def testFromFileName(self): #using a special file, since the test_file has some lines which don't 'jive' clean_policy_file = 'policy_clean_test.conf' from_file_policy = SELinuxPolicy() from_file_policy.from_file_name(clean_policy_file) self.failUnless(from_file_policy.types == self.test_policy.types) self.failUnless( from_file_policy.attributes == self.test_policy.attributes) self.failUnless(from_file_policy.classes == self.test_policy.classes) self.failUnless( from_file_policy.common_classes == self.test_policy.common_classes) self.failUnless( from_file_policy.allow_rules == self.test_policy.allow_rules) self.failUnless(from_file_policy.neverallow_rules == self.test_policy.neverallow_rules)
from xml.dom import minidom import SELinux_CTS from SELinux_CTS import SELinuxPolicy usage = "Usage: ./gen_SELinux_CTS.py input_policy_file output_xml_avc_rules_file" if __name__ == "__main__": # check usage if len(sys.argv) != 3: print usage exit() input_file = sys.argv[1] output_file = sys.argv[2] policy = SELinuxPolicy() policy.from_file_name(input_file) #load data from file # expand rules into 4-tuples for SELinux.h checkAccess() check xml_root = Element('SELinux_AVC_Rules') count = 1 for a in policy.allow_rules: expanded_xml = SELinux_CTS.expand_avc_rule_to_xml(policy, a, str(count), 'allow') if len(expanded_xml): xml_root.append(expanded_xml) count += 1 count = 1 for n in policy.neverallow_rules: expanded_xml = SELinux_CTS.expand_avc_rule_to_xml(policy, n, str(count), 'neverallow') if len(expanded_xml): xml_root.append(expanded_xml) count += 1
from xml.dom import minidom import SELinux_CTS from SELinux_CTS import SELinuxPolicy usage = "Usage: ./gen_SELinux_CTS.py input_policy_file output_xml_avc_rules_file" if __name__ == "__main__": # check usage if len(sys.argv) != 3: print usage exit() input_file = sys.argv[1] output_file = sys.argv[2] policy = SELinuxPolicy() policy.from_file_name(input_file) #load data from file # expand rules into 4-tuples for SELinux.h checkAccess() check xml_root = Element('SELinux_AVC_Rules') count = 1 for a in policy.allow_rules: expanded_xml = SELinux_CTS.expand_avc_rule_to_xml( policy, a, str(count), 'allow') if len(expanded_xml): xml_root.append(expanded_xml) count += 1 count = 1 for n in policy.neverallow_rules: expanded_xml = SELinux_CTS.expand_avc_rule_to_xml( policy, n, str(count), 'neverallow') if len(expanded_xml):