Fix formatting and styling issues

Remove extra parentheses and semicolons. Fix whitespace.
2024-06-19 17:59:07 +02:00 · 2019-03-05 12:23:40 +01:00 · 2019-03-05 12:23:40 +01:00 · a70bed2c5e
parent 11b8ea68b6
commit a70bed2c5e
2 changed files with 28 additions and 28 deletions
--- a/udica/main.py
+++ b/udica/main.py
@ -103,7 +103,7 @@ def main():
        else:
            container_caps = opts['Caps'].split(',')
    else:
-        if (return_code_podman == 0):
+        if return_code_podman == 0:
            container_caps = container_inspect[0]['EffectiveCaps']

    create_policy(opts, container_caps, container_mounts, container_ports)
--- a/udica/policy.py
+++ b/udica/policy.py
@ -70,44 +70,44 @@ def list_ports(port_number):
        con = semanage.semanage_port_get_con(port)
        ctype = semanage.semanage_context_get_type(con)
        low = semanage.semanage_port_get_low(port)
-        if (low == port_number):
+        if low == port_number:
            return ctype

-def create_policy(opts,capabilities,mounts,ports):
+def create_policy(opts, capabilities, mounts, ports):
    policy = open(opts['ContainerName'] +'.cil', 'w')
    policy.write('(block ' + opts['ContainerName'] + '\n')
    policy.write('    (blockinherit container)\n')
-    add_template("base_container");
+    add_template("base_container")

    if opts['FullNetworkAccess']:
        policy.write('    (blockinherit net_container)\n')
-        add_template("net_container");
+        add_template("net_container")

    if opts['VirtAccess']:
        policy.write('    (blockinherit virt_container)\n')
-        add_template("virt_container");
+        add_template("virt_container")

    if opts['XAccess']:
        policy.write('    (blockinherit x_container)\n')
-        add_template("x_container");
+        add_template("x_container")

    if opts['TtyAccess']:
        policy.write('    (blockinherit tty_container)\n')
-        add_template("tty_container");
+        add_template("tty_container")

    if ports:
        policy.write('    (blockinherit restricted_net_container)\n')
-        add_template("net_container");
+        add_template("net_container")

    # capabilities
    if capabilities:
-        caps=''
+        caps = ''
        for item in capabilities:
            # Capabilities parsed from podman inspection JSON file have prefix "CAP_", this should be removed
            if "CAP_" in item:
                caps = caps + perms.cap[item[4:]]
            else:
-                 caps = caps + perms.cap[item]
+                caps = caps + perms.cap[item]

        policy.write('    (allow process process ( capability ( ' + caps  + '))) \n')
        policy.write('\n')
@ -122,43 +122,43 @@ def create_policy(opts,capabilities,mounts,ports):
        if not item['source'].find("/"):
            if (item['source'] == LOG_CONTAINER and 'ro' in item['options']):
                policy.write('    (blockinherit log_container)\n')
-                add_template("log_container");
-                continue;
+                add_template("log_container")
+                continue

            if (item['source'] == LOG_CONTAINER and 'rw' in item['options']):
                policy.write('    (blockinherit log_rw_container)\n')
-                add_template("log_container");
-                continue;
+                add_template("log_container")
+                continue

            if (item['source'] == HOME_CONTAINER and 'ro' in item['options']):
                policy.write('    (blockinherit home_container)\n')
-                add_template("home_container");
-                continue;
+                add_template("home_container")
+                continue

            if (item['source'] == HOME_CONTAINER and 'rw' in item['options']):
                policy.write('    (blockinherit home_rw_container)\n')
-                add_template("home_container");
-                continue;
+                add_template("home_container")
+                continue

            if (item['source'] == TMP_CONTAINER and 'ro' in item['options']):
                policy.write('    (blockinherit tmp_container)\n')
-                add_template("tmp_container");
-                continue;
+                add_template("tmp_container")
+                continue

            if (item['source'] == TMP_CONTAINER and 'rw' in item['options']):
                policy.write('    (blockinherit tmp_rw_container)\n')
-                add_template("tmp_container");
-                continue;
+                add_template("tmp_container")
+                continue

            if (item['source'] == CONFIG_CONTAINER and 'ro' in item['options']):
                policy.write('    (blockinherit config_container)\n')
-                add_template("config_container");
-                continue;
+                add_template("config_container")
+                continue

            if (item['source'] == CONFIG_CONTAINER and 'rw' in item['options']):
                policy.write('    (blockinherit config_rw_container)\n')
-                add_template("config_container");
-                continue;
+                add_template("config_container")
+                continue

            contexts = list_contexts(item['source'])
            for context in contexts:
@ -192,7 +192,7 @@ def load_policy(opts):
        semanage.semanage_commit(handle)
    else:
        templates = list_templates_to_string(templates_to_load)
-        if (len(templates_to_load) > 1):
+        if len(templates_to_load) > 1:
            print('\nPlease load these modules using: \n# semodule -i ' + opts['ContainerName'] + '.cil ' + TEMPLATES_STORE + "/{" + templates + '}')
        else:
            print('\nPlease load these modules using: \n# semodule -i ' + opts['ContainerName'] + '.cil ' + TEMPLATES_STORE + "/" + templates + '')