Exemple #1
0
    def _compile(self, args, executable, env):
        self._copy_src(self.COMPILE_LEVEL)

        with open("/dev/null", "r") as stdin:
            setfscreatecon(self.filecon(self.COMPILE_LEVEL))
            setexeccon(self.execcon(self.COMPILE_LEVEL))
            p = Popen(
                args, bufsize=-1, executable=executable,
                stdin=stdin, stdout=PIPE, stderr=STDOUT,
                close_fds=True, cwd=self._tempdir, env=env)
            setexeccon(None)
            setfscreatecon(None)

        stdout, _ = p.communicate()
        code = p.wait()

        setfilecon(self._tempdir, self.filecon(self.RUN_LEVEL))

        if code != EX_OK:
            return (code, stdout)

        setfilecon(
            join(self._tempdir, self.target_filename),
            self.filecon(self.RUN_LEVEL))

        return (code,)
Exemple #2
0
    def __init__(self, src_path, filename=None):
        self._src_path = src_path
        self._filename = filename or basename(src_path)
        self._con = getcon()[1].split(":")

        setfscreatecon(self.filecon(self.COMPILE_LEVEL))
        self._tempdir = mkdtemp(prefix=self.TEMPDIR_PREFIX)
        setfscreatecon(None)
Exemple #3
0
    def open(self, filename, mode):
        filecon = self.filecon(self.RUN_LEVEL)
        setfscreatecon(filecon)
        f = open(filename, mode)
        setfscreatecon(None)

        if filename != '/dev/null' and all([(m not in mode) for m in 'wa+']):
            if check_category(filecon, fgetfilecon(f.fileno())[1]):
                fsetfilecon(f.fileno(), filecon)

        return f
Exemple #4
0
def mkpolydir(dir_name, poly_dir_name, level):
    dir_context = None
    (rc, context) = selinux.getcon()
    if rc < 0:
        raise Exception("Error getting context.")
    rc = selinux.matchpathcon_init(None)
    if rc < 0:
        raise Exception("Error calling matchpathcon_init.")
    (rc, dir_context) = selinux.matchpathcon(dir_name, 0)
    selinux.matchpathcon_fini()
    if rc < 0:
        raise Exception("Error in matchpathcon for %s." % (dir_name))

    (rc,
     dir_context) = selinux.security_compute_create(context, dir_context,
                                                    selinux.SECCLASS_FILE)
    if rc < 0:
        raise Exception(
            "Error in security_compute_create context: %s directory context: %s"
            % (context, dir_context))

    context_array = dir_context.split(":")
    context_array[3] = level
    dir_context = ':'.join(context_array)
    rc = selinux.setfscreatecon(dir_context)
    if rc < 0:
        raise Exception("Error in setfscreatecon for %s %s." %
                        (poly_dir_name, dir_context))
    try:
        if not os.path.isdir(poly_dir_name):
            os.mkdir(poly_dir_name)
    except (IOError, OSError), (errno, strerror):
        raise Exception("Error creating directory %s with context %s: %s %s" %
                        (poly_dir_name, dir_context, errno, strerror))
Exemple #5
0
def mkpolydir(dir_name, poly_dir_name, level):
        dir_context = None
        (rc, context) = selinux.getcon()
        if rc < 0:
            raise Exception("Error getting context.")
        rc = selinux.matchpathcon_init(None)
        if rc < 0:
            raise Exception("Error calling matchpathcon_init.")
        (rc, dir_context) = selinux.matchpathcon(dir_name, 0)
        selinux.matchpathcon_fini()
        if rc < 0:
            raise Exception("Error in matchpathcon for %s." % (dir_name))
        
        (rc, dir_context) = selinux.security_compute_create(context, dir_context, selinux.SECCLASS_FILE)
        if rc < 0:
            raise Exception("Error in security_compute_create context: %s directory context: %s" % (context, dir_context))
        
        context_array = dir_context.split(":")
        context_array[3] = level
        dir_context = ':'.join(context_array)
        rc = selinux.setfscreatecon(dir_context)
        if rc < 0:
            raise Exception("Error in setfscreatecon for %s %s." % (poly_dir_name, dir_context))
        try:
		if not os.path.isdir(poly_dir_name):
			os.mkdir(poly_dir_name)
	except (IOError, OSError), (errno, strerror):
		raise Exception("Error creating directory %s with context %s: %s %s" % (poly_dir_name, dir_context, errno, strerror))
Exemple #6
0
def setfscreate(ctx="\n"):
	ctx = _unicode_encode(ctx,
		encoding=_encodings['content'], errors='strict')
	if selinux.setfscreatecon(ctx) < 0:
		ctx = _unicode_decode(ctx,
			encoding=_encodings['content'], errors='replace')
		raise OSError(
			_("setfscreate: Failed setting fs create context \"%s\".") % ctx)
Exemple #7
0
def setfscreate(ctx="\n"):
    ctx = _unicode_encode(ctx, encoding=_encodings['content'], errors='strict')
    if selinux.setfscreatecon(ctx) < 0:
        ctx = _unicode_decode(ctx,
                              encoding=_encodings['content'],
                              errors='replace')
        raise OSError(
            _("setfscreate: Failed setting fs create context \"%s\".") % ctx)
Exemple #8
0
def setfscreate(ctx="\n"):
    ctx = _native_string(ctx, encoding=_encodings["content"], errors="strict")
    if selinux.setfscreatecon(ctx) < 0:
        raise OSError(_('setfscreate: Failed setting fs create context "%s".') % ctx)
Exemple #9
0
def setfscreate(ctx="\n"):
    ctx = _native_string(ctx, encoding=_encodings['content'], errors='strict')
    if selinux.setfscreatecon(ctx) < 0:
        raise OSError(
            _("setfscreate: Failed setting fs create context \"%s\".") % ctx)
Exemple #10
0
 def copy(self, src):
     setfscreatecon(self.filecon(self.RUN_LEVEL))
     copy(src, join(self._tempdir, basename(src)))
     setfscreatecon(None)
Exemple #11
0
 def _copy_src(self, level):
     setfscreatecon(self.filecon(level))
     copy(self._src_path, join(self._tempdir, self._filename))
     setfscreatecon(None)