Lines Matching refs:av
156 for av in avs:
157 rule = refpolicy.AVRule(av)
162 rule.comment = str(refpolicy.Comment(explain_access(av, verbosity=self.explain)))
163 if av.type == audit2why.ALLOW:
165 if av.type == audit2why.DONTAUDIT:
168 if av.type == audit2why.BOOLEAN:
169 if len(av.data) > 1:
170 rule.comment += "\n#!!!! This avc can be allowed using one of the these booleans:\n# %s" % ", ".join(map(lambda x: x[0], av.data))
172 rule.comment += "\n#!!!! This avc can be allowed using the boolean '%s'" % av.data[0][0]
174 if av.type == audit2why.CONSTRAINT:
177 rule.comment += "\n\t" + av.data[0]
178 for reason in av.data[1:]:
182 if ( av.type == audit2why.TERULE and
183 "write" in av.perms and
184 ( "dir" in av.obj_class or "open" in av.perms )):
189 for i in map(lambda x: x[TCONTEXT], sesearch([ALLOW], {SCONTEXT: av.src_type, CLASS: av.obj_class, PERMS: av.perms})):
193 rule.comment += "\n#!!!! The source type '%s' can write to a '%s' of the following type:\n# %s\n" % ( av.src_type, av.obj_class, ", ".join(types))
195 rule.comment += "\n#!!!! The source type '%s' can write to a '%s' of the following types:\n# %s\n" % ( av.src_type, av.obj_class, ", ".join(types))
223 def explain_access(av, ml=None, verbosity=SHORT_EXPLANATION):
232 av - access vector representing the access. Should
249 ifcall = call_interface(match.interface, ml.av)
256 for msg in av.audit_msgs:
268 (av.src_type, av.tgt_type, av.obj_class, av.perms.to_space_str()))
272 if len(av.audit_msgs) > 0:
273 msg = av.audit_msgs[0]
281 def call_interface(interface, av):
293 ifcall.args.append(av.src_type)
295 ifcall.args.append(av.tgt_type)
297 ifcall.args.append(av.obj_class)
340 ifcall = call_interface(ml.best().interface, ml.av)
342 ifcall.comment = refpolicy.Comment(explain_access(ml.av, ml, verbosity))
361 for av in avs:
363 self.matcher.search_ifs(self.ifs, av, ans)
367 raw_av.append(av)