Skip to main content

Crate selinux_configfile

Crate selinux_configfile 

Source
Expand description

§selinux_configfile

100% safe Rust parser and writer for /etc/selinux/config with full format preservation. Zero unsafe code.

§Features

  • Type-safe getters/setters for all 5 standard SELinux config keys: SELINUX, SELINUXTYPE, REQUIRESEUSERS, AUTORELABEL, SETLOCALDEFS
  • Generic key-value API for unknown or custom keys
  • Format preservation — comments, indentation, inline comments, blank lines, and trailing whitespace are all preserved across read–modify–write cycles
  • Atomic writes — write via temp file + fsync + rename
  • Zero unsafe code — verified with grep -r unsafe src/

§Quick start

use selinux_configfile::{ConfigFile, SelinuxMode};

// Parse an in-memory config string
let mut cfg = ConfigFile::parse(
    "SELINUX=enforcing\nSELINUXTYPE=targeted\n"
).unwrap();

assert_eq!(cfg.selinux(), Some(SelinuxMode::Enforcing));
assert_eq!(cfg.selinuxtype(), Some("targeted"));

// Modify values
cfg.set_selinux(SelinuxMode::Permissive);
cfg.set_selinuxtype("mls").unwrap();

// Serialize back to string
let output = cfg.to_string();
assert!(output.contains("SELINUX=permissive"));
assert!(output.contains("SELINUXTYPE=mls"));

§Reading and writing files

use selinux_configfile::{ConfigFile, SelinuxMode};

// Read from the default system path (/etc/selinux/config)
let mut cfg = ConfigFile::read_default().unwrap();

// Modify and write back
cfg.set_selinux(SelinuxMode::Permissive);
cfg.write_default().unwrap();

§Format preservation example

use selinux_configfile::ConfigFile;

let input = "# My config\nSELINUX = enforcing  # inline comment\n";
let cfg = ConfigFile::parse(input).unwrap();
let output = cfg.to_string();
assert_eq!(input, output);

Re-exports§

pub use config_file::ConfigFile;
pub use error::IoError;
pub use error::ParseError;
pub use error::ValueError;
pub use types::AUTORELABEL_KEY;
pub use types::Line;
pub use types::REQUIRESEUSERS_KEY;
pub use types::SELINUX_KEY;
pub use types::SELINUXTYPE_DEFAULT;
pub use types::SELINUXTYPE_KEY;
pub use types::SETLOCALDEFS_KEY;
pub use types::SelinuxMode;

Modules§

config_file
The ConfigFile type — the main high-level API for reading, modifying, validating, and writing SELinux config files.
error
Error types: ParseError, ValueError, and IoError.
io
File I/O for ConfigFile: atomic reads and writes with read_from, write_to, and the SELINUX_CONFIG_PATH constant.
parser
Config file parser. Reads a string and produces a ConfigFile with all formatting preserved via Line variants.
serializer
Serialization of ConfigFile back to a string with exact format preservation via the Display trait.
types
Core types for SELinux config: SelinuxMode, Line, and key constants.