def get_entrypoint_types(setype):
q = setools.TERuleQuery(_pol,
ruletype=[ALLOW],
source=setype,
tclass=["file"],
perms=["entrypoint"])
return [str(x.target) for x in q.results() if x.source == setype]
def get_type_enf_rules(ruletype=["allow"],
source=None,
target=None,
tclass=None,
perms=None,
booleans=None,
source_indirect=True,
target_indirect=True):
try:
q = setools.TERuleQuery(__selinuxPolicy__,
ruletype=ruletype,
source=source,
source_indirect=source_indirect,
target=target,
target_indirect=target_indirect,
tclass=tclass,
perms=perms,
boolean=booleans)
#return [str(x) for x in q.results()]
# rule.conditional_block meaning (guessing):
# if rule.conditional_block == True: rule is applied if the boolean is set to True
# if rule.conditional_block == False: rule is applied if the boolean is set to False
return [x for x in q.results()]
except ValueError:
return []
def terules_query_orig(self, **kwargs):
if "ruletype" not in kwargs:
kwargs["ruletype"] = [se.TERuletype.allow]
results = se.TERuleQuery(self, **kwargs).results()
filtered_results = [
x for x in results if x.source not in self.trusted_domain_types
]
return sorted(filtered_results)
def get_init_entrypoint(transtype):
q = setools.TERuleQuery(_pol,
ruletype=["type_transition"],
source="init_t",
tclass=["process"])
entrypoints = []
for i in q.results():
try:
if i.default == transtype:
entrypoints.append(i.target)
except AttributeError:
continue
return entrypoints
def get_init_entrypoints_str():
q = setools.TERuleQuery(_pol,
ruletype=["type_transition"],
source="init_t",
tclass=["process"])
entrypoints = {}
for i in q.results():
try:
transtype = str(i.default)
if transtype in entrypoints:
entrypoints[transtype].append(str(i.target))
else:
entrypoints[transtype] = [str(i.target)]
except AttributeError:
continue
return entrypoints
def search(types, seinfo=None):
if not seinfo:
seinfo = {}
valid_types = set(
[ALLOW, AUDITALLOW, NEVERALLOW, DONTAUDIT, TRANSITION, ROLE_ALLOW])
for setype in types:
if setype not in valid_types:
raise ValueError("Type has to be in %s" % " ".join(valid_types))
source = None
if SOURCE in seinfo:
source = str(seinfo[SOURCE])
target = None
if TARGET in seinfo:
target = str(seinfo[TARGET])
tclass = None
if CLASS in seinfo:
tclass = str(seinfo[CLASS]).split(',')
toret = []
tertypes = []
if ALLOW in types:
tertypes.append(ALLOW)
if NEVERALLOW in types:
tertypes.append(NEVERALLOW)
if AUDITALLOW in types:
tertypes.append(AUDITALLOW)
if DONTAUDIT in types:
tertypes.append(DONTAUDIT)
if len(tertypes) > 0:
q = setools.TERuleQuery(_pol,
ruletype=tertypes,
source=source,
target=target,
tclass=tclass)
if PERMS in seinfo:
q.perms = seinfo[PERMS]
toret += [_setools_rule_to_dict(x) for x in q.results()]
if TRANSITION in types:
rtypes = ['type_transition', 'type_change', 'type_member']
q = setools.TERuleQuery(_pol,
ruletype=rtypes,
source=source,
target=target,
tclass=tclass)
if PERMS in seinfo:
q.perms = seinfo[PERMS]
toret += [_setools_rule_to_dict(x) for x in q.results()]
if ROLE_ALLOW in types:
ratypes = ['allow']
q = setools.RBACRuleQuery(_pol,
ruletype=ratypes,
source=source,
target=target,
tclass=tclass)
for r in q.results():
toret.append({'source': str(r.source), 'target': str(r.target)})
return toret
logging.basicConfig(level=logging.INFO, format='%(message)s')
else:
logging.basicConfig(level=logging.WARNING, format='%(message)s')
try:
p = setools.SELinuxPolicy(args.policy)
if args.tertypes:
q = setools.TERuleQuery(p,
ruletype=args.tertypes,
source=args.source,
source_indirect=args.source_indirect,
source_regex=args.source_regex,
target=args.target,
target_indirect=args.target_indirect,
target_regex=args.target_regex,
tclass_regex=args.tclass_regex,
perms_equal=args.perms_equal,
xperms_equal=args.xperms_equal,
default=args.default,
default_regex=args.default_regex,
boolean_regex=args.boolean_regex,
boolean_equal=args.boolean_equal)
# these are broken out from the above statement to prevent making a list
# with an empty string in it (split on empty string)
if args.tclass:
if args.tclass_regex:
q.tclass = args.tclass
else:
q.tclass = args.tclass.split(",")