From 09e934512dc053a96bd7b16c2c95563e055720f7 Mon Sep 17 00:00:00 2001 From: "Chris St. Pierre" Date: Tue, 3 Jul 2012 08:56:47 -0400 Subject: added selinux support --- tools/selinux_baseline.py | 51 +++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 51 insertions(+) create mode 100755 tools/selinux_baseline.py (limited to 'tools') diff --git a/tools/selinux_baseline.py b/tools/selinux_baseline.py new file mode 100755 index 000000000..6ddc390a3 --- /dev/null +++ b/tools/selinux_baseline.py @@ -0,0 +1,51 @@ +#!/usr/bin/env python + +import sys +import logging +import lxml.etree + +import Bcfg2.Logger +import Bcfg2.Options +from Bcfg2.Client.Tools.SELinux import * + +LOGGER = None + +def get_setup(): + global LOGGER + optinfo = Bcfg2.Options.CLIENT_COMMON_OPTIONS + setup = Bcfg2.Options.OptionParser(optinfo) + setup.parse(sys.argv[1:]) + + if setup['args']: + print("selinux_baseline.py takes no arguments, only options") + print(setup.buildHelpMessage()) + raise SystemExit(1) + level = 30 + if setup['verbose']: + level = 20 + if setup['debug']: + level = 0 + Bcfg2.Logger.setup_logging('selinux_base', + to_syslog=False, + level=level, + to_file=setup['logging']) + LOGGER = logging.getLogger('bcfg2') + return setup + +def main(): + setup = get_setup() + config = lxml.etree.Element("Configuration") + selinux = SELinux(LOGGER, setup, config) + + baseline = lxml.etree.Element("Bundle", name="selinux_baseline") + for etype, handler in selinux.handlers.items(): + baseline.append(lxml.etree.Comment("%s entries" % etype)) + extra = handler.FindExtra() + for entry in extra: + entry.tag = "BoundSELinux" + baseline.extend(extra) + + print lxml.etree.tostring(baseline, pretty_print=True) + +if __name__ == "__main__": + sys.exit(main()) -- cgit v1.2.3-1-g7c22