Skip to main content

selinux_configfile/
lib.rs

1//! # selinux\_configfile
2//!
3//! 100% safe Rust parser and writer for `/etc/selinux/config` with full
4//! format preservation.  Zero `unsafe` code.
5//!
6//! ## Features
7//!
8//! - **Type-safe getters/setters** for all 5 standard SELinux config keys:
9//!   `SELINUX`, `SELINUXTYPE`, `REQUIRESEUSERS`, `AUTORELABEL`, `SETLOCALDEFS`
10//! - **Generic key-value API** for unknown or custom keys
11//! - **Format preservation** — comments, indentation, inline comments, blank
12//!   lines, and trailing whitespace are all preserved across read–modify–write
13//!   cycles
14//! - **Atomic writes** — write via temp file + `fsync` + rename
15//! - **Zero unsafe code** — verified with `grep -r unsafe src/`
16//!
17//! ## Quick start
18//!
19//! ```rust
20//! use selinux_configfile::{ConfigFile, SelinuxMode};
21//!
22//! // Parse an in-memory config string
23//! let mut cfg = ConfigFile::parse(
24//!     "SELINUX=enforcing\nSELINUXTYPE=targeted\n"
25//! ).unwrap();
26//!
27//! assert_eq!(cfg.selinux(), Some(SelinuxMode::Enforcing));
28//! assert_eq!(cfg.selinuxtype(), Some("targeted"));
29//!
30//! // Modify values
31//! cfg.set_selinux(SelinuxMode::Permissive);
32//! cfg.set_selinuxtype("mls").unwrap();
33//!
34//! // Serialize back to string
35//! let output = cfg.to_string();
36//! assert!(output.contains("SELINUX=permissive"));
37//! assert!(output.contains("SELINUXTYPE=mls"));
38//! ```
39//!
40//! ## Reading and writing files
41//!
42//! ```rust,no_run
43//! use selinux_configfile::{ConfigFile, SelinuxMode};
44//!
45//! // Read from the default system path (/etc/selinux/config)
46//! let mut cfg = ConfigFile::read_default().unwrap();
47//!
48//! // Modify and write back
49//! cfg.set_selinux(SelinuxMode::Permissive);
50//! cfg.write_default().unwrap();
51//! ```
52//!
53//! ## Format preservation example
54//!
55//! ```rust
56//! use selinux_configfile::ConfigFile;
57//!
58//! let input = "# My config\nSELINUX = enforcing  # inline comment\n";
59//! let cfg = ConfigFile::parse(input).unwrap();
60//! let output = cfg.to_string();
61//! assert_eq!(input, output);
62//! ```
63
64#![forbid(unsafe_code)]
65#![deny(missing_docs)]
66
67pub mod config_file;
68pub mod error;
69pub mod io;
70pub mod parser;
71pub mod serializer;
72pub mod types;
73
74pub use config_file::ConfigFile;
75pub use error::{IoError, ParseError, ValueError};
76pub use types::{
77    AUTORELABEL_KEY, Line, REQUIRESEUSERS_KEY, SELINUX_KEY, SELINUXTYPE_DEFAULT, SELINUXTYPE_KEY,
78    SETLOCALDEFS_KEY, SelinuxMode,
79};