^c@sddlZddlZdZdZdZdZdZdZdd d d d d gZied6ed 6ed 6ed 6ed 6ed 6Z ddodYZ de fdYZ de fdYZ e eddZddZdpdZdZdefdYZde fdYZde fdYZd e fd!YZd"e fd#YZd$e fd%YZd&e fd'YZd(e fd)YZd*e fd+YZd,e fd-YZd.e fd/YZd0e fd1YZ d2e fd3YZ!d4e fd5YZ"d6e fd7YZ#d8e fd9YZ$d:e fd;YZ%d<e fd=YZ&d>e fd?YZ'd@e fdAYZ(dBe fdCYZ)dDe fdEYZ*dFe fdGYZ+dHe fdIYZ,dJe fdKYZ-dLe fdMYZ.dNe fdOYZ/dPe fdQYZ0dRe fdSYZ1dTZ2dUe fdVYZ3dWe fdXYZ4dYe fdZYZ5d[e fd\YZ6d]e fd^YZ7d_e fd`YZ8dae fdbYZ9dce fddYZ:dee fdfYZ;dge fdhYZ<didqdjYZ=dkdrdlYZ>dmdsdnYZ?dS(tiNiiiiiitsourcettargettobjectt permissiontrolet destinationt PolicyBasecBseZddZRS(cCsd|_d|_dS(N(tNonetparenttcomment(tselfR((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyt__init__5s N(t__name__t __module__RR (((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR4stNodecBseZdZddZdZdZdZdZdZ dZ dZ d Z d Z d Zd Zd ZdZdZdZdZdZdZdZdZRS(sBase class objects produced from parsing the reference policy. The Node class is used as the base class for any non-leaf object produced by parsing the reference policy. This object should contain a reference to its parent (or None for a top-level object) and 0 or more children. The general idea here is to have a very simple tree structure. Children are not separated out by type. Instead the tree structure represents fairly closely the real structure of the policy statements. The object should be iterable - by default over all children but subclasses are free to provide additional iterators over a subset of their childre (see Interface for example). cCstj||g|_dS(N(RR tchildren(R R((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR JscCs t|jS(N(titerR(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyt__iter__NscCstdt|S(NcSs t|tS(N(t isinstanceR(tx((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pytWs(tfiltertwalktree(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pytnodesVscCstdt|S(NcSs t|tS(N(RtModule(R((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyRZs(RR(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pytmodulesYscCstdt|S(NcSs t|tS(N(Rt Interface(R((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR]s(RR(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyt interfaces\scCstdt|S(NcSs t|tS(N(RtTemplate(R((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR`s(RR(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyt templates_scCstdt|S(NcSs t|tS(N(Rt SupportMacros(R((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyRcs(RR(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pytsupport_macrosbscCstdt|S(NcSs t|tS(N(RtModuleDeclaration(R((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyRhs(RR(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pytmodule_declarationsgscCstdt|S(NcSs t|tS(N(Rt InterfaceCall(R((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyRks(RR(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pytinterface_callsjscCstdt|S(NcSs t|tS(N(RtAVRule(R((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyRns(RR(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pytavrulesmscCstdt|S(NcSs t|tS(N(RtTypeRule(R((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyRqs(RR(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyt typerulespscCstdt|S(NcSs t|tS(N(Rt TypeBound(R((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyRts(RR(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyt typeboundssscCstdt|S(sAIterate over all of the TypeAttribute children of this Interface.cSs t|tS(N(Rt TypeAttribute(R((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyRxs(RR(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyttypeattributesvscCstdt|S(sAIterate over all of the RoleAttribute children of this Interface.cSs t|tS(N(Rt RoleAttribute(R((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR|s(RR(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pytroleattributeszscCstdt|S(NcSs t|tS(N(RtRequire(R((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyRs(RR(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pytrequires~scCstdt|S(NcSs t|tS(N(RtRole(R((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyRs(RR(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pytrolesscCstdt|S(NcSs t|tS(N(Rt RoleAllow(R((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyRs(RR(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyt role_allowsscCstdt|S(NcSs t|tS(N(RtRoleType(R((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyRs(RR(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyt role_typesscCs2|jr$t|jd|jS|jSdS(Ns (R tstrt to_string(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyt__str__s cCsd|jj|jfS(Ns<%s(%s)>(t __class__R R7(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyt__repr__scCsdS(Nt((R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR7sN(R R t__doc__RR RRRRRRR!R#R%R'R)R+R-R/R1R3R5R8R:R7(((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR9s,                    tLeafcBs/eZddZdZdZdZRS(cCstj||dS(N(RR (R R((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR scCs2|jr$t|jd|jS|jSdS(Ns (R R6R7(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR8s cCsd|jj|jfS(Ns<%s(%s)>(R9R R7(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR:scCsdS(NR;((R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR7sN(R R RR R8R:R7(((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR=s   c cs|rd}nd}|dfg}xt|dkr|j|\}}|rb||fVn|Vt|tr'g}t|jd} x]| dkr|dkst|j| |r|j|j| |dfn| d8} qW|j|q'q'WdS(sIterate over a Node and its Children. The walktree function iterates over a tree containing Nodes and leaf objects. The iteration can perform a depth first or a breadth first traversal of the tree (controlled by the depthfirst paramater. The passed in node will be returned. This function will only work correctly for trees - arbitrary graphs will likely cause infinite looping. iiiN(tlentpopRRRRtappendtextend( tnodet depthfirstt showdepthttypetindextstacktcurtdepthtitemsti((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyRs"  "!ccs8x1|D])}|dks(t||r|VqqWdS(sIterate over the direct children of a Node. The walktree function iterates over the children of a Node. Unlike walktree it does note return the passed in node or the children of any Node objects (that is, it does not go beyond the current level in the tree). N(RR(RBRER((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pytwalknodes t{t}cCslt|}d}|dkr-tdndj|}|dkrL|S|dd|d|dSdS(sConvert a set (or any sequence type) into a string representation formatted to match SELinux space separated list conventions. For example the list ['read', 'write'] would be converted into: '{ read write }' R;is"cannot convert 0 len set to stringt iN(R>t ValueErrortjoin(tstconttlR6((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pytlist_to_space_strs   cCs4t|}|dkr'tdndj|S(Nis'cannot conver 0 len set to comma strings, (R>RPRQ(RRRT((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pytlist_to_comma_strs  tIdSetcBs&eZddZdZdZRS(cCs3|rtj||n tj|t|_dS(N(tsetR tFalset compliment(R tlist((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR s cCstt|S(N(RUtsorted(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyt to_space_strscCstt|S(N(RVR\(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyt to_comma_strsN(R R RR R]R^(((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyRWs  tSecurityContextcBs;eZdZdddZdZdZddZRS(s;An SELinux security context with optional MCS / MLS fields.cCsTtj||d|_d|_d|_d|_|dk rP|j|ndS(sCreate a SecurityContext object, optionally from a string. Parameters: [context] - string representing a security context. Same format as a string passed to the from_string method. R;N(R=R tuserRRERtlevelt from_string(R tcontextR((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR s     cCstj|}|ddkr,|d}n|jd}t|dkr`td|n|d|_|d|_|d|_t|dkrdj|d|_ n d|_ dS(sParse a string representing a context into a SecurityContext. The string should be in the standard format - e.g., 'user:role:type:level'. Raises ValueError if the string is not parsable as a security context. iit:is)context string [%s] not in a valid formatiN( tselinuxtselinux_trans_to_raw_contexttsplitR>RPR`RRERQRaR(R Rctrawtfields((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyRbs     cCsF|j|jkoE|j|jkoE|j|jkoE|j|jkS(sCompare two SecurityContext objects - all fields must be exactly the the same for the comparison to work. It is possible for the level fields to be semantically the same yet syntactically different - in this case this function will return false. (R`RRERa(R tother((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyt__eq__1scCs|j|j|jg}|jdkrh|dkrXtjdkre|jdqeqx|j|n|j|jdj|S(sReturn a string representing this security context. By default, the string will contiain a MCS / MLS level potentially from the default which is passed in if none was set. Arguments: default_level - the default level to use if self.level is an empty string. Returns: A string represening the security context in the form 'user:role:type:level'. its0RdN( R`RRERaRRetis_selinux_mls_enabledR@RQ(R t default_levelRi((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR7<s N(R R R<RR RbRkR7(((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR_s   t ObjectClasscBseZdZdddZRS(s"SELinux object class and permissions. This class is a basic representation of an SELinux object class - it does not represent separate common permissions - just the union of the common and class specific permissions. It is meant to be convenient for policy generation. R;cCs)tj||||_t|_dS(N(R=R tnameRWtperms(R RpR((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR ^s N(R R R<RR (((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyRoVsR*cBs#eZdZddZdZRS(s[SElinux typeattribute statement. This class represents a typeattribute statement. cCs)tj||d|_t|_dS(NR;(R=R RERWt attributes(R R((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR js cCsd|j|jjfS(Nstypeattribute %s %s;(RERrR^(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR7osN(R R R<RR R7(((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR*es R,cBs#eZdZddZdZRS(s[SElinux roleattribute statement. This class represents a roleattribute statement. cCs)tj||d|_t|_dS(NR;(R=R RRWR-(R R((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR ws cCsd|j|jjfS(Nsroleattribute %s %s;(RR-R^(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR7|sN(R R R<RR R7(((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR,rs R0cBseZddZdZRS(cCs)tj||d|_t|_dS(NR;(R=R RRWttypes(R R((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR s cCs5d}x(|jD]}|d|j|f7}qW|S(NR;srole %s types %s; (RsR(R RRtt((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR7sN(R R RR R7(((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR0s tTypecBs eZdddZdZRS(R;cCs5tj||||_t|_t|_dS(N(R=R RpRWRrtaliases(R RpR((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR s  cCssd|j}t|jdkr<|d|jj}nt|jdkrk|d|jj}n|dS(Nstype %sisalias %ss, %st;(RpR>RvR]RrR^(R RR((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR7s  N(R R RR R7(((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyRust TypeAliascBseZddZdZRS(cCs)tj||d|_t|_dS(NR;(R=R RERWRv(R R((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR s cCsd|j|jjfS(Nstypealias %s alias %s;(RERvR](R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR7sN(R R RR R7(((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyRxs t AttributecBs eZdddZdZRS(R;cCstj||||_dS(N(R=R Rp(R RpR((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR scCs d|jS(Ns attribute %s;(Rp(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR7sN(R R RR R7(((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyRystAttribute_RolecBs eZdddZdZRS(R;cCstj||||_dS(N(R=R Rp(R RpR((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR scCs d|jS(Nsattribute_role %s;(Rp(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR7sN(R R RR R7(((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyRzsR$cBsPeZdZdZdZdZdZd d dZdZ dZ dZ RS( sSELinux access vector (AV) rule. The AVRule class represents all varieties of AV rules including allow, dontaudit, and auditallow (indicated by the flags self.ALLOW, self.DONTAUDIT, and self.AUDITALLOW respectively). The source and target types, object classes, and perms are all represented by sets containing strings. Sets are used to make it simple to add strings repeatedly while avoiding duplicates. No checking is done to make certain that the symbols are valid or consistent (e.g., perms that don't match the object classes). It is even possible to put invalid types like '$1' into the rules to allow storage of the reference policy interfaces. iiiicCsftj||t|_t|_t|_t|_|j|_|rb|j |ndS(N( R=R RWt src_typest tgt_typest obj_classesRqtALLOWt rule_typetfrom_av(R tavR((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR s     cCs4|j|jkrdS|j|jkr,dSdSdS(Ntallowt dontauditt auditallow(RR~t DONTAUDIT(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyt__rule_type_strs cCsu|jj|j|j|jkr8|jjdn|jj|j|jj|j|jj|jdS(sIAdd the access from an access vector to this allow rule. R N( R{taddtsrc_typettgt_typeR|R}t obj_classRqtupdate(R R((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyRs cCsAd|j|jj|jj|jj|jjfS(sReturn a string representation of the rule that is a valid policy language representation (assuming that the types, object class, etc. are valie). s%s %s %s:%s %s;(t_AVRule__rule_type_strR{R]R|R}Rq(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR7s     N( R R R<R~Rt AUDITALLOWt NEVERALLOWRR RRR7(((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR$s  R&cBs>eZdZdZdZdZddZdZdZ RS(sSELinux type rules. This class is very similar to the AVRule class, but is for representing the type rules (type_trans, type_change, and type_member). The major difference is the lack of perms and only and sing destination type. iiicCsMtj||t|_t|_t|_d|_|j|_dS(NR;( R=R RWR{R|R}t dest_typetTYPE_TRANSITIONR(R R((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR s     cCs4|j|jkrdS|j|jkr,dSdSdS(Nttype_transitiont type_changet type_member(RRt TYPE_CHANGE(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyRs cCs;d|j|jj|jj|jj|jfS(Ns%s %s %s:%s %s;(t_TypeRule__rule_type_strR{R]R|R}R(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR7s     N( R R R<RRt TYPE_MEMBERRR RR7(((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR&s  R(cBs#eZdZddZdZRS(sSSElinux typebound statement. This class represents a typebound statement. cCs)tj||d|_t|_dS(NR;(R=R RERWR|(R R((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR s cCsd|j|jjfS(Nstypebounds %s %s;(RER|R^(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR7sN(R R R<RR R7(((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR(s R2cBseZddZdZRS(cCs,tj||t|_t|_dS(N(R=R RWt src_rolest tgt_roles(R R((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR $s cCs d|jj|jjfS(Ns allow %s %s;(RR^R(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR7)sN(R R RR R7(((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR2#s R4cBseZddZdZRS(cCs)tj||d|_t|_dS(NR;(R=R RRWRs(R R((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR .s cCs5d}x(|jD]}|d|j|f7}qW|S(NR;srole %s types %s; (RsR(R RRRt((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR73sN(R R RR R7(((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR4-s R cBseZddZdZRS(cCs/tj||d|_d|_t|_dS(NR;(R=R RptversionRYt refpolicy(R R((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR :s  cCs5|jrd|j|jfSd|j|jfSdS(Nspolicy_module(%s, %s)s module %s %s;(RRpR(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR7@s N(R R RR R7(((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR 9s t ConditionalcBseZddZdZRS(cCstj||g|_dS(N(RR t cond_expr(R R((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR GscCsdt|jddS(Ns[If %s]RSR;(R;R;(RUR(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR7KsN(R R RR R7(((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyRFs tBoolcBseZddZdZRS(cCs&tj||d|_t|_dS(NR;(R=R RpRYtstate(R R((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR Os cCs*d|j}|jr|dS|dSdS(Nsbool %s ttruetfalse(RpR(R RR((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR7Ts  N(R R RR R7(((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyRNs t InitialSidcBseZddZdZRS(cCs&tj||d|_d|_dS(NR;(R=R RpRRc(R R((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyt__init\s cCsd|jt|jfS(Ns sid %s %s(RpR6Rc(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR7asN(R R Rt_InitialSid__initR7(((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR[s tGenfsConcBseZddZdZRS(cCs/tj||d|_d|_d|_dS(NR;(R=R t filesystemtpathRRc(R R((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR es  cCs d|j|jt|jfS(Nsgenfscon %s %s %s(RRR6Rc(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR7ksN(R R RR R7(((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyRds t FilesystemUsecBs/eZdZdZdZddZdZRS(iiicCs2tj|||j|_d|_d|_dS(NR;(R=R tXATTRRERRRc(R R((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR ss  cCskd}|jtkrd}n0|jtkr6d}n|jtkrNd}nd||jt|jfS(NR;s fs_use_xattr s fs_use_trans s fs_use_task s %s %s %s;(RERtTRANStTASKRR6Rc(R RR((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR7ys   N(R R RRRRR R7(((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyRns  tPortConcBseZddZdZRS(cCs/tj||d|_d|_d|_dS(NR;(R=R t port_typet port_numberRRc(R R((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR s  cCs d|j|jt|jfS(Nsportcon %s %s %s(RRR6Rc(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR7sN(R R RR R7(((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyRs tNodeConcBseZddZdZRS(cCs/tj||d|_d|_d|_dS(NR;(R=R tstarttendRRc(R R((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR s  cCs d|j|jt|jfS(Nsnodecon %s %s %s(RRR6Rc(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR7sN(R R RR R7(((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyRs tNetifConcBseZddZdZRS(cCs/tj||d|_d|_d|_dS(NR;(R=R t interfaceRtinterface_contexttpacket_context(R R((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR s  cCs&d|jt|jt|jfS(Nsnetifcon %s %s %s(RR6RR(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR7sN(R R RR R7(((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyRs tPirqConcBseZddZdZRS(cCs&tj||d|_d|_dS(NR;(R=R t pirq_numberRRc(R R((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR s cCsd|jt|jfS(Ns pirqcon %s %s(RR6Rc(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR7sN(R R RR R7(((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyRs tIomemConcBseZddZdZRS(cCs&tj||d|_d|_dS(NR;(R=R t device_memRRc(R R((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR s cCsd|jt|jfS(Nsiomemcon %s %s(RR6Rc(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR7sN(R R RR R7(((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyRs t IoportConcBseZddZdZRS(cCs&tj||d|_d|_dS(NR;(R=R tioportRRc(R R((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR s cCsd|jt|jfS(Nsioportcon %s %s(RR6Rc(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR7sN(R R RR R7(((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyRs t PciDeviceConcBseZddZdZRS(cCs&tj||d|_d|_dS(NR;(R=R tdeviceRRc(R R((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR s cCsd|jt|jfS(Nspcidevicecon %s %s(RR6Rc(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR7sN(R R RR R7(((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyRs t DeviceTreeConcBseZddZdZRS(cCs&tj||d|_d|_dS(NR;(R=R RRRc(R R((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR s cCsd|jt|jfS(Nsdevicetreecon %s %s(RR6Rc(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR7sN(R R RR R7(((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyRs cCs]xVt|dtD]B\}}d}xt|D]}|d}q2W|t|GHqWdS(NRDR;s (RtTruetrangeR6(theadRBRIRRRK((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyt print_trees tHeaderscBseZddZdZRS(cCstj||dS(N(RR (R R((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR scCsdS(Ns [Headers]((R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR7sN(R R RR R7(((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyRs RcBseZddZdZRS(cCstj||dS(N(RR (R R((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR scCsdS(NR;((R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR7sN(R R RR R7(((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyRs RcBs&eZdZdddZdZRS(sqA reference policy interface definition. This class represents a reference policy interface definition. R;cCstj||||_dS(N(RR Rp(R RpR((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR scCs d|jS(Ns[Interface name: %s](Rp(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR7sN(R R R<RR R7(((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyRst TunablePolicycBseZddZdZRS(cCstj||g|_dS(N(RR R(R R((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR scCsdt|jddS(Ns[Tunable Policy %s]RSR;(R;R;(RUR(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR7sN(R R RR R7(((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyRs RcBs eZdddZdZRS(R;cCstj||||_dS(N(RR Rp(R RpR((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR scCs d|jS(Ns[Template name: %s](Rp(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR7sN(R R RR R7(((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyRstIfDefcBs eZdddZdZRS(R;cCstj||||_dS(N(RR Rp(R RpR((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR scCs d|jS(Ns[Ifdef name: %s](Rp(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR7 sN(R R RR R7(((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyRsR"cBs)eZdddZdZdZRS(R;cCs/tj||||_g|_g|_dS(N(R=R tifnametargstcomments(R RR((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR s  cCsr|j|jkrtSt|jt|jkr8tSx3t|j|jD]\}}||krNtSqNWtS(N(RRYR>RtzipR(R Rjtatb((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pytmatchess" cCsd|j}d}xf|jD][}t|trAt|}n|}|dkrd|d|}n ||}|d7}qW|dS(Ns%s(is, %sit)(RRRR[RU(R RRRKRR6((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR7s   N(R R RR RR7(((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR" s tOptionalPolicycBseZddZdZRS(cCstj||dS(N(RR (R R((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR .scCsdS(Ns[Optional Policy]((R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR71sN(R R RR R7(((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR-s RcBsAeZddZdZdZdZdZdZRS(cCstj||d|_dS(N(RR Rtmap(R R((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR 5scCsdS(Ns[Support Macros]((R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR79scCs\t}||jkrKx=|j|D]}|j|j|q(Wn |j||S(N(RXRtby_nameRt_SupportMacros__expand_permR(R tpermRRtp((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyt __expand_perm<s   cCsai|_xQ|D]I}t}x'|jD]}|j|j|q)W||j|jRQ(R RRRERRqRtboolR`((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR7hs  ! N(R R RR RR7(((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR.Zs  t ObjPermSetcBseZdZdZRS(cCs||_t|_dS(N(RpRXRq(R Rp((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR s cCsd|j|jjfS(Nsdefine(`%s', `%s')(RpRqR](R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR7s(R R R R7(((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR~s tClassMapcBseZdZdZRS(cCs||_||_dS(N(RRq(R RRq((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR s cCs|jd|jS(Ns: (RRq(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR7s(R R R R7(((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyRs tCommentcBs/eZddZdZdZdZRS(cCs|r||_n g|_dS(N(tlines(R RT((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR s cCsUt|jdkrdSg}x"|jD]}|jd|q)Wdj|SdS(NiR;t#s (R>RR@RQ(R touttline((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR7s cCsIt|jrEx3|jD]%}|dkr|jj|qqWndS(NR;(R>RR@(R RjR((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pytmerges cCs |jS(N(R7(R ((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyR8sN(R R RR R7RR8(((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pyRs  ((RMRN((((@tstringRetSRC_TYPEtTGT_TYPEt OBJ_CLASStPERMStROLEt DEST_TYPEt field_to_strt str_to_fieldRRR=RRYRRRLRURVRXRWR_RoR*R,R0RuRxRyRzR$R&R(R2R4R RRRRRRRRRRRRRRRRRRRRR"RRR.RRR(((s8/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.pytsx  ^&  P    =!               !&$