archive
/
ansible
mirror of https://github.com/ansible/ansible.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

sefcontext: PEP8 compliancy (#27742)

Browse Source
pull/27765/head
Dag Wieers 7 years ago committed by Sloane Hertel
parent 3c09f69765
commit 0342760f5b
2 changed files with 60 additions and 63 deletions
Show Stats Download Patch File Download Diff File

122
lib/ansible/modules/system/sefcontext.py
Unescape Escape View File

@ -12,60 +12,55 @@ ANSIBLE_METADATA = {'metadata_version': '1.0',
'supported_by': 'community'} 'supported_by': 'community'}
DOCUMENTATION = ''' DOCUMENTATION = r'''
--- ---
module: sefcontext module: sefcontext
short_description: Manages SELinux file context mapping definitions short_description: Manages SELinux file context mapping definitions
description: description:
- Manages SELinux file context mapping definitions - Manages SELinux file context mapping definitions.
- Similar to the C(semanage fcontext) command - Similar to the C(semanage fcontext) command.
version_added: "2.2" version_added: '2.2'
options: options:
target: target:
description: description:
- Target path (expression). - Target path (expression).
required: true required: yes
default: null aliases: [ path ]
aliases: ['path']
ftype: ftype:
description: description:
- File type. - File type.
required: false
default: a default: a
setype: setype:
description: description:
- SELinux type for the specified target. - SELinux type for the specified target.
required: true required: yes
default: null
seuser: seuser:
description: description:
- SELinux user for the specified target. - SELinux user for the specified target.
required: false
default: null
selevel: selevel:
description: description:
- SELinux range for the specified target. - SELinux range for the specified target.
required: false aliases: [ serange ]
default: null
aliases: ['serange']
state: state:
description: description:
- Desired boolean value. - Desired boolean value.
required: false choices: [ absent, present ]
default: present default: present
choices: [ 'present', 'absent' ]
reload: reload:
description: description:
- Reload SELinux policy after commit. - Reload SELinux policy after commit.
required: false type: bool
default: yes default: 'yes'
notes: notes:
- The changes are persistent across reboots - The changes are persistent across reboots
requirements: [ 'libselinux-python', 'policycoreutils-python' ] requirements:
author: Dag Wieers - libselinux-python
- policycoreutils-python
author:
- Dag Wieers (@dagwieers)
''' '''
EXAMPLES = ''' EXAMPLES = r'''
# Allow apache to modify files in /srv/git_repos # Allow apache to modify files in /srv/git_repos
- sefcontext: - sefcontext:
target: '/srv/git_repos(/.*)?' target: '/srv/git_repos(/.*)?'
@ -73,7 +68,7 @@ EXAMPLES = '''
state: present state: present
''' '''
RETURN = ''' RETURN = r'''
# Default return values # Default return values
''' '''
@ -83,41 +78,42 @@ from ansible.module_utils._text import to_native
try: try:
import selinux import selinux
HAVE_SELINUX=True HAVE_SELINUX = True
except ImportError: except ImportError:
HAVE_SELINUX=False HAVE_SELINUX = False
try: try:
import seobject import seobject
HAVE_SEOBJECT=True HAVE_SEOBJECT = True
except ImportError: except ImportError:
HAVE_SEOBJECT=False HAVE_SEOBJECT = False
### Add missing entries (backward compatible) # Add missing entries (backward compatible)
if HAVE_SEOBJECT: if HAVE_SEOBJECT:
seobject.file_types.update(dict( seobject.file_types.update(dict(
a = seobject.SEMANAGE_FCONTEXT_ALL, a=seobject.SEMANAGE_FCONTEXT_ALL,
b = seobject.SEMANAGE_FCONTEXT_BLOCK, b=seobject.SEMANAGE_FCONTEXT_BLOCK,
c = seobject.SEMANAGE_FCONTEXT_CHAR, c=seobject.SEMANAGE_FCONTEXT_CHAR,
d = seobject.SEMANAGE_FCONTEXT_DIR, d=seobject.SEMANAGE_FCONTEXT_DIR,
f = seobject.SEMANAGE_FCONTEXT_REG, f=seobject.SEMANAGE_FCONTEXT_REG,
l = seobject.SEMANAGE_FCONTEXT_LINK, l=seobject.SEMANAGE_FCONTEXT_LINK,
p = seobject.SEMANAGE_FCONTEXT_PIPE, p=seobject.SEMANAGE_FCONTEXT_PIPE,
s = seobject.SEMANAGE_FCONTEXT_SOCK, s=seobject.SEMANAGE_FCONTEXT_SOCK,
)) ))
### Make backward compatible # Make backward compatible
option_to_file_type_str = dict( option_to_file_type_str = dict(
a = 'all files', a='all files',
b = 'block device', b='block device',
c = 'character device', c='character device',
d = 'directory', d='directory',
f = 'regular file', f='regular file',
l = 'symbolic link', l='symbolic link',
p = 'named pipe', p='named pipe',
s = 'socket file', s='socket file',
) )
def semanage_fcontext_exists(sefcontext, target, ftype): def semanage_fcontext_exists(sefcontext, target, ftype):
''' Get the SELinux file context mapping definition from policy. Return None if it does not exist. ''' ''' Get the SELinux file context mapping definition from policy. Return None if it does not exist. '''
@ -129,6 +125,7 @@ def semanage_fcontext_exists(sefcontext, target, ftype):
except KeyError: except KeyError:
return None return None
def semanage_fcontext_modify(module, result, target, ftype, setype, do_reload, serange, seuser, sestore=''): def semanage_fcontext_modify(module, result, target, ftype, setype, do_reload, serange, seuser, sestore=''):
''' Add or modify SELinux file context mapping definition to the policy. ''' ''' Add or modify SELinux file context mapping definition to the policy. '''
@ -181,6 +178,7 @@ def semanage_fcontext_modify(module, result, target, ftype, setype, do_reload, s
module.exit_json(changed=changed, seuser=seuser, serange=serange, **result) module.exit_json(changed=changed, seuser=seuser, serange=serange, **result)
def semanage_fcontext_delete(module, result, target, ftype, do_reload, sestore=''): def semanage_fcontext_delete(module, result, target, ftype, do_reload, sestore=''):
''' Delete SELinux file context mapping definition from the policy. ''' ''' Delete SELinux file context mapping definition from the policy. '''
@ -215,16 +213,16 @@ def semanage_fcontext_delete(module, result, target, ftype, do_reload, sestore='
def main(): def main():
module = AnsibleModule( module = AnsibleModule(
argument_spec = dict( argument_spec=dict(
target = dict(required=True, aliases=['path']), target=dict(required=True, aliases=['path']),
ftype = dict(required=False, choices=option_to_file_type_str.keys(), default='a'), ftype=dict(type='str', default='a', choices=option_to_file_type_str.keys()),
setype = dict(required=True), setype=dict(type='str', required=True),
seuser = dict(required=False, default=None), seuser=dict(type='str'),
selevel = dict(required=False, default=None, aliases=['serange']), selevel=dict(type='str', aliases=['serange']),
state = dict(required=False, choices=['present', 'absent'], default='present'), state=dict(type='str', default='present', choices=['absent', 'present']),
reload = dict(required=False, type='bool', default='yes'), reload=dict(type='bool', default=True),
), ),
supports_check_mode = True, supports_check_mode=True,
) )
if not HAVE_SELINUX: if not HAVE_SELINUX:
module.fail_json(msg="This module requires libselinux-python") module.fail_json(msg="This module requires libselinux-python")

1
test/sanity/pep8/legacy-files.txt
Unescape Escape View File

@ -483,7 +483,6 @@ lib/ansible/modules/system/pam_limits.py
lib/ansible/modules/system/puppet.py lib/ansible/modules/system/puppet.py
lib/ansible/modules/system/runit.py lib/ansible/modules/system/runit.py
lib/ansible/modules/system/seboolean.py lib/ansible/modules/system/seboolean.py
lib/ansible/modules/system/sefcontext.py
lib/ansible/modules/system/seport.py lib/ansible/modules/system/seport.py
lib/ansible/modules/system/service.py lib/ansible/modules/system/service.py
lib/ansible/modules/system/solaris_zone.py lib/ansible/modules/system/solaris_zone.py

Write Preview
Loading…
Cancel
Save