===== Python bindings example =====
Thoses are example of making python bindings for RSBAC, with just a sample binding.

NOTE: there is a more complex pyrex version in SVN

Copy all and ''make'' :)


  file: rsbac.c
<code c>
#include <Python.h>
#include <rsbac/types.h>
#include <rsbac/aci_data_structures.h>
#include <rsbac/getname.h>
#include <rsbac/syscalls.h>
#include <rsbac/error.h>
#include <rsbac/helpers.h>

union rsbac_attribute_value_t value;
enum rsbac_switch_target_t module;
enum rsbac_target_t target;
enum rsbac_attribute_t attr;
char * progname;
char * target_n;
rsbac_list_ta_number_t ta_number = 0;
rsbac_version_t version=RSBAC_VERSION_NR;

/* AUTH module
 * caps
 * may_setcaps
 * may_setuid
 * learn
 */

/* TODO static PyObject *
py_auth_caps(PyObject *self, PyObject *args)
{
        const char *path;
        const int *pvalue;

        struct rsbac_auth_cap_range_t cap_range;

        if (!PyArg_ParseTuple(args, "si", &path, &pvalue))
                return NULL;

        reply = rsbac_auth_add_f_cap(0, path, ACT_real, cap_range, 0);
}*/

static PyObject *
py_auth_may_set_cap(PyObject *self, PyObject *args)
{
        const char *path;
        const int *pvalue;
        int reply = 0;
        if (!PyArg_ParseTuple(args, "si", &path, &pvalue))
                 return NULL;
        value.auth_may_set_cap = (int)pvalue;
        reply = rsbac_set_attr_n(0, AUTH, T_FD, (char*)path, A_auth_may_set_cap, &pvalue);
        return Py_BuildValue("i", reply);
}

static PyObject *
py_auth_may_setuid(PyObject *self, PyObject *args)
{
        const char *path;
        const int *pvalue;
        int reply = 0;
        if (!PyArg_ParseTuple(args, "si", &path, &pvalue))
                return NULL;
        value.auth_may_setuid = (int) pvalue;
        reply = rsbac_set_attr_n(0, AUTH, T_FD, (char*) path, A_auth_may_setuid, &value);
        return Py_BuildValue("i", reply);
}

static PyObject *
py_auth_learn(PyObject *self, PyObject *args)
{
        const char *path;
        const int *pvalue;
        int reply = 0;
        if (!PyArg_ParseTuple(args, "si", &path, &pvalue))
                return NULL;
        value.auth_learn =  (int) pvalue;
        reply = rsbac_set_attr_n(0, AUTH, T_FD, (char*) path, A_auth_learn, &value);
        return Py_BuildValue("i", reply);
}

static PyMethodDef RSBACMethods[] = {
        { "auth_may_set_cap", py_auth_may_set_cap, METH_VARARGS, "Allow AUTH to set caps on FD\n" },
        { "auth_may_setuid", py_auth_may_setuid, METH_VARARGS, "Allow AUTH setuid on FD\n" },
        { "auth_learn", py_auth_learn, METH_VARARGS, "Allow AUTH learning on FD\n" },
        {NULL, NULL, 0, NULL}
};


PyMODINIT_FUNC
initrsbac(void){
        (void)  Py_InitModule("rsbac", RSBACMethods);
}
</code>

  file: setup.py
<code python>
#!/usr/bin/python
from distutils.core import setup, Extension

module1 = Extension('rsbac',
                include_dirs = ['/usr/src/linux/include'],
                libraries = ['rsbac'],
                sources = ['rsbac.c'])

setup (name = 'RSBAC',
                version = '1.0',
                description = 'RSBAC API for python',
                ext_modules = [module1])
</code>

  file: Makefile
<code>
all:
        python setup.py build
install:
        python setup.py install
clean:
        rm -r build
</code>

  file: test.py
<code python>
#!/usr/bin/python
import rsbac
import sys

print "Ok, what file to operate on ?"
print "(^D validates)"
path = sys.stdin.read()
path = path.replace('\n', '')
print path+": 1 or 0 to enable/disable may setuid"
attrval = sys.stdin.read()
attrval = attrval.replace('\n', '')

rsbac.attr_set_fd(path, int(attrval))
</code>