Pages

Showing posts with label 2.7. Show all posts
Showing posts with label 2.7. Show all posts

Thursday, March 21, 2019

Fedora 29 : Testing the dnf python module.

Today we tested with Fedora 29 a python module called DNF.
All users have used this tool.
This python module is not very documented on the internet.
A more complex example can be found on DNF tool documentation.
I tried to see what I can get from this module.
Let's start installing it with the pip tool:
$ pip install dnf --user
Here are some tests that I managed to run in the python shell.
[mythcat@desk ~]$ python
Python 2.7.15 (default, Oct 15 2018, 15:26:09) 
[GCC 8.2.1 20180801 (Red Hat 8.2.1-2)] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> import sys
>>> import dnf
>>> dir(dnf)
['Base', 'Plugin', 'VERSION', '__builtins__', '__doc__', '__file__', '__name__', '__package__', 
'__path__', '__version__', 'base', 'callback', 'cli', 'comps', 'conf', 'const', 'crypto', 'db', 
'dnf', 'dnssec', 'drpm', 'exceptions', 'goal', 'history', 'i18n', 'lock', 'logging', 'match_counter',
 'module', 'package', 'persistor', 'plugin', 'pycomp', 'query', 'repo', 'repodict', 'rpm', 'sack',
 'selector', 'subject', 'transaction', 'unicode_literals', 'util', 'warnings', 'yum']
>>> import dnf.conf
>>> print(dnf.conf.Conf())
[main]
assumeno: 0
assumeyes: 0
autocheck_running_kernel: 1
bandwidth: 0
best: 0
...
>>> import dnf.module
>>> import dnf.rpm
>>> import dnf.cli
>>> base = dnf.Base()
>>> base.update_cache()
True
This read all repositories:

>>> base.read_all_repos()
You need to read the sack for querying:

>>> base.fill_sack()

>>> base.sack_activation = True
Create a query to matches all packages in sack:

>>> qr=base.sack.query() 
Get only available packages:

>>> qa=qr.available() 
Get only installed packages:

>>> qi=qr.installed()
>>> q_a=qa.run()
>>> for pkg in qi.run():
...     if pkg not in q_a:
...             print('%s.%s' % (pkg.name, pkg.arch))
... 
NetworkManager-openvpn.x86_64
NetworkManager-openvpn-gnome.x86_64
coolkey.x86_64
glibc-debuginfo.x86_64
glibc-debuginfo-common.x86_64
kernel.x86_64
kernel.x86_64
kernel-core.x86_64
kernel-core.x86_64
Get all packages installed on Linux:

>>> q_i=qi.run()
>>> for pkg in qi.run():
...     print('%s.%s' % (pkg.name, pkg.arch))
You can see more about the Python programming language on my blog.

Thursday, January 24, 2019

Fedora 29 : Selinux and python.

Today I tested the selinux python module with Fedora 29.
The wikipedia page comes with this intro about SELinux: Security-Enhanced Linux (SELinux) is a Linux kernel security module that provides a mechanism for supporting access control security policies, including mandatory access controls (MAC). ... A Linux kernel integrating SELinux enforces mandatory access control policies that confine user programs and system services, as well as access to files and network resources.

This kernel module can help you with security the network and running application on your Linux.
This very complex kernel module can be used with your policy configuration files designed to fix your security issues.
First, the install is easy to do with the dnf tool:
[root@desk mythcat]# dnf install python2-libselinux.x86_64 
Last metadata expiration check: 1:31:46 ago on Thu 24 Jan 2019 07:04:16 AM EET.
Dependencies resolved.
...
Installed:
  python2-libselinux-2.8-6.fc29.x86_64                                          

Complete!
I tested this python module with a few simple examples:
[mythcat@desk ~]$ python 
Python 2.7.15 (default, Oct 15 2018, 15:26:09) 
[GCC 8.2.1 20180801 (Red Hat 8.2.1-2)] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> import selinux
>>> selinux.is_selinux_enabled()
1
>>> selinux.lgetfilecon_raw(".bashrc")
[37, 'unconfined_u:object_r:user_home_t:s0']
>>> selinux.lgetfilecon_raw(".bashrc")
[37, 'unconfined_u:object_r:user_home_t:s0']
>>> selinux.selinux_getpolicytype()[1]
'targeted'
>>> selinux.selinux_getpolicytype()
[0, 'targeted']