xref: /aosp_15_r20/external/selinux/libselinux/src/selinuxswig_python.i (revision 2d543d20722ada2425b5bdab9d0d1d29470e7bba) 
1 /* Author: James Athey
2  */
3 
4 /* Never build rpm_execcon interface */
5 #ifndef DISABLE_RPM
6 #define DISABLE_RPM
7 #endif
8 
9 %module selinux
10 %{
11 	#include "selinux/selinux.h"
12 %}
13 
14 %pythoncode %{
15 
16 import shutil
17 import os
18 
19 DISABLED = -1
20 PERMISSIVE = 0
21 ENFORCING = 1
22 
23 def restorecon(path, recursive=False, verbose=False, force=False, nthreads=1):
24     """ Restore SELinux context on a given path
25 
26     Arguments:
27     path -- The pathname for the file or directory to be relabeled.
28 
29     Keyword arguments:
30     recursive -- Change files and directories file labels recursively (default False)
31     verbose -- Show changes in file labels (default False)
32     force -- Force reset of context to match file_context for customizable files,
33     and the default file context, changing the user, role, range portion  as well
34     as the type (default False)
35     nthreads -- The number of threads to use during relabeling, or 0 to use as many
36     threads as there are online CPU cores (default 1)
37     """
38 
39     restorecon_flags = SELINUX_RESTORECON_IGNORE_DIGEST | SELINUX_RESTORECON_REALPATH
40     if recursive:
41         restorecon_flags |= SELINUX_RESTORECON_RECURSE
42     if verbose:
43         restorecon_flags |= SELINUX_RESTORECON_VERBOSE
44     if force:
45         restorecon_flags |= SELINUX_RESTORECON_SET_SPECFILE_CTX
46     selinux_restorecon_parallel(os.path.expanduser(path), restorecon_flags, nthreads)
47 
48 def chcon(path, context, recursive=False):
49     """ Set the SELinux context on a given path """
50     lsetfilecon(path, context)
51     if recursive:
52         for root, dirs, files in os.walk(path):
53             for name in files + dirs:
54                 lsetfilecon(os.path.join(root, name), context)
55 
56 def copytree(src, dest):
57     """ An SELinux-friendly shutil.copytree method """
58     shutil.copytree(src, dest)
59     restorecon(dest, recursive=True)
60 
61 def install(src, dest):
62     """ An SELinux-friendly shutil.move method """
63     shutil.move(src, dest)
64     restorecon(dest, recursive=True)
65 %}
66 
67 /* security_get_boolean_names() typemap */
68 %typemap(argout) (char ***names, int *len) {
69 	PyObject* list = PyList_New(*$2);
70 	int i;
71 	for (i = 0; i < *$2; i++) {
72 		PyList_SetItem(list, i, PyString_FromString((*$1)[i]));
73 	}
74 	$result = SWIG_AppendOutput($result, list);
75 }
76 
77 /* return a sid along with the result */
78 %typemap(argout) (security_id_t * sid) {
79 	if (*$1) {
80                 %append_output(SWIG_NewPointerObj(*$1, $descriptor(security_id_t), 0));
81 	} else {
82 		Py_INCREF(Py_None);
83 		%append_output(Py_None);
84 	}
85 }
86 
87 %typemap(in,numinputs=0) security_id_t *(security_id_t temp) {
88   $1 = &temp;
89 }
90 
91 %typemap(in, numinputs=0) void *(char *temp=NULL) {
92 	$1 = temp;
93 }
94 
95 /* Makes security_compute_user() return a Python list of contexts */
96 %typemap(argout) (char ***con) {
97 	PyObject* plist;
98 	int i, len = 0;
99 
100 	if (*$1) {
101 		while((*$1)[len])
102 			len++;
103 		plist = PyList_New(len);
104 		for (i = 0; i < len; i++) {
105 			PyList_SetItem(plist, i, PyString_FromString((*$1)[i]));
106 		}
107 	} else {
108 		plist = PyList_New(0);
109 	}
110 
111 	$result = SWIG_AppendOutput($result, plist);
112 }
113 
114 /* Makes functions in get_context_list.h return a Python list of contexts */
115 %typemap(argout) (char ***list) {
116 	PyObject* plist;
117 	int i;
118 
119 	if (*$1) {
120 		plist = PyList_New(result);
121 		for (i = 0; i < result; i++) {
122 			PyList_SetItem(plist, i, PyString_FromString((*$1)[i]));
123 		}
124 	} else {
125 		plist = PyList_New(0);
126 	}
127 	/* Only return the Python list, don't need to return the length anymore */
128 	$result = plist;
129 }
130 
131 %typemap(in,noblock=1,numinputs=0) char ** (char * temp = 0) {
132 	$1 = &temp;
133 }
134 %typemap(freearg,match="in") char ** "";
135 %typemap(argout,noblock=1) char ** {
136 	if (*$1) {
137 		%append_output(SWIG_FromCharPtr(*$1));
138 		freecon(*$1);
139 	}
140 	else {
141 		Py_INCREF(Py_None);
142 		%append_output(Py_None);
143 	}
144 }
145 
146 %typemap(in,noblock=1,numinputs=0) char ** (char * temp = 0) {
147 	$1 = &temp;
148 }
149 %typemap(freearg,match="in") char ** "";
150 %typemap(argout,noblock=1) char ** {
151 	if (*$1) {
152 		%append_output(SWIG_FromCharPtr(*$1));
153 		free(*$1);
154 	}
155 	else {
156 		Py_INCREF(Py_None);
157 		%append_output(Py_None);
158 	}
159 }
160 
161 %include "selinuxswig_python_exception.i"
162 %include "selinuxswig.i"
163