404

[ Avaa Bypassed ]

Upload:

Command:

elspacio@18.119.163.163: ~ $ 
3

Fl�fz��@s6ddlZddlZddlZddlZddljZddljZddlZddl	Z	ddl
Z
ddlZdZy:ddl
Z
iZejd�krxded<e
jefddd�e��WnJyddlZeejd	<Wn&ek
r�ddlZeejd	<YnXYnXd
ZdZdZdZd
ZdZdZdZdZdZ dZ!dZ"dZ#dZ$dZ%dZ&dZ'iZ(de(d<de(d<de(d<de(d <de(d!<d"e(d#<d$e(d%<d&e(d'<d(e(d)<d(e(d*<d+e(d,<d+e(d-<d.e(d/<d0e(d1<iZ)e*d2�e)d3<e*d4�e)d5<e*d6�e)d7<e*d8�e)d9<e*d:�e)d;<e*d<�e)d=<e*d>�e)d?<e*d@�e)dA<iZ+d3e+dB<d5e+dC<d7e+dD<d9e+dE<d;e+dF<d=e+dG<d?e+dH<dAe+dI<da,da-da.da/da0ga1da2da3da4da5da6da7da8da9da:da;da<da=da>da?da@daAdaBdaCdaDdJdK�ZEd�dMdN�ZFdOdP�ZGdQdR�ZHdSdT�ZIyeF�ZJeHeJ�Wn6eKk
�rZLzejM�d
k�reL�WYddZL[LXnXd�dUdV�ZNdWdX�ZOd�dYdZ�ZPd[d\�ZQd]d^�ZRd_d`�ZSdadb�ZTdcdd�ZUdedf�ZVdgdh�ZWgfdidj�ZXgfdkdl�ZYdmdn�ZZej[�fdodp�Z\ej[�fdqdr�Z]ej[�fdsdt�Z^ej[�fdudv�Z_dwdx�Z`dydz�Zad{d|�Zbd}d~�Zcdd��Zdd�d��Zed�d��Zfd�d��Zgd�d��Zhd�d��Zid�d��Zjd�d��Zkd�d��Zld�d��Zmd�d��Znd�d��Zod�d��Zpd�d��Zqd�d��Zrd�d��Zsd�d��Ztd�d��Zud�d��Zvd�d��Zwd�d��Zxd�d��Zyd�d��Zzd�d��Z{d�d��Z|e|fd�d��Z}d�d��Z~d�d��Zd�d��Z�d�d��Z�d�d��Z�d�d��Z�d�d��Z�d�d„Z�d�d�dńZ�d�d�dDŽZ�d�dɄZ�d�d˄Z�d�d̈́Z�d�dτZ�dS)��Nzselinux-python�T�unicodez/usr/share/localezutf-8)Z	localedirZcodeset�_�������allowZ
auditallowZ
neverallowZ	dontaudit�source�target�permlist�classZ
transitionZ
role_allowZetc_tz/etcZtmp_tz/tmpZunit_file_tz/usr/lib/systemd/systemz/lib/systemd/systemz/etc/systemd/systemZvar_cache_tz
/var/cacheZ	var_lib_tz/var/libZlog_tz/var/logZ	var_run_tz/var/runz/runZ
var_lock_tz	/run/lockz
/var/run/lockZvar_spool_tz
/var/spoolZ	content_tz/var/wwwz	all files�azregular file�fZ	directory�dzcharacter device�czblock device�bzsocket file�sz
symbolic link�lz
named pipe�p�z--z-dz-cz-bz-sz-lz-pcCs:|jdd�d}yt|�|fStk
r4d|fSXdS)Nz/policy.rr)�rsplit�int�
ValueError)Zpolicy_path�	extension�r�/usr/lib/python3.6/__init__.py�policy_sortkeyys
r�/c	CsLy.|tj�}tjd|�}|jtd�|dSYnXttd���dS)Nz%s.*)�keyrzNo SELinux Policy installed���)�selinuxZselinux_binary_policy_path�glob�sortrrr)�root�path�policiesrrr�get_installed_policy�sr)cCs2tjdtj�|f�}|sdS|jtd�|dS)z?Get the path to the policy file located in the given store namez%s%s/policy/policy.*N)r!rr")r$r#Zselinux_pathr%r)�storer(rrr�get_store_policy�sr+c	CsTdadadadadadadadadayt	j
|�aWntt
d�|��YnXdS)NzFailed to read %s policy file)�all_domains�all_attributes�bools�	all_types�role_allowsZusers�roles�
file_types�
port_types�setoolsZ
SELinuxPolicy�_polrr)�policy_filerrr�policy�s
r7cCst|�}|sdSt|�dS)N)r+r7)r*r6rrr�load_store_policy�sr8cCs|tkrZtjt�}||_t|j��}|rLt|�dkrLd|_||_t|j��}dd�|D�S|t	kr�tj
t�}|rv||_dd�|j�D�S|tkr�tjt�}|r�||_dd�|j�D�S|t
k�rFtjt�}|�rdd�|jd�D�}t|�d	k�r�||_n t|�dk�r|d
|d
f|_tj�r4dd�|j�D�Sdd�|j�D�S|tk�r�tjt�}|�rf||_tj�r�d
d�|j�D�Sdd�|j�D�S|tk�r�tjt�}|�r�||_dd�|j�D�S|tk�r�tjt�}|�r�||_dd�|j�D�Std��dS)NrcssB|]:}ttt|j���t|�t|j�ttt|j���d�VqdS))�aliases�nameZ
permissive�
attributesN)�list�map�strr9�boolZispermissiver;)�.0�xrrr�	<genexpr>�szinfo.<locals>.<genexpr>css:|]2}t|�ttt|j���ttt|j���d�VqdS))r:r1�typesN)r>r<r=�expandrC)r@rArrrrB�scss*|]"}t|�ttt|j���d�VqdS))r:rCN)r>r<r=rD)r@rArrrrB�scSsg|]}t|��qSr)r)r@�irrr�
<listcomp>�szinfo.<locals>.<listcomp>�-rrcss<|]4}|jjt|j�t|jj�t|jj�|jjd�VqdS))�high�protocol�range�type�lowN)�portsrHr>rI�contextZrange_�type_rL)r@rArrrrB�scss2|]*}|jjt|j�t|jj�|jjd�VqdS))rHrIrKrLN)rMrHr>rIrNrOrL)r@rArrrrB�scss8|]0}t|j�t|�ttt|j��t|j�d�VqdS))rJr:r1�levelN)r>Z	mls_ranger<r=r1Z	mls_level)r@rArrrrBscss(|] }t|�ttt|j��d�VqdS))r:r1N)r>r<r=r1)r@rArrrrB
scss|]}t|�|jd�VqdS))r:�stateN)r>rQ)r@rArrrrBscss"|]}t|�t|j�d�VqdS))r:rN)r>r<�perms)r@rArrrrBszInvalid type)�TYPEr4Z	TypeQueryr5r:r<�results�len�alias�ROLE�	RoleQuery�	ATTRIBUTEZTypeAttributeQuery�PORTZPortconQuery�splitrM�mls�USERZ	UserQuery�BOOLEANZ	BoolQuery�TCLASSZ
ObjClassQueryr)�setyper:�qrTrMrrr�info�sr










rbc3Cs`t|j�t|j�t|j�t|j�d�}y<i}x|jjD]}|j|t|�<q6W|jjf|�|j	k}Wnt
k
rzd}YnX||d<yttt|j
��|d<Wnt
k
r�YnXyt|j�|d<Wnt
k
r�YnXydd�|jjD�|d<Wnt
k
�r
YnXyt|j�|d	<Wnt
k
�r4YnXy|j|d
<Wnt
k
�rZYnX|S)N)rKrr
rT�enabledr�	transtypecSsg|]}t|�|jf�qSr)r>rQ)r@rrrrrFHsz)_setools_rule_to_dict.<locals>.<listcomp>�booleans�conditional�filename)r>�ruletyperr
�tclassrfrerQZevaluateZconditional_block�AttributeErrorr<r=rR�defaultrg)ZrulerZ	boolstate�booleanrcrrr�_setools_rule_to_dict'sB
rmc
Cs�|si}tttttttg�}x&|D]}||kr"tddj|���q"Wd}t	|kr\t
|t	�}d}t|krtt
|t�}d}t|kr�t
|t�j
d�}g}g}t|kr�|jt�t|kr�|jt�t|kr�|jt�t|kr�|jt�t|�dk�r.tjt||||d�}	t|k�r|t|	_|dd�|	j�D�7}t|k�r�dd	d
g}
tjt|
|||d�}	t|k�rj|t|	_|dd�|	j�D�7}t|k�r�dg}tjt||||d�}	x.|	j�D]"}|jt
|j�t
|j�d
���q�W|S)NzType has to be in %s� �,r)rhrr
ricSsg|]}t|��qSr)rm)r@rArrrrF�szsearch.<locals>.<listcomp>�type_transitionZtype_changeZtype_membercSsg|]}t|��qSr)rm)r@rArrrrF�sr)rr
)�set�ALLOW�
AUDITALLOW�
NEVERALLOW�	DONTAUDIT�
TRANSITION�
ROLE_ALLOWr�join�SOURCEr>�TARGET�CLASSr[�appendrUr4�TERuleQueryr5�PERMSrRrT�
RBACRuleQueryrr
)
rCZseinfoZvalid_typesr`rr
riZtoretZtertypesraZrtypesZratypes�rrrr�searchYsn











r�csi}g}�g��g�y(�tt�fdd�t���dd7�WnYnXy(�tt�fdd�t���dd7�WnYnXtdd�t���fdd�t���}yHxB|D]:}|j|d|d	|d
fd��||kr�|j|�i}q�WWntk
�r|SX|S)Ncs|d�kS)Nr:r)rA)�srcrr�<lambda>�sz"get_conditionals.<locals>.<lambda>rr;cs|d�kS)Nr:r)rA)�destrrr��scSs|S)Nr)�yrrrr��scs2|d�ko0|d�ko0t��j|t�o0d|kS)Nrr
rf)rq�issubsetr~)rA)�	dest_list�perm�src_listrrr��srrfrc)rrf)r<�filter�get_all_types_infor=�get_all_allow_rules�updater|�KeyError)r�r�rir�ZtdictZtlistZallowsrEr)r�r�r�r�r�r�get_conditionals�s.((

 
r�cCsHd}x|D]}|ddr
d}Pq
Wtd�|djttdd�|���fS)	NFrfrTz-- Allowed %s [ %s ]z || cSsd|dd|ddfS)Nz%s=%drfrrr)rArrrr��sz.get_conditionals_format_text.<locals>.<lambda>)rrxrqr=)ZcondrcrArrr�get_conditionals_format_text�s
r�cCsttt|��ddS)NrrC)r<rbrY)Z	attributerrr�get_types_from_attribute�sr�cCs�g}i}x&t�D]}|jt|��r|j|�qWt�}xN|D]F}y$||dt||df||<Wq<tk
r�g||<Yq<Xq<W|S)N�regex�ftype)�get_all_file_types�
startswith�gen_short_namer|�
get_fcdict�
file_type_strr�)r`�flist�mpathsr�fcdictrrr�get_file_types�s
$r�cCs8|s|Syttt|��dSttfk
r2|SXdS)z�Return the real name of a type

    * If 'name' refers to a type alias, return the corresponding type name.
    * Otherwise return the original name (even if the type does not exist).
    r:N)�nextrbrS�RuntimeError�
StopIteration)r:rrr�get_real_type_name�sr�c
Cs<t�}g}i}ttg|ddgdd��}|dks:t|�dkr>|St�}ddg}x�|D]�}|d|krdqRd	|krv|d	svqR|djd
�r�|d|kr�qR|d|kr�|d|kr�|j|d�qRx&t|d�D]}||kr�|j|�q�WqRWxP|D]H}	y$||	dt||	df||	<Wq�t	k
�r2g||	<Yq�Xq�W|S)
N�open�write�file)rrrrZ	proc_typeZsysctl_typer
rc�_tr�r�)
r�r�rrrUr��endswithr|r�r�r�)
r`r2Z
all_writesr�rr�r;rE�trrrr�get_writable_files�s:

$r�cs�tjj|�r|gSytjd|��Wntd|�gS|}|jd�rX|dd�d}tjj|��y�d
dkrz�d7�Wntk
r�td�YnXy4tjd|���fdd	�t	�fd
d�tj
���D�SgSdS)Nz%s$zbad reg:z(/.*)?r	r rztry failed got an IndexErrorcsg|]}�j|�r|�qSr)�match)r@rA)�patrrrF(szfind_file.<locals>.<listcomp>cs�|S)Nr)rA)r'rrr�(szfind_file.<locals>.<lambda>i����r")�osr'�exists�re�compile�printr��dirname�
IndexErrorr=�listdir)Zregrr)r�r'r�	find_files,

&r�cCsVt|�}xH|j�D]<}|jd�r||krx$||D]}xt|�D]}|SWq2WqWdS)N�_exec_t)�get_entrypoints�keysr�r�)�domain�exclude_listZexecutable_files�exer'rrrr�find_all_files-sr�cCs`t�}y@|jd�rD||krDx(||dD]}xt|�D]}|SWq(WWntk
rZYnXdS)Nr�r�)r�r�r�r�)r�r�r�r'rrrr�find_entrypoint_path7sr�cCs�yZt|d��F}x>|D]6}|j�}|r|djd�r|d|d�||d<qWWdQRXWn0tk
r�}z|jtjkrz�WYdd}~XnX|S)Nr�r�#r)Zequiv�modify)r�r[r��OSError�errno�ENOENT)Zedict�fc_pathr��fd�errrr�read_file_equivCs
(r�cCs"trtSiatt|ddd�atS)Nz.subsT)r�)�file_equiv_modifiedr�)r�rrr�get_file_equiv_modifiedPs
r�cCs&trtSt|�att|ddd�atS)Nz
.subs_distF)r�)�
file_equivr�r�)r�rrr�get_file_equivYs
r�cCs�trtSgay&t|dd��}|j�}WdQRXWn.tk
r`}z|jtjkrR�gSd}~XnXxl|D]d}|j�}t|�dkr�qhy4t|�dkr�t|d}nd}tj	|d|f�Wqht
k
r�YqhXqhWtS)Nz.localr�rrrr)�local_filesr��	readlinesr�r�r�r[rU�trans_file_type_strr|r�)r�r��fcr�rE�recr�rrr�get_local_file_pathsbs,

r�cCs�trtSt|d�}|j�}|j�t|dd�}||j�7}|j�iay*t|dd��}||j�7}WdQRXWn0tk
r�}z|jtjkr��WYdd}~XnXx�|D]�}|j�}yjt|�dkr�t	|d}nd}|djd�d}|tk�r
t|dj
|d	�n|d	g|d
�t|<Wq�Yq�Xq�Wddgitd<dd
gitd<ddgitd<ddgitd<ddgitd<ddgitd<ddgitd<ddgitd<ddgitd<tS)Nr�z	.homedirsz.localrrr�:r�r)r�r�z
all log filesZlogfilezall user tmp filesZ
user_tmp_typezall user home filesZuser_home_typezall virtual image filesZvirt_image_typezBall files on file systems which do not support extended attributesZ	noxattrfsz)all sandbox content in tmpfs file systemsZsandbox_tmpfs_typez&all user content in tmpfs file systemsZuser_tmpfs_typezall files on the system�	file_typezAuse this label for random content that will be shared using sambaZ
samba_share_tr")r�r�r��closer�r�r�r[rUr�r|)r�r�r�r�rEr�r�r�rrrr�~sJ



r�cs<y�fdd�ttgddi�D�Sttfk
r6YnXdS)Ncsg|]}|d�kr|�qS)rdr)r@rA)r`rrrF�sz(get_transitions_into.<locals>.<listcomp>r�process)r�rv�	TypeErrorrj)r`r)r`r�get_transitions_into�s
r�cCs0yttg|dd��Sttfk
r*YnXdS)Nr�)rr)r�rvr�rj)r`rrr�get_transitions�s
r�cCs8ydd�ttgd|i�D�Sttfk
r2YnXdS)NcSsg|]}|ddkr|�qS)rr�r)r@rArrrrF�sz(get_file_transitions.<locals>.<listcomp>r)r�rvr�rj)r`rrr�get_file_transitions�s
r�c
Csdg}ttgd|i�}xJ|D]B}d|kry(x"|dD]}||kr2|j|�q2WWqYqXqW|S)Nrre)r�rrr|)r`rlZboollistrrrrrr�get_boolean_rules�s

r�cCstd�S)NZ
entry_type)r�rrrr�get_all_entrypoints�sr�cs0tjttg�dgdgd�}�fdd�|j�D�S)Nr��
entrypoint)rhrrirRcs g|]}|j�krt|j��qSr)rr>r
)r@rA)r`rrrF�sz(get_entrypoint_types.<locals>.<listcomp>)r4r}r5rrrT)r`rar)r`r�get_entrypoint_types�s
r�cshtj|�djd�d�y0tt�fdd�ttgddd����}|d	d
Sttt	fk
rbYnXdS)Nrr�rcs|d�kS)Nr
r)rA)r�rrr��sz$get_init_transtype.<locals>.<lambda>�init_tr�)rrrrd)
r#Z
getfileconr[r<r�r�rvr�rjr�)r'�entrypointsr)r�r�get_init_transtype�s$r�cCsbtjtdgddgd�}g}xB|j�D]6}y|j|kr@|j|j�Wq$tk
rXw$Yq$Xq$W|S)Nrpr�r�)rhrri)r4r}r5rTrkr|r
rj)rdrar�rErrr�get_init_entrypoint�s

r�cCs�tjtdgddgd�}i}xd|j�D]X}y<t|j�}||krR||jt|j��nt|j�g||<Wq$tk
rzw$Yq$Xq$W|S)Nrpr�r�)rhrri)	r4r}r5rTr>rkr|r
rj)rar�rErdrrr�get_init_entrypoints_str�s

r�cCsHy*tdd�ttgd|dd���}t|�dSttfk
rBYnXdS)NcSs|dS)Nrdr)rArrrr�sz,get_init_entrypoint_target.<locals>.<lambda>r�r�)rr
rr)r=r�rvr<r�r�)r�r�rrr�get_init_entrypoint_target
sr�cCsbt�}i}xRt|�D]F}y$||dt||df||<Wqtk
rXg||<YqXqW|S)Nr�r�)r�r�r�r�)r`r�r�rrrrr�s$r�c	Cs�tt�dkrtSt�tj�}y4t|�}tj�}|j|�t	|jj
��a|j�Wn&tj
jd|�tjd�YnXtj�tS)Nrz#could not open interface info [%s]
r)rU�methods�gen_interfaces�defaults�interface_infor��
interfacesZInterfaceSetZ	from_filer<r�r��sys�stderrr��exitr%)�fnr�Zifsrrr�get_methodss
r�cCstdkrdd�tt�D�atS)NcSsg|]}|d�qS)r:r)r@rArrrrF6sz!get_all_types.<locals>.<listcomp>)r/rbrSrrrr�
get_all_types3sr�cCstdkrttt��atS)N)�all_types_infor<rbrSrrrrr�9sr�cCs&tdkr"ttttd��dd�atS)NZ
userdomainrrC)�
user_typesr<rbrYrrrr�get_user_types?sr�cCsztrtSiatjttgd�}xX|j�D]L}t|j�}t|j�}|dks&|dkrPq&|tkrht|j	|�q&|gt|<q&WtS)N)rhZsystem_r)
r0r4rr5rrrTr>rr
r|)rar�r�Ztgtrrr�get_all_role_allowsFs

r�cCszddl}g}tt��}x^|D]V}|jdd|�}t|�dkrt|jdd|d��dkr|d|kr|j|d�qW|S)Nrz(.*)%sz_exec_t$z_initrc$)r��sortedr��findallrUr|)r�r,rCrE�mrrr�get_all_entrypoint_domainsZs

(r�cCs�yddlm}Wn tk
r0ddlm}YnXtj�}tj�}y tj|�j	tj|�j	kr`dSWnt
k
rvYnXtj�dkr�tt
d���t|d�d�dS)Nr)�getstatusoutputzEYou must regenerate interface info by running /usr/bin/sepolgen-ifgenz/usr/bin/sepolgen-ifgenr)Zcommandsr��ImportError�
subprocessr�r��headersr��stat�st_mtimer��getuidrrr�)r�Zifiler�rrrr�fsr�cCs�trttfSiaiax�tt�D]�}|d|dkr@t|d�}ndt|d�t|d�f}|d|dftkr�t|d|dfj|�n|gt|d|df<d|kr�|d|dft|d|d|df<q|dt|d|d|df<qWttfS)NrLrHz%s-%srKrIrJ)�portrecs�
portrecsbynumrbrZr>r|)rEZportrrr�
gen_port_dictxs("r�cCs"tsttttd��dd�atS)Nr�rrC)r,r<rbrYrrrr�get_all_domains�sr�cCs(trtStjt�}dd�|j�D�atS)NcSs g|]}t|�dkrt|��qS)Zobject_r)r>)r@rArrrrF�sz!get_all_roles.<locals>.<listcomp>)r1r4rXr5rT)rarrr�
get_all_roles�s

r�cCs@ts<ttt��atjr<x$tD]}dj|djd��|d<qWtS)NrrJrn)�selinux_user_listr<rbr]r5r\rxr[)rArrr�get_selinux_users�s
rcCs�trtSttj�d�}|j�}|j�gaxd|jd�D]V}|j�}t|�dks6|j	d�rZq6|jd�}tj
|d|ddj|dd��d��q6WtS)	Nr��
rr�r�rr)r:Zseuserr\)�login_mappingsr�r#Zselinux_usersconf_path�readr�r[�striprUr�r|rx)r��bufrrArrr�get_login_mappings�s
,rcCsttdd�t���S)NcSs|dS)Nr:r)rArrrr��szget_all_users.<locals>.<lambda>)r�r=rrrrr�
get_all_users�srcCs&trtSttttd��dd�atS)Nr�rrC)r2r<r�rbrYrrrrr��sr�cCs&trtSttttd��dd�atS)NZ	port_typerrC)r3r<r�rbrYrrrr�get_all_port_types�srcCststtt��atS)N)r.r<rbr^rrrr�
get_all_bools�sr	cCsdj|dt|��jd��S)Nrnr)rxrUr[)rZtrimrrr�prettyprint�sr
cCs|S)Nr)rrrr�markup�srcCsVd||�}|jd�r(|dt|d�S|jd�rD|dt|d�S|jd�r`|dt|d�S|jd�r||d	t|d�S|jd
�r�|dt|d�S|jd�r�|dt|d�S|jd
�s�|jd�r�|dS|jd�r�|dS|jd�r�|dt|d�S|jd��r|dt|d�S|jd��r:|dt|d�S|jd��rX|dt|d�S|jd��r~|d|dtd��S|jd��r�|dt|d�S|jd��r�|dt|d�S|jd��r�|dt|d�S|jd ��r�|dt|d �S|jd!��r|d"t|d!�S|jd#��r2|d$t|d#�S|jd%��rP|d&t|d%�S|jd'��rn|d(t|d'�S|jd)��r�|d*t|d'�S|jd+��r�|d$t|d+�S|jd,��r�|d-t|d,�S|jd.��r�|d/t|d.�S|jd0��r|d1t|d0�S|jd2��r"|d3t|d2�S|jd4��r@|d1t|d4�S|jd5��r^|d1t|d5�S|jd6��r||d1t|d6�S|jd5��r�|d7t|d5�S|jd8��r�|d9t|d8�S|jd:��r�|d;t|d8�S|jd<��r�|d=t|d<�S|jd>��r|d?t|d>�S|jd@��r&|dAS|jdB��rD|dCt|dB�S|dDt|dE�S)FNz+Set files with the %s type, if you want to Z
_var_run_tz8store the %s files under the /run or /var/run directory.Z_pid_tz,store the %s files under the /run directory.Z
_var_lib_tz0store the %s files under the /var/lib directory.Z_var_tz,store the %s files under the /var directory.Z_var_spool_tz2store the %s files under the /var/spool directory.Z_spool_tZ_cache_tZ_var_cache_tz/store the files under the /var/cache directory.Z	_keytab_tz)treat the files as kerberos keytab files.Z_lock_tzEtreat the files as %s lock data, stored under the /var/lock directoryZ_log_tzKtreat the data as %s log data, usually stored under the /var/log directory.Z	_config_tzRtreat the files as %s configuration data, usually stored under the /etc directory.Z_conf_tr�z,transition an executable to the %s_t domain.Z_cgi_content_tz"treat the files as %s cgi content.Z
_rw_content_tz)treat the files as %s read/write content.Z_rw_tZ_write_tZ_db_tz'treat the files as %s database content.Z
_ra_content_tz*treat the files as %s read/append content.Z_cert_tz'treat the files as %s certificate data.Z_key_tztreat the files as %s key data.Z	_secret_tz"treat the files as %s secret data.Z_ra_tZ_ro_tz(treat the files as %s read/only content.Z
_modules_tztreat the files as %s modules.Z
_content_tztreat the files as %s content.Z_state_tz!treat the files as %s state data.Z_files_tZ_file_tZ_data_tztreat the data as %s content.Z_tmp_tz1store %s temporary files in the /tmp directories.Z_etc_tz'store %s files in the /etc directories.Z_home_tz+store %s files in the users home directory.Z_tmpfs_tz&store %s files on a tmpfs file system.Z_unit_file_tz#treat files as a systemd unit file.Z_htaccess_tz#treat the file as a %s access file.ztreat the files as %s data.r�)r�r
rU)rrZtxtrrr�get_description�s�







rcCs"tstttdd�tt����atS)NcSs|dS)Nr:r)rArrrr�Bsz$get_all_attributes.<locals>.<lambda>)r-r<r�r=rbrYrrrr�get_all_attributes?sr
cCs"x|D]}||tkrdSqWdS)NFT)r~)�dictrRr�rrr�_dict_has_permsFs
rcCspt�}|jd�r&t|�}|dd�}n|}|d|krBtd|��|ddkr`|dd	�d}n|d}||fS)
Nr�rzdomain %s_t does not existrrr���r"r")r�r�r�r)r`r,�
domainname�
short_namerrrr�Ms
r�cCststtg�atS)N)�all_allow_rulesr�rrrrrrr�]s
r�cCs0ts,tjtddttgd�}dd�|j�D�atS)Nz.*T)rlZ
boolean_regexrhcSsg|]}t|��qSr)rm)r@rArrrrFhsz&get_all_bool_rules.<locals>.<listcomp>)�all_bool_rulesr4r}r5rrrurT)rarrr�get_all_bool_rulescs

rcCststttg��atS)N)�all_transitionsr<r�rvrrrr�get_all_transitionsksrc
sg}g}t��\}}x�tdd�t�fdd�t���D]�}x�|D]�}t|t�sNq>ytj|d�}Wntk
r||d}YnX|dj	|�s�|dj	|�r�|d|f|kr�|d|f|kr�|j
|d|f�q>|d|f|ko�|d|f|kr>|j
|d|f�q>Wq4W||fS)NcSs|dS)Nrer)rArrrr�uszget_bools.<locals>.<lambda>csd|ko|d�kS)Nrerr)rA)r`rrr�usrr)r�r=r�r�
isinstance�tupler#Zsecurity_get_boolean_activer�r�r|)r`r.ZdomainboolsrrrErrcr)r`r�	get_boolsqs"$

""rcCststj�datS)Nr)rer#Zsecurity_get_boolean_namesrrrr�get_all_booleans�sr�#/usr/share/selinux/devel/policy.xmlcCsPytj|�}|j�}|j�Wn,tk
rJt|�}|j�}|j�YnX|S)N)�gzipr�rr��IOError)r'r�rrrr�
policy_xml�s
rc
Cs�trtSddl}ia�y�|jjjt|��}�x2|jd�D�]"}x�|jd�D]�}xX|jd�D]J}|jd�jd�jj	d�}t
jdd|�}|jd	�|jd
�|ft|jd	�<qZWxX|jd�D]J}|jd�jd�jj	d�}t
jdd|�}|jd	�|jd
�|ft|jd	�<q�WqJWxT|jd�D]F}|jd�jd�jj	d�}t
jdd|�}d|jd
�|ft|jd	�<�qWq8WxT|jd�D]F}|jd�jd�jj	d�}t
jdd|�}d|jd
�|ft|jd	�<�qlWWnt
k
�r�YnXtS)
NrZlayer�moduleZtunable�descrrrnr:Zdftvalr?�global)�
booleans_dictZxml.etree.ElementTreeZetreeZElementTreeZ
fromstringrr��find�textrr��sub�getr)r'ZxmlZtreerr�rr!rErrr�
gen_bool_dict�s6$($$r(cCs*t�}||krt||d�Std�SdS)Nr�unknown)r(r)rlr#rrr�boolean_category�sr*cCsJt�}||krt||d�S|jd�}d|ddj|dd��fSdS)NrrzAllow %s to %srrnr)r(rr[rx)rlr#r!rrr�boolean_desc�s

r+cCsFd}y$td��}|j�j�}WdQRXWntk
r@d}YnX|S)Nrz/etc/system-releaseZMisc)r��readline�rstripr)Zsystem_releaserrrr�get_os_version�s

r.cCsPdadadadadadadadadada	da	da
dadada
dadadadadS)N)r-r,r/rer#r.r�r2r�r�r�r�r3r0r1r�rr�rrrr�reinit�s&r/)r)r )N)N)r)r)�r�r#r4r$Zsepolgen.defaultsr�Zsepolgen.interfacesr�r�r�r�rZPROGNAME�gettext�kwargs�version_infoZinstall�builtinsr>�__dict__r�Z__builtin__rrSrWrYrZr]r^r_rrrsrtruryrzr~r{rvrwZDEFAULT_DIRSr�rr�r5r�r�r�r�r�r/r�r�r0r�r�r,r1r�rr2r3r.r-rer#rrrrr)r+r7r8r6rr�Zis_selinux_enabledrbrmr�r�r�r�r�r�r�r�r�r�r�Zselinux_file_context_pathr�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�rrrr�rr	r
rrr
rr�r�rrrrrr(r*r+r.r/rrrr�<module>sZ


	



i2
H!
$

		.	
	

]

	

Filemanager

DIR : / usr/ lib/ python3.6/ site-packages/ sepolicy/ __pycache__/
Name Type Size Permission Actions
__init__.cpython-36.opt-1.pyc File 30.88 KB 0644
__init__.cpython-36.pyc File 30.88 KB 0644
booleans.cpython-36.opt-1.pyc File 962 B 0644
booleans.cpython-36.pyc File 962 B 0644
communicate.cpython-36.opt-1.pyc File 1.17 KB 0644
communicate.cpython-36.pyc File 1.17 KB 0644
generate.cpython-36.opt-1.pyc File 42.62 KB 0644
generate.cpython-36.pyc File 42.62 KB 0644
gui.cpython-36.opt-1.pyc File 82.08 KB 0644
gui.cpython-36.pyc File 82.08 KB 0644
interface.cpython-36.opt-1.pyc File 5.77 KB 0644
interface.cpython-36.pyc File 5.77 KB 0644
manpage.cpython-36.opt-1.pyc File 34.85 KB 0644
manpage.cpython-36.pyc File 34.85 KB 0644
network.cpython-36.opt-1.pyc File 1.6 KB 0644
network.cpython-36.pyc File 1.6 KB 0644
sedbus.cpython-36.opt-1.pyc File 2.29 KB 0644
sedbus.cpython-36.pyc File 2.29 KB 0644
transition.cpython-36.opt-1.pyc File 2.9 KB 0644
transition.cpython-36.pyc File 2.9 KB 0644