-
Notifications
You must be signed in to change notification settings - Fork 6
/
Copy pathpolicy.py
41 lines (32 loc) · 999 Bytes
/
policy.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
#!/usr/env/python
import re
with open("sedenials") as f:
content = f.readlines()
content = [x.strip() for x in content]
commands = []
for line in content:
result = re.search('scontext=u:r:(.*):', line)
if result is not None:
offender = result.group(1).split(":")[0]
else:
continue
result = re.search('tcontext=u:object_r:(.*):', line)
if result is not None:
context = result.group(1).split(":")[0]
else:
continue
result = re.search('tclass=(.*)', line)
if result is not None:
sclass = result.group(1).split(" ")[0]
else:
continue
result = re.search('denied { (.*) }', line)
if result is not None:
permission = result.group(1).split("}")[0]
else:
continue
final_command = "allow " + offender + " " + context + ":" + sclass + " {" + permission + "};"
if final_command not in commands:
commands.append(final_command)
for command in commands:
print(command)