Commit graph

73 commits

Author SHA1 Message Date
Rafal Lewczuk
3de61fb180 Fix: file module does not remove dangling symlinks 2012-05-01 22:56:37 -04:00
Stephen Fromm
f1b7149fcf Update how to set default selinux context for file
This removes the 'context' option and replaces it with checks for
'_default' value for seuser, serole, setype, or (maybe) selevel.
If '_default' is provided *and* there is a default context for the given
file, this will set the file context to the available default.
2012-05-02 11:38:44 -07:00
Daniel Néri
82d3fcfd53 File module fix for symlink from relative source path 2012-05-01 03:12:13 +02:00
Michael DeHaan
a0ac936a55 Merge pull request #249 from jhoekx/octal-file-mode
Return the octal mode of a file instead of decimal.
2012-04-26 16:25:39 -07:00
Stephen Fromm
5be20f8748 Update file module selinux-awareness
This adds selinux_mls_enabled() and selinux_enabled() to detect a)
whether selinux is MLS aware (ie supports selevel) and b) whether
selinux is enabled.  If selinux is not enabled, all selinux operations
are punted on -- same as if python's selinux module were not available.
In set_context_if_different(), I now iterate over the current context
instead of the context argument.  Even if the system supports MLS, it
may not return the selevel from selinux.lgetfilecon().  Lastly, this
drops selinux_has_selevel() in lieu of the current approach.
2012-04-26 07:31:25 -07:00
Jeroen Hoekx
3594d1ce80 Return the octal mode of a file instead of decimal. 2012-04-26 14:55:31 +02:00
Stephen Fromm
5c74a524b9 Fix for issue #227
Older versions of selinux, such as that deployed on rhel5, only return a
context of user:role:type instead of user:role:type:level.  This detects
whether the tuple has three elements (old-style) or four.  If the
old-style, it keeps the secontext list at three elements.
2012-04-25 09:39:11 -07:00
Michael DeHaan
80e6d83660 Fix bug in library/file 2012-04-24 08:10:50 -04:00
Stephen Fromm
be58995278 Add context=default option to file module
This adjusts behavior of file module such that removal of se* option
does not revert the file's selinux context to the default.  In order to
go back to the default context according to the policy, you can use the
context=default option.
2012-04-21 23:27:34 -07:00
Michael DeHaan
c0c691089d Fix bug in src. Should not code this early :) 2012-04-20 08:09:43 -04:00
Michael DeHaan
7794493952 Don't try to expand path for None values 2012-04-20 08:02:12 -04:00
Michael DeHaan
445e48b991 Call os.path.expanduser in modules so things work as expected even when using ./hacking/test-module script 2012-04-20 07:57:39 -04:00
Stephen Fromm
28895f6615 Rename serange to selevel to be consistent with selinux docs 2012-04-17 17:12:09 -07:00
Stephen Fromm
1e5d34ba35 Add selinux support to file module
This adds the options: seuser, serole, setype, and serange to the file
module.  If the python selinux module doesn't exist, this will set
HAVE_SELINUX to False and punt in the related modules.

This takes the options the user provides and applies those to the
default selinux context as provided from matchpathcon().  If there is no
default context, this uses the value from the current context.  This
implies that if you set the setype and later remove it, the file module
will rever the setype to the default if available.
2012-04-12 10:45:31 -07:00
Michael DeHaan
4792021f47 Fix syntax error in user patch 2012-04-02 20:08:40 -04:00
Matthew Williams
ae38ee0b3f protecting against replacing file or directory with link 2012-04-02 10:21:14 -07:00
Matthew Williams
24f61f1583 "link" state in file module 2012-04-01 16:10:23 -07:00
Michael DeHaan
60bf82d266 Remove comment about FIXME that is already resolved 2012-03-15 23:05:34 -04:00
Michael DeHaan
311b93995c Add some comments 2012-03-15 22:37:37 -04:00
Michael DeHaan
6874d853c9 Fix changed=True/False detection when specifying mode= 2012-03-15 22:35:59 -04:00
Michael DeHaan
4ad885111b Disable debug 2012-03-15 22:04:32 -04:00
Michael DeHaan
5004d21f10 Return file info about the file regardless of changes made 2012-03-15 22:04:04 -04:00
Michael DeHaan
be55145a1e Initial crack at the file module 2012-03-15 21:53:14 -04:00