# Android SETools: Policy analysis tools for SELinux
## Android-SETools
Open-source fork from the SELinux Project SETools framework, with emphasis
on support of analyzing Android SELinux policy files.
## Overview
This file describes SETools. SETools is a collection of graphical tools,
command-line tools, and libraries designed to facilitate SELinux policy
analysis. Please consult the KNOWN-BUGS file prior to reporting bugs.
## Installation
SETools uses the Python setuptools build system to build, and install.
As such it contains a setup.py script that will install the tools.
To run SETools command line tools, the following packages are required:
* Python 3.8+
* NetworkX 2.0+ (2.6+ for Python 3.9+)
* setuptools
* libselinux
* libsepol 3.2+
To run SETools graphical tools, the following packages are also required:
* PyQt5
* qt5-assistant
* qt-devel (only if rebuilding the help file)
To build SETools, the following development packages are required, in
addition to the development packages from the above list:
* gcc
* cython 0.27+ (0.29.14+ for Python 3.8+)
To run SETools unit tests, the following packages are required, in
addition to the above dependencies:
* pytest
* tox (optional)
### Obtaining SETools
SETools is included in most Linux distributions which support
SELinux, such as Fedora, Red Hat Enterprise Linux, Gentoo,
and Debian.
Official releases of SETools may be freely downloaded from the
[GitHub releases page](https://github.com/mkomet/setools/releases).
SETools source code is maintained within a GitHub repository.
From the command line do:
```bash
$ git clone https://github.com/mkomet/setools.git
```
You may also browse the [GitHub repository](https://github.com/mkomet/setools).
The master branch has development code that may not be stable. Each release
series is considered stable, and has its own branch, e.g. "4.0" for all
4.0.* releases. To checkout a stable branch, do:
```bash
$ git checkout 4.0
```
Where `4.0` is the release series. Each release will have a tag.
### Building SETools for Local Use
To use SETools locally, without installing it onto the system,
unpack the official distribution or check out the git repository,
and perform the following at the root:
```bash
$ python setup.py build_ext -i
```
This will compile the C portion of SETools locally, and then
the tools can be ran from the current directory (e.g. `./seinfo`).
### Rebuilding the Apol Help File
For convenience, a prebuilt copy of the apol help data file is included.
To rebuild this file, the Qt5 development tools are required
(particularly, the `qcollectiongenerator` tool). At the root
of the SETools sources, perform the following:
```bash
$ python setup.py build_qhc
```
### Installing SETools
Unpack the official distribution or check out the git repository,
and perform the following at the root:
```bash
$ python setup.py build_ext
$ python setup.py build
$ python setup.py install
```
This will put the applications in /usr/bin, data files in `/usr/share/setools`,
and libraries in `/usr/lib/pythonX.Y/site-packages/setools`.
### Building SETools with a Local Libsepol and Libselinux
At times, SETools requires a newer libsepol than is available from
distributions. To use a locally-built libsepol instead of the libsepol
provided by the Linux distribution, build the libsepol sources and then
set the `USERSPACE_SRC` environmental variable to the path to the root of
SELinux userspace source tree. The libsepol and libselinux must already
be compiled.
```bash
$ export USERSPACE_SRC=/home/user/src/selinux
$ python setup.py build_ext
$ python setup.py build
$ python setup.py install
```
This feature assumes that the directory structure at `$USERSPACE_SRC` is the
same as the SELinux userspace code checked out from GitHub.
Since SETools is dynamically linked to libsepol and libselinux, you must
specify the path to the libsepol/src and libselinux/src directories by
using `LD_LIBRARY_PATH` so that the newer versions of the libraries are used.
```bash
$ export LD_LIBRARY_PATH="/home/user/src/selinux/libsepol/src:/home/user/src/selinux/libselinux/src"
$ ./seinfo policy.31
$ ./sesearch -A sysadm_t policy.31
```
### Installation Options
Please see `python setup.py --help` or `python setup.py install --help`
for up-to-date information on build and install options, respectively.
### Unit Tests
One goal for SETools is to provide confidence in the validity of the
output for the tools. The unit tests for SETools can be run with
the following commands:
```bash
$ python setup.py build_ext -i
$ pytest tests
```
## Features
SETools encompasses a number of tools, both graphical and command
line, and libraries. Many of the programs have help files accessible
during runtime.
### Graphical tools
Tool Name | Use
---------- | -------------------------------------------
apol | A Qt graphical analysis tool. Use it to perform various types of analyses.
### Command-line tools
Tool Name | Use
---------- | -------------------------------------------
sechecker | Configuration file-driven automated analysis.
sediff | Compare two policies to find differences.
sedta | Perform domain transition analyses.
seinfo | List policy components.
seinfoflow | Perform information flow analyses.
sesearch | Search rules (allow, type_transition, etc.)
### Analysis Libraries
The SETools libraries are available for use in third-party
applications. Although this is not officially supported, we will
do our best to maintain API stability.
### Reporting bugs
Bugs can be reported in the [SETools GitHub issues tracker](https://github.com/mkomet/setools/issues).
### Copyright license
The intent is to allow free use of this source code. All programs'
source files are copyright protected and freely distributed under the
GNU General Public License (see `COPYING.GPL`). All library source
files are copyright under the GNU Lesser General Public License (see
`COPYING.LGPL`). All files distributed with this package indicate the
appropriate license to use. Absolutely no warranty is provided or implied.
Raw data
{
"_id": null,
"home_page": "https://github.com/mkomet/setools",
"name": "android-setools",
"maintainer": "",
"docs_url": null,
"requires_python": ">=3.8",
"maintainer_email": "",
"keywords": "SELinux SETools policy analysis tools seinfo sesearch sediff sedta seinfoflow apol",
"author": "Meir Komet",
"author_email": "mskomet1@gmail.com",
"download_url": "",
"platform": null,
"description": "# Android SETools: Policy analysis tools for SELinux\n\n## Android-SETools\n\nOpen-source fork from the SELinux Project SETools framework, with emphasis\non support of analyzing Android SELinux policy files.\n\n## Overview\n\nThis file describes SETools. SETools is a collection of graphical tools,\ncommand-line tools, and libraries designed to facilitate SELinux policy\nanalysis. Please consult the KNOWN-BUGS file prior to reporting bugs.\n\n## Installation\n\nSETools uses the Python setuptools build system to build, and install.\nAs such it contains a setup.py script that will install the tools.\n\nTo run SETools command line tools, the following packages are required:\n\n* Python 3.8+\n* NetworkX 2.0+ (2.6+ for Python 3.9+)\n* setuptools\n* libselinux\n* libsepol 3.2+\n\nTo run SETools graphical tools, the following packages are also required:\n\n* PyQt5\n* qt5-assistant\n* qt-devel (only if rebuilding the help file)\n\nTo build SETools, the following development packages are required, in\naddition to the development packages from the above list:\n\n* gcc\n* cython 0.27+ (0.29.14+ for Python 3.8+)\n\nTo run SETools unit tests, the following packages are required, in\naddition to the above dependencies:\n\n* pytest\n* tox (optional)\n\n### Obtaining SETools\n\nSETools is included in most Linux distributions which support\nSELinux, such as Fedora, Red Hat Enterprise Linux, Gentoo,\nand Debian.\n\nOfficial releases of SETools may be freely downloaded from the\n[GitHub releases page](https://github.com/mkomet/setools/releases).\n\nSETools source code is maintained within a GitHub repository.\nFrom the command line do:\n\n```bash\n $ git clone https://github.com/mkomet/setools.git\n```\n\nYou may also browse the [GitHub repository](https://github.com/mkomet/setools).\nThe master branch has development code that may not be stable. Each release\nseries is considered stable, and has its own branch, e.g. \"4.0\" for all\n4.0.* releases. To checkout a stable branch, do:\n\n```bash\n $ git checkout 4.0\n```\n\nWhere `4.0` is the release series. Each release will have a tag.\n\n### Building SETools for Local Use\n\nTo use SETools locally, without installing it onto the system,\nunpack the official distribution or check out the git repository,\nand perform the following at the root:\n\n```bash\n $ python setup.py build_ext -i\n```\n\nThis will compile the C portion of SETools locally, and then\nthe tools can be ran from the current directory (e.g. `./seinfo`).\n\n### Rebuilding the Apol Help File\n\nFor convenience, a prebuilt copy of the apol help data file is included.\nTo rebuild this file, the Qt5 development tools are required\n(particularly, the `qcollectiongenerator` tool). At the root\nof the SETools sources, perform the following:\n\n```bash\n $ python setup.py build_qhc\n```\n\n### Installing SETools\n\nUnpack the official distribution or check out the git repository,\nand perform the following at the root:\n\n```bash\n $ python setup.py build_ext\n $ python setup.py build\n $ python setup.py install\n```\n\nThis will put the applications in /usr/bin, data files in `/usr/share/setools`,\nand libraries in `/usr/lib/pythonX.Y/site-packages/setools`.\n\n### Building SETools with a Local Libsepol and Libselinux\n\nAt times, SETools requires a newer libsepol than is available from\ndistributions. To use a locally-built libsepol instead of the libsepol\nprovided by the Linux distribution, build the libsepol sources and then\nset the `USERSPACE_SRC` environmental variable to the path to the root of\nSELinux userspace source tree. The libsepol and libselinux must already\nbe compiled.\n\n```bash\n $ export USERSPACE_SRC=/home/user/src/selinux\n $ python setup.py build_ext\n $ python setup.py build\n $ python setup.py install\n```\n\nThis feature assumes that the directory structure at `$USERSPACE_SRC` is the\nsame as the SELinux userspace code checked out from GitHub.\n\nSince SETools is dynamically linked to libsepol and libselinux, you must\nspecify the path to the libsepol/src and libselinux/src directories by\nusing `LD_LIBRARY_PATH` so that the newer versions of the libraries are used.\n\n```bash\n $ export LD_LIBRARY_PATH=\"/home/user/src/selinux/libsepol/src:/home/user/src/selinux/libselinux/src\"\n $ ./seinfo policy.31\n $ ./sesearch -A sysadm_t policy.31\n```\n\n### Installation Options\n\nPlease see `python setup.py --help` or `python setup.py install --help`\nfor up-to-date information on build and install options, respectively.\n\n### Unit Tests\n\nOne goal for SETools is to provide confidence in the validity of the\noutput for the tools. The unit tests for SETools can be run with\nthe following commands:\n\n```bash\n $ python setup.py build_ext -i\n $ pytest tests\n```\n\n## Features\n\nSETools encompasses a number of tools, both graphical and command\nline, and libraries. Many of the programs have help files accessible\nduring runtime.\n\n### Graphical tools\n\nTool Name | Use\n---------- | -------------------------------------------\napol | A Qt graphical analysis tool. Use it to perform various types of analyses.\n\n### Command-line tools\n\nTool Name | Use\n---------- | -------------------------------------------\nsechecker | Configuration file-driven automated analysis.\nsediff | Compare two policies to find differences.\nsedta | Perform domain transition analyses.\nseinfo | List policy components.\nseinfoflow | Perform information flow analyses.\nsesearch | Search rules (allow, type_transition, etc.)\n\n### Analysis Libraries\n\nThe SETools libraries are available for use in third-party\napplications. Although this is not officially supported, we will\ndo our best to maintain API stability.\n\n### Reporting bugs\n\nBugs can be reported in the [SETools GitHub issues tracker](https://github.com/mkomet/setools/issues).\n\n### Copyright license\n\nThe intent is to allow free use of this source code. All programs'\nsource files are copyright protected and freely distributed under the\nGNU General Public License (see `COPYING.GPL`). All library source\nfiles are copyright under the GNU Lesser General Public License (see\n`COPYING.LGPL`). All files distributed with this package indicate the\nappropriate license to use. Absolutely no warranty is provided or implied.\n",
"bugtrack_url": null,
"license": "GPLv2+, LGPLv2.1+",
"summary": "Android SELinux policy analysis tools.",
"version": "4.5.0.dev3",
"project_urls": {
"Homepage": "https://github.com/mkomet/setools"
},
"split_keywords": [
"selinux",
"setools",
"policy",
"analysis",
"tools",
"seinfo",
"sesearch",
"sediff",
"sedta",
"seinfoflow",
"apol"
],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "854c192ebd01d7c227eb40fda3e62e63fd263940212a6ca0db1b47c6caeb5df2",
"md5": "df3e90e4d9c8e1525366334356dc9c41",
"sha256": "85015b057032006e7cce92acdc4d6bca1a37780361bc32c1915f295d4120a254"
},
"downloads": -1,
"filename": "android_setools-4.5.0.dev3-cp310-cp310-manylinux1_x86_64.whl",
"has_sig": false,
"md5_digest": "df3e90e4d9c8e1525366334356dc9c41",
"packagetype": "bdist_wheel",
"python_version": "cp310",
"requires_python": ">=3.8",
"size": 4613426,
"upload_time": "2024-01-29T18:30:53",
"upload_time_iso_8601": "2024-01-29T18:30:53.345845Z",
"url": "https://files.pythonhosted.org/packages/85/4c/192ebd01d7c227eb40fda3e62e63fd263940212a6ca0db1b47c6caeb5df2/android_setools-4.5.0.dev3-cp310-cp310-manylinux1_x86_64.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"blake2b_256": "8cdac6f0791e6ce076634d4a09f45fe13d296d62ff22b048bfdafa8441499d50",
"md5": "3d67d7afe27234e4138af6a2edcb318a",
"sha256": "012b99010241bf2ae54f631c8782123a32643e2f426c7af4ab334afe26feb775"
},
"downloads": -1,
"filename": "android_setools-4.5.0.dev3-cp311-cp311-manylinux1_x86_64.whl",
"has_sig": false,
"md5_digest": "3d67d7afe27234e4138af6a2edcb318a",
"packagetype": "bdist_wheel",
"python_version": "cp311",
"requires_python": ">=3.8",
"size": 4917289,
"upload_time": "2024-01-29T18:30:51",
"upload_time_iso_8601": "2024-01-29T18:30:51.122447Z",
"url": "https://files.pythonhosted.org/packages/8c/da/c6f0791e6ce076634d4a09f45fe13d296d62ff22b048bfdafa8441499d50/android_setools-4.5.0.dev3-cp311-cp311-manylinux1_x86_64.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"blake2b_256": "fd93d60b0d6ba96f8ed9240af2a7e094d341191b7c7ec91a35e185067e30fb26",
"md5": "2eb720a91bb5d7997d3bf44cf8a16e42",
"sha256": "6064ca4fae9ca8cf8c2a258048c68c0c1f38025e206c20c9388fa5e9f44e76a3"
},
"downloads": -1,
"filename": "android_setools-4.5.0.dev3-cp312-cp312-manylinux1_x86_64.whl",
"has_sig": false,
"md5_digest": "2eb720a91bb5d7997d3bf44cf8a16e42",
"packagetype": "bdist_wheel",
"python_version": "cp312",
"requires_python": ">=3.8",
"size": 4929765,
"upload_time": "2024-01-29T18:30:51",
"upload_time_iso_8601": "2024-01-29T18:30:51.599757Z",
"url": "https://files.pythonhosted.org/packages/fd/93/d60b0d6ba96f8ed9240af2a7e094d341191b7c7ec91a35e185067e30fb26/android_setools-4.5.0.dev3-cp312-cp312-manylinux1_x86_64.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"blake2b_256": "a4e3debd420c8d2e3c2d7d9e3bee054047ba16169822442d351556a7cc34a98f",
"md5": "46b0383df4fdbd18e9af508cdf99ae7a",
"sha256": "2a0623e3054a7b705b9bcdf667fa623fd2f16d0f966ccd0a851c594f2809cab1"
},
"downloads": -1,
"filename": "android_setools-4.5.0.dev3-cp38-cp38-manylinux1_x86_64.whl",
"has_sig": false,
"md5_digest": "46b0383df4fdbd18e9af508cdf99ae7a",
"packagetype": "bdist_wheel",
"python_version": "cp38",
"requires_python": ">=3.8",
"size": 6726559,
"upload_time": "2024-01-29T18:31:00",
"upload_time_iso_8601": "2024-01-29T18:31:00.834230Z",
"url": "https://files.pythonhosted.org/packages/a4/e3/debd420c8d2e3c2d7d9e3bee054047ba16169822442d351556a7cc34a98f/android_setools-4.5.0.dev3-cp38-cp38-manylinux1_x86_64.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"blake2b_256": "0b99fa9dae66c0e8dc8f4495cea4ed324788833f4df5244d603b0ac9ff3f44e0",
"md5": "16573806d12cc2cbc14ce41b941618d3",
"sha256": "1ae0cb3822903c94c2e5b052500bcba4e42eef7f8665323077ce3ecfdf014a24"
},
"downloads": -1,
"filename": "android_setools-4.5.0.dev3-cp39-cp39-manylinux1_x86_64.whl",
"has_sig": false,
"md5_digest": "16573806d12cc2cbc14ce41b941618d3",
"packagetype": "bdist_wheel",
"python_version": "cp39",
"requires_python": ">=3.8",
"size": 4626892,
"upload_time": "2024-01-29T18:30:51",
"upload_time_iso_8601": "2024-01-29T18:30:51.907351Z",
"url": "https://files.pythonhosted.org/packages/0b/99/fa9dae66c0e8dc8f4495cea4ed324788833f4df5244d603b0ac9ff3f44e0/android_setools-4.5.0.dev3-cp39-cp39-manylinux1_x86_64.whl",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2024-01-29 18:30:53",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "mkomet",
"github_project": "setools",
"travis_ci": false,
"coveralls": false,
"github_actions": true,
"tox": true,
"lcname": "android-setools"
}