18e3a8d396
Signed-off-by: Eric Paris <eparis@redhat.com> Acked-by: Dan Walsh <dwalsh@redhat.com>
79 lines
3.3 KiB
Text
79 lines
3.3 KiB
Text
Code Overview
|
|
=============
|
|
|
|
The source for Sepolgen is divided into the python library (sepolgen)
|
|
and tools (e.g., audit2allow).
|
|
|
|
The library is structured to give flexibility to the application using
|
|
it - it avoids assumptions and close coupling of components where
|
|
possible. The audit2allow application demonstrates how to hook the
|
|
components together.
|
|
|
|
There is a test suite in the test subdirectory. The run-tests.py
|
|
script will run all of the tests.
|
|
|
|
The library is is divided into several functional areas:
|
|
|
|
Reference Policy Representation (sepolgen.refpolicy)
|
|
-------------------------------------------------------------
|
|
|
|
Objects for representing policies and the reference policy
|
|
interfaces. Includes basic components (security contexts, allow rules,
|
|
etc.) and reference policy specific components (interfaces, modules,
|
|
etc.).
|
|
|
|
This representation can be used as output from the parser to represent
|
|
the reference policy interfaces. It can also be used to generate
|
|
policy by building up the relevent data structures and then outputting
|
|
them. See sepolgen.policygen and sepolgen.output for information on how
|
|
this can be done.
|
|
|
|
Access (sepolgen.access, sepolgen.interfaces, sepolgen.matching)
|
|
-------------------------------------------------------------
|
|
|
|
Objects and algorithms for representing access and sets of access in
|
|
an abstract way and searching that access. The basic concept is that
|
|
of an access vector (source type, target type, object class, and
|
|
permissions). These can be grouped into sets without overlapping
|
|
access. Access vectors and access vector sets can be matched against
|
|
other access vectors - this forms the backbone of how we turn audit
|
|
messages into interface calls.
|
|
|
|
The highest-level form of access represented in interfaces - which
|
|
includes algorithms to turn the raw output of the parser into access
|
|
vector sets representing the access allowed by each interface.
|
|
|
|
Parsing (sepolgen.refparser)
|
|
-------------------------------------------------------------
|
|
|
|
Parser for reference policy "headers" - i.e.,
|
|
/usr/share/selinux/devel/include. This uses the LGPL parsing library
|
|
[PLY](http://www.dabeaz.com/ply/) which is included in the source
|
|
distribution in the files lex.py and yacc.py. It may be necessary to
|
|
switch to a more powerful parsing library in the future, but for now
|
|
this is fast and easy.
|
|
|
|
Audit Messages (sepolgen.audit)
|
|
-------------------------------------------------------------
|
|
|
|
Infrastructure for parsing SELinux related messages as produced by the
|
|
audit system. This is not a general purpose audit parsing library - it
|
|
is only meant to capture SELinux messages - primarily access vector
|
|
cache (AVC) messages and policy load messages.
|
|
|
|
Policy Generation (sepolgen.policygen and sepolgen.output)
|
|
-------------------------------------------------------------
|
|
|
|
Infrastructure for generating policy based on required access. This
|
|
deliberately only loosely coupled to the audit parsing to allow
|
|
required accesses to be feed in from anywhere.
|
|
|
|
Object Model (sepolgen.objectmodel)
|
|
-------------------------------------------------------------
|
|
|
|
Information about the SELinux object classes. This is semantic
|
|
information about the object classes - including information flow. It
|
|
is separated to keep the core from being concerned about the details
|
|
of the object classes.
|
|
|
|
[selist]: http://www.nsa.gov/research/selinux/info/list.cfm
|