Description
Use of egrep is causing issues with Fedora 39
Setup
Given the following sls file
selinux_policy_media_downloads_present:
selinux.fcontext_policy_present:
- name: /media/downloads(/.*)?
- sel_type: container_file_tWhen run on a Fedora 39 system will result in
local:
----------
ID: selinux_policy_media_downloads_present
Function: selinux.fcontext_policy_present
Name: /media/downloads(/.*)?
Result: False
Comment: An exception occurred in this state: Traceback (most recent call last):
File "/usr/lib/python3.12/site-packages/salt/state.py", line 2381, in call
ret = self.states[cdata["full"]](
^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3.12/site-packages/salt/loader/lazy.py", line 159, in __call__
ret = self.loader.run(run_func, *args, **kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3.12/site-packages/salt/loader/lazy.py", line 1245, in run
return self._last_context.run(self._run_as, _func_or_method, *args, **kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3.12/site-packages/salt/loader/lazy.py", line 1260, in _run_as
return _func_or_method(*args, **kwargs)
selinux_policy_media_downloads_present:
selinux.fcontext_policy_present:
- name: /media/downloads(/.*)?
- sel_type: container_file_t
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3.12/site-packages/salt/loader/lazy.py", line 1293, in wrapper
return f(*args, **kwargs)
^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3.12/site-packages/salt/states/selinux.py", line 326, in fcontext_policy_present
current_state = __salt__["selinux.fcontext_get_policy"](
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3.12/site-packages/salt/loader/lazy.py", line 159, in __call__
ret = self.loader.run(run_func, *args, **kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3.12/site-packages/salt/loader/lazy.py", line 1245, in run
return self._last_context.run(self._run_as, _func_or_method, *args, **kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3.12/site-packages/salt/loader/lazy.py", line 1260, in _run_as
return _func_or_method(*args, **kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3.12/site-packages/salt/modules/selinux.py", line 509, in fcontext_get_policy
"filespec": parts.group(1).strip(),
^^^^^^^^^^^
AttributeError: 'NoneType' object has no attribute 'group'
Started: 12:36:08.584306
Duration: 183.601 ms
Changes: And that has to do with with code block in
/usr/lib/python3.12/site-packages/salt/modules/selinux.py
cmd = (
"semanage fcontext -l | egrep "
+ "'^{filespec}{spacer}{filetype}{spacer}{sel_user}:{sel_role}:{sel_type}:{sel_level}{ospacer}$'".format(
**cmd_kwargs
)
)
current_entry_text = __salt__["cmd.shell"](cmd, ignore_retcode=True)
if current_entry_text == "":
return NoneWhat happens in this instance is that current_entry_text returns
egrep: warning: egrep is obsolescent; using grep -E
And therefore it won't return None
What needs to be done is to replace all instances of egrep with grep -E
As egrep has been deprecated since grep 3.8
https://github.com/koalaman/shellcheck/wiki/SC2196
https://www.phoronix.com/news/GNU-Grep-3.8-Stop-egrep-fgrep
Versions Report
salt --versions-report
(Provided by running salt --versions-report. Please also mention any differences in master/minion versions.)
Python Version:
Python: 3.12.0 (main, Oct 2 2023, 00:00:00) [GCC 13.2.1 20230918 (Red Hat 13.2.1-3)]
Dependency Versions:
cffi: 1.15.1
cherrypy: Not Installed
dateutil: 2.8.2
docker-py: Not Installed
gitdb: Not Installed
gitpython: Not Installed
Jinja2: 3.1.2
libgit2: 1.7.1
looseversion: 1.3.0
M2Crypto: Not Installed
Mako: Not Installed
msgpack: 1.0.5
msgpack-pure: Not Installed
mysql-python: Not Installed
packaging: 23.1
pycparser: 2.20
pycrypto: Not Installed
pycryptodome: 3.19.0
pygit2: 1.13.0
python-gnupg: 0.5.0
PyYAML: 6.0.1
PyZMQ: 25.1.0
relenv: Not Installed
smmap: Not Installed
timelib: Not Installed
Tornado: 6.3.3
ZMQ: 4.3.4
System Versions:
dist: fedora 39
locale: utf-8
machine: x86_64
release: 6.5.11-300.fc39.x86_64
system: Linux
version: Fedora Linux 39
</summary>
(Provided by running salt --versions-report. Please also mention any differences in master/minion versions.)Additional context
I would do a PR for this -- but I had a really bad experience doing so
Case in point -- I've got this PR pending
#62852
It was approved, but never merged -- I've pinged the reviewers multiple times -- and have received nothing but radio silence. Seriously -- how do you expect people to put in the work to submit a PR when you can't get a single reviewer to respond in over a month!?
Description
Use of egrep is causing issues with Fedora 39
Setup
Given the following sls file
When run on a Fedora 39 system will result in
And that has to do with with code block in
/usr/lib/python3.12/site-packages/salt/modules/selinux.pyWhat happens in this instance is that
current_entry_textreturnsegrep: warning: egrep is obsolescent; using grep -EAnd therefore it won't return
NoneWhat needs to be done is to replace all instances of
egrepwithgrep -EAs egrep has been deprecated since
grep 3.8https://github.com/koalaman/shellcheck/wiki/SC2196
https://www.phoronix.com/news/GNU-Grep-3.8-Stop-egrep-fgrep
Versions Report
salt --versions-report
(Provided by running salt --versions-report. Please also mention any differences in master/minion versions.)Additional context
I would do a PR for this -- but I had a really bad experience doing so
Case in point -- I've got this PR pending
#62852
It was approved, but never merged -- I've pinged the reviewers multiple times -- and have received nothing but radio silence. Seriously -- how do you expect people to put in the work to submit a PR when you can't get a single reviewer to respond in over a month!?