def sepolicy_all_types_json_generator():
types = sepolicy.get_all_domains()
for type in types:
data = {
"name": type,
}
yield data
def __init__(self,
domainname,
path="/tmp",
root="/",
source_files=False,
html=False):
self.html = html
self.source_files = source_files
self.root = root
self.portrecs = sepolicy.gen_port_dict()[0]
self.domains = gen_domains()
self.all_domains = sepolicy.get_all_domains()
self.all_attributes = sepolicy.get_all_attributes()
self.all_bools = sepolicy.get_all_bools()
self.all_port_types = sepolicy.get_all_port_types()
self.all_roles = sepolicy.get_all_roles()
self.all_users = get_all_users_info()[0]
self.all_users_range = get_all_users_info()[1]
self.all_file_types = sepolicy.get_all_file_types()
self.role_allows = sepolicy.get_all_role_allows()
self.types = _gen_types()
if self.source_files:
self.fcpath = self.root + "file_contexts"
else:
self.fcpath = self.root + selinux.selinux_file_context_path()
self.fcdict = sepolicy.get_fcdict(self.fcpath)
if not os.path.exists(path):
os.makedirs(path)
self.path = path
if self.source_files:
self.xmlpath = self.root + "policy.xml"
else:
self.xmlpath = self.root + "/usr/share/selinux/devel/policy.xml"
self.booleans_dict = sepolicy.gen_bool_dict(self.xmlpath)
self.domainname, self.short_name = sepolicy.gen_short_name(domainname)
self.type = self.domainname + "_t"
self._gen_bools()
self.man_page_path = "%s/%s_selinux.8" % (path, self.domainname)
self.fd = open(self.man_page_path, 'w')
if self.domainname + "_r" in self.all_roles:
self.__gen_user_man_page()
if self.html:
manpage_roles.append(self.man_page_path)
else:
if self.html:
manpage_domains.append(self.man_page_path)
self.__gen_man_page()
self.fd.close()
for k in equiv_dict.keys():
if k == self.domainname:
for alias in equiv_dict[k]:
self.__gen_man_page_link(alias)
def __init__(self, domainname, path="/tmp", root="/", source_files=False, html=False):
self.html = html
self.source_files = source_files
self.root = root
self.portrecs = sepolicy.gen_port_dict()[0]
self.domains = gen_domains()
self.all_domains = sepolicy.get_all_domains()
self.all_attributes = sepolicy.get_all_attributes()
self.all_bools = sepolicy.get_all_bools()
self.all_port_types = sepolicy.get_all_port_types()
self.all_roles = sepolicy.get_all_roles()
self.all_users = get_all_users_info()[0]
self.all_users_range = get_all_users_info()[1]
self.all_file_types = sepolicy.get_all_file_types()
self.role_allows = sepolicy.get_all_role_allows()
self.types = _gen_types()
self.exec_types = _gen_exec_types()
self.entry_types = _gen_entry_types()
self.mcs_constrained_types = _gen_mcs_constrained_types()
if self.source_files:
self.fcpath = self.root + "file_contexts"
else:
self.fcpath = self.root + selinux.selinux_file_context_path()
self.fcdict = sepolicy.get_fcdict(self.fcpath)
if not os.path.exists(path):
os.makedirs(path)
self.path = path
if self.source_files:
self.xmlpath = self.root + "policy.xml"
else:
self.xmlpath = self.root + "/usr/share/selinux/devel/policy.xml"
self.booleans_dict = sepolicy.gen_bool_dict(self.xmlpath)
self.domainname, self.short_name = sepolicy.gen_short_name(domainname)
self.type = self.domainname + "_t"
self._gen_bools()
self.man_page_path = "%s/%s_selinux.8" % (path, self.domainname)
self.fd = open(self.man_page_path, 'w')
if self.domainname + "_r" in self.all_roles:
self.__gen_user_man_page()
if self.html:
manpage_roles.append(self.man_page_path)
else:
if self.html:
manpage_domains.append(self.man_page_path)
self.__gen_man_page()
self.fd.close()
for k in equiv_dict.keys():
if k == self.domainname:
for alias in equiv_dict[k]:
self.__gen_man_page_link(alias)
def __call__(self, parser, namespace, values, option_string=None):
domains = sepolicy.get_all_domains()
if isinstance(values, str):
setattr(namespace, self.dest, values)
else:
newval = getattr(namespace, self.dest)
if not newval:
newval = []
for v in values:
newval.append(v)
setattr(namespace, self.dest, newval)
def __call__(self, parser, namespace, values, option_string=None):
domains = sepolicy.get_all_domains()
if isinstance(values, str):
setattr(namespace, self.dest, values)
else:
newval = getattr(namespace, self.dest)
if not newval:
newval = []
for v in values:
newval.append(v)
setattr(namespace, self.dest, newval)
def __call__(self, parser, namespace, values, option_string=None):
domains = sepolicy.get_all_domains()
if isinstance(values, str):
if values not in domains:
raise ValueError("%s must be an SELinux process domain:\nValid domains: %s" % (values, ", ".join(domains)))
setattr(namespace, self.dest, values)
else:
newval = getattr(namespace, self.dest)
if not newval:
newval = []
for v in values:
if v not in domains:
raise ValueError("%s must be an SELinux process domain:\nValid domains: %s" % (v, ", ".join(domains)))
newval.append(v)
setattr(namespace, self.dest, newval)
def __call__(self, parser, namespace, values, option_string=None):
domains = sepolicy.get_all_domains()
if isinstance(values, str):
values = sepolicy.get_real_type_name(values)
if values not in domains:
raise ValueError("%s must be an SELinux process domain:\nValid domains: %s" % (values, ", ".join(domains)))
setattr(namespace, self.dest, values)
else:
newval = getattr(namespace, self.dest)
if not newval:
newval = []
for v in values:
v = sepolicy.get_real_type_name(v)
if v not in domains:
raise ValueError("%s must be an SELinux process domain:\nValid domains: %s" % (v, ", ".join(domains)))
newval.append(v)
setattr(namespace, self.dest, newval)
def gen_domains():
global domains
if domains:
return domains
domains = []
for d in sepolicy.get_all_domains():
found = False
domain = d[:-2]
# if domain + "_exec_t" not in get_entrypoints():
# continue
if domain in domains:
continue
domains.append(domain)
for role in sepolicy.get_all_roles():
if role[:-2] in domains or role == "system_r":
continue
domains.append(role[:-2])
domains.sort()
return domains
def gen_domains():
global domains
if domains:
return domains
domains = []
for d in sepolicy.get_all_domains():
found = False
domain = d[:-2]
# if domain + "_exec_t" not in get_entrypoints():
# continue
if domain in domains:
continue
domains.append(domain)
for role in sepolicy.get_all_roles():
if role[:-2] in domains or role == "system_r":
continue
domains.append(role[:-2])
domains.sort()
return domains
