a hv@sdZddlZddlZzddlmZWneyBddlmZYn0ddlZddlZddl Z ddl Z ddl m Z ddZ Gdd d Zd d ZGd d d ZdS)zU Utilities for dealing with the compilation of modules and creation of module tress. N)getstatusoutput)defaultscCs0td|}t|dkr(|dr(dSdSdS)z'Check that a module name is valid. z[^a-zA-Z0-9_\-\.]rTFN)refindalllenisalpha)modnamemr 3/usr/lib/python3.9/site-packages/sepolgen/module.py is_valid_name(s r c@sNeZdZddZddZddZddZd d Zd d Zd dZ dddZ dS) ModuleTreecCs||_d|_dSN)r dirname)selfr r r r __init__2szModuleTree.__init__cCs|jSrrrr r r dir_name6szModuleTree.dir_namecCs|jd|jdS)N/z.terr rr r r te_name9szModuleTree.te_namecCs|jd|jdS)Nrz.fcrrr r r fc_name<szModuleTree.fc_namecCs|jd|jdS)Nrz.ifrrr r r if_name?szModuleTree.if_namecCs|jd|jdS)Nr.pprrr r r package_nameBszModuleTree.package_namecCs |jdS)Nz /Makefilerrr r r makefile_nameEszModuleTree.makefile_nameNcCs|d|j|_t|jt|d}|r>|d|n|dt| t| d t| d t| d dS)Nrwzinclude ) r rosmkdiropenrwriterrefpolicy_makefilecloserrr)rZparent_dirnameZmakefile_includefdr r r createHs zModuleTree.create)N) __name__ __module__ __qualname__rrrrrrrr&r r r r r1srcCstjtj|ddS)Nrr)rpathsplitextsplit) sourcenamer r r modname_from_sourcenameXsr.c@sTeZdZdZdddZddZddZd d Zdd d ZddZ ddZ ddZ dS)ModuleCompilerasModuleCompiler eases running of the module compiler. The ModuleCompiler class encapsulates running the commandline module compiler (checkmodule) and module packager (semodule_package). You are likely interested in the create_module_package method. Several options are controlled via parameters (only effects the non-refpol builds): .mls [boolean] Generate an MLS module (by passed -M to checkmodule). True to generate an MLS module, false otherwise. .module [boolean] Generate a module instead of a base module. True to generate a module, false to generate a base. .checkmodule [string] Fully qualified path to the module compiler. Default is /usr/bin/checkmodule. .semodule_package [string] Fully qualified path to the module packager. Defaults to /usr/bin/semodule_package. .output [file object] File object used to write verbose output of the compililation and packaging process. NcCs<t|_d|_d|_d|_||_d|_t |_ d|_ dS)zCreate a ModuleCompiler instance, optionally with an output file object for verbose output of the compilation process. Tz/usr/bin/checkmodulez/usr/bin/semodule_packagez /usr/bin/makeN) selinuxZis_selinux_mls_enabledmlsmodule checkmodulesemodule_packageoutput last_outputrr#refpol_makefilemake)rr6r r r rts  zModuleCompiler.__init__cCs |jr|j|d||_dS)N )r6r"r7)rstrr r r oszModuleCompiler.ocCs$||t|\}}|||Sr)r<r)rcommandrcr6r r r runs   zModuleCompiler.runcCsJ|d}t|dkr td|d|dd}|d}|d}||fS)zGenerate the module and policy package filenames from a source file name. The source file must be in the form of "foo.te". This will generate "foo.mod" and "foo.pp". Returns a tuple with (modname, policypackage). .z,invalid sourcefile name %s (must end in .te)rz.modr)r,r RuntimeErrorjoin)rr-Z splitnamebasenamer packagenamer r r gen_filenamess   zModuleCompiler.gen_filenamesTcCsD|r||n0||\}}||||||t|dS)aCreate a module package saved in a packagename from a sourcename. The create_module_package creates a module package saved in a file named sourcename (.pp is the standard extension) from a source file (.te is the standard extension). The source file should contain SELinux policy statements appropriate for a base or non-base module (depending on the setting of .module). Only file names are accepted, not open file objects or descriptors because the command line SELinux tools are used. On error a RuntimeError will be raised with a descriptive error message. N) refpol_buildrGcompilepackagerunlink)rr-Z refpolicyr rFr r r create_module_packages    z$ModuleCompiler.create_module_packagecCs4|jd|j}||}|dkr0td|jdS)Nz -f rcompilation failed: %s)r9r8r?rCr7)rr-r=r>r r r rHs zModuleCompiler.refpol_buildcCsp|jg}|jr|d|jr(|d|d|||||d|}|dkrltd|jdS)Nz-M-m-o rrM)r4r2appendr3r?rDrCr7)rr-r sr>r r r rIs     zModuleCompiler.compilecCsZ|jg}|d|||d|||d|}|dkrVtd|jdS)NrOrNrPrzpackaging failed [%s])r5rQr?rDrCr7)rr rFrRr>r r r rJs    zModuleCompiler.package)N)T) r'r(r)__doc__rr<r?rGrLrHrIrJr r r r r/[s   r/)rSrZtempfile subprocessr ImportErrorZcommandsrZos.pathshutilr1r0rr rr.r/r r r r s   '