diff options
| author | Zac Medico <zmedico@gentoo.org> | 2009-08-06 20:54:53 +0000 |
|---|---|---|
| committer | Zac Medico <zmedico@gentoo.org> | 2009-08-06 20:54:53 +0000 |
| commit | 25c5202b7e66bbef5b058fd9679070877bc54ed7 (patch) | |
| tree | 0edd50486ba94bad7c521b1f45f5454581150b01 /pym/portage/_selinux.py | |
| parent | d8d45379b52f5330c6cec616d675706eb0ba2599 (diff) | |
| download | portage-25c5202b7e66bbef5b058fd9679070877bc54ed7.tar.gz portage-25c5202b7e66bbef5b058fd9679070877bc54ed7.tar.bz2 portage-25c5202b7e66bbef5b058fd9679070877bc54ed7.zip | |
Bug #280521 - Update selinux support to use the libselinux swig wrapper api
instead of python-selinux. Thanks to Chris PeBenito <pebenito@gentoo.org>
for the initial patch which I've tweaked with whitespace changes and
unicode support.
svn path=/main/trunk/; revision=13937
Diffstat (limited to 'pym/portage/_selinux.py')
| -rw-r--r-- | pym/portage/_selinux.py | 97 |
1 files changed, 94 insertions, 3 deletions
diff --git a/pym/portage/_selinux.py b/pym/portage/_selinux.py index b5afd9233..2a50f7434 100644 --- a/pym/portage/_selinux.py +++ b/pym/portage/_selinux.py @@ -2,7 +2,98 @@ # Distributed under the terms of the GNU General Public License v2 # $Id$ +import os import selinux -from selinux import is_selinux_enabled -from selinux_aux import setexec, secure_symlink, secure_rename, \ - secure_copy, secure_mkdir, getcontext, get_sid, get_lsid +import shutil +from selinux import is_selinux_enabled, getfilecon, lgetfilecon + +def copyfile(src, dest): + if isinstance(src, unicode): + src = src.encode('utf_8', 'replace') + if isinstance(dest, unicode): + dest = dest.encode('utf_8', 'replace') + (rc, ctx) = selinux.lgetfilecon(src) + if rc < 0: + raise OSError("copyfile: Failed getting context of \"%s\"." % src) + + setfscreate(ctx) + try: + shutil.copyfile(src, dest) + finally: + setfscreate() + +def getcontext(): + (rc, ctx) = selinux.getcon() + if rc < 0: + raise OSError("getcontext: Failed getting current process context.") + + return ctx + +def mkdir(target, refdir): + if isinstance(target, unicode): + target = target.encode('utf_8', 'replace') + if isinstance(refdir, unicode): + refdir = refdir.encode('utf_8', 'replace') + (rc, ctx) = selinux.getfilecon(refdir) + if rc < 0: + raise OSError( + "mkdir: Failed getting context of reference directory \"%s\"." \ + % refdir) + + setfscreatecon(ctx) + try: + os.mkdir(target) + finally: + setfscreatecon() + +def rename(src, dest): + if isinstance(src, unicode): + src = src.encode('utf_8', 'replace') + if isinstance(dest, unicode): + dest = dest.encode('utf_8', 'replace') + (rc, ctx) = selinux.lgetfilecon(src) + if rc < 0: + raise OSError("rename: Failed getting context of \"%s\"." % src) + + setfscreate(ctx) + try: + os.rename(src,dest) + finally: + setfscreate() + +def setexec(ctx="\n"): + if selinux.setexeccon(ctx) < 0: + raise OSError("setexec: Failed setting exec() context \"%s\"." % ctx) + +def setfscreate(ctx="\n"): + if selinux.setfscreatecon(ctx) < 0: + raise OSError( + "setfscreate: Failed setting fs create context \"%s\"." % ctx) + +def spawn(selinux_type, spawn_func, mycommand, opt_name=None, **keywords): + con = getcontext().split(":") + con[2] = selinux_type + setexec(":".join(con)) + try: + return spawn_func(mycommand, opt_name=opt_name, **keywords) + finally: + setexec() + +def symlink(target, link, reflnk): + if isinstance(target, unicode): + target = target.encode('utf_8', 'replace') + if isinstance(link, unicode): + link = link.encode('utf_8', 'replace') + if isinstance(reflnk, unicode): + reflnk = reflnk.encode('utf_8', 'replace') + (rc, ctx) = selinux.lgetfilecon(reflnk) + if rc < 0: + raise OSError( + "symlink: Failed getting context of reference symlink \"%s\"." \ + % reflnk) + + setfscreate(ctx) + try: + os.symlink(target, link) + finally: + setfscreate() |