Selinux Facts¶
See also: Selinux Operations.
selinux.FileContext
¶
host.get_fact(FileContext, path)
Returns structured SELinux file context data for a specified file
or None
if the file does not exist.
{
"user": "system_u",
"role": "object_r",
"type": "default_t",
"level": "s0",
}
selinux.FileContextMapping
¶
host.get_fact(FileContextMapping, target)
Returns structured SELinux file context data for the specified target path prefix
using the same format as selinux.FileContext.
If there is no mapping, it returns {}
Note: This fact requires root privileges.
selinux.SEBoolean
¶
host.get_fact(SEBoolean, boolean)
Returns the status of a SELinux Boolean as a string (on
or off
).
If boolean
does not exist, SEBoolean
returns the empty string.
selinux.SEPort
¶
host.get_fact(SEPort, protocol, port)
Returns the SELinux ‘type’ for the specified protocol (tcp|udp|dccp|sctp)
and port number.
If no type has been set, SEPort
returns the empty string.
Note: policycoreutils-dev
must be installed for this to work.
selinux.SEPorts
¶
host.get_fact(SEPorts, )
Returns the SELinux ‘type’ definitions for (tcp|udp|dccp|sctp)
ports.
Note: This fact requires root privileges.
{
"tcp": { 22: "ssh_port_t", ...},
"udp": { ...}
}