def change_default_policy(self, value, sender): if not self.is_authorized(sender, "org.selinux.change_default_policy"): raise dbus.exceptions.DBusException("Not authorized") path = selinux.selinux_path() + value if os.path.isdir(path): return self.write_selinux_config(policy=value) raise ValueError("%s does not exist" % path)
def get_store_policy(store): """Get the path to the policy file located in the given store name""" policies = glob.glob("%s%s/policy/policy.*" % (selinux.selinux_path(), store)) if not policies: return None # Return the policy with the higher version number policies.sort(key=policy_sortkey) return policies[-1]
def write_selinux_config(self, enforcing=None, policy=None): path = selinux.selinux_path() + "config" backup_path = path + ".bck" fd = open(path) lines = fd.readlines() fd.close() fd = open(backup_path, "w") for l in lines: if enforcing and l.startswith("SELINUX="): fd.write("SELINUX=%s\n" % enforcing) continue if policy and l.startswith("SELINUXTYPE="): fd.write("SELINUXTYPE=%s\n" % policy) continue fd.write(l) fd.close() os.rename(backup_path, path)
def change_default_policy(self, value): path = selinux.selinux_path() + value if os.path.isdir(path): return self.write_selinux_config(policy=value) raise ValueError("%s does not exist" % path)