1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
|
# Copyright 1999-2009 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Id$
# Don't use the unicode-wrapped os and shutil modules here since
# the whole _selinux module itself will be wrapped.
import os
import shutil
import portage
import selinux
from selinux import is_selinux_enabled, getfilecon, lgetfilecon
def copyfile(src, dest):
src = portage._unicode_encode(src)
dest = portage._unicode_encode(dest)
(rc, ctx) = selinux.lgetfilecon(src)
if rc < 0:
raise OSError("copyfile: Failed getting context of \"%s\"." % src)
setfscreate(ctx)
try:
shutil.copyfile(src, dest)
finally:
setfscreate()
def getcontext():
(rc, ctx) = selinux.getcon()
if rc < 0:
raise OSError("getcontext: Failed getting current process context.")
return ctx
def mkdir(target, refdir):
target = portage._unicode_encode(target)
refdir = portage._unicode_encode(refdir)
(rc, ctx) = selinux.getfilecon(refdir)
if rc < 0:
raise OSError(
"mkdir: Failed getting context of reference directory \"%s\"." \
% refdir)
setfscreatecon(ctx)
try:
os.mkdir(target)
finally:
setfscreatecon()
def rename(src, dest):
src = portage._unicode_encode(src)
dest = portage._unicode_encode(dest)
(rc, ctx) = selinux.lgetfilecon(src)
if rc < 0:
raise OSError("rename: Failed getting context of \"%s\"." % src)
setfscreate(ctx)
try:
os.rename(src,dest)
finally:
setfscreate()
def settype(newtype):
ret = getcontext().split(":")
ret[2] = newtype
return ":".join(ret)
def setexec(ctx="\n"):
if isinstance(ctx, unicode):
ctx = ctx.encode('utf_8', 'replace')
if selinux.setexeccon(ctx) < 0:
raise OSError("setexec: Failed setting exec() context \"%s\"." % ctx)
def setfscreate(ctx="\n"):
ctx = portage._unicode_encode(ctx)
if selinux.setfscreatecon(ctx) < 0:
raise OSError(
"setfscreate: Failed setting fs create context \"%s\"." % ctx)
def spawn_wrapper(spawn_func, selinux_type):
def wrapper_func(*args, **kwargs):
selinux_type = portage._unicode_encode(selinux_type)
con = settype(selinux_type)
setexec(con)
try:
return spawn_func(*args, **kwargs)
finally:
setexec()
return wrapper_func
def symlink(target, link, reflnk):
target = portage._unicode_encode(target)
link = portage._unicode_encode(link)
reflnk = portage._unicode_encode(reflnk)
(rc, ctx) = selinux.lgetfilecon(reflnk)
if rc < 0:
raise OSError(
"symlink: Failed getting context of reference symlink \"%s\"." \
% reflnk)
setfscreate(ctx)
try:
os.symlink(target, link)
finally:
setfscreate()
|