Range_transitions are expanded in the qpol representation, but attributes
can still be used as criteria.
Hard code default role to indirect to handle role attributes in the
criteria. Role attributes don't survive in the qpol
representation yet, so this is a forward-looking change.
Similarly hard code the default type matching to indirect so attributes can
be used for default type criteria in type_* rules. Adjust default criteria
lookup function accordingly.
Related to #111
Makes use simpler. The setools submodules map 1:1 to classes anyway;
the separate modules are simply to ease organization.
Change seinfo to use conditional setter use rather than conditional
instantiation of queries. Note: pylint disable is added because pylint
gets confused by the reuse of the q variable and thinks that q is always
BoolQuery, so it incorrectly reports missing member functions.
Group all exception classes into a module for each package. This is the
first step towards having all exceptions raised by setools libs be a child of
SEToolsException.
Fully compare the lists rather than only counting objects.
Also fix comparison problem in Nodecon and Genfscon. In libqpol, the all
genfscons/nodecons iterators allocate new objects, so the pointer
comparison in PolicySymbol fails.
