def get_attributes_of_str(type_name): q = setools.TypeQuery(__selinuxPolicy__) q.name = type_name results = [] for item in q.results(): # return attributes of all types corresponding to given name results.extend([str(x) for x in item.attributes()]) return results
def info(setype, name=None): if setype == TYPE: q = setools.TypeQuery(_pol) q.name = name results = list(q.results()) if name and len(results) < 1: # type not found, try alias q.name = None q.alias = name results = list(q.results()) return ({ 'aliases': list(map(str, x.aliases())), 'name': str(x), 'permissive': bool(x.ispermissive), 'attributes': list(map(str, x.attributes())) } for x in results) elif setype == ROLE: q = setools.RoleQuery(_pol) if name: q.name = name return ({ 'name': str(x), 'roles': list(map(str, x.expand())), 'types': list(map(str, x.types())), } for x in q.results()) elif setype == ATTRIBUTE: q = setools.TypeAttributeQuery(_pol) if name: q.name = name return ({ 'name': str(x), 'types': list(map(str, x.expand())), } for x in q.results()) elif setype == PORT: q = setools.PortconQuery(_pol) if name: ports = [int(i) for i in name.split("-")] if len(ports) == 2: q.ports = ports elif len(ports) == 1: q.ports = (ports[0], ports[0]) if _pol.mls: return ({ 'high': x.ports.high, 'protocol': str(x.protocol), 'range': str(x.context.range_), 'type': str(x.context.type_), 'low': x.ports.low, } for x in q.results()) return ({ 'high': x.ports.high, 'protocol': str(x.protocol), 'type': str(x.context.type_), 'low': x.ports.low, } for x in q.results()) elif setype == USER: q = setools.UserQuery(_pol) if name: q.name = name if _pol.mls: return ({ 'range': str(x.mls_range), 'name': str(x), 'roles': list(map(str, x.roles)), 'level': str(x.mls_level), } for x in q.results()) return ({ 'name': str(x), 'roles': list(map(str, x.roles)), } for x in q.results()) elif setype == BOOLEAN: q = setools.BoolQuery(_pol) if name: q.name = name return ({ 'name': str(x), 'state': x.state, } for x in q.results()) elif setype == TCLASS: q = setools.ObjClassQuery(_pol) if name: q.name = name return ({ 'name': str(x), 'permlist': list(x.perms), } for x in q.results()) else: raise ValueError("Invalid type")
def types_re(self, s, **kwargs): q = se.TypeQuery(self, name_regex=True, **kwargs) q.name = s return sorted(q.results())
if args.netifconquery or args.all: q = setools.NetifconQuery(p) if isinstance(args.netifconquery, str): q.name = args.netifconquery components.append(("Netifcon", q, lambda x: x.statement())) if args.nodeconquery or args.all: q = setools.NodeconQuery(p) if isinstance(args.nodeconquery, str): q.network = args.nodeconquery components.append(("Nodecon", q, lambda x: x.statement())) if args.permissivequery or args.all: q = setools.TypeQuery(p, permissive=True, match_permissive=True) if isinstance(args.permissivequery, str): q.name = args.permissivequery components.append(("Permissive Types", q, lambda x: x.statement())) if args.polcapquery or args.all: q = setools.PolCapQuery(p) if isinstance(args.polcapquery, str): q.name = args.polcapquery components.append(("Polcap", q, lambda x: x.statement())) if args.portconquery or args.all: q = setools.PortconQuery(p) if isinstance(args.portconquery, str):