3

nm�a_�@sDdd
lZej
ddd�Z
e
jZddlTddlmZ
Gdd�de�Zd
S)	�Nzsetroubleshoot-pluginsT)
Zfallback)
�
*)
�Pluginc@sLeZ
dZed
�
Zed�
ZdZdZed�
Zed�
Z	ed�
Z
dd�Zd	d
�ZdS)�pluginz3
    Your system may be seriously compromised!
    a�

    SELinux has prevented $SOURCE from modifying $TARGET.  This denial
    indicates $SOURCE was trying to modify the selinux policy configuration.
    All applications that need this access should have already had policy
    written for them.  If a compromised application tries to modify the SELinux
    policy this AVC will be generated. This is a serious issue. Your system
    may very well be compromised.
    z:Contact your security administrator and report this issue.�zUIf you do not think $SOURCE_BASE_PATH should try $ACCESS access on $TARGET_BASE_PATH.z]you may be under attack by a hacker, since confined applications should not need this access.c

Cstj
|t�
d
|_dS)NZred)r�__init__�__name__�level)
�self�r
�2/usr/share/setroubleshoot/plugins/selinuxpolicy.pyr0s

zplugin.__init__cCsJ|
jd
g
�
s|
j
�rF|
jdddddddd	d
ddd
ddddg�
rF|j�SdS)N�writeZselinux_config_tZdefault_context_tZfile_context_tZsemanage_store_tZsemanage_read_lock_tZsemanage_trans_lock_tZload_policy_exec_tZsetfiles_exec_tZcheckpolicy_exec_tZnewrole_exec_tZpolicy_src_tZrestorecond_exec_tZrun_init_exec_tZsetsebool_exec_tZsemanage_exec_tZselinux_var_lib_t)Zhas_any_access_inZopen_with_writeZmatches_target_typesZreport)r	Zavcr
r
r�analyze4s&

















zplugin.analyzeN)
r�
__module__�__qualname__�
_ZsummaryZproblem_descriptionZfix_descriptionZfix_cmdZif_textZ	then_textZdo_textrr
r
r
r
rrs




r)�gettextZtranslationrZsetroubleshoot.utilZsetroubleshoot.Pluginrrr
r
r
r�<module>s