def load(self, filter=None):
self.store.clear()
self.booleans = seobject.booleanRecords()
booleansList = self.booleans.get_all(self.local)
for name in booleansList:
rec = booleansList[name]
if self.match(name, filter):
iter = self.store.append()
self.store.set_value(iter, ACTIVE, rec[2] == 1)
self.store.set_value(iter, MODULE, self.booleans.get_category(name))
self.store.set_value(iter, DESC, self.booleans.get_desc(name))
self.store.set_value(iter, BOOLEAN, name)
def load(self, filter=None):
self.store.clear()
self.booleans = seobject.booleanRecords()
booleansList = self.booleans.get_all(self.local)
for name in booleansList:
rec = booleansList[name]
if self.match(name, filter):
iter = self.store.append()
self.store.set_value(iter, ACTIVE, rec[2] == 1)
self.store.set_value(iter, MODULE, self.booleans.get_category(name))
self.store.set_value(iter, DESC, self.booleans.get_desc(name))
self.store.set_value(iter, BOOLEAN, name)
def sepolicy_booleans_json_generator():
for bool in sepolicy.get_all_bools():
name = bool['name']
active_flag = selinux.security_get_boolean_active(name)
current = (False, True)[active_flag]
records = booleanRecords()
desc = records.get_desc(name)
yield {
"name": name,
"current": current,
"default": bool['state'],
"desc": desc,
}
def setup_booleans(status):
sebool_obj = seobject.booleanRecords()
sebool_status = sebool_obj.get_all()
sebool_obj.start()
for sebool_variable in VDSM_SEBOOL_LIST:
if status and not all(sebool_status[sebool_variable]):
sebool_obj.modify(sebool_variable, SEBOOL_ENABLED)
if not status and any(sebool_status[sebool_variable]):
sebool_obj.modify(sebool_variable, SEBOOL_DISABLED)
sebool_obj.finish()
def isconfigured():
"""
True all selinux booleans in the list above are set properly
"""
ret = YES
if utils.get_selinux_enforce_mode() == -1:
ret = MAYBE
else:
import seobject
sebool_obj = seobject.booleanRecords()
sebool_status = sebool_obj.get_all()
for sebool_variable in VDSM_SEBOOL_LIST:
if not all(sebool_status[sebool_variable]):
ret = NO
return ret
def isconfigured():
"""
True all selinux booleans in the list above are set properly
"""
ret = YES
if utils.get_selinux_enforce_mode() == -1:
ret = MAYBE
else:
import seobject
sebool_obj = seobject.booleanRecords()
sebool_status = sebool_obj.get_all()
for sebool_variable in VDSM_SEBOOL_LIST:
if not all(sebool_status[sebool_variable]):
ret = NO
return ret
def setup_booleans(status):
# loading seobject is slow. Deferring its loading can reduce VDSM starting
# time, because most utilities are and will be moved to vdsm-tool.
import seobject
sebool_obj = seobject.booleanRecords()
sebool_status = sebool_obj.get_all()
sebool_obj.start()
for sebool_variable in VDSM_SEBOOL_LIST:
if status and not all(sebool_status[sebool_variable]):
sebool_obj.modify(sebool_variable, SEBOOL_ENABLED)
if not status and any(sebool_status[sebool_variable]):
sebool_obj.modify(sebool_variable, SEBOOL_DISABLED)
sebool_obj.finish()