Accepting request 956666 from home:shunghsiyu:branches:openSUSE:Factory
Make dependency on python3-networkx optional. python3-network pulls in python38-matplotlib and python38-scipy, which then pulls in various mathematical and graphical libraries that are not needed on a minimal server environment (e.g. MicroOS). While sedta will not work without python3-networkx, with this patch (already merged upstream https://github.com/SELinuxProject/setools/pull/68) it will emit an error message pointing user to install python3-networkx instead of throwing ImportError. Further more, by default zypper install recommended packages as well, so general users are unlikely to even notice the difference. It only makes a difference if recommends are disabled; either explicitly by giving --no-recommends to zypper or setting solver.onlyRequires=true in zypp.conf, the latter is what MicroOS does. OBS-URL: https://build.opensuse.org/request/show/956666 OBS-URL: https://build.opensuse.org/package/show/security:SELinux/setools?expand=0&rev=84
This commit is contained in:
parent
0dba65a9d5
commit
46eb5c010e
91
make-networkx-optional.patch
Normal file
91
make-networkx-optional.patch
Normal file
@ -0,0 +1,91 @@
|
||||
From 716a1d9e1db6701c0b310dd7e10dc4a10656da0f Mon Sep 17 00:00:00 2001
|
||||
From: Chris PeBenito <chpebeni@linux.microsoft.com>
|
||||
Date: Tue, 14 Dec 2021 14:24:20 -0500
|
||||
Subject: [PATCH 1/1] Make NetworkX optional.
|
||||
|
||||
The CLI tools get installed to most distros, but sedta and seinfoflow are
|
||||
not typically used or separated into a different package. This will allow
|
||||
seinfo, sesearch, and sediff to function if NetworkX is missing, since they
|
||||
don't require it.
|
||||
|
||||
Signed-off-by: Chris PeBenito <chpebeni@linux.microsoft.com>
|
||||
Acked-by: Shung-Hsi Yu <shung-hsi.yu@suse.com>
|
||||
---
|
||||
setools/dta.py | 18 ++++++++++++++----
|
||||
setools/infoflow.py | 17 +++++++++++++----
|
||||
2 files changed, 27 insertions(+), 8 deletions(-)
|
||||
|
||||
diff --git a/setools/dta.py b/setools/dta.py
|
||||
index ce5a364..ded88ff 100644
|
||||
--- a/setools/dta.py
|
||||
+++ b/setools/dta.py
|
||||
@@ -10,8 +10,11 @@ from collections import defaultdict
|
||||
from contextlib import suppress
|
||||
from typing import DefaultDict, Iterable, List, NamedTuple, Optional, Union
|
||||
|
||||
-import networkx as nx
|
||||
-from networkx.exception import NetworkXError, NetworkXNoPath, NodeNotFound
|
||||
+try:
|
||||
+ import networkx as nx
|
||||
+ from networkx.exception import NetworkXError, NetworkXNoPath, NodeNotFound
|
||||
+except ImportError:
|
||||
+ logging.getLogger(__name__).debug("NetworkX failed to import.")
|
||||
|
||||
from .descriptors import EdgeAttrDict, EdgeAttrList
|
||||
from .policyrep import AnyTERule, SELinuxPolicy, TERuletype, Type
|
||||
@@ -73,8 +76,15 @@ class DomainTransitionAnalysis:
|
||||
self.reverse = reverse
|
||||
self.rebuildgraph = True
|
||||
self.rebuildsubgraph = True
|
||||
- self.G = nx.DiGraph()
|
||||
- self.subG = self.G.copy()
|
||||
+
|
||||
+ try:
|
||||
+ self.G = nx.DiGraph()
|
||||
+ self.subG = self.G.copy()
|
||||
+ except NameError:
|
||||
+ self.log.critical("NetworkX is not available. This is "
|
||||
+ "requried for Domain Transition Analysis.")
|
||||
+ self.log.critical("This is typically in the python3-networkx package.")
|
||||
+ raise
|
||||
|
||||
@property
|
||||
def reverse(self) -> bool:
|
||||
diff --git a/setools/infoflow.py b/setools/infoflow.py
|
||||
index 0ef240a..4b94a0c 100644
|
||||
--- a/setools/infoflow.py
|
||||
+++ b/setools/infoflow.py
|
||||
@@ -7,8 +7,11 @@ import logging
|
||||
from contextlib import suppress
|
||||
from typing import cast, Iterable, List, Mapping, Optional, Union
|
||||
|
||||
-import networkx as nx
|
||||
-from networkx.exception import NetworkXError, NetworkXNoPath, NodeNotFound
|
||||
+try:
|
||||
+ import networkx as nx
|
||||
+ from networkx.exception import NetworkXError, NetworkXNoPath, NodeNotFound
|
||||
+except ImportError:
|
||||
+ logging.getLogger(__name__).debug("NetworkX failed to import.")
|
||||
|
||||
from .descriptors import EdgeAttrIntMax, EdgeAttrList
|
||||
from .permmap import PermissionMap
|
||||
@@ -54,8 +57,14 @@ class InfoFlowAnalysis:
|
||||
self.rebuildgraph = True
|
||||
self.rebuildsubgraph = True
|
||||
|
||||
- self.G = nx.DiGraph()
|
||||
- self.subG = self.G.copy()
|
||||
+ try:
|
||||
+ self.G = nx.DiGraph()
|
||||
+ self.subG = self.G.copy()
|
||||
+ except NameError:
|
||||
+ self.log.critical("NetworkX is not available. This is "
|
||||
+ "requried for Information Flow Analysis.")
|
||||
+ self.log.critical("This is typically in the python3-networkx package.")
|
||||
+ raise
|
||||
|
||||
@property
|
||||
def min_weight(self) -> int:
|
||||
--
|
||||
2.35.1
|
||||
|
@ -1,3 +1,9 @@
|
||||
-------------------------------------------------------------------
|
||||
Tue Feb 22 09:13:19 UTC 2022 - Shung-Hsi Yu <shung-hsi.yu@suse.com>
|
||||
|
||||
- Add make-networkx-optional.patch to cut down installation requirements
|
||||
- Change python3-networkx from require into recommend
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Jun 8 11:10:02 UTC 2021 - Dominique Leuenberger <dimstar@opensuse.org>
|
||||
|
||||
|
@ -1,7 +1,7 @@
|
||||
#
|
||||
# spec file for package setools
|
||||
#
|
||||
# Copyright (c) 2021 SUSE LLC
|
||||
# Copyright (c) 2022 SUSE LLC
|
||||
#
|
||||
# All modifications and additions to the file contributed by third parties
|
||||
# remain the property of their copyright owners, unless otherwise agreed
|
||||
@ -33,6 +33,8 @@ Summary: Policy analysis tools for SELinux
|
||||
License: GPL-2.0-only
|
||||
Group: System/Management
|
||||
Source: https://github.com/SELinuxProject/setools/releases/download/%{version}/%{name}-%{version}.tar.bz2
|
||||
# PATCH-FIX-UPSTREAM https://github.com/SELinuxProject/setools/pull/68
|
||||
Patch1: make-networkx-optional.patch
|
||||
BuildRequires: fdupes
|
||||
BuildRequires: libselinux-devel
|
||||
BuildRequires: libsepol-devel
|
||||
@ -73,7 +75,7 @@ Summary: Python bindings for SELinux policy analysis
|
||||
License: LGPL-2.0-only
|
||||
Group: Development/Languages/Python
|
||||
Requires: python3 >= 3.4
|
||||
Requires: python3-networkx
|
||||
Recommends: python3-networkx
|
||||
Obsoletes: python-setools < %{version}-%{release}
|
||||
Provides: python-setools = %{version}-%{release}
|
||||
%if "%{python3_primary_provider}" != "python3"
|
||||
@ -103,6 +105,7 @@ This package includes the following graphical tools:
|
||||
|
||||
%prep
|
||||
%setup -q -n %{name}
|
||||
%autopatch -p1
|
||||
|
||||
%build
|
||||
%python_build
|
||||
|
Loading…
Reference in New Issue
Block a user