2013-03-17 17:06:52 -04:00
#
2013-10-27 21:59:46 +01:00
# Copyright 2010, 2012-2013 Red Hat, Inc.
2013-03-17 17:06:52 -04:00
# Cole Robinson <crobinso@redhat.com>
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
2013-10-27 21:59:47 +01:00
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
2013-03-17 17:06:52 -04:00
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
# MA 02110-1301 USA.
2014-09-12 15:59:22 -04:00
from . xmlbuilder import XMLBuilder , XMLProperty
2013-03-17 17:06:52 -04:00
2013-04-13 14:34:52 -04:00
2013-07-13 18:56:09 -04:00
class Seclabel ( XMLBuilder ) :
2013-03-17 17:06:52 -04:00
"""
Class for generating < seclabel > XML
"""
2013-07-16 12:30:43 -04:00
TYPE_DYNAMIC = " dynamic "
TYPE_STATIC = " static "
TYPE_DEFAULT = " default "
TYPES = [ TYPE_DYNAMIC , TYPE_STATIC ]
2013-03-17 17:06:52 -04:00
MODEL_DEFAULT = " default "
2013-07-16 12:30:43 -04:00
MODEL_TEST = " testSecurity "
MODEL_SELINUX = " selinux "
MODEL_DAC = " dac "
MODEL_NONE = " none "
MODELS = [ MODEL_SELINUX , MODEL_DAC , MODEL_NONE ]
2013-03-17 17:06:52 -04:00
2013-09-11 11:47:09 -04:00
_XML_ROOT_NAME = " seclabel "
2013-07-16 12:30:43 -04:00
_XML_PROP_ORDER = [ " type " , " model " , " relabel " , " label " , " imagelabel " ]
2013-03-17 17:06:52 -04:00
2013-07-16 12:30:43 -04:00
def _guess_secmodel ( self ) :
2013-03-17 17:06:52 -04:00
# We always want the testSecurity model when running tests
2013-07-16 12:30:43 -04:00
if ( self . MODEL_TEST in
2013-07-06 14:12:13 -04:00
[ x . model for x in self . conn . caps . host . secmodels ] ) :
2013-07-16 12:30:43 -04:00
return self . MODEL_TEST
label = self . label
imagelabel = self . imagelabel
2013-03-17 17:06:52 -04:00
if not label and not imagelabel :
2013-07-16 12:30:43 -04:00
for model in self . MODELS :
if model in [ x . model for x in self . conn . caps . host . secmodels ] :
return model
raise RuntimeError ( " No supported model found in capabilities " )
2013-03-17 17:06:52 -04:00
lab_len = imglab_len = None
if label :
lab_len = min ( 3 , len ( label . split ( ' : ' ) ) )
if imagelabel :
imglab_len = min ( 3 , len ( imagelabel . split ( ' : ' ) ) )
if lab_len and imglab_len and lab_len != imglab_len :
raise ValueError ( " Label and Imagelabel are incompatible " )
lab_len = lab_len or imglab_len
if lab_len == 3 :
2013-07-16 12:30:43 -04:00
return self . MODEL_SELINUX
2013-03-17 17:06:52 -04:00
elif lab_len == 2 :
2013-07-16 12:30:43 -04:00
return self . MODEL_DAC
2013-03-17 17:06:52 -04:00
else :
raise ValueError ( " Unknown model type for label ' %s ' " % self . label )
2013-07-16 12:30:43 -04:00
def _get_default_model ( self ) :
if self . type is None or self . type == self . TYPE_DEFAULT :
return None
return self . _guess_secmodel ( )
2013-09-19 13:27:30 -04:00
model = XMLProperty ( " ./@model " ,
2013-07-16 12:30:43 -04:00
default_cb = _get_default_model ,
default_name = MODEL_DEFAULT )
def _get_default_type ( self ) :
if self . model is None or self . model == self . MODEL_DEFAULT :
return None
return self . TYPE_DYNAMIC
2013-09-19 13:27:30 -04:00
type = XMLProperty ( " ./@type " ,
2013-07-16 12:30:43 -04:00
default_cb = _get_default_type ,
default_name = TYPE_DEFAULT )
2013-09-19 13:27:30 -04:00
label = XMLProperty ( " ./label " )
imagelabel = XMLProperty ( " ./imagelabel " )
2015-05-03 18:08:10 -04:00
baselabel = XMLProperty ( " ./baselabel " )
2013-09-19 13:27:30 -04:00
relabel = XMLProperty ( " ./@relabel " , is_yesno = True )
