def main(): p = setools.SELinuxPolicy() for class_ in p.classes(): print(repr(class_)) exit(0) q = setools.ObjClassQuery(p) results = q.results() datas = {} if True: for item in results: inherits = None try: inherits = item.common except NoCommon: pass name = str(item) if name == 'file': print(repr(item.__dict__)) print(repr(item.statement())) print(repr(inherits.statement())) p = [] s_class = string_to_security_class(name) for perm in item.perms: av_t = string_to_av_perm(s_class, str(perm)) p.append([str(perm), "0x%08X" % av_t]) inherits_name = str(inherits) data = dict(inherits=str(inherits), perms=p, name=name) data['security_class'] = s_class datas[data['name']] = data print("")
def info(setype, name=None): if setype == TYPE: q = setools.TypeQuery(_pol) q.name = name results = list(q.results()) if name and len(results) < 1: # type not found, try alias q.name = None q.alias = name results = list(q.results()) return ({ 'aliases': list(map(str, x.aliases())), 'name': str(x), 'permissive': bool(x.ispermissive), 'attributes': list(map(str, x.attributes())) } for x in results) elif setype == ROLE: q = setools.RoleQuery(_pol) if name: q.name = name return ({ 'name': str(x), 'roles': list(map(str, x.expand())), 'types': list(map(str, x.types())), } for x in q.results()) elif setype == ATTRIBUTE: q = setools.TypeAttributeQuery(_pol) if name: q.name = name return ({ 'name': str(x), 'types': list(map(str, x.expand())), } for x in q.results()) elif setype == PORT: q = setools.PortconQuery(_pol) if name: ports = [int(i) for i in name.split("-")] if len(ports) == 2: q.ports = ports elif len(ports) == 1: q.ports = (ports[0], ports[0]) if _pol.mls: return ({ 'high': x.ports.high, 'protocol': str(x.protocol), 'range': str(x.context.range_), 'type': str(x.context.type_), 'low': x.ports.low, } for x in q.results()) return ({ 'high': x.ports.high, 'protocol': str(x.protocol), 'type': str(x.context.type_), 'low': x.ports.low, } for x in q.results()) elif setype == USER: q = setools.UserQuery(_pol) if name: q.name = name if _pol.mls: return ({ 'range': str(x.mls_range), 'name': str(x), 'roles': list(map(str, x.roles)), 'level': str(x.mls_level), } for x in q.results()) return ({ 'name': str(x), 'roles': list(map(str, x.roles)), } for x in q.results()) elif setype == BOOLEAN: q = setools.BoolQuery(_pol) if name: q.name = name return ({ 'name': str(x), 'state': x.state, } for x in q.results()) elif setype == TCLASS: q = setools.ObjClassQuery(_pol) if name: q.name = name return ({ 'name': str(x), 'permlist': list(x.perms), } for x in q.results()) else: raise ValueError("Invalid type")
if args.boolquery or args.all: q = setools.BoolQuery(p) if isinstance(args.boolquery, str): q.name = args.boolquery components.append(("Booleans", q, lambda x: x.statement())) if args.mlscatsquery or args.all: q = setools.CategoryQuery(p) if isinstance(args.mlscatsquery, str): q.name = args.mlscatsquery components.append(("Categories", q, lambda x: x.statement())) if args.classquery or args.all: q = setools.ObjClassQuery(p) if isinstance(args.classquery, str): q.name = args.classquery components.append(("Classes", q, lambda x: x.statement())) if args.commonquery or args.all: q = setools.CommonQuery(p) if isinstance(args.commonquery, str): q.name = args.commonquery components.append(("Commons", q, lambda x: x.statement())) if args.constraintquery or args.all: q = setools.ConstraintQuery(p, ruletype=["constrain", "mlsconstrain"]) if isinstance(args.constraintquery, str):