a Z`_ @sDddlZejdddZejZddlTddlmZGdddeZdS) Nzsetroubleshoot-pluginsT)Zfallback)*)Pluginc@sLeZdZedZedZdZdZedZedZ edZ ddZ d d Z d S) pluginz3 Your system may be seriously compromised! a SELinux has prevented $SOURCE from modifying $TARGET. This denial indicates $SOURCE was trying to modify the selinux policy configuration. All applications that need this access should have already had policy written for them. If a compromised application tries to modify the SELinux policy this AVC will be generated. This is a serious issue. Your system may very well be compromised. z:Contact your security administrator and report this issue.zUIf you do not think $SOURCE_BASE_PATH should try $ACCESS access on $TARGET_BASE_PATH.z]you may be under attack by a hacker, since confined applications should not need this access.cCst|td|_dS)NZred)r__init____name__level)selfr 2/usr/share/setroubleshoot/plugins/selinuxpolicy.pyr0s zplugin.__init__cCs.|dgs|r*|gdr*|SdS)Nwrite)Zselinux_config_tZdefault_context_tZfile_context_tZsemanage_store_tZsemanage_read_lock_tZsemanage_trans_lock_tZload_policy_exec_tZsetfiles_exec_tZcheckpolicy_exec_tZnewrole_exec_tZ policy_src_tZrestorecond_exec_tZrun_init_exec_tZsetsebool_exec_tZsemanage_exec_tZselinux_var_lib_t)Zhas_any_access_inZopen_with_writeZmatches_target_typesZreport)r Zavcr r r analyze4s  zplugin.analyzeN) r __module__ __qualname___ZsummaryZproblem_descriptionZfix_descriptionZfix_cmdZif_textZ then_textZdo_textrr r r r r rs r)gettextZ translationrZsetroubleshoot.utilZsetroubleshoot.Pluginrrr r r r s