ó â„^c@sÒdZddlZddlZyddlmZWn!ek rUddlmZnXddlZddlZddl Z ddl Z ddl m Z d„Z dd d„ƒYZd „Zd d d „ƒYZdS(sU Utilities for dealing with the compilation of modules and creation of module tress. iÿÿÿÿN(tgetstatusoutputi(tdefaultscCs@tjd|ƒ}t|ƒdkr8|djƒr8tStSdS(s'Check that a module name is valid. s[^a-zA-Z0-9_\-\.]iN(tretfindalltlentisalphatTruetFalse(tmodnametm((s5/usr/lib64/python2.7/site-packages/sepolgen/module.pyt is_valid_name(s"t ModuleTreecBsSeZd„Zd„Zd„Zd„Zd„Zd„Zd„Zdd„Z RS( cCs||_d|_dS(N(RtNonetdirname(tselfR((s5/usr/lib64/python2.7/site-packages/sepolgen/module.pyt__init__2s cCs|jS(N(R (R((s5/usr/lib64/python2.7/site-packages/sepolgen/module.pytdir_name6scCs|jd|jdS(Nt/s.te(R R(R((s5/usr/lib64/python2.7/site-packages/sepolgen/module.pytte_name9scCs|jd|jdS(NRs.fc(R R(R((s5/usr/lib64/python2.7/site-packages/sepolgen/module.pytfc_name<scCs|jd|jdS(NRs.if(R R(R((s5/usr/lib64/python2.7/site-packages/sepolgen/module.pytif_name?scCs|jd|jdS(NRs.pp(R R(R((s5/usr/lib64/python2.7/site-packages/sepolgen/module.pyt package_nameBscCs |jdS(Ns /Makefile(R (R((s5/usr/lib64/python2.7/site-packages/sepolgen/module.pyt makefile_nameEscCsÃ|d|j|_tj|jƒt|jƒdƒ}|rS|jd|ƒn|jdtjƒƒ|j ƒt|j ƒdƒj ƒt|j ƒdƒj ƒt|j ƒdƒj ƒdS(NRtwsinclude ( RR tostmkdirtopenRtwriteRtrefpolicy_makefiletcloseRRR(Rtparent_dirnametmakefile_includetfd((s5/usr/lib64/python2.7/site-packages/sepolgen/module.pytcreateHs N( t__name__t __module__RRRRRRRR R!(((s5/usr/lib64/python2.7/site-packages/sepolgen/module.pyR 1s       cCs$tjjtjj|ƒdƒdS(Nii(Rtpathtsplitexttsplit(t sourcename((s5/usr/lib64/python2.7/site-packages/sepolgen/module.pytmodname_from_sourcenameXstModuleCompilercBs\eZdZd d„Zd„Zd„Zd„Zed„Z d„Z d„Z d„Z RS( stModuleCompiler eases running of the module compiler. The ModuleCompiler class encapsulates running the commandline module compiler (checkmodule) and module packager (semodule_package). You are likely interested in the create_module_package method. Several options are controlled via paramaters (only effects the non-refpol builds): .mls [boolean] Generate an MLS module (by passed -M to checkmodule). True to generate an MLS module, false otherwise. .module [boolean] Generate a module instead of a base module. True to generate a module, false to generate a base. .checkmodule [string] Fully qualified path to the module compiler. Default is /usr/bin/checkmodule. .semodule_package [string] Fully qualified path to the module packager. Defaults to /usr/bin/semodule_package. .output [file object] File object used to write verbose output of the compililation and packaging process. cCsXtjƒ|_t|_d|_d|_||_d|_t j ƒ|_ d|_ dS(s‡Create a ModuleCompiler instance, optionally with an output file object for verbose output of the compilation process. s/usr/bin/checkmodules/usr/bin/semodule_packagets /usr/bin/makeN( tselinuxtis_selinux_mls_enabledtmlsRtmodulet checkmoduletsemodule_packagetoutputt last_outputRRtrefpol_makefiletmake(RR1((s5/usr/lib64/python2.7/site-packages/sepolgen/module.pyRts     cCs-|jr |jj|dƒn||_dS(Ns (R1RR2(Rtstr((s5/usr/lib64/python2.7/site-packages/sepolgen/module.pytos cCs0|j|ƒt|ƒ\}}|j|ƒ|S(N(R6R(RtcommandtrcR1((s5/usr/lib64/python2.7/site-packages/sepolgen/module.pytrun†s  cCsg|jdƒ}t|ƒdkr3td|ƒ‚ndj|dd!ƒ}|d}|d}||fS(sþGenerate the module and policy package filenames from a source file name. The source file must be in the form of "foo.te". This will generate "foo.mod" and "foo.pp". Returns a tuple with (modname, policypackage). t.is,invalid sourcefile name %s (must end in .te)iiÿÿÿÿs.mods.pp(R&Rt RuntimeErrortjoin(RR't splitnametbasenameRt packagename((s5/usr/lib64/python2.7/site-packages/sepolgen/module.pyt gen_filenamess  cCs\|r|j|ƒnB|j|ƒ\}}|j||ƒ|j||ƒtj|ƒdS(sŒCreate a module package saved in a packagename from a sourcename. The create_module_package creates a module package saved in a file named sourcename (.pp is the standard extension) from a source file (.te is the standard extension). The source file should contain SELinux policy statements appropriate for a base or non-base module (depending on the setting of .module). Only file names are accepted, not open file objects or descriptors because the command line SELinux tools are used. On error a RuntimeError will be raised with a descriptive error message. N(t refpol_buildR@tcompiletpackageRtunlink(RR't refpolicyRR?((s5/usr/lib64/python2.7/site-packages/sepolgen/module.pytcreate_module_packagežs cCsI|jd|j}|j|ƒ}|dkrEtd|jƒ‚ndS(Ns -f iscompilation failed: %s(R4R3R9R;R2(RR'R7R8((s5/usr/lib64/python2.7/site-packages/sepolgen/module.pyRA¶s cCs£|jg}|jr%|jdƒn|jr>|jdƒn|jdƒ|j|ƒ|j|ƒ|jdj|ƒƒ}|dkrŸtd|jƒ‚ndS(Ns-Ms-ms-ot iscompilation failed: %s(R/R-tappendR.R9R<R;R2(RR'RtsR8((s5/usr/lib64/python2.7/site-packages/sepolgen/module.pyRB¿s       cCs~|jg}|jdƒ|j|ƒ|jdƒ|j|ƒ|jdj|ƒƒ}|dkrztd|jƒ‚ndS(Ns-os-mRGispackaging failed [%s](R0RHR9R<R;R2(RRR?RIR8((s5/usr/lib64/python2.7/site-packages/sepolgen/module.pyRCÍs      N( R"R#t__doc__R RR6R9R@RRFRARBRC(((s5/usr/lib64/python2.7/site-packages/sepolgen/module.pyR)[s     (((RJRttempfilet subprocessRt ImportErrortcommandsRtos.pathtshutilR+R*RR R R(R)(((s5/usr/lib64/python2.7/site-packages/sepolgen/module.pyts        '