Bug 525669

Summary: policygentool prints a traceback when executed in read-only directory
Product: [Fedora] Fedora Reporter: Milos Malik <mmalik>
Component: selinux-policyAssignee: Daniel Walsh <dwalsh>
Status: CLOSED RAWHIDE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: medium Docs Contact:
Priority: low    
Version: 11CC: dwalsh, mgrepl
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2009-09-25 15:06:06 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description Milos Malik 2009-09-25 08:58:46 UTC
Description of problem:


Version-Release number of selected component (if applicable):
selinux-policy-3.6.12-82.fc11.noarch

How reproducible:
always

Steps to Reproduce:
1) go to a directory where you don't have write permission (e.g. /usr/share/selinux/devel)
2) run "./policygentool ls /bin/ls" and answer all questions by just hitting ENTER
3) you will see traceback which is very similar to the following:

Traceback (most recent call last):
  File "./policygentool", line 294, in <module>
    network=network
  File "./policygentool", line 220, in gen_policy
    write_te_file(module, pidfile, logfile, libfile, initsc, network)
  File "./policygentool", line 187, in write_te_file
    fd = open(file, 'w')
IOError: [Errno 13] Permission denied: 'ls.te'

  
Actual results:
traceback is displayed

Expected results:
an error message is displayed instead of the trackback

Additional info:
The same problem is present in Fedora 10. Fix in Fedora 11 would be fine.

Comment 2 Daniel Walsh 2009-09-25 15:06:06 UTC
Dropping support for policygentool in F12.

/usr/bin/policygentool dlkdjd
policygentool is no longer supported, better tools exist for creating policy
Please use /usr/bin/sepolgen, slide or polgengui to generate policy.

Fixed in selinux-policy-3.6.32-11.fc12.noarch