genhomedircon: drop backwards compatibility section

Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
Signed-off-by: Jason Zaman <perfinion@gentoo.org>

1 files changed, 1 insertions, 161 deletions

diff --git a/support/genhomedircon.py b/support/genhomedircon.py
index bb4e50617..e9d72067a 100644
--- a/support/genhomedircon.py
+++ b/support/genhomedircon.py
@@ -40,7 +40,7 @@
 #  are always "real" (including root, in the default configuration).
 #
 
-import sys, os, pwd, getopt, re
+import sys, pwd, getopt, re
 from subprocess import getstatusoutput
 
 EXCLUDE_LOGINS=["/sbin/nologin", "/bin/false"]
@@ -69,162 +69,6 @@ def getStartingUID():
 		starting_uid = 500
 	return starting_uid
 
-#############################################################################
-#
-# This section is just for backwards compatibility
-#
-#############################################################################
-def getPrefixes():
-	ulist = pwd.getpwall()
-	STARTING_UID=getStartingUID()
-	prefixes = {}
-	for u in ulist:
-		if u[2] >= STARTING_UID and \
-				not u[6] in EXCLUDE_LOGINS and \
-				u[5] != "/" and \
-				u[5].count("/") > 1:
-			prefix = u[5][:u[5].rfind("/")]
-			if not prefix in prefixes:
-				prefixes[prefix] = ""
-	return prefixes
-
-def getUsers(filecontextdir):
-	rc = getstatusoutput("grep ^user %s/users" % filecontextdir)
-	udict = {}
-	if rc[0] == 0:
-		ulist = rc[1].strip().split("\n")
-		for u in ulist:
-			user = u.split()
-			try:
-				if user[1] == "user_u" or user[1] == "system_u":
-					continue
-				# !!! chooses first role in the list to use in the file context !!!
-				role = user[3]
-				if role == "{":
-					role = user[4]
-				role = role.split("_r")[0]
-				home = pwd.getpwnam(user[1])[5]
-				if home == "/":
-					continue
-				prefs = {}
-				prefs["role"] = role
-				prefs["home"] = home
-				udict[user[1]] = prefs
-			except KeyError:
-				sys.stderr.write("The user \"%s\" is not present in the passwd file, skipping...\n" % user[1])
-	return udict
-
-def update(filecontext, user, prefs):
-	rc=getstatusoutput("grep -h '^HOME_DIR' %s | grep -v vmware | sed -e 's|HOME_DIR|%s|' -e 's/ROLE/%s/' -e 's/system_u/%s/'" % (filecontext, prefs["home"], prefs["role"], user))
-	if rc[0] == 0:
-		print(rc[1])
-	else:
-		errorExit("grep/sed error " + rc[1])
-	return rc
-
-def oldgenhomedircon(filecontextdir, filecontext):
-        sys.stderr.flush()
-
-        if os.path.isdir(filecontextdir) == 0:
-                sys.stderr.write("New usage is the following\n")
-                usage()
-        #We are going to define home directory used by libuser and show-utils as a home directory root
-        prefixes = {}
-        rc=getstatusoutput("grep -h '^HOME' /etc/default/useradd")
-        if rc[0] == 0:
-                homedir = rc[1].split("=")[1]
-                homedir = homedir.split("#")[0]
-                homedir = homedir.strip()
-                if not homedir in prefixes:
-                        prefixes[homedir] = ""
-        else:
-                #rc[0] == 256 means the file was there, we read it, but the grep didn't match
-                if rc[0] != 256:
-                        sys.stderr.write("%s\n" % rc[1])
-                        sys.stderr.write("You do not have access to /etc/default/useradd HOME=\n")
-                        sys.stderr.flush()
-
-
-        rc=getstatusoutput("grep -h '^LU_HOMEDIRECTORY' /etc/libuser.conf")
-        if rc[0] == 0:
-                homedir = rc[1].split("=")[1]
-                homedir = homedir.split("#")[0]
-                homedir = homedir.strip()
-                homedir = re.sub(r"[^/a-zA-Z0-9].*$", "", homedir)
-                if not homedir in prefixes:
-                        prefixes[homedir] = ""
-
-        #the idea is that we need to find all of the home_root_t directories we do this by just accepting
-        #any default home directory defined by either /etc/libuser.conf or /etc/default/useradd
-        #we then get the potential home directory roots from /etc/passwd or nis or wherever and look at
-        #the defined homedir for all users with UID > STARTING_UID.  This list of possible root homedirs
-        #is then checked to see if it has an explicit context defined in the file_contexts.  Explicit
-        #is any regex that would match it which does not end with .*$ or .+$ since those are general
-        #recursive matches.  We then take any regex which ends with [pattern](/.*)?$ and just check against
-        #[pattern]
-        potential_prefixes = getPrefixes()
-        prefix_regex = {}
-        #this works by grepping the file_contexts for
-        # 1. ^/ makes sure this is not a comment
-        # 2. prints only the regex in the first column first cut on \t then on space
-        rc=getstatusoutput("grep \"^/\" %s | cut -f 1 | cut -f 1 -d \" \" " %  (sys.argv[2]) )
-        if rc[0] == 0:
-                prefix_regex = rc[1].split("\n")
-        else:
-                sys.stderr.write("%s\n" % rc[1])
-                sys.stderr.write("You do not have access to grep/cut/the file contexts\n")
-                sys.stderr.flush()
-        for potential in potential_prefixes.keys():
-                addme = 1
-                for regex in prefix_regex:
-                        #match a trailing (/*)? which is actually a bug in rpc_pipefs
-                        regex = re.sub(r"\(/\*\)\?$", "", regex)
-                        #match a trailing .+
-                        regex = re.sub(r"\.+$", "", regex)
-                        #match a trailing .*
-                        regex = re.sub(r"\.\*$", "", regex)
-                        #strip a (/.*)? which matches anything trailing to a /*$ which matches trailing /'s
-                        regex = re.sub(r"\(\/\.\*\)\?", "", regex)
-                        regex = regex + "/*$"
-                        if re.search(regex, potential, 0):
-                                addme = 0
-                if addme == 1:
-                        if not potential in prefixes:
-                                prefixes[potential] = ""
-
-
-        if prefixes.__eq__({}):
-                sys.stderr.write("LU_HOMEDIRECTORY not set in /etc/libuser.conf\n")
-                sys.stderr.write("HOME= not set in /etc/default/useradd\n")
-                sys.stderr.write("And no users with a reasonable homedir found in passwd/nis/ldap/etc...\n")
-                sys.stderr.write("Assuming /home is the root of home directories\n")
-                sys.stderr.flush()
-                prefixes["/home"] = ""
-
-        # There may be a more elegant sed script to expand a macro to multiple lines, but this works
-        sed_root = "h; s|^HOME_ROOT|%s|" % (prefixes.keys() + "|; p; g; s|^HOME_ROOT|")
-        sed_dir = "h; s|^HOME_DIR|%s/[^/]+|; s|ROLE_|user_|" % (prefixes.keys() + "/[^/]+|; s|ROLE_|user_|; p; g; s|^HOME_DIR|")
-
-        # Fill in HOME_ROOT, HOME_DIR, and ROLE for users not explicitly defined in /etc/security/selinux/src/policy/users
-        rc=getstatusoutput("sed -e \"/^HOME_ROOT/{%s}\" -e \"/^HOME_DIR/{%s}\" %s" % (sed_root, sed_dir, filecontext))
-        if rc[0] == 0:
-                print(rc[1])
-        else:
-                errorExit("sed error " + rc[1])
-
-        users = getUsers(filecontextdir)
-        print("\n#\n# User-specific file contexts\n#\n")
-
-        # Fill in HOME and ROLE for users that are defined
-        for u in users.keys():
-                update(filecontext, u, users[u])
-
-#############################################################################
-#
-# End of backwards compatibility section
-#
-#############################################################################
-
 def getDefaultHomeDir():
 	ret = []
 	rc=getstatusoutput("grep -h '^HOME' /etc/default/useradd")
@@ -466,10 +310,6 @@ try:
 	if setype is None:
 		setype=getSELinuxType(directory)
 
-	if len(cmds) == 2:
-		oldgenhomedircon(cmds[0], cmds[1])
-		sys.exit(0)
-
 	if len(cmds) != 0:
 		usage()
 	selconf=selinuxConfig(directory, setype, usepwd)