When using a list comprehension, the list created under the hood can be referred to with locals()['_[1]']. In the case of nested elements, the elements are named _[2], _[3], etc, as you delve deeper into the nested items. The 'anonymous' list exists only while the list comprehension executes,ie. only during the work between '[' and ']'. It's sometimes handy to be able to refer to this list for in-line processing during the list comprehension. Here's an easy example. Let's say I wanted to join three lists together, removing any duplicate elements:
>>> L1 = [ 1,2,3 ] >>> L2 = [ 2,3,4 ] >>> L3 = [ 2,4,5 ] >>> [ x for x in L1 + L2 + L3 if x not in locals()['_[1]'] ] [1, 2, 3, 4, 5]
Now, the 'gotcha' is that locals()['_[n]'] is not just incremented for each nested list comprehension, it's incremented whenever a list comprehension is used in the local scope. So, if you've executed four list comprehensions previously in the run of the local scope, your next one is referenced as locals()['_[5]']. This is most evident within a loop:
>>> for x in [1,2,3]: ... [ x for x in l1 + l2 + l3 if x not in locals()['_[1]'] ] #this will work ... [ x for x in l1 + l2 + l3 if x not in locals()['_[1]'] ] #this key no longer exists ... [1, 2, 3, 4, 5] Traceback (most recent call last): File "", line 3, in KeyError: '_[1]'
>>> for x in [1,2]: ... [ x for x in l1 + l2 + l3 if x not in locals()['_[1]'] ] ... [ x for x in l1 + l2 + l3 if x not in locals()['_[2]'] ] #here's the increment ... [1, 2, 3, 4, 5] [1, 2, 3, 4, 5] [1, 2, 3, 4, 5] [1, 2, 3, 4, 5]
Every once in a while, I get a wild hair to change up my desktop. Every time I've played with an xterm replacement that supports transparency, I generally get annoyed within hours, being too lazy to actually spend any time tweaking it. For whatever reason, today I bit the bullet, and took a couple of minutes set up aterm to be useable. There was actually no excuse for my earlier laziness - all my 'problems' were settled with just a few entries to ~/.Xdefaults:
These take care of the annoyances (such as the character mapping for my backspace key changing within a vi session). Then, enabling transparency in empty frames for ion3 brings back the old school behavior (well ion2 old school =]):
To create a policy using messages from avc: RHEL5 has a few handy tools to help with allowing specific exceptions to the canned selinux policy, by creating policy modules to import as needed.
Use audit2allow, which transforms audit messages from alerts to loadable modules
So, this /var/log/messages alert:
Aug 7 07:22:19 testbox setroubleshoot: SELinux is preventing /usr/libexec/postfix/local (postfix_local_t) "write" to cricket (mail_spool_t). For complete SELinux messages. run sealert -l 1afcc5f6-d4a8-47e6-b546-b2ec3b427f18
Shows this in sealert:
[07:25:12 testbox ] tmp $ sealert -l 1afcc5f6-d4a8-47e6-b546-b2ec3b427f18 Summary SELinux is preventing /usr/libexec/postfix/local (postfix_local_t) "write" to cricket (mail_spool_t).
Detailed Description SELinux denied access requested by /usr/libexec/postfix/local. It is not expected that this access is required by /usr/libexec/postfix/local and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access.
Allowing Access Sometimes labeling problems can cause SELinux denials. You could try to restore the default system file context for cricket, restorecon -v cricket If this does not work, there is currently no automatic way to allow this access. Instead, you can generate a local policy module to allow this access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you can disable SELinux protection altogether. Disabling SELinux protection is not recommended. Please file a http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package.
Additional Information
Source Context user_u:system_r:postfix_local_t Target Context system_u:object_r:mail_spool_t Target Objects cricket [ file ] Affected RPM Packages postfix-2.3.3-2 [application] Policy RPM selinux-policy-2.4.6-30.el5 Selinux Enabled True Policy Type targeted MLS Enabled True Enforcing Mode Enforcing Plugin Name plugins.catchall_file Host Name testbox Platform Linux testbox 2.6.18-8.1.6.el5 #1 SMP Fri Jun 1 18:52:13 EDT 2007 x86_64 x86_64 Alert Count 7676 Line Numbers
[Note] Important In order to load this newly created policy package into the kernel, you are required to execute semodule -i local.pp Note that if you later install another module called local, it will replace this module. If you want to keep these rules around, then you either need to append future customizations to this local.te, or give future customizations a different name.
So, it's best to either maintain a single policy (named local or whatever you'll remember), or separate policy names for each access you'd like to allow/maintain. I prefer the modular approach, easy to load/unload.
iozone (http://www.iozone.org/) is a filesystem benchmark tool, I found it particularly useful to benchmark and test throughput when we were experiencing slowness over NFS to our NetApp filer.
Here's some common options: -c Include close in the timing calculations -e Include flush (fsync,fflush) in the timing calculations -s # file size in Kb or -s #m .. size in Mb or -s #g .. size in Gb -r # record size in Kb or -r #m .. size in Mb or -r #g .. size in Gb -i # Test to run (0=write/rewrite, 1=read/re-read, 2=random-read/write 3=Read-backwards, 4=Re-write-record, 5=stride-read, 6=fwrite/re-fwrite 7=fread/Re-fread, 8=random_mix, 9=pwrite/Re-pwrite, 10=pread/Re-pread 11=pwritev/Re-pwritev, 12=preadv/Re-preadv) -+n No retests selected. -f filename to use -w Do not unlink temporary file # good to keep files for read tests =]
### Read test (unmount/remount the file system to clear cache, or you'll be getting the throughput from RAM): # iozone -c -s 1g -r 32k -i1 -+n -w -f ./single_thread_write_test.out
