mirror of
https://github.com/SELinuxProject/setools
synced 2025-04-01 22:58:12 +00:00
Improve analysis INFO level logging.
Make it more informative for GUI use.
This commit is contained in:
Chris PeBenito
parent
6a4cbf20d5
commit
c3425b3656
@ -56,7 +56,7 @@ class BoolQuery(compquery.ComponentQuery):
|
||||
|
||||
def results(self):
|
||||
"""Generator which yields all Booleans matching the criteria."""
|
||||
self.log.info("Generating results from {0.policy}".format(self))
|
||||
self.log.info("Generating Boolean results from {0.policy}".format(self))
|
||||
self.log.debug("Name: {0.name!r}, regex: {0.name_regex}".format(self))
|
||||
self.log.debug("Default: {0.default}".format(self))
|
||||
|
||||
|
||||
@ -47,7 +47,7 @@ class BoundsQuery(PolicyQuery):
|
||||
|
||||
def results(self):
|
||||
"""Generator which yields all matching *bounds statements."""
|
||||
self.log.info("Generating results from {0.policy}".format(self))
|
||||
self.log.info("Generating bounds results from {0.policy}".format(self))
|
||||
self.log.debug("Ruletypes: {0.ruletype}".format(self))
|
||||
self.log.debug("Parent: {0.parent!r}, regex: {0.parent_regex}".format(self))
|
||||
self.log.debug("Child: {0.child!r}, regex: {0.child_regex}".format(self))
|
||||
|
||||
@ -45,7 +45,7 @@ class CategoryQuery(mixins.MatchAlias, compquery.ComponentQuery):
|
||||
|
||||
def results(self):
|
||||
"""Generator which yields all matching categories."""
|
||||
self.log.info("Generating results from {0.policy}".format(self))
|
||||
self.log.info("Generating category results from {0.policy}".format(self))
|
||||
self.log.debug("Name: {0.name!r}, regex: {0.name_regex}".format(self))
|
||||
self.log.debug("Alias: {0.alias}, regex: {0.alias_regex}".format(self))
|
||||
|
||||
|
||||
@ -49,7 +49,7 @@ class CommonQuery(mixins.MatchPermission, compquery.ComponentQuery):
|
||||
|
||||
def results(self):
|
||||
"""Generator which yields all matching commons."""
|
||||
self.log.info("Generating results from {0.policy}".format(self))
|
||||
self.log.info("Generating common results from {0.policy}".format(self))
|
||||
self.log.debug("Name: {0.name!r}, regex: {0.name_regex}".format(self))
|
||||
self.log.debug("Perms: {0.perms!r}, regex: {0.perms_regex}, eq: {0.perms_equal}".
|
||||
format(self))
|
||||
|
||||
@ -99,7 +99,7 @@ class ConstraintQuery(mixins.MatchObjClass, mixins.MatchPermission, query.Policy
|
||||
|
||||
def results(self):
|
||||
"""Generator which yields all matching constraints rules."""
|
||||
self.log.info("Generating results from {0.policy}".format(self))
|
||||
self.log.info("Generating constraint results from {0.policy}".format(self))
|
||||
self.log.debug("Ruletypes: {0.ruletype}".format(self))
|
||||
self.log.debug("Class: {0.tclass!r}, regex: {0.tclass_regex}".format(self))
|
||||
self.log.debug("Perms: {0.perms!r}, regex: {0.perms_regex}, eq: {0.perms_equal}".
|
||||
|
||||
@ -52,7 +52,7 @@ class DefaultQuery(MatchObjClass, PolicyQuery):
|
||||
|
||||
def results(self):
|
||||
"""Generator which yields all matching default_* statements."""
|
||||
self.log.info("Generating results from {0.policy}".format(self))
|
||||
self.log.info("Generating default_* results from {0.policy}".format(self))
|
||||
self.log.debug("Ruletypes: {0.ruletype}".format(self))
|
||||
self.log.debug("Class: {0.tclass!r}, regex: {0.tclass_regex}".format(self))
|
||||
self.log.debug("Default: {0.default}".format(self))
|
||||
|
||||
@ -107,7 +107,7 @@ class DomainTransitionAnalysis(object):
|
||||
if self.rebuildsubgraph:
|
||||
self._build_subgraph()
|
||||
|
||||
self.log.info("Generating one shortest path from {0} to {1}...".format(s, t))
|
||||
self.log.info("Generating one domain transition path from {0} to {1}...".format(s, t))
|
||||
|
||||
try:
|
||||
yield self.__generate_steps(nx.shortest_path(self.subG, s, t))
|
||||
@ -143,7 +143,8 @@ class DomainTransitionAnalysis(object):
|
||||
if self.rebuildsubgraph:
|
||||
self._build_subgraph()
|
||||
|
||||
self.log.info("Generating all paths from {0} to {1}, max len {2}...".format(s, t, maxlen))
|
||||
self.log.info("Generating all domain transition paths from {0} to {1}, max length {2}...".
|
||||
format(s, t, maxlen))
|
||||
|
||||
try:
|
||||
for path in nx.all_simple_paths(self.subG, s, t, maxlen):
|
||||
@ -175,7 +176,8 @@ class DomainTransitionAnalysis(object):
|
||||
if self.rebuildsubgraph:
|
||||
self._build_subgraph()
|
||||
|
||||
self.log.info("Generating all shortest paths from {0} to {1}...".format(s, t))
|
||||
self.log.info("Generating all shortest domain transition paths from {0} to {1}...".
|
||||
format(s, t))
|
||||
|
||||
try:
|
||||
for path in nx.all_shortest_paths(self.subG, s, t):
|
||||
@ -207,7 +209,7 @@ class DomainTransitionAnalysis(object):
|
||||
if self.rebuildsubgraph:
|
||||
self._build_subgraph()
|
||||
|
||||
self.log.info("Generating all transitions {1} {0}".
|
||||
self.log.info("Generating all domain transitions {1} {0}".
|
||||
format(s, "in to" if self.reverse else "out from"))
|
||||
|
||||
try:
|
||||
@ -361,7 +363,7 @@ class DomainTransitionAnalysis(object):
|
||||
self.G.clear()
|
||||
self.G.name = "Domain transition graph for {0}.".format(self.policy)
|
||||
|
||||
self.log.info("Building graph from {0}...".format(self.policy))
|
||||
self.log.info("Building domain transition graph from {0}...".format(self.policy))
|
||||
|
||||
# hash tables keyed on domain type
|
||||
setexec = defaultdict(list)
|
||||
@ -500,7 +502,7 @@ class DomainTransitionAnalysis(object):
|
||||
|
||||
self.rebuildgraph = False
|
||||
self.rebuildsubgraph = True
|
||||
self.log.info("Completed building graph.")
|
||||
self.log.info("Completed building domain transition graph.")
|
||||
|
||||
def __remove_excluded_entrypoints(self):
|
||||
invalid_edges = []
|
||||
@ -535,7 +537,7 @@ class DomainTransitionAnalysis(object):
|
||||
if self.rebuildgraph:
|
||||
self._build_graph()
|
||||
|
||||
self.log.info("Building subgraph.")
|
||||
self.log.info("Building domain transition subgraph.")
|
||||
self.log.debug("Excluding {0}".format(self.exclude))
|
||||
self.log.debug("Reverse {0}".format(self.reverse))
|
||||
|
||||
@ -553,7 +555,7 @@ class DomainTransitionAnalysis(object):
|
||||
self.__remove_excluded_entrypoints()
|
||||
|
||||
self.rebuildsubgraph = False
|
||||
self.log.info("Completed building subgraph.")
|
||||
self.log.info("Completed building domain transition subgraph.")
|
||||
|
||||
|
||||
class Edge(object):
|
||||
|
||||
@ -66,7 +66,7 @@ class FSUseQuery(contextquery.ContextQuery):
|
||||
|
||||
def results(self):
|
||||
"""Generator which yields all matching fs_use_* statements."""
|
||||
self.log.info("Generating results from {0.policy}".format(self))
|
||||
self.log.info("Generating fs_use_* results from {0.policy}".format(self))
|
||||
self.log.debug("Ruletypes: {0.ruletype}".format(self))
|
||||
self.log.debug("FS: {0.fs!r}, regex: {0.fs_regex}".format(self))
|
||||
self.log.debug("User: {0.user!r}, regex: {0.user_regex}".format(self))
|
||||
|
||||
@ -70,7 +70,7 @@ class GenfsconQuery(contextquery.ContextQuery):
|
||||
|
||||
def results(self):
|
||||
"""Generator which yields all matching genfscons."""
|
||||
self.log.info("Generating results from {0.policy}".format(self))
|
||||
self.log.info("Generating genfscon results from {0.policy}".format(self))
|
||||
self.log.debug("FS: {0.fs!r}, regex: {0.fs_regex}".format(self))
|
||||
self.log.debug("Path: {0.path!r}, regex: {0.path_regex}".format(self))
|
||||
self.log.debug("Filetype: {0.filetype!r}".format(self))
|
||||
|
||||
@ -113,7 +113,8 @@ class InfoFlowAnalysis(object):
|
||||
if self.rebuildsubgraph:
|
||||
self._build_subgraph()
|
||||
|
||||
self.log.info("Generating one shortest path from {0} to {1}...".format(s, t))
|
||||
self.log.info("Generating one shortest information flow path from {0} to {1}...".
|
||||
format(s, t))
|
||||
|
||||
try:
|
||||
yield self.__generate_steps(nx.shortest_path(self.subG, s, t))
|
||||
@ -153,7 +154,8 @@ class InfoFlowAnalysis(object):
|
||||
if self.rebuildsubgraph:
|
||||
self._build_subgraph()
|
||||
|
||||
self.log.info("Generating all paths from {0} to {1}, max len {2}...".format(s, t, maxlen))
|
||||
self.log.info("Generating all information flow paths from {0} to {1}, max length {2}...".
|
||||
format(s, t, maxlen))
|
||||
|
||||
try:
|
||||
for path in nx.all_simple_paths(self.subG, s, t, maxlen):
|
||||
@ -188,7 +190,8 @@ class InfoFlowAnalysis(object):
|
||||
if self.rebuildsubgraph:
|
||||
self._build_subgraph()
|
||||
|
||||
self.log.info("Generating all shortest paths from {0} to {1}...".format(s, t))
|
||||
self.log.info("Generating all shortest information flow paths from {0} to {1}...".
|
||||
format(s, t))
|
||||
|
||||
try:
|
||||
for path in nx.all_shortest_paths(self.subG, s, t):
|
||||
@ -226,7 +229,8 @@ class InfoFlowAnalysis(object):
|
||||
if self.rebuildsubgraph:
|
||||
self._build_subgraph()
|
||||
|
||||
self.log.info("Generating all infoflows {0} {1}".format("out of" if out else "into", s))
|
||||
self.log.info("Generating all information flows {0} {1}".
|
||||
format("out of" if out else "into", s))
|
||||
|
||||
if out:
|
||||
flows = self.subG.out_edges_iter(s)
|
||||
@ -294,7 +298,7 @@ class InfoFlowAnalysis(object):
|
||||
|
||||
self.perm_map.map_policy(self.policy)
|
||||
|
||||
self.log.info("Building graph from {0}...".format(self.policy))
|
||||
self.log.info("Building information flow graph from {0}...".format(self.policy))
|
||||
|
||||
for rule in self.policy.terules():
|
||||
if rule.ruletype != "allow":
|
||||
@ -318,13 +322,13 @@ class InfoFlowAnalysis(object):
|
||||
|
||||
self.rebuildgraph = False
|
||||
self.rebuildsubgraph = True
|
||||
self.log.info("Completed building graph.")
|
||||
self.log.info("Completed building information flow graph.")
|
||||
|
||||
def _build_subgraph(self):
|
||||
if self.rebuildgraph:
|
||||
self._build_graph()
|
||||
|
||||
self.log.info("Building subgraph...")
|
||||
self.log.info("Building information flow subgraph...")
|
||||
self.log.debug("Excluding {0!r}".format(self.exclude))
|
||||
self.log.debug("Min weight {0}".format(self.min_weight))
|
||||
|
||||
@ -345,7 +349,7 @@ class InfoFlowAnalysis(object):
|
||||
self.subG.remove_edges_from(delete_list)
|
||||
|
||||
self.rebuildsubgraph = False
|
||||
self.log.info("Completed building subgraph.")
|
||||
self.log.info("Completed building information flow subgraph.")
|
||||
|
||||
|
||||
class Edge(object):
|
||||
|
||||
@ -60,7 +60,7 @@ class InitialSIDQuery(compquery.ComponentQuery, contextquery.ContextQuery):
|
||||
|
||||
def results(self):
|
||||
"""Generator which yields all matching initial SIDs."""
|
||||
self.log.info("Generating results from {0.policy}".format(self))
|
||||
self.log.info("Generating initial SID results from {0.policy}".format(self))
|
||||
self.log.debug("Name: {0.name!r}, regex: {0.name_regex}".format(self))
|
||||
self.log.debug("User: {0.user!r}, regex: {0.user_regex}".format(self))
|
||||
self.log.debug("Role: {0.role!r}, regex: {0.role_regex}".format(self))
|
||||
|
||||
@ -62,7 +62,7 @@ class MLSRuleQuery(mixins.MatchObjClass, query.PolicyQuery):
|
||||
|
||||
def results(self):
|
||||
"""Generator which yields all matching MLS rules."""
|
||||
self.log.info("Generating results from {0.policy}".format(self))
|
||||
self.log.info("Generating MLS rule results from {0.policy}".format(self))
|
||||
self.log.debug("Ruletypes: {0.ruletype}".format(self))
|
||||
self.log.debug("Source: {0.source!r}, regex: {0.source_regex}".format(self))
|
||||
self.log.debug("Target: {0.target!r}, regex: {0.target_regex}".format(self))
|
||||
|
||||
@ -60,7 +60,7 @@ class NetifconQuery(compquery.ComponentQuery, contextquery.ContextQuery):
|
||||
|
||||
def results(self):
|
||||
"""Generator which yields all matching netifcons."""
|
||||
self.log.info("Generating results from {0.policy}".format(self))
|
||||
self.log.info("Generating netifcon results from {0.policy}".format(self))
|
||||
self.log.debug("Name: {0.name!r}, regex: {0.name_regex}".format(self))
|
||||
self.log.debug("User: {0.user!r}, regex: {0.user_regex}".format(self))
|
||||
self.log.debug("Role: {0.role!r}, regex: {0.role_regex}".format(self))
|
||||
|
||||
@ -103,7 +103,7 @@ class NodeconQuery(contextquery.ContextQuery):
|
||||
|
||||
def results(self):
|
||||
"""Generator which yields all matching nodecons."""
|
||||
self.log.info("Generating results from {0.policy}".format(self))
|
||||
self.log.info("Generating nodecon results from {0.policy}".format(self))
|
||||
self.log.debug("Network: {0.network!r}, overlap: {0.network_overlap}".format(self))
|
||||
self.log.debug("IP Version: {0.ip_version}".format(self))
|
||||
self.log.debug("User: {0.user!r}, regex: {0.user_regex}".format(self))
|
||||
|
||||
@ -66,7 +66,7 @@ class ObjClassQuery(compquery.ComponentQuery):
|
||||
|
||||
def results(self):
|
||||
"""Generator which yields all matching object classes."""
|
||||
self.log.info("Generating results from {0.policy}".format(self))
|
||||
self.log.info("Generating object class results from {0.policy}".format(self))
|
||||
self.log.debug("Name: {0.name!r}, regex: {0.name_regex}".format(self))
|
||||
self.log.debug("Common: {0.common!r}, regex: {0.common_regex}".format(self))
|
||||
self.log.debug("Perms: {0.perms}, regex: {0.perms_regex}, "
|
||||
|
||||
@ -41,7 +41,7 @@ class PolCapQuery(compquery.ComponentQuery):
|
||||
|
||||
def results(self):
|
||||
"""Generator which yields all matching policy capabilities."""
|
||||
self.log.info("Generating results from {0.policy}".format(self))
|
||||
self.log.info("Generating policy capability results from {0.policy}".format(self))
|
||||
self.log.debug("Name: {0.name!r}, regex: {0.name_regex}".format(self))
|
||||
|
||||
for cap in self.policy.polcaps():
|
||||
|
||||
@ -120,7 +120,7 @@ class PortconQuery(contextquery.ContextQuery):
|
||||
|
||||
def results(self):
|
||||
"""Generator which yields all matching portcons."""
|
||||
self.log.info("Generating results from {0.policy}".format(self))
|
||||
self.log.info("Generating portcon results from {0.policy}".format(self))
|
||||
self.log.debug("Ports: {0.ports}, overlap: {0.ports_overlap}, "
|
||||
"subset: {0.ports_subset}, superset: {0.ports_superset}, "
|
||||
"proper: {0.ports_proper}".format(self))
|
||||
|
||||
@ -88,7 +88,7 @@ class RBACRuleQuery(mixins.MatchObjClass, query.PolicyQuery):
|
||||
|
||||
def results(self):
|
||||
"""Generator which yields all matching RBAC rules."""
|
||||
self.log.info("Generating results from {0.policy}".format(self))
|
||||
self.log.info("Generating RBAC rule results from {0.policy}".format(self))
|
||||
self.log.debug("Ruletypes: {0.ruletype}".format(self))
|
||||
self.log.debug("Source: {0.source!r}, indirect: {0.source_indirect}, "
|
||||
"regex: {0.source_regex}".format(self))
|
||||
|
||||
@ -55,7 +55,7 @@ class RoleQuery(compquery.ComponentQuery):
|
||||
|
||||
def results(self):
|
||||
"""Generator which yields all matching roles."""
|
||||
self.log.info("Generating results from {0.policy}".format(self))
|
||||
self.log.info("Generating role results from {0.policy}".format(self))
|
||||
self.log.debug("Name: {0.name!r}, regex: {0.name_regex}".format(self))
|
||||
self.log.debug("Types: {0.types!r}, regex: {0.types_regex}, "
|
||||
"eq: {0.types_equal}".format(self))
|
||||
|
||||
@ -55,7 +55,7 @@ class SensitivityQuery(mixins.MatchAlias, compquery.ComponentQuery):
|
||||
|
||||
def results(self):
|
||||
"""Generator which yields all matching sensitivities."""
|
||||
self.log.info("Generating results from {0.policy}".format(self))
|
||||
self.log.info("Generating sensitivity results from {0.policy}".format(self))
|
||||
self.log.debug("Name: {0.name!r}, regex: {0.name_regex}".format(self))
|
||||
self.log.debug("Alias: {0.alias}, regex: {0.alias_regex}".format(self))
|
||||
self.log.debug("Sens: {0.sens!r}, dom: {0.sens_dom}, domby: {0.sens_domby}".format(self))
|
||||
|
||||
@ -99,7 +99,7 @@ class TERuleQuery(mixins.MatchObjClass, mixins.MatchPermission, query.PolicyQuer
|
||||
|
||||
def results(self):
|
||||
"""Generator which yields all matching TE rules."""
|
||||
self.log.info("Generating results from {0.policy}".format(self))
|
||||
self.log.info("Generating TE rule results from {0.policy}".format(self))
|
||||
self.log.debug("Ruletypes: {0.ruletype}".format(self))
|
||||
self.log.debug("Source: {0.source!r}, indirect: {0.source_indirect}, "
|
||||
"regex: {0.source_regex}".format(self))
|
||||
|
||||
@ -55,7 +55,7 @@ class TypeAttributeQuery(compquery.ComponentQuery):
|
||||
|
||||
def results(self):
|
||||
"""Generator which yields all matching types."""
|
||||
self.log.info("Generating results from {0.policy}".format(self))
|
||||
self.log.info("Generating type attribute results from {0.policy}".format(self))
|
||||
self.log.debug("Name: {0.name!r}, regex: {0.name_regex}".format(self))
|
||||
self.log.debug("Types: {0.types!r}, regex: {0.types_regex}, "
|
||||
"eq: {0.types_equal}".format(self))
|
||||
|
||||
@ -73,7 +73,7 @@ class TypeQuery(mixins.MatchAlias, compquery.ComponentQuery):
|
||||
|
||||
def results(self):
|
||||
"""Generator which yields all matching types."""
|
||||
self.log.info("Generating results from {0.policy}".format(self))
|
||||
self.log.info("Generating type results from {0.policy}".format(self))
|
||||
self.log.debug("Name: {0.name!r}, regex: {0.name_regex}".format(self))
|
||||
self.log.debug("Alias: {0.alias}, regex: {0.alias_regex}".format(self))
|
||||
self.log.debug("Attrs: {0.attrs!r}, regex: {0.attrs_regex}, "
|
||||
|
||||
@ -80,7 +80,7 @@ class UserQuery(compquery.ComponentQuery):
|
||||
|
||||
def results(self):
|
||||
"""Generator which yields all matching users."""
|
||||
self.log.info("Generating results from {0.policy}".format(self))
|
||||
self.log.info("Generating user results from {0.policy}".format(self))
|
||||
self.log.debug("Name: {0.name!r}, regex: {0.name_regex}".format(self))
|
||||
self.log.debug("Roles: {0.roles!r}, regex: {0.roles_regex}, "
|
||||
"eq: {0.roles_equal}".format(self))
|
||||
|
||||
Loading…
Reference in New Issue
Block a user