From: guido@trentalancia.com (Guido Trentalancia) Date: Wed, 15 Aug 2012 10:13:26 +0200 Subject: [refpolicy] [PATCH]: clarify the file_contexts.subs_dist configuration file usage In-Reply-To: <20120815080226.GA32379@siphos.be> References: <50250912.50902@trentalancia.com> <502A3EAE.2060905@tresys.com> <20120815080226.GA32379@siphos.be> Message-ID: <502B5A26.5070309@trentalancia.com> To: refpolicy@oss.tresys.com List-Id: refpolicy.oss.tresys.com On 15/08/2012 10:02, Sven Vermeulen wrote: > On Tue, Aug 14, 2012 at 08:03:58AM -0400, Christopher J. PeBenito wrote: >> On 08/10/12 09:13, Guido Trentalancia wrote: >>> Add a comment at the top of the configuration file file_contexts.subs_dist >>> to clarify that it performs aliasing and not substitutions in the >>> strict sense of the word. >>> >>> A name change might be considered too, if it proves to lead to further >>> confusion. >>> >>> There might be pieces of documentation that could benefit from similar >>> considerations. >>> >>> Also note that a specific manual page is missing. >>> >>> Signed-off-by: Guido Trentalancia >>> --- >>> config/file_contexts.subs_dist | 10 ++++++++++ >>> 1 file changed, 10 insertions(+) >>> >>> diff -pruN refpolicy-08092012/config/file_contexts.subs_dist refpolicy-08092012-file_contexts.subs_dist-comment/config/file_contexts.subs_dist >>> --- refpolicy-08092012/config/file_contexts.subs_dist 2012-06-21 20:10:29.011803405 +0200 >>> +++ refpolicy-08092012-file_contexts.subs_dist-comment/config/file_contexts.subs_dist 2012-08-10 17:01:36.045451839 +0200 >>> @@ -1,3 +1,13 @@ >>> +# This file can is used to configure base path aliases as in: >>> +# >>> +# /aliased_path /original_path_as_configured_in_file_contexts >>> +# >>> +# where original_path_as_configured_in_file_contexts is a base >>> +# path being used in the main file_contexts configuration file. >>> +# >>> +# It does not perform substitutions as done by sed(1), for >>> +# example, but aliasing. >>> +# >>> /lib32 /lib >>> /lib64 /lib >>> /run /var/run >> >> Merged. > > This seems to break policycoreutils: > > # semanage fcontext -l > /usr/sbin/semanage: too many values to unpack (expected 2) > > Undoing the comment change fixes things again. Is semanage using the standard library functions to read the file ? Because I had a very quick look through the library and the #-comment skipping code seemed to be there... Regards, Guido