summaryrefslogtreecommitdiffstats
path: root/tools/selinux_baseline.py
blob: ad2a40426398c8925c05569ef1e4ffe8a875fa9c (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
#!/usr/bin/env python

import sys
import lxml.etree
import Bcfg2.Logger
import Bcfg2.Options
from Bcfg2.Client.Tools.SELinux import SELinux


def main():
    Bcfg2.Options.get_parser(
        description="Get a baseline bundle of SELinux entries",
        components=[SELinux]).parse()
    config = lxml.etree.Element("Configuration")
    selinux = SELinux(config)

    baseline = lxml.etree.Element("Bundle", name="selinux_baseline")
    for etype, handler in selinux.handlers.items():
        baseline.append(lxml.etree.Comment("%s entries" % etype))
        extra = handler.FindExtra()
        for entry in extra:
            if etype != "SEModule":
                entry.tag = "Bound%s" % etype
            else:
                entry.tag = "%s" % etype
        baseline.extend(extra)

    print(lxml.etree.tostring(baseline, pretty_print=True))

if __name__ == "__main__":
    sys.exit(main())