def semanage_login_add(module, login, seuser, do_reload, serange='s0', sestore=''): """ Add linux user to SELinux user mapping :type module: AnsibleModule :param module: Ansible module :type login: str :param login: a Linux User or a Linux group if it begins with % :type seuser: str :param proto: An SELinux user ('__default__', 'unconfined_u', 'staff_u', ...), see 'semanage login -l' :type serange: str :param serange: SELinux MLS/MCS range (defaults to 's0') :type do_reload: bool :param do_reload: Whether to reload SELinux policy after commit :type sestore: str :param sestore: SELinux store :rtype: bool :return: True if the policy was changed, otherwise False """ try: selogin = seobject.loginRecords(sestore) selogin.set_reload(do_reload) change = False all_logins = selogin.get_all() # module.fail_json(msg="%s: %s %s" % (all_logins, login, sestore)) # for local_login in all_logins: if login not in all_logins.keys(): selogin.add(login, seuser, serange) change = True else: selogin.modify(login, seuser, serange) except ValueError: e = get_exception() module.fail_json(msg="%s: %s\n" % (e.__class__.__name__, str(e))) except IOError: e = get_exception() module.fail_json(msg="%s: %s\n" % (e.__class__.__name__, str(e))) except KeyError: e = get_exception() module.fail_json(msg="%s: %s\n" % (e.__class__.__name__, str(e))) except OSError: e = get_exception() module.fail_json(msg="%s: %s\n" % (e.__class__.__name__, str(e))) except RuntimeError: e = get_exception() module.fail_json(msg="%s: %s\n" % (e.__class__.__name__, str(e))) return change
def load(self, filter=""): self.filter = filter self.login = seobject.loginRecords() dict = self.login.get_all(0) self.store.clear() for k in sorted(dict.keys()): range = seobject.translate(dict[k][1]) if not (self.match(k, filter) or self.match(dict[k][0], filter) or self.match(range, filter)): continue iter = self.store.append() self.store.set_value(iter, 0, k) self.store.set_value(iter, 1, dict[k][0]) self.store.set_value(iter, 2, range) self.view.get_selection().select_path((0,))
def semanage_login_del(module, login, seuser, do_reload, sestore=''): """ Delete linux user to SELinux user mapping :type module: AnsibleModule :param module: Ansible module :type login: str :param login: a Linux User or a Linux group if it begins with % :type seuser: str :param proto: An SELinux user ('__default__', 'unconfined_u', 'staff_u', ...), see 'semanage login -l' :type do_reload: bool :param do_reload: Whether to reload SELinux policy after commit :type sestore: str :param sestore: SELinux store :rtype: bool :return: True if the policy was changed, otherwise False """ try: selogin = seobject.loginRecords(sestore) selogin.set_reload(do_reload) change = False all_logins = selogin.get_all() # module.fail_json(msg="%s: %s %s" % (all_logins, login, sestore)) if login in all_logins.keys(): change = True if not module.check_mode: selogin.delete(login) except (ValueError, KeyError, OSError, RuntimeError) as e: module.fail_json(msg="%s: %s\n" % (e.__class__.__name__, to_native(e)), exception=traceback.format_exc()) return change