diff options
| -rw-r--r-- | pym/portage/__init__.py | 11 | ||||
| -rw-r--r-- | pym/portage/_selinux.py | 14 |
2 files changed, 15 insertions, 10 deletions
diff --git a/pym/portage/__init__.py b/pym/portage/__init__.py index d9fe686c1..b26e8bd9c 100644 --- a/pym/portage/__init__.py +++ b/pym/portage/__init__.py @@ -3483,9 +3483,7 @@ def spawn(mystring, mysettings, debug=0, free=0, droppriv=0, sesandbox=0, fakero spawn_func = portage.process.spawn_sandbox if sesandbox: - con = selinux.getcontext() - con = con.replace(mysettings["PORTAGE_T"], - mysettings["PORTAGE_SANDBOX_T"]) + con = selinux.settype(mysettings["PORTAGE_SANDBOX_T"]) selinux.setexec(con) returnpid = keywords.get("returnpid") @@ -3496,7 +3494,7 @@ def spawn(mystring, mysettings, debug=0, free=0, droppriv=0, sesandbox=0, fakero if logfile: os.close(slave_fd) if sesandbox: - selinux.setexec(None) + selinux.setexec() if returnpid: return mypids @@ -3574,8 +3572,7 @@ def _spawn_fetch(settings, args, **kwargs): try: if settings.selinux_enabled(): - con = selinux.getcontext() - con = con.replace(settings["PORTAGE_T"], settings["PORTAGE_FETCH_T"]) + con = selinux.settype(settings["PORTAGE_FETCH_T"]) selinux.setexec(con) # bash is an allowed entrypoint, while most binaries are not if args[0] != BASH_BINARY: @@ -3586,7 +3583,7 @@ def _spawn_fetch(settings, args, **kwargs): finally: if settings.selinux_enabled(): - selinux.setexec(None) + selinux.setexec() return rval diff --git a/pym/portage/_selinux.py b/pym/portage/_selinux.py index 2a50f7434..1b5f530ce 100644 --- a/pym/portage/_selinux.py +++ b/pym/portage/_selinux.py @@ -61,19 +61,27 @@ def rename(src, dest): finally: setfscreate() +def settype(newtype): + ret = getcontext().split(":") + ret[2] = newtype + return ":".join(ret) + def setexec(ctx="\n"): + if isinstance(ctx, unicode): + ctx = ctx.encode('utf_8', 'replace') if selinux.setexeccon(ctx) < 0: raise OSError("setexec: Failed setting exec() context \"%s\"." % ctx) def setfscreate(ctx="\n"): + if isinstance(ctx, unicode): + ctx = ctx.encode('utf_8', 'replace') if selinux.setfscreatecon(ctx) < 0: raise OSError( "setfscreate: Failed setting fs create context \"%s\"." % ctx) def spawn(selinux_type, spawn_func, mycommand, opt_name=None, **keywords): - con = getcontext().split(":") - con[2] = selinux_type - setexec(":".join(con)) + con = settype(selinux_type) + setexec(con) try: return spawn_func(mycommand, opt_name=opt_name, **keywords) finally: |