��
�Udac������������@`��s^���d��d��l��m��Z��m��Z��m��Z���e��Z��i��d��d��6d��g��d��6d��d��6Z��d��Z��d �Z��d��d
�l �Z �d
�Z��y��d��d
�l��Z��e
�Z��Wn#��e��k
�r�����e �j�����Z��e��Z��n��Xd
�Z��y��d��d
�l��Z��e
�Z��Wn#��e��k
�r�����e �j�����Z��e��Z��n��Xd��d��l��m��Z��m��Z���d��d��l��m��Z���e��d
����Z��d�����Z��d�����Z��d��d��d�����Z��d��d�����Z��d�����Z��e �d��k��rZ�e������n��d
�S(����i����(����t����absolute_importt����divisiont����print_functions����1.1t����metadata_versiont����previewt����statust ���communityt����supported_byse���
---
module: seport
short_description: Manages SELinux network port type definitions
description:
- Manages SELinux network port type definitions.
version_added: "2.0"
options:
ports:
description:
- Ports or port ranges.
- Can be a list (since 2.6) or comma separated string.
type: list
required: true
proto:
description:
- Protocol for the specified port.
type: str
required: true
choices: [ tcp, udp ]
setype:
description:
- SELinux type for the specified port.
type: str
required: true
state:
description:
- Desired boolean value.
type: str
choices: [ absent, present ]
default: present
reload:
description:
- Reload SELinux policy after commit.
type: bool
default: yes
ignore_selinux_state:
description:
- Run independent of selinux runtime state
type: bool
default: no
version_added: '2.8'
notes:
- The changes are persistent across reboots.
- Not tested on any debian based system.
requirements:
- libselinux-python
- policycoreutils-python
author:
- Dan Keder (@dankeder)
sm���
- name: Allow Apache to listen on tcp port 8888
seport:
ports: 8888
proto: tcp
setype: http_port_t
state: present
- name: Allow sshd to listen on tcp port 8991
seport:
ports: 8991
proto: tcp
setype: ssh_port_t
state: present
- name: Allow memcached to listen on tcp ports 10000-10100 and 10112
seport:
ports: 10000-10100,10112
proto: tcp
setype: memcache_port_t
state: present
- name: Allow memcached to listen on tcp ports 10000-10100 and 10112
seport:
ports:
- 10000-10100
- 10112
proto: tcp
setype: memcache_port_t
state: present
N(����t
���AnsibleModulet����missing_required_lib(����t ���to_nativec������������C`��s����|��t��k��r��t��St��j�����S(����N(����t����Truet����selinuxt����is_selinux_enabled(����t����ignore_selinux_state(����(����sA���/usr/lib/python2.7/site-packages/ansible/modules/system/seport.pyt����get_runtime_statusx���s������c������������C`��s4���|��j�����}��|��|��f��|��k��r,�|��|��|��f���Sg��Sd��S(����sF��� Get the list of ports that have the specified type definition.
:param seport: Instance of seobject.portRecords
:type setype: str
:param setype: SELinux type.
:type proto: str
:param proto: Protocol ('tcp' or 'udp')
:rtype: list
:return: List of ports that have the specified SELinux type.
N(����t����get_all_by_type(����t����seportt����setypet����protot����records(����(����sA���/usr/lib/python2.7/site-packages/ansible/modules/system/seport.pyt����semanage_port_get_ports|���s������������c������������C`��s���|��j��d��d�����}��t��|�����d��k��r4�|��j��|������n��t��|��d������t��|��d������|��f��}��|��j�����}��|��|��k��rw�|��|���Sd��Sd��S(����sk��� Get the SELinux type of the specified port.
:param seport: Instance of seobject.portRecords
:type port: str
:param port: Port or port range (example: "8080", "8080-9090")
:type proto: str
:param proto: Protocol ('tcp' or 'udp')
:rtype: tuple
:return: Tuple containing the SELinux type and MLS/MCS level, or None if not found.
t����-i����i����N(����t����splitt����lent����extendt����intt����get_allt����None(����R����t����portR����t����portst����keyR����(����(����sA���/usr/lib/python2.7/site-packages/ansible/modules/system/seport.pyt����semanage_port_get_type����s������������#�������t����s0t����c����
��� ���C`��s)���y��t��j��|�����}��|��j��|������t��}��t��|��|��|�����} �x��|��D]��}
�|
�| �k��r>�t��}��t��|��|
�|�����}��|��d��k��r��|��j���r��|��j �|
�|��|��|������q��|��d��k �r��|��j���r��|��j
�|
�|��|��|������q��q>�q>�WWnT��t��t��t
�t��t��f��k
�r$��}���|��j��d��d��|��j��j��t��|�����f���d��t��j���������n��X|��S(����s���� Add SELinux port type definition to the policy.
:type module: AnsibleModule
:param module: Ansible module
:type ports: list
:param ports: List of ports and port ranges to add (e.g. ["8080", "8080-9090"])
:type proto: str
:param proto: Protocol ('tcp' or 'udp')
:type setype: str
:param setype: SELinux type
:type do_reload: bool
:param do_reload: Whether to reload SELinux policy after commit
:type serange: str
:param serange: SELinux MLS/MCS range (defaults to 's0')
:type sestore: str
:param sestore: SELinux store
:rtype: bool
:return: True if the policy was changed, otherwise False
t����msgs����%s: %s
t ���exceptionN(����t����seobjectt����portRecordst
���set_reloadt����FalseR����R����R ���R����t
���check_modet����addt����modifyt
���ValueErrort����IOErrort����KeyErrort����OSErrort����RuntimeErrort ���fail_jsont ���__class__t����__name__R
���t ���tracebackt
���format_exc(
���t����moduleR����R����R����t ���do_reloadt����seranget����sestoreR����t����changet
���ports_by_typeR����t ���port_typet����e(����(����sA���/usr/lib/python2.7/site-packages/ansible/modules/system/seport.pyt����semanage_port_add����s ���������
�����
�������������$���6�c�������� ���C`��s����yz�t��j��|�����}��|��j��|������t��}��t��|��|��|�����}��x?�|��D]7�} �| �|��k��r>�t��}��|��j��su�|��j��| �|������qu�q>�q>�WWnT��t��t �t
�t��t��f��k
�r���}
��|��j
�d��d��|
�j��j��t��|
����f���d��t��j���������n��X|��S(����sM��� Delete SELinux port type definition from the policy.
:type module: AnsibleModule
:param module: Ansible module
:type ports: list
:param ports: List of ports and port ranges to delete (e.g. ["8080", "8080-9090"])
:type proto: str
:param proto: Protocol ('tcp' or 'udp')
:type setype: str
:param setype: SELinux type.
:type do_reload: bool
:param do_reload: Whether to reload SELinux policy after commit
:type sestore: str
:param sestore: SELinux store
:rtype: bool
:return: True if the policy was changed, otherwise False
R#���s����%s: %s
R$���(����R%���R&���R'���R(���R����R����R)���t����deleteR,���R-���R.���R/���R0���R1���R2���R3���R
���R4���R5���(����R6���R����R����R����R7���R9���R����R:���R;���R����R=���(����(����sA���/usr/lib/python2.7/site-packages/ansible/modules/system/seport.pyt����semanage_port_del����s����������
�����
����� �����6�c������������C`��s����t��d��t��d��t��d��d��d��t�����d��t��d��d��d��t�����d �t��d��d
�d��t��d��d��d
�g�����d��t��d��d
�d��t�����d��t��d��d
�d��d��d��d��d��g�����d��t��d��d��d��t��������d��t�����}��t��s��|��j��d��t��d�����d��t������n��t��s��|��j��d��t��d�����d��t �����n��|��j
�d���}��t��|�����s$�|��j��d��d������n��|��j
�d���}��|��j
�d ��}��|��j
�d���}��|��j
�d���}��|��j
�d���}��i��|��d��6|��d �6|��d��6|��d��6}��|��d��k��r��t��|��|��|��|��|�����|��d��<nD�|��d��k��r��t
�|��|��|��|��|�����|��d��<n��|��j��d��d��j��|���������|��j��|������d��S(����Nt
���argument_specR����t����typet����boolt����defaultR����t����listt����requiredR����t����strt����choicest����tcpt����udpR����t����statet����presentt����absentt����reloadt����supports_check_modeR#���s����libselinux-pythonR$���s����policycoreutils-pythons!���SELinux is disabled on this host.t����changeds&���Invalid value of argument "state": {0}(����R����t����dictR(���R����t����HAVE_SELINUXR1���R ���t����SELINUX_IMP_ERRt
���HAVE_SEOBJECTt����SEOBJECT_IMP_ERRt����paramsR����R>���R@���t����formatt ���exit_json(����R6���R����R����R����R����RK���R7���t����result(����(����sA���/usr/lib/python2.7/site-packages/ansible/modules/system/seport.pyt����main����s@�������������!���!��� ���������
�����
�
�
�
�
���������
�����������t����__main__(!���t
���__future__R����R����R����RB���t
���__metaclass__t����ANSIBLE_METADATAt
���DOCUMENTATIONt����EXAMPLESR4���R����RS���R����R����RR���t����ImportErrorR5���R(���RU���R%���RT���t����ansible.module_utils.basicR����R ���t����ansible.module_utils._textR
���R����R����R ���R>���R@���RZ���R3���(����(����(����sA���/usr/lib/python2.7/site-packages/ansible/modules/system/seport.pyt����<module>����s>�������
�
�
4� ����������
�
���
�������
�
���
������� � ��/�) /��
Anons79 File Manager Version 1.0, Coded By Anons79
Email: [email protected]
Anons79 Mini Shell