Commit Graph

72 Commits (dc56507310a7d83c13ec08c16813369ff47ce159)

Author SHA1 Message Date
Stephen Fromm fa51d4a160 Update how to set default selinux context for file
This removes the 'context' option and replaces it with checks for
'_default' value for seuser, serole, setype, or (maybe) selevel.
If '_default' is provided *and* there is a default context for the given
file, this will set the file context to the available default.
13 years ago
Daniel Néri 546cacd172 File module fix for symlink from relative source path 13 years ago
Michael DeHaan 0841cf4a85 Merge pull request #249 from jhoekx/octal-file-mode
Return the octal mode of a file instead of decimal.
13 years ago
Stephen Fromm 61f63b66ff Update file module selinux-awareness
This adds selinux_mls_enabled() and selinux_enabled() to detect a)
whether selinux is MLS aware (ie supports selevel) and b) whether
selinux is enabled.  If selinux is not enabled, all selinux operations
are punted on -- same as if python's selinux module were not available.
In set_context_if_different(), I now iterate over the current context
instead of the context argument.  Even if the system supports MLS, it
may not return the selevel from selinux.lgetfilecon().  Lastly, this
drops selinux_has_selevel() in lieu of the current approach.
13 years ago
Jeroen Hoekx 3e9159b4d2 Return the octal mode of a file instead of decimal. 13 years ago
Stephen Fromm 41fed6ef0c Fix for issue #227
Older versions of selinux, such as that deployed on rhel5, only return a
context of user:role:type instead of user:role:type:level.  This detects
whether the tuple has three elements (old-style) or four.  If the
old-style, it keeps the secontext list at three elements.
13 years ago
Michael DeHaan 46e8225bbf Fix bug in library/file 13 years ago
Stephen Fromm 332931b9b8 Add context=default option to file module
This adjusts behavior of file module such that removal of se* option
does not revert the file's selinux context to the default.  In order to
go back to the default context according to the policy, you can use the
context=default option.
13 years ago
Michael DeHaan 73412513b8 Fix bug in src. Should not code this early :) 13 years ago
Michael DeHaan d35de23c53 Don't try to expand path for None values 13 years ago
Michael DeHaan ba882d98e1 Call os.path.expanduser in modules so things work as expected even when using ./hacking/test-module script 13 years ago
Stephen Fromm 573d4b4bad Rename serange to selevel to be consistent with selinux docs 13 years ago
Stephen Fromm 5cdcd4b4a3 Add selinux support to file module
This adds the options: seuser, serole, setype, and serange to the file
module.  If the python selinux module doesn't exist, this will set
HAVE_SELINUX to False and punt in the related modules.

This takes the options the user provides and applies those to the
default selinux context as provided from matchpathcon().  If there is no
default context, this uses the value from the current context.  This
implies that if you set the setype and later remove it, the file module
will rever the setype to the default if available.
13 years ago
Michael DeHaan 043815a6e6 Fix syntax error in user patch 13 years ago
Matthew Williams 3404fb4594 protecting against replacing file or directory with link 13 years ago
Matthew Williams ff8750bbdc "link" state in file module 13 years ago
Michael DeHaan 01de08da57 Remove comment about FIXME that is already resolved 13 years ago
Michael DeHaan 557539dda7 Add some comments 13 years ago
Michael DeHaan c4b3979f16 Fix changed=True/False detection when specifying mode= 13 years ago
Michael DeHaan 1d3dd22a02 Disable debug 13 years ago
Michael DeHaan 3aa975aad3 Return file info about the file regardless of changes made 13 years ago
Michael DeHaan 44caf013d5 Initial crack at the file module 13 years ago