pym/portage/_selinux.py


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107

# Copyright 1999-2009 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Id$

import os
import selinux
import shutil
from selinux import is_selinux_enabled, getfilecon, lgetfilecon

def copyfile(src, dest):
	if isinstance(src, unicode):
		src = src.encode('utf_8', 'replace')
	if isinstance(dest, unicode):
		dest = dest.encode('utf_8', 'replace')
	(rc, ctx) = selinux.lgetfilecon(src)
	if rc < 0:
		raise OSError("copyfile: Failed getting context of \"%s\"." % src)

	setfscreate(ctx)
	try:
		shutil.copyfile(src, dest)
	finally:
		setfscreate()

def getcontext():
	(rc, ctx) = selinux.getcon()
	if rc < 0:
		raise OSError("getcontext: Failed getting current process context.")

	return ctx

def mkdir(target, refdir):
	if isinstance(target, unicode):
		target = target.encode('utf_8', 'replace')
	if isinstance(refdir, unicode):
		refdir = refdir.encode('utf_8', 'replace')
	(rc, ctx) = selinux.getfilecon(refdir)
	if rc < 0:
		raise OSError(
			"mkdir: Failed getting context of reference directory \"%s\"." \
			% refdir)

	setfscreatecon(ctx)
	try:
		os.mkdir(target)
	finally:
		setfscreatecon()

def rename(src, dest):
	if isinstance(src, unicode):
		src = src.encode('utf_8', 'replace')
	if isinstance(dest, unicode):
		dest = dest.encode('utf_8', 'replace')
	(rc, ctx) = selinux.lgetfilecon(src)
	if rc < 0:
		raise OSError("rename: Failed getting context of \"%s\"." % src)

	setfscreate(ctx)
	try:
		os.rename(src,dest)
	finally:
		setfscreate()

def settype(newtype):
	ret = getcontext().split(":")
	ret[2] = newtype
	return ":".join(ret)

def setexec(ctx="\n"):
	if isinstance(ctx, unicode):
		ctx = ctx.encode('utf_8', 'replace')
	if selinux.setexeccon(ctx) < 0:
		raise OSError("setexec: Failed setting exec() context \"%s\"." % ctx)

def setfscreate(ctx="\n"):
	if isinstance(ctx, unicode):
		ctx = ctx.encode('utf_8', 'replace')
	if selinux.setfscreatecon(ctx) < 0:
		raise OSError(
			"setfscreate: Failed setting fs create context \"%s\"." % ctx)

def spawn(selinux_type, spawn_func, mycommand, opt_name=None, **keywords):
	con = settype(selinux_type)
	setexec(con)
	try:
		return spawn_func(mycommand, opt_name=opt_name, **keywords)
	finally:
		setexec()

def symlink(target, link, reflnk):
	if isinstance(target, unicode):
		target = target.encode('utf_8', 'replace')
	if isinstance(link, unicode):
		link = link.encode('utf_8', 'replace')
	if isinstance(reflnk, unicode):
		reflnk = reflnk.encode('utf_8', 'replace')
	(rc, ctx) = selinux.lgetfilecon(reflnk)
	if rc < 0:
		raise OSError(
			"symlink: Failed getting context of reference symlink \"%s\"." \
			% reflnk)

	setfscreate(ctx)
	try:
		os.symlink(target, link)
	finally:
		setfscreate()