Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Context ¶
type Context struct {
// User specifies the SELinux user
User string
// Role specifies the SELinux role
Role string
// Type specifies the SELinux resource type
Type string
// Level specifies the SELinux MCS/MLS security level
Level string
}
Context represents a SELinux label
func NewContext ¶
NewContext creates a new Context struct from the specified label
type FcontextFileItem ¶
type FcontextFileItem struct {
// Path specifies the path this entry is configuring
Path string
// FileType specifies the file type this entry
// targets: any, regular files, sockets, symlinks, etc.
FileType FileType
// Label specifies the SELinux label of this entry
Label *Label
}
FcontextFileItem describes a single item from the filecontext file. References: https://selinuxproject.org/page/NB_RefPolicy and https://www.systutorials.com/docs/linux/man/5-file_contexts/
func ParseFcontextFile ¶
func ParseFcontextFile(r io.Reader) (result []FcontextFileItem, err error)
ParseFcontextFile parses a filecontext file given with r. The parser is simple and line-driven hence it does not support complex constructs like 'ifdef'.
func (FcontextFileItem) AsAddCommand ¶
func (r FcontextFileItem) AsAddCommand() string
AsAddCommand formats this item as a 'semanage fcontext' command to add a new local rule
func (FcontextFileItem) AsRemoveCommand ¶
func (r FcontextFileItem) AsRemoveCommand() string
AsRemoveCommand formats this item as a 'semanage fcontext' command to remove an existing local rule
type FileType ¶
type FileType uint8
FileType describes the type of file specified by a single filecontext item
const ( // AllFiles represents any file type AllFiles FileType = iota // RegularFile represents a regular file RegularFile // BlockDevice represents a block device file BlockDevice // CharDevice represents a character device file CharDevice // NamedPipe represents a named pipe NamedPipe // Socket represents a socket file Socket // Symlink represents a symbolic link Symlink // Directory represents a directory Directory )
func (FileType) AsParameter ¶
AsParameter converts this file type to a type value compatible with 'semanage fcontext' command. See: semanage-fcontext(8)
type Label ¶
type Label struct {
// User specifies the SELinux user
User string
// Role specifies the SELinux role
Role string
// Type specifies the SELinux resource type
Type string
// SecurityRange specifies the MCS/MLS security range
SecurityRange string
}
Label describes an SELinux label
type PortCommand ¶
type PortCommand struct {
// Type specifies the SELinux type for the port object
Type string
// MLS/MCS Security range (MLS/MCS systems only).
// SELinux range for SELinux user; defaults to s0
SecurityRange string
// Protocol for the specified port (tcp|udp) or internet protocol
// version for the specified node (ipv4|ipv6)
Protocol string
// Range specifies the port range value.
// Can specify either a single value like '7000' or a range like '7000-7002'
Range string
}
PortCommand provides syntax support for the 'semanage port' command
func GetLocalPortChangesFromReader ¶
func GetLocalPortChangesFromReader(r io.Reader) ([]PortCommand, error)
GetLocalPortChangesFromReader interprets the specified reader contents as a sequence of 'semanage port' commands
func (*PortCommand) Parse ¶
func (r *PortCommand) Parse(args []string) error
Parse parses port command from the specified arguments
func (*PortCommand) ParseFromString ¶
func (r *PortCommand) ParseFromString(input string) (err error)
ParseFromString parses port command from the specified string
Source Files