Selinux Facts

See also: Selinux Operations.

selinux.FileContext

host.get_fact(FileContext, path)

Returns structured SELinux file context data for a specified file or None if the file does not exist.

{
    "user": "system_u",
    "role": "object_r",
    "type": "default_t",
    "level": "s0",
}

selinux.FileContextMapping

host.get_fact(FileContextMapping, target)

Returns structured SELinux file context data for the specified target path prefix using the same format as selinux.FileContext. If there is no mapping, it returns {} Note: This fact requires root privileges.

selinux.SEBoolean

host.get_fact(SEBoolean, boolean)

Returns the status of a SELinux Boolean as a string (on or off). If boolean does not exist, SEBoolean returns the empty string.

selinux.SEPort

host.get_fact(SEPort, protocol, port)

Returns the SELinux ‘type’ for the specified protocol (tcp|udp|dccp|sctp) and port number. If no type has been set, SEPort returns the empty string. Note: policycoreutils-dev must be installed for this to work.

selinux.SEPorts

host.get_fact(SEPorts, )

Returns the SELinux ‘type’ definitions for (tcp|udp|dccp|sctp) ports. Note: This fact requires root privileges.

{
    "tcp": { 22: "ssh_port_t", ...},
    "udp": { ...}
}