diff --git a/setools/policyrep/boolcond.pxi b/setools/policyrep/boolcond.pxi
index 798c4ca..185d6f3 100644
--- a/setools/policyrep/boolcond.pxi
+++ b/setools/policyrep/boolcond.pxi
@@ -17,11 +17,8 @@
# License along with SETools. If not, see
# .
#
-from itertools import chain, product
-from collections import namedtuple
-
-truth_table_row = namedtuple("truth_table_row", ["values", "result"])
+truth_table_row = collections.namedtuple("truth_table_row", ["values", "result"])
cdef dict _cond_cache = {}
@@ -243,7 +240,7 @@ cdef class Conditional(PolicySymbol):
truth_table = []
# create a list of all combinations of T/F for each Boolean
- truth_list = list(product([True, False], repeat=len(bools)))
+ truth_list = list(itertools.product([True, False], repeat=len(bools)))
for row in truth_list:
values = {bools[i]: row[i] for i in range(len(bools))}
diff --git a/setools/policyrep/libpolicyrep.pyx b/setools/policyrep/libpolicyrep.pyx
index 91455f8..aa20ea8 100644
--- a/setools/policyrep/libpolicyrep.pyx
+++ b/setools/policyrep/libpolicyrep.pyx
@@ -26,6 +26,13 @@ from libc.stdlib cimport calloc, free
from libc.string cimport memcpy, memset, strerror
from posix.stat cimport S_IFBLK, S_IFCHR, S_IFDIR, S_IFIFO, S_IFREG, S_IFLNK, S_IFSOCK
+import logging
+import warnings
+import itertools
+import ipaddress
+import collections
+import enum
+
cimport sepol
cimport selinux
diff --git a/setools/policyrep/mls.pxi b/setools/policyrep/mls.pxi
index 07c026f..f8e897c 100644
--- a/setools/policyrep/mls.pxi
+++ b/setools/policyrep/mls.pxi
@@ -18,7 +18,6 @@
# .
#
# pylint: disable=protected-access
-import itertools
cdef dict _cat_cache = {}
cdef dict _sens_cache = {}
diff --git a/setools/policyrep/mlsrule.pxi b/setools/policyrep/mlsrule.pxi
index b58c38a..eb2fcdc 100644
--- a/setools/policyrep/mlsrule.pxi
+++ b/setools/policyrep/mlsrule.pxi
@@ -17,7 +17,6 @@
# License along with SETools. If not, see
# .
#
-import itertools
class MLSRuletype(PolicyEnum):
diff --git a/setools/policyrep/netcontext.pxi b/setools/policyrep/netcontext.pxi
index 0652db1..cbeabc2 100644
--- a/setools/policyrep/netcontext.pxi
+++ b/setools/policyrep/netcontext.pxi
@@ -17,13 +17,8 @@
# License along with SETools. If not, see
# .
#
-from collections import namedtuple
-from ipaddress import ip_address, ip_network
-import warnings
-import logging
-
-PortconRange = namedtuple("PortconRange", ["low", "high"])
+PortconRange = collections.namedtuple("PortconRange", ["low", "high"])
#
# Classes
@@ -138,12 +133,12 @@ cdef class Nodecon(Ocontext):
try:
# checkpolicy does not verify that no host bits are set,
# so strict will raise an exception if host bits are set.
- n.network = ip_network(net_with_mask)
+ n.network = ipaddress.ip_network(net_with_mask)
except ValueError as ex:
log = logging.getLogger(__name__)
log.warning("Nodecon with network {} {} has host bits set. Analyses may have "
"unexpected results.".format(n._addr, n._mask))
- n.network = ip_network(net_with_mask, strict=False)
+ n.network = ipaddress.ip_network(net_with_mask, strict=False)
return n
diff --git a/setools/policyrep/selinuxpolicy.pxi b/setools/policyrep/selinuxpolicy.pxi
index cb1a317..117debd 100644
--- a/setools/policyrep/selinuxpolicy.pxi
+++ b/setools/policyrep/selinuxpolicy.pxi
@@ -19,9 +19,6 @@
#
# pylint: disable=too-many-public-methods
-import logging
-from collections import Counter
-
class PolicyTarget(PolicyEnum):
@@ -223,7 +220,7 @@ cdef class SELinuxPolicy:
cdef cache_constraint_counts(self):
"""Count all constraints in one iteration."""
if not self.constraint_counts:
- self.constraint_counts = Counter(r.ruletype for r in self.constraints())
+ self.constraint_counts = collections.Counter(r.ruletype for r in self.constraints())
cdef cache_terule_counts(self):
"""Count all TE rules in one iteration."""
@@ -387,7 +384,7 @@ cdef class SELinuxPolicy:
@property
def permission_count(self):
"""The number of permissions."""
- return sum(len(c.perms) for c in chain(self.commons(), self.classes()))
+ return sum(len(c.perms) for c in itertools.chain(self.commons(), self.classes()))
@property
def permissives_count(self):
@@ -549,7 +546,7 @@ cdef class SELinuxPolicy:
def lookup_type_or_attr(self, name):
"""Look up a type or type attribute by name."""
- for t in chain(self.types(), self.typeattributes()):
+ for t in itertools.chain(self.types(), self.typeattributes()):
if t == name:
return t
@@ -640,8 +637,8 @@ cdef class SELinuxPolicy:
def rbacrules(self):
"""Iterator over all RBAC rules."""
- return chain(RoleAllowIterator.factory(self, self.handle.p.role_allow),
- RoleTransitionIterator.factory(self, self.handle.p.role_tr))
+ return itertools.chain(RoleAllowIterator.factory(self, self.handle.p.role_allow),
+ RoleTransitionIterator.factory(self, self.handle.p.role_tr))
def terules(self):
"""Iterator over all type enforcement rules."""
@@ -682,10 +679,12 @@ cdef class SELinuxPolicy:
def nodecons(self):
"""Iterator over all nodecon statements."""
- return chain(NodeconIterator.factory(self, self.handle.p.ocontexts[sepol.OCON_NODE],
- NodeconIPVersion.ipv4),
- NodeconIterator.factory(self, self.handle.p.ocontexts[sepol.OCON_NODE6],
- NodeconIPVersion.ipv6))
+ return itertools.chain(NodeconIterator.factory(self,
+ self.handle.p.ocontexts[sepol.OCON_NODE],
+ NodeconIPVersion.ipv4),
+ NodeconIterator.factory(self,
+ self.handle.p.ocontexts[sepol.OCON_NODE6],
+ NodeconIPVersion.ipv6))
def portcons(self):
"""Iterator over all portcon statements."""
diff --git a/setools/policyrep/terule.pxi b/setools/policyrep/terule.pxi
index 915b1b1..1e1ddeb 100644
--- a/setools/policyrep/terule.pxi
+++ b/setools/policyrep/terule.pxi
@@ -17,7 +17,6 @@
# License along with SETools. If not, see
# .
#
-import itertools
#
@@ -557,7 +556,7 @@ cdef class TERuleIterator(PolicyIterator):
sepol.avtab_ptr_t node
uint32_t bucket = 0
- count = Counter()
+ count = collections.Counter()
while bucket < self.table[0].nslot:
node = self.table[0].htable[bucket]
@@ -640,7 +639,7 @@ cdef class ConditionalTERuleIterator(PolicyIterator):
"""
cdef sepol.cond_av_list_t *curr
- count = Counter()
+ count = collections.Counter()
curr = self.head
while curr != NULL:
diff --git a/setools/policyrep/typeattr.pxi b/setools/policyrep/typeattr.pxi
index 4413ac9..18f89fd 100644
--- a/setools/policyrep/typeattr.pxi
+++ b/setools/policyrep/typeattr.pxi
@@ -17,7 +17,6 @@
# License along with SETools. If not, see
# .
#
-import warnings
#
# Cache objects
diff --git a/setools/policyrep/util.pxi b/setools/policyrep/util.pxi
index 39eb980..7b7482d 100644
--- a/setools/policyrep/util.pxi
+++ b/setools/policyrep/util.pxi
@@ -16,14 +16,11 @@
# License along with SETools. If not, see
# .
#
-import warnings
-
-from enum import Enum
#
# Classes
#
-class PolicyEnum(Enum):
+class PolicyEnum(enum.Enum):
"""
Base class for policy enumerations.
diff --git a/setools/policyrep/xencontext.pxi b/setools/policyrep/xencontext.pxi
index 26d8176..de96285 100644
--- a/setools/policyrep/xencontext.pxi
+++ b/setools/policyrep/xencontext.pxi
@@ -17,10 +17,9 @@
# License along with SETools. If not, see
# .
#
-from collections import namedtuple
-IomemconRange = namedtuple("IomemconRange", ["low", "high"])
-IoportconRange = namedtuple("IoportconRange", ["low", "high"])
+IomemconRange = collections.namedtuple("IomemconRange", ["low", "high"])
+IoportconRange = collections.namedtuple("IoportconRange", ["low", "high"])
#