def _compile(self, args, executable, env): self._copy_src(self.COMPILE_LEVEL) with open("/dev/null", "r") as stdin: setfscreatecon(self.filecon(self.COMPILE_LEVEL)) setexeccon(self.execcon(self.COMPILE_LEVEL)) p = Popen( args, bufsize=-1, executable=executable, stdin=stdin, stdout=PIPE, stderr=STDOUT, close_fds=True, cwd=self._tempdir, env=env) setexeccon(None) setfscreatecon(None) stdout, _ = p.communicate() code = p.wait() setfilecon(self._tempdir, self.filecon(self.RUN_LEVEL)) if code != EX_OK: return (code, stdout) setfilecon( join(self._tempdir, self.target_filename), self.filecon(self.RUN_LEVEL)) return (code,)
def __init__(self, src_path, filename=None): self._src_path = src_path self._filename = filename or basename(src_path) self._con = getcon()[1].split(":") setfscreatecon(self.filecon(self.COMPILE_LEVEL)) self._tempdir = mkdtemp(prefix=self.TEMPDIR_PREFIX) setfscreatecon(None)
def open(self, filename, mode): filecon = self.filecon(self.RUN_LEVEL) setfscreatecon(filecon) f = open(filename, mode) setfscreatecon(None) if filename != '/dev/null' and all([(m not in mode) for m in 'wa+']): if check_category(filecon, fgetfilecon(f.fileno())[1]): fsetfilecon(f.fileno(), filecon) return f
def mkpolydir(dir_name, poly_dir_name, level): dir_context = None (rc, context) = selinux.getcon() if rc < 0: raise Exception("Error getting context.") rc = selinux.matchpathcon_init(None) if rc < 0: raise Exception("Error calling matchpathcon_init.") (rc, dir_context) = selinux.matchpathcon(dir_name, 0) selinux.matchpathcon_fini() if rc < 0: raise Exception("Error in matchpathcon for %s." % (dir_name)) (rc, dir_context) = selinux.security_compute_create(context, dir_context, selinux.SECCLASS_FILE) if rc < 0: raise Exception( "Error in security_compute_create context: %s directory context: %s" % (context, dir_context)) context_array = dir_context.split(":") context_array[3] = level dir_context = ':'.join(context_array) rc = selinux.setfscreatecon(dir_context) if rc < 0: raise Exception("Error in setfscreatecon for %s %s." % (poly_dir_name, dir_context)) try: if not os.path.isdir(poly_dir_name): os.mkdir(poly_dir_name) except (IOError, OSError), (errno, strerror): raise Exception("Error creating directory %s with context %s: %s %s" % (poly_dir_name, dir_context, errno, strerror))
def mkpolydir(dir_name, poly_dir_name, level): dir_context = None (rc, context) = selinux.getcon() if rc < 0: raise Exception("Error getting context.") rc = selinux.matchpathcon_init(None) if rc < 0: raise Exception("Error calling matchpathcon_init.") (rc, dir_context) = selinux.matchpathcon(dir_name, 0) selinux.matchpathcon_fini() if rc < 0: raise Exception("Error in matchpathcon for %s." % (dir_name)) (rc, dir_context) = selinux.security_compute_create(context, dir_context, selinux.SECCLASS_FILE) if rc < 0: raise Exception("Error in security_compute_create context: %s directory context: %s" % (context, dir_context)) context_array = dir_context.split(":") context_array[3] = level dir_context = ':'.join(context_array) rc = selinux.setfscreatecon(dir_context) if rc < 0: raise Exception("Error in setfscreatecon for %s %s." % (poly_dir_name, dir_context)) try: if not os.path.isdir(poly_dir_name): os.mkdir(poly_dir_name) except (IOError, OSError), (errno, strerror): raise Exception("Error creating directory %s with context %s: %s %s" % (poly_dir_name, dir_context, errno, strerror))
def setfscreate(ctx="\n"): ctx = _unicode_encode(ctx, encoding=_encodings['content'], errors='strict') if selinux.setfscreatecon(ctx) < 0: ctx = _unicode_decode(ctx, encoding=_encodings['content'], errors='replace') raise OSError( _("setfscreate: Failed setting fs create context \"%s\".") % ctx)
def setfscreate(ctx="\n"): ctx = _native_string(ctx, encoding=_encodings["content"], errors="strict") if selinux.setfscreatecon(ctx) < 0: raise OSError(_('setfscreate: Failed setting fs create context "%s".') % ctx)
def setfscreate(ctx="\n"): ctx = _native_string(ctx, encoding=_encodings['content'], errors='strict') if selinux.setfscreatecon(ctx) < 0: raise OSError( _("setfscreate: Failed setting fs create context \"%s\".") % ctx)
def copy(self, src): setfscreatecon(self.filecon(self.RUN_LEVEL)) copy(src, join(self._tempdir, basename(src))) setfscreatecon(None)
def _copy_src(self, level): setfscreatecon(self.filecon(level)) copy(self._src_path, join(self._tempdir, self._filename)) setfscreatecon(None)