analitics

Pages

Showing posts with label SELinux. Show all posts
Showing posts with label SELinux. Show all posts

Sunday, February 23, 2020

Python 3.7.6 : The SELinux python package.

The tutorial for today is about the SELinux python package.
The official webpage is this.
First, I update my pip tool and I used the python 3.7.6 version:
[mythcat@desk ~]$ pip install --upgrade pip --user
...
Successfully installed pip-20.0.2
Let's install the python package named selinux:
[mythcat@desk ~]$ pip3 install selinux --user
...
Requirement already satisfied: selinux in /usr/lib64/python3.7/site-packages (2.9)
Let's test it:
[mythcat@desk ~]$ python3 
Python 3.7.6 (default, Jan 30 2020, 09:44:41) 
[GCC 9.2.1 20190827 (Red Hat 9.2.1-1)] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> import selinux 
>>> from selinux import * 
>>> print(dir(selinux))
Now, I can test my SELinux with this python package:
>>> selinux.is_selinux_enabled()
1
>>> selinux.selinux_getenforcemode()
[0, 0]
>>> mode = selinux.security_getenforce()
>>> mode
0
>>> selinux.selinux_getpolicytype()
[0, 'mls']
>>> selinux.is_selinux_enabled()
1
>>> selinux.is_selinux_mls_enabled()
1
>>> selinux.get_default_context('mythcat','user_u:object_r:user_home_t:s0')
[-1, None]
>>> context = selinux.matchpathcon(os.path.normpath(/), 0)[1]
>>> context
'system_u:object_r:root_t:s0'
>>> selinux.restorecon('/')
>>> context_t = selinux.getfilecon('/')[1].split(":")[2]
>>> context_t 
'root_t'
>>> context_t = selinux.getfilecon('/home/mythcat')[1].split(":")[2]
>>> context_t 
'user_home_dir_t'
>>> selinux.matchpathcon('/', mode)
[0, 'system_u:object_r:root_t:s0']
>>> selinux.matchpathcon('/home/mythcat', mode)
[0, 'user_u:object_r:user_home_dir_t:s0']
>>> file_context=selinux.lgetfilecon('/home/mythcat/sel_001.py')
>>> file_context
[31, 'user_u:object_r:user_home_t:s0']
>>> selinux.security_policyvers()
32