1From 8610efc1610a4e9d4cbfa19ed4a519a6425aee70 Mon Sep 17 00:00:00 2001 2From: "Yann E. MORIN" <yann.morin.1998@free.fr> 3Date: Tue, 9 May 2023 22:28:36 +0200 4Subject: [PATCH] python?sepolgen: fix ausearch path 5 6ausearch is not always isntalled in /sbin; some systems install it in 7/usr/sbin, or it can also be locally installed in /usr/local/sbin. 8 9The python doc [0] suggests using shutil.which() to find the path where 10a command is. which() returns None if the command is not found. If 11ausearch is not found, that would result in an exception being raised by 12Popen(): 13 TypeError: expected str, bytes or os.PathLike object, not NoneType 14 15This is not very informative of what actually failed... 16 17However, the doc suggests so for portability. In our case, the python 18tools are only ever going to run on a Linux host (by their virtue of 19dealing with SELinux), so the search will be reliably done by looking in 20PATH, so we can let Popen() bubble the resolving of an unqualified 21command, down to execvpe() (or the similar actual syscall of the exec*() 22familly). If ausearch is then not found, Popen() raises an exception 23that is wy more informative then: 24 FileNotFoundError: [Errno 2] No such file or directory: 'ausearch' 25 26[0] https://docs.python.org/3/library/subprocess.html#subprocess.Popen 27 28Signed-off-by: Adam Duskett <aduskett@gmail.com> 29[yann.morin.1998@free.fr: 30 - let Popen() resolve from PATH 31 - rewrite commit log 32] 33Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr> 34Upstream: not submitted 35--- 36 python/sepolgen/src/sepolgen/audit.py | 4 ++-- 37 1 file changed, 2 insertions(+), 2 deletions(-) 38 39diff --git a/python/sepolgen/src/sepolgen/audit.py b/python/sepolgen/src/sepolgen/audit.py 40index 4adb851f..5eafa587 100644 41--- a/sepolgen/src/sepolgen/audit.py 42+++ b/sepolgen/src/sepolgen/audit.py 43@@ -41,7 +41,7 @@ def get_audit_boot_msgs(): 44 s = time.localtime(time.time() - off) 45 bootdate = time.strftime("%x", s) 46 boottime = time.strftime("%X", s) 47- output = subprocess.Popen(["/sbin/ausearch", "-m", "AVC,USER_AVC,MAC_POLICY_LOAD,DAEMON_START,SELINUX_ERR", "-ts", bootdate, boottime], 48+ output = subprocess.Popen(["ausearch", "-m", "AVC,USER_AVC,MAC_POLICY_LOAD,DAEMON_START,SELINUX_ERR", "-ts", bootdate, boottime], 49 stdout=subprocess.PIPE).communicate()[0] 50 if util.PY3: 51 output = util.decode_input(output) 52@@ -56,7 +56,7 @@ def get_audit_msgs(): 53 string contain all of the audit messages returned by ausearch. 54 """ 55 import subprocess 56- output = subprocess.Popen(["/sbin/ausearch", "-m", "AVC,USER_AVC,MAC_POLICY_LOAD,DAEMON_START,SELINUX_ERR"], 57+ output = subprocess.Popen(["ausearch", "-m", "AVC,USER_AVC,MAC_POLICY_LOAD,DAEMON_START,SELINUX_ERR"], 58 stdout=subprocess.PIPE).communicate()[0] 59 if util.PY3: 60 output = util.decode_input(output) 61-- 622.25.1 63 64