RepoMirrors/setools
1
0
Fork 0
mirror of https://github.com/SELinuxProject/setools synced 2025-03-19 17:53:56 +00:00
Code Issues Packages Projects Releases Wiki Activity

Leverage new libqpol function for getting object class from role trans.

Browse Source
This commit is contained in:
Chris PeBenito 2014-10-01 10:53:04 -04:00
parent 3f90e48677
commit 10e07c472a
1 changed files with 2 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
libapol/policyrep/rbacrule.py
View File

@ -30,9 +30,7 @@ class RBACRule(rule.PolicyRule):
def __str__(self):
try:
# qpol doesnt currently support role transitons
# with an object class specified (v26+)
return "role_transition {0.source} {0.target} {0.default};".format(self)
return "role_transition {0.source} {0.target}:{0.tclass} {0.default};".format(self)
except rule.InvalidRuleUse:
return "allow {0.source} {0.target};".format(self)
@ -63,12 +61,8 @@ class RBACRule(rule.PolicyRule):
@property
def tclass(self):
"""The rule's object class."""
# qpol doesnt currently support role transitions
# with an object class specified (v26+)
raise NotImplementedError
try:
return objclass.ObjClass(self.policy, self.qpol_symbol.get_target_class(self.policy))
return objclass.ObjClass(self.policy, self.qpol_symbol.get_object_class(self.policy))
except AttributeError:
raise rule.InvalidRuleUse(
"Role allow rules do not have an object class.")