One Hat Cyber Team

Your IP: 216.73.216.32
Server IP: 15.204.235.159
Server: Linux srv.techlup.co.ke 4.18.0-553.5.1.el8_10.x86_64 #1 SMP Wed Jun 5 09:12:13 EDT 2024 x86_64
Server Software: Apache
PHP Version: 8.2.27
Buat File | Buat Folder
Dir : ~/usr/share/setroubleshoot/plugins/__pycache__/
View File Name : allow_anon_write.cpython-36.pyc

3

nm�a�
������������������@���sD���d�dl�Z�e�jddd�Zej�Zd�dlT�d�dlmZ�G�dd��de�ZdS�)	�����Nzsetroubleshoot-pluginsT)Zfallback)�*)�Pluginc���������������@���sL���e�Zd�Zed�Zed�Zed�Zed�Zed�Zdd��Z	dd	��Z
d
d��ZdS�)
�pluginz^
    SELinux policy is preventing an httpd script from writing to a public
    directory.
    z�
    SELinux policy is preventing an httpd script from writing to a public
    directory.  If httpd is not setup to write to public directories, this
    could signal an intrusion attempt.
    a
��
    If httpd scripts should be allowed to write to public directories you need to turn on the $BOOLEAN boolean and change the file context of the public directory to public_content_rw_t.  Read the httpd_selinux
    man page for further information:
    "setsebool -P $BOOLEAN=1; chcon -t public_content_rw_t <path>"
    You must also change the default file context labeling files on the system in order to preserve public directory labeling even on a full relabel.  "semanage fcontext -a -t public_content_rw_t <path>"
    zNIf you want to allow $SOURCE_PATH to be able to write to shared public contentz�you need to change the label on $TARGET_PATH to public_content_rw_t, and potentially turn on the allow_httpd_sys_script_anon_write boolean.c�������������C���s���d|�}|S�)Nzo# semanage fcontext -a -t public_content_rw_t $TARGET_PATH
# restorecon -R -v $TARGET_PATH
# setsebool -P %s %s��)�self�avc�argsZdo_textr���r����5/usr/share/setroubleshoot/plugins/allow_anon_write.py�get_do_text/���s����zplugin.get_do_textc�������������C���s���t�j|�t��d|�_d�S�)NZgreen)r����__init__�__name__�level)r���r���r���r	���r���5���s����zplugin.__init__c�������������C���s����|j�dg�r�|j|j�r�|jdg�r.|�jd�S�|jdg�rD|�jd�S�|jdg�rZ|�jd�S�|jd	g�rp|�jd�S�|jdg�r�|�jd�S�|jd
g�r�|�jd�S�d�S�)NZpublic_content_tZhttpd_t�allow_httpd_anon_write�1Zhttpd_sys_script_t�!allow_httpd_sys_script_anon_writeZftpd_t�allow_ftpd_anon_writeZnfsd_t�allow_nfsd_anon_writeZrsync_t�allow_rsync_anon_writeZsmbd_t�allow_smbd_anon_write)r���r���)r���r���)r���r���)r���r���)r���r���)r���r���)Zmatches_target_typesZall_accesses_are_inZcreate_file_permsZmatches_source_typesZreport)r���r���r���r���r	����analyze9���s����





zplugin.analyzeN)r����
__module__�__qualname__�_ZsummaryZproblem_descriptionZfix_descriptionZif_textZ	then_textr
���r���r���r���r���r���r	���r������s���r���)�gettextZtranslationr���Zsetroubleshoot.utilZsetroubleshoot.Pluginr���r���r���r���r���r	����<module>���s
���