123
分类: LINUX
2018-03-03 11:54:13
一. 相关软件包
libselinux-python、policycoreutils-python
二. SELinux相关python模块:
三. 常用用法
3.1 获取logins记录
[secadm@localhost bin]$ ls -Z python_selinux
-rwxr-xr-x. root root secadm_u:object_r:semanage_exec_t:s0 python_selinux
[secadm@localhost bin]$ sudo python_selinux
Python 2.7.5 (default, Jan 20 2015, 09:45:41)
[GCC 4.8.3 20140911 (Red Hat 4.8.3-7)] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> import seobject
>>> logins=seobject.loginRecords()
3.2 添、删login
>>> logins.get_all()
{'auditadm': ('auditadm_u', 's0-s15:c0.c1023', '*'), 'secadm': ('secadm_u', 's0-s15:c0.c1023', '*'), 'sysadm': ('spgsysadm_u', 's0-s15:c0.c1023', '*'), 'default': ('user_u', 's0', '*'), 'system_u': ('system_u', 's0-s15:c0.c1023', '*')}
>>>>>> logins.add('yzf','staff_u','s0-s15:c0.c1023')
>>> logins.get_all()
{'system_u': ('system_u', 's0-s15:c0.c1023', '*'), 'auditadm': ('auditadm_u', 's0-s15:c0.c1023', '*'), 'secadm': ('secadm_u', 's0-s15:c0.c1023', '*'), 'yzf': ('staff_u', 's0-s15:c0.c1023', '*'), 'default': ('user_u', 's0', '*'), 'sysadm': ('spgsysadm_u', 's0-s15:c0.c1023', '*')}
>>>
>>> logins.delete('yzf')
>>> logins.get_all()
{'auditadm': ('auditadm_u', 's0-s15:c0.c1023', '*'), 'secadm': ('secadm_u', 's0-s15:c0.c1023', '*'), 'sysadm': ('spgsysadm_u', 's0-s15:c0.c1023', '*'), 'default': ('user_u', 's0', '*'), 'system_u': ('system_u', 's0-s15:c0.c1023', '*')}
>>>
注:以上添、删操作执行完后立即更新到策略中。其他的操作类似。
