generate.py b/python/sepolicy/sepolicy/generate.py index 93caedee..c841a499 100644 --- a/python/sepolicy/sepolicy/generate.py +++ b/python/sepolicy/sepolicy/generate.py @@ -1265,24 +1265,20 @@ allow %s_t %s_t:%s_socket name_%s; return fcfile def __extract_rpms(self): - import yum - yb = yum.YumBase() - yb.setCacheDir() - - for pkg in yb.rpmdb.searchProvides(self.program): - self.rpms.append(pkg.name) - for fname in pkg.dirlist + pkg.filelist + pkg.ghostlist: - for b in self.DEFAULT_DIRS: - if b == "/etc": - continue - if fname.startswith(b): - if os.path.isfile(fname): - self.add_file(fname) - else: - self.add_dir(fname) + import dnf + + with dnf.Base() as base: + base.read_all_repos() + base.fill_sack(load_system_repo=True) + + query = base.sack.query() - for bpkg in yb.rpmdb.searchNames([pkg.base_package_name]): - for fname in bpkg.dirlist + bpkg.filelist + bpkg.ghostlist: + pq = query.available() + pq = pq.filter(file=self.program) + + for pkg in pq: + self.rpms.append(pkg.name) + for fname in pkg.files: for b in self.DEFAULT_DIRS: if b == "/etc": continue @@ -1291,20 +1287,18 @@ allow %s_t %s_t:%s_socket name_%s; self.add_file(fname) else: self.add_dir(fname) - - # some packages have own systemd subpackage - # tor-systemd for example - binary_name = self.program.split("/")[-1] - for bpkg in yb.rpmdb.searchNames(["%s-systemd" % binary_name]): - for fname in bpkg.filelist + bpkg.ghostlist + bpkg.dirlist: - for b in self.DEFAULT_DIRS: - if b == "/etc": - continue - if fname.startswith(b): - if os.path.isfile(fname): - self.add_file(fname) - else: - self.add_dir(fname) + sq = query.available() + sq = sq.filter(provides=pkg.source_name) + for bpkg in sq: + for fname in bpkg.files: + for b in self.DEFAULT_DIRS: + if b == "/etc": + continue + if fname.startswith(b): + if os.path.isfile(fname): + self.add_file(fname) + else: + self.add_dir(fname) def gen_writeable(self): try: -- 2.43.0