• Home
  • Raw
  • Download

Lines Matching +full:run +full:- +full:selinux +full:- +full:test

1 #!/usr/bin/python3 -EsI
6 # semanage is a tool for managing SELinux configuration files
21 #                                        02111-1307  USA
26 import selinux
31 PROGNAME = "selinux-python"
50 usage = "sepolicy generate [-h] [-n NAME] [-p PATH] ["
51--newtype': ('-t [TYPES [TYPES ...]]',), ' --customize': ('-d DOMAIN', '-a  ADMIN_DOMAIN', "[ -w W…
86             v = selinux.selinux_boolean_sub(values)
88 …raise ValueError("%s must be an SELinux process domain:\nValid domains: %s" % (v, ", ".join(boolea…
93                 v = selinux.selinux_boolean_sub(value)
95 …   raise ValueError("%s must be an SELinux boolean:\nValid boolean: %s" % (v, ", ".join(booleans)))
108 …raise ValueError("%s must be an SELinux process domain:\nValid domains: %s" % (values, ", ".join(d…
118 …raise ValueError("%s must be an SELinux process domain:\nValid domains: %s" % (v, ", ".join(domain…
132 …raise ValueError("%s must be an SELinux class:\nValid classes: %s" % (values, ", ".join(all_classe…
146 …raise ValueError("%s must be an SELinux admin domain:\nValid admin domains: %s" % (values, ", ".jo…
174 …raise ValueError("%s must be an SELinux port type:\nValid port types: %s" % (v, ", ".join(port_typ…
195 …       raise ValueError("%s must be an SELinux user:\nValid users: %s" % (value, ", ".join(users)))
208 …       raise ValueError("%s must be an SELinux role:\nValid roles: %s" % (value, ", ".join(roles)))
209         newval.append(value[:-2])
232     usage_text = usage_text[:-1] + "]"
241         return int(val.split(" ")[0].split(",")[0].split("-")[0])
285                     range = "%s-%s" % (i[0], i[1])
314         sepolicy.gui.SELinuxGui(args.domain, args.test)
317         raise ValueError(_("You need to install policycoreutils-gui package to use the gui option"))
322                             help=_('Graphical User Interface for SELinux Policy'))
323     gui.add_argument("-d", "--domain", default=None,
326     gui.add_argument("-t", "--test", default=False, action="store_true",
371                             help=_('Generate SELinux man pages'))
373     man.add_argument("-p", "--path", dest="path", default="/tmp",
374                      help=_("path in which the generated SELinux man pages will be stored"))
375     man.add_argument("-o", "--os", dest="os", default=get_os_version(),
377     man.add_argument("-w", "--web", dest="web", default=False, action="store_true",
378                      help=_("Generate HTML man pages structure for selected SELinux man page"))
379     man.add_argument("-r", "--root", dest="root", default="/",
381     man.add_argument("--source_files", dest="source_files", default=False, action="store_true",
384     group.add_argument("-a", "--all", dest="all", default=False,
387     group.add_argument("-d", "--domain", nargs="+",
395                             help=_('Query SELinux policy network information'))
398     group.add_argument("-l", "--list", dest="list_ports",
400                        help=_("list all SELinux port types"))
401     group.add_argument("-p", "--port", dest="port", default=[],
403                        help=_("show SELinux type related to the port"))
404     group.add_argument("-t", "--type", dest="type", default=[],
406                        help=_("Show ports defined for this SELinux type"))
407     group.add_argument("-d", "--domain", dest="domain", default=[],
410     group.add_argument("-a", "--application", dest="applications", default=[],
429 …                  help=_('query SELinux policy to see if domains can communicate with each other'))
430     comm.add_argument("-s", "--source", dest="source",
433     comm.add_argument("-t", "--target", dest="target",
436     comm.add_argument("-c", "--class", required=False, dest="tclass",
439 …comm.add_argument("-S", "--sourceaccess", required=False, dest="sourceaccess", default="open,write…
440 …comm.add_argument("-T", "--targetaccess", required=False, dest="targetaccess", default="open,read"…
447         rc, args.booleans = selinux.security_get_boolean_names()
456                               help=_('query SELinux Policy to see description of booleans'))
458     group.add_argument("-a", "--all", dest="all", default=False,
461     group.add_argument("-b", "--boolean", dest="booleans", nargs="+",
475 …help=_('query SELinux Policy to see how a source process domain can transition to the target proce…
476     trans.add_argument("-s", "--source", dest="source",
479     trans.add_argument("-t", "--target", dest="target",
534             args.name = os.path.basename(cmd).replace("-", "_")
542 …raise ValueError(_("-t option can not be used with '%s' domains. Read usage for more details.") % …
547 …raise ValueError(_("-d option can not be used with '%s' domains. Read usage for more details.") % …
551 …raise ValueError(_("-a option can not be used with '%s' domains. Read usage for more details.") % …
555         raise ValueError(_("-w option can not be used with the --newtype option"))
576                             help=_('List SELinux Policy interfaces'))
577     itf.add_argument("-c", "--compile", dest="compile",
579                      help="Run compile test for selected interface")
580     itf.add_argument("-v", "--verbose", dest="verbose",
583     itf.add_argument("-f", "--file", dest="file",
586     group.add_argument("-a", "--list_admin", dest="list_admin", action="store_true", default=False,
587                        help="List all domains with admin interface - DOMAIN_admin()")
588     group.add_argument("-u", "--list_user", dest="list_user", action="store_true",
590                        help="List all domains with SELinux user role interface - DOMAIN_role()")
591     group.add_argument("-l", "--list", dest="list", action="store_true",
594     group.add_argument("-i", "--interfaces", nargs="+", dest="interfaces",
606                             help=_('Generate SELinux Policy module template'))
607     pol.add_argument("-d", "--domain", dest="domain", default=[],
610     pol.add_argument("-u", "--user", dest="user", default=[],
612                      help=_("Enter SELinux user(s) which will transition to this domain"))
613     pol.add_argument("-r", "--role", dest="role", default=[],
615 …                   help=_("Enter SELinux role(s) to which the administror domain will transition"))
616     pol.add_argument("-a", "--admin", dest="admin_domain", default=[],
619     pol.add_argument("-n", "--name", dest="name",
622     pol.add_argument("-T", "--test", dest="test", default=False, action="store_true",
624     pol.add_argument("-t", "--type", dest="types", default=[], nargs="*",
627     pol.add_argument("-p", "--path", dest="path", default=os.getcwd(),
629     pol.add_argument("-w", "--writepath", dest="writepaths", nargs="*", default=[],
633     cmdgroup.add_argument("--application", dest="policytype", const=USER,
636     cmdgroup.add_argument("--cgi", dest="policytype", const=CGI,
639     cmdgroup.add_argument("--dbus", dest="policytype", const=DBUS,
642     cmdgroup.add_argument("--inetd", dest="policytype", const=INETD,
645     cmdgroup.add_argument("--init", dest="policytype", const=DAEMON,
651     group.add_argument("--admin_user", dest="policytype", const=AUSER,
654     group.add_argument("--confined_admin", dest="policytype", const=RUSER,
657     group.add_argument("--customize", dest="policytype", const=EUSER,
660     group.add_argument("--desktop_user", dest="policytype", const=LUSER,
663     group.add_argument("--newtype", dest="policytype", const=NEWTYPE,
666     group.add_argument("--sandbox", dest="policytype", const=SANDBOX,
669     group.add_argument("--term_user", dest="policytype", const=TUSER,
672     group.add_argument("--x_user", dest="policytype", const=XUSER,
680     parser = argparse.ArgumentParser(description='SELinux Policy Inspection Tool')
682     parser.add_argument("-P", "--policy", dest="policy",
684 …              default=None, help=_("Alternate SELinux policy, defaults to /sys/fs/selinux/policy"))
700             parser_args = ["-h"]