tequilaOS/platform_external_selinux
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

python/sepolicy: Add sepolicy.load_store_policy(store)

Browse source 
load_store_policy() allows to (re)load SELinux policy based on a store name. It
is useful when SELinux is disabled and default policy is not installed; or when
a user wants to query or manipulate another policy.

Related: https://bugzilla.redhat.com/show_bug.cgi?id=1558861

Signed-off-by: Petr Lautrbach <plautrba@redhat.com>
This commit is contained in:
Petr Lautrbach 2019-01-03 13:03:38 +01:00 committed by Nicolas Iooss
parent e718c2ab77
commit ef359c97c9
No known key found for this signature in database
GPG key ID: C191415F340DAAA0
1 changed files with 12 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
python/sepolicy/sepolicy/__init__.py
View file

@ -129,6 +129,13 @@ def get_installed_policy(root="/"):
pass pass
raise ValueError(_("No SELinux Policy installed")) raise ValueError(_("No SELinux Policy installed"))
def get_store_policy(store, root="/"):
try:
policies = glob.glob("%s%s/policy/policy.*" % (selinux.selinux_path(), store))
policies.sort()
return policies[-1]
except:
return None
def policy(policy_file): def policy(policy_file):
global all_domains global all_domains
@ -156,6 +163,11 @@ def policy(policy_file):
except: except:
raise ValueError(_("Failed to read %s policy file") % policy_file) raise ValueError(_("Failed to read %s policy file") % policy_file)
def load_store_policy(store):
policy_file = get_store_policy(store)
if not policy_file:
return None
policy(policy_file)
try: try:
policy_file = get_installed_policy() policy_file = get_installed_policy()