1 /* Author: James Athey 2 */ 3 4 /* Never build rpm_execcon interface */ 5 #ifndef DISABLE_RPM 6 #define DISABLE_RPM 7 #endif 8 9 %module selinux 10 %{ 11 #include "selinux/selinux.h" 12 %} 13 14 %pythoncode %{ 15 16 import shutil, os, errno, stat 17 18 DISABLED = -1 19 PERMISSIVE = 0 20 ENFORCING = 1 21 22 def restorecon(path, recursive=False, verbose=False): 23 """ Restore SELinux context on a given path 24 25 Arguments: 26 path -- The pathname for the file or directory to be relabeled. 27 28 Keyword arguments: 29 recursive -- Change files and directories file labels recursively (default False) 30 verbose -- Show changes in file labels (default False) 31 """ 32 33 restorecon_flags = SELINUX_RESTORECON_IGNORE_DIGEST | SELINUX_RESTORECON_REALPATH 34 if recursive: 35 restorecon_flags |= SELINUX_RESTORECON_RECURSE 36 if verbose: 37 restorecon_flags |= SELINUX_RESTORECON_VERBOSE 38 selinux_restorecon(os.path.expanduser(path), restorecon_flags) 39 40 def chcon(path, context, recursive=False): 41 """ Set the SELinux context on a given path """ 42 lsetfilecon(path, context) 43 if recursive: 44 for root, dirs, files in os.walk(path): 45 for name in files + dirs: 46 lsetfilecon(os.path.join(root,name), context) 47 48 def copytree(src, dest): 49 """ An SELinux-friendly shutil.copytree method """ 50 shutil.copytree(src, dest) 51 restorecon(dest, recursive=True) 52 53 def install(src, dest): 54 """ An SELinux-friendly shutil.move method """ 55 shutil.move(src, dest) 56 restorecon(dest, recursive=True) 57 %} 58 59 /* security_get_boolean_names() typemap */ 60 %typemap(argout) (char ***names, int *len) { 61 PyObject* list = PyList_New(*$2); 62 int i; 63 for (i = 0; i < *$2; i++) { 64 PyList_SetItem(list, i, PyString_FromString((*$1)[i])); 65 } 66 $result = SWIG_Python_AppendOutput($result, list); 67 } 68 69 /* return a sid along with the result */ 70 %typemap(argout) (security_id_t * sid) { 71 if (*$1) { 72 %append_output(SWIG_NewPointerObj(*$1, $descriptor(security_id_t), 0)); 73 } else { 74 Py_INCREF(Py_None); 75 %append_output(Py_None); 76 } 77 } 78 79 %typemap(in,numinputs=0) security_id_t *(security_id_t temp) { 80 $1 = &temp; 81 } 82 83 %typemap(in, numinputs=0) void *(char *temp=NULL) { 84 $1 = temp; 85 } 86 87 /* Makes security_compute_user() return a Python list of contexts */ 88 %typemap(argout) (char ***con) { 89 PyObject* plist; 90 int i, len = 0; 91 92 if (*$1) { 93 while((*$1)[len]) 94 len++; 95 plist = PyList_New(len); 96 for (i = 0; i < len; i++) { 97 PyList_SetItem(plist, i, PyString_FromString((*$1)[i])); 98 } 99 } else { 100 plist = PyList_New(0); 101 } 102 103 $result = SWIG_Python_AppendOutput($result, plist); 104 } 105 106 /* Makes functions in get_context_list.h return a Python list of contexts */ 107 %typemap(argout) (char ***list) { 108 PyObject* plist; 109 int i; 110 111 if (*$1) { 112 plist = PyList_New(result); 113 for (i = 0; i < result; i++) { 114 PyList_SetItem(plist, i, PyString_FromString((*$1)[i])); 115 } 116 } else { 117 plist = PyList_New(0); 118 } 119 /* Only return the Python list, don't need to return the length anymore */ 120 $result = plist; 121 } 122 123 %typemap(in,noblock=1,numinputs=0) char ** (char * temp = 0) { 124 $1 = &temp; 125 } 126 %typemap(freearg,match="in") char ** ""; 127 %typemap(argout,noblock=1) char ** { 128 if (*$1) { 129 %append_output(SWIG_FromCharPtr(*$1)); 130 freecon(*$1); 131 } 132 else { 133 Py_INCREF(Py_None); 134 %append_output(Py_None); 135 } 136 } 137 138 %typemap(in,noblock=1,numinputs=0) char ** (char * temp = 0) { 139 $1 = &temp; 140 } 141 %typemap(freearg,match="in") char ** ""; 142 %typemap(argout,noblock=1) char ** { 143 if (*$1) { 144 %append_output(SWIG_FromCharPtr(*$1)); 145 free(*$1); 146 } 147 else { 148 Py_INCREF(Py_None); 149 %append_output(Py_None); 150 } 151 } 152 153 %include "selinuxswig_python_exception.i" 154 %include "selinuxswig.i" 155