4]c@sddlmZddlZddlZddlZdZddlZddlj Z ddl j Z ddl m Z ddlZddlZejedejeyejededd WnMek rejedd n*ek rddlZeejd Z>ddlZd=Z?gd>Z@gd?ZAd@ZBdaCejDdAZEdaFejDdBZGdaHejDdCZIdaJejDdDZKdEZLdFZMdGZNdHZOdIZPdJZQdKZRdLZSdMZTdNZUdOZVdPdQZWdRZXgaYdSZZda[dTZ\da]dUZ^da_dVZ`dWZadabdacdXZddYZedafdZZgd[Zhdaid\Zjdakd]Zldamd^Zndaod_Zpd`ZqdardaZsdatdbZudavdcZwddZxdeZyiZzdfezdgtjk r}}ddlm}|jjd}nXx4|D],}t |r|j |jdqqW|S(Ns semodule --list=full 2>/dev/nulltstderrtshells i(t SELinuxDBus( t subprocesst check_outputtSTDOUTRtsplittCalledProcessErrortsedbusRZt semodule_listR!R.(t all_modulestcmdtoutputRUteRZR:((s7/usr/lib64/python2.7/site-packages/sepolicy/__init__.pytget_all_moduless     cCsdddg}g}g}x|D]}yqt|d}|j}|j|djdd }x|D]}|j|qnW|j|g}Wq"g}q"Xq"W|S(Ns$/usr/share/selinux/targeted/base.lsts,/usr/share/selinux/targeted/modules-base.lsts//usr/share/selinux/targeted/modules-contrib.lsttrit i(topent readlinestcloseR^R.textend(t mod_lst_pathRbtmod_tempR:tfdtmodulestm((s7/usr/lib64/python2.7/site-packages/sepolicy/__init__.pytget_all_modules_from_mod_lsts       cCsg}i}x6tD]+}|jt|r|j|qqWt}xT|D]L}y(||dt||df||R(RsRt( tget_all_attributesRuR RRGR!RxR*R.RBRyR2( Rtall_attributest file_typest all_writesR{R R|RCR:ttRO((s7/usr/lib64/python2.7/site-packages/sepolicy/__init__.pytget_writable_filess<  -        ( cCstjj|r|gSytjd|}Wnd|fGHgSX|}|jdrl|d d}ntjj|}y!|ddkr|d7}nWntk rdGHnXyMtjd|}tt |j gtj |D]}||^qSWngSXdS(Ns%s$sbad reg:s(/.*)?it/istry failed got an IndexError( tostpathtexiststretcompileR*tdirnamet IndexErrortlisttfiltertmatchtlistdir(tregtpatRVRR'((s7/usr/lib64/python2.7/site-packages/sepolicy/__init__.pyt find_files,  :cCs~g}t|}xet|jD]Q}|jdr%||kr%x-||D]}xt|D]}|SWqQWq%q%WdS(Nt_exec_t(tget_entrypointsRtkeysR*RRG(tdomaint exclude_listtall_entrypointstexecutable_filestexeRRO((s7/usr/lib64/python2.7/site-packages/sepolicy/__init__.pytfind_all_files/s cCstt}yS|jdr[||kr[x1||dD]}xt|D]}|SWq6WnWntk ronXdS(NRRs(RxR*RR2RG(RRR|RRO((s7/usr/lib64/python2.7/site-packages/sepolicy/__init__.pytfind_entrypoint_path=s  c Csyet|dP}|j}x:|D]2}|j}i|dd6|d6||dgttgidd6D]}|d|kr|^qSWntk rQnXdS(NtprocessR t transtype(R Rt TypeErrorRG(RR'((s7/usr/lib64/python2.7/site-packages/sepolicy/__init__.pytget_transitions_intos > cCs:y"ttgi|d6dd6SWntk r5nXdS(NR RR (R RRRG(R((s7/usr/lib64/python2.7/site-packages/sepolicy/__init__.pytget_transitionss " cCsVy>gttgi|d6D]}|ddkr|^qSWntk rQnXdS(NR R R(R RRRG(RR'((s7/usr/lib64/python2.7/site-packages/sepolicy/__init__.pytget_file_transitionss > cCsg}ttgi|d6}x\|D]T}d|kr&y5x.|dD]"}||krF|j|qFqFWWqzqzXq&q&W|S(NR R)(R RR.(RR)tboollistR RVRS((s7/usr/lib64/python2.7/site-packages/sepolicy/__init__.pytget_boolean_ruless    cCs tdS(NRL(RB(((s7/usr/lib64/python2.7/site-packages/sepolicy/__init__.pytget_all_entrypointsscCsg}yhggttgi|d6dgd6dd6D]}|d|kr7|^q7D]}|d^qW}Wntk rnX|S(NR t entrypointR RR R (R RR(Rt entrypointsR'((s7/usr/lib64/python2.7/site-packages/sepolicy/__init__.pytget_entrypoint_typess h cCstj|djdd}yigttgidd6dd6D]}|d|krD|^qD}t|d kr|dS|d d SWntk rnXdS( NiRitinit_tR RR R iR(tselinuxt getfileconR^R RR!RGR(RRR'R((s7/usr/lib64/python2.7/site-packages/sepolicy/__init__.pytget_init_transtypes C cCsyigttgidd6dd6D]}|d|kr$|^q$}t|dkr\dS|ddSWntk r|nXdS(NRR RR RiR (R RR!RGR(RR'R((s7/usr/lib64/python2.7/site-packages/sepolicy/__init__.pytget_init_entrypointsC cCsbyJgttgidd6|d6dd6D]}|d^q+}|dSWntk r]nXdS(NRR R RR Ri(R RRRG(RR'R((s7/usr/lib64/python2.7/site-packages/sepolicy/__init__.pytget_init_entrypoint_targets >  cCspt}i}xZt|D]L}y(||dt||df||s     cCs6tdkr2gttD]}|d^qantS(NR(t all_typesRGRRD(R'((s7/usr/lib64/python2.7/site-packages/sepolicy/__init__.pyt get_all_typesUs &cCs*tdkr&ttdddantS(Nt userdomainiR#(t user_typesRGRR@(((s7/usr/lib64/python2.7/site-packages/sepolicy/__init__.pytget_user_types^s cCstr tSiax~ttgD]m}|ddks |ddkrLq n|dtkrxt|dj|dq |dgt|dtrttfSiaiaxttD]}|d|dkrVt|d}n$dt|dt|df}|d|dftkrt|d|dfj|n|gt|d|dft|d=S|jd?r|d@t|d?S|jdAr |dBS|jdCr.|dDt|dCS|dEt|dFS(GNs+Set files with the %s type, if you want to t _var_run_ts8store the %s files under the /run or /var/run directory.t_pid_ts,store the %s files under the /run directory.t _var_lib_ts0store the %s files under the /var/lib directory.t_var_ts,store the %s files under the /var directory.t _var_spool_ts2store the %s files under the /var/spool directory.t_spool_tt_cache_tt _var_cache_ts/store the files under the /var/cache directory.t _keytab_ts)treat the files as kerberos keytab files.t_lock_tsEtreat the files as %s lock data, stored under the /var/lock directoryt_log_tsKtreat the data as %s log data, usually stored under the /var/log directory.t _config_tsRtreat the files as %s configuration data, usually stored under the /etc directory.t_conf_tRs,transition an executable to the %s_t domain.t_cgi_content_ts"treat the files as %s cgi content.t _rw_content_ts)treat the files as %s read/write content.t_rw_tt_write_tt_db_ts'treat the files as %s database content.t _ra_content_ts*treat the files as %s read/append content.t _ra_conten_tt_cert_ts'treat the files as %s certificate data.t_key_tstreat the files as %s key data.t _secret_ts"treat the files as %s secret data.t_ra_tt_ro_ts(treat the files as %s read/only content.t _modules_tstreat the files as %s modules.t _content_tstreat the files as %s content.t_state_ts!treat the files as %s state data.t_files_tt_file_tt_data_tstreat the data as %s content.t_tmp_ts1store %s temporary files in the /tmp directories.t_etc_ts'store %s files in the /etc directories.t_home_ts+store %s files in the users home directory.t_tmpfs_ts&store %s files on a tmpfs file system.t _unit_file_ts#treat files as a systemd unit file.t _htaccess_ts#treat the file as a %s access file.streat the files as %s data.R((R*R(R!(ROR)ttxt((s7/usr/lib64/python2.7/site-packages/sepolicy/__init__.pytget_description5scCs0ts,gttD]}|d^qantS(NR(RRR@(R'((s7/usr/lib64/python2.7/site-packages/sepolicy/__init__.pyRs&cCskdadadadadadadadada yt j |Wnt t d|nXdS(NsFailed to read %s policy file(RGRRR$RRRRRR"RRRR(t policy_file((s7/usr/lib64/python2.7/site-packages/sepolicy/__init__.pyRs cCs$t|}|sdSt|dS(N(RRGR(RR[((s7/usr/lib64/python2.7/site-packages/sepolicy/__init__.pytload_store_policys cCs)x"|D]}||tkrtSqWtS(N(RRJR(tdictR&R6((s7/usr/lib64/python2.7/site-packages/sepolicy/__init__.pyR"s cCst}|jdr%|d }n|}t|d|krTtd|n|ddkru|d d}n |d}||fS(NR(isdomain %s_t does not existiRQR(RR*RHR(RRt domainnamet short_name((s7/usr/lib64/python2.7/site-packages/sepolicy/__init__.pyRws   c Csg}g}t|\}}xiggttgi|d6D]}d|kr>|^q>D]}|d^qZD]}x|D]}t|tsq{nytj|d}Wntk r|d}nX|dj|s|dj|r;|d|f|kr|d| f|kr|j |d|fqq{|d|f|kr{|d| f|kr{|j |d|fq{q{WqnW||fS(NR R)ii( RwR Rt isinstancettupleRtsecurity_get_boolean_activeRRvR.( RR$t domainboolsR^R_R'R:RSR>((s7/usr/lib64/python2.7/site-packages/sepolicy/__init__.pyt get_boolss"V  &--"cCsKtsGtjdatjrGgtD]}tj|^q&aqGntS(Ni(tbooleansRtsecurity_get_boolean_namesRtPY3t decode_input(R'((s7/usr/lib64/python2.7/site-packages/sepolicy/__init__.pytget_all_booleanss  (s#/usr/share/selinux/devel/policy.xmlcCscy)tj|}|j}|jWn3tk r^t|}|j}|jnX|S(N(tgzipRiRRkR(RRoR((s7/usr/lib64/python2.7/site-packages/sepolicy/__init__.pyt policy_xmls    c Cstr tSddl}ddl}iayE|jjjt|}x|jdD]}x|jdD]}x~|jdD]m}|jdjdj j d}|j dd|}|j d |j d |ft|j d s^                                               $      1                                        \