From: guido@trentalancia.com (Guido Trentalancia)
Date: Wed, 15 Aug 2012 10:13:26 +0200
Subject: [refpolicy] [PATCH]: clarify the file_contexts.subs_dist
 configuration file usage
In-Reply-To: <20120815080226.GA32379@siphos.be>
References: <50250912.50902@trentalancia.com> <502A3EAE.2060905@tresys.com>
	<20120815080226.GA32379@siphos.be>
Message-ID: <502B5A26.5070309@trentalancia.com>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On 15/08/2012 10:02, Sven Vermeulen wrote:
> On Tue, Aug 14, 2012 at 08:03:58AM -0400, Christopher J. PeBenito wrote:
>> On 08/10/12 09:13, Guido Trentalancia wrote:
>>> Add a comment at the top of the configuration file file_contexts.subs_dist
>>> to clarify that it performs aliasing and not substitutions in the
>>> strict sense of the word.
>>>
>>> A name change might be considered too, if it proves to lead to further
>>> confusion.
>>>
>>> There might be pieces of documentation that could benefit from similar
>>> considerations.
>>>
>>> Also note that a specific manual page is missing.
>>>
>>> Signed-off-by: Guido Trentalancia <guido@trentalancia.com>
>>> ---
>>>   config/file_contexts.subs_dist |   10 ++++++++++
>>>   1 file changed, 10 insertions(+)
>>>
>>> diff -pruN refpolicy-08092012/config/file_contexts.subs_dist refpolicy-08092012-file_contexts.subs_dist-comment/config/file_contexts.subs_dist
>>> --- refpolicy-08092012/config/file_contexts.subs_dist    2012-06-21 20:10:29.011803405 +0200
>>> +++ refpolicy-08092012-file_contexts.subs_dist-comment/config/file_contexts.subs_dist 2012-08-10 17:01:36.045451839 +0200
>>> @@ -1,3 +1,13 @@
>>> +# This file can is used to configure base path aliases as in:
>>> +#
>>> +# /aliased_path /original_path_as_configured_in_file_contexts
>>> +#
>>> +# where original_path_as_configured_in_file_contexts is a base
>>> +# path being used in the main file_contexts configuration file.
>>> +#
>>> +# It does not perform substitutions as done by sed(1), for
>>> +# example, but aliasing.
>>> +#
>>>   /lib32 /lib
>>>   /lib64 /lib
>>>   /run /var/run
>>
>> Merged.
>
> This seems to break policycoreutils:
>
> # semanage fcontext -l
> /usr/sbin/semanage: too many values to unpack (expected 2)
>
> Undoing the comment change fixes things again.

Is semanage using the standard library functions to read the file ? 
Because I had a very quick look through the library and the #-comment 
skipping code seemed to be there...

Regards,

Guido