def get_types_of_str(attr_name): q = setools.TypeAttributeQuery(__selinuxPolicy__) q.name = attr_name results = q.results().next( ) #should contain only 1 item - TypeAttribute("domain") if results: return [str(x) for x in results.expand()] else: return []
def get_unconfined_types(): q = setools.TypeAttributeQuery(__selinuxPolicy__) q.name = "domain" results = next( q.results()) #should contain only 1 item - TypeAttribute("domain") if results: return [x for x in results.expand()] else: return []
def info(setype, name=None): if setype == TYPE: q = setools.TypeQuery(_pol) q.name = name results = list(q.results()) if name and len(results) < 1: # type not found, try alias q.name = None q.alias = name results = list(q.results()) return ({ 'aliases': list(map(str, x.aliases())), 'name': str(x), 'permissive': bool(x.ispermissive), 'attributes': list(map(str, x.attributes())) } for x in results) elif setype == ROLE: q = setools.RoleQuery(_pol) if name: q.name = name return ({ 'name': str(x), 'roles': list(map(str, x.expand())), 'types': list(map(str, x.types())), } for x in q.results()) elif setype == ATTRIBUTE: q = setools.TypeAttributeQuery(_pol) if name: q.name = name return ({ 'name': str(x), 'types': list(map(str, x.expand())), } for x in q.results()) elif setype == PORT: q = setools.PortconQuery(_pol) if name: ports = [int(i) for i in name.split("-")] if len(ports) == 2: q.ports = ports elif len(ports) == 1: q.ports = (ports[0], ports[0]) if _pol.mls: return ({ 'high': x.ports.high, 'protocol': str(x.protocol), 'range': str(x.context.range_), 'type': str(x.context.type_), 'low': x.ports.low, } for x in q.results()) return ({ 'high': x.ports.high, 'protocol': str(x.protocol), 'type': str(x.context.type_), 'low': x.ports.low, } for x in q.results()) elif setype == USER: q = setools.UserQuery(_pol) if name: q.name = name if _pol.mls: return ({ 'range': str(x.mls_range), 'name': str(x), 'roles': list(map(str, x.roles)), 'level': str(x.mls_level), } for x in q.results()) return ({ 'name': str(x), 'roles': list(map(str, x.roles)), } for x in q.results()) elif setype == BOOLEAN: q = setools.BoolQuery(_pol) if name: q.name = name return ({ 'name': str(x), 'state': x.state, } for x in q.results()) elif setype == TCLASS: q = setools.ObjClassQuery(_pol) if name: q.name = name return ({ 'name': str(x), 'permlist': list(x.perms), } for x in q.results()) else: raise ValueError("Invalid type")
def attributes_re(self, s, **kwargs): q = se.TypeAttributeQuery(self, name_regex=True, **kwargs) q.name = s return sorted(q.results())
if args.mlssensquery or args.all: q = setools.SensitivityQuery(p) if isinstance(args.mlssensquery, str): q.name = args.mlssensquery components.append(("Sensitivities", q, lambda x: x.statement())) if args.typequery or args.all: q = setools.TypeQuery(p) if isinstance(args.typequery, str): q.name = args.typequery components.append(("Types", q, lambda x: x.statement())) if args.typeattrquery or args.all: q = setools.TypeAttributeQuery(p) if isinstance(args.typeattrquery, str): q.name = args.typeattrquery components.append(("Type Attributes", q, expand_attr)) if args.userquery or args.all: q = setools.UserQuery(p) if isinstance(args.userquery, str): q.name = args.userquery components.append(("Users", q, lambda x: x.statement())) if args.validatetransquery or args.all: q = setools.ConstraintQuery( p, ruletype=["validatetrans", "mlsvalidatetrans"])
def get_attributes_filter_name(name): q = setools.TypeAttributeQuery(__selinuxPolicy__) q.name = name results = q.results() return [str(x) for x in results]