I'm trying to make modifications to semanage so that it's easier to
delete all ports for a given context, ie:
# semanage port -d -t crossfire_port_t
# semanage port -d -t crossfire_port_t -d tcp
However, I'm a little confused by the workings of the semanage python
modules.
/usr/sbin/semange makes the following call to delete the ports:
OBJECT = seobject.portRecords()
...
OBJECT.delete(target, proto)
Where 'target' is the port number to delete, and proto is the protocol
(tcp or udp). OBJECT is an array of selinux objects on which to operate.
Presumably, either the OBJECT list contains only the selinux objects
that match the input context (such as crossfire_port_t), or the delete()
method has some magic to filter only the matching contexts. Since I
couldn't find any code to support the latter, I suspect the former.
Can someone explain how this OBJECT array gets filtered to only contain
matching contexts? It's not obvious how this happens when the OBJECT
array is created with seobject.portRecords().
Thanks,
--Mike
--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
