selinux January 2010 archive
Main Archive Page > Month Archives  > selinux archives
selinux: Re: [PATCH 12/15] [src-policy] semodule: edit module

Re: [PATCH 12/15] [src-policy] semodule: edit module

From: Stephen Smalley <sds_at_nospam>
Date: Wed Jan 27 2010 - 20:21:26 GMT
To: Caleb Case <ccase@tresys.com>


On Tue, 2010-01-26 at 17:08 -0500, Caleb Case wrote:
> In order to ease the process of modifying an installed module, this
> provides the -E,--edit option to semodule. It will retrieve the
> specified module, open it in the default editor, and then reinstall the
> module if editing completes successfully.
>
> * Editor to be executed is discovered from the EDITOR environment
> variable.
>
> * Transaction locks are held for the duration of the editing.
>
> * If -E is specified multiple times, then the editor will be
> called on each one, consecutively (editing stops on a particular
> module when the editor exits).
>
> * If the editor exits with a non-zero status, then the transaction
> will be aborted.
>
> * If the editor exits without making any changes to the file (as
> determined from the time stamp), then the transaction will be not be
> committed unless another action requires it to be.
>
> * The editor will be executed in the users SELinux context (as
> determined by getprevcon)
>
> Example:
>
> # export EDITOR=vim
> # semodule -E alsa
> <edit alsa module>
> <after quiting editor module is installed>
> ---

I'm concerned that this is over-engineering. Why not just provide -g (aka --checkout) and -i (aka --commit or --checkin), and let the editing happen entirely outside of the infrastructure. Do we really want to allow the caller to hold the transaction locks indefinitely? -- Stephen Smalley National Security Agency -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message.