From ca9a0441e4bf226755aa29c3dc3a0d4867d32d89 Mon Sep 17 00:00:00 2001
From: Zac Medico <zmedico@gentoo.org>
Date: Mon, 10 Aug 2009 17:33:00 +0000
Subject: Bug #280998 - Misc selinux fixes. Thanks to Chris PeBenito
 <pebenito@gentoo.org> for this patch.

svn path=/main/trunk/; revision=13977
---
 pym/portage/__init__.py | 11 ++++-------
 pym/portage/_selinux.py | 14 +++++++++++---
 2 files changed, 15 insertions(+), 10 deletions(-)

diff --git a/pym/portage/__init__.py b/pym/portage/__init__.py
index d9fe686c1..b26e8bd9c 100644
--- a/pym/portage/__init__.py
+++ b/pym/portage/__init__.py
@@ -3483,9 +3483,7 @@ def spawn(mystring, mysettings, debug=0, free=0, droppriv=0, sesandbox=0, fakero
 		spawn_func = portage.process.spawn_sandbox
 
 	if sesandbox:
-		con = selinux.getcontext()
-		con = con.replace(mysettings["PORTAGE_T"],
-			mysettings["PORTAGE_SANDBOX_T"])
+		con = selinux.settype(mysettings["PORTAGE_SANDBOX_T"])
 		selinux.setexec(con)
 
 	returnpid = keywords.get("returnpid")
@@ -3496,7 +3494,7 @@ def spawn(mystring, mysettings, debug=0, free=0, droppriv=0, sesandbox=0, fakero
 		if logfile:
 			os.close(slave_fd)
 		if sesandbox:
-			selinux.setexec(None)
+			selinux.setexec()
 
 	if returnpid:
 		return mypids
@@ -3574,8 +3572,7 @@ def _spawn_fetch(settings, args, **kwargs):
 	try:
 
 		if settings.selinux_enabled():
-			con = selinux.getcontext()
-			con = con.replace(settings["PORTAGE_T"], settings["PORTAGE_FETCH_T"])
+			con = selinux.settype(settings["PORTAGE_FETCH_T"])
 			selinux.setexec(con)
 			# bash is an allowed entrypoint, while most binaries are not
 			if args[0] != BASH_BINARY:
@@ -3586,7 +3583,7 @@ def _spawn_fetch(settings, args, **kwargs):
 
 	finally:
 		if settings.selinux_enabled():
-			selinux.setexec(None)
+			selinux.setexec()
 
 	return rval
 
diff --git a/pym/portage/_selinux.py b/pym/portage/_selinux.py
index 2a50f7434..1b5f530ce 100644
--- a/pym/portage/_selinux.py
+++ b/pym/portage/_selinux.py
@@ -61,19 +61,27 @@ def rename(src, dest):
 	finally:
 		setfscreate()
 
+def settype(newtype):
+	ret = getcontext().split(":")
+	ret[2] = newtype
+	return ":".join(ret)
+
 def setexec(ctx="\n"):
+	if isinstance(ctx, unicode):
+		ctx = ctx.encode('utf_8', 'replace')
 	if selinux.setexeccon(ctx) < 0:
 		raise OSError("setexec: Failed setting exec() context \"%s\"." % ctx)
 
 def setfscreate(ctx="\n"):
+	if isinstance(ctx, unicode):
+		ctx = ctx.encode('utf_8', 'replace')
 	if selinux.setfscreatecon(ctx) < 0:
 		raise OSError(
 			"setfscreate: Failed setting fs create context \"%s\"." % ctx)
 
 def spawn(selinux_type, spawn_func, mycommand, opt_name=None, **keywords):
-	con = getcontext().split(":")
-	con[2] = selinux_type
-	setexec(":".join(con))
+	con = settype(selinux_type)
+	setexec(con)
 	try:
 		return spawn_func(mycommand, opt_name=opt_name, **keywords)
 	finally:
-- 
cgit v1.2.3-1-g7c22