ó â„^c@s–ddlZddlZdZdZdZdZdZdZdd d d d d gZied6ed 6ed 6ed 6ed 6ed 6Z ddod„ƒYZ de fd„ƒYZ de fd„ƒYZ e edd„Zdd„Zdpd„Zd„Zdefd„ƒYZde fd„ƒYZde fd„ƒYZd e fd!„ƒYZd"e fd#„ƒYZd$e fd%„ƒYZd&e fd'„ƒYZd(e fd)„ƒYZd*e fd+„ƒYZd,e fd-„ƒYZd.e fd/„ƒYZd0e fd1„ƒYZ d2e fd3„ƒYZ!d4e fd5„ƒYZ"d6e fd7„ƒYZ#d8e fd9„ƒYZ$d:e fd;„ƒYZ%d<e fd=„ƒYZ&d>e fd?„ƒYZ'd@e fdA„ƒYZ(dBe fdC„ƒYZ)dDe fdE„ƒYZ*dFe fdG„ƒYZ+dHe fdI„ƒYZ,dJe fdK„ƒYZ-dLe fdM„ƒYZ.dNe fdO„ƒYZ/dPe fdQ„ƒYZ0dRe fdS„ƒYZ1dT„Z2dUe fdV„ƒYZ3dWe fdX„ƒYZ4dYe fdZ„ƒYZ5d[e fd\„ƒYZ6d]e fd^„ƒYZ7d_e fd`„ƒYZ8dae fdb„ƒYZ9dce fdd„ƒYZ:dee fdf„ƒYZ;dge fdh„ƒYZ<didqdj„ƒYZ=dkdrdl„ƒYZ>dmdsdn„ƒYZ?dS(tiÿÿÿÿNiiiiiitsourcettargettobjectt permissiontrolet destinationt PolicyBasecBseZdd„ZRS(cCsd|_d|_dS(N(tNonetparenttcomment(tselfR((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyt__init__5s N(t__name__t __module__RR (((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR4stNodecBsÎeZdZdd„Zd„Zd„Zd„Zd„Zd„Z d„Z d„Z d „Z d „Z d „Zd „Zd „Zd„Zd„Zd„Zd„Zd„Zd„Zd„Zd„ZRS(sÁBase class objects produced from parsing the reference policy. The Node class is used as the base class for any non-leaf object produced by parsing the reference policy. This object should contain a reference to its parent (or None for a top-level object) and 0 or more children. The general idea here is to have a very simple tree structure. Children are not separated out by type. Instead the tree structure represents fairly closely the real structure of the policy statements. The object should be iterable - by default over all children but subclasses are free to provide additional iterators over a subset of their childre (see Interface for example). cCstj||ƒg|_dS(N(RR tchildren(R R((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR JscCs t|jƒS(N(titerR(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyt__iter__NscCstd„t|ƒƒS(NcSs t|tƒS(N(t isinstanceR(tx((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pytWs(tfiltertwalktree(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pytnodesVscCstd„t|ƒƒS(NcSs t|tƒS(N(RtModule(R((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyRZs(RR(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pytmodulesYscCstd„t|ƒƒS(NcSs t|tƒS(N(Rt Interface(R((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR]s(RR(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyt interfaces\scCstd„t|ƒƒS(NcSs t|tƒS(N(RtTemplate(R((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR`s(RR(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyt templates_scCstd„t|ƒƒS(NcSs t|tƒS(N(Rt SupportMacros(R((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyRcs(RR(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pytsupport_macrosbscCstd„t|ƒƒS(NcSs t|tƒS(N(RtModuleDeclaration(R((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyRhs(RR(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pytmodule_declarationsgscCstd„t|ƒƒS(NcSs t|tƒS(N(Rt InterfaceCall(R((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyRks(RR(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pytinterface_callsjscCstd„t|ƒƒS(NcSs t|tƒS(N(RtAVRule(R((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyRns(RR(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pytavrulesmscCstd„t|ƒƒS(NcSs t|tƒS(N(RtTypeRule(R((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyRqs(RR(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyt typerulespscCstd„t|ƒƒS(NcSs t|tƒS(N(Rt TypeBound(R((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyRts(RR(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyt typeboundssscCstd„t|ƒƒS(sAIterate over all of the TypeAttribute children of this Interface.cSs t|tƒS(N(Rt TypeAttribute(R((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyRxs(RR(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyttypeattributesvscCstd„t|ƒƒS(sAIterate over all of the RoleAttribute children of this Interface.cSs t|tƒS(N(Rt RoleAttribute(R((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR|s(RR(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pytroleattributeszscCstd„t|ƒƒS(NcSs t|tƒS(N(RtRequire(R((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyRs(RR(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pytrequires~scCstd„t|ƒƒS(NcSs t|tƒS(N(RtRole(R((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR‚s(RR(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pytrolesscCstd„t|ƒƒS(NcSs t|tƒS(N(Rt RoleAllow(R((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR…s(RR(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyt role_allows„scCstd„t|ƒƒS(NcSs t|tƒS(N(RtRoleType(R((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyRˆs(RR(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyt role_types‡scCs2|jr$t|jƒd|jƒS|jƒSdS(Ns (R tstrt to_string(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyt__str__Šs cCsd|jj|jƒfS(Ns<%s(%s)>(t __class__R R7(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyt__repr__scCsdS(Nt((R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR7“sN(R R t__doc__RR RRRRRRR!R#R%R'R)R+R-R/R1R3R5R8R:R7(((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR9s,                    tLeafcBs/eZdd„Zd„Zd„Zd„ZRS(cCstj||ƒdS(N(RR (R R((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR ˜scCs2|jr$t|jƒd|jƒS|jƒSdS(Ns (R R6R7(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR8›s cCsd|jj|jƒfS(Ns<%s(%s)>(R9R R7(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR:¡scCsdS(NR;((R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR7¤sN(R R RR R8R:R7(((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR=—s   c cs|rd}nd}|dfg}xÜt|ƒdkr|j|ƒ\}}|rb||fVn|Vt|tƒr'g}t|jƒd} x]| dkrî|dksÀt|j| |ƒrá|j|j| |dfƒn| d8} q’W|j|ƒq'q'WdS(s™Iterate over a Node and its Children. The walktree function iterates over a tree containing Nodes and leaf objects. The iteration can perform a depth first or a breadth first traversal of the tree (controlled by the depthfirst paramater. The passed in node will be returned. This function will only work correctly for trees - arbitrary graphs will likely cause infinite looping. iÿÿÿÿiiN(tlentpopRRRRtappendtextend( tnodet depthfirstt showdepthttypetindextstacktcurtdepthtitemsti((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR«s"  "!ccs8x1|D])}|dks(t||ƒr|VqqWdS(sIterate over the direct children of a Node. The walktree function iterates over the children of a Node. Unlike walktree it does note return the passed in node or the children of any Node objects (that is, it does not go beyond the current level in the tree). N(RR(RBRER((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pytwalknodeÑs t{t}cCslt|ƒ}d}|dkr-tdƒ‚ndj|ƒ}|dkrL|S|dd|d|dSdS(sáConvert a set (or any sequence type) into a string representation formatted to match SELinux space separated list conventions. For example the list ['read', 'write'] would be converted into: '{ read write }' R;is"cannot convert 0 len set to stringt iN(R>t ValueErrortjoin(tstconttlR6((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pytlist_to_space_strÞs   cCs4t|ƒ}|dkr'tdƒ‚ndj|ƒS(Nis'cannot conver 0 len set to comma strings, (R>RPRQ(RRRT((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pytlist_to_comma_strïs  tIdSetcBs&eZdd„Zd„Zd„ZRS(cCs3|rtj||ƒn tj|ƒt|_dS(N(tsetR tFalset compliment(R tlist((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR ùs cCstt|ƒƒS(N(RUtsorted(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyt to_space_strscCstt|ƒƒS(N(RVR\(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyt to_comma_strsN(R R RR R]R^(((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyRWøs  tSecurityContextcBs;eZdZddd„Zd„Zd„Zdd„ZRS(s;An SELinux security context with optional MCS / MLS fields.cCsTtj||ƒd|_d|_d|_d|_|dk rP|j|ƒndS(sßCreate a SecurityContext object, optionally from a string. Parameters: [context] - string representing a security context. Same format as a string passed to the from_string method. R;N(R=R tuserRRERtlevelt from_string(R tcontextR((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR s     cCs¿tj|ƒ}|ddkr,|d}n|jdƒ}t|ƒdkr`td|ƒ‚n|d|_|d|_|d|_t|ƒdkr²dj|dƒ|_ n d|_ dS(sóParse a string representing a context into a SecurityContext. The string should be in the standard format - e.g., 'user:role:type:level'. Raises ValueError if the string is not parsable as a security context. iit:is)context string [%s] not in a valid formatiN( tselinuxtselinux_trans_to_raw_contexttsplitR>RPR`RRERQRaR(R Rctrawtfields((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyRbs     cCsF|j|jkoE|j|jkoE|j|jkoE|j|jkS(sCompare two SecurityContext objects - all fields must be exactly the the same for the comparison to work. It is possible for the level fields to be semantically the same yet syntactically different - in this case this function will return false. (R`RRERa(R tother((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyt__eq__1scCs…|j|j|jg}|jdkrh|dkrXtjƒdkre|jdƒqeqx|j|ƒn|j|jƒdj|ƒS(s½Return a string representing this security context. By default, the string will contiain a MCS / MLS level potentially from the default which is passed in if none was set. Arguments: default_level - the default level to use if self.level is an empty string. Returns: A string represening the security context in the form 'user:role:type:level'. its0RdN( R`RRERaRRetis_selinux_mls_enabledR@RQ(R t default_levelRi((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR7<s N(R R R<RR RbRkR7(((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR_s   t ObjectClasscBseZdZddd„ZRS(s"SELinux object class and permissions. This class is a basic representation of an SELinux object class - it does not represent separate common permissions - just the union of the common and class specific permissions. It is meant to be convenient for policy generation. R;cCs)tj||ƒ||_tƒ|_dS(N(R=R tnameRWtperms(R RpR((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR ^s N(R R R<RR (((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyRoVsR*cBs#eZdZdd„Zd„ZRS(s[SElinux typeattribute statement. This class represents a typeattribute statement. cCs)tj||ƒd|_tƒ|_dS(NR;(R=R RERWt attributes(R R((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR js cCsd|j|jjƒfS(Nstypeattribute %s %s;(RERrR^(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR7osN(R R R<RR R7(((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR*es R,cBs#eZdZdd„Zd„ZRS(s[SElinux roleattribute statement. This class represents a roleattribute statement. cCs)tj||ƒd|_tƒ|_dS(NR;(R=R RRWR-(R R((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR ws cCsd|j|jjƒfS(Nsroleattribute %s %s;(RR-R^(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR7|sN(R R R<RR R7(((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR,rs R0cBseZdd„Zd„ZRS(cCs)tj||ƒd|_tƒ|_dS(NR;(R=R RRWttypes(R R((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR s cCs5d}x(|jD]}|d|j|f7}qW|S(NR;srole %s types %s; (RsR(R RRtt((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR7†sN(R R RR R7(((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR0€s tTypecBs eZddd„Zd„ZRS(R;cCs5tj||ƒ||_tƒ|_tƒ|_dS(N(R=R RpRWRrtaliases(R RpR((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR s  cCssd|j}t|jƒdkr<|d|jjƒ}nt|jƒdkrk|d|jjƒ}n|dS(Nstype %sisalias %ss, %st;(RpR>RvR]RrR^(R RR((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR7“s  N(R R RR R7(((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyRuŒst TypeAliascBseZdd„Zd„ZRS(cCs)tj||ƒd|_tƒ|_dS(NR;(R=R RERWRv(R R((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR œs cCsd|j|jjƒfS(Nstypealias %s alias %s;(RERvR](R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR7¡sN(R R RR R7(((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyRx›s t AttributecBs eZddd„Zd„ZRS(R;cCstj||ƒ||_dS(N(R=R Rp(R RpR((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR ¥scCs d|jS(Ns attribute %s;(Rp(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR7©sN(R R RR R7(((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyRy¤stAttribute_RolecBs eZddd„Zd„ZRS(R;cCstj||ƒ||_dS(N(R=R Rp(R RpR((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR ­scCs d|jS(Nsattribute_role %s;(Rp(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR7±sN(R R RR R7(((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyRz¬sR$cBsPeZdZdZdZdZdZd d d„Zd„Z d„Z d„Z RS( s»SELinux access vector (AV) rule. The AVRule class represents all varieties of AV rules including allow, dontaudit, and auditallow (indicated by the flags self.ALLOW, self.DONTAUDIT, and self.AUDITALLOW respectively). The source and target types, object classes, and perms are all represented by sets containing strings. Sets are used to make it simple to add strings repeatedly while avoiding duplicates. No checking is done to make certain that the symbols are valid or consistent (e.g., perms that don't match the object classes). It is even possible to put invalid types like '$1' into the rules to allow storage of the reference policy interfaces. iiiicCsftj||ƒtƒ|_tƒ|_tƒ|_tƒ|_|j|_|rb|j |ƒndS(N( R=R RWt src_typest tgt_typest obj_classesRqtALLOWt rule_typetfrom_av(R tavR((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR Ìs     cCs4|j|jkrdS|j|jkr,dSdSdS(Ntallowt dontauditt auditallow(RR~t DONTAUDIT(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyt__rule_type_strÖs cCsu|jj|jƒ|j|jkr8|jjdƒn|jj|jƒ|jj|jƒ|jj|jƒdS(sIAdd the access from an access vector to this allow rule. R N( R{taddtsrc_typettgt_typeR|R}t obj_classRqtupdate(R R((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR€Þs cCsAd|jƒ|jjƒ|jjƒ|jjƒ|jjƒfS(s«Return a string representation of the rule that is a valid policy language representation (assuming that the types, object class, etc. are valie). s%s %s %s:%s %s;(t_AVRule__rule_type_strR{R]R|R}Rq(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR7ês     N( R R R<R~R…t AUDITALLOWt NEVERALLOWRR RŒR€R7(((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR$·s  R&cBs>eZdZdZdZdZdd„Zd„Zd„Z RS(söSELinux type rules. This class is very similar to the AVRule class, but is for representing the type rules (type_trans, type_change, and type_member). The major difference is the lack of perms and only and sing destination type. iiicCsMtj||ƒtƒ|_tƒ|_tƒ|_d|_|j|_dS(NR;( R=R RWR{R|R}t dest_typetTYPE_TRANSITIONR(R R((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR ÿs     cCs4|j|jkrdS|j|jkr,dSdSdS(Nttype_transitiont type_changet type_member(RRt TYPE_CHANGE(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR†s cCs;d|jƒ|jjƒ|jjƒ|jjƒ|jfS(Ns%s %s %s:%s %s;(t_TypeRule__rule_type_strR{R]R|R}R(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR7s     N( R R R<RR”t TYPE_MEMBERRR R•R7(((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR&ôs  R(cBs#eZdZdd„Zd„ZRS(sSSElinux typebound statement. This class represents a typebound statement. cCs)tj||ƒd|_tƒ|_dS(NR;(R=R RERWR|(R R((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR s cCsd|j|jjƒfS(Nstypebounds %s %s;(RER|R^(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR7sN(R R R<RR R7(((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR(s R2cBseZdd„Zd„ZRS(cCs,tj||ƒtƒ|_tƒ|_dS(N(R=R RWt src_rolest tgt_roles(R R((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR $s cCs d|jjƒ|jjƒfS(Ns allow %s %s;(R—R^R˜(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR7)sN(R R RR R7(((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR2#s R4cBseZdd„Zd„ZRS(cCs)tj||ƒd|_tƒ|_dS(NR;(R=R RRWRs(R R((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR .s cCs5d}x(|jD]}|d|j|f7}qW|S(NR;srole %s types %s; (RsR(R RRRt((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR73sN(R R RR R7(((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR4-s R cBseZdd„Zd„ZRS(cCs/tj||ƒd|_d|_t|_dS(NR;(R=R RptversionRYt refpolicy(R R((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR :s  cCs5|jrd|j|jfSd|j|jfSdS(Nspolicy_module(%s, %s)s module %s %s;(RšRpR™(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR7@s N(R R RR R7(((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR 9s t ConditionalcBseZdd„Zd„ZRS(cCstj||ƒg|_dS(N(RR t cond_expr(R R((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR GscCsdt|jddƒS(Ns[If %s]RSR;(R;R;(RURœ(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR7KsN(R R RR R7(((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR›Fs tBoolcBseZdd„Zd„ZRS(cCs&tj||ƒd|_t|_dS(NR;(R=R RpRYtstate(R R((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR Os cCs*d|j}|jr|dS|dSdS(Nsbool %s ttruetfalse(RpRž(R RR((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR7Ts  N(R R RR R7(((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyRNs t InitialSidcBseZdd„Zd„ZRS(cCs&tj||ƒd|_d|_dS(NR;(R=R RpRRc(R R((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyt__init\s cCsd|jt|jƒfS(Ns sid %s %s(RpR6Rc(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR7asN(R R Rt_InitialSid__initR7(((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR¡[s tGenfsConcBseZdd„Zd„ZRS(cCs/tj||ƒd|_d|_d|_dS(NR;(R=R t filesystemtpathRRc(R R((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR es  cCs d|j|jt|jƒfS(Nsgenfscon %s %s %s(R¥R¦R6Rc(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR7ksN(R R RR R7(((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR¤ds t FilesystemUsecBs/eZdZdZdZdd„Zd„ZRS(iiicCs2tj||ƒ|j|_d|_d|_dS(NR;(R=R tXATTRRER¥RRc(R R((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR ss  cCskd}|jtkrd}n0|jtkr6d}n|jtkrNd}nd||jt|jƒfS(NR;s fs_use_xattr s fs_use_trans s fs_use_task s %s %s %s;(RER¨tTRANStTASKR¥R6Rc(R RR((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR7ys   N(R R R¨R©RªRR R7(((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR§ns  tPortConcBseZdd„Zd„ZRS(cCs/tj||ƒd|_d|_d|_dS(NR;(R=R t port_typet port_numberRRc(R R((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR …s  cCs d|j|jt|jƒfS(Nsportcon %s %s %s(R¬R­R6Rc(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR7‹sN(R R RR R7(((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR«„s tNodeConcBseZdd„Zd„ZRS(cCs/tj||ƒd|_d|_d|_dS(NR;(R=R tstarttendRRc(R R((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR s  cCs d|j|jt|jƒfS(Nsnodecon %s %s %s(R¯R°R6Rc(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR7•sN(R R RR R7(((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR®Žs tNetifConcBseZdd„Zd„ZRS(cCs/tj||ƒd|_d|_d|_dS(NR;(R=R t interfaceRtinterface_contexttpacket_context(R R((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR ™s  cCs&d|jt|jƒt|jƒfS(Nsnetifcon %s %s %s(R²R6R³R´(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR7ŸsN(R R RR R7(((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR±˜s tPirqConcBseZdd„Zd„ZRS(cCs&tj||ƒd|_d|_dS(NR;(R=R t pirq_numberRRc(R R((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR £s cCsd|jt|jƒfS(Ns pirqcon %s %s(R¶R6Rc(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR7¨sN(R R RR R7(((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyRµ¢s tIomemConcBseZdd„Zd„ZRS(cCs&tj||ƒd|_d|_dS(NR;(R=R t device_memRRc(R R((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR ¬s cCsd|jt|jƒfS(Nsiomemcon %s %s(R¸R6Rc(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR7±sN(R R RR R7(((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR·«s t IoportConcBseZdd„Zd„ZRS(cCs&tj||ƒd|_d|_dS(NR;(R=R tioportRRc(R R((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR µs cCsd|jt|jƒfS(Nsioportcon %s %s(RºR6Rc(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR7ºsN(R R RR R7(((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR¹´s t PciDeviceConcBseZdd„Zd„ZRS(cCs&tj||ƒd|_d|_dS(NR;(R=R tdeviceRRc(R R((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR ¾s cCsd|jt|jƒfS(Nspcidevicecon %s %s(R¼R6Rc(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR7ÃsN(R R RR R7(((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR»½s t DeviceTreeConcBseZdd„Zd„ZRS(cCs&tj||ƒd|_d|_dS(NR;(R=R R¦RRc(R R((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR Çs cCsd|jt|jƒfS(Nsdevicetreecon %s %s(R¦R6Rc(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR7ÌsN(R R RR R7(((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR½Æs cCs]xVt|dtƒD]B\}}d}xt|ƒD]}|d}q2W|t|ƒGHqWdS(NRDR;s (RtTruetrangeR6(theadRBRIRRRK((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyt print_treeÑs tHeaderscBseZdd„Zd„ZRS(cCstj||ƒdS(N(RR (R R((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR ÚscCsdS(Ns [Headers]((R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR7ÝsN(R R RR R7(((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyRÂÙs RcBseZdd„Zd„ZRS(cCstj||ƒdS(N(RR (R R((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR âscCsdS(NR;((R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR7åsN(R R RR R7(((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyRás RcBs&eZdZddd„Zd„ZRS(sqA reference policy interface definition. This class represents a reference policy interface definition. R;cCstj||ƒ||_dS(N(RR Rp(R RpR((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR íscCs d|jS(Ns[Interface name: %s](Rp(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR7ñsN(R R R<RR R7(((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyRèst TunablePolicycBseZdd„Zd„ZRS(cCstj||ƒg|_dS(N(RR Rœ(R R((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR õscCsdt|jddƒS(Ns[Tunable Policy %s]RSR;(R;R;(RURœ(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR7ùsN(R R RR R7(((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyRÃôs RcBs eZddd„Zd„ZRS(R;cCstj||ƒ||_dS(N(RR Rp(R RpR((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR ýscCs d|jS(Ns[Template name: %s](Rp(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR7sN(R R RR R7(((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyRüstIfDefcBs eZddd„Zd„ZRS(R;cCstj||ƒ||_dS(N(RR Rp(R RpR((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR scCs d|jS(Ns[Ifdef name: %s](Rp(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR7 sN(R R RR R7(((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyRÄsR"cBs)eZddd„Zd„Zd„ZRS(R;cCs/tj||ƒ||_g|_g|_dS(N(R=R tifnametargstcomments(R RÅR((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR s  cCsr|j|jkrtSt|jƒt|jƒkr8tSx3t|j|jƒD]\}}||krNtSqNWtS(N(RÅRYR>RÆtzipR¾(R Rjtatb((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pytmatchess" cCs„d|j}d}xf|jD][}t|tƒrAt|ƒ}n|}|dkrd|d|}n ||}|d7}qW|dS(Ns%s(is, %sit)(RÅRÆRR[RU(R RRRKRÉR6((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR7s   N(R R RR RËR7(((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR" s tOptionalPolicycBseZdd„Zd„ZRS(cCstj||ƒdS(N(RR (R R((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR .scCsdS(Ns[Optional Policy]((R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR71sN(R R RR R7(((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyRÍ-s RcBsAeZdd„Zd„Zd„Zd„Zd„Zd„ZRS(cCstj||ƒd|_dS(N(RR Rtmap(R R((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR 5scCsdS(Ns[Support Macros]((R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR79scCs\tƒ}||jkrKx=|j|ƒD]}|j|j|ƒƒq(Wn |j|ƒ|S(N(RXRÎtby_nameR‹t_SupportMacros__expand_permR‡(R tpermRRtp((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyt __expand_perm<s   cCsai|_xQ|D]I}tƒ}x'|jD]}|j|j|ƒƒq)W||j|jRQ(R RRRERŠRqRtboolR`((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR7hs  ! N(R R RR RÛR7(((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR.Zs  t ObjPermSetcBseZd„Zd„ZRS(cCs||_tƒ|_dS(N(RpRXRq(R Rp((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR s cCsd|j|jjƒfS(Nsdefine(`%s', `%s')(RpRqR](R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR7ƒs(R R R R7(((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyRÝ~s tClassMapcBseZd„Zd„ZRS(cCs||_||_dS(N(RŠRq(R RŠRq((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR ‡s cCs|jd|jS(Ns: (RŠRq(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR7‹s(R R R R7(((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyRÞ†s tCommentcBs/eZdd„Zd„Zd„Zd„ZRS(cCs|r||_n g|_dS(N(tlines(R RT((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR s cCsUt|jƒdkrdSg}x"|jD]}|jd|ƒq)Wdj|ƒSdS(NiR;t#s (R>RàR@RQ(R touttline((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR7•s cCsIt|jƒrEx3|jD]%}|dkr|jj|ƒqqWndS(NR;(R>RàR@(R RjRã((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pytmerge s cCs |jƒS(N(R7(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR8¦sN(R R RR R7RäR8(((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyRߎs  ((RMRN((((@tstringRetSRC_TYPEtTGT_TYPEt OBJ_CLASStPERMStROLEt DEST_TYPEt field_to_strt str_to_fieldRRR=R¾RYRRRLRURVRXRWR_RoR*R,R0RuRxRyRzR$R&R(R2R4R R›RR¡R¤R§R«R®R±RµR·R¹R»R½RÁRÂRRRÃRRÄR"RÍRR.RÝRÞRß(((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pytsx  ^&  P    =!               !&$