semenage-argparse: Now with full help test (except -E) and support for the login subcommand
Hello, I added more help text to the semanage-argparse rewrite and also implemented support for login. I would like anyone and everyone to look at the code and give me feedback. I am in no way shape or form a python guru so I'm glad to have any and all constructive feedback. Please let me know what you think.
https://github.com/dpquigl/semanage-argparse/
Dave
On 04/21/2013 02:02 AM, Dave Quigley wrote:
Hello, I added more help text to the semanage-argparse rewrite and also implemented support for login. I would like anyone and everyone to look at the code and give me feedback. I am in no way shape or form a python guru so I'm glad to have any and all constructive feedback. Please let me know what you think.
https://github.com/dpquigl/semanage-argparse/
Dave
selinux mailing list selinux@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/selinux
Will check later today.
Mirek
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 04/22/2013 04:17 AM, Miroslav Grepl wrote:
On 04/21/2013 02:02 AM, Dave Quigley wrote:
Hello, I added more help text to the semanage-argparse rewrite and also implemented support for login. I would like anyone and everyone to look at the code and give me feedback. I am in no way shape or form a python guru so I'm glad to have any and all constructive feedback. Please let me know what you think.
https://github.com/dpquigl/semanage-argparse/
Dave -- selinux mailing list selinux@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/selinux
Will check later today.
Mirek -- selinux mailing list selinux@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/selinux
createCommandParser()
Should not do the egroup adding the --add or -d...
No reason to pass in the locapPaser or everyone parser. Any option that is not common to everyone should just be added in each individual.
DELETE #Create the parent parser which is use to handle valid_everyone arguments everyoneParser = argparse.ArgumentParser(add_help=False) egroup = everyoneParser.add_mutually_exclusive_group(required=True) egroup.add_argument('-a', '--add', dest='action', action='store_const', const='add', help='Add a record of the specified object type') egroup.add_argument('-d', '--delete', dest='action', action='store_const', const='delete', help='Delete a record of the specified object type') egroup.add_argument('-m', '--modify', dest='action', action='store_const', const='modify', help='Modify a record of the specified object type') egroup.add_argument('-l', '--list', dest='action', action='store_const', const='list', help='List records of the specified object type') #This is not inuitive but its how the underlying seobject code works.
Just added these to the commandParser
everyoneParser.add_argument('-n', '--noheading', action='store_false', default=True, help='Do not print heading when listing the specified object type') everyoneParser.add_argument('-S', '--store', nargs=1, help='Select an alternate SELinux Policy Store to manage')
Or maybe just the -S and -h.
The idea would be
semanage -S targeted fcontext -a ...
Should be legal.
If -n is not supported for everyone just add it individually.
On 04/22/2013 03:11 PM, Daniel J Walsh wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 04/22/2013 04:17 AM, Miroslav Grepl wrote:
On 04/21/2013 02:02 AM, Dave Quigley wrote:
Hello, I added more help text to the semanage-argparse rewrite and also implemented support for login. I would like anyone and everyone to look at the code and give me feedback. I am in no way shape or form a python guru so I'm glad to have any and all constructive feedback. Please let me know what you think.
https://github.com/dpquigl/semanage-argparse/
Dave -- selinux mailing list selinux@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/selinux
Will check later today.
Mirek -- selinux mailing list selinux@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/selinux
createCommandParser()
Should not do the egroup adding the --add or -d...
No reason to pass in the locapPaser or everyone parser. Any option that is not common to everyone should just be added in each individual.
DELETE #Create the parent parser which is use to handle valid_everyone arguments everyoneParser = argparse.ArgumentParser(add_help=False) egroup = everyoneParser.add_mutually_exclusive_group(required=True) egroup.add_argument('-a', '--add', dest='action', action='store_const', const='add', help='Add a record of the specified object type') egroup.add_argument('-d', '--delete', dest='action', action='store_const', const='delete', help='Delete a record of the specified object type') egroup.add_argument('-m', '--modify', dest='action', action='store_const', const='modify', help='Modify a record of the specified object type') egroup.add_argument('-l', '--list', dest='action', action='store_const', const='list', help='List records of the specified object type') #This is not inuitive but its how the underlying seobject code works.
Just added these to the commandParser
everyoneParser.add_argument('-n', '--noheading', action='store_false',default=True, help='Do not print heading when listing the specified object type') everyoneParser.add_argument('-S', '--store', nargs=1, help='Select an alternate SELinux Policy Store to manage')
Or maybe just the -S and -h.
The idea would be
semanage -S targeted fcontext -a ...
Should be legal.
If -n is not supported for everyone just add it individually.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iEYEARECAAYFAlF1Nv0ACgkQrlYvE4MpobPjqQCfbZh0+GLD0JV+dV522TWDSUHf FZkAoKMnnGEV/tlhO3DcqMmeVRL0LA3F =iYkf -----END PGP SIGNATURE-----
Dan, also how about to use the concept which we have for "sepolicy generate -h". Basically we can create own usage with this concept. Maybe more work but we could get the following result:
[mgrepl@avalanche19 semanage-argparse]$ ./semanage-argparse login -h usage: semanage login [-h] [-r RANGE] [-s SEUSER] ] [ --add LOGIN | --delete LOGIN | --modify LOGIN |--list ]
positional arguments: LOGIN login_name | %groupname
optional arguments: -h, --help show this help message and exit -a, --add Add a record of the specified object type -d, --delete Delete a record of the specified object type -m, --modify Modify a record of the specified object type -l, --list List records of the specified object type -s SEUSER, --seuser SEUSER SELinux user name -r RANGE, --range RANGE MLS/MCS Security Range (MLS/MCS Systems only) SELinux Range for SELinux login mapping defaults to the SELinux user record range. SELinux Range for SELinux user defaults to s0.
where "a","m","d","l" options are mutually exclusive.
What do you think guys?
On 04/30/2013 03:42 PM, Miroslav Grepl wrote:
On 04/22/2013 03:11 PM, Daniel J Walsh wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 04/22/2013 04:17 AM, Miroslav Grepl wrote:
On 04/21/2013 02:02 AM, Dave Quigley wrote:
Hello, I added more help text to the semanage-argparse rewrite and also implemented support for login. I would like anyone and everyone to look at the code and give me feedback. I am in no way shape or form a python guru so I'm glad to have any and all constructive feedback. Please let me know what you think.
https://github.com/dpquigl/semanage-argparse/
Dave -- selinux mailing list selinux@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/selinux
Will check later today.
Mirek -- selinux mailing list selinux@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/selinux
createCommandParser()
Should not do the egroup adding the --add or -d...
No reason to pass in the locapPaser or everyone parser. Any option that is not common to everyone should just be added in each individual.
DELETE #Create the parent parser which is use to handle valid_everyone arguments everyoneParser = argparse.ArgumentParser(add_help=False) egroup = everyoneParser.add_mutually_exclusive_group(required=True) egroup.add_argument('-a', '--add', dest='action', action='store_const', const='add', help='Add a record of the specified object type') egroup.add_argument('-d', '--delete', dest='action', action='store_const', const='delete', help='Delete a record of the specified object type') egroup.add_argument('-m', '--modify', dest='action', action='store_const', const='modify', help='Modify a record of the specified object type') egroup.add_argument('-l', '--list', dest='action', action='store_const', const='list', help='List records of the specified object type') #This is not inuitive but its how the underlying seobject code works.
Just added these to the commandParser
everyoneParser.add_argument('-n', '--noheading',action='store_false', default=True, help='Do not print heading when listing the specified object type') everyoneParser.add_argument('-S', '--store', nargs=1, help='Select an alternate SELinux Policy Store to manage')
Or maybe just the -S and -h.
The idea would be
semanage -S targeted fcontext -a ...
Should be legal.
If -n is not supported for everyone just add it individually.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iEYEARECAAYFAlF1Nv0ACgkQrlYvE4MpobPjqQCfbZh0+GLD0JV+dV522TWDSUHf FZkAoKMnnGEV/tlhO3DcqMmeVRL0LA3F =iYkf -----END PGP SIGNATURE-----
Dan, also how about to use the concept which we have for "sepolicy generate -h". Basically we can create own usage with this concept. Maybe more work but we could get the following result:
[mgrepl@avalanche19 semanage-argparse]$ ./semanage-argparse login -h usage: semanage login [-h] [-r RANGE] [-s SEUSER] ] [ --add LOGIN | --delete LOGIN | --modify LOGIN |--list ]
positional arguments: LOGIN login_name | %groupname
optional arguments: -h, --help show this help message and exit -a, --add Add a record of the specified object type -d, --delete Delete a record of the specified object type -m, --modify Modify a record of the specified object type -l, --list List records of the specified object type -s SEUSER, --seuser SEUSER SELinux user name -r RANGE, --range RANGE MLS/MCS Security Range (MLS/MCS Systems only) SELinux Range for SELinux login mapping defaults to the SELinux user record range. SELinux Range for SELinux user defaults to s0.
where "a","m","d","l" options are mutually exclusive.
What do you think guys?
selinux mailing list selinux@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/selinux
Actually,
./semanage-argparse login -h usage: semanage login [-h] [ --add -s SEUSER -r RANGE LOGIN | --delete LOGIN | --modify -s SEUSER LOGIN | --list ]
positional arguments: login login_name | %groupname
.. ... ....
is better.
David, I attached a patch how it is generated and how i would like to handle options. It is just a draft so I apologize for typos and so on. Not sure if it works for all cases => need to test for all actions/options.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 04/22/2013 04:17 AM, Miroslav Grepl wrote:
On 04/21/2013 02:02 AM, Dave Quigley wrote:
Hello, I added more help text to the semanage-argparse rewrite and also implemented support for login. I would like anyone and everyone to look at the code and give me feedback. I am in no way shape or form a python guru so I'm glad to have any and all constructive feedback. Please let me know what you think.
https://github.com/dpquigl/semanage-argparse/
Dave -- selinux mailing list selinux@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/selinux
Will check later today.
Mirek -- selinux mailing list selinux@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/selinux
Also add some functions to verify input early.
For example: - -p --proto, should check protocols are valid. - -t --type should make sure the type is a port type for a port add...
- --roles should be nargs="*" Not sure we should even mention -P, does anyone use this?
selinux@lists.fedoraproject.org
-
Daniel J Walsh -
David Quigley -
Miroslav Grepl