RepoMirrors/setools
1
0
Fork 0
mirror of https://github.com/SELinuxProject/setools synced 2025-04-29 14:50:18 +00:00
Code Issues Packages Projects Releases Wiki Activity

seinfo: add useful expanded info for attributes

Browse Source
This commit is contained in:
Chris PeBenito 2015-03-22 11:46:44 -04:00
parent 11fdaa7ad6
commit 402c6d1c6f
1 changed files with 28 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

49
seinfo
View File

@ -23,6 +23,13 @@ import argparse
import sys import sys
import logging import logging
def expand_attr(attr):
"""Render type and role attributes."""
items = "\n\t".join(sorted(str(i) for i in attr.expand()))
contents = items if items else "<empty set>"
return "{0}\n\t{1}".format(attr.statement(), contents)
parser = argparse.ArgumentParser( parser = argparse.ArgumentParser(
description="SELinux policy information tool.") description="SELinux policy information tool.")
parser.add_argument("--version", action="version", version=setools.__version__) parser.add_argument("--version", action="version", version=setools.__version__)
@ -93,28 +100,28 @@ try:
q = setools.boolquery.BoolQuery(p, name=args.boolquery) q = setools.boolquery.BoolQuery(p, name=args.boolquery)
else: else:
q = setools.boolquery.BoolQuery(p) q = setools.boolquery.BoolQuery(p)
components.append(("Booleans", q)) components.append(("Booleans", q, lambda x: x.statement()))
if args.mlscatsquery or args.all: if args.mlscatsquery or args.all:
if isinstance(args.mlscatsquery, str): if isinstance(args.mlscatsquery, str):
q = setools.categoryquery.CategoryQuery(p, name=args.mlscatsquery) q = setools.categoryquery.CategoryQuery(p, name=args.mlscatsquery)
else: else:
q = setools.categoryquery.CategoryQuery(p) q = setools.categoryquery.CategoryQuery(p)
components.append(("Categories", q)) components.append(("Categories", q, lambda x: x.statement()))
if args.classquery or args.all: if args.classquery or args.all:
if isinstance(args.classquery, str): if isinstance(args.classquery, str):
q = setools.objclassquery.ObjClassQuery(p, name=args.classquery) q = setools.objclassquery.ObjClassQuery(p, name=args.classquery)
else: else:
q = setools.objclassquery.ObjClassQuery(p) q = setools.objclassquery.ObjClassQuery(p)
components.append(("Classes", q)) components.append(("Classes", q, lambda x: x.statement()))
if args.commonquery or args.all: if args.commonquery or args.all:
if isinstance(args.commonquery, str): if isinstance(args.commonquery, str):
q = setools.commonquery.CommonQuery(p, name=args.commonquery) q = setools.commonquery.CommonQuery(p, name=args.commonquery)
else: else:
q = setools.commonquery.CommonQuery(p) q = setools.commonquery.CommonQuery(p)
components.append(("Commons", q)) components.append(("Commons", q, lambda x: x.statement()))
if args.constraintquery or args.all: if args.constraintquery or args.all:
if isinstance(args.constraintquery, str): if isinstance(args.constraintquery, str):
@ -122,42 +129,42 @@ try:
ruletype=["constrain", "mlsconstrain"]) ruletype=["constrain", "mlsconstrain"])
else: else:
q = setools.constraintquery.ConstraintQuery(p, ruletype=["constrain", "mlsconstrain"]) q = setools.constraintquery.ConstraintQuery(p, ruletype=["constrain", "mlsconstrain"])
components.append(("Constraints", q)) components.append(("Constraints", q, lambda x: x.statement()))
if args.fsusequery or args.all: if args.fsusequery or args.all:
if isinstance(args.fsusequery, str): if isinstance(args.fsusequery, str):
q = setools.fsusequery.FSUseQuery(p, fs=args.fsusequery) q = setools.fsusequery.FSUseQuery(p, fs=args.fsusequery)
else: else:
q = setools.fsusequery.FSUseQuery(p) q = setools.fsusequery.FSUseQuery(p)
components.append(("Fs_use", q)) components.append(("Fs_use", q, lambda x: x.statement()))
if args.genfsconquery or args.all: if args.genfsconquery or args.all:
if isinstance(args.genfsconquery, str): if isinstance(args.genfsconquery, str):
q = setools.genfsconquery.GenfsconQuery(p, fs=args.genfsconquery) q = setools.genfsconquery.GenfsconQuery(p, fs=args.genfsconquery)
else: else:
q = setools.genfsconquery.GenfsconQuery(p) q = setools.genfsconquery.GenfsconQuery(p)
components.append(("Genfscon", q)) components.append(("Genfscon", q, lambda x: x.statement()))
if args.initialsidquery or args.all: if args.initialsidquery or args.all:
if isinstance(args.initialsidquery, str): if isinstance(args.initialsidquery, str):
q = setools.initsidquery.InitialSIDQuery(p, name=args.initialsidquery) q = setools.initsidquery.InitialSIDQuery(p, name=args.initialsidquery)
else: else:
q = setools.initsidquery.InitialSIDQuery(p) q = setools.initsidquery.InitialSIDQuery(p)
components.append(("Initial SIDs", q)) components.append(("Initial SIDs", q, lambda x: x.statement()))
if args.netifconquery or args.all: if args.netifconquery or args.all:
if isinstance(args.netifconquery, str): if isinstance(args.netifconquery, str):
q = setools.netifconquery.NetifconQuery(p, name=args.netifconquery) q = setools.netifconquery.NetifconQuery(p, name=args.netifconquery)
else: else:
q = setools.netifconquery.NetifconQuery(p) q = setools.netifconquery.NetifconQuery(p)
components.append(("Netifcon", q)) components.append(("Netifcon", q, lambda x: x.statement()))
if args.nodeconquery or args.all: if args.nodeconquery or args.all:
if isinstance(args.nodeconquery, str): if isinstance(args.nodeconquery, str):
q = setools.nodeconquery.NodeconQuery(p, net=args.nodeconquery) q = setools.nodeconquery.NodeconQuery(p, net=args.nodeconquery)
else: else:
q = setools.nodeconquery.NodeconQuery(p) q = setools.nodeconquery.NodeconQuery(p)
components.append(("Nodecon", q)) components.append(("Nodecon", q, lambda x: x.statement()))
if args.permissivequery or args.all: if args.permissivequery or args.all:
if isinstance(args.permissivequery, str): if isinstance(args.permissivequery, str):
@ -165,14 +172,14 @@ try:
permissive=True, match_permissive=True) permissive=True, match_permissive=True)
else: else:
q = setools.typequery.TypeQuery(p, permissive=True, match_permissive=True) q = setools.typequery.TypeQuery(p, permissive=True, match_permissive=True)
components.append(("Permissive Types", q)) components.append(("Permissive Types", q, lambda x: x.statement()))
if args.polcapquery or args.all: if args.polcapquery or args.all:
if isinstance(args.polcapquery, str): if isinstance(args.polcapquery, str):
q = setools.polcapquery.PolCapQuery(p, name=args.polcapquery) q = setools.polcapquery.PolCapQuery(p, name=args.polcapquery)
else: else:
q = setools.polcapquery.PolCapQuery(p) q = setools.polcapquery.PolCapQuery(p)
components.append(("Polcap", q)) components.append(("Polcap", q, lambda x: x.statement()))
if args.portconquery or args.all: if args.portconquery or args.all:
if isinstance(args.portconquery, str): if isinstance(args.portconquery, str):
@ -192,42 +199,42 @@ try:
else: else:
q = setools.portconquery.PortconQuery(p) q = setools.portconquery.PortconQuery(p)
components.append(("Portcon", q)) components.append(("Portcon", q, lambda x: x.statement()))
if args.rolequery or args.all: if args.rolequery or args.all:
if isinstance(args.rolequery, str): if isinstance(args.rolequery, str):
q = setools.rolequery.RoleQuery(p, name=args.rolequery) q = setools.rolequery.RoleQuery(p, name=args.rolequery)
else: else:
q = setools.rolequery.RoleQuery(p) q = setools.rolequery.RoleQuery(p)
components.append(("Roles", q)) components.append(("Roles", q, lambda x: x.statement()))
if args.mlssensquery or args.all: if args.mlssensquery or args.all:
if isinstance(args.mlssensquery, str): if isinstance(args.mlssensquery, str):
q = setools.sensitivityquery.SensitivityQuery(p, name=args.mlssensquery) q = setools.sensitivityquery.SensitivityQuery(p, name=args.mlssensquery)
else: else:
q = setools.sensitivityquery.SensitivityQuery(p) q = setools.sensitivityquery.SensitivityQuery(p)
components.append(("Sensitivities", q)) components.append(("Sensitivities", q, lambda x: x.statement()))
if args.typequery or args.all: if args.typequery or args.all:
if isinstance(args.typequery, str): if isinstance(args.typequery, str):
q = setools.typequery.TypeQuery(p, name=args.typequery) q = setools.typequery.TypeQuery(p, name=args.typequery)
else: else:
q = setools.typequery.TypeQuery(p) q = setools.typequery.TypeQuery(p)
components.append(("Types", q)) components.append(("Types", q, lambda x: x.statement()))
if args.typeattrquery or args.all: if args.typeattrquery or args.all:
if isinstance(args.typeattrquery, str): if isinstance(args.typeattrquery, str):
q = setools.typeattrquery.TypeAttributeQuery(p, name=args.typeattrquery) q = setools.typeattrquery.TypeAttributeQuery(p, name=args.typeattrquery)
else: else:
q = setools.typeattrquery.TypeAttributeQuery(p) q = setools.typeattrquery.TypeAttributeQuery(p)
components.append(("Type Attributes", q)) components.append(("Type Attributes", q, expand_attr))
if args.userquery or args.all: if args.userquery or args.all:
if isinstance(args.userquery, str): if isinstance(args.userquery, str):
q = setools.userquery.UserQuery(p, name=args.userquery) q = setools.userquery.UserQuery(p, name=args.userquery)
else: else:
q = setools.userquery.UserQuery(p) q = setools.userquery.UserQuery(p)
components.append(("Users", q)) components.append(("Users", q, lambda x: x.statement()))
if args.validatetransquery or args.all: if args.validatetransquery or args.all:
if isinstance(args.validatetransquery, str): if isinstance(args.validatetransquery, str):
@ -237,7 +244,7 @@ try:
else: else:
q = setools.constraintquery.ConstraintQuery(p, ruletype=["validatetrans", q = setools.constraintquery.ConstraintQuery(p, ruletype=["validatetrans",
"mlsvalidatetrans"]) "mlsvalidatetrans"])
components.append(("Validatetrans", q)) components.append(("Validatetrans", q, lambda x: x.statement()))
if (not components or args.all) and not args.flat: if (not components or args.all) and not args.flat:
mls = "enabled" if p.mls else "disabled" mls = "enabled" if p.mls else "disabled"
@ -277,12 +284,12 @@ try:
print(" Permissives: {0:7} Polcap: {1:7}".format( print(" Permissives: {0:7} Polcap: {1:7}".format(
p.permissives_count, p.polcap_count)) p.permissives_count, p.polcap_count))
for desc, component in components: for desc, component, expander in components:
results = sorted(component.results()) results = sorted(component.results())
if not args.flat: if not args.flat:
print("\n{0}: {1}".format(desc, len(results))) print("\n{0}: {1}".format(desc, len(results)))
for item in results: for item in results:
result = item.statement() if args.expand else item result = expander(item) if args.expand else item
strfmt = " {0}" if not args.flat else "{0}" strfmt = " {0}" if not args.flat else "{0}"
print(strfmt.format(result)) print(strfmt.format(result))