--- /dev/null
+# -*- coding:utf-8 -*-
+
+# py-rsbac - RSBAC Python bindings
+# Copyright (C) 2006 Frederic Jolliton <pyrsbac@tuxee.net>
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+
+__all__ = [
+ 'Object' ,
+ 'FD' , 'File' , 'Fifo' , 'Symlink' , 'Directory' , 'Device' ,
+ 'User' , 'Group' , 'Process' ,
+ 'Ipc' , 'IpcSem' , 'IpcMsg' , 'IpcShm' ,
+ 'IpcAnonPipe' , 'IpcMqueue' , 'IpcAnonUnix' ,
+ 'NetworkDevice' , 'NetworkTemplate'
+ ]
+
+import sys
+import new
+import pwd, grp
+import socket
+import re
+import operator
+from ctypes import byref
+
+from rsbac import headers, lib, transaction
+from rsbac._data import RequestVector, AclRequestVector, JailScdVector
+from rsbac._data import FileFlags, PaxFlags, CapsFlags, JailFlags
+from rsbac.errors import Error, raiseIfError
+from rsbac._utils import aptr, slowButCorrectStringAssignation
+from rsbac._utils import stringToByteArray, byteArrayToString, fetch
+from rsbac._utils import ipToInt, intToIp, ttlToInt, intToTtl
+from rsbac._utils import processName, digits
+
+# Singleton. Obviously bad for MT. But good for performance..
+g_attributeValue = headers.rsbac_attribute_value_t()
+g_attributeValueRef = byref( g_attributeValue )
+
+from rsbac_auto import g_attributes
+
+from rsbac.rc import RcTypeDict, Role, Type
+
+def buildObjectClass( className , parents , target , byName ) :
+ if isinstance( target , tuple ) :
+ target , realTarget = target
+ else :
+ target , realTarget = target , target
+ attrs = {}
+ if byName :
+ fget = lib.rsbac_get_attr_n
+ fset = lib.rsbac_set_attr_n
+ frem = lib.rsbac_remove_target_n
+ amget = lib.rsbac_acl_get_mask_n
+ amset = lib.rsbac_acl_n
+ else :
+ fget = lib.rsbac_get_attr
+ fset = lib.rsbac_set_attr
+ frem = lib.rsbac_remove_target
+ amget = lib.rsbac_acl_get_mask
+ amset = lib.rsbac_acl
+ def remover( id ) :
+ raiseIfError( frem( transaction._t , target , id ) )
+ def mremove( self ) :
+ return remover( self._id )
+ attrs[ 'remover' ] = staticmethod( remover )
+ attrs[ 'remove' ] = mremove
+ def addAclMaskAttribute() :
+ rights = headers.rsbac_acl_rights_vector_t()
+ rightsRef = byref( rights )
+ sm = headers.ACLC_set_mask
+ def getter( id ) :
+ raiseIfError( amget( transaction._t , target , id , rightsRef ) )
+ return rights.value
+ if byName :
+ arg = headers.rsbac_acl_syscall_n_arg_t()
+ else :
+ arg = headers.rsbac_acl_syscall_arg_t()
+ arg.type = target
+ argRef = byref( arg )
+ if byName :
+ def setter( id , mask ) :
+ arg.name = id
+ arg.rights = mask
+ raiseIfError( amset( transaction._t , sm , argRef ) )
+ else :
+ def setter( id , mask ) :
+ arg.tid = id
+ arg.rights = mask
+ raiseIfError( amset( transaction._t , sm , argRef ) )
+ def mget( self ) :
+ return AclRequestVector( getter( self._id ) )
+ def mset( self , value ) :
+ return setter( self._id , int( value ) )
+ attrs[ 'getter_acl_mask' ] = staticmethod( getter )
+ attrs[ 'setter_acl_mask' ] = staticmethod( setter )
+ attrs[ 'get_acl_mask' ] = mget
+ attrs[ 'set_acl_mask' ] = mset
+ attrs[ 'acl_mask' ] = property( mget , mset )
+ def addLogArrayAttribute() :
+ module = headers.SW_GEN
+ attr1 = headers.A_log_array_low
+ attr2 = headers.A_log_array_high
+ def getter( id ) :
+ raiseIfError( fget( transaction._t , module , target , id , attr1 , g_attributeValueRef , 0 ) )
+ v1 = g_attributeValue.log_array_low
+ raiseIfError( fget( transaction._t , module , target , id , attr2 , g_attributeValueRef , 0 ) )
+ v2 = g_attributeValue.log_array_high
+ return tuple( [ int( item[ 0 ] + 2 * item[ 1 ] )
+ for item in zip( digits( v1 , 2 , 64 ) ,
+ digits( v2 , 2 , 64 ) ) ] )
+ def getterEffective( id ) :
+ raiseIfError( fget( transaction._t , module , target ,
+ id , attr1 , g_attributeValueRef , 1 ) )
+ v1 = g_attributeValue.log_array_low
+ raiseIfError( fget( transaction._t , module , target ,
+ id , attr2 , g_attributeValueRef , 1 ) )
+ v2 = g_attributeValue.log_array_high
+ return tuple( [ int( item[ 0 ] + 2 * item[ 1 ] )
+ for item in zip( digits( v1 , 2 , 64 ) ,
+ digits( v2 , 2 , 64 ) ) ] )
+ def setter( id , value ) :
+ if not isinstance( value , ( tuple , list ) ) or len( value ) != 64 :
+ raise RuntimeError , 'expected a sequence of 64 elements'
+ v1 , v2 = 0 , 0
+ mask = 1 << 63
+ for item in value :
+ if item & 1 :
+ v1 |= mask
+ if item & 2 :
+ v2 |= mask
+ mask >>= 1
+ g_attributeValue.log_array_low = v1
+ raiseIfError( fset( transaction._t , module , target ,
+ id , attr1 , g_attributeValueRef , 0 ) )
+ g_attributeValue.log_array_high = v2
+ raiseIfError( fset( transaction._t , module , target ,
+ id , attr2 , g_attributeValueRef , 0 ) )
+ def mget( self ) :
+ return getter( self._id )
+ def mgetEffective( self ) :
+ return getterEffective( self._id )
+ def mset( self , value ) :
+ setter( self._id , value )
+ attrs[ 'getter_log_array' ] = staticmethod( getter )
+ attrs[ 'getter_eff_log_array' ] = staticmethod( getterEffective )
+ attrs[ 'setter_log_array' ] = staticmethod( setter )
+ attrs[ 'get_log_array' ] = mget
+ attrs[ 'get_eff_log_array' ] = mgetEffective
+ attrs[ 'set_log_array' ] = mset
+ attrs[ 'log_array' ] = property( mget , mset )
+ attrs[ 'eff_log_array' ] = property( mgetEffective )
+ def addAttribute( module , vid , name , field ,
+ pre = None , post = None ,
+ mpre = None , mpost = None ) :
+ #
+ # getter for real value
+ #
+ if post is None :
+ def getter( id ) :
+ raiseIfError( fget( transaction._t , module , target ,
+ id , vid , g_attributeValueRef , 0 ) )
+ return getattr( g_attributeValue , field )
+ else :
+ def getter( id ) :
+ raiseIfError( fget( transaction._t , module , target ,
+ id , vid , g_attributeValueRef , 0 ) )
+ return post( getattr( g_attributeValue , field ) )
+ #
+ # getter for effective value
+ #
+ if post is None :
+ def getterEffective( id ) :
+ raiseIfError( fget( transaction._t , module , target ,
+ id , vid , g_attributeValueRef , 1 ) )
+ return getattr( g_attributeValue , field )
+ else :
+ def getterEffective( id ) :
+ raiseIfError( fget( transaction._t , module , target ,
+ id , vid , g_attributeValueRef , 1 ) )
+ return post( getattr( g_attributeValue , field ) )
+ #
+ # setter
+ #
+ if pre is None :
+ def setter( id , value ) :
+ setattr( g_attributeValue , field , value )
+ raiseIfError( fset( transaction._t , module , target ,
+ id , vid , g_attributeValueRef ) )
+ else :
+ def setter( id , value ) :
+ setattr( g_attributeValue , field , pre( value ) )
+ raiseIfError( fset( transaction._t , module , target ,
+ id , vid , g_attributeValueRef ) )
+ #
+ # member functions
+ #
+ if mpost is None :
+ def mget( self ) :
+ return getter( self._id )
+ def mgetEffective( self ) :
+ return getterEffective( self._id )
+ else :
+ if isinstance( mpost , tuple ) :
+ mpost , withSelf = mpost
+ else :
+ withSelf = False
+ if not withSelf :
+ def mget( self ) :
+ return mpost( getter( self._id ) )
+ def mgetEffective( self ) :
+ return mpost( getterEffective( self._id ) )
+ else :
+ def mget( self ) :
+ return mpost( getter( self._id ) , self )
+ def mgetEffective( self ) :
+ return mpost( getterEffective( self._id ) , self )
+ if mpre is None :
+ def mset( self , value ) :
+ return setter( self._id , value )
+ else :
+ if isinstance( mpre , tuple ) :
+ mpre , withSelf = mpost
+ else :
+ withSelf = False
+ if not withSelf :
+ def mset( self , value ) :
+ return setter( self._id , mpre( value ) )
+ else :
+ def mset( self , value ) :
+ return setter( self._id , mpre( value , self ) )
+ #
+ attrs[ 'getter_' + name ] = staticmethod( getter )
+ attrs[ 'setter_' + name ] = staticmethod( setter )
+ attrs[ 'getter_eff_' + name ] = staticmethod( getterEffective )
+ #
+ attrs[ 'get_' + name ] = mget
+ attrs[ 'set_' + name ] = mset
+ attrs[ name ] = property( mget , mset )
+ #
+ attrs[ 'get_eff_' + name ] = mgetEffective
+ attrs[ 'eff_' + name ] = property( mgetEffective )
+ attributes = []
+ def raUnpack( value ) :
+ return tuple( map( int , value ) )
+ def raPack( value ) :
+ t = headers.rsbac_res_array_t()
+ t[ : ] = value
+ return t
+ fields = set()
+ for attribute , module , field , ctype , targets in g_attributes :
+ module = getattr( headers , 'SW_' + module )
+ attributeId = getattr( headers , 'A_' + attribute )
+ targets = [ getattr( headers , 'T_' + n ) for n in targets ]
+ if ( target in targets or realTarget in targets ) \
+ and attribute not in [ 'log_array_low' , 'log_array_high' ] :
+ attributes.append( attribute )
+ if ctype == 'rsbac_jail_ip_t' or field == 'remote_ip' :
+ mpre , mpost = ipToInt , intToIp
+ elif ctype == 'rsbac_jail_scd_vector_t' :
+ mpre , mpost = int , JailScdVector
+ elif ctype == 'rsbac_jail_id_t' :
+ mpre , mpost = int , int
+ elif ctype == 'rsbac_jail_flags_t' :
+ mpre , mpost = int , JailFlags
+ elif ctype == 'rsbac_boolean_t' :
+ mpre , mpost = int , bool
+ elif ctype == 'rsbac_rc_role_id_t' :
+ mpre , mpost = int , Role
+ elif ctype == 'rsbac_rc_type_id_t' :
+ mpre , mpost = int , lambda n : Type( realTarget , n )
+ elif ctype == 'rsbac_request_vector_t' :
+ mpre , mpost = int , RequestVector
+ elif ctype == 'rsbac_ff_flags_t' :
+ mpre , mpost = int , FileFlags
+ elif ctype == 'rsbac_uid_t' :
+ mpre , mpost = int , lambda n : User( n ) # defer, since User is not yet defined
+ elif ctype == 'rsbac_pax_flags_t' :
+ mpre , mpost = int , PaxFlags
+ elif ctype == 'rsbac_cap_vector_t' :
+ mpre , mpost = int , CapsFlags
+ else :
+ mpre , mpost = None , None
+ if ctype == 'rsbac_res_array_t' :
+ pre , post = raPack , raUnpack
+ else :
+ pre , post = None , None
+ addAttribute( module , attributeId , attribute , field ,
+ pre , post , mpre , mpost )
+ fields.add( field )
+ if 'log_array_low' in fields and 'log_array_high' in fields :
+ addLogArrayAttribute()
+ attributes.append( 'log_array' )
+ addAclMaskAttribute()
+ attrs[ 'type' ] = target
+ attrs[ 'attributes' ] = sorted( attributes )
+ attrs[ '_byName' ] = byName
+ return type( className , parents , attrs )
+
+class Object( object ) :
+ """Base class for all RSBAC objects.
+
+ """
+ pass
+
+class ObjectWithAttributes( Object ) :
+ """Base class for objects with RSBAC attributes.
+
+ """
+ def getAllAttributes( self ) :
+ r = {}
+ for name in self.attributes :
+ try :
+ r[ name ] = getattr( self , name )
+ except Error :
+ pass
+ return r
+
+#--[ FD ]---------------------------------------------------------------------
+
+_g_defaultFd = {}
+
+class FDBase( ObjectWithAttributes ) :
+ """Base class for FD hierarchy.
+
+ """
+ type = headers.T_FD
+ def __new__( cls , id ) :
+ if id is None :
+ instance = _g_defaultFd.get( cls.type )
+ if instance is None :
+ instance = ObjectWithAttributes.__new__( cls )
+ instance.__init_singleton__( id )
+ _g_defaultFd[ cls.type ] = instance
+ else :
+ instance = ObjectWithAttributes.__new__( cls )
+ instance.__init_singleton__( id )
+ return instance
+ def __init_singleton__( self , id ) :
+ if not isinstance( id , str ) and id is not None :
+ raise TypeError , 'Invalid id %r' % ( id , )
+ self._id = id
+ self.acl = acl.AclByName( self )
+ def __eq__( self , other ) :
+ return self is other or ( isinstance( other , FDBase )
+ and self.type == other.type
+ and self._id == other._id )
+ def __str__( self ) :
+ return self._id
+ def __repr__( self ) :
+ if self._id is None :
+ return '<Default%s>' % self.__class__.__name__
+ else :
+ return '<%s %r>' % ( self.__class__.__name__ , self._id )
+
+FD = \
+ buildObjectClass( 'FD' , ( FDBase , ) ,
+ headers.T_FD , True )
+File = \
+ buildObjectClass( 'File' , ( FDBase , ) ,
+ ( headers.T_FILE , headers.T_FD ) , True )
+Fifo = \
+ buildObjectClass( 'Fifo' , ( FDBase , ) ,
+ ( headers.T_FIFO , headers.T_FD ) , True )
+Symlink = \
+ buildObjectClass( 'Symlink' , ( FDBase , ) ,
+ ( headers.T_SYMLINK , headers.T_FD ) , True )
+Directory = \
+ buildObjectClass( 'Directory' , ( FDBase , ) ,
+ ( headers.T_DIR , headers.T_FD ) , True )
+Device = \
+ buildObjectClass( 'Device' , ( FDBase , ) ,
+ ( headers.T_DEV , headers.T_FD ) , True )
+
+#--[ Device ]-----------------------------------------------------------------
+
+class DeviceBase( ObjectWithAttributes ) :
+ type = headers.T_DEV # Needed for RcTypeDict
+
+class BlockDeviceBase( DeviceBase ) :
+ def __init__( self , major , minor = None ) :
+ super( BlockDeviceBase , self ).__init__()
+ self._dev = ( major , minor )
+ id = headers.rsbac_target_id_t()
+ if minor is not None :
+ id.dev.type = headers.D_block
+ id.dev.major = major
+ id.dev.minor = minor
+ else :
+ id.dev.type = headers.D_block_major
+ id.dev.major = major
+ self._id = byref( id )
+ self.acl = acl.AclById( self )
+ def __eq__( self , other ) :
+ return self is other or ( isinstance( other , BlockDeviceBase )
+ and self._dev == other._dev )
+ def __repr__( self ) :
+ if self._dev[ 1 ] is None :
+ dev = self._dev[ 0 ]
+ else :
+ dev = '%d:%d' % ( self._dev )
+ return '<BlockDevice %s>' % dev
+
+BlockDevice = buildObjectClass( 'BlockDevice' ,
+ ( BlockDeviceBase , ) ,
+ headers.T_DEV , False )
+
+class CharacterDeviceBase( DeviceBase ) :
+ def __init__( self , major , minor = None ) :
+ super( CharacterDeviceBase , self ).__init__()
+ self._dev = ( major , minor )
+ id = headers.rsbac_target_id_t()
+ if minor is not None :
+ id.dev.type = headers.D_char
+ id.dev.major = major
+ id.dev.minor = minor
+ else :
+ id.dev.type = headers.D_char_major
+ id.dev.major = major
+ self._id = byref( id )
+ self.acl = acl.AclById( self )
+ def __eq__( self , other ) :
+ return self is other or ( isinstance( other , CharacterDeviceBase )
+ and self._dev == other._dev )
+ def __repr__( self ) :
+ if self._dev[ 1 ] is None :
+ dev = self._dev[ 0 ]
+ else :
+ dev = '%d:%d' % ( self._dev )
+ return '<CharacterDevice %s>' % dev
+
+CharacterDevice = buildObjectClass( 'CharacterDevice' ,
+ ( CharacterDeviceBase , ) ,
+ headers.T_DEV , False )
+
+#--[ User ]-------------------------------------------------------------------
+
+_g_user_mod = headers.rsbac_uid_t( -1 ).value + 1
+assert _g_user_mod > 0
+_g_user_max_value = headers.rsbac_uid_t( -32 ).value # FIXME: -32?
+def _nuser( n ) :
+ n %= _g_user_mod
+ if n >= _g_user_max_value :
+ return n - _g_user_mod
+ else :
+ return n
+_g_users = {}
+_g_pseudoUsers = {
+ -3 : 'no_user' ,
+ -4 : 'all_users' ,
+ }
+
+class UserBase( ObjectWithAttributes ) :
+ def __new__( cls , user ) :
+ user = _nuser( user )
+ if user < 0 :
+ instance = _g_users.get( user )
+ if instance is None :
+ instance = ObjectWithAttributes.__new__( cls )
+ instance.__init_singleton__( user )
+ _g_users[ user ] = instance
+ return instance
+ else :
+ instance = ObjectWithAttributes.__new__( cls )
+ instance.__init_singleton__( user )
+ return instance
+ def __init_singleton__( self , user ) :
+ ObjectWithAttributes.__init__( self )
+ id = lib.rsbac_target_id_t()
+ if isinstance( user , ( int , long ) ) :
+ uid = user
+ elif isinstance( user , ( str , unicode ) ) :
+ uid = pwd.getpwnam( user )[ 2 ]
+ else :
+ raise RuntimeError , 'Unexpected user id %r' % ( user , )
+ id.user = uid
+ self.uid = uid
+ self._id = byref( id )
+ self.acl = acl.AclById( self )
+ def __int__( self ) :
+ return int( self.uid )
+ def __long__( self ) :
+ return long( self.uid )
+ def __eq__( self , other ) :
+ return self is other or ( isinstance( other , UserBase )
+ and self.uid == other.uid )
+ def __repr__( self ) :
+ if self.uid < 0 :
+ return '<PseudoUser %s>' % ( _g_pseudoUsers.get( self.uid , self.uid ) , )
+ else :
+ return '<User %d>' % self.uid
+ def removeFromAcl( self ) :
+ return acl.aclRemoveUser( self.uid )
+
+User = buildObjectClass( 'User' , ( UserBase , ) , headers.T_USER , False )
+
+#--[ Group ]------------------------------------------------------------------
+
+_g_group_mod = headers.rsbac_gid_t( -1 ).value + 1
+assert _g_group_mod > 0
+_g_group_max_value = headers.rsbac_gid_t( -32 ).value # FIXME: -32?
+def _ngroup( n ) :
+ n %= _g_group_mod
+ if n >= _g_group_max_value :
+ return n - _g_group_mod
+ else :
+ return n
+_g_groups = {}
+_g_pseudoGroups = {
+ -3 : 'no_group' ,
+ -4 : 'all_groups' ,
+ }
+
+class GroupBase( ObjectWithAttributes ) :
+ def __new__( cls , group ) :
+ group = _ngroup( group )
+ if group < 0 :
+ instance = _g_groups.get( group )
+ if instance is None :
+ instance = ObjectWithAttributes.__new__( cls )
+ instance.__init_singleton__( group )
+ _g_groups[ group ] = instance
+ return instance
+ else :
+ instance = ObjectWithAttributes.__new__( cls )
+ instance.__init_singleton__( group )
+ return instance
+ def __init_singleton__( self , group ) :
+ ObjectWithAttributes.__init__( group )
+ id = headers.rsbac_target_id_t()
+ if isinstance( group , ( int , long ) ) :
+ gid = group
+ elif isinstance( group , ( str , unicode ) ) :
+ gid = grp.getgrnam( group )[ 2 ]
+ else :
+ raise RuntimeError , 'Unexpected group id %r' % ( group , )
+ id.group = gid
+ self.gid = gid
+ self._id = byref( id )
+ self.acl = acl.AclById( self )
+ def __int__( self ) :
+ return int( self.gid )
+ def __long__( self ) :
+ return long( self.gid )
+ def __eq__( self , other ) :
+ return self is other or ( isinstance( other , GroupBase )
+ and self.gid == other.gid )
+ def __repr__( self ) :
+ if self.gid < 0 :
+ return '<PseudoGroup %s>' % ( _g_pseudoGroups.get( self.gid , self.gid ) , )
+ else :
+ return '<Group %d>' % self.gid
+
+Group = buildObjectClass( 'Group' , ( GroupBase , ) , headers.T_GROUP , False )
+
+#--[ Process ]----------------------------------------------------------------
+
+class ProcessBase( ObjectWithAttributes ) :
+ def __init__( self , process ) :
+ super( ProcessBase , self ).__init__()
+ id = headers.rsbac_target_id_t()
+ id.process = process
+ self.pid = process
+ self._id = byref( id )
+ def __int__( self ) :
+ return int( self.pid )
+ def __long__( self ) :
+ return long( self.pid )
+ def __eq__( self , other ) :
+ return self is other or ( isinstance( other , ProcessBase )
+ and self.pid == other.pid )
+ def __repr__( self ) :
+ return '<Process %d %r>' % ( self.pid , processName( self.pid ) )
+
+Process = buildObjectClass( 'Process' , ( ProcessBase , ) , headers.T_PROCESS , False )
+
+#--[ IPC ]--------------------------------------------------------------------
+
+class IpcBase( ObjectWithAttributes ) :
+ ipc = headers.I_none
+ def __init__( self , ipcId ) :
+ super( IpcBase , self ).__init__()
+ id = headers.rsbac_target_id_t()
+ id.ipc.type = self.ipc
+ id.ipc.id.id_nr = ipcId
+ self._id = byref( id )
+ self.id = ipcId
+ def __int__( self ) :
+ return int( self.id )
+ def __long__( self ) :
+ return long( self.id )
+ def __repr__( self ) :
+ return '<%s %d>' % ( self.__class__.__name__ , self.id )
+
+Ipc = buildObjectClass( 'Ipc' , ( IpcBase , ) , headers.T_IPC , False )
+
+class IpcSem( Ipc ) :
+ ipc = headers.I_sem
+
+class IpcMsg( Ipc ) :
+ ipc = headers.I_msg
+
+class IpcShm( Ipc ) :
+ ipc = headers.I_shm
+
+class IpcAnonPipe( Ipc ) :
+ ipc = headers.I_anonpipe
+
+class IpcMqueue( Ipc ) :
+ ipc = headers.I_mqueue
+
+class IpcAnonUnix( Ipc ) :
+ ipc = headers.I_anonunix
+
+#--[ SCD ]--------------------------------------------------------------------
+
+g_scd = {}
+
+class Scd( Object ) :
+ type = headers.T_SCD
+ def __new__( cls , target , *args , **kwargs ) :
+ instance = g_scd.get( target )
+ if instance is None :
+ instance = object.__new__( cls )
+ instance.__init_singleton__( target , *args , **kwargs )
+ g_scd[ target ] = instance
+ return instance
+ def __init_singleton__( self , target , name ) :
+ super( Scd , self ).__init__()
+ id = lib.rsbac_target_id_t()
+ id.scd = target
+ self._id = byref( id )
+ self.id = target
+ self.name = name
+ def getRcType( self ) :
+ return Type( self.type , self.id )
+ rc_type = property( getRcType )
+ def __repr__( self ) :
+ return '<SCD %s>' % self.name
+
+system = new.module( 'system' )
+
+def createScdObject() :
+ prefix = 'ST_'
+ for k , v in headers.__dict__.items() :
+ if k.startswith( prefix ) :
+ k = k[ len( prefix ) : ]
+ scd = Scd( v , k )
+ setattr( system , k , scd )
+
+# Create SystemClock, SystemSysctl, SystemQuota,..
+createScdObject()
+
+#--[ NetworkObject ]----------------------------------------------------------
+
+class NetworkObject( Object ) :
+ type = headers.T_NETOBJ
+ def __init__( self , *args , **kwargs ) : raise NotImplementedError
+ def __repr__( self ) :
+ return '<NetworkObject>'
+
+#--[ NetworkDevice ]----------------------------------------------------------
+
+# Not exported. Included in NetworkDevice class.
+def getAllNetworkDevice() :
+ """*Return a list of all network devices involved with RSBAC rules."""
+ arr = fetch( headers.rsbac_netdev_id_t ,
+ lambda n , a : lib.rsbac_net_list_all_netdev( transaction._t , a , n ) )
+ return sorted( map( byteArrayToString , arr ) )
+
+class NetworkDeviceBase( ObjectWithAttributes ) :
+ def __init__( self , name ) :
+ super( NetworkDeviceBase , self ).__init__()
+ id = headers.rsbac_target_id_t()
+ stringToByteArray( id.netdev , name , minPadding = 1 )
+ self._name = name
+ self._id = byref( id )
+ self.acl = acl.AclById( self )
+ def __eq__( self , other ) :
+ return self is other or ( isinstance( other , NetworkDeviceBase )
+ and self._name == other._name )
+ def __str__( self ) :
+ return self._name
+ def __repr__( self ) :
+ return '<NetworkDevice %r>' % ( self._name , )
+ all = staticmethod( getAllNetworkDevice )
+
+NetworkDevice = buildObjectClass( 'NetworkDeviceBase' ,
+ ( NetworkDeviceBase , ) ,
+ headers.T_NETDEV , False )
+
+#--[ NetworkTemplate ]--------------------------------------------------------
+
+def intToIpv4( n ) :
+ #assert 0 <= n < 2**32
+ n , a = divmod( n , 256 )
+ n , b = divmod( n , 256 )
+ n , c = divmod( n , 256 )
+ d = n
+ return '.'.join( map( str , ( a , b , c , d ) ) )
+
+g_reDigitsOnly = re.compile( r'^\d+$' )
+
+def ipv4ToInt( s ) :
+ ns = s.split( '.' )
+ if len( ns ) != 4 :
+ raise RuntimeError , 'invalid IP'
+ a = 0
+ for n in reversed( ns ) :
+ if not g_reDigitsOnly.match( n ) :
+ raise RuntimeError , 'invalid IP'
+ n = int( n )
+ if not 0 <= n <= 255 :
+ raise RuntimeError , 'invalid IP'
+ a = 256 * a + n
+ return a
+
+def ipv4AndPrefixToInt( s ) :
+ if '/' not in s :
+ ip , prefix = s , 32
+ else :
+ ip , prefix = s.split( '/' , 1 )
+ if not g_reDigitsOnly.match( prefix ) :
+ raise RuntimeError, 'invalid prefix'
+ prefix = int( prefix )
+ ip = ipv4ToInt( ip )
+ if not 0 <= prefix <= 32 :
+ raise RuntimeError , 'invalid prefix'
+ return ip , prefix
+
+# Not exported. Included in NetworkTemplate class.
+def newNetworkTemplate( id , name ) :
+ data = headers.rsbac_net_temp_syscall_data_t()
+ data.name = name
+ raiseIfError( lib.rsbac_net_template( transaction._t ,
+ headers.NTS_new_template ,
+ id , byref( data ) ) )
+ nt = NetworkTemplate( id )
+ if nt.name != name :
+ raise RuntimeError , \
+ 'error while constructing network template with name %r (got back %r instead)' \
+ % ( name , nt.name )
+ return nt
+
+# Not exported. Included in NetworkTemplate class.
+def copyNetworkTemplate( source , dest ) :
+ data = headers.rsbac_net_temp_syscall_data_t()
+ data.id = source
+ raiseIfError( lib.rsbac_net_template( transaction._t ,
+ headers.NTS_copy_template ,
+ dest , byref( data ) ) )
+ return NetworkTemplate( dest )
+
+class NetworkTemplateBase( ObjectWithAttributes ) :
+ def __init__( self , nt ) :
+ super( NetworkTemplateBase , self ).__init__()
+ id = headers.rsbac_target_id_t()
+ id.nettemp = nt
+ self._id = byref( id )
+ self.nt = nt
+ self.acl = acl.AclById( self )
+ def __repr__( self ) :
+ try :
+ name = `self.getName()`
+ except Error :
+ name = 'undefined'
+ return '<%s [%d] %s>' % ( self.__class__.__name__ , self.nt , name )
+ def __syscall( self , syscall , data ) :
+ raiseIfError( lib.rsbac_net_template( transaction._t , syscall ,
+ self.nt , byref( data ) ) )
+ return data
+ def __syscallGet( self , syscall ) :
+ # FIXME: Use a shared 'data' to prevent building this
+ # structure too much times?
+ data = headers.rsbac_net_temp_syscall_data_t()
+ return self.__syscall( syscall , data )
+ #
+ # addresses
+ #
+ def getAddresses( self ) :
+ family = self.__syscallGet( headers.NTS_get_address_family ).address_family
+ addr = self.__syscallGet( headers.NTS_get_address ).address
+ def translate( inet ) :
+ result = []
+ for i in range( inet.nr_addr ) :
+ result.append( '%s/%s' % ( intToIpv4( inet.addr[ i ] ) ,
+ inet.valid_bits[ i ] ) )
+ return result
+ if family == socket.AF_INET :
+ return ( family , translate( addr.inet ) )
+ elif family == socket.AF_UNIX :
+ return ( family , addr.other.addr[ : addr.other.valid_len ] )
+ else :
+ if addr.other.addr :
+ name = str( family )
+ #name = rsbac_get_net_family_name( family )
+ raise RuntimeError , 'address for family %s not supported' % name
+ return ( family , )
+ def setAddresses( self , addresses ) :
+ if isinstance( addresses , ( int , long ) ) :
+ addresses = ( addresses , () )
+ if not isinstance( addresses , ( tuple , list ) ) \
+ or len( addresses ) != 2 :
+ raise RuntimeError
+ family , addrs = addresses
+ if not isinstance( family , ( int , long ) ) :
+ raise RuntimeError
+ data = headers.rsbac_net_temp_syscall_data_t()
+ data.address_family = family
+ self.__syscall( headers.NTS_set_address_family , data )
+ if family == socket.AF_INET :
+ for i , addr in enumerate( addrs ) :
+ a , n = ipv4AndPrefixToInt( addr )
+ try :
+ data.address.inet.addr[ i ] = a
+ data.address.inet.valid_bits[ i ] = n
+ except IndexError :
+ raise IndexError , \
+ 'only %d addresses allowed, got %d' \
+ % ( i , len( addrs ) )
+ data.address.inet.nr_addr = len( addrs )
+ self.__syscall( headers.NTS_set_address , data )
+ elif family == socket.AF_UNIX :
+ data.address.other.addr = addrs
+ data.address.other.valid_len = len( addrs )
+ self.__syscall( headers.NTS_set_address , data )
+ else :
+ if addrs :
+ raise RuntimeError , \
+ 'address family %s doesn\'t allows addresses (or is not yet supported)' \
+ % family
+ addresses = property( getAddresses , setAddresses )
+ #
+ # type
+ #
+ def getSocketType( self ) :
+ return self.__syscallGet( headers.NTS_get_type ).type
+ def setSocketType( self , type ) :
+ data = headers.rsbac_net_temp_syscall_data_t()
+ data.type = type
+ self.__syscall( headers.NTS_set_type , data )
+ socketType = property( getSocketType , setSocketType )
+ #
+ # protocol
+ #
+ def getProtocol( self ) :
+ return self.__syscallGet( headers.NTS_get_protocol ).protocol
+ def setProtocol( self , protocol ) :
+ data = headers.rsbac_net_temp_syscall_data_t()
+ data.protocol = protocol
+ self.__syscall( headers.NTS_set_protocol , data )
+ protocol = property( getProtocol , setProtocol )
+ #
+ # netdev
+ #
+ def getNetworkDevice( self ) :
+ return byteArrayToString( self.__syscallGet( headers.NTS_get_netdev ).netdev )
+ def setNetworkDevice( self , value ) :
+ data = headers.rsbac_net_temp_syscall_data_t()
+ stringToByteArray( data.netdev , str( value ) )
+ self.__syscall( headers.NTS_set_netdev , data )
+ def delNetworkDevice( self ) : # FIXME
+ self.setNetworkDevice( '' )
+ networkDevice = property( getNetworkDevice , setNetworkDevice , delNetworkDevice )
+ #
+ # ports
+ #
+ def getPorts( self ) :
+ ports = self.__syscallGet( headers.NTS_get_ports ).ports
+ p = ports.ports
+ def mkPortRange( p ) :
+ if p.min == p.max :
+ return p.min
+ else :
+ return ( p.min , p.max )
+ return map( mkPortRange , p[ : ports.nr_ports ] )
+ def setPorts( self , value ) :
+ data = headers.rsbac_net_temp_syscall_data_t()
+ p = data.ports.ports
+ try :
+ for i , range in enumerate( value ) :
+ if not isinstance( range , ( tuple , list ) ) :
+ min , max = range , range
+ else :
+ min , max = range
+ p[ i ].min = min
+ p[ i ].max = max
+ except IndexError :
+ raise IndexError , 'only %d port ranges allowed, got %d' % ( i , len( value ) )
+ data.ports.nr_ports = len( value )
+ self.__syscall( headers.NTS_set_ports , data )
+ def delPorts( self ) : # FIXME
+ self.setPorts( () )
+ ports = property( getPorts , setPorts , delPorts )
+ #
+ # name
+ #
+ def getName( self ) :
+ return self.__syscallGet( headers.NTS_get_name ).name
+ def setName( self , value ) :
+ data = headers.rsbac_net_temp_syscall_data_t()
+ slowButCorrectStringAssignation( data , 'name' , value )
+ try :
+ raiseIfError( lib.rsbac_net_template( transaction._t ,
+ headers.NTS_set_name ,
+ self.nt , byref( data ) ) )
+ except Error , e :
+ if e[ 0 ] != headers.RSBAC_ENOTFOUND :
+ raise
+ newNetworkTemplate( self.nt , value )
+ name = property( getName , setName )
+ #
+ # misc
+ #
+ create = staticmethod( newNetworkTemplate )
+ def checkId( self ) :
+ data = headers.rsbac_net_temp_syscall_data_t()
+ return self.__syscall( headers.NTS_check_id , data ).id
+ def copyTo( self , target ) :
+ return copyNetworkTemplate( self.nt , target )
+ def delete( self ) :
+ data = headers.rsbac_net_temp_syscall_data_t()
+ self.__syscall( headers.NTS_delete_template , data )
+
+NetworkTemplate = buildObjectClass( 'NetworkTemplate' ,
+ ( NetworkTemplateBase , ) ,
+ headers.T_NETTEMP , False )
+
+def getAllNetworkTemplate() :
+ arr = fetch( headers.rsbac_net_temp_id_t ,
+ lambda n , a : lib.rsbac_net_list_all_template( transaction._t , a , n ) )
+ return sorted( map( int , arr ) )
+
+class NetworkTemplateDict( object ) :
+ def __repr__( self ) :
+ return '{' + ', '.join( [ ': '.join( map( str , item ) ) for item in self.items() ] ) + '}'
+ def __getitem__( self , nt ) :
+ return NetworkTemplate( nt )
+ def __delitem__( self , nt ) :
+ NetworkTemplate( nt ).delete()
+ def keys( self ) :
+ return getAllNetworkTemplate()
+ def values( self ) :
+ return map( NetworkTemplate , self.keys() )
+ def items( self ) :
+ return [ ( i , NetworkTemplate( i ) ) for i in self.keys() ]
+
+networkTemplates = NetworkTemplateDict()
+
+#--[ UnixSocket ]-------------------------------------------------------------
+
+class UnixSocket( Object ) :
+ type = headers.T_UNIXSOCK
+ def __init__( self , path ) :
+ self._id = path
+ def __repr__( self ) :
+ return '<UnixSocket %r>' % ( self._id , )
+
+#-----------------------------------------------------------------------------
+
+for target in ( FDBase , User , Group , Process ,
+ Ipc , Scd , DeviceBase ,
+ NetworkDevice , NetworkTemplate , NetworkObject ) :
+ target.rcTypes = RcTypeDict( target.type )
+
+def listAllDevices() :
+ arr = fetch( headers.rsbac_dev_desc_t ,
+ lambda n , a : lib.rsbac_list_all_dev( transaction._t , a , n ) )
+ r = []
+ def cmp( a , b ) :
+ return ( a.type < b.type
+ or ( a.type == b.type
+ and ( a.major < b.major
+ or ( a.major == b.major
+ and a.minor < b.minor ) ) ) )
+ for item in sorted( arr , cmp ) :
+ if item.type == headers.D_block :
+ dev = BlockDevice( item.major , item.minor )
+ elif item.type == headers.D_block_major :
+ dev = BlockDevice( item.major )
+ elif item.type == headers.D_char :
+ dev = CharacterDevice( item.major , item.minor )
+ elif item.type == headers.D_char_major :
+ dev = CharacterDevice( item.major )
+ else :
+ raise NotReached
+ r.append( dev )
+ return r
+
+def listAllUsers() :
+ arr = fetch( headers.rsbac_uid_t ,
+ lambda n , a : lib.rsbac_list_all_user( transaction._t , a , n ) )
+ return map( User , sorted( arr ) )
+
+def listAllGroups() :
+ arr = fetch( headers.rsbac_gid_t ,
+ lambda n , a : lib.rsbac_list_all_group( transaction._t , a , n ) )
+ return map( User , sorted( arr ) )
+
+from rsbac import acl
+
+defaultFd = FD( None )
+defaultFile = File( None )
+defaultFifo = Fifo( None )
+defaultSymlink = Symlink( None )
+defaultDirectory = Directory( None )
+defaultDevice = Device( None )
+
+pseudoUsers = new.module( 'pseudoUsers' )
+for k , v in _g_pseudoUsers.items() :
+ setattr( pseudoUsers , v , User( k ) )
+
+pseudoGroups = new.module( 'pseudoGroups' )
+for k , v in _g_pseudoGroups.items() :
+ setattr( pseudoGroups , v , Group( k ) )
+
+# Local Variables:
+# indent-tabs-mode: nil
+# python-indent: 4
+# End:
--- /dev/null
+# -*- coding:utf-8 -*-
+
+# py-rsbac - RSBAC Python bindings
+# Copyright (C) 2006 Frederic Jolliton <pyrsbac@tuxee.net>
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+
+"""
+
+This module provides access to RC type and RC role objects for the
+RSBAC Python bindings.
+
+"""
+
+__all__ = []
+
+def export( o ) :
+ if not isinstance( o , basestring ) :
+ name = o.__name__
+ else :
+ name , o = o , None
+ if name in __all__ :
+ raise ImportError , 'duplicate name %r in module %r' % ( name , __name__ )
+ __all__.append( name )
+ return o
+
+import new
+import weakref
+from ctypes import byref, c_uint32
+
+from rsbac import headers, lib, transaction
+from rsbac.errors import Error, raiseIfError
+from rsbac._utils import aptr, slowButCorrectStringAssignation, fetch
+
+# Singletons. Obviously bad for MT. But good for performance..
+g_rcItemValue = headers.rsbac_rc_item_value_t()
+g_rcItemValueRef = byref( g_rcItemValue )
+
+g_rcTargetValue = headers.rsbac_rc_target_id_t()
+g_rcTargetValueRef = byref( g_rcTargetValue )
+
+g_rcTargetValue2 = headers.rsbac_rc_target_id_t()
+g_rcTargetValue2Ref = byref( g_rcTargetValue2 )
+
+g_ttl = headers.rsbac_time_t()
+g_ttlRef = byref( g_ttl )
+
+g_rcNameTargetToItem = {
+ headers.T_FD : headers.RI_type_fd_name ,
+ headers.T_FILE : headers.RI_type_fd_name ,
+ headers.T_DIR : headers.RI_type_fd_name ,
+ headers.T_FIFO : headers.RI_type_fd_name ,
+ headers.T_DEV : headers.RI_type_dev_name ,
+ headers.T_IPC : headers.RI_type_ipc_name ,
+ headers.T_USER : headers.RI_type_user_name ,
+ headers.T_GROUP : headers.RI_type_group_name ,
+ headers.T_PROCESS : headers.RI_type_process_name ,
+ headers.T_NETDEV : headers.RI_type_netdev_name ,
+ headers.T_NETTEMP : headers.RI_type_nettemp_name ,
+ headers.T_NETOBJ : headers.RI_type_netobj_name ,
+ headers.T_SCD : headers.RI_type_scd_name
+ }
+
+g_rcCompatibilityTargetToItem = {
+ headers.T_FD : headers.RI_type_comp_fd ,
+ headers.T_FILE : headers.RI_type_comp_fd ,
+ headers.T_DIR : headers.RI_type_comp_fd ,
+ headers.T_FIFO : headers.RI_type_comp_fd ,
+ headers.T_DEV : headers.RI_type_comp_dev ,
+ headers.T_IPC : headers.RI_type_comp_ipc ,
+ headers.T_USER : headers.RI_type_comp_user ,
+ headers.T_GROUP : headers.RI_type_comp_group ,
+ headers.T_PROCESS : headers.RI_type_comp_process ,
+ headers.T_NETDEV : headers.RI_type_comp_netdev ,
+ headers.T_NETTEMP : headers.RI_type_comp_nettemp ,
+ headers.T_NETOBJ : headers.RI_type_comp_netobj ,
+ headers.T_SCD : headers.RI_type_comp_scd
+ }
+
+g_rcTargetToTypeRemove = {
+ headers.T_FD : headers.RI_type_fd_remove ,
+ headers.T_FILE : headers.RI_type_fd_remove ,
+ headers.T_DIR : headers.RI_type_fd_remove ,
+ headers.T_FIFO : headers.RI_type_fd_remove ,
+ headers.T_DEV : headers.RI_type_dev_remove ,
+ headers.T_IPC : headers.RI_type_ipc_remove ,
+ headers.T_USER : headers.RI_type_user_remove ,
+ headers.T_GROUP : headers.RI_type_group_remove ,
+ headers.T_PROCESS : headers.RI_type_process_remove ,
+ headers.T_NETDEV : headers.RI_type_netdev_remove ,
+ headers.T_NETTEMP : headers.RI_type_nettemp_remove ,
+ headers.T_NETOBJ : headers.RI_type_netobj_remove
+ }
+
+# RC role specific data
+_g_role_mod = headers.rsbac_rc_role_id_t( -1 ).value + 1
+assert _g_role_mod > 0
+_g_role_max_value = headers.rsbac_rc_role_id_t( -32 ).value
+def _nrole( n ) :
+ n %= _g_role_mod
+ if n >= _g_role_max_value :
+ return int( n - _g_role_mod )
+ else :
+ return int( n )
+_g_roles = weakref.WeakValueDictionary()
+_g_pseudoRoles = {
+ -1 : 'inherit_user' ,
+ -2 : 'inherit_process' ,
+ -3 : 'inherit_parent' ,
+ -4 : 'inherit_up_mixed' ,
+ -5 : 'use_force_role'
+ }
+
+# RC type specific data
+_g_type_mod = headers.rsbac_rc_type_id_t( -1 ).value + 1
+assert _g_type_mod > 0
+_g_type_max_value = headers.rsbac_rc_type_id_t( -32 ).value
+def _ntype( n ) :
+ n %= _g_type_mod
+ if n >= _g_type_max_value :
+ return int( n - _g_type_mod )
+ else :
+ return int( n )
+_g_types = weakref.WeakValueDictionary()
+_g_pseudoTypes = {
+ -1 : 'inherit_process' ,
+ -2 : 'inherit_parent' ,
+ -3 : 'no_create' ,
+ -4 : 'no_execute' ,
+ -5 : 'use_new_role_def_create' ,
+ -6 : 'no_chown' ,
+ -7 : 'use_fd'
+ }
+
+@export
+def copyRole( source , dest ) :
+ """Copy a RC role.
+
+ source -- RC role as integer
+ dest -- RC role as integer
+
+ """
+ raiseIfError( lib.rsbac_rc_copy_role( transaction._t ,
+ source , dest ) )
+
+@export
+def grant( role , type , requests ) :
+ """Grant 'requests' to 'role' for the given 'type'.
+
+ role -- RC role
+ type -- RC type
+ requests -- RequestVector
+ """
+ rights , ttl = role.typeCompatibility[ type ]
+ rights |= rsbac.RequestVector( requests )
+ role.typeCompatibility[ type ] = rights , ttl
+
+@export
+def revoke( role , type , requests ) :
+ """Revoke 'requests' to 'role' for the given 'type'.
+
+ role -- RC Role
+ type -- RC type
+ requests -- RequestVector
+ """
+ rights , ttl = role.typeCompatibility[ type ]
+ rights &= ~rsbac.RequestVector( requests )
+ role.typeCompatibility[ type ] = rights , ttl
+
+def findUnnamedRole( start = 0 ) :
+ """Find an unnamed role.
+
+ start -- Minimal RC role id to use, as integer.
+
+ Return an integer.
+ """
+ i = start
+ while 1 :
+ try :
+ getRoleName( i )
+ except Error , e :
+ if e[ 0 ] != headers.RSBAC_ENOTFOUND :
+ raise
+ break
+ i += 1
+ return i
+
+def findUnnamedRoles( n = 1 , start = 0 ) :
+ """Find a set of unnammed roles.
+
+ n -- Number of unnnamed roles to find.
+ start -- Minimal RC role id to use, as integer.
+
+ Returns a list of integers.
+ """
+ r = []
+ i = start
+ for j in range( n ) :
+ role = findUnnamedRole( i )
+ r.append( role )
+ i = role + 1
+ return r
+
+@export
+def newRole( name , start = 0 ) :
+ """Create a new RC role.
+
+ name -- Name for the new RC role.
+
+ Returns a RC Role.
+ """
+ role = findUnnamedRole( start )
+ setRoleName( role , name )
+ return Role( role )
+
+@export
+def cloneRole( source , start = 0 ) :
+ """Clone a RC role under another name.
+
+ source -- RC role as integer
+ name -- Name of the new role
+
+ """
+ role = findUnnamedRole( start )
+ copyRole( source , role )
+ return role
+
+@export
+def copyType( target , source , dest ) :
+ """Copy a RC type.
+
+ The target specify which type of RC type should be copied.
+
+ target -- RSBAC object type as integer
+ source -- RC type as integer
+ dest -- RC Type as integer
+
+ """
+ raiseIfError( lib.rsbac_rc_copy_type( transaction._t , target ,
+ source , dest ) )
+
+@export
+def getList( rcTarget , rcId , item ) :
+ """Retrieve a list of RC items (role or type).
+
+ rcTarget -- RT_ROLE, RT_TYPE or None.
+ rcId -- role or target as integer.
+ item -- a value from RI_* defines.
+
+ """
+ # FIXME: I'm assuming that all roles are returned when querying
+ # with RI_name, and that target can be NULL. Is that right?
+ if rcId is None :
+ id = None
+ elif rcTarget == headers.RT_ROLE :
+ g_rcTargetValue.role = rcId
+ elif rcTarget == headers.RT_TYPE :
+ g_rcTargetValue.type = rcId
+ else :
+ raise RuntimeError , 'unexpected rc target %d' % ( rcTarget , )
+ arr = fetch( c_uint32 ,
+ lambda n , a : lib.rsbac_rc_get_list( transaction._t ,
+ rcTarget , g_rcTargetValueRef ,
+ item , n , a , None ) )
+ return sorted( map( int , arr ) )
+
+@export
+def getRoleList( role , item ) :
+ """Retrieve a list of items associated with a role.
+
+ role -- RC role as integer or None
+ item -- a value from RI_* defines.
+
+ """
+ return getList( headers.RT_ROLE , role , item )
+
+@export
+def getTypeList( type , item ) :
+ """Retrieve a list of items associated with a type.
+
+ type -- RC type as integer (or None?)
+ item -- a value from RI_* defines.
+
+ """
+ return getList( headers.RT_TYPE , type , item )
+
+@export
+def getRoles() :
+ """Retrieve a list of all defined roles (those with a name.)
+
+ """
+ # FIXME: I'm assuming that all roles are returned when querying
+ # with RI_name, and that target can be NULL. Is that correct?
+ return getRoleList( None , headers.RI_name )
+
+g_scdRcTypes = None
+
+@export
+def getTypes( target ) :
+ """Retrieve a list of all defined types (those with a name.)
+
+ target -- RSBAC object type as integer
+
+ """
+ if target == headers.T_SCD :
+ global g_scdRcTypes
+ if g_scdRcTypes is None :
+ r = []
+ for key in dir( headers ) :
+ if ( key.startswith( 'ST_' ) or key.startswith( 'AST_' ) ) \
+ and not key.endswith( '_none' ) :
+ r.append( int( getattr( headers , key ) ) )
+ r.sort()
+ g_scdRcTypes = r
+ return g_scdRcTypes
+ else :
+ if target not in g_rcNameTargetToItem :
+ raise RuntimeError , 'Unexpected target %r' % ( target , )
+ return getTypeList( None , g_rcNameTargetToItem[ target ] )
+
+@export
+def changeRole( role , password = None ) :
+ """Change the role of the current process.
+
+ role -- RC role as integer
+ password -- the password as a string or None
+
+ """
+ raiseIfError( lib.rsbac_rc_change_role( role , password ) )
+
+@export
+def getCurrentRole() :
+ """Return the role of the current process.
+
+ Returns a RC role as an integer.
+
+ """
+ role = headers.rsbac_rc_role_id_t()
+ raiseIfError( lib.rsbac_rc_get_current_role( byref( role ) ) )
+ return int( role.value )
+
+@export
+def getRoleName( role ) :
+ """Get the name of a RC role.
+
+ role -- RC role as integer
+
+ """
+ g_rcTargetValue.role = role
+ raiseIfError( lib.rsbac_rc_get_item( transaction._t , headers.RT_ROLE ,
+ g_rcTargetValueRef , None ,
+ headers.RI_name , g_rcItemValueRef ,
+ None ) )
+ return g_rcItemValue.name
+
+@export
+def setRoleName( role , name ) :
+ """Set the name of a RC role.
+
+ role -- RC role as integer
+ name -- the new name as string
+
+ """
+ g_rcTargetValue.role = role
+ slowButCorrectStringAssignation( g_rcItemValue , 'name' , name )
+ raiseIfError( lib.rsbac_rc_set_item( transaction._t , headers.RT_ROLE ,
+ g_rcTargetValueRef , None ,
+ headers.RI_name , g_rcItemValueRef ,
+ 0 ) )
+
+@export
+def getRoleTypeCompatibility( role , type ) :
+ """Get RC role compatibility with the given type.
+
+ role -- RC role as integer
+ type -- RC type as either a tuple (target,type) or an Object class
+ or instance.
+
+ Returns a tuple (RequestVector,ttl).
+
+ """
+ g_rcTargetValue.role = role
+ target , type = _type( type )
+ g_rcTargetValue2.type = type
+ item = g_rcCompatibilityTargetToItem[ target ]
+ raiseIfError( lib.rsbac_rc_get_item( transaction._t , headers.RT_ROLE ,
+ g_rcTargetValueRef , g_rcTargetValue2Ref ,
+ item , g_rcItemValueRef ,
+ g_ttlRef ) )
+ return RequestVector( g_rcItemValue.rights ) , g_ttl.value
+
+@export
+def setRoleTypeCompatibility( role , type , value ) :
+ """Set RC role compatibility with the given type.
+
+ role -- RC role as integer
+ type -- RC type
+ value -- A tuple (RequestVector,ttl) or a RequestVector (implying
+ unlimited TTL.)
+
+ """
+ g_rcTargetValue.role = role
+ target , type = _type( type )
+ g_rcTargetValue2.type = type
+ item = g_rcCompatibilityTargetToItem[ target ]
+ if not isinstance( value , ( tuple , list ) ) :
+ value = ( value , 0 )
+ rights , ttl = value
+ g_rcItemValue.rights = int( rights )
+ raiseIfError( lib.rsbac_rc_set_item( transaction._t , headers.RT_ROLE ,
+ g_rcTargetValueRef , g_rcTargetValue2Ref ,
+ item , g_rcItemValueRef ,
+ ttl ) )
+
+@export
+def getRoleDefaultIndividualFdCreateType( role , type ) :
+ """Get RC role default individual FD create type
+
+ role -- RC role as integer
+ type -- RC type
+
+ Returns a Type (FIXME.. Returns an integer, and use Type in the
+ class wrapper instead.)
+
+ """
+ g_rcTargetValue.role = role
+ g_rcTargetValue2.type = int( type ) # FIXME: Check target type
+ raiseIfError( lib.rsbac_rc_get_item( transaction._t , headers.RT_ROLE ,
+ g_rcTargetValueRef , g_rcTargetValue2Ref ,
+ headers.RI_def_fd_ind_create_type ,
+ g_rcItemValueRef , None ) )
+ return Type( headers.T_FD , g_rcItemValue.type_id )
+
+@export
+def setRoleDefaultIndividualFdCreateType( role , type1 , type2 ) :
+ """Set RC role default individual FD create type
+
+ role -- RC role as integer
+ type1 -- RC type
+ type2 -- RC type
+
+ """
+ g_rcTargetValue.role = role
+ g_rcTargetValue2.type = int( type1 ) # FIXME: Check target type
+ g_rcItemValue.type_id = int( type2 ) # FIXME: Check target type
+ raiseIfError( lib.rsbac_rc_set_item( transaction._t , headers.RT_ROLE ,
+ g_rcTargetValueRef , g_rcTargetValue2Ref ,
+ headers.RI_def_fd_ind_create_type ,
+ g_rcItemValueRef , 0 ) )
+
+@export
+def delRoleDefaultIndividualFdCreateType( role , type ) :
+ """Remove RC role default individidual FD create type setting
+
+ role -- RC role as integer
+ type -- RC type
+ """
+ g_rcTargetValue.role = role
+ g_rcTargetValue2.type = int( type ) # FIXME: Check target type
+ raiseIfError( lib.rsbac_rc_set_item( transaction._t , headers.RT_ROLE ,
+ g_rcTargetValueRef , g_rcTargetValue2Ref ,
+ headers.RI_def_fd_ind_create_type_remove ,
+ None , 0 ) )
+
+@export
+def getRoleAdminType( role ) :
+ """Get the RC role admin type.
+
+ role -- RC role as integer
+
+ """
+ g_rcTargetValue.role = role
+ raiseIfError( lib.rsbac_rc_get_item( transaction._t , headers.RT_ROLE ,
+ g_rcTargetValueRef , None ,
+ headers.RI_admin_type , g_rcItemValueRef ,
+ None ) )
+ return g_rcItemValue.admin_type
+
+@export
+def setRoleAdminType( role , value ) :
+ """Set the RC role admin type.
+
+ role -- RC role as integer
+ value -- RC role admin type (0 [no admin], 1 [role admin] or 2 [system admin])
+
+ """
+ g_rcTargetValue.role = role
+ g_rcItemValue.admin_type = value
+ raiseIfError( lib.rsbac_rc_set_item( transaction._t , headers.RT_ROLE ,
+ g_rcTargetValueRef , None ,
+ headers.RI_admin_type , g_rcItemValueRef ,
+ 0 ) )
+
+@export
+def getRoleBootRole( role ) :
+ """Test if the RC role is a boot role.
+
+ role -- RC role as integer
+ """
+ g_rcTargetValue.role = role
+ raiseIfError( lib.rsbac_rc_get_item( transaction._t , headers.RT_ROLE ,
+ g_rcTargetValueRef , None ,
+ headers.RI_boot_role ,
+ g_rcItemValueRef , None ) )
+ return bool( g_rcItemValue.boot_role )
+
+@export
+def setRoleBootRole( role , value ) :
+ """Set if the RC role is a boot role.
+
+ role -- RC role as integer
+ value -- boolean
+ """
+ g_rcTargetValue.role = role
+ g_rcItemValue.boot_role = value
+ raiseIfError( lib.rsbac_rc_set_item( transaction._t , headers.RT_ROLE ,
+ g_rcTargetValueRef , None ,
+ headers.RI_boot_role ,
+ g_rcItemValueRef , 0 ) )
+
+@export
+def getRoleRequireReauthentication( role ) :
+ """Test if the role requires reauthentication
+
+ role -- RC role as integer
+
+ """
+ g_rcTargetValue.role = role
+ raiseIfError( lib.rsbac_rc_get_item( transaction._t , headers.RT_ROLE ,
+ g_rcTargetValueRef , None ,
+ headers.RI_req_reauth ,
+ g_rcItemValueRef , None ) )
+ return bool( g_rcItemValue.req_reauth )
+
+@export
+def setRoleRequireReauthentication( role , value ) :
+ """Set if the role requires reauthentication
+
+ role -- RC role as integer
+ value -- boolean
+
+ """
+ g_rcTargetValue.role = role
+ g_rcItemValue.req_reauth = value
+ raiseIfError( lib.rsbac_rc_set_item( transaction._t , headers.RT_ROLE ,
+ g_rcTargetValueRef , None ,
+ headers.RI_req_reauth ,
+ g_rcItemValueRef , 0 ) )
+
+@export
+def removeRole( role ) :
+ """Remove a RC role.
+
+ role -- RC role as integer
+
+ """
+ g_rcTargetValue.role = role
+ raiseIfError( lib.rsbac_rc_set_item( transaction._t , headers.RT_ROLE ,
+ g_rcTargetValueRef , None ,
+ headers.RI_remove_role , None , 0 ) )
+
+def makeGetSetRoles( name , item , docGet = None , docSet = None ) :
+ import sys
+ RT_ROLE = headers.RT_ROLE
+ def get( roleA , roleB ) :
+ g_rcTargetValue.role = roleA
+ g_rcTargetValue2.role = roleB
+ raiseIfError( lib.rsbac_rc_get_item( transaction._t , RT_ROLE ,
+ g_rcTargetValueRef , g_rcTargetValue2Ref ,
+ item , g_rcItemValueRef , g_ttlRef ) )
+ return int( g_ttl.value ) or bool( g_rcItemValue.comp )
+ if docGet is not None :
+ get.__doc__ = docGet + """
+
+ roleA -- RC role as integer
+ roleB -- RC role as integer
+
+ """
+ def set( roleA , roleB , value ) :
+ g_rcTargetValue.role = roleA
+ g_rcTargetValue2.role = roleB
+ if value is True :
+ flag , ttl = True , 0
+ elif not value or value < 1 :
+ flag , ttl = False , 0
+ else :
+ flag , ttl = True , value
+ g_rcItemValue.comp = flag
+ raiseIfError( lib.rsbac_rc_set_item( transaction._t , RT_ROLE ,
+ g_rcTargetValueRef , g_rcTargetValue2Ref ,
+ item , g_rcItemValueRef , ttl ) )
+ if docSet is not None :
+ set.__doc__ = docSet + """
+
+ roleA -- RC role as integer
+ roleB -- RC role as integer
+ value -- False, True or an integer.
+
+ """
+ def list( role ) :
+ return getList( RT_ROLE , role , item )
+ m = sys.modules[ __name__ ]
+ setattr( m , 'get' + name , get )
+ setattr( m , 'set' + name , set )
+ setattr( m , 'list' + name + 's' , list )
+ __all__.append( 'get' + name )
+ __all__.append( 'set' + name )
+ __all__.append( 'list' + name + 's' )
+
+makeGetSetRoles( 'RoleCompatibilityRole' , headers.RI_role_comp ,
+ 'Test if the RC role is compatible with another one.' ,
+ 'Set if the RC role is compatible with another one.' )
+
+makeGetSetRoles( 'RoleAdminRole' , headers.RI_admin_roles ,
+ None , # FIXME
+ None ) # FIXME
+
+makeGetSetRoles( 'RoleAssignRole' , headers.RI_assign_roles ,
+ None , # FIXME
+ None ) # FIXME
+
+# FIXME: dict interface!
+class RoleTtlDictProxy( object ) :
+ def __init__( self , name , role , get , set , list ) :
+ self.__name = name
+ self.__role = role
+ self.__get = get
+ self.__set = set
+ self.__list = list
+ def __iter__( self ) :
+ return iter( self.__list( self.__role ) )
+ def __contains__( self , role ) :
+ return bool( self.__get( self.__role , role ) )
+ def __getitem__( self , role ) :
+ return self.__get( self.__role , role )
+ def __setitem__( self , role , value ) :
+ # FIXME: __setitem__ = Role( self.role ).setRoleCompatibility?
+ self.__set( self.__role , role , value )
+ def __delitem__( self , role ) :
+ self.__set( self.__role , role , False )
+ def __repr__( self ) :
+ r = []
+ for role in self :
+ value = self.__get( self.__role , role )
+ if value is True :
+ r.append( str( role ) )
+ elif value is False :
+ pass
+ else :
+ r.append( '%s(%ds)' % ( role , value ) )
+ try :
+ name = `getRoleName( self.__role )`
+ except Error , e :
+ if e[ 0 ] != headers.RSBAC_ENOTFOUND :
+ raise
+ name = 'undefined'
+ return '<%s for RC Role %d (%s): %s>' \
+ % ( self.__name , self.__role , name ,
+ ', '.join( r ) or 'none' )
+ def keys( self ) :
+ return list( self )
+ def items( self ) :
+ r = []
+ # Be careful with TTL..
+ for role in self :
+ value = self.__get( self.__role , role )
+ if value :
+ r.append( ( role , value ) )
+ return r
+ def add( self , role ) :
+ self.__set( self.__role , role , True )
+ def discard( self , role ) :
+ self.__set( self.__role , role , False )
+ def clear( self ) :
+ for role in self :
+ self.__set( self.__role , role , False )
+
+class RoleTypeCompatibility( object ) :
+ def __init__( self , role ) :
+ self.role = role
+ def __getitem__( self , type ) :
+ return getRoleTypeCompatibility( self.role , type )
+ def __setitem__( self , type , value ) :
+ return setRoleTypeCompatibility( self.role , type , value )
+ def __repr__( self ) :
+ return '<RoleTypeCompatibility with RC role %d>' % ( self.role , )
+
+class DefaultIndividualFdCreateType( object ) :
+ def __init__( self , role ) :
+ self.role = role
+ def __getitem__( self , type ) :
+ return self.role.getDefaultIndividualFdCreateType( type )
+ def get( self , type ) :
+ try :
+ return self[ type ]
+ except Error , e :
+ if e[ 0 ] != headers.RSBAC_ENOTFOUND :
+ raise
+ def __setitem__( self , type , value ) :
+ self.role.setDefaultIndividualFdCreateType( type , value )
+ def __delitem__( self , type ) :
+ self.role.delDefaultIndividualFdCreateType( type )
+
+class DefaultTypes( object ) :
+ def __init__( self , role ) :
+ self.role = role
+ def __getitem__( self , action ) :
+ return self.role.getDefaultType( action )
+ def __setitem__( self , action , value ) :
+ self.role.setDefaultType( action , value )
+
+def _type( t ) :
+ from objects import Scd
+ if isinstance( t , Type ) :
+ return t.target , t.type
+ elif isinstance( t , Scd ) :
+ return t.type , t.id
+ else :
+ return t
+
+class RoleBase( object ) :
+ __slots__ = [ '_role' , '_id' ]
+ def __new__( cls , role ) :
+ role = _nrole( role )
+ instance = _g_roles.get( role )
+ if instance is None :
+ instance = object.__new__( cls )
+ instance.__init_singleton__( role )
+ _g_roles[ role ] = instance
+ return instance
+ def __init_singleton__( self , role ) :
+ self._role = int( role )
+ id = headers.rsbac_rc_target_id_t()
+ id.role = role
+ self._id = byref( id )
+ self.compatibility = \
+ RoleTtlDictProxy( 'RoleCompatibility' , self._role ,
+ getRoleCompatibilityRole ,
+ setRoleCompatibilityRole ,
+ listRoleCompatibilityRoles )
+ self.adminRoles = \
+ RoleTtlDictProxy( 'AdminRoles' , self._role ,
+ getRoleAdminRole ,
+ setRoleAdminRole ,
+ listRoleAdminRoles )
+ self.assignRoles = \
+ RoleTtlDictProxy( 'AssignRoles' , self._role ,
+ getRoleAssignRole ,
+ setRoleAssignRole ,
+ listRoleAssignRoles )
+ self.typeCompatibility = \
+ RoleTypeCompatibility( self._role )
+ self.defaultIndividualFdCreateType = \
+ DefaultIndividualFdCreateType( self._role )
+ def __int__( self ) :
+ return int( self._role )
+ def __long__( self ) :
+ return long( self._role )
+ def __repr__( self ) :
+ if self._role < 0 :
+ return '<RC PseudoRole %d %s>' \
+ % ( self._role ,
+ _g_pseudoRoles.get( self._role , 'unknown' ) )
+ else :
+ try :
+ name = `self.getName()`
+ except Error :
+ name = 'undefined'
+ return '<RC Role %d %s>' % ( self._role , name )
+ def copyTo( self , dest ) :
+ copyRole( self._role , int( dest ) )
+ def clone( self , name = None ) :
+ role = Role( cloneRole( self._role ) )
+ if name is not None :
+ role.name = name
+ return role
+ #
+ # id
+ #
+ def getId( self ) :
+ return self._role
+ id = property( getId )
+ #
+ # name
+ #
+ def getName( self ) :
+ return getRoleName( self._role )
+ def setName( self , name ) :
+ return setRoleName( self._role , name )
+ name = property( getName , setName )
+ #
+ # role_comp
+ #
+ def getRoleCompatibility( self , role ) :
+ return getRoleRoleCompatibility( self._role , role )
+ def setRoleCompatibility( self , role , value ) :
+ return setRoleRoleCompatibility( self._role , role , value )
+ compatibility = None
+ #
+ # admin_roles
+ #
+ def getAdminRole( self , role ) :
+ return getRoleAdminRole( self._role , role )
+ def setAdminRole( self , role , value ) :
+ return setRoleAdminRole( self._role , role , value )
+ adminRoles = None
+ #
+ # assign_roles
+ #
+ def getAssignRole( self , role ) :
+ return getRoleAssignRole( self._role , role )
+ def setAssignRole( self , role , value ) :
+ return setRoleAssignRole( self._role , role , value )
+ assignRoles = None
+ #
+ # type_comp_*
+ #
+ def getTypeCompatibility( self , type ) :
+ return getRoleTypeCompatibility( self._role , type )
+ def setTypeCompatibility( self , type , value ) :
+ return setRoleTypeCompatibility( self._role , type , value )
+ typeCompatibility = None
+ #
+ # def_fd_ind_create_type
+ #
+ def getDefaultIndividualFdCreateType( self , type ) :
+ return getRoleDefaultIndividualFdCreateType( self._role , type )
+ def setDefaultIndividualFdCreateType( self , type1 , type2 ) :
+ return setRoleDefaultIndividualFdCreateType( self._role , type1 , type2 )
+ def delDefaultIndividualFdCreateType( self , type ) :
+ return delRoleDefaultIndividualFdCreateType( self._role , type )
+ defaultFdType = None
+ #
+ # boot_role
+ #
+ def getBootRole( self ) :
+ return getRoleBootRole( self._role )
+ def setBootRole( self , value ) :
+ return setRoleBootRole( self._role , value )
+ bootRole = property( getBootRole , setBootRole )
+ #
+ # req_reauth
+ #
+ def getRequireReauthentication( self ) :
+ return getRoleRequireReauthentication( self._role )
+ def setRequireReauthentication( self , value ) :
+ return setRoleRequireReauthentication( self._role , value )
+ requireReauthentication = property( getRequireReauthentication ,
+ setRequireReauthentication )
+ #
+ # admin_type
+ #
+ def getAdminType( self ) :
+ return getRoleAdminType( self._role )
+ def setAdminType( self , value ) :
+ return setRoleAdminType( self._role , value )
+ adminType = property( getAdminType , setAdminType )
+ #
+ # remove
+ #
+ def delete( self ) :
+ removeRole( self._role )
+
+def createRoleClass() :
+ attrs = {}
+ def addAttribute( target , name ) :
+ pname = 'default' + ''.join( [ s.capitalize() for s in name.split( '_' ) ] ) + 'Type'
+ cpname = pname[ 0 ].upper() + pname[ 1 : ]
+ #pname = 'def_%s_type' % name
+ item = getattr( headers , 'RI_def_%s_type' % name )
+ def getter( id ) :
+ raiseIfError( lib.rsbac_rc_get_item( 0 , headers.RT_ROLE ,
+ id , None ,
+ item , g_rcItemValueRef ,
+ None ) )
+ return g_rcItemValue.type_id
+ def setter( id , value ) :
+ g_rcItemValue.type_id = value
+ raiseIfError( lib.rsbac_rc_set_item( 0 , headers.RT_ROLE ,
+ id , None ,
+ item , g_rcItemValueRef ,
+ 0 ) )
+ def mget( self ) :
+ return Type( target , getter( self._id ) )
+ def mset( self , value ) :
+ return setter( self._id , int( value ) )
+ attrs[ 'getter_' + pname ] = staticmethod( getter )
+ attrs[ 'setter_' + pname ] = staticmethod( setter )
+ #
+ attrs[ 'get' + cpname ] = mget
+ attrs[ 'set' + cpname ] = mset
+ attrs[ pname ] = property( mget , mset )
+ for target , name in (
+ ( headers.T_FD , 'fd_create' ) ,
+ ( headers.T_USER , 'user_create' ) ,
+ ( headers.T_GROUP , 'group_create' ) ,
+ ( headers.T_PROCESS , 'process_create' ) ,
+ ( headers.T_PROCESS , 'process_chown' ) ,
+ ( headers.T_PROCESS , 'process_execute' ) ,
+ ( headers.T_IPC , 'ipc_create' ) ,
+ ( headers.T_FD , 'unixsock_create' ) ) :
+ addAttribute( target , name )
+ return type( 'Role' , ( RoleBase , ) , attrs )
+
+export( 'Role' )
+Role = createRoleClass()
+
+#-----------------------------------------------------------------------------
+
+@export
+def getTypeName( type ) :
+ """Get the name of a RC type
+
+ type -- RC type
+
+ """
+ target , type = _type( type )
+ g_rcTargetValue.type = type
+ raiseIfError( lib.rsbac_rc_get_item( transaction._t , headers.RT_TYPE ,
+ g_rcTargetValueRef , None ,
+ g_rcNameTargetToItem[ target ] ,
+ g_rcItemValueRef , None ) )
+ return g_rcItemValue.name
+
+@export
+def setTypeName( type , name ) :
+ """Set the name of a RC type
+
+ type -- RC type
+ name -- the new name as string
+
+ """
+ target , type = _type( type )
+ g_rcTargetValue.type = type
+ slowButCorrectStringAssignation( g_rcItemValue , 'name' , name )
+ raiseIfError( lib.rsbac_rc_set_item( transaction._t , headers.RT_TYPE ,
+ g_rcTargetValueRef , None ,
+ g_rcNameTargetToItem[ target ] ,
+ g_rcItemValueRef , 0 ) )
+
+@export
+def getTypeNeedSecureDelete( type ) :
+ """Test if the RC type need secure delete.
+
+ type -- RC type
+
+ """
+ target , type = _type( type )
+ g_rcTargetValue.type = type
+ if target != headers.T_FD :
+ raise RuntimeError , 'attribute available for the FD type only'
+ raiseIfError( lib.rsbac_rc_get_item( transaction._t , headers.RT_TYPE ,
+ g_rcTargetValueRef , None ,
+ headers.RI_type_fd_need_secdel ,
+ g_rcItemValueRef , None ) )
+ return bool( g_rcItemValue.need_secdel )
+
+@export
+def setTypeNeedSecureDelete( type , value ) :
+ """Set if the RC type need secure delete.
+
+ type -- RC type
+ value - boolean
+
+ """
+ target , type = _type( type )
+ g_rcTargetValue.type = type
+ if target != headers.T_FD :
+ raise RuntimeError , 'attribute available for the FD type only'
+ g_rcItemValue.need_secdel = value
+ raiseIfError( lib.rsbac_rc_set_item( transaction._t , headers.RT_TYPE ,
+ g_rcTargetValueRef , None ,
+ headers.RI_type_fd_need_secdel ,
+ g_rcItemValueRef , 0 ) )
+
+@export
+def removeType( type ) :
+ """Remove a RC type.
+
+ type -- RC type
+
+ """
+ target , type = _type( type )
+ g_rcTargetValue.type = type
+ raiseIfError( lib.rsbac_rc_set_item( transaction._t , headers.RT_TYPE ,
+ g_rcTargetValueRef , None ,
+ g_rcTargetToTypeRemove[ target ] ,
+ None , 0 ) )
+
+class Type( object ) :
+ def __new__( cls , target , type ) :
+ if hasattr( target , 'type' ) :
+ target = target.type
+ type = _ntype( type )
+ if type < 0 :
+ target = None
+ t = ( target , type )
+ instance = _g_types.get( t )
+ if instance is None :
+ instance = object.__new__( cls )
+ instance.__init_singleton__( target , type )
+ _g_types[ t ] = instance
+ return instance
+ def __init_singleton__( self , target , type ) :
+ self.__id = ( target , type )
+ def __eq__( self , other ) :
+ if isinstance( other , ( int , long ) ) :
+ return self.type == _ntype( other )
+ else :
+ return ( self is other
+ or ( isinstance( other , Type )
+ and self.__id == other.__id ) )
+ def __int__( self ) :
+ return int( self.__id[ 1 ] )
+ def __long__( self ) :
+ return long( self.__id[ 1 ] )
+ def __repr__( self ) :
+ target , type = self.__id
+ if type < 0 :
+ return '<RC PseudoType [%d] %s>' \
+ % ( type ,
+ _g_pseudoTypes.get( type , 'unknown' ) , )
+ else :
+ try :
+ name = `self.getName()`
+ except Error :
+ name = 'undefined'
+ return '<RC Type [%d:%d] %s>' % ( target , type , name )
+ #
+ # target, type
+ #
+ target = property( lambda self : self.__id[ 0 ] )
+ type = property( lambda self : self.__id[ 1 ] )
+ #
+ # name
+ #
+ def getName( self ) :
+ return getTypeName( self.__id )
+ def setName( self , name ) :
+ return setTypeName( self.__id , name )
+ name = property( getName , setName )
+ #
+ # fd_need_secdel
+ #
+ def getNeedSecureDelete( self ) :
+ return getTypeNeedSecureDelete( self.__id )
+ def setNeedSecureDelete( self , value ) :
+ return setTypeNeedSecureDelete( self.__id , value )
+ needSecureDelete = property( getNeedSecureDelete , setNeedSecureDelete )
+ #
+ # delete
+ #
+ def delete( self ) :
+ removeType( self.__id )
+
+pseudoRoles = new.module( 'pseudoRoles' )
+for k , v in _g_pseudoRoles.items() :
+ setattr( pseudoRoles , v , Role( k ) )
+pseudoTypes = new.module( 'pseudoTypes' )
+for k , v in _g_pseudoTypes.items() :
+ setattr( pseudoTypes , v , Type( None , k ) )
+
+class RcRoleDict( object ) :
+ def keys( self ) :
+ return getRoles()
+ def items( self ) :
+ return [ ( id , Role( id ) ) for id in self.keys() ]
+ def values( self ) :
+ return [ Role( id ) for id in self.keys() ]
+ def __iter__( self ) :
+ return iter( self.keys() )
+ def __getitem__( self , id ) :
+ return Role( id )
+ def __setitem__( self , *args ) :
+ raise RuntimeError
+ def __delitem__( self , id ) :
+ Role( id ).delete()
+ def __repr__( self ) :
+ return '{' + ', '.join( [ ': '.join( map( repr , item ) ) for item in self.items() ] ) + '}'
+
+def newType( target , name , start = 0 ) :
+ i = start
+ if hasattr( target , 'type' ) :
+ target = target.type
+ while 1 :
+ try :
+ Type( target , i ).name
+ except Error , e :
+ if e[ 0 ] != headers.RSBAC_ENOTFOUND :
+ raise
+ t = Type( target , i )
+ t.name = name
+ return t
+ i += 1
+
+class RcTypeDict( object ) :
+ def __init__( self , target ) :
+ self.target = target
+ def keys( self ) :
+ return getTypes( self.target )
+ def items( self ) :
+ return [ ( id , Type( self.target , id ) ) for id in self.keys() ]
+ def values( self ) :
+ return [ Type( self.target , id ) for id in self.keys() ]
+ def __iter__( self ) :
+ return iter( self.keys() )
+ def __getitem__( self , id ) :
+ return Type( self.target , id )
+ def __setitem__( self , *args ) :
+ raise RuntimeError
+ def __delitem__( self , id ) :
+ Type( self.target , id ).delete()
+ def __repr__( self ) :
+ return '{' + ', '.join( [ ': '.join( map( repr , item ) ) for item in self.items() ] ) + '}'
+
+roles = RcRoleDict()
+
+from rsbac._data import RequestVector
+
+# Local Variables:
+# indent-tabs-mode: nil
+# python-indent: 4
+# End:
--- /dev/null
+# Automatically generated by ./gen.sh on Fri Oct 13 11:19:37 CEST 2006
+
+# unresolved alias: __INO_T_TYPE = __ULONGWORD_TYPE
+# unresolved alias: RSBAC_ACL_GROUP_RIGHTS_VECTOR = RSBAC_GROUP_REQUEST_VECTOR
+# unresolved alias: __TIME_T_TYPE = __SLONGWORD_TYPE
+# unresolved alias: __GID_T_TYPE = __U32_TYPE
+# unresolved alias: __FSFILCNT_T_TYPE = __ULONGWORD_TYPE
+# unresolved alias: __USECONDS_T_TYPE = __U32_TYPE
+# unresolved alias: __SWBLK_T_TYPE = __SLONGWORD_TYPE
+# unresolved alias: __ID_T_TYPE = __U32_TYPE
+# unresolved alias: __S32_TYPE = int
+# unresolved alias: __MODE_T_TYPE = __U32_TYPE
+# unresolved alias: __DADDR_T_TYPE = __S32_TYPE
+# unresolved alias: asm = __asm__
+# unresolved alias: __NLINK_T_TYPE = __UWORD_TYPE
+# unresolved alias: __SWORD_TYPE = int
+# unresolved alias: __SSIZE_T_TYPE = __SWORD_TYPE
+# unresolved alias: __RLIM_T_TYPE = __ULONGWORD_TYPE
+# unresolved alias: __UID_T_TYPE = __U32_TYPE
+# unresolved alias: volatile = __volatile__
+# unresolved alias: __KEY_T_TYPE = __S32_TYPE
+# unresolved alias: __CLOCK_T_TYPE = __SLONGWORD_TYPE
+# unresolved alias: __SUSECONDS_T_TYPE = __SLONGWORD_TYPE
+# unresolved alias: __FSBLKCNT_T_TYPE = __ULONGWORD_TYPE
+# unresolved alias: __CLOCKID_T_TYPE = __S32_TYPE
+# unresolved alias: __BLKCNT_T_TYPE = __SLONGWORD_TYPE
+# unresolved alias: __OFF_T_TYPE = __SLONGWORD_TYPE
+# unresolved alias: __BLKSIZE_T_TYPE = __SLONGWORD_TYPE
+# unresolved alias: NULL = __null
+# unresolved alias: __PID_T_TYPE = __S32_TYPE
+from ctypes import *
+STRING = c_char_p
+
+
+R_MODIFY_ACCESS_DATA = 14
+RSBAC_RC_DEFAULT_RIGHTS_VECTOR = 0 # Variable c_int
+RSBAC_RC_GEN_RIGHTS_VECTOR = RSBAC_RC_DEFAULT_RIGHTS_VECTOR # alias
+LL_invalid = 4
+def __STRING(x): return #x # macro
+PF_delete_consent = 9
+A_daz_role = 16
+ACLC_remove_from_acl_entry = 4
+R_TRACE = 31
+R_MAP_EXEC = 36
+# def _syscall0(type,name): return type name(void) { long __res; __asm__ volatile ("int $0x80" : "=a" (__res) : "0" (__NR_ ##name)); __syscall_return(type,__res); } # macro
+ST_priority = 14
+A_fake_root_uid = 91
+I_shm = 2
+UM_ttl = 12
+T_SYMLINK = 3
+SW_GEN = 0
+ST_host_id = 2
+RSYS_acl_group = 53
+NTS_set_ports = 16
+SW_NONE = 17
+PTF_set_role = 15
+PF_delete_na = 1
+RSYS_um_user_exists = 70
+ACLGS_remove_group = 2
+RI_type_comp_scd = 8
+RSYS_list_ta_forget = 87
+PTF_add_purpose = 10
+RI_req_reauth = 25
+PA_task = 0
+RI_type_user_remove = 42
+LDD_false = 0
+RSYS_switch = 12
+RC_role_admin = 1
+ST_quota = 17
+RSYS_pm_change_current_task = 29
+# def RSBAC_RC_TYPE_VECTOR(x): return ((rsbac_rc_type_vector_t) 1 << (x)) # macro
+RCR_NONE = 63
+ACLS_ROLE = 1
+T_PROCESS = 8
+RSYS_acl_n = 46
+# def __LDBL_REDIR1(name,proto,alias): return name proto # macro
+PF_add_na = 0
+A_mac_initial_categories = 7
+SL_old_none = 6
+A_max_caps_program = 65
+EOPNOTSUPP = 95 # Variable c_int
+ENOTSUP = EOPNOTSUPP # alias
+R_READ_OPEN = 22
+# def __chk_user_ptr(x): return (void)0 # macro
+PF_switch_pm = 17
+A_min_write_open = 24
+A_remote_log_array_high = 82
+R_ACCEPT = 39
+def major(dev): return gnu_dev_major (dev) # macro
+UM_homedir = 3
+D_char = 1
+T_NETOBJ = 11
+ST_other = 10
+PTF_add_authorized_tp = 6
+# def RSBAC_MAC_CAT_VECTOR(x): return ((rsbac_mac_category_vector_t) 1 << (x)) # macro
+RSYS_um_add_group = 61
+PTF_delete_authorized_task = 23
+RSYS_um_get_gid = 78
+RI_def_fd_ind_create_type = 16
+# __INO_T_TYPE = __ULONGWORD_TYPE # alias
+RSYS_rc_select_fd_create_type = 95
+ACLC_set_mask = 5
+RI_type_nettemp_name = 33
+PA_tp_set = 8
+RSYS_get_attr = 3
+RSYS_mac_get_min_level = 20
+ST_kmem = 11
+A_remote_pm_ipc_purpose = 39
+RSYS_rc_get_eff_rights_n = 37
+# def __FDMASK(d): return (1UL << ((d) % __NFDBITS)) # macro
+A_rc_initial_role = 56
+R_LINK_HARD = 13
+# def __REDIRECT_NTH(name,proto,alias): return name proto __THROW __asm__ (__ASMNAME (#alias)) # macro
+PF_add_consent = 8
+A_mac_role = 15
+A_pax_flags = 73
+# RSBAC_ACL_GROUP_RIGHTS_VECTOR = RSBAC_GROUP_REQUEST_VECTOR # alias
+# def __warndecl(name,msg): return extern void name (void) # macro
+PF_delete_tp = 25
+R_CHANGE_DAC_FS_GROUP = 47
+I_msg = 1
+LD_inherit = 3
+UM_expire = 11
+T_FIFO = 2
+ST_clock = 1
+# def _syscall3(type,name,type1,arg1,type2,arg2,type3,arg3): return type name(type1 arg1,type2 arg2,type3 arg3) { long __res; __asm__ volatile ("push %%ebx ; movl %2,%%ebx ; int $0x80 ; pop %%ebx" : "=a" (__res) : "0" (__NR_ ##name),"ri" ((long)(arg1)),"c" ((long)(arg2)), "d" ((long)(arg3)) : "memory"); __syscall_return(type,__res); } # macro
+NTS_set_netdev = 15
+RSYS_acl_get_mask_n = 52
+PTF_delete_user_aci = 14
+RSYS_um_remove_gm = 69
+ACLGS_change_group = 1
+RI_type_comp_ipc = 7
+# __TIME_T_TYPE = __SLONGWORD_TYPE # alias
+R_CLONE = 6
+# __GID_T_TYPE = __U32_TYPE # alias
+RSYS_list_ta_commit = 86
+# __FSFILCNT_T_TYPE = __ULONGWORD_TYPE # alias
+RI_type_ipc_remove = 41
+PL_task = 0
+RSYS_net_list_all_template = 11
+RC_no_admin = 0
+ST_rsbac_remote_log = 16
+RT_NONE = 2
+UNDEFINED = 3
+# def RSBAC_RC_ROLE_VECTOR(x): return ((rsbac_rc_role_vector_t) 1 << (x)) # macro
+RCR_SELECT = 62
+ACLS_USER = 0
+A_daz_scanner = 47
+RSYS_acl = 45
+# def __LDBL_REDIR(name,proto): return name proto # macro
+SL_old_inherit = 5
+A_max_caps_user = 64
+__LITTLE_ENDIAN = 1234 # Variable c_int
+__BYTE_ORDER = __LITTLE_ENDIAN # alias
+BYTE_ORDER = __BYTE_ORDER # alias
+RC_role_inherit_up_mixed = 4294967292L # Variable c_uint
+RC_default_root_dir_force_role = RC_role_inherit_up_mixed # alias
+# def __chk_io_ptr(x): return (void)0 # macro
+PF_set_object_class = 16
+A_mac_curr_categories = 23
+A_ff_flags = 48
+PL_class = 1
+A_local_log_array_high = 81
+RSBAC_ACL_SUPERVISOR_RIGHT_VECTOR = 400000000000000L # Variable c_ulonglong
+RSBAC_NWS_REQUEST_VECTOR = RSBAC_ACL_SUPERVISOR_RIGHT_VECTOR # alias
+# def cond_syscall(x): return asm(".weak\t" #x "\n\t.set\t" #x ",sys_ni_syscall") # macro
+UM_fullname = 2
+T_NETTEMP = 10
+NTS_get_type = 6
+ST_rsbac_log = 9
+RC_role_inherit_parent = 4294967293L # Variable c_uint
+RC_default_initial_role = RC_role_inherit_parent # alias
+def __attribute_format_strfmon__(a,b): return __attribute__ ((__format__ (__strfmon__, a, b))) # macro
+SW_REG = 7
+PTF_delete_object_class = 5
+PTF_add_authorized_task = 22
+RSYS_um_set_pass_name = 80
+RI_type_comp_group = 9
+RI_def_fd_create_type = 15
+# __USECONDS_T_TYPE = __U32_TYPE # alias
+PO_dir = 5
+RSYS_list_all_ipc = 94
+RI_type_netdev_name = 32
+PA_task_set = 7
+RSYS_mac_set_curr_level = 17
+A_remote_pm_object_class = 36
+ACLR_FORWARD = 56
+ST_none = 24
+RSYS_rc_change_role = 36
+def __FDELT(d): return ((d) / __NFDBITS) # macro
+A_rc_force_role = 55
+LL_full = 2
+NTS_delete_template = 2
+PF_delete_authorized_tp = 7
+A_jail_scd_modify = 72
+R_SWITCH_MODULE = 29
+MAC_override = 1 # Variable c_int
+RSBAC_MAC_DEF_SECOFF_U_FLAGS = MAC_override # alias
+A_pm_role = 31
+R_CHANGE_DAC_EFF_GROUP = 46
+I_sem = 0
+PF_create_tp = 24
+R_CHDIR = 5
+LD_keep = 2
+UM_inactive = 10
+ST_time_strucs = 0
+NTS_set_protocol = 14
+RSYS_acl_get_mask = 51
+SW_UM = 15
+PTF_delete_responsible_user = 13
+RSYS_um_remove_group = 68
+ACLGS_add_group = 0
+RI_type_comp_process = 6
+# __SWBLK_T_TYPE = __SLONGWORD_TYPE # alias
+RSYS_list_ta_refresh = 85
+RI_def_unixsock_create_type = 23
+def FD_SET(fd,fdsetp): return __FD_SET (fd, fdsetp) # macro
+RI_type_dev_remove = 40
+PH_off = 0
+RSYS_net_template = 10
+__quad_t = c_longlong
+__SQUAD_TYPE = __quad_t # alias
+RT_TYPE = 1
+RSYS_stats_pm = 27
+# def RSBAC_RC_RIGHTS_VECTOR(x): return ((rsbac_rc_rights_vector_t) 1 << (x)) # macro
+RCR_CHANGE_AUTHED_OWNER = 61
+FR_none = 4
+A_daz_scanned = 46
+RSYS_auth_get_p_caplist = 44
+def __GNUC_PREREQ(maj,min): return ((__GNUC__ << 16) + __GNUC_MINOR__ >= ((maj) << 16) + (min)) # macro
+A_min_security_level = 5
+SL_old_rsbac_internal = 4
+A_max_caps = 63
+ST_net_id = 3
+R_READ_ATTRIBUTE = 20
+__u_quad_t = c_ulonglong
+__UQUAD_TYPE = __u_quad_t # alias
+__FSBLKCNT64_T_TYPE = __UQUAD_TYPE # alias
+def __cast__(_to): return (_to) # macro
+PF_set_role = 15
+A_current_sec_level = 22
+R_BIND = 37
+__BLKCNT64_T_TYPE = __SQUAD_TYPE # alias
+LDD_none = 3
+# def _syscall6(type,name,type1,arg1,type2,arg2,type3,arg3,type4,arg4,type5,arg5,type6,arg6): return type name (type1 arg1,type2 arg2,type3 arg3,type4 arg4,type5 arg5,type6 arg6) { long __res; struct { long __a1; long __a6; } __s = { (long)arg1, (long)arg6 }; __asm__ volatile ("push %%ebp ; push %%ebx ; movl 4(%2),%%ebp ; " "movl 0(%2),%%ebx ; movl %1,%%eax ; int $0x80 ; " "pop %%ebx ; pop %%ebp" : "=a" (__res) : "i" (__NR_ ##name),"0" ((long)(&__s)),"c" ((long)(arg2)), "d" ((long)(arg3)),"S" ((long)(arg4)),"D" ((long)(arg5)) : "memory"); __syscall_return(type,__res); } # macro
+NTS_get_protocol = 7
+UM_pass = 1
+A_none = 97
+RSYS_auth_remove_f_cap = 42
+T_NETDEV = 9
+NTS_get_address_family = 5
+ST_rsbac = 8
+ACT_group_fs = 5
+A_rc_def_role = 58
+SW_AUTH = 6
+PTF_add_object_class = 4
+RSYS_um_auth_uid = 59
+PF_delete_object_class = 5
+def FD_ZERO(fdsetp): return __FD_ZERO (fdsetp) # macro
+PTF_set_auth_may_set_cap = 21
+RSYS_um_get_group_list = 76
+ACLGS_get_group_members = 8
+RI_name = 14
+__U64_TYPE = __u_quad_t # alias
+PO_ipc = 4
+# __ID_T_TYPE = __U32_TYPE # alias
+RSYS_acl_list_all_group = 93
+ACLC_add_to_acl_entry = 3
+RI_type_group_name = 31
+PH_from_other_users = 1
+PA_tkt = 6
+RSYS_stats = 1
+__FD_SETSIZE = 1024 # Variable c_int
+FD_SETSIZE = __FD_SETSIZE # alias
+RI_none = 48
+PL_none = 7
+RSYS_mac_get_curr_level = 18
+A_pm_ipc_purpose = 37
+RSYS_rc_set_item = 35
+def __CONCAT(x,y): return x ## y # macro
+R_CHANGE_DAC_EFF_OWNER = 44
+SR_none = 4
+A_rc_type_nt = 54
+R_GET_PERMISSIONS_DATA = 11
+LL_denied = 1
+def __PMT(args): return args # macro
+PF_add_authorized_tp = 6
+A_mac_file_flags = 13
+A_jail_scd_get = 71
+PF_add_authorized_task = 22
+R_SWITCH_LOG = 28
+FF_add_inherited = 128 # Variable c_int
+RSBAC_FF_DEF = FF_add_inherited # alias
+# def __syscall_return(type,res): return do { if ((unsigned long)(res) >= (unsigned long)(-(128 + 1))) { errno = -(res); res = -1; } return (type) (res); } while (0) # macro
+PF_delete_authorized_task = 23
+A_symlink_add_rc_role = 88
+R_CHANGE_DAC_FS_OWNER = 45
+R_UMOUNT = 33
+PL_pp = 5
+LD_allow = 1
+UM_warnchange = 9
+T_FILE = 0
+AMS_none = 4
+NTS_set_type = 13
+PL_na = 2
+SW_DAC_DISABLE = 14
+PTF_add_responsible_user = 12
+RSYS_um_remove_user = 67
+RI_type_comp_user = 5
+# __S32_TYPE = int # alias
+R_CHANGE_OWNER = 4
+RSYS_list_ta_begin = 84
+RI_def_group_create_type = 22
+PR_none = 5
+# __MODE_T_TYPE = __U32_TYPE # alias
+RI_type_fd_remove = 39
+def __cond_lock(x): return (x) # macro
+RSYS_net_list_all_netdev = 9
+RT_ROLE = 0
+RSYS_mac_get_p_trulist = 26
+PA_in_pp_set = 11
+RCR_MODIFY_AUTH = 60
+FR_both = 3
+A_pm_task_set = 45
+RSYS_auth_get_f_caplist = 43
+SL_top_secret = 3
+A_min_caps = 62
+A_log_array_high = 80
+R_READ = 19
+PF_delete_user_aci = 14
+A_remote_log_array_low = 79
+LDD_inherit = 2
+# def _syscall5(type,name,type1,arg1,type2,arg2,type3,arg3,type4,arg4,type5,arg5): return type name (type1 arg1,type2 arg2,type3 arg3,type4 arg4,type5 arg5) { long __res; __asm__ volatile ("push %%ebx ; movl %2,%%ebx ; movl %1,%%eax ; " "int $0x80 ; pop %%ebx" : "=a" (__res) : "i" (__NR_ ##name),"ri" ((long)(arg1)),"c" ((long)(arg2)), "d" ((long)(arg3)),"S" ((long)(arg4)),"D" ((long)(arg5)) : "memory"); __syscall_return(type,__res); } # macro
+UM_name = 0
+PH_full = 2
+DAZ_unscanned = 0 # Variable c_int
+DEFAULT_DAZ_FD_SCANNED = DAZ_unscanned # alias
+NTS_get_address = 4
+ST_syslog = 7
+ACT_group_eff = 4
+SW_RC = 5
+PTF_delete_task = 3
+SW_ACL = 8
+RSBAC_ACL_ACCESS_CONTROL_RIGHT_VECTOR = 200000000000000L # Variable c_ulonglong
+RSBAC_NWA_REQUEST_VECTOR = RSBAC_ACL_ACCESS_CONTROL_RIGHT_VECTOR # alias
+DO_NOT_CARE = 2
+PTF_set_auth_may_setuid = 20
+# __DADDR_T_TYPE = __S32_TYPE # alias
+RSYS_um_get_gm_user_list = 75
+ACLGS_get_user_groups = 7
+# asm = __asm__ # alias
+__INO64_T_TYPE = __UQUAD_TYPE # alias
+RSYS_list_all_group = 92
+ACLC_remove_acl = 2
+RI_type_process_name = 30
+RSYS_um_add_gm = 62
+# __NLINK_T_TYPE = __UWORD_TYPE # alias
+PA_pp = 5
+RSYS_version = 0
+ACLG_NONE = 2
+PL_tkt = 6
+RSYS_um_add_user = 60
+ACLR_ACCESS_CONTROL = 57
+ST_capability = 22
+RSYS_rc_get_item = 34
+# def __ASMNAME2(prefix,cname): return __STRING (prefix) cname # macro
+RSYS_um_auth_name = 58
+SR_auditor = 3
+LL_none = 0
+R_GET_STATUS_DATA = 12
+R_SHUTDOWN = 27
+A_mac_check = 29
+R_EXECUTE = 10
+A_mac_user_flags = 11
+# def rsbac_min(a,b): return (((a)<(b))?(a):(b)) # macro
+UM_maxchange = 8
+AMS_last_auth_and_gid = 3
+def __bos0(ptr): return __builtin_object_size (ptr, 0) # macro
+NTS_set_address_family = 12
+ST_sysfs = 15
+PP_TP = 1
+RSYS_um_get_group_item = 66
+RI_type_comp_dev = 4
+__OFF64_T_TYPE = __SQUAD_TYPE # alias
+R_CHANGE_GROUP = 3
+__FLOAT_WORD_ORDER = __BYTE_ORDER # alias
+RSYS_um_check_account_name = 83
+RI_def_ipc_create_type = 21
+R_IOCTL = 48
+PR_system_admin = 4
+RI_def_fd_ind_create_type_remove = 38
+__NFDBITS = 32 # Variable c_uint
+NFDBITS = __NFDBITS # alias
+A_auth_last_auth = 94
+PA_none = 13
+RSYS_remove_target_n = 8
+RST_none = 33
+A_max_read_categories = 27
+PH_none = 3
+RSYS_mac_get_f_trulist = 25
+# def RSBAC_IS_ZERO_DEV_DESC(dev): return ((dev.type == D_none) && !dev.major && !dev.minor) # macro
+RCR_SUPERVISOR = 59
+FR_euid_only = 2
+A_pm_tp = 44
+PO_non_personal_data = 3
+R_TERMINATE = 30
+# def __FD_ZERO(fdsp): return do { int __d0, __d1; __asm__ __volatile__ ("cld; rep; stosl" : "=c" (__d0), "=D" (__d1) : "a" (0), "0" (sizeof (fd_set) / sizeof (__fd_mask)), "1" (&__FDS_BITS (fdsp)[0]) : "memory"); } while (0) # macro
+A_local_sec_level = 3
+SL_secret = 2
+RSYS_pm = 28
+R_MOUNT = 18
+def __bos(ptr): return __builtin_object_size (ptr, __USE_FORTIFY_LEVEL > 1) # macro
+PF_delete_responsible_user = 13
+A_jail_role = 20
+A_local_log_array_low = 78
+R_WRITE_OPEN = 35
+LDD_true = 1
+# def _syscall4(type,name,type1,arg1,type2,arg2,type3,arg3,type4,arg4): return type name (type1 arg1, type2 arg2, type3 arg3, type4 arg4) { long __res; __asm__ volatile ("push %%ebx ; movl %2,%%ebx ; int $0x80 ; pop %%ebx" : "=a" (__res) : "0" (__NR_ ##name),"ri" ((long)(arg1)),"c" ((long)(arg2)), "d" ((long)(arg3)),"S" ((long)(arg4)) : "memory"); __syscall_return(type,__res); } # macro
+RSYS_acl_get_tlist = 49
+A_remote_ip = 95
+A_pax_role = 21
+R_SEARCH = 25
+T_USER = 7
+LL_request = 3
+NTS_check_id = 3
+RSYS_rc_get_list = 38
+ST_swap = 6
+ACT_group_real = 3
+SW_FF = 4
+RI_type_netobj_remove = 47
+RSYS_rc_get_current_role = 57
+A_auth_learn = 61
+GRANTED = 1
+PTF_set_device_object_type = 19
+RSYS_um_get_gm_list = 74
+ACLGS_remove_member = 6
+RI_type_comp_netobj = 12
+# __SWORD_TYPE = int # alias
+# __SSIZE_T_TYPE = __SWORD_TYPE # alias
+PO_personal_data = 2
+RSYS_acl_list_all_user = 91
+ACLC_remove_acl_entry = 1
+RI_type_user_name = 29
+A_system_role = 14
+PA_tp = 4
+RSYS_rc_copy_role = 32
+def FD_CLR(fd,fdsetp): return __FD_CLR (fd, fdsetp) # macro
+ACLG_PRIVATE = 1
+RI_type_nettemp_remove = 46
+A_mac_process_flags = 12
+RSYS_log = 16
+SW_CAP = 9
+ST_mlock = 21
+A_local_pm_object_class = 35
+SW_SOFTMODE = 13
+RSYS_rc_copy_type = 33
+def __ASMNAME(cname): return __ASMNAME2 (__USER_LABEL_PREFIX__, cname) # macro
+PF_set_tp = 26
+D_block_major = 2
+PF_set_auth_may_setuid = 20
+SR_administrator = 2
+A_remote_rc_type = 52
+R_DELETE = 9
+RSYS_acl_get_tlist_n = 50
+SW_RES = 11
+# def __NTH(fct): return fct throw () # macro
+PF_add_object_class = 4
+A_jail_flags = 69
+R_REMOVE_FROM_KERNEL = 23
+R_SEND_SIGNAL = 26
+RC_role_inherit_user = 4294967295L # Variable c_uint
+RC_default_init_force_role = RC_role_inherit_user # alias
+# def __nonnull(params): return __attribute__ ((__nonnull__ params)) # macro
+RI_type_scd_name = 36
+PF_set_auth_may_set_cap = 21
+A_mac_auto = 28
+A_symlink_add_uid = 86
+R_NET_SHUTDOWN = 43
+EAGAIN = 11 # Variable c_int
+EWOULDBLOCK = EAGAIN # alias
+A_mac_categories = 6
+# def rsbac_max(a,b): return (((a)>(b))?(a):(b)) # macro
+UM_minchange = 7
+PTF_switch_pm = 17
+AMS_last_auth_only = 2
+A_remote_sec_level = 4
+T_UNIXSOCK = 15
+NTS_set_address = 11
+SW_PAX = 12
+A_initial_security_level = 2
+RSYS_um_get_user_item = 65
+RI_type_comp_fd = 3
+# __RLIM_T_TYPE = __ULONGWORD_TYPE # alias
+A_security_level = 1
+R_APPEND_OPEN = 2
+ST_nfsd = 19
+RSYS_um_check_account = 82
+RSYS_mac_get_max_level = 19
+I_none = 6
+RI_def_process_execute_type = 20
+# __UID_T_TYPE = __U32_TYPE # alias
+PR_tp_manager = 3
+PTF_delete_purpose = 11
+RI_remove_role = 37
+PA_out_pp_set = 12
+RSYS_remove_target = 7
+SW_FREEZE = 16
+RST_auth_administration = 32
+PTF_delete_consent = 9
+RSYS_mac_remove_f_tru = 24
+RSYS_write = 15
+# def RSBAC_IS_AUTO_DEV_DESC(dev): return ((dev.type == D_none) && (dev.major == 99) && (dev.minor == 99)) # macro
+RCR_ACCESS_CONTROL = 58
+FR_uid_only = 1
+A_pm_program_type = 43
+RI_boot_role = 24
+RSYS_auth_add_f_cap = 41
+MA_inherit = 2
+# def __FD_SET(fd,fdsp): return __asm__ __volatile__ ("btsl %1,%0" : "=m" (__FDS_BITS (fdsp)[__FDELT (fd)]) : "r" (((int) (fd)) % __NFDBITS) : "cc","memory") # macro
+SL_confidential = 1
+T_NONE = 16
+A_auth_may_set_cap = 60
+R_MODIFY_SYSTEM_DATA = 17
+PF_add_responsible_user = 12
+A_cap_role = 19
+A_log_array_low = 77
+T_FD = 14
+R_WRITE = 34
+# def __REDIRECT(name,proto,alias): return name proto __asm__ (__ASMNAME (#alias)) # macro
+# def offsetof(TYPE,MEMBER): return ((size_t) &((TYPE *)0)->MEMBER) # macro
+EDEADLK = 35 # Variable c_int
+EDEADLOCK = EDEADLK # alias
+R_NONE = 51
+I_anonunix = 5
+RI_def_process_chown_type = 19
+T_SCD = 6
+# def HIPQUAD(addr): return ((unsigned char *)&addr)[3], ((unsigned char *)&addr)[2], ((unsigned char *)&addr)[1], ((unsigned char *)&addr)[0] # macro
+ST_rlimit = 5
+ACT_fs = 2
+SW_DAZ = 3
+RI_def_user_create_type = 17
+PTF_delete_na = 1
+RSYS_init = 56
+RSYS_set_attr_n = 6
+NOT_GRANTED = 0
+PTF_switch_auth = 18
+RSYS_um_get_user_list = 73
+RI_type_comp_nettemp = 11
+# volatile = __volatile__ # alias
+RSYS_get_attr_n = 4
+PO_TP = 1
+RSYS_list_all_user = 90
+ACLC_set_acl_entry = 0
+RI_type_ipc_name = 28
+RI_admin_type = 13
+PA_cs = 3
+RSYS_check = 2
+ACLG_GLOBAL = 0
+RI_type_netdev_remove = 45
+PL_tp = 4
+ACLR_SUPERVISOR = 58
+I_anonpipe = 3
+ST_ksyms = 20
+A_pm_object_class = 34
+R_LISTEN = 38
+def RSBAC_VERSION_MAKE_NR(x,y,z): return ((x << 16) & (y << 8) & z) # macro
+def __P(args): return args # macro
+A_remote_pm_object_type = 42
+SR_security_officer = 1
+A_local_rc_type = 51
+R_CREATE = 8
+T_DIR = 1
+def __LONG_LONG_PAIR(HI,LO): return LO, HI # macro
+A_mac_min_categories = 10
+A_jail_ip = 68
+# def __u_intN_t(N,MODE): return typedef unsigned int u_int ##N ##_t __attribute__ ((__mode__ (MODE))) # macro
+RC_default_force_role = RC_role_inherit_parent # alias
+# def __isleap(year): return ((year) % 4 == 0 && ((year) % 100 != 0 || (year) % 400 == 0)) # macro
+R_RECEIVE = 42
+# def __release(x): return (void)0 # macro
+UM_lastchange = 6
+A_mac_prop_trusted = 30
+D_none = 4
+AST_auth_administration = 32
+A_symlink_add_remote_ip = 85
+NTS_get_name = 10
+ST_firewall = 13
+RSYS_um_mod_group = 64
+RI_assign_roles = 2
+__RLIM64_T_TYPE = __UQUAD_TYPE # alias
+RI_role_comp = 0
+R_ALTER = 1
+RSYS_um_set_group_pass = 81
+PR_data_protection_officer = 2
+PP_none = 0
+A_cap_ld_env = 96
+# __KEY_T_TYPE = __S32_TYPE # alias
+def FD_ISSET(fd,fdsetp): return __FD_ISSET (fd, fdsetp) # macro
+RSYS_mac_add_f_tru = 23
+RCR_ASSIGN = 57
+FR_off = 0
+RSYS_auth_remove_p_cap = 40
+MA_yes = 1
+# def __FD_ISSET(fd,fdsp): return (__extension__ ({register char __result; __asm__ __volatile__ ("btl %1,%2 ; setcb %b0" : "=q" (__result) : "r" (((int) (fd)) % __NFDBITS), "m" (__FDS_BITS (fdsp)[__FDELT (fd)]) : "cc"); __result; })) # macro
+A_auth_may_setuid = 59
+R_MODIFY_PERMISSIONS_DATA = 16
+__PDP_ENDIAN = 3412 # Variable c_int
+PDP_ENDIAN = __PDP_ENDIAN # alias
+A_cap_process_hiding = 90
+def __attribute_format_arg__(x): return __attribute__ ((__format_arg__ (x))) # macro
+SL_unclassified = 0
+PF_delete_purpose = 11
+A_auth_role = 18
+A_res_max = 76
+A_linux_dac_disable = 89
+A_log_program_based = 83
+# def _syscall2(type,name,type1,arg1,type2,arg2): return type name(type1 arg1,type2 arg2) { long __res; __asm__ volatile ("push %%ebx ; movl %2,%%ebx ; int $0x80 ; pop %%ebx" : "=a" (__res) : "0" (__NR_ ##name),"ri" ((long)(arg1)),"c" ((long)(arg2)) : "memory"); __syscall_return(type,__res); } # macro
+PF_none = 28
+R_AUTHENTICATE = 50
+I_mqueue = 4
+A_symlink_add_mac_level = 87
+UM_none = 14
+T_IPC = 5
+NTS_copy_template = 1
+ST_ioports = 4
+ACT_eff = 1
+SW_PM = 2
+A_auid_exempt = 93
+PTF_add_na = 0
+NTS_none = 18
+RSYS_jail = 55
+# __CLOCK_T_TYPE = __SLONGWORD_TYPE # alias
+RSYS_um_get_next_user = 72
+ACLGS_list_groups = 4
+PTF_delete_authorized_tp = 7
+RI_type_comp_netdev = 10
+PO_none = 0
+RSYS_acl_list_all_dev = 89
+__S64_TYPE = __quad_t # alias
+ST_kexec = 23
+PA_na = 2
+R_READ_WRITE_OPEN = 21
+LITTLE_ENDIAN = __LITTLE_ENDIAN # alias
+RI_type_group_remove = 44
+PL_cs = 3
+RC_none = 3
+AST_none = 33
+A_pm_current_task = 33
+RSYS_daz_flush_cache = 31
+# def RSBAC_SCD_VECTOR(x): return ((rsbac_scd_vector_t) 1 << (x)) # macro
+ACLS_NONE = 3
+SR_user = 0
+A_rc_select_type = 50
+R_CLOSE = 7
+RSYS_acl_get_rights_n = 48
+# def __LDBL_REDIR_NTH(name,proto): return name proto __THROW # macro
+PF_add_task = 2
+A_remote_mac_categories = 9
+A_jail_parent = 67
+R_RENAME = 24
+# def __intN_t(N,MODE): return typedef int int ##N ##_t __attribute__ ((__mode__ (MODE))) # macro
+PF_set_device_object_type = 19
+A_max_read_open = 26
+A_log_user_based = 84
+R_SEND = 41
+# def __FDS_BITS(set): return ((set)->fds_bits) # macro
+def minor(dev): return gnu_dev_minor (dev) # macro
+UM_group = 5
+D_char_major = 3
+AMS_off = 0
+T_GROUP = 13
+# def RSBAC_ERROR(res): return ((res <= -RSBAC_EPERM) && (res >= -RSBAC_EMAX)) # macro
+NTS_get_ports = 9
+A_jail_max_caps = 70
+ST_network = 12
+SW_JAIL = 10
+PTF_add_consent = 8
+RSYS_um_mod_user = 63
+RI_admin_roles = 1
+# __SUSECONDS_T_TYPE = __SLONGWORD_TYPE # alias
+R_ADD_TO_KERNEL = 0
+RI_def_process_create_type = 18
+PR_security_officer = 1
+AMS_full = 1
+# __FSBLKCNT_T_TYPE = __ULONGWORD_TYPE # alias
+ACLC_none = 7
+RI_type_fd_need_secdel = 35
+ACT_none = 6
+PA_pp_set = 10
+RSYS_set_attr = 5
+RSYS_mac_remove_p_tru = 22
+# def RSBAC_ACL_RIGHTS_VECTOR(x): return ((rsbac_acl_rights_vector_t) 1 << (x)) # macro
+RCR_ADMIN = 56
+ACLR_NONE = 59
+A_local_pm_object_type = 41
+RSYS_auth_add_p_cap = 39
+MA_no = 0
+# def __FD_CLR(fd,fdsp): return __asm__ __volatile__ ("btrl %1,%0" : "=m" (__FDS_BITS (fdsp)[__FDELT (fd)]) : "r" (((int) (fd)) % __NFDBITS) : "cc","memory") # macro
+A_pseudo = 0
+# __CLOCKID_T_TYPE = __S32_TYPE # alias
+__BIG_ENDIAN = 4321 # Variable c_int
+BIG_ENDIAN = __BIG_ENDIAN # alias
+R_MODIFY_ATTRIBUTE = 15
+MAC_allow_auto = 64 # Variable c_int
+RSBAC_MAC_DEF_SYSADM_U_FLAGS = MAC_allow_auto # alias
+# def __acquire(x): return (void)0 # macro
+PF_add_purpose = 10
+A_ff_role = 17
+A_res_min = 75
+def __GLIBC_PREREQ(maj,min): return ((__GLIBC__ << 16) + __GLIBC_MINOR__ >= ((maj) << 16) + (min)) # macro
+R_TRUNCATE = 32
+# __BLKCNT_T_TYPE = __SLONGWORD_TYPE # alias
+MAC_auto = 2 # Variable c_int
+RSBAC_MAC_DEF_INIT_P_FLAGS = MAC_auto # alias
+# def _syscall1(type,name,type1,arg1): return type name(type1 arg1) { long __res; __asm__ volatile ("push %%ebx ; movl %2,%%ebx ; int $0x80 ; pop %%ebx" : "=a" (__res) : "0" (__NR_ ##name),"ri" ((long)(arg1)) : "memory"); __syscall_return(type,__res); } # macro
+PF_create_ticket = 27
+# __OFF_T_TYPE = __SLONGWORD_TYPE # alias
+A_audit_uid = 92
+R_LOCK = 49
+UM_cryptpass = 13
+T_DEV = 4
+# __BLKSIZE_T_TYPE = __SLONGWORD_TYPE # alias
+ACLGS_none = 9
+NTS_new_template = 0
+ACT_real = 0
+SW_MAC = 1
+NTS_set_name = 17
+RSYS_reg = 54
+PTF_set_object_class = 16
+A_rc_type_fd = 53
+RSYS_um_group_exists = 71
+D_block = 0
+ACLGS_get_group_entry = 3
+ACLGS_add_member = 5
+__FSFILCNT64_T_TYPE = __UQUAD_TYPE # alias
+RSYS_list_all_dev = 88
+LD_deny = 0
+RI_type_fd_name = 26
+PA_class = 1
+RI_type_process_remove = 43
+__DEV_T_TYPE = __UQUAD_TYPE # alias
+RSYS_adf_log_switch = 13
+RC_system_admin = 2
+ST_sysctl = 18
+A_res_role = 74
+RSYS_pm_create_file = 30
+# def RSBAC_REQUEST_VECTOR(x): return ((rsbac_request_vector_t) 1 << (x)) # macro
+ACLS_GROUP = 2
+A_rc_type = 49
+CAP_NONE = 29 # Variable c_int
+RSBAC_CAP_MAX = CAP_NONE # alias
+RSYS_acl_get_rights = 47
+# def __LDBL_REDIR1_NTH(name,proto,alias): return name proto __THROW # macro
+A_local_mac_categories = 8
+A_jail_id = 66
+# NULL = __null # alias
+PF_switch_auth = 18
+A_min_write_categories = 25
+R_CONNECT = 40
+RC_role_use_force_role = 4294967291L # Variable c_uint
+RC_default_root_dir_initial_role = RC_role_use_force_role # alias
+def makedev(maj,min): return gnu_dev_makedev (maj, min) # macro
+UM_shell = 4
+ACLC_remove_user = 6
+T_NETTEMP_NT = 12
+NTS_get_netdev = 8
+A_pm_object_type = 40
+RSYS_um_get_uid = 77
+# __PID_T_TYPE = __S32_TYPE # alias
+A_local_pm_ipc_purpose = 38
+PTF_none = 24
+RSYS_um_set_pass = 79
+PTF_add_task = 2
+PR_user = 0
+RSYS_get_adf_log = 14
+RI_type_dev_name = 27
+RSYS_none = 96
+RI_type_netobj_name = 34
+PF_delete_task = 3
+PA_ru_set = 9
+RSYS_mac_add_p_tru = 21
+# def NIPQUAD(addr): return ((unsigned char *)&addr)[0], ((unsigned char *)&addr)[1], ((unsigned char *)&addr)[2], ((unsigned char *)&addr)[3] # macro
+A_pm_process_type = 32
+A_rc_role = 57
+
+# values for enumeration 'rsbac_acl_subject_type_t'
+rsbac_acl_subject_type_t = c_int # enum
+__u8 = c_ubyte
+rsbac_acl_int_subject_type_t = __u8
+__u32 = c_uint
+rsbac_acl_subject_id_t = __u32
+
+# values for enumeration 'rsbac_acl_special_rights_t'
+rsbac_acl_special_rights_t = c_int # enum
+__u64 = c_ulonglong
+rsbac_acl_rights_vector_t = __u64
+
+# values for enumeration 'rsbac_acl_scd_type_t'
+rsbac_acl_scd_type_t = c_int # enum
+class rsbac_acl_entry_t(Structure):
+ pass
+rsbac_acl_entry_t._pack_ = 4
+rsbac_acl_entry_t._fields_ = [
+ ('subj_type', rsbac_acl_int_subject_type_t),
+ ('subj_id', rsbac_acl_subject_id_t),
+ ('rights', rsbac_acl_rights_vector_t),
+]
+assert sizeof(rsbac_acl_entry_t) == 16, sizeof(rsbac_acl_entry_t)
+assert alignment(rsbac_acl_entry_t) == 4, alignment(rsbac_acl_entry_t)
+class rsbac_acl_entry_desc_t(Structure):
+ pass
+rsbac_acl_entry_desc_t._fields_ = [
+ ('subj_type', rsbac_acl_int_subject_type_t),
+ ('subj_id', rsbac_acl_subject_id_t),
+]
+assert sizeof(rsbac_acl_entry_desc_t) == 8, sizeof(rsbac_acl_entry_desc_t)
+assert alignment(rsbac_acl_entry_desc_t) == 4, alignment(rsbac_acl_entry_desc_t)
+
+# values for enumeration 'rsbac_acl_group_type_t'
+rsbac_acl_group_type_t = c_int # enum
+rsbac_acl_group_id_t = __u32
+class rsbac_acl_group_entry_t(Structure):
+ pass
+rsbac_uid_t = __u32
+rsbac_acl_group_entry_t._fields_ = [
+ ('id', rsbac_acl_group_id_t),
+ ('owner', rsbac_uid_t),
+ ('type', rsbac_acl_group_type_t),
+ ('name', c_char * 16),
+]
+assert sizeof(rsbac_acl_group_entry_t) == 28, sizeof(rsbac_acl_group_entry_t)
+assert alignment(rsbac_acl_group_entry_t) == 4, alignment(rsbac_acl_group_entry_t)
+
+# values for enumeration 'rsbac_acl_syscall_type_t'
+rsbac_acl_syscall_type_t = c_int # enum
+class rsbac_acl_syscall_arg_t(Structure):
+ pass
+
+# values for enumeration 'rsbac_target_t'
+rsbac_target_t = c_int # enum
+class rsbac_target_id_t(Union):
+ pass
+class rsbac_dev_desc_t(Structure):
+ pass
+rsbac_dev_desc_t._fields_ = [
+ ('type', __u32),
+ ('major', __u32),
+ ('minor', __u32),
+]
+assert sizeof(rsbac_dev_desc_t) == 12, sizeof(rsbac_dev_desc_t)
+assert alignment(rsbac_dev_desc_t) == 4, alignment(rsbac_dev_desc_t)
+class rsbac_ipc_t(Structure):
+ pass
+
+# values for enumeration 'rsbac_ipc_type_t'
+rsbac_ipc_type_t = c_int # enum
+class rsbac_ipc_id_t(Union):
+ pass
+__u_long = c_ulong
+u_long = __u_long
+rsbac_ipc_id_t._fields_ = [
+ ('id_nr', u_long),
+]
+assert sizeof(rsbac_ipc_id_t) == 4, sizeof(rsbac_ipc_id_t)
+assert alignment(rsbac_ipc_id_t) == 4, alignment(rsbac_ipc_id_t)
+rsbac_ipc_t._fields_ = [
+ ('type', rsbac_ipc_type_t),
+ ('id', rsbac_ipc_id_t),
+]
+assert sizeof(rsbac_ipc_t) == 8, sizeof(rsbac_ipc_t)
+assert alignment(rsbac_ipc_t) == 4, alignment(rsbac_ipc_t)
+rsbac_enum_t = __u8
+rsbac_gid_t = __u32
+rsbac_pid_t = __u32
+__u_char = c_ubyte
+u_char = __u_char
+rsbac_netdev_id_t = u_char * 17
+rsbac_net_temp_id_t = __u32
+class rsbac_net_obj_desc_t(Structure):
+ pass
+rsbac_net_obj_id_t = c_void_p
+__u_int = c_uint
+u_int = __u_int
+rsbac_net_obj_desc_t._fields_ = [
+ ('sock_p', rsbac_net_obj_id_t),
+ ('local_addr', c_void_p),
+ ('local_len', u_int),
+ ('remote_addr', c_void_p),
+ ('remote_len', u_int),
+ ('local_temp', rsbac_net_temp_id_t),
+ ('remote_temp', rsbac_net_temp_id_t),
+]
+assert sizeof(rsbac_net_obj_desc_t) == 28, sizeof(rsbac_net_obj_desc_t)
+assert alignment(rsbac_net_obj_desc_t) == 4, alignment(rsbac_net_obj_desc_t)
+rsbac_target_id_t._fields_ = [
+ ('dev', rsbac_dev_desc_t),
+ ('ipc', rsbac_ipc_t),
+ ('scd', rsbac_enum_t),
+ ('user', rsbac_uid_t),
+ ('group', rsbac_gid_t),
+ ('process', rsbac_pid_t),
+ ('netdev', rsbac_netdev_id_t),
+ ('nettemp', rsbac_net_temp_id_t),
+ ('netobj', rsbac_net_obj_desc_t),
+ ('dummy', c_int),
+]
+assert sizeof(rsbac_target_id_t) == 28, sizeof(rsbac_target_id_t)
+assert alignment(rsbac_target_id_t) == 4, alignment(rsbac_target_id_t)
+rsbac_time_t = __u32
+rsbac_acl_syscall_arg_t._pack_ = 4
+rsbac_acl_syscall_arg_t._fields_ = [
+ ('target', rsbac_target_t),
+ ('tid', rsbac_target_id_t),
+ ('subj_type', rsbac_acl_subject_type_t),
+ ('subj_id', rsbac_acl_subject_id_t),
+ ('rights', rsbac_acl_rights_vector_t),
+ ('ttl', rsbac_time_t),
+]
+assert sizeof(rsbac_acl_syscall_arg_t) == 52, sizeof(rsbac_acl_syscall_arg_t)
+assert alignment(rsbac_acl_syscall_arg_t) == 4, alignment(rsbac_acl_syscall_arg_t)
+class rsbac_acl_syscall_n_arg_t(Structure):
+ pass
+rsbac_acl_syscall_n_arg_t._pack_ = 4
+rsbac_acl_syscall_n_arg_t._fields_ = [
+ ('target', rsbac_target_t),
+ ('name', STRING),
+ ('subj_type', rsbac_acl_subject_type_t),
+ ('subj_id', rsbac_acl_subject_id_t),
+ ('rights', rsbac_acl_rights_vector_t),
+ ('ttl', rsbac_time_t),
+]
+assert sizeof(rsbac_acl_syscall_n_arg_t) == 28, sizeof(rsbac_acl_syscall_n_arg_t)
+assert alignment(rsbac_acl_syscall_n_arg_t) == 4, alignment(rsbac_acl_syscall_n_arg_t)
+
+# values for enumeration 'rsbac_acl_group_syscall_type_t'
+rsbac_acl_group_syscall_type_t = c_int # enum
+class rsbac_acl_add_group_arg_t(Structure):
+ pass
+rsbac_acl_add_group_arg_t._fields_ = [
+ ('type', rsbac_acl_group_type_t),
+ ('name', STRING),
+ ('group_id_p', POINTER(rsbac_acl_group_id_t)),
+]
+assert sizeof(rsbac_acl_add_group_arg_t) == 12, sizeof(rsbac_acl_add_group_arg_t)
+assert alignment(rsbac_acl_add_group_arg_t) == 4, alignment(rsbac_acl_add_group_arg_t)
+class rsbac_acl_change_group_arg_t(Structure):
+ pass
+rsbac_acl_change_group_arg_t._fields_ = [
+ ('id', rsbac_acl_group_id_t),
+ ('owner', rsbac_uid_t),
+ ('type', rsbac_acl_group_type_t),
+ ('name', STRING),
+]
+assert sizeof(rsbac_acl_change_group_arg_t) == 16, sizeof(rsbac_acl_change_group_arg_t)
+assert alignment(rsbac_acl_change_group_arg_t) == 4, alignment(rsbac_acl_change_group_arg_t)
+class rsbac_acl_remove_group_arg_t(Structure):
+ pass
+rsbac_acl_remove_group_arg_t._fields_ = [
+ ('id', rsbac_acl_group_id_t),
+]
+assert sizeof(rsbac_acl_remove_group_arg_t) == 4, sizeof(rsbac_acl_remove_group_arg_t)
+assert alignment(rsbac_acl_remove_group_arg_t) == 4, alignment(rsbac_acl_remove_group_arg_t)
+class rsbac_acl_get_group_entry_arg_t(Structure):
+ pass
+rsbac_acl_get_group_entry_arg_t._fields_ = [
+ ('id', rsbac_acl_group_id_t),
+ ('entry_p', POINTER(rsbac_acl_group_entry_t)),
+]
+assert sizeof(rsbac_acl_get_group_entry_arg_t) == 8, sizeof(rsbac_acl_get_group_entry_arg_t)
+assert alignment(rsbac_acl_get_group_entry_arg_t) == 4, alignment(rsbac_acl_get_group_entry_arg_t)
+class rsbac_acl_list_groups_arg_t(Structure):
+ pass
+rsbac_boolean_t = u_int
+rsbac_acl_list_groups_arg_t._fields_ = [
+ ('include_global', rsbac_boolean_t),
+ ('group_entry_array', POINTER(rsbac_acl_group_entry_t)),
+ ('maxnum', u_int),
+]
+assert sizeof(rsbac_acl_list_groups_arg_t) == 12, sizeof(rsbac_acl_list_groups_arg_t)
+assert alignment(rsbac_acl_list_groups_arg_t) == 4, alignment(rsbac_acl_list_groups_arg_t)
+class rsbac_acl_add_member_arg_t(Structure):
+ pass
+rsbac_acl_add_member_arg_t._fields_ = [
+ ('group', rsbac_acl_group_id_t),
+ ('user', rsbac_uid_t),
+ ('ttl', rsbac_time_t),
+]
+assert sizeof(rsbac_acl_add_member_arg_t) == 12, sizeof(rsbac_acl_add_member_arg_t)
+assert alignment(rsbac_acl_add_member_arg_t) == 4, alignment(rsbac_acl_add_member_arg_t)
+class rsbac_acl_remove_member_arg_t(Structure):
+ pass
+rsbac_acl_remove_member_arg_t._fields_ = [
+ ('group', rsbac_acl_group_id_t),
+ ('user', rsbac_uid_t),
+]
+assert sizeof(rsbac_acl_remove_member_arg_t) == 8, sizeof(rsbac_acl_remove_member_arg_t)
+assert alignment(rsbac_acl_remove_member_arg_t) == 4, alignment(rsbac_acl_remove_member_arg_t)
+class rsbac_acl_get_user_groups_arg_t(Structure):
+ pass
+rsbac_acl_get_user_groups_arg_t._fields_ = [
+ ('user', rsbac_uid_t),
+ ('group_array', POINTER(rsbac_acl_group_id_t)),
+ ('ttl_array', POINTER(rsbac_time_t)),
+ ('maxnum', u_int),
+]
+assert sizeof(rsbac_acl_get_user_groups_arg_t) == 16, sizeof(rsbac_acl_get_user_groups_arg_t)
+assert alignment(rsbac_acl_get_user_groups_arg_t) == 4, alignment(rsbac_acl_get_user_groups_arg_t)
+class rsbac_acl_get_group_members_arg_t(Structure):
+ pass
+rsbac_acl_get_group_members_arg_t._fields_ = [
+ ('group', rsbac_acl_group_id_t),
+ ('user_array', POINTER(rsbac_uid_t)),
+ ('ttl_array', POINTER(rsbac_time_t)),
+ ('maxnum', u_int),
+]
+assert sizeof(rsbac_acl_get_group_members_arg_t) == 16, sizeof(rsbac_acl_get_group_members_arg_t)
+assert alignment(rsbac_acl_get_group_members_arg_t) == 4, alignment(rsbac_acl_get_group_members_arg_t)
+class rsbac_acl_group_syscall_arg_t(Union):
+ pass
+rsbac_acl_group_syscall_arg_t._fields_ = [
+ ('add_group', rsbac_acl_add_group_arg_t),
+ ('change_group', rsbac_acl_change_group_arg_t),
+ ('remove_group', rsbac_acl_remove_group_arg_t),
+ ('get_group_entry', rsbac_acl_get_group_entry_arg_t),
+ ('list_groups', rsbac_acl_list_groups_arg_t),
+ ('add_member', rsbac_acl_add_member_arg_t),
+ ('remove_member', rsbac_acl_remove_member_arg_t),
+ ('get_user_groups', rsbac_acl_get_user_groups_arg_t),
+ ('get_group_members', rsbac_acl_get_group_members_arg_t),
+]
+assert sizeof(rsbac_acl_group_syscall_arg_t) == 16, sizeof(rsbac_acl_group_syscall_arg_t)
+assert alignment(rsbac_acl_group_syscall_arg_t) == 4, alignment(rsbac_acl_group_syscall_arg_t)
+class rsbac_net_temp_port_range_t(Structure):
+ pass
+__u16 = c_ushort
+rsbac_net_temp_port_range_t._fields_ = [
+ ('min', __u16),
+ ('max', __u16),
+]
+assert sizeof(rsbac_net_temp_port_range_t) == 4, sizeof(rsbac_net_temp_port_range_t)
+assert alignment(rsbac_net_temp_port_range_t) == 2, alignment(rsbac_net_temp_port_range_t)
+class rsbac_net_temp_inet_addr_t(Structure):
+ pass
+rsbac_net_temp_inet_addr_t._fields_ = [
+ ('addr', __u32 * 25),
+ ('valid_bits', __u8 * 25),
+ ('nr_addr', __u8),
+]
+assert sizeof(rsbac_net_temp_inet_addr_t) == 128, sizeof(rsbac_net_temp_inet_addr_t)
+assert alignment(rsbac_net_temp_inet_addr_t) == 4, alignment(rsbac_net_temp_inet_addr_t)
+class rsbac_net_temp_other_addr_t(Structure):
+ pass
+rsbac_net_temp_other_addr_t._fields_ = [
+ ('addr', c_char * 128),
+ ('valid_len', __u8),
+]
+assert sizeof(rsbac_net_temp_other_addr_t) == 129, sizeof(rsbac_net_temp_other_addr_t)
+assert alignment(rsbac_net_temp_other_addr_t) == 1, alignment(rsbac_net_temp_other_addr_t)
+class rsbac_net_temp_ports_t(Structure):
+ pass
+rsbac_net_temp_ports_t._fields_ = [
+ ('ports', rsbac_net_temp_port_range_t * 10),
+ ('nr_ports', __u8),
+]
+assert sizeof(rsbac_net_temp_ports_t) == 42, sizeof(rsbac_net_temp_ports_t)
+assert alignment(rsbac_net_temp_ports_t) == 2, alignment(rsbac_net_temp_ports_t)
+class rsbac_net_temp_addr_t(Union):
+ pass
+rsbac_net_temp_addr_t._fields_ = [
+ ('inet', rsbac_net_temp_inet_addr_t),
+ ('other', rsbac_net_temp_other_addr_t),
+]
+assert sizeof(rsbac_net_temp_addr_t) == 132, sizeof(rsbac_net_temp_addr_t)
+assert alignment(rsbac_net_temp_addr_t) == 4, alignment(rsbac_net_temp_addr_t)
+class rsbac_net_temp_data_t(Structure):
+ pass
+rsbac_net_temp_data_t._fields_ = [
+ ('address', rsbac_net_temp_addr_t),
+ ('address_family', __u8),
+ ('type', __u8),
+ ('protocol', __u8),
+ ('netdev', rsbac_netdev_id_t),
+ ('ports', rsbac_net_temp_ports_t),
+ ('name', c_char * 16),
+]
+assert sizeof(rsbac_net_temp_data_t) == 212, sizeof(rsbac_net_temp_data_t)
+assert alignment(rsbac_net_temp_data_t) == 4, alignment(rsbac_net_temp_data_t)
+class rsbac_net_temp_old_data_t(Structure):
+ pass
+rsbac_net_temp_old_data_t._fields_ = [
+ ('address', c_char * 128),
+ ('address_family', __u8),
+ ('valid_len', __u8),
+ ('type', __u8),
+ ('protocol', __u8),
+ ('netdev', rsbac_netdev_id_t),
+ ('min_port', __u16),
+ ('max_port', __u16),
+ ('name', c_char * 16),
+]
+assert sizeof(rsbac_net_temp_old_data_t) == 170, sizeof(rsbac_net_temp_old_data_t)
+assert alignment(rsbac_net_temp_old_data_t) == 2, alignment(rsbac_net_temp_old_data_t)
+class rsbac_net_description_t(Structure):
+ pass
+rsbac_net_description_t._fields_ = [
+ ('address_family', __u8),
+ ('address', c_void_p),
+ ('address_len', __u8),
+ ('type', __u8),
+ ('protocol', __u8),
+ ('netdev', rsbac_netdev_id_t),
+ ('port', __u16),
+]
+assert sizeof(rsbac_net_description_t) == 32, sizeof(rsbac_net_description_t)
+assert alignment(rsbac_net_description_t) == 4, alignment(rsbac_net_description_t)
+
+# values for enumeration 'rsbac_net_temp_syscall_t'
+rsbac_net_temp_syscall_t = c_int # enum
+class rsbac_net_temp_syscall_data_t(Union):
+ pass
+rsbac_net_temp_syscall_data_t._fields_ = [
+ ('id', rsbac_net_temp_id_t),
+ ('address', rsbac_net_temp_addr_t),
+ ('address_family', __u8),
+ ('type', __u8),
+ ('protocol', __u8),
+ ('netdev', rsbac_netdev_id_t),
+ ('ports', rsbac_net_temp_ports_t),
+ ('name', c_char * 16),
+]
+assert sizeof(rsbac_net_temp_syscall_data_t) == 132, sizeof(rsbac_net_temp_syscall_data_t)
+assert alignment(rsbac_net_temp_syscall_data_t) == 4, alignment(rsbac_net_temp_syscall_data_t)
+
+# values for enumeration 'rsbac_pm_tkt_function_type_t'
+rsbac_pm_tkt_function_type_t = c_int # enum
+class rsbac_pm_add_na_t(Structure):
+ pass
+rsbac_pm_task_id_t = __u32
+rsbac_pm_object_class_id_t = __u32
+rsbac_pm_tp_id_t = __u32
+rsbac_pm_accesses_t = __u8
+rsbac_pm_add_na_t._fields_ = [
+ ('task', rsbac_pm_task_id_t),
+ ('object_class', rsbac_pm_object_class_id_t),
+ ('tp', rsbac_pm_tp_id_t),
+ ('accesses', rsbac_pm_accesses_t),
+]
+assert sizeof(rsbac_pm_add_na_t) == 16, sizeof(rsbac_pm_add_na_t)
+assert alignment(rsbac_pm_add_na_t) == 4, alignment(rsbac_pm_add_na_t)
+class rsbac_pm_delete_na_t(Structure):
+ pass
+rsbac_pm_delete_na_t._fields_ = [
+ ('task', rsbac_pm_task_id_t),
+ ('object_class', rsbac_pm_object_class_id_t),
+ ('tp', rsbac_pm_tp_id_t),
+ ('accesses', rsbac_pm_accesses_t),
+]
+assert sizeof(rsbac_pm_delete_na_t) == 16, sizeof(rsbac_pm_delete_na_t)
+assert alignment(rsbac_pm_delete_na_t) == 4, alignment(rsbac_pm_delete_na_t)
+class rsbac_pm_add_task_t(Structure):
+ pass
+rsbac_pm_purpose_id_t = __u32
+rsbac_pm_add_task_t._fields_ = [
+ ('id', rsbac_pm_task_id_t),
+ ('purpose', rsbac_pm_purpose_id_t),
+]
+assert sizeof(rsbac_pm_add_task_t) == 8, sizeof(rsbac_pm_add_task_t)
+assert alignment(rsbac_pm_add_task_t) == 4, alignment(rsbac_pm_add_task_t)
+class rsbac_pm_delete_task_t(Structure):
+ pass
+rsbac_pm_delete_task_t._fields_ = [
+ ('id', rsbac_pm_task_id_t),
+]
+assert sizeof(rsbac_pm_delete_task_t) == 4, sizeof(rsbac_pm_delete_task_t)
+assert alignment(rsbac_pm_delete_task_t) == 4, alignment(rsbac_pm_delete_task_t)
+class rsbac_pm_add_object_class_t(Structure):
+ pass
+class rsbac_pm_purpose_list_item_t(Structure):
+ pass
+rsbac_pm_add_object_class_t._fields_ = [
+ ('id', rsbac_pm_object_class_id_t),
+ ('pp_list_p', POINTER(rsbac_pm_purpose_list_item_t)),
+]
+assert sizeof(rsbac_pm_add_object_class_t) == 8, sizeof(rsbac_pm_add_object_class_t)
+assert alignment(rsbac_pm_add_object_class_t) == 4, alignment(rsbac_pm_add_object_class_t)
+class rsbac_pm_delete_object_class_t(Structure):
+ pass
+rsbac_pm_delete_object_class_t._fields_ = [
+ ('id', rsbac_pm_object_class_id_t),
+]
+assert sizeof(rsbac_pm_delete_object_class_t) == 4, sizeof(rsbac_pm_delete_object_class_t)
+assert alignment(rsbac_pm_delete_object_class_t) == 4, alignment(rsbac_pm_delete_object_class_t)
+class rsbac_pm_add_authorized_tp_t(Structure):
+ pass
+rsbac_pm_add_authorized_tp_t._fields_ = [
+ ('task', rsbac_pm_task_id_t),
+ ('tp', rsbac_pm_tp_id_t),
+]
+assert sizeof(rsbac_pm_add_authorized_tp_t) == 8, sizeof(rsbac_pm_add_authorized_tp_t)
+assert alignment(rsbac_pm_add_authorized_tp_t) == 4, alignment(rsbac_pm_add_authorized_tp_t)
+class rsbac_pm_delete_authorized_tp_t(Structure):
+ pass
+rsbac_pm_delete_authorized_tp_t._fields_ = [
+ ('task', rsbac_pm_task_id_t),
+ ('tp', rsbac_pm_tp_id_t),
+]
+assert sizeof(rsbac_pm_delete_authorized_tp_t) == 8, sizeof(rsbac_pm_delete_authorized_tp_t)
+assert alignment(rsbac_pm_delete_authorized_tp_t) == 4, alignment(rsbac_pm_delete_authorized_tp_t)
+class rsbac_pm_add_consent_t(Structure):
+ pass
+rsbac_pm_add_consent_t._fields_ = [
+ ('filename', STRING),
+ ('purpose', rsbac_pm_purpose_id_t),
+]
+assert sizeof(rsbac_pm_add_consent_t) == 8, sizeof(rsbac_pm_add_consent_t)
+assert alignment(rsbac_pm_add_consent_t) == 4, alignment(rsbac_pm_add_consent_t)
+class rsbac_pm_delete_consent_t(Structure):
+ pass
+rsbac_pm_delete_consent_t._fields_ = [
+ ('filename', STRING),
+ ('purpose', rsbac_pm_purpose_id_t),
+]
+assert sizeof(rsbac_pm_delete_consent_t) == 8, sizeof(rsbac_pm_delete_consent_t)
+assert alignment(rsbac_pm_delete_consent_t) == 4, alignment(rsbac_pm_delete_consent_t)
+class rsbac_pm_add_purpose_t(Structure):
+ pass
+rsbac_pm_add_purpose_t._fields_ = [
+ ('id', rsbac_pm_purpose_id_t),
+ ('def_class', rsbac_pm_object_class_id_t),
+]
+assert sizeof(rsbac_pm_add_purpose_t) == 8, sizeof(rsbac_pm_add_purpose_t)
+assert alignment(rsbac_pm_add_purpose_t) == 4, alignment(rsbac_pm_add_purpose_t)
+class rsbac_pm_delete_purpose_t(Structure):
+ pass
+rsbac_pm_delete_purpose_t._fields_ = [
+ ('id', rsbac_pm_purpose_id_t),
+]
+assert sizeof(rsbac_pm_delete_purpose_t) == 4, sizeof(rsbac_pm_delete_purpose_t)
+assert alignment(rsbac_pm_delete_purpose_t) == 4, alignment(rsbac_pm_delete_purpose_t)
+class rsbac_pm_add_responsible_user_t(Structure):
+ pass
+rsbac_pm_add_responsible_user_t._fields_ = [
+ ('user', rsbac_uid_t),
+ ('task', rsbac_pm_task_id_t),
+]
+assert sizeof(rsbac_pm_add_responsible_user_t) == 8, sizeof(rsbac_pm_add_responsible_user_t)
+assert alignment(rsbac_pm_add_responsible_user_t) == 4, alignment(rsbac_pm_add_responsible_user_t)
+class rsbac_pm_delete_responsible_user_t(Structure):
+ pass
+rsbac_pm_delete_responsible_user_t._fields_ = [
+ ('user', rsbac_uid_t),
+ ('task', rsbac_pm_task_id_t),
+]
+assert sizeof(rsbac_pm_delete_responsible_user_t) == 8, sizeof(rsbac_pm_delete_responsible_user_t)
+assert alignment(rsbac_pm_delete_responsible_user_t) == 4, alignment(rsbac_pm_delete_responsible_user_t)
+class rsbac_pm_delete_user_aci_t(Structure):
+ pass
+rsbac_pm_delete_user_aci_t._fields_ = [
+ ('id', rsbac_uid_t),
+]
+assert sizeof(rsbac_pm_delete_user_aci_t) == 4, sizeof(rsbac_pm_delete_user_aci_t)
+assert alignment(rsbac_pm_delete_user_aci_t) == 4, alignment(rsbac_pm_delete_user_aci_t)
+class rsbac_pm_set_role_t(Structure):
+ pass
+
+# values for enumeration 'rsbac_pm_role_t'
+rsbac_pm_role_t = c_int # enum
+rsbac_pm_set_role_t._fields_ = [
+ ('user', rsbac_uid_t),
+ ('role', rsbac_pm_role_t),
+]
+assert sizeof(rsbac_pm_set_role_t) == 8, sizeof(rsbac_pm_set_role_t)
+assert alignment(rsbac_pm_set_role_t) == 4, alignment(rsbac_pm_set_role_t)
+class rsbac_pm_set_object_class_t(Structure):
+ pass
+rsbac_pm_set_object_class_t._fields_ = [
+ ('filename', STRING),
+ ('object_class', rsbac_pm_object_class_id_t),
+]
+assert sizeof(rsbac_pm_set_object_class_t) == 8, sizeof(rsbac_pm_set_object_class_t)
+assert alignment(rsbac_pm_set_object_class_t) == 4, alignment(rsbac_pm_set_object_class_t)
+class rsbac_pm_switch_pm_t(Structure):
+ pass
+rsbac_pm_switch_pm_t._fields_ = [
+ ('value', rsbac_boolean_t),
+]
+assert sizeof(rsbac_pm_switch_pm_t) == 4, sizeof(rsbac_pm_switch_pm_t)
+assert alignment(rsbac_pm_switch_pm_t) == 4, alignment(rsbac_pm_switch_pm_t)
+class rsbac_pm_switch_auth_t(Structure):
+ pass
+rsbac_pm_switch_auth_t._fields_ = [
+ ('value', rsbac_boolean_t),
+]
+assert sizeof(rsbac_pm_switch_auth_t) == 4, sizeof(rsbac_pm_switch_auth_t)
+assert alignment(rsbac_pm_switch_auth_t) == 4, alignment(rsbac_pm_switch_auth_t)
+class rsbac_pm_set_device_object_type_t(Structure):
+ pass
+
+# values for enumeration 'rsbac_pm_object_type_t'
+rsbac_pm_object_type_t = c_int # enum
+rsbac_pm_set_device_object_type_t._fields_ = [
+ ('filename', STRING),
+ ('object_type', rsbac_pm_object_type_t),
+ ('object_class', rsbac_pm_object_class_id_t),
+]
+assert sizeof(rsbac_pm_set_device_object_type_t) == 12, sizeof(rsbac_pm_set_device_object_type_t)
+assert alignment(rsbac_pm_set_device_object_type_t) == 4, alignment(rsbac_pm_set_device_object_type_t)
+class rsbac_pm_set_auth_may_setuid_t(Structure):
+ pass
+rsbac_pm_set_auth_may_setuid_t._fields_ = [
+ ('filename', STRING),
+ ('value', rsbac_boolean_t),
+]
+assert sizeof(rsbac_pm_set_auth_may_setuid_t) == 8, sizeof(rsbac_pm_set_auth_may_setuid_t)
+assert alignment(rsbac_pm_set_auth_may_setuid_t) == 4, alignment(rsbac_pm_set_auth_may_setuid_t)
+class rsbac_pm_set_auth_may_set_cap_t(Structure):
+ pass
+rsbac_pm_set_auth_may_set_cap_t._fields_ = [
+ ('filename', STRING),
+ ('value', rsbac_boolean_t),
+]
+assert sizeof(rsbac_pm_set_auth_may_set_cap_t) == 8, sizeof(rsbac_pm_set_auth_may_set_cap_t)
+assert alignment(rsbac_pm_set_auth_may_set_cap_t) == 4, alignment(rsbac_pm_set_auth_may_set_cap_t)
+class rsbac_pm_add_authorized_task_t(Structure):
+ pass
+rsbac_pm_add_authorized_task_t._fields_ = [
+ ('user', rsbac_uid_t),
+ ('task', rsbac_pm_task_id_t),
+]
+assert sizeof(rsbac_pm_add_authorized_task_t) == 8, sizeof(rsbac_pm_add_authorized_task_t)
+assert alignment(rsbac_pm_add_authorized_task_t) == 4, alignment(rsbac_pm_add_authorized_task_t)
+class rsbac_pm_delete_authorized_task_t(Structure):
+ pass
+rsbac_pm_delete_authorized_task_t._fields_ = [
+ ('user', rsbac_uid_t),
+ ('task', rsbac_pm_task_id_t),
+]
+assert sizeof(rsbac_pm_delete_authorized_task_t) == 8, sizeof(rsbac_pm_delete_authorized_task_t)
+assert alignment(rsbac_pm_delete_authorized_task_t) == 4, alignment(rsbac_pm_delete_authorized_task_t)
+class rsbac_pm_create_tp_t(Structure):
+ pass
+rsbac_pm_create_tp_t._fields_ = [
+ ('id', rsbac_pm_tp_id_t),
+]
+assert sizeof(rsbac_pm_create_tp_t) == 4, sizeof(rsbac_pm_create_tp_t)
+assert alignment(rsbac_pm_create_tp_t) == 4, alignment(rsbac_pm_create_tp_t)
+class rsbac_pm_delete_tp_t(Structure):
+ pass
+rsbac_pm_delete_tp_t._fields_ = [
+ ('id', rsbac_pm_tp_id_t),
+]
+assert sizeof(rsbac_pm_delete_tp_t) == 4, sizeof(rsbac_pm_delete_tp_t)
+assert alignment(rsbac_pm_delete_tp_t) == 4, alignment(rsbac_pm_delete_tp_t)
+class rsbac_pm_set_tp_t(Structure):
+ pass
+rsbac_pm_set_tp_t._fields_ = [
+ ('filename', STRING),
+ ('tp', rsbac_pm_tp_id_t),
+]
+assert sizeof(rsbac_pm_set_tp_t) == 8, sizeof(rsbac_pm_set_tp_t)
+assert alignment(rsbac_pm_set_tp_t) == 4, alignment(rsbac_pm_set_tp_t)
+class rsbac_pm_tkt_function_param_t(Union):
+ pass
+rsbac_pm_tkt_function_param_t._fields_ = [
+ ('add_na', rsbac_pm_add_na_t),
+ ('delete_na', rsbac_pm_delete_na_t),
+ ('add_task', rsbac_pm_add_task_t),
+ ('delete_task', rsbac_pm_delete_task_t),
+ ('add_object_class', rsbac_pm_add_object_class_t),
+ ('delete_object_class', rsbac_pm_delete_object_class_t),
+ ('add_authorized_tp', rsbac_pm_add_authorized_tp_t),
+ ('delete_authorized_tp', rsbac_pm_delete_authorized_tp_t),
+ ('add_consent', rsbac_pm_add_consent_t),
+ ('delete_consent', rsbac_pm_delete_consent_t),
+ ('add_purpose', rsbac_pm_add_purpose_t),
+ ('delete_purpose', rsbac_pm_delete_purpose_t),
+ ('add_responsible_user', rsbac_pm_add_responsible_user_t),
+ ('delete_responsible_user', rsbac_pm_delete_responsible_user_t),
+ ('delete_user_aci', rsbac_pm_delete_user_aci_t),
+ ('set_role', rsbac_pm_set_role_t),
+ ('set_object_class', rsbac_pm_set_object_class_t),
+ ('switch_pm', rsbac_pm_switch_pm_t),
+ ('switch_auth', rsbac_pm_switch_pm_t),
+ ('set_device_object_type', rsbac_pm_set_device_object_type_t),
+ ('set_auth_may_setuid', rsbac_pm_set_auth_may_setuid_t),
+ ('set_auth_may_set_cap', rsbac_pm_set_auth_may_set_cap_t),
+ ('add_authorized_task', rsbac_pm_add_authorized_task_t),
+ ('delete_authorized_task', rsbac_pm_delete_authorized_task_t),
+ ('dummy', c_int),
+]
+assert sizeof(rsbac_pm_tkt_function_param_t) == 16, sizeof(rsbac_pm_tkt_function_param_t)
+assert alignment(rsbac_pm_tkt_function_param_t) == 4, alignment(rsbac_pm_tkt_function_param_t)
+
+# values for enumeration 'rsbac_pm_function_type_t'
+rsbac_pm_function_type_t = c_int # enum
+class rsbac_pm_create_ticket_t(Structure):
+ pass
+rsbac_pm_tkt_id_t = __u32
+rsbac_pm_time_stamp_t = rsbac_time_t
+rsbac_pm_create_ticket_t._fields_ = [
+ ('id', rsbac_pm_tkt_id_t),
+ ('valid_for', rsbac_pm_time_stamp_t),
+ ('function_type', rsbac_pm_tkt_function_type_t),
+ ('function_param', rsbac_pm_tkt_function_param_t),
+]
+assert sizeof(rsbac_pm_create_ticket_t) == 28, sizeof(rsbac_pm_create_ticket_t)
+assert alignment(rsbac_pm_create_ticket_t) == 4, alignment(rsbac_pm_create_ticket_t)
+class rsbac_pm_function_param_t(Union):
+ pass
+rsbac_pm_function_param_t._fields_ = [
+ ('add_na', rsbac_pm_add_na_t),
+ ('delete_na', rsbac_pm_delete_na_t),
+ ('add_task', rsbac_pm_add_task_t),
+ ('delete_task', rsbac_pm_delete_task_t),
+ ('add_object_class', rsbac_pm_add_object_class_t),
+ ('delete_object_class', rsbac_pm_delete_object_class_t),
+ ('add_authorized_tp', rsbac_pm_add_authorized_tp_t),
+ ('delete_authorized_tp', rsbac_pm_delete_authorized_tp_t),
+ ('add_consent', rsbac_pm_add_consent_t),
+ ('delete_consent', rsbac_pm_delete_consent_t),
+ ('add_purpose', rsbac_pm_add_purpose_t),
+ ('delete_purpose', rsbac_pm_delete_purpose_t),
+ ('add_responsible_user', rsbac_pm_add_responsible_user_t),
+ ('delete_responsible_user', rsbac_pm_delete_responsible_user_t),
+ ('delete_user_aci', rsbac_pm_delete_user_aci_t),
+ ('set_role', rsbac_pm_set_role_t),
+ ('set_object_class', rsbac_pm_set_object_class_t),
+ ('switch_pm', rsbac_pm_switch_pm_t),
+ ('switch_auth', rsbac_pm_switch_pm_t),
+ ('set_device_object_type', rsbac_pm_set_device_object_type_t),
+ ('set_auth_may_setuid', rsbac_pm_set_auth_may_setuid_t),
+ ('set_auth_may_set_cap', rsbac_pm_set_auth_may_set_cap_t),
+ ('add_authorized_task', rsbac_pm_add_authorized_task_t),
+ ('delete_authorized_task', rsbac_pm_delete_authorized_task_t),
+ ('create_tp', rsbac_pm_create_tp_t),
+ ('delete_tp', rsbac_pm_delete_tp_t),
+ ('set_tp', rsbac_pm_set_tp_t),
+ ('create_ticket', rsbac_pm_create_ticket_t),
+ ('dummy', c_int),
+]
+assert sizeof(rsbac_pm_function_param_t) == 28, sizeof(rsbac_pm_function_param_t)
+assert alignment(rsbac_pm_function_param_t) == 4, alignment(rsbac_pm_function_param_t)
+rsbac_pm_task_set_id_t = __u32
+rsbac_pm_tp_set_id_t = __u32
+rsbac_pm_ru_set_id_t = __u32
+__s32 = c_int
+rsbac_pm_pp_set_id_t = __s32
+rsbac_pm_in_pp_set_id_t = rsbac_pid_t
+rsbac_pm_out_pp_set_id_t = rsbac_pm_in_pp_set_id_t
+
+# values for enumeration 'rsbac_pm_list_t'
+rsbac_pm_list_t = c_int # enum
+
+# values for enumeration 'rsbac_pm_all_list_t'
+rsbac_pm_all_list_t = c_int # enum
+rsbac_pm_role_int_t = rsbac_enum_t
+
+# values for enumeration 'rsbac_pm_process_type_t'
+rsbac_pm_process_type_t = c_int # enum
+rsbac_pm_process_type_int_t = rsbac_enum_t
+rsbac_pm_object_type_int_t = rsbac_enum_t
+rsbac_pm_program_type_int_t = rsbac_pm_process_type_int_t
+rsbac_pm_purpose_list_item_t._fields_ = [
+ ('id', rsbac_pm_purpose_id_t),
+ ('next', POINTER(rsbac_pm_purpose_list_item_t)),
+]
+assert sizeof(rsbac_pm_purpose_list_item_t) == 8, sizeof(rsbac_pm_purpose_list_item_t)
+assert alignment(rsbac_pm_purpose_list_item_t) == 4, alignment(rsbac_pm_purpose_list_item_t)
+
+# values for enumeration 'rsbac_rc_special_rights_t'
+rsbac_rc_special_rights_t = c_int # enum
+rsbac_rc_rights_vector_t = __u64
+rsbac_rc_role_vector_t = __u64
+rsbac_rc_role_id_t = __u32
+rsbac_rc_type_id_t = __u32
+rsbac_request_vector_t = __u64
+rsbac_rc_request_vector_t = rsbac_request_vector_t
+
+# values for enumeration 'rsbac_rc_admin_type_t'
+rsbac_rc_admin_type_t = c_int # enum
+
+# values for enumeration 'rsbac_rc_scd_type_t'
+rsbac_rc_scd_type_t = c_int # enum
+
+# values for enumeration 'rsbac_rc_target_t'
+rsbac_rc_target_t = c_int # enum
+class rsbac_rc_target_id_t(Union):
+ pass
+rsbac_rc_target_id_t._fields_ = [
+ ('role', rsbac_rc_role_id_t),
+ ('type', rsbac_rc_type_id_t),
+]
+assert sizeof(rsbac_rc_target_id_t) == 4, sizeof(rsbac_rc_target_id_t)
+assert alignment(rsbac_rc_target_id_t) == 4, alignment(rsbac_rc_target_id_t)
+
+# values for enumeration 'rsbac_rc_item_t'
+rsbac_rc_item_t = c_int # enum
+class rsbac_rc_item_value_t(Union):
+ pass
+rsbac_rc_item_value_t._pack_ = 4
+rsbac_rc_item_value_t._fields_ = [
+ ('rights', rsbac_rc_rights_vector_t),
+ ('admin_type', rsbac_rc_admin_type_t),
+ ('name', c_char * 16),
+ ('role_id', rsbac_rc_role_id_t),
+ ('type_id', rsbac_rc_type_id_t),
+ ('need_secdel', rsbac_boolean_t),
+ ('comp', rsbac_boolean_t),
+ ('boot_role', rsbac_boolean_t),
+ ('req_reauth', rsbac_boolean_t),
+ ('u_char_dummy', u_char),
+ ('dummy', c_int),
+ ('u_dummy', u_int),
+ ('long_dummy', c_long),
+ ('long_long_dummy', c_longlong),
+]
+assert sizeof(rsbac_rc_item_value_t) == 16, sizeof(rsbac_rc_item_value_t)
+assert alignment(rsbac_rc_item_value_t) == 4, alignment(rsbac_rc_item_value_t)
+
+# values for enumeration 'rsbac_syscall_t'
+rsbac_syscall_t = c_int # enum
+class rsys_check_t(Structure):
+ pass
+rsys_check_t._fields_ = [
+ ('correct', c_int),
+ ('check_inode', c_int),
+]
+assert sizeof(rsys_check_t) == 8, sizeof(rsys_check_t)
+assert alignment(rsys_check_t) == 4, alignment(rsys_check_t)
+class rsys_get_attr_t(Structure):
+ pass
+rsbac_list_ta_number_t = __u32
+class rsbac_attribute_value_t(Union):
+ pass
+rsys_get_attr_t._fields_ = [
+ ('ta_number', rsbac_list_ta_number_t),
+ ('module', rsbac_enum_t),
+ ('target', rsbac_enum_t),
+ ('tid', POINTER(rsbac_target_id_t)),
+ ('attr', rsbac_enum_t),
+ ('value', POINTER(rsbac_attribute_value_t)),
+ ('inherit', c_int),
+]
+assert sizeof(rsys_get_attr_t) == 24, sizeof(rsys_get_attr_t)
+assert alignment(rsys_get_attr_t) == 4, alignment(rsys_get_attr_t)
+class rsys_get_attr_n_t(Structure):
+ pass
+rsys_get_attr_n_t._fields_ = [
+ ('ta_number', rsbac_list_ta_number_t),
+ ('module', rsbac_enum_t),
+ ('target', rsbac_enum_t),
+ ('t_name', STRING),
+ ('attr', rsbac_enum_t),
+ ('value', POINTER(rsbac_attribute_value_t)),
+ ('inherit', c_int),
+]
+assert sizeof(rsys_get_attr_n_t) == 24, sizeof(rsys_get_attr_n_t)
+assert alignment(rsys_get_attr_n_t) == 4, alignment(rsys_get_attr_n_t)
+class rsys_set_attr_t(Structure):
+ pass
+rsys_set_attr_t._fields_ = [
+ ('ta_number', rsbac_list_ta_number_t),
+ ('module', rsbac_enum_t),
+ ('target', rsbac_enum_t),
+ ('tid', POINTER(rsbac_target_id_t)),
+ ('attr', rsbac_enum_t),
+ ('value', POINTER(rsbac_attribute_value_t)),
+]
+assert sizeof(rsys_set_attr_t) == 20, sizeof(rsys_set_attr_t)
+assert alignment(rsys_set_attr_t) == 4, alignment(rsys_set_attr_t)
+class rsys_set_attr_n_t(Structure):
+ pass
+rsys_set_attr_n_t._fields_ = [
+ ('ta_number', rsbac_list_ta_number_t),
+ ('module', rsbac_enum_t),
+ ('target', rsbac_enum_t),
+ ('t_name', STRING),
+ ('attr', rsbac_enum_t),
+ ('value', POINTER(rsbac_attribute_value_t)),
+]
+assert sizeof(rsys_set_attr_n_t) == 20, sizeof(rsys_set_attr_n_t)
+assert alignment(rsys_set_attr_n_t) == 4, alignment(rsys_set_attr_n_t)
+class rsys_remove_target_t(Structure):
+ pass
+rsys_remove_target_t._fields_ = [
+ ('ta_number', rsbac_list_ta_number_t),
+ ('target', rsbac_enum_t),
+ ('tid', POINTER(rsbac_target_id_t)),
+]
+assert sizeof(rsys_remove_target_t) == 12, sizeof(rsys_remove_target_t)
+assert alignment(rsys_remove_target_t) == 4, alignment(rsys_remove_target_t)
+class rsys_remove_target_n_t(Structure):
+ pass
+rsys_remove_target_n_t._fields_ = [
+ ('ta_number', rsbac_list_ta_number_t),
+ ('target', rsbac_enum_t),
+ ('t_name', STRING),
+]
+assert sizeof(rsys_remove_target_n_t) == 12, sizeof(rsys_remove_target_n_t)
+assert alignment(rsys_remove_target_n_t) == 4, alignment(rsys_remove_target_n_t)
+class rsys_net_list_all_netdev_t(Structure):
+ pass
+rsys_net_list_all_netdev_t._fields_ = [
+ ('ta_number', rsbac_list_ta_number_t),
+ ('id_p', POINTER(rsbac_netdev_id_t)),
+ ('maxnum', u_long),
+]
+assert sizeof(rsys_net_list_all_netdev_t) == 12, sizeof(rsys_net_list_all_netdev_t)
+assert alignment(rsys_net_list_all_netdev_t) == 4, alignment(rsys_net_list_all_netdev_t)
+class rsys_net_template_t(Structure):
+ pass
+rsys_net_template_t._fields_ = [
+ ('ta_number', rsbac_list_ta_number_t),
+ ('call', rsbac_enum_t),
+ ('id', rsbac_net_temp_id_t),
+ ('data_p', POINTER(rsbac_net_temp_syscall_data_t)),
+]
+assert sizeof(rsys_net_template_t) == 16, sizeof(rsys_net_template_t)
+assert alignment(rsys_net_template_t) == 4, alignment(rsys_net_template_t)
+class rsys_net_list_all_template_t(Structure):
+ pass
+rsys_net_list_all_template_t._fields_ = [
+ ('ta_number', rsbac_list_ta_number_t),
+ ('id_p', POINTER(rsbac_net_temp_id_t)),
+ ('maxnum', u_long),
+]
+assert sizeof(rsys_net_list_all_template_t) == 12, sizeof(rsys_net_list_all_template_t)
+assert alignment(rsys_net_list_all_template_t) == 4, alignment(rsys_net_list_all_template_t)
+class rsys_switch_t(Structure):
+ pass
+rsys_switch_t._fields_ = [
+ ('target', rsbac_enum_t),
+ ('value', c_int),
+]
+assert sizeof(rsys_switch_t) == 8, sizeof(rsys_switch_t)
+assert alignment(rsys_switch_t) == 4, alignment(rsys_switch_t)
+class rsys_adf_log_switch_t(Structure):
+ pass
+rsys_adf_log_switch_t._fields_ = [
+ ('request', rsbac_enum_t),
+ ('target', rsbac_enum_t),
+ ('value', u_int),
+]
+assert sizeof(rsys_adf_log_switch_t) == 8, sizeof(rsys_adf_log_switch_t)
+assert alignment(rsys_adf_log_switch_t) == 4, alignment(rsys_adf_log_switch_t)
+class rsys_get_adf_log_t(Structure):
+ pass
+rsys_get_adf_log_t._fields_ = [
+ ('request', rsbac_enum_t),
+ ('target', rsbac_enum_t),
+ ('value_p', POINTER(u_int)),
+]
+assert sizeof(rsys_get_adf_log_t) == 8, sizeof(rsys_get_adf_log_t)
+assert alignment(rsys_get_adf_log_t) == 4, alignment(rsys_get_adf_log_t)
+class rsys_log_t(Structure):
+ pass
+rsys_log_t._fields_ = [
+ ('type', c_int),
+ ('buf', STRING),
+ ('len', c_int),
+]
+assert sizeof(rsys_log_t) == 12, sizeof(rsys_log_t)
+assert alignment(rsys_log_t) == 4, alignment(rsys_log_t)
+class rsys_mac_set_curr_level_t(Structure):
+ pass
+rsbac_security_level_t = __u8
+rsbac_mac_category_vector_t = __u64
+rsys_mac_set_curr_level_t._fields_ = [
+ ('level', rsbac_security_level_t),
+ ('categories_p', POINTER(rsbac_mac_category_vector_t)),
+]
+assert sizeof(rsys_mac_set_curr_level_t) == 8, sizeof(rsys_mac_set_curr_level_t)
+assert alignment(rsys_mac_set_curr_level_t) == 4, alignment(rsys_mac_set_curr_level_t)
+class rsys_mac_get_curr_level_t(Structure):
+ pass
+rsys_mac_get_curr_level_t._fields_ = [
+ ('level_p', POINTER(rsbac_security_level_t)),
+ ('categories_p', POINTER(rsbac_mac_category_vector_t)),
+]
+assert sizeof(rsys_mac_get_curr_level_t) == 8, sizeof(rsys_mac_get_curr_level_t)
+assert alignment(rsys_mac_get_curr_level_t) == 4, alignment(rsys_mac_get_curr_level_t)
+class rsys_mac_get_max_level_t(Structure):
+ pass
+rsys_mac_get_max_level_t._fields_ = [
+ ('level_p', POINTER(rsbac_security_level_t)),
+ ('categories_p', POINTER(rsbac_mac_category_vector_t)),
+]
+assert sizeof(rsys_mac_get_max_level_t) == 8, sizeof(rsys_mac_get_max_level_t)
+assert alignment(rsys_mac_get_max_level_t) == 4, alignment(rsys_mac_get_max_level_t)
+class rsys_mac_get_min_level_t(Structure):
+ pass
+rsys_mac_get_min_level_t._fields_ = [
+ ('level_p', POINTER(rsbac_security_level_t)),
+ ('categories_p', POINTER(rsbac_mac_category_vector_t)),
+]
+assert sizeof(rsys_mac_get_min_level_t) == 8, sizeof(rsys_mac_get_min_level_t)
+assert alignment(rsys_mac_get_min_level_t) == 4, alignment(rsys_mac_get_min_level_t)
+class rsys_mac_add_p_tru_t(Structure):
+ pass
+rsys_mac_add_p_tru_t._fields_ = [
+ ('ta_number', rsbac_list_ta_number_t),
+ ('pid', rsbac_pid_t),
+ ('uid', rsbac_uid_t),
+ ('ttl', rsbac_time_t),
+]
+assert sizeof(rsys_mac_add_p_tru_t) == 16, sizeof(rsys_mac_add_p_tru_t)
+assert alignment(rsys_mac_add_p_tru_t) == 4, alignment(rsys_mac_add_p_tru_t)
+class rsys_mac_remove_p_tru_t(Structure):
+ pass
+rsys_mac_remove_p_tru_t._fields_ = [
+ ('ta_number', rsbac_list_ta_number_t),
+ ('pid', rsbac_pid_t),
+ ('uid', rsbac_uid_t),
+]
+assert sizeof(rsys_mac_remove_p_tru_t) == 12, sizeof(rsys_mac_remove_p_tru_t)
+assert alignment(rsys_mac_remove_p_tru_t) == 4, alignment(rsys_mac_remove_p_tru_t)
+class rsys_mac_add_f_tru_t(Structure):
+ pass
+rsys_mac_add_f_tru_t._fields_ = [
+ ('ta_number', rsbac_list_ta_number_t),
+ ('filename', STRING),
+ ('uid', rsbac_uid_t),
+ ('ttl', rsbac_time_t),
+]
+assert sizeof(rsys_mac_add_f_tru_t) == 16, sizeof(rsys_mac_add_f_tru_t)
+assert alignment(rsys_mac_add_f_tru_t) == 4, alignment(rsys_mac_add_f_tru_t)
+class rsys_mac_remove_f_tru_t(Structure):
+ pass
+rsys_mac_remove_f_tru_t._fields_ = [
+ ('ta_number', rsbac_list_ta_number_t),
+ ('filename', STRING),
+ ('uid', rsbac_uid_t),
+]
+assert sizeof(rsys_mac_remove_f_tru_t) == 12, sizeof(rsys_mac_remove_f_tru_t)
+assert alignment(rsys_mac_remove_f_tru_t) == 4, alignment(rsys_mac_remove_f_tru_t)
+class rsys_mac_get_f_trulist_t(Structure):
+ pass
+rsys_mac_get_f_trulist_t._fields_ = [
+ ('ta_number', rsbac_list_ta_number_t),
+ ('filename', STRING),
+ ('trulist', POINTER(rsbac_uid_t)),
+ ('ttllist', POINTER(rsbac_time_t)),
+ ('maxnum', u_int),
+]
+assert sizeof(rsys_mac_get_f_trulist_t) == 20, sizeof(rsys_mac_get_f_trulist_t)
+assert alignment(rsys_mac_get_f_trulist_t) == 4, alignment(rsys_mac_get_f_trulist_t)
+class rsys_mac_get_p_trulist_t(Structure):
+ pass
+rsys_mac_get_p_trulist_t._fields_ = [
+ ('ta_number', rsbac_list_ta_number_t),
+ ('pid', rsbac_pid_t),
+ ('trulist', POINTER(rsbac_uid_t)),
+ ('ttllist', POINTER(rsbac_time_t)),
+ ('maxnum', u_int),
+]
+assert sizeof(rsys_mac_get_p_trulist_t) == 20, sizeof(rsys_mac_get_p_trulist_t)
+assert alignment(rsys_mac_get_p_trulist_t) == 4, alignment(rsys_mac_get_p_trulist_t)
+class rsys_pm_t(Structure):
+ pass
+rsys_pm_t._fields_ = [
+ ('ta_number', rsbac_list_ta_number_t),
+ ('function', rsbac_enum_t),
+ ('param_p', POINTER(rsbac_pm_function_param_t)),
+ ('ticket', rsbac_pm_tkt_id_t),
+]
+assert sizeof(rsys_pm_t) == 16, sizeof(rsys_pm_t)
+assert alignment(rsys_pm_t) == 4, alignment(rsys_pm_t)
+class rsys_pm_change_current_task_t(Structure):
+ pass
+rsys_pm_change_current_task_t._fields_ = [
+ ('task', rsbac_pm_task_id_t),
+]
+assert sizeof(rsys_pm_change_current_task_t) == 4, sizeof(rsys_pm_change_current_task_t)
+assert alignment(rsys_pm_change_current_task_t) == 4, alignment(rsys_pm_change_current_task_t)
+class rsys_pm_create_file_t(Structure):
+ pass
+rsys_pm_create_file_t._fields_ = [
+ ('filename', STRING),
+ ('mode', c_int),
+ ('object_class', rsbac_pm_object_class_id_t),
+]
+assert sizeof(rsys_pm_create_file_t) == 12, sizeof(rsys_pm_create_file_t)
+assert alignment(rsys_pm_create_file_t) == 4, alignment(rsys_pm_create_file_t)
+class rsys_rc_copy_role_t(Structure):
+ pass
+rsys_rc_copy_role_t._fields_ = [
+ ('ta_number', rsbac_list_ta_number_t),
+ ('from_role', rsbac_rc_role_id_t),
+ ('to_role', rsbac_rc_role_id_t),
+]
+assert sizeof(rsys_rc_copy_role_t) == 12, sizeof(rsys_rc_copy_role_t)
+assert alignment(rsys_rc_copy_role_t) == 4, alignment(rsys_rc_copy_role_t)
+class rsys_rc_copy_type_t(Structure):
+ pass
+rsys_rc_copy_type_t._fields_ = [
+ ('ta_number', rsbac_list_ta_number_t),
+ ('target', rsbac_enum_t),
+ ('from_type', rsbac_rc_type_id_t),
+ ('to_type', rsbac_rc_type_id_t),
+]
+assert sizeof(rsys_rc_copy_type_t) == 16, sizeof(rsys_rc_copy_type_t)
+assert alignment(rsys_rc_copy_type_t) == 4, alignment(rsys_rc_copy_type_t)
+class rsys_rc_get_item_t(Structure):
+ pass
+rsys_rc_get_item_t._fields_ = [
+ ('ta_number', rsbac_list_ta_number_t),
+ ('target', rsbac_enum_t),
+ ('tid_p', POINTER(rsbac_rc_target_id_t)),
+ ('subtid_p', POINTER(rsbac_rc_target_id_t)),
+ ('item', rsbac_enum_t),
+ ('value_p', POINTER(rsbac_rc_item_value_t)),
+ ('ttl_p', POINTER(rsbac_time_t)),
+]
+assert sizeof(rsys_rc_get_item_t) == 28, sizeof(rsys_rc_get_item_t)
+assert alignment(rsys_rc_get_item_t) == 4, alignment(rsys_rc_get_item_t)
+class rsys_rc_set_item_t(Structure):
+ pass
+rsys_rc_set_item_t._fields_ = [
+ ('ta_number', rsbac_list_ta_number_t),
+ ('target', rsbac_enum_t),
+ ('tid_p', POINTER(rsbac_rc_target_id_t)),
+ ('subtid_p', POINTER(rsbac_rc_target_id_t)),
+ ('item', rsbac_enum_t),
+ ('value_p', POINTER(rsbac_rc_item_value_t)),
+ ('ttl', rsbac_time_t),
+]
+assert sizeof(rsys_rc_set_item_t) == 28, sizeof(rsys_rc_set_item_t)
+assert alignment(rsys_rc_set_item_t) == 4, alignment(rsys_rc_set_item_t)
+class rsys_rc_get_list_t(Structure):
+ pass
+rsys_rc_get_list_t._fields_ = [
+ ('ta_number', rsbac_list_ta_number_t),
+ ('target', rsbac_enum_t),
+ ('tid_p', POINTER(rsbac_rc_target_id_t)),
+ ('item', rsbac_enum_t),
+ ('maxnum', u_int),
+ ('array_p', POINTER(__u32)),
+ ('ttl_array_p', POINTER(rsbac_time_t)),
+]
+assert sizeof(rsys_rc_get_list_t) == 28, sizeof(rsys_rc_get_list_t)
+assert alignment(rsys_rc_get_list_t) == 4, alignment(rsys_rc_get_list_t)
+class rsys_rc_change_role_t(Structure):
+ pass
+rsys_rc_change_role_t._fields_ = [
+ ('role', rsbac_rc_role_id_t),
+ ('pass', STRING),
+]
+assert sizeof(rsys_rc_change_role_t) == 8, sizeof(rsys_rc_change_role_t)
+assert alignment(rsys_rc_change_role_t) == 4, alignment(rsys_rc_change_role_t)
+class rsys_rc_get_eff_rights_n_t(Structure):
+ pass
+rsys_rc_get_eff_rights_n_t._fields_ = [
+ ('ta_number', rsbac_list_ta_number_t),
+ ('target', rsbac_enum_t),
+ ('t_name', STRING),
+ ('request_vector_p', POINTER(rsbac_rc_request_vector_t)),
+ ('ttl_p', POINTER(rsbac_time_t)),
+]
+assert sizeof(rsys_rc_get_eff_rights_n_t) == 20, sizeof(rsys_rc_get_eff_rights_n_t)
+assert alignment(rsys_rc_get_eff_rights_n_t) == 4, alignment(rsys_rc_get_eff_rights_n_t)
+class rsys_rc_get_current_role_t(Structure):
+ pass
+rsys_rc_get_current_role_t._fields_ = [
+ ('role_p', POINTER(rsbac_rc_role_id_t)),
+]
+assert sizeof(rsys_rc_get_current_role_t) == 4, sizeof(rsys_rc_get_current_role_t)
+assert alignment(rsys_rc_get_current_role_t) == 4, alignment(rsys_rc_get_current_role_t)
+class rsys_auth_add_p_cap_t(Structure):
+ pass
+class rsbac_auth_cap_range_t(Structure):
+ pass
+rsbac_auth_cap_range_t._fields_ = [
+ ('first', rsbac_uid_t),
+ ('last', rsbac_uid_t),
+]
+assert sizeof(rsbac_auth_cap_range_t) == 8, sizeof(rsbac_auth_cap_range_t)
+assert alignment(rsbac_auth_cap_range_t) == 4, alignment(rsbac_auth_cap_range_t)
+rsys_auth_add_p_cap_t._fields_ = [
+ ('ta_number', rsbac_list_ta_number_t),
+ ('pid', rsbac_pid_t),
+ ('cap_type', rsbac_enum_t),
+ ('cap_range', rsbac_auth_cap_range_t),
+ ('ttl', rsbac_time_t),
+]
+assert sizeof(rsys_auth_add_p_cap_t) == 24, sizeof(rsys_auth_add_p_cap_t)
+assert alignment(rsys_auth_add_p_cap_t) == 4, alignment(rsys_auth_add_p_cap_t)
+class rsys_auth_remove_p_cap_t(Structure):
+ pass
+rsys_auth_remove_p_cap_t._fields_ = [
+ ('ta_number', rsbac_list_ta_number_t),
+ ('pid', rsbac_pid_t),
+ ('cap_type', rsbac_enum_t),
+ ('cap_range', rsbac_auth_cap_range_t),
+]
+assert sizeof(rsys_auth_remove_p_cap_t) == 20, sizeof(rsys_auth_remove_p_cap_t)
+assert alignment(rsys_auth_remove_p_cap_t) == 4, alignment(rsys_auth_remove_p_cap_t)
+class rsys_auth_add_f_cap_t(Structure):
+ pass
+rsys_auth_add_f_cap_t._fields_ = [
+ ('ta_number', rsbac_list_ta_number_t),
+ ('filename', STRING),
+ ('cap_type', rsbac_enum_t),
+ ('cap_range', rsbac_auth_cap_range_t),
+ ('ttl', rsbac_time_t),
+]
+assert sizeof(rsys_auth_add_f_cap_t) == 24, sizeof(rsys_auth_add_f_cap_t)
+assert alignment(rsys_auth_add_f_cap_t) == 4, alignment(rsys_auth_add_f_cap_t)
+class rsys_auth_remove_f_cap_t(Structure):
+ pass
+rsys_auth_remove_f_cap_t._fields_ = [
+ ('ta_number', rsbac_list_ta_number_t),
+ ('filename', STRING),
+ ('cap_type', rsbac_enum_t),
+ ('cap_range', rsbac_auth_cap_range_t),
+]
+assert sizeof(rsys_auth_remove_f_cap_t) == 20, sizeof(rsys_auth_remove_f_cap_t)
+assert alignment(rsys_auth_remove_f_cap_t) == 4, alignment(rsys_auth_remove_f_cap_t)
+class rsys_auth_get_f_caplist_t(Structure):
+ pass
+rsys_auth_get_f_caplist_t._fields_ = [
+ ('ta_number', rsbac_list_ta_number_t),
+ ('filename', STRING),
+ ('cap_type', rsbac_enum_t),
+ ('caplist', POINTER(rsbac_auth_cap_range_t)),
+ ('ttllist', POINTER(rsbac_time_t)),
+ ('maxnum', u_int),
+]
+assert sizeof(rsys_auth_get_f_caplist_t) == 24, sizeof(rsys_auth_get_f_caplist_t)
+assert alignment(rsys_auth_get_f_caplist_t) == 4, alignment(rsys_auth_get_f_caplist_t)
+class rsys_auth_get_p_caplist_t(Structure):
+ pass
+rsys_auth_get_p_caplist_t._fields_ = [
+ ('ta_number', rsbac_list_ta_number_t),
+ ('pid', rsbac_pid_t),
+ ('cap_type', rsbac_enum_t),
+ ('caplist', POINTER(rsbac_auth_cap_range_t)),
+ ('ttllist', POINTER(rsbac_time_t)),
+ ('maxnum', u_int),
+]
+assert sizeof(rsys_auth_get_p_caplist_t) == 24, sizeof(rsys_auth_get_p_caplist_t)
+assert alignment(rsys_auth_get_p_caplist_t) == 4, alignment(rsys_auth_get_p_caplist_t)
+class rsys_acl_t(Structure):
+ pass
+rsys_acl_t._fields_ = [
+ ('ta_number', rsbac_list_ta_number_t),
+ ('call', rsbac_enum_t),
+ ('arg', POINTER(rsbac_acl_syscall_arg_t)),
+]
+assert sizeof(rsys_acl_t) == 12, sizeof(rsys_acl_t)
+assert alignment(rsys_acl_t) == 4, alignment(rsys_acl_t)
+class rsys_acl_n_t(Structure):
+ pass
+rsys_acl_n_t._fields_ = [
+ ('ta_number', rsbac_list_ta_number_t),
+ ('call', rsbac_enum_t),
+ ('arg', POINTER(rsbac_acl_syscall_n_arg_t)),
+]
+assert sizeof(rsys_acl_n_t) == 12, sizeof(rsys_acl_n_t)
+assert alignment(rsys_acl_n_t) == 4, alignment(rsys_acl_n_t)
+class rsys_acl_get_rights_t(Structure):
+ pass
+rsys_acl_get_rights_t._fields_ = [
+ ('ta_number', rsbac_list_ta_number_t),
+ ('arg', POINTER(rsbac_acl_syscall_arg_t)),
+ ('rights_p', POINTER(rsbac_acl_rights_vector_t)),
+ ('effective', u_int),
+]
+assert sizeof(rsys_acl_get_rights_t) == 16, sizeof(rsys_acl_get_rights_t)
+assert alignment(rsys_acl_get_rights_t) == 4, alignment(rsys_acl_get_rights_t)
+class rsys_acl_get_rights_n_t(Structure):
+ pass
+rsys_acl_get_rights_n_t._fields_ = [
+ ('ta_number', rsbac_list_ta_number_t),
+ ('arg', POINTER(rsbac_acl_syscall_n_arg_t)),
+ ('rights_p', POINTER(rsbac_acl_rights_vector_t)),
+ ('effective', u_int),
+]
+assert sizeof(rsys_acl_get_rights_n_t) == 16, sizeof(rsys_acl_get_rights_n_t)
+assert alignment(rsys_acl_get_rights_n_t) == 4, alignment(rsys_acl_get_rights_n_t)
+class rsys_acl_get_tlist_t(Structure):
+ pass
+rsys_acl_get_tlist_t._fields_ = [
+ ('ta_number', rsbac_list_ta_number_t),
+ ('target', rsbac_enum_t),
+ ('tid', POINTER(rsbac_target_id_t)),
+ ('entry_array', POINTER(rsbac_acl_entry_t)),
+ ('ttl_array', POINTER(rsbac_time_t)),
+ ('maxnum', u_int),
+]
+assert sizeof(rsys_acl_get_tlist_t) == 24, sizeof(rsys_acl_get_tlist_t)
+assert alignment(rsys_acl_get_tlist_t) == 4, alignment(rsys_acl_get_tlist_t)
+class rsys_acl_get_tlist_n_t(Structure):
+ pass
+rsys_acl_get_tlist_n_t._fields_ = [
+ ('ta_number', rsbac_list_ta_number_t),
+ ('target', rsbac_enum_t),
+ ('t_name', STRING),
+ ('entry_array', POINTER(rsbac_acl_entry_t)),
+ ('ttl_array', POINTER(rsbac_time_t)),
+ ('maxnum', u_int),
+]
+assert sizeof(rsys_acl_get_tlist_n_t) == 24, sizeof(rsys_acl_get_tlist_n_t)
+assert alignment(rsys_acl_get_tlist_n_t) == 4, alignment(rsys_acl_get_tlist_n_t)
+class rsys_acl_get_mask_t(Structure):
+ pass
+rsys_acl_get_mask_t._fields_ = [
+ ('ta_number', rsbac_list_ta_number_t),
+ ('target', rsbac_enum_t),
+ ('tid', POINTER(rsbac_target_id_t)),
+ ('mask_p', POINTER(rsbac_acl_rights_vector_t)),
+]
+assert sizeof(rsys_acl_get_mask_t) == 16, sizeof(rsys_acl_get_mask_t)
+assert alignment(rsys_acl_get_mask_t) == 4, alignment(rsys_acl_get_mask_t)
+class rsys_acl_get_mask_n_t(Structure):
+ pass
+rsys_acl_get_mask_n_t._fields_ = [
+ ('ta_number', rsbac_list_ta_number_t),
+ ('target', rsbac_enum_t),
+ ('t_name', STRING),
+ ('mask_p', POINTER(rsbac_acl_rights_vector_t)),
+]
+assert sizeof(rsys_acl_get_mask_n_t) == 16, sizeof(rsys_acl_get_mask_n_t)
+assert alignment(rsys_acl_get_mask_n_t) == 4, alignment(rsys_acl_get_mask_n_t)
+class rsys_acl_group_t(Structure):
+ pass
+rsys_acl_group_t._fields_ = [
+ ('ta_number', rsbac_list_ta_number_t),
+ ('call', rsbac_enum_t),
+ ('arg_p', POINTER(rsbac_acl_group_syscall_arg_t)),
+]
+assert sizeof(rsys_acl_group_t) == 12, sizeof(rsys_acl_group_t)
+assert alignment(rsys_acl_group_t) == 4, alignment(rsys_acl_group_t)
+class rsys_reg_t(Structure):
+ pass
+rsys_reg_t._fields_ = [
+ ('handle', c_long),
+ ('arg', c_void_p),
+]
+assert sizeof(rsys_reg_t) == 8, sizeof(rsys_reg_t)
+assert alignment(rsys_reg_t) == 4, alignment(rsys_reg_t)
+class rsys_jail_t(Structure):
+ pass
+rsbac_version_t = __u32
+rsbac_jail_ip_t = __u32
+rsbac_jail_flags_t = __u32
+rsbac_cap_vector_t = __u32
+rsbac_jail_scd_vector_t = __u32
+rsys_jail_t._fields_ = [
+ ('version', rsbac_version_t),
+ ('path', STRING),
+ ('ip', rsbac_jail_ip_t),
+ ('flags', rsbac_jail_flags_t),
+ ('max_caps', rsbac_cap_vector_t),
+ ('scd_get', rsbac_jail_scd_vector_t),
+ ('scd_modify', rsbac_jail_scd_vector_t),
+]
+assert sizeof(rsys_jail_t) == 28, sizeof(rsys_jail_t)
+assert alignment(rsys_jail_t) == 4, alignment(rsys_jail_t)
+class rsys_init_t(Structure):
+ pass
+rsys_init_t._fields_ = [
+ ('root_dev', STRING),
+]
+assert sizeof(rsys_init_t) == 4, sizeof(rsys_init_t)
+assert alignment(rsys_init_t) == 4, alignment(rsys_init_t)
+class rsys_um_auth_name_t(Structure):
+ pass
+rsys_um_auth_name_t._fields_ = [
+ ('name', STRING),
+ ('pass', STRING),
+]
+assert sizeof(rsys_um_auth_name_t) == 8, sizeof(rsys_um_auth_name_t)
+assert alignment(rsys_um_auth_name_t) == 4, alignment(rsys_um_auth_name_t)
+class rsys_um_auth_uid_t(Structure):
+ pass
+rsys_um_auth_uid_t._fields_ = [
+ ('uid', rsbac_uid_t),
+ ('pass', STRING),
+]
+assert sizeof(rsys_um_auth_uid_t) == 8, sizeof(rsys_um_auth_uid_t)
+assert alignment(rsys_um_auth_uid_t) == 4, alignment(rsys_um_auth_uid_t)
+class rsys_um_add_user_t(Structure):
+ pass
+class rsbac_um_user_entry_t(Structure):
+ pass
+rsys_um_add_user_t._fields_ = [
+ ('ta_number', rsbac_list_ta_number_t),
+ ('uid', rsbac_uid_t),
+ ('entry_p', POINTER(rsbac_um_user_entry_t)),
+ ('pass', STRING),
+ ('ttl', rsbac_time_t),
+]
+assert sizeof(rsys_um_add_user_t) == 20, sizeof(rsys_um_add_user_t)
+assert alignment(rsys_um_add_user_t) == 4, alignment(rsys_um_add_user_t)
+class rsys_um_add_group_t(Structure):
+ pass
+class rsbac_um_group_entry_t(Structure):
+ pass
+rsys_um_add_group_t._fields_ = [
+ ('ta_number', rsbac_list_ta_number_t),
+ ('gid', rsbac_gid_t),
+ ('entry_p', POINTER(rsbac_um_group_entry_t)),
+ ('pass', STRING),
+ ('ttl', rsbac_time_t),
+]
+assert sizeof(rsys_um_add_group_t) == 20, sizeof(rsys_um_add_group_t)
+assert alignment(rsys_um_add_group_t) == 4, alignment(rsys_um_add_group_t)
+class rsys_um_add_gm_t(Structure):
+ pass
+rsys_um_add_gm_t._fields_ = [
+ ('ta_number', rsbac_list_ta_number_t),
+ ('uid', rsbac_uid_t),
+ ('gid', rsbac_gid_t),
+ ('ttl', rsbac_time_t),
+]
+assert sizeof(rsys_um_add_gm_t) == 16, sizeof(rsys_um_add_gm_t)
+assert alignment(rsys_um_add_gm_t) == 4, alignment(rsys_um_add_gm_t)
+class rsys_um_mod_user_t(Structure):
+ pass
+class rsbac_um_mod_data_t(Union):
+ pass
+rsys_um_mod_user_t._fields_ = [
+ ('ta_number', rsbac_list_ta_number_t),
+ ('uid', rsbac_uid_t),
+ ('mod', rsbac_enum_t),
+ ('data_p', POINTER(rsbac_um_mod_data_t)),
+]
+assert sizeof(rsys_um_mod_user_t) == 16, sizeof(rsys_um_mod_user_t)
+assert alignment(rsys_um_mod_user_t) == 4, alignment(rsys_um_mod_user_t)
+class rsys_um_mod_group_t(Structure):
+ pass
+rsys_um_mod_group_t._fields_ = [
+ ('ta_number', rsbac_list_ta_number_t),
+ ('gid', rsbac_gid_t),
+ ('mod', rsbac_enum_t),
+ ('data_p', POINTER(rsbac_um_mod_data_t)),
+]
+assert sizeof(rsys_um_mod_group_t) == 16, sizeof(rsys_um_mod_group_t)
+assert alignment(rsys_um_mod_group_t) == 4, alignment(rsys_um_mod_group_t)
+class rsys_um_get_user_item_t(Structure):
+ pass
+rsys_um_get_user_item_t._fields_ = [
+ ('ta_number', rsbac_list_ta_number_t),
+ ('uid', rsbac_uid_t),
+ ('mod', rsbac_enum_t),
+ ('data_p', POINTER(rsbac_um_mod_data_t)),
+]
+assert sizeof(rsys_um_get_user_item_t) == 16, sizeof(rsys_um_get_user_item_t)
+assert alignment(rsys_um_get_user_item_t) == 4, alignment(rsys_um_get_user_item_t)
+class rsys_um_get_group_item_t(Structure):
+ pass
+rsys_um_get_group_item_t._fields_ = [
+ ('ta_number', rsbac_list_ta_number_t),
+ ('gid', rsbac_gid_t),
+ ('mod', rsbac_enum_t),
+ ('data_p', POINTER(rsbac_um_mod_data_t)),
+]
+assert sizeof(rsys_um_get_group_item_t) == 16, sizeof(rsys_um_get_group_item_t)
+assert alignment(rsys_um_get_group_item_t) == 4, alignment(rsys_um_get_group_item_t)
+class rsys_um_remove_user_t(Structure):
+ pass
+rsys_um_remove_user_t._fields_ = [
+ ('ta_number', rsbac_list_ta_number_t),
+ ('uid', rsbac_uid_t),
+]
+assert sizeof(rsys_um_remove_user_t) == 8, sizeof(rsys_um_remove_user_t)
+assert alignment(rsys_um_remove_user_t) == 4, alignment(rsys_um_remove_user_t)
+class rsys_um_remove_group_t(Structure):
+ pass
+rsys_um_remove_group_t._fields_ = [
+ ('ta_number', rsbac_list_ta_number_t),
+ ('gid', rsbac_gid_t),
+]
+assert sizeof(rsys_um_remove_group_t) == 8, sizeof(rsys_um_remove_group_t)
+assert alignment(rsys_um_remove_group_t) == 4, alignment(rsys_um_remove_group_t)
+class rsys_um_remove_gm_t(Structure):
+ pass
+rsys_um_remove_gm_t._fields_ = [
+ ('ta_number', rsbac_list_ta_number_t),
+ ('uid', rsbac_uid_t),
+ ('gid', rsbac_gid_t),
+]
+assert sizeof(rsys_um_remove_gm_t) == 12, sizeof(rsys_um_remove_gm_t)
+assert alignment(rsys_um_remove_gm_t) == 4, alignment(rsys_um_remove_gm_t)
+class rsys_um_user_exists_t(Structure):
+ pass
+rsys_um_user_exists_t._fields_ = [
+ ('ta_number', rsbac_list_ta_number_t),
+ ('uid', rsbac_uid_t),
+]
+assert sizeof(rsys_um_user_exists_t) == 8, sizeof(rsys_um_user_exists_t)
+assert alignment(rsys_um_user_exists_t) == 4, alignment(rsys_um_user_exists_t)
+class rsys_um_group_exists_t(Structure):
+ pass
+rsys_um_group_exists_t._fields_ = [
+ ('ta_number', rsbac_list_ta_number_t),
+ ('gid', rsbac_gid_t),
+]
+assert sizeof(rsys_um_group_exists_t) == 8, sizeof(rsys_um_group_exists_t)
+assert alignment(rsys_um_group_exists_t) == 4, alignment(rsys_um_group_exists_t)
+class rsys_um_get_next_user_t(Structure):
+ pass
+rsys_um_get_next_user_t._fields_ = [
+ ('ta_number', rsbac_list_ta_number_t),
+ ('old_user', rsbac_uid_t),
+ ('next_user_p', POINTER(rsbac_uid_t)),
+]
+assert sizeof(rsys_um_get_next_user_t) == 12, sizeof(rsys_um_get_next_user_t)
+assert alignment(rsys_um_get_next_user_t) == 4, alignment(rsys_um_get_next_user_t)
+class rsys_um_get_user_list_t(Structure):
+ pass
+rsys_um_get_user_list_t._fields_ = [
+ ('ta_number', rsbac_list_ta_number_t),
+ ('user_array', POINTER(rsbac_uid_t)),
+ ('maxnum', u_int),
+]
+assert sizeof(rsys_um_get_user_list_t) == 12, sizeof(rsys_um_get_user_list_t)
+assert alignment(rsys_um_get_user_list_t) == 4, alignment(rsys_um_get_user_list_t)
+class rsys_um_get_gm_list_t(Structure):
+ pass
+rsys_um_get_gm_list_t._fields_ = [
+ ('ta_number', rsbac_list_ta_number_t),
+ ('user', rsbac_uid_t),
+ ('group_array', POINTER(rsbac_gid_t)),
+ ('maxnum', u_int),
+]
+assert sizeof(rsys_um_get_gm_list_t) == 16, sizeof(rsys_um_get_gm_list_t)
+assert alignment(rsys_um_get_gm_list_t) == 4, alignment(rsys_um_get_gm_list_t)
+class rsys_um_get_gm_user_list_t(Structure):
+ pass
+rsys_um_get_gm_user_list_t._fields_ = [
+ ('ta_number', rsbac_list_ta_number_t),
+ ('group', rsbac_gid_t),
+ ('user_array', POINTER(rsbac_uid_t)),
+ ('maxnum', u_int),
+]
+assert sizeof(rsys_um_get_gm_user_list_t) == 16, sizeof(rsys_um_get_gm_user_list_t)
+assert alignment(rsys_um_get_gm_user_list_t) == 4, alignment(rsys_um_get_gm_user_list_t)
+class rsys_um_get_group_list_t(Structure):
+ pass
+rsys_um_get_group_list_t._fields_ = [
+ ('ta_number', rsbac_list_ta_number_t),
+ ('group_array', POINTER(rsbac_gid_t)),
+ ('maxnum', u_int),
+]
+assert sizeof(rsys_um_get_group_list_t) == 12, sizeof(rsys_um_get_group_list_t)
+assert alignment(rsys_um_get_group_list_t) == 4, alignment(rsys_um_get_group_list_t)
+class rsys_um_get_uid_t(Structure):
+ pass
+rsys_um_get_uid_t._fields_ = [
+ ('ta_number', rsbac_list_ta_number_t),
+ ('name', STRING),
+ ('uid_p', POINTER(rsbac_uid_t)),
+]
+assert sizeof(rsys_um_get_uid_t) == 12, sizeof(rsys_um_get_uid_t)
+assert alignment(rsys_um_get_uid_t) == 4, alignment(rsys_um_get_uid_t)
+class rsys_um_get_gid_t(Structure):
+ pass
+rsys_um_get_gid_t._fields_ = [
+ ('ta_number', rsbac_list_ta_number_t),
+ ('name', STRING),
+ ('gid_p', POINTER(rsbac_gid_t)),
+]
+assert sizeof(rsys_um_get_gid_t) == 12, sizeof(rsys_um_get_gid_t)
+assert alignment(rsys_um_get_gid_t) == 4, alignment(rsys_um_get_gid_t)
+class rsys_um_set_pass_t(Structure):
+ pass
+rsys_um_set_pass_t._fields_ = [
+ ('uid', rsbac_uid_t),
+ ('old_pass', STRING),
+ ('new_pass', STRING),
+]
+assert sizeof(rsys_um_set_pass_t) == 12, sizeof(rsys_um_set_pass_t)
+assert alignment(rsys_um_set_pass_t) == 4, alignment(rsys_um_set_pass_t)
+class rsys_um_set_pass_name_t(Structure):
+ pass
+rsys_um_set_pass_name_t._fields_ = [
+ ('name', STRING),
+ ('old_pass', STRING),
+ ('new_pass', STRING),
+]
+assert sizeof(rsys_um_set_pass_name_t) == 12, sizeof(rsys_um_set_pass_name_t)
+assert alignment(rsys_um_set_pass_name_t) == 4, alignment(rsys_um_set_pass_name_t)
+class rsys_um_set_group_pass_t(Structure):
+ pass
+rsys_um_set_group_pass_t._fields_ = [
+ ('gid', rsbac_gid_t),
+ ('new_pass', STRING),
+]
+assert sizeof(rsys_um_set_group_pass_t) == 8, sizeof(rsys_um_set_group_pass_t)
+assert alignment(rsys_um_set_group_pass_t) == 4, alignment(rsys_um_set_group_pass_t)
+class rsys_um_check_account_t(Structure):
+ pass
+rsys_um_check_account_t._fields_ = [
+ ('uid', rsbac_uid_t),
+]
+assert sizeof(rsys_um_check_account_t) == 4, sizeof(rsys_um_check_account_t)
+assert alignment(rsys_um_check_account_t) == 4, alignment(rsys_um_check_account_t)
+class rsys_um_check_account_name_t(Structure):
+ pass
+rsys_um_check_account_name_t._fields_ = [
+ ('name', STRING),
+]
+assert sizeof(rsys_um_check_account_name_t) == 4, sizeof(rsys_um_check_account_name_t)
+assert alignment(rsys_um_check_account_name_t) == 4, alignment(rsys_um_check_account_name_t)
+class rsys_list_ta_begin_t(Structure):
+ pass
+rsys_list_ta_begin_t._fields_ = [
+ ('ttl', rsbac_time_t),
+ ('ta_number_p', POINTER(rsbac_list_ta_number_t)),
+ ('commit_uid', rsbac_uid_t),
+ ('password', STRING),
+]
+assert sizeof(rsys_list_ta_begin_t) == 16, sizeof(rsys_list_ta_begin_t)
+assert alignment(rsys_list_ta_begin_t) == 4, alignment(rsys_list_ta_begin_t)
+class rsys_list_ta_refresh_t(Structure):
+ pass
+rsys_list_ta_refresh_t._fields_ = [
+ ('ttl', rsbac_time_t),
+ ('ta_number', rsbac_list_ta_number_t),
+ ('password', STRING),
+]
+assert sizeof(rsys_list_ta_refresh_t) == 12, sizeof(rsys_list_ta_refresh_t)
+assert alignment(rsys_list_ta_refresh_t) == 4, alignment(rsys_list_ta_refresh_t)
+class rsys_list_ta_commit_t(Structure):
+ pass
+rsys_list_ta_commit_t._fields_ = [
+ ('ta_number', rsbac_list_ta_number_t),
+ ('password', STRING),
+]
+assert sizeof(rsys_list_ta_commit_t) == 8, sizeof(rsys_list_ta_commit_t)
+assert alignment(rsys_list_ta_commit_t) == 4, alignment(rsys_list_ta_commit_t)
+class rsys_list_ta_forget_t(Structure):
+ pass
+rsys_list_ta_forget_t._fields_ = [
+ ('ta_number', rsbac_list_ta_number_t),
+ ('password', STRING),
+]
+assert sizeof(rsys_list_ta_forget_t) == 8, sizeof(rsys_list_ta_forget_t)
+assert alignment(rsys_list_ta_forget_t) == 4, alignment(rsys_list_ta_forget_t)
+class rsys_list_all_dev_t(Structure):
+ pass
+rsys_list_all_dev_t._fields_ = [
+ ('ta_number', rsbac_list_ta_number_t),
+ ('id_p', POINTER(rsbac_dev_desc_t)),
+ ('maxnum', u_long),
+]
+assert sizeof(rsys_list_all_dev_t) == 12, sizeof(rsys_list_all_dev_t)
+assert alignment(rsys_list_all_dev_t) == 4, alignment(rsys_list_all_dev_t)
+class rsys_acl_list_all_dev_t(Structure):
+ pass
+rsys_acl_list_all_dev_t._fields_ = [
+ ('ta_number', rsbac_list_ta_number_t),
+ ('id_p', POINTER(rsbac_dev_desc_t)),
+ ('maxnum', u_long),
+]
+assert sizeof(rsys_acl_list_all_dev_t) == 12, sizeof(rsys_acl_list_all_dev_t)
+assert alignment(rsys_acl_list_all_dev_t) == 4, alignment(rsys_acl_list_all_dev_t)
+class rsys_list_all_user_t(Structure):
+ pass
+rsys_list_all_user_t._fields_ = [
+ ('ta_number', rsbac_list_ta_number_t),
+ ('id_p', POINTER(rsbac_uid_t)),
+ ('maxnum', u_long),
+]
+assert sizeof(rsys_list_all_user_t) == 12, sizeof(rsys_list_all_user_t)
+assert alignment(rsys_list_all_user_t) == 4, alignment(rsys_list_all_user_t)
+class rsys_acl_list_all_user_t(Structure):
+ pass
+rsys_acl_list_all_user_t._fields_ = [
+ ('ta_number', rsbac_list_ta_number_t),
+ ('id_p', POINTER(rsbac_uid_t)),
+ ('maxnum', u_long),
+]
+assert sizeof(rsys_acl_list_all_user_t) == 12, sizeof(rsys_acl_list_all_user_t)
+assert alignment(rsys_acl_list_all_user_t) == 4, alignment(rsys_acl_list_all_user_t)
+class rsys_list_all_group_t(Structure):
+ pass
+rsys_list_all_group_t._fields_ = [
+ ('ta_number', rsbac_list_ta_number_t),
+ ('id_p', POINTER(rsbac_gid_t)),
+ ('maxnum', u_long),
+]
+assert sizeof(rsys_list_all_group_t) == 12, sizeof(rsys_list_all_group_t)
+assert alignment(rsys_list_all_group_t) == 4, alignment(rsys_list_all_group_t)
+class rsys_acl_list_all_group_t(Structure):
+ pass
+rsys_acl_list_all_group_t._fields_ = [
+ ('ta_number', rsbac_list_ta_number_t),
+ ('id_p', POINTER(rsbac_gid_t)),
+ ('maxnum', u_long),
+]
+assert sizeof(rsys_acl_list_all_group_t) == 12, sizeof(rsys_acl_list_all_group_t)
+assert alignment(rsys_acl_list_all_group_t) == 4, alignment(rsys_acl_list_all_group_t)
+class rsys_list_all_ipc_t(Structure):
+ pass
+rsys_list_all_ipc_t._fields_ = [
+ ('ta_number', rsbac_list_ta_number_t),
+ ('id_p', POINTER(rsbac_ipc_t)),
+ ('maxnum', u_long),
+]
+assert sizeof(rsys_list_all_ipc_t) == 12, sizeof(rsys_list_all_ipc_t)
+assert alignment(rsys_list_all_ipc_t) == 4, alignment(rsys_list_all_ipc_t)
+class rsys_rc_select_fd_create_type_t(Structure):
+ pass
+rsys_rc_select_fd_create_type_t._fields_ = [
+ ('type', rsbac_rc_type_id_t),
+]
+assert sizeof(rsys_rc_select_fd_create_type_t) == 4, sizeof(rsys_rc_select_fd_create_type_t)
+assert alignment(rsys_rc_select_fd_create_type_t) == 4, alignment(rsys_rc_select_fd_create_type_t)
+class rsbac_syscall_arg_t(Union):
+ pass
+rsbac_syscall_arg_t._fields_ = [
+ ('check', rsys_check_t),
+ ('get_attr', rsys_get_attr_t),
+ ('get_attr_n', rsys_get_attr_n_t),
+ ('set_attr', rsys_set_attr_t),
+ ('set_attr_n', rsys_set_attr_n_t),
+ ('remove_target', rsys_remove_target_t),
+ ('remove_target_n', rsys_remove_target_n_t),
+ ('net_list_all_netdev', rsys_net_list_all_netdev_t),
+ ('net_template', rsys_net_template_t),
+ ('net_list_all_template', rsys_net_list_all_template_t),
+ ('switch_module', rsys_switch_t),
+ ('adf_log_switch', rsys_adf_log_switch_t),
+ ('get_adf_log', rsys_get_adf_log_t),
+ ('log', rsys_log_t),
+ ('mac_set_curr_level', rsys_mac_set_curr_level_t),
+ ('mac_get_curr_level', rsys_mac_get_curr_level_t),
+ ('mac_get_max_level', rsys_mac_get_max_level_t),
+ ('mac_get_min_level', rsys_mac_get_min_level_t),
+ ('mac_add_p_tru', rsys_mac_add_p_tru_t),
+ ('mac_remove_p_tru', rsys_mac_remove_p_tru_t),
+ ('mac_add_f_tru', rsys_mac_add_f_tru_t),
+ ('mac_remove_f_tru', rsys_mac_remove_f_tru_t),
+ ('mac_get_f_trulist', rsys_mac_get_f_trulist_t),
+ ('mac_get_p_trulist', rsys_mac_get_p_trulist_t),
+ ('pm', rsys_pm_t),
+ ('pm_change_current_task', rsys_pm_change_current_task_t),
+ ('pm_create_file', rsys_pm_create_file_t),
+ ('rc_copy_role', rsys_rc_copy_role_t),
+ ('rc_copy_type', rsys_rc_copy_type_t),
+ ('rc_get_item', rsys_rc_get_item_t),
+ ('rc_set_item', rsys_rc_set_item_t),
+ ('rc_get_list', rsys_rc_get_list_t),
+ ('rc_change_role', rsys_rc_change_role_t),
+ ('rc_get_eff_rights_n', rsys_rc_get_eff_rights_n_t),
+ ('rc_get_current_role', rsys_rc_get_current_role_t),
+ ('auth_add_p_cap', rsys_auth_add_p_cap_t),
+ ('auth_remove_p_cap', rsys_auth_remove_p_cap_t),
+ ('auth_add_f_cap', rsys_auth_add_f_cap_t),
+ ('auth_remove_f_cap', rsys_auth_remove_f_cap_t),
+ ('auth_get_f_caplist', rsys_auth_get_f_caplist_t),
+ ('auth_get_p_caplist', rsys_auth_get_p_caplist_t),
+ ('acl', rsys_acl_t),
+ ('acl_n', rsys_acl_n_t),
+ ('acl_get_rights', rsys_acl_get_rights_t),
+ ('acl_get_rights_n', rsys_acl_get_rights_n_t),
+ ('acl_get_tlist', rsys_acl_get_tlist_t),
+ ('acl_get_tlist_n', rsys_acl_get_tlist_n_t),
+ ('acl_get_mask', rsys_acl_get_mask_t),
+ ('acl_get_mask_n', rsys_acl_get_mask_n_t),
+ ('acl_group', rsys_acl_group_t),
+ ('reg', rsys_reg_t),
+ ('jail', rsys_jail_t),
+ ('init', rsys_init_t),
+ ('um_auth_name', rsys_um_auth_name_t),
+ ('um_auth_uid', rsys_um_auth_uid_t),
+ ('um_add_user', rsys_um_add_user_t),
+ ('um_add_group', rsys_um_add_group_t),
+ ('um_add_gm', rsys_um_add_gm_t),
+ ('um_mod_user', rsys_um_mod_user_t),
+ ('um_mod_group', rsys_um_mod_group_t),
+ ('um_get_user_item', rsys_um_get_user_item_t),
+ ('um_get_group_item', rsys_um_get_group_item_t),
+ ('um_remove_user', rsys_um_remove_user_t),
+ ('um_remove_group', rsys_um_remove_group_t),
+ ('um_remove_gm', rsys_um_remove_gm_t),
+ ('um_user_exists', rsys_um_user_exists_t),
+ ('um_group_exists', rsys_um_group_exists_t),
+ ('um_get_next_user', rsys_um_get_next_user_t),
+ ('um_get_user_list', rsys_um_get_user_list_t),
+ ('um_get_gm_list', rsys_um_get_gm_list_t),
+ ('um_get_gm_user_list', rsys_um_get_gm_user_list_t),
+ ('um_get_group_list', rsys_um_get_group_list_t),
+ ('um_get_uid', rsys_um_get_uid_t),
+ ('um_get_gid', rsys_um_get_gid_t),
+ ('um_set_pass', rsys_um_set_pass_t),
+ ('um_set_pass_name', rsys_um_set_pass_name_t),
+ ('um_set_group_pass', rsys_um_set_group_pass_t),
+ ('um_check_account', rsys_um_check_account_t),
+ ('um_check_account_name', rsys_um_check_account_name_t),
+ ('list_ta_begin', rsys_list_ta_begin_t),
+ ('list_ta_refresh', rsys_list_ta_refresh_t),
+ ('list_ta_commit', rsys_list_ta_commit_t),
+ ('list_ta_forget', rsys_list_ta_forget_t),
+ ('list_all_dev', rsys_list_all_dev_t),
+ ('acl_list_all_dev', rsys_acl_list_all_dev_t),
+ ('list_all_user', rsys_list_all_user_t),
+ ('acl_list_all_user', rsys_acl_list_all_user_t),
+ ('list_all_group', rsys_list_all_group_t),
+ ('acl_list_all_group', rsys_acl_list_all_group_t),
+ ('list_all_ipc', rsys_list_all_ipc_t),
+ ('rc_select_fd_create_type', rsys_rc_select_fd_create_type_t),
+ ('dummy', c_int),
+]
+assert sizeof(rsbac_syscall_arg_t) == 28, sizeof(rsbac_syscall_arg_t)
+assert alignment(rsbac_syscall_arg_t) == 4, alignment(rsbac_syscall_arg_t)
+rsbac_old_uid_t = __u16
+rsbac_old_gid_t = __u16
+class rsbac_nanotime_t(Structure):
+ pass
+rsbac_nanotime_t._fields_ = [
+ ('sec', rsbac_time_t),
+ ('nsec', __u32),
+]
+assert sizeof(rsbac_nanotime_t) == 8, sizeof(rsbac_nanotime_t)
+assert alignment(rsbac_nanotime_t) == 4, alignment(rsbac_nanotime_t)
+rsbac_boolean_int_t = __u8
+rsbac_pseudo_t = __u32
+rsbac_ta_number_t = __u32
+
+# values for enumeration 'rsbac_old_security_level_t'
+rsbac_old_security_level_t = c_int # enum
+rsbac_cwi_relation_id_t = u_int
+
+# values for enumeration 'rsbac_system_role_t'
+rsbac_system_role_t = c_int # enum
+rsbac_system_role_int_t = rsbac_enum_t
+
+# values for enumeration 'rsbac_fake_root_uid_t'
+rsbac_fake_root_uid_t = c_int # enum
+rsbac_fake_root_uid_int_t = rsbac_enum_t
+
+# values for enumeration 'rsbac_scd_type_t'
+rsbac_scd_type_t = c_int # enum
+rsbac_scd_vector_t = __u32
+
+# values for enumeration 'rsbac_dev_type_t'
+rsbac_dev_type_t = c_int # enum
+rsbac_inode_nr_t = __u32
+
+# values for enumeration 'rsbac_linux_dac_disable_t'
+rsbac_linux_dac_disable_t = c_int # enum
+rsbac_linux_dac_disable_int_t = rsbac_enum_t
+
+# values for enumeration 'rsbac_log_level_t'
+rsbac_log_level_t = c_int # enum
+rsbac_log_array_t = __u64
+rsbac_mac_user_flags_t = __u8
+rsbac_mac_process_flags_t = __u16
+rsbac_mac_file_flags_t = __u8
+class rsbac_fs_file_t(Structure):
+ pass
+rsbac_mac_file_t = rsbac_fs_file_t
+rsbac_fs_file_t._fields_ = [
+]
+rsbac_mac_auto_int_t = rsbac_enum_t
+
+# values for enumeration 'rsbac_mac_auto_t'
+rsbac_mac_auto_t = c_int # enum
+rsbac_daz_scanned_t = __u8
+rsbac_daz_scanner_t = __u8
+rsbac_ff_flags_t = __u16
+rsbac_auth_file_t = rsbac_fs_file_t
+
+# values for enumeration 'rsbac_auth_cap_type_t'
+rsbac_auth_cap_type_t = c_int # enum
+rsbac_auth_cap_type_int_t = rsbac_enum_t
+
+# values for enumeration 'rsbac_auth_may_setuid_t'
+rsbac_auth_may_setuid_t = c_int # enum
+rsbac_auth_may_setuid_int_t = rsbac_enum_t
+
+# values for enumeration 'rsbac_cap_process_hiding_t'
+rsbac_cap_process_hiding_t = c_int # enum
+rsbac_cap_process_hiding_int_t = rsbac_enum_t
+
+# values for enumeration 'rsbac_cap_ld_env_t'
+rsbac_cap_ld_env_t = c_int # enum
+rsbac_cap_ld_env_int_t = rsbac_enum_t
+rsbac_jail_id_t = __u32
+rsbac_pax_flags_t = c_ulong
+rsbac_res_limit_t = __u32
+rsbac_res_array_t = rsbac_res_limit_t * 11
+rsbac_reg_handle_t = __s32
+
+# values for enumeration 'rsbac_adf_request_t'
+rsbac_adf_request_t = c_int # enum
+rsbac_adf_request_int_t = rsbac_enum_t
+
+# values for enumeration 'rsbac_adf_req_ret_t'
+rsbac_adf_req_ret_t = c_int # enum
+
+# values for enumeration 'rsbac_switch_target_t'
+rsbac_switch_target_t = c_int # enum
+rsbac_switch_target_int_t = rsbac_enum_t
+
+# values for enumeration 'rsbac_attribute_t'
+rsbac_attribute_t = c_int # enum
+__u_short = c_ushort
+u_short = __u_short
+rsbac_attribute_value_t._pack_ = 4
+rsbac_attribute_value_t._fields_ = [
+ ('owner', rsbac_uid_t),
+ ('pseudo', rsbac_pseudo_t),
+ ('security_level', rsbac_security_level_t),
+ ('mac_categories', rsbac_mac_category_vector_t),
+ ('system_role', rsbac_system_role_int_t),
+ ('current_sec_level', rsbac_security_level_t),
+ ('min_write_open', rsbac_security_level_t),
+ ('max_read_open', rsbac_security_level_t),
+ ('mac_user_flags', rsbac_mac_user_flags_t),
+ ('mac_process_flags', rsbac_mac_process_flags_t),
+ ('mac_file_flags', rsbac_mac_file_flags_t),
+ ('mac_auto', rsbac_mac_auto_int_t),
+ ('mac_check', rsbac_boolean_t),
+ ('mac_prop_trusted', rsbac_boolean_t),
+ ('pm_role', rsbac_pm_role_int_t),
+ ('pm_process_type', rsbac_pm_process_type_int_t),
+ ('pm_current_task', rsbac_pm_task_id_t),
+ ('pm_object_class', rsbac_pm_object_class_id_t),
+ ('pm_ipc_purpose', rsbac_pm_purpose_id_t),
+ ('pm_object_type', rsbac_pm_object_type_int_t),
+ ('pm_program_type', rsbac_pm_program_type_int_t),
+ ('pm_tp', rsbac_pm_tp_id_t),
+ ('pm_task_set', rsbac_pm_task_set_id_t),
+ ('daz_scanned', rsbac_daz_scanned_t),
+ ('daz_scanner', rsbac_daz_scanner_t),
+ ('ff_flags', rsbac_ff_flags_t),
+ ('rc_type', rsbac_rc_type_id_t),
+ ('rc_type_fd', rsbac_rc_type_id_t),
+ ('rc_force_role', rsbac_rc_role_id_t),
+ ('rc_initial_role', rsbac_rc_role_id_t),
+ ('rc_role', rsbac_rc_role_id_t),
+ ('rc_def_role', rsbac_rc_role_id_t),
+ ('auth_may_setuid', rsbac_auth_may_setuid_int_t),
+ ('auth_may_set_cap', rsbac_boolean_t),
+ ('auth_p_capset', rsbac_pid_t),
+ ('auth_f_capset', rsbac_inode_nr_t),
+ ('auth_learn', rsbac_boolean_t),
+ ('min_caps', rsbac_cap_vector_t),
+ ('max_caps', rsbac_cap_vector_t),
+ ('max_caps_user', rsbac_cap_vector_t),
+ ('max_caps_program', rsbac_cap_vector_t),
+ ('jail_id', rsbac_jail_id_t),
+ ('jail_parent', rsbac_jail_id_t),
+ ('jail_ip', rsbac_jail_ip_t),
+ ('jail_flags', rsbac_jail_flags_t),
+ ('jail_max_caps', rsbac_cap_vector_t),
+ ('jail_scd_get', rsbac_jail_scd_vector_t),
+ ('jail_scd_modify', rsbac_jail_scd_vector_t),
+ ('pax_flags', rsbac_pax_flags_t),
+ ('res_array', rsbac_res_array_t),
+ ('log_array_low', rsbac_log_array_t),
+ ('log_array_high', rsbac_log_array_t),
+ ('log_program_based', rsbac_request_vector_t),
+ ('log_user_based', rsbac_request_vector_t),
+ ('symlink_add_remote_ip', rsbac_enum_t),
+ ('symlink_add_uid', rsbac_boolean_t),
+ ('symlink_add_mac_level', rsbac_boolean_t),
+ ('symlink_add_rc_role', rsbac_boolean_t),
+ ('linux_dac_disable', rsbac_linux_dac_disable_int_t),
+ ('cap_process_hiding', rsbac_cap_process_hiding_int_t),
+ ('fake_root_uid', rsbac_fake_root_uid_int_t),
+ ('audit_uid', rsbac_uid_t),
+ ('auid_exempt', rsbac_uid_t),
+ ('auth_last_auth', rsbac_uid_t),
+ ('remote_ip', __u32),
+ ('cap_ld_env', rsbac_cap_ld_env_int_t),
+ ('rc_select_type', rsbac_rc_type_id_t),
+ ('u_char_dummy', u_char),
+ ('u_short_dummy', u_short),
+ ('dummy', c_int),
+ ('u_dummy', u_int),
+ ('long_dummy', c_long),
+ ('u_long_dummy', u_long),
+]
+assert sizeof(rsbac_attribute_value_t) == 44, sizeof(rsbac_attribute_value_t)
+assert alignment(rsbac_attribute_value_t) == 4, alignment(rsbac_attribute_value_t)
+rsbac_um_days_t = __s32
+
+# values for enumeration 'rsbac_um_mod_t'
+rsbac_um_mod_t = c_int # enum
+rsbac_um_mod_data_t._fields_ = [
+ ('string', c_char * 256),
+ ('group', rsbac_gid_t),
+ ('days', rsbac_um_days_t),
+ ('ttl', rsbac_time_t),
+]
+assert sizeof(rsbac_um_mod_data_t) == 256, sizeof(rsbac_um_mod_data_t)
+assert alignment(rsbac_um_mod_data_t) == 4, alignment(rsbac_um_mod_data_t)
+rsbac_um_user_entry_t._fields_ = [
+ ('name', c_char * 16),
+ ('pass', c_char * 24),
+ ('fullname', c_char * 30),
+ ('homedir', c_char * 50),
+ ('shell', c_char * 24),
+ ('group', rsbac_gid_t),
+ ('lastchange', rsbac_um_days_t),
+ ('minchange', rsbac_um_days_t),
+ ('maxchange', rsbac_um_days_t),
+ ('warnchange', rsbac_um_days_t),
+ ('inactive', rsbac_um_days_t),
+ ('expire', rsbac_um_days_t),
+]
+assert sizeof(rsbac_um_user_entry_t) == 172, sizeof(rsbac_um_user_entry_t)
+assert alignment(rsbac_um_user_entry_t) == 4, alignment(rsbac_um_user_entry_t)
+rsbac_um_group_entry_t._fields_ = [
+ ('name', c_char * 16),
+ ('pass', c_char * 24),
+]
+assert sizeof(rsbac_um_group_entry_t) == 40, sizeof(rsbac_um_group_entry_t)
+assert alignment(rsbac_um_group_entry_t) == 1, alignment(rsbac_um_group_entry_t)
+_ATFILE_SOURCE = 1 # Variable c_int
+RSBAC_VERSION_MAJOR = 1 # Variable c_int
+__NR_clock_settime = 264 # Variable c_int
+ETOOMANYREFS = 109 # Variable c_int
+__NR_lsetxattr = 227 # Variable c_int
+RSBAC_AUTH_GROUP_F_CAP = 4294967293L # Variable c_uint
+RSBAC_ACL_DEFAULT_NETDEV_MASK = 700002000129000L # Variable c_ulonglong
+__NR_prctl = 172 # Variable c_int
+RSBAC_EWEAKPASSWORD = 1032 # Variable c_int
+__NR_vfork = 190 # Variable c_int
+ENAMETOOLONG = 36 # Variable c_int
+__NR_olduname = 109 # Variable c_int
+ETXTBSY = 26 # Variable c_int
+__clockid_t_defined = 1 # Variable c_int
+RSBAC_JAIL_LOCALHOST = 16777343 # Variable c_int
+PF_PAX_SEGMEXEC = 536870912 # Variable c_int
+__NR_prof = 44 # Variable c_int
+RSBAC_ENOTFOUND = 1009 # Variable c_int
+EL3HLT = 46 # Variable c_int
+CAP_AUDIT_CONTROL = 30 # Variable c_int
+RSBAC_DATAPROT_UID = 401 # Variable c_int
+RSBAC_CAP_DEFAULT_MIN = 0 # Variable c_uint
+RSBAC_ECOULDNOTCREATEPATH = 1014 # Variable c_int
+RSBAC_PAX_ALL_FLAGS = 4278190080L # Variable c_ulong
+__timer_t_defined = 1 # Variable c_int
+__NR_mpx = 56 # Variable c_int
+__NR_truncate = 92 # Variable c_int
+__SIZEOF_PTHREAD_CONDATTR_T = 4 # Variable c_int
+__NR_sync_file_range = 314 # Variable c_int
+__NR_mq_open = 277 # Variable c_int
+__NR_getdents64 = 220 # Variable c_int
+__NR_settimeofday = 79 # Variable c_int
+__NR_vserver = 273 # Variable c_int
+_LINUX_CAPABILITY_VERSION = 429392688 # Variable c_int
+EFBIG = 27 # Variable c_int
+RSBAC_EACCESS = 1002 # Variable c_int
+__NR_epoll_wait = 256 # Variable c_int
+__NR_getresgid = 171 # Variable c_int
+__NR_sync = 36 # Variable c_int
+RSBAC_AUTH_MAX_RANGE_GID = 4294967286L # Variable c_uint
+ENOLINK = 67 # Variable c_int
+RSBAC_ENOROOTDEV = 1008 # Variable c_int
+MAC_trusted = 4 # Variable c_int
+RSBAC_NET_TEMP_INET_ID = 100110 # Variable c_int
+RSBAC_AUTH_MAX_RANGE_UID = 4294967286L # Variable c_uint
+__NR_create_module = 127 # Variable c_int
+EL3RST = 47 # Variable c_int
+RSBAC_UM_USER_LIST_NAME = 'um_user' # Variable STRING
+EREMOTEIO = 121 # Variable c_int
+__SIZEOF_PTHREAD_MUTEXATTR_T = 4 # Variable c_int
+CAP_NET_BROADCAST = 11 # Variable c_int
+__NR_setresuid = 164 # Variable c_int
+RSBAC_UM_PASS_LEN = 24 # Variable c_int
+RST_min = 32 # Variable c_int
+__NR_swapoff = 115 # Variable c_int
+RSBAC_NET_MAX_ADDRESS_LEN = 128 # Variable c_int
+RC_type_no_execute = 4294967292L # Variable c_uint
+JAIL_allow_dev_write = 1024 # Variable c_int
+ENOTUNIQ = 76 # Variable c_int
+__NR_readahead = 225 # Variable c_int
+RSBAC_NET_TEMP_LAN_ADDRESS = '192.168.0.0' # Variable STRING
+RSBAC_UM_FULLNAME_LEN = 30 # Variable c_int
+__NR_sysinfo = 116 # Variable c_int
+__NR_stat64 = 195 # Variable c_int
+RSBAC_PM_A_WRITE = 2 # Variable c_int
+__NR_unlink = 10 # Variable c_int
+RSBAC_PAX_DEF_FLAGS = 754974720 # Variable c_int
+ERESTART = 85 # Variable c_int
+__NR_getppid = 64 # Variable c_int
+__USE_LARGEFILE64 = 1 # Variable c_int
+RSBAC_ALL_USERS = 4294967292L # Variable c_uint
+__NR_ugetrlimit = 191 # Variable c_int
+__NR_removexattr = 235 # Variable c_int
+RSBAC_ACL_MAX_MAXNUM = 1000000 # Variable c_int
+__NR_getgid = 47 # Variable c_int
+__NR_fremovexattr = 237 # Variable c_int
+RSBAC_MAC_NR_CATS = 64 # Variable c_int
+EUCLEAN = 117 # Variable c_int
+ENOPROTOOPT = 92 # Variable c_int
+_SVID_SOURCE = 1 # Variable c_int
+__NR_setgid32 = 214 # Variable c_int
+RSBAC_UM_USER_LIST_VERSION = 1 # Variable c_int
+__NR_waitpid = 7 # Variable c_int
+__NR_readlinkat = 305 # Variable c_int
+CAP_SYS_RAWIO = 17 # Variable c_int
+__NR_uname = 122 # Variable c_int
+__NR_setfsgid = 139 # Variable c_int
+__SIZEOF_PTHREAD_BARRIER_T = 20 # Variable c_int
+__NR_poll = 168 # Variable c_int
+__NR_fsync = 118 # Variable c_int
+__NR_io_destroy = 246 # Variable c_int
+__NR_sched_getscheduler = 157 # Variable c_int
+__NR_ioctl = 54 # Variable c_int
+RSBAC_PM_DEV_OBJECT_CLASS_ID = 60001 # Variable c_uint
+EHOSTDOWN = 112 # Variable c_int
+__NR_ftruncate64 = 194 # Variable c_int
+_LARGEFILE_SOURCE = 1 # Variable c_int
+__NR_timer_gettime = 261 # Variable c_int
+__NR_fstat64 = 197 # Variable c_int
+EPIPE = 32 # Variable c_int
+__NR_sigpending = 73 # Variable c_int
+RSBAC_RC_KERNEL_P_TYPE = 999999 # Variable c_int
+SL_max = 252 # Variable c_int
+__NR_setitimer = 104 # Variable c_int
+__NR_tee = 315 # Variable c_int
+__NR_restart_syscall = 0 # Variable c_int
+__NR_timer_getoverrun = 262 # Variable c_int
+EINPROGRESS = 115 # Variable c_int
+__NR_exit = 1 # Variable c_int
+RSBAC_SEC_DEL_CHUNK_SIZE = 65536 # Variable c_int
+RSBAC_MAC_MAX_MAXNUM = 1000000 # Variable c_int
+EADDRINUSE = 98 # Variable c_int
+RSBAC_NO_USER = 4294967293L # Variable c_uint
+RSBAC_MAC_DEF_CAT_VECTOR = 1 # Variable c_ulonglong
+FF_no_delete_or_rename = 64 # Variable c_int
+__NR_unlinkat = 301 # Variable c_int
+__NR_fchown = 95 # Variable c_int
+RSBAC_RES_MAX = 10 # Variable c_int
+__NR_writev = 146 # Variable c_int
+RSBAC_RC_SPECIAL_RIGHT_BASE = 56 # Variable c_int
+RSBAC_ALL_GROUPS = 4294967292L # Variable c_uint
+__NR_mknod = 14 # Variable c_int
+__NR_time = 13 # Variable c_int
+RSBAC_ACL_SYSADM_RIGHTS_VECTOR = 0 # Variable c_int
+RSBAC_NETDEV_REQUEST_VECTOR = 2000129000 # Variable c_ulonglong
+__NR_vm86old = 113 # Variable c_int
+_ENDIAN_H = 1 # Variable c_int
+__NR_openat = 295 # Variable c_int
+__NR_getresgid32 = 211 # Variable c_int
+ELIBACC = 79 # Variable c_int
+__NR_epoll_create = 254 # Variable c_int
+__NR_rename = 38 # Variable c_int
+__USE_FORTIFY_LEVEL = 0 # Variable c_int
+__NR_idle = 112 # Variable c_int
+__NR_sendfile = 187 # Variable c_int
+__NR_rt_sigaction = 174 # Variable c_int
+EDQUOT = 122 # Variable c_int
+ENOENT = 2 # Variable c_int
+__NR_socketcall = 102 # Variable c_int
+__NR_mount = 21 # Variable c_int
+RSBAC_UM_USER_PWHISTORY_LIST_KEY = 8854687 # Variable c_int
+__NR_profil = 98 # Variable c_int
+__USE_XOPEN_EXTENDED = 1 # Variable c_int
+__NR_get_mempolicy = 275 # Variable c_int
+__USE_POSIX = 1 # Variable c_int
+__NR_inotify_rm_watch = 293 # Variable c_int
+ECOMM = 70 # Variable c_int
+__NR_flock = 143 # Variable c_int
+RSBAC_VERSION = '1.3.0rc1' # Variable STRING
+__NR_getpgrp = 65 # Variable c_int
+EXFULL = 54 # Variable c_int
+__NR_sched_setscheduler = 156 # Variable c_int
+RSBAC_ACL_GEN_RIGHTS_VECTOR = 0 # Variable c_int
+ENOTDIR = 20 # Variable c_int
+__NR_sigreturn = 119 # Variable c_int
+RSBAC_AUTH_LOGIN_PATH = '/bin/login' # Variable STRING
+RSBAC_PM_A_APPEND = 16 # Variable c_int
+__NR_getgroups = 80 # Variable c_int
+__NR_mmap2 = 192 # Variable c_int
+RSBAC_UM_OLD_USER_PWHISTORY_LIST_NAME = 'um_pwh.' # Variable STRING
+__NR_flistxattr = 234 # Variable c_int
+__NR_oldfstat = 28 # Variable c_int
+__NR_get_thread_area = 244 # Variable c_int
+CAP_CHOWN = 0 # Variable c_int
+__NR_mq_timedsend = 279 # Variable c_int
+__NR_sched_get_priority_max = 159 # Variable c_int
+__NR_mprotect = 125 # Variable c_int
+__WORDSIZE = 32 # Variable c_int
+RSBAC_RC_AUDITOR_ROLE = 3 # Variable c_int
+__NR_setgroups = 81 # Variable c_int
+EAFNOSUPPORT = 97 # Variable c_int
+__NR_setuid32 = 213 # Variable c_int
+CAP_LEASE = 28 # Variable c_int
+CAP_FSETID = 4 # Variable c_int
+ENOPKG = 65 # Variable c_int
+__NR_ftime = 35 # Variable c_int
+PF_PAX_RANDEXEC = 268435456 # Variable c_int
+_XOPEN_SOURCE = 600 # Variable c_int
+RSBAC_UM_MAX_MAXNUM = 1000000 # Variable c_int
+__NR__newselect = 142 # Variable c_int
+__NR_inotify_add_watch = 292 # Variable c_int
+__GLIBC__ = 2 # Variable c_int
+__USE_ISOC99 = 1 # Variable c_int
+EINVAL = 22 # Variable c_int
+JAIL_allow_dev_get_status = 128 # Variable c_int
+EMEDIUMTYPE = 124 # Variable c_int
+__NR_sendfile64 = 239 # Variable c_int
+EBFONT = 59 # Variable c_int
+DAZ_infected = 1 # Variable c_int
+RC_role_min_special = 4294967291L # Variable c_uint
+CAP_AUDIT_WRITE = 29 # Variable c_int
+RSBAC_SCD_REQUEST_VECTOR = 400139800 # Variable c_ulonglong
+RSBAC_OLD_NO_USER = 65533 # Variable c_int
+ENOKEY = 126 # Variable c_int
+__NR_getpid = 20 # Variable c_int
+__NR_setpgid = 57 # Variable c_int
+_XLOCALE_H = 1 # Variable c_int
+ENODEV = 19 # Variable c_int
+__NR_sched_setparam = 154 # Variable c_int
+__NR_fdatasync = 148 # Variable c_int
+EPROTONOSUPPORT = 93 # Variable c_int
+__NR_chroot = 61 # Variable c_int
+_POSIX_C_SOURCE = 199506 # Variable c_long
+__NR_sgetmask = 68 # Variable c_int
+RSBAC_MAX_MOD = 12 # Variable c_int
+RSBAC_RC_SYS_TYPE = 2 # Variable c_int
+RC_type_min_special = 4294967289L # Variable c_uint
+ETIME = 62 # Variable c_int
+__NR__llseek = 140 # Variable c_int
+__NR_oldlstat = 84 # Variable c_int
+ENETRESET = 102 # Variable c_int
+__NR_rt_sigreturn = 173 # Variable c_int
+__error_t_defined = 1 # Variable c_int
+__NR_llistxattr = 233 # Variable c_int
+TRUE = 1 # Variable c_int
+__time_t_defined = 1 # Variable c_int
+RSBAC_RC_OLD_SPECIAL_RIGHT_BASE = 48 # Variable c_int
+SL_inherit = 254 # Variable c_int
+__NR_waitid = 284 # Variable c_int
+EISCONN = 106 # Variable c_int
+__USE_POSIX2 = 1 # Variable c_int
+ELIBEXEC = 83 # Variable c_int
+MAC_read_up = 16 # Variable c_int
+EMLINK = 31 # Variable c_int
+__NR_execve = 11 # Variable c_int
+__NR_creat = 8 # Variable c_int
+__NR_sched_getparam = 155 # Variable c_int
+__NR_mlock = 150 # Variable c_int
+RSBAC_MAC_MAX_CAT = 63 # Variable c_int
+__NR_pause = 29 # Variable c_int
+FF_no_search = 1024 # Variable c_int
+ECANCELED = 125 # Variable c_int
+RSBAC_MAC_INHERIT_CAT_VECTOR = 0 # Variable c_ulonglong
+__NR_setregid32 = 204 # Variable c_int
+RC_type_inherit_process = 4294967295L # Variable c_uint
+RSBAC_NET_TEMP_NAMELEN = 16 # Variable c_int
+__USE_ATFILE = 1 # Variable c_int
+RC_type_use_fd = 4294967289L # Variable c_uint
+PF_PAX_EMUTRAMP = 33554432 # Variable c_int
+__NR_lstat = 107 # Variable c_int
+__NR_lchown = 16 # Variable c_int
+FF_append_only = 256 # Variable c_int
+RSBAC_NET_TEMP_LNET_ADDRESS = '127.0.0.0' # Variable STRING
+__NR_migrate_pages = 294 # Variable c_int
+__NR_fstat = 108 # Variable c_int
+CAP_SYS_TTY_CONFIG = 26 # Variable c_int
+AST_min = 32 # Variable c_int
+EIDRM = 43 # Variable c_int
+EADDRNOTAVAIL = 99 # Variable c_int
+RSBAC_PM_A_ALL = 31 # Variable c_int
+__NR_utime = 30 # Variable c_int
+__NR_mincore = 218 # Variable c_int
+__NR_mremap = 163 # Variable c_int
+RSBAC_RC_SEC_TYPE = 1 # Variable c_int
+RSBAC_MAC_U_FLAGS = 125 # Variable c_int
+CLOCK_THREAD_CPUTIME_ID = 3 # Variable c_int
+_POSIX_SOURCE = 1 # Variable c_int
+CAP_MKNOD = 27 # Variable c_int
+__NR_set_robust_list = 311 # Variable c_int
+__NR_setresgid = 170 # Variable c_int
+__NR_add_key = 286 # Variable c_int
+__NR_stat = 106 # Variable c_int
+EPROTOTYPE = 91 # Variable c_int
+ENOMEDIUM = 123 # Variable c_int
+__NR_ppoll = 309 # Variable c_int
+__NR_oldolduname = 59 # Variable c_int
+__GLIBC_MINOR__ = 4 # Variable c_int
+RSBAC_PM_IPC_OBJECT_CLASS_ID = 60000 # Variable c_uint
+RSBAC_MAC_DEF_P_FLAGS = 0 # Variable c_int
+RSBAC_AUTH_LOGIN_PATH_DIR = 'bin' # Variable STRING
+RC_type_no_chown = 4294967290L # Variable c_uint
+__NR_chdir = 12 # Variable c_int
+CLOCK_PROCESS_CPUTIME_ID = 2 # Variable c_int
+RSBAC_EPERM = 1001 # Variable c_int
+RSBAC_EREINIT = 1011 # Variable c_int
+RSBAC_UM_USER_PWHISTORY_LIST_NAME = 'um_pwh' # Variable STRING
+__NR_readv = 145 # Variable c_int
+RSBAC_CAP_DEFAULT_MAX = 4294967295L # Variable c_uint
+__NR_renameat = 302 # Variable c_int
+ELOOP = 40 # Variable c_int
+__NR_swapon = 87 # Variable c_int
+RSBAC_ENOTWRITABLE = 1022 # Variable c_int
+RSBAC_SYSADM_UID = 0 # Variable c_int
+__NR_personality = 136 # Variable c_int
+EREMOTE = 66 # Variable c_int
+__NR_sigprocmask = 126 # Variable c_int
+RSBAC_ENOMEM = 1024 # Variable c_int
+__NR_adjtimex = 124 # Variable c_int
+_SYS_TYPES_H = 1 # Variable c_int
+FF_search_only = 4 # Variable c_int
+__NR_clock_getres = 266 # Variable c_int
+RSBAC_NETTEMP_REQUEST_VECTOR = 400188300 # Variable c_ulonglong
+JAIL_allow_inet_raw = 8 # Variable c_int
+FF_read_only = 1 # Variable c_int
+__NR_mkdirat = 296 # Variable c_int
+RSBAC_NONE_REQUEST_VECTOR = 1038919001 # Variable c_ulonglong
+__NR_getxattr = 229 # Variable c_int
+__USE_GNU = 1 # Variable c_int
+__NR_unshare = 310 # Variable c_int
+__NR_io_cancel = 249 # Variable c_int
+RSBAC_RC_GENERAL_TYPE = 0 # Variable c_int
+__NR_setfsuid = 138 # Variable c_int
+__NR_gettid = 224 # Variable c_int
+__NR_write = 4 # Variable c_int
+CAP_FOWNER = 3 # Variable c_int
+ELIBMAX = 82 # Variable c_int
+__NR_uselib = 86 # Variable c_int
+__NR_ipc = 117 # Variable c_int
+__NR_fchdir = 133 # Variable c_int
+EMULTIHOP = 72 # Variable c_int
+__NR_access = 33 # Variable c_int
+__NR_lseek = 19 # Variable c_int
+__NR_keyctl = 288 # Variable c_int
+RSBAC_PM_A_CREATE = 8 # Variable c_int
+RSBAC_EINVALIDVERSION = 1026 # Variable c_int
+__USE_SVID = 1 # Variable c_int
+RSBAC_UM_HOMEDIR_LEN = 50 # Variable c_int
+__NR_madvise = 219 # Variable c_int
+__NR_fcntl = 55 # Variable c_int
+__USE_ANSI = 1 # Variable c_int
+__NR_utimes = 271 # Variable c_int
+RSBAC_ADF_REQUEST_ARRAY_VERSION = 2 # Variable c_int
+CAP_NET_BIND_SERVICE = 10 # Variable c_int
+__NR_epoll_ctl = 255 # Variable c_int
+CAP_SYS_TIME = 25 # Variable c_int
+EDOTDOT = 73 # Variable c_int
+__NR_sigaltstack = 186 # Variable c_int
+__NR_fork = 2 # Variable c_int
+__NR_setfsgid32 = 216 # Variable c_int
+ECONNABORTED = 103 # Variable c_int
+EISNAM = 120 # Variable c_int
+RSBAC_IFNAMSIZ = 16 # Variable c_int
+RSBAC_EINVALIDMODULE = 1027 # Variable c_int
+__NR_pread64 = 180 # Variable c_int
+RSBAC_NET_NR_PORTS = 10 # Variable c_int
+RSBAC_LIST_TTL_KEEP = 4294967295L # Variable c_uint
+__NR_pipe = 42 # Variable c_int
+__SIZEOF_PTHREAD_RWLOCK_T = 32 # Variable c_int
+__NR_vmsplice = 316 # Variable c_int
+__STDC_ISO_10646__ = 200009 # Variable c_long
+__NR_reboot = 88 # Variable c_int
+JAIL_allow_dev_read = 512 # Variable c_int
+ELNRNG = 48 # Variable c_int
+__NR_capget = 184 # Variable c_int
+FALSE = 0 # Variable c_int
+RSBAC_RC_NAME_LEN = 16 # Variable c_int
+RSBAC_RES_UNSET = 0 # Variable c_int
+__NR_kexec_load = 283 # Variable c_int
+__NR_getegid32 = 202 # Variable c_int
+__USE_LARGEFILE = 1 # Variable c_int
+__NR_setuid = 23 # Variable c_int
+__NR_fstatfs64 = 269 # Variable c_int
+RSBAC_UM_GROUP_LIST_VERSION = 1 # Variable c_int
+_FEATURES_H = 1 # Variable c_int
+__NR_syslog = 103 # Variable c_int
+RC_role_inherit_process = 4294967294L # Variable c_uint
+__NR_sched_rr_get_interval = 161 # Variable c_int
+__NR_getgroups32 = 205 # Variable c_int
+NR_syscalls = 317 # Variable c_int
+__NR_mq_notify = 281 # Variable c_int
+RSBAC_SECOFF_UID = 400 # Variable c_int
+CAP_IPC_OWNER = 15 # Variable c_int
+_BITS_TYPES_H = 1 # Variable c_int
+__NR_setpriority = 97 # Variable c_int
+EILSEQ = 84 # Variable c_int
+TIMER_ABSTIME = 1 # Variable c_int
+__NR_getcwd = 183 # Variable c_int
+__NR_setdomainname = 121 # Variable c_int
+EPFNOSUPPORT = 96 # Variable c_int
+EFAULT = 14 # Variable c_int
+ENONET = 64 # Variable c_int
+__NR_link = 9 # Variable c_int
+ECHRNG = 44 # Variable c_int
+__NR_init_module = 128 # Variable c_int
+RSBAC_ACL_GROUP_EVERYONE = 0 # Variable c_int
+_XOPEN_SOURCE_EXTENDED = 1 # Variable c_int
+__NR_set_tid_address = 258 # Variable c_int
+__NR_capset = 185 # Variable c_int
+__USE_POSIX199309 = 1 # Variable c_int
+CLOCKS_PER_SEC = 1000000 # Variable c_long
+RSBAC_NET_TEMP_NAME = 'nettemp' # Variable STRING
+RSBAC_EINVALIDPOINTER = 1005 # Variable c_int
+__NR_stty = 31 # Variable c_int
+__NR_io_getevents = 247 # Variable c_int
+__NR_setreuid32 = 203 # Variable c_int
+ESRCH = 3 # Variable c_int
+__NR_msync = 144 # Variable c_int
+__NR_sysfs = 135 # Variable c_int
+__USE_XOPEN = 1 # Variable c_int
+__NR_getdents = 141 # Variable c_int
+RSBAC_AUTH_LOGIN_PATH_FILE = 'login' # Variable STRING
+__NR_fgetxattr = 231 # Variable c_int
+EKEYREVOKED = 128 # Variable c_int
+__NR_open = 5 # Variable c_int
+RSBAC_EMALWAREDETECTED = 1023 # Variable c_int
+__NR_rt_sigtimedwait = 177 # Variable c_int
+RSBAC_NET_TEMP_AUTO_ADDRESS = '0.0.0.0' # Variable STRING
+JAIL_allow_dev_mod_system = 256 # Variable c_int
+ECONNRESET = 104 # Variable c_int
+__NR_wait4 = 114 # Variable c_int
+__NR_setregid = 71 # Variable c_int
+SL_min = 0 # Variable c_int
+EHOSTUNREACH = 113 # Variable c_int
+RSBAC_ACL_ACMAN_RIGHTS_VECTOR = 700000000000000L # Variable c_ulonglong
+CAP_SYS_BOOT = 22 # Variable c_int
+EL2NSYNC = 45 # Variable c_int
+ERANGE = 34 # Variable c_int
+__NR_madvise1 = 219 # Variable c_int
+_BSD_SOURCE = 1 # Variable c_int
+ENOMSG = 42 # Variable c_int
+RSBAC_ACL_DEFAULT_SCD_MASK = 700000400139800L # Variable c_ulonglong
+ENOANO = 55 # Variable c_int
+__NR_sethostname = 74 # Variable c_int
+__NR_timer_delete = 263 # Variable c_int
+EISDIR = 21 # Variable c_int
+RSBAC_ACL_GROUP_VERSION = 2 # Variable c_int
+__NR_sigaction = 67 # Variable c_int
+__NR_sched_get_priority_min = 160 # Variable c_int
+__NR_afs_syscall = 137 # Variable c_int
+__NR_set_thread_area = 243 # Variable c_int
+__GNU_LIBRARY__ = 6 # Variable c_int
+_BITS_TYPESIZES_H = 1 # Variable c_int
+RSBAC_EEXPIRED = 1028 # Variable c_int
+__NR_munlockall = 153 # Variable c_int
+__NR_pselect6 = 308 # Variable c_int
+__NR_fstatat64 = 300 # Variable c_int
+__NR_mq_unlink = 278 # Variable c_int
+__NR_readlink = 85 # Variable c_int
+CAP_SETPCAP = 8 # Variable c_int
+__NR_ioprio_get = 290 # Variable c_int
+__NR_pivot_root = 217 # Variable c_int
+ESTRPIPE = 86 # Variable c_int
+ESHUTDOWN = 108 # Variable c_int
+__NR_fstatfs = 100 # Variable c_int
+__NR_stime = 25 # Variable c_int
+__NR_kill = 37 # Variable c_int
+RSBAC_UM_USER_PWHISTORY_LIST_VERSION = 1 # Variable c_int
+FF_secure_delete = 16 # Variable c_int
+__NR_readdir = 89 # Variable c_int
+__NR_rt_sigpending = 176 # Variable c_int
+RSBAC_UM_USER_LIST_KEY = 6363636 # Variable c_int
+EBADRQC = 56 # Variable c_int
+CAP_DAC_READ_SEARCH = 2 # Variable c_int
+__NR_geteuid32 = 201 # Variable c_int
+CAP_SYS_PACCT = 20 # Variable c_int
+RSBAC_NWR_REQUEST_VECTOR = 4195456 # Variable c_ulonglong
+EUNATCH = 49 # Variable c_int
+__NR_setsid = 66 # Variable c_int
+CAP_SYS_ADMIN = 21 # Variable c_int
+__GLIBC_HAVE_LONG_LONG = 1 # Variable c_int
+JAIL_allow_suid_files = 8192 # Variable c_int
+__NR_getpmsg = 188 # Variable c_int
+__NR_vhangup = 111 # Variable c_int
+JAIL_allow_all_net_family = 2 # Variable c_int
+__NR_statfs = 99 # Variable c_int
+RSBAC_EREADFAILED = 1003 # Variable c_int
+RSBAC_JAIL_DEF_ID = 0 # Variable c_int
+EBUSY = 16 # Variable c_int
+__NR_symlinkat = 304 # Variable c_int
+__NR_ulimit = 58 # Variable c_int
+__NR_modify_ldt = 123 # Variable c_int
+ENOTTY = 25 # Variable c_int
+EKEYEXPIRED = 127 # Variable c_int
+RSBAC_ACL_SPECIAL_RIGHT_BASE = 56 # Variable c_int
+RSBAC_RC_GENERAL_ROLE = 0 # Variable c_int
+__NR_gtty = 32 # Variable c_int
+__NR_delete_module = 129 # Variable c_int
+__NR_setresuid32 = 208 # Variable c_int
+MAC_program_auto = 256 # Variable c_int
+RSBAC_ACL_OLD_SPECIAL_RIGHT_BASE = 48 # Variable c_int
+FF_no_execute = 32 # Variable c_int
+__NR_get_kernel_syms = 130 # Variable c_int
+CAP_NET_ADMIN = 12 # Variable c_int
+RSBAC_NET_TEMP_LNET_ID = 100101 # Variable c_int
+__NR_rt_sigsuspend = 179 # Variable c_int
+ENOTNAM = 118 # Variable c_int
+__NR_signal = 48 # Variable c_int
+MAC_write_down = 32 # Variable c_int
+__SIZEOF_PTHREAD_COND_T = 48 # Variable c_int
+__NR_fchmodat = 306 # Variable c_int
+ENOTSOCK = 88 # Variable c_int
+__NR_getuid = 24 # Variable c_int
+RSBAC_NET_UNKNOWN = 0 # Variable c_int
+RC_role_max_value = 4294967264L # Variable c_uint
+FF_write_only = 8 # Variable c_int
+__NR_fcntl64 = 221 # Variable c_int
+__NR_clock_nanosleep = 267 # Variable c_int
+MAC_write_up = 8 # Variable c_int
+RC_type_inherit_parent = 4294967294L # Variable c_uint
+ECHILD = 10 # Variable c_int
+PF_PAX_RANDMMAP = 134217728 # Variable c_int
+__NR_io_setup = 245 # Variable c_int
+MAC_prop_trusted = 128 # Variable c_int
+RSBAC_EDECISIONMISMATCH = 1025 # Variable c_int
+__USE_XOPEN2K = 1 # Variable c_int
+RSBAC_UM_SHELL_LEN = 24 # Variable c_int
+__NR_chown32 = 212 # Variable c_int
+__NR_lremovexattr = 236 # Variable c_int
+RSBAC_PM_A_READ = 1 # Variable c_int
+ETIMEDOUT = 110 # Variable c_int
+__timespec_defined = 1 # Variable c_int
+RSBAC_AUDITOR_UID = 404 # Variable c_int
+RSBAC_ENOTINITIALIZED = 1010 # Variable c_int
+__NR__sysctl = 149 # Variable c_int
+__NR_getegid = 50 # Variable c_int
+__NR_timer_create = 259 # Variable c_int
+EALREADY = 114 # Variable c_int
+CAP_NET_RAW = 13 # Variable c_int
+__SIZEOF_PTHREAD_BARRIERATTR_T = 4 # Variable c_int
+__NR_rt_sigprocmask = 175 # Variable c_int
+EMFILE = 24 # Variable c_int
+__NR_getgid32 = 200 # Variable c_int
+RSBAC_ACL_SPECIAL_RIGHTS_VECTOR = 700000000000000L # Variable c_ulonglong
+ENOTEMPTY = 39 # Variable c_int
+RSBAC_ACL_DEFAULT_NETTEMP_MASK = 700000400188300L # Variable c_ulonglong
+__NR_io_submit = 248 # Variable c_int
+EDOM = 33 # Variable c_int
+RSBAC_OLD_ALL_USERS = 65532 # Variable c_int
+CAP_FS_MASK = 31 # Variable c_int
+RSBAC_NET_NR_INET_ADDR = 25 # Variable c_int
+ENFILE = 23 # Variable c_int
+EREMCHG = 78 # Variable c_int
+__NR_inotify_init = 291 # Variable c_int
+__USE_MISC = 1 # Variable c_int
+__NR_faccessat = 307 # Variable c_int
+__BIT_TYPES_DEFINED__ = 1 # Variable c_int
+__NR_splice = 313 # Variable c_int
+CAP_SYS_MODULE = 16 # Variable c_int
+RSBAC_MAC_P_FLAGS = 447 # Variable c_int
+ENOMEM = 12 # Variable c_int
+ENOSR = 63 # Variable c_int
+EOWNERDEAD = 130 # Variable c_int
+ELIBSCN = 81 # Variable c_int
+RSBAC_EWRITEFAILED = 1004 # Variable c_int
+RSBAC_UM_GROUP_LIST_KEY = 9847298 # Variable c_int
+__NR_lgetxattr = 230 # Variable c_int
+JAIL_allow_external_ipc = 1 # Variable c_int
+EBADSLT = 57 # Variable c_int
+CAP_LINUX_IMMUTABLE = 9 # Variable c_int
+RSBAC_AUTH_OWNER_F_CAP = 4294967293L # Variable c_uint
+RSBAC_PM_A_DELETE = 4 # Variable c_int
+__NR_close = 6 # Variable c_int
+_SYS_SYSMACROS_H = 1 # Variable c_int
+__NR_brk = 45 # Variable c_int
+RSBAC_EINVALIDTRANSACTION = 1031 # Variable c_int
+JAIL_allow_parent_ipc = 4096 # Variable c_int
+__NR_fadvise64_64 = 272 # Variable c_int
+__NR_lock = 53 # Variable c_int
+__NR_fsetxattr = 228 # Variable c_int
+__NR_rt_sigqueueinfo = 178 # Variable c_int
+JAIL_auto_adjust_inet_any = 16 # Variable c_int
+__NR_chmod = 15 # Variable c_int
+__NR_geteuid = 49 # Variable c_int
+__USE_POSIX199506 = 1 # Variable c_int
+__NR_fchownat = 298 # Variable c_int
+__NR_lookup_dcookie = 253 # Variable c_int
+RSBAC_MAC_GENERAL_CATEGORY = 0 # Variable c_int
+__NR_linkat = 303 # Variable c_int
+RSBAC_RC_SYSTEM_ADMIN_ROLE = 2 # Variable c_int
+EACCES = 13 # Variable c_int
+RSBAC_EMAX = 1032 # Variable c_int
+RSBAC_MAC_DEF_U_FLAGS = 0 # Variable c_int
+__NR_getsid = 147 # Variable c_int
+RSBAC_LIST_TA_MAX_PASSLEN = 36 # Variable c_int
+RSBAC_EEXISTS = 1019 # Variable c_int
+__NR_fadvise64 = 250 # Variable c_int
+EIO = 5 # Variable c_int
+RSBAC_NET_TEMP_KEY = 135639038 # Variable c_int
+__SIZEOF_PTHREAD_COND_COMPAT_T = 12 # Variable c_int
+__NR_sched_getaffinity = 242 # Variable c_int
+FF_execute_only = 2 # Variable c_int
+RC_type_use_new_role_def_create = 4294967291L # Variable c_uint
+_SYS_CDEFS_H = 1 # Variable c_int
+CAP_DAC_OVERRIDE = 1 # Variable c_int
+__NR_setxattr = 226 # Variable c_int
+__SIZEOF_PTHREAD_ATTR_T = 36 # Variable c_int
+ENOCSI = 50 # Variable c_int
+__NR_statfs64 = 268 # Variable c_int
+__NR_futex = 240 # Variable c_int
+__NR_tgkill = 270 # Variable c_int
+__NR_lchown32 = 198 # Variable c_int
+RSBAC_ACL_GROUP_NAMELEN = 16 # Variable c_int
+RSBAC_EINVALIDATTR = 1015 # Variable c_int
+ENODATA = 61 # Variable c_int
+__NR_gettimeofday = 78 # Variable c_int
+_BITS_TIME_H = 1 # Variable c_int
+CAP_SYS_NICE = 23 # Variable c_int
+RSBAC_UM_OLD_GROUP_LIST_NAME = 'um_g.' # Variable STRING
+__NR_iopl = 110 # Variable c_int
+ENOSTR = 60 # Variable c_int
+__NR_set_mempolicy = 276 # Variable c_int
+__NR_symlink = 83 # Variable c_int
+CAP_SYS_RESOURCE = 24 # Variable c_int
+E2BIG = 7 # Variable c_int
+__NR_clone = 120 # Variable c_int
+_TIME_H = 1 # Variable c_int
+CAP_IPC_LOCK = 14 # Variable c_int
+__NR_munmap = 91 # Variable c_int
+__NR_mkdir = 39 # Variable c_int
+ENXIO = 6 # Variable c_int
+__NR_futimesat = 299 # Variable c_int
+ESOCKTNOSUPPORT = 94 # Variable c_int
+__NR_query_module = 167 # Variable c_int
+EBADFD = 77 # Variable c_int
+__NR_nfsservctl = 169 # Variable c_int
+RSBAC_NET_ANY = 0 # Variable c_int
+_STRUCT_TIMEVAL = 1 # Variable c_int
+__NR_getuid32 = 199 # Variable c_int
+CAP_SETGID = 6 # Variable c_int
+RSBAC_NO_GROUP = 4294967293L # Variable c_uint
+__NR_munlock = 151 # Variable c_int
+ENOLCK = 37 # Variable c_int
+PF_PAX_MPROTECT = 67108864 # Variable c_int
+__NR_mlockall = 152 # Variable c_int
+RSBAC_NWF_REQUEST_VECTOR = 34085024 # Variable c_ulonglong
+RSBAC_VERSION_MINOR = 0 # Variable c_int
+__STDC_IEC_559__ = 1 # Variable c_int
+__NR_umount2 = 52 # Variable c_int
+_BITS_PTHREADTYPES_H = 1 # Variable c_int
+__FDSET_LONGS = 32 # Variable c_uint
+EEXIST = 17 # Variable c_int
+__NR_ssetmask = 69 # Variable c_int
+__NR_nice = 34 # Variable c_int
+__NR_umount = 22 # Variable c_int
+__NR_oldstat = 18 # Variable c_int
+EPROTO = 71 # Variable c_int
+__NR_ftruncate = 93 # Variable c_int
+_SYS_SELECT_H = 1 # Variable c_int
+__NR_ustat = 62 # Variable c_int
+__NR_lstat64 = 196 # Variable c_int
+ESRMNT = 69 # Variable c_int
+__NR_exit_group = 252 # Variable c_int
+PF_PAX_PAGEEXEC = 16777216 # Variable c_int
+RSBAC_TPMAN_UID = 402 # Variable c_int
+RSBAC_PM_A_WRITE_TO_FILE = 18 # Variable c_int
+RSBAC_READ_WRITE_OPEN_REQUEST_VECTOR = 2097152 # Variable c_ulonglong
+__NR_dup = 41 # Variable c_int
+RSBAC_AUTH_DAC_GROUP_F_CAP = 4294967292L # Variable c_uint
+__NR_sched_yield = 158 # Variable c_int
+__NR_ioprio_set = 289 # Variable c_int
+RSBAC_PM_ROOT_TASK_SET_ID = 4294967295L # Variable c_uint
+RSBAC_AUTH_DAC_OWNER_F_CAP = 4294967292L # Variable c_uint
+RSBAC_NWC_REQUEST_VECTOR = 384 # Variable c_ulonglong
+__NR_clock_gettime = 265 # Variable c_int
+RSBAC_VERSION_MID = 3 # Variable c_int
+__NR_setresgid32 = 210 # Variable c_int
+RSBAC_NET_TEMP_LAN_ID = 100102 # Variable c_int
+__NR_break = 17 # Variable c_int
+__clock_t_defined = 1 # Variable c_int
+__NR_putpmsg = 189 # Variable c_int
+ENOSPC = 28 # Variable c_int
+__NR_getpriority = 96 # Variable c_int
+EBADMSG = 74 # Variable c_int
+RSBAC_UM_OLD_USER_LIST_NAME = 'um_u.' # Variable STRING
+ELIBBAD = 80 # Variable c_int
+JAIL_allow_tty_open = 2048 # Variable c_int
+ESTALE = 116 # Variable c_int
+RSBAC_EINVALIDDEV = 1016 # Variable c_int
+RSBAC_EXECUTE_REQUEST_VECTOR = 1000000400 # Variable c_ulonglong
+__NR_setrlimit = 75 # Variable c_int
+RSBAC_RC_ROLE_ADMIN_ROLE = 1 # Variable c_int
+RSBAC_EINVALIDVALUE = 1018 # Variable c_int
+CLOCK_MONOTONIC = 1 # Variable c_int
+__NR_getresuid = 165 # Variable c_int
+RSBAC_ECOULDNOTADDDEVICE = 1012 # Variable c_int
+__NR_rmdir = 40 # Variable c_int
+__NR_tkill = 238 # Variable c_int
+ENOTRECOVERABLE = 131 # Variable c_int
+ENOBUFS = 105 # Variable c_int
+EDESTADDRREQ = 89 # Variable c_int
+__NR_chown = 182 # Variable c_int
+__NR_setfsuid32 = 215 # Variable c_int
+EINTR = 4 # Variable c_int
+EADV = 68 # Variable c_int
+__NR_quotactl = 131 # Variable c_int
+__NR_remap_file_pages = 257 # Variable c_int
+RSBAC_EINVALIDREQUEST = 1021 # Variable c_int
+ENOSYS = 38 # Variable c_int
+DAZ_clean = 2 # Variable c_int
+RSBAC_ECOULDNOTADDITEM = 1013 # Variable c_int
+RSBAC_SECURITY_REQUEST_VECTOR = 806387712 # Variable c_ulonglong
+__USE_BSD = 1 # Variable c_int
+RSBAC_SYSTEM_REQUEST_VECTOR = 208960001 # Variable c_ulonglong
+EUSERS = 87 # Variable c_int
+__NR_getrlimit = 76 # Variable c_int
+CLOCK_REALTIME = 0 # Variable c_int
+__NR_sched_setaffinity = 241 # Variable c_int
+CAP_SETUID = 7 # Variable c_int
+_SIGSET_H_types = 1 # Variable c_int
+RSBAC_VERSION_NR = 66304 # Variable c_int
+RSBAC_NET_MAX_PORT = 65535 # Variable c_int
+__NR_get_robust_list = 312 # Variable c_int
+RSBAC_NET_TEMP_OLD_VERSION = 1 # Variable c_int
+RSBAC_NET_TEMP_ALL_ID = 4294967295L # Variable c_uint
+RSBAC_MAC_F_FLAGS = 62 # Variable c_int
+_ERRNO_H = 1 # Variable c_int
+__SIZEOF_PTHREAD_MUTEX_T = 24 # Variable c_int
+__USE_UNIX98 = 1 # Variable c_int
+RSBAC_BIN_UID = 1 # Variable c_int
+__NR_timer_settime = 260 # Variable c_int
+SL_none = 255 # Variable c_int
+__NR_nanosleep = 162 # Variable c_int
+__NR_pwrite64 = 181 # Variable c_int
+__NR_umask = 60 # Variable c_int
+EPERM = 1 # Variable c_int
+RSBAC_RES_NONE = 11 # Variable c_int
+__NR_sigsuspend = 72 # Variable c_int
+RSBAC_JAIL_VERSION = 1 # Variable c_int
+EKEYREJECTED = 129 # Variable c_int
+__NR_acct = 51 # Variable c_int
+__NR_select = 82 # Variable c_int
+RSBAC_UM_GROUP_LIST_NAME = 'um_grp' # Variable STRING
+ENOTCONN = 107 # Variable c_int
+__NR_times = 43 # Variable c_int
+ENETUNREACH = 101 # Variable c_int
+RSBAC_ENOROOTDIR = 1006 # Variable c_int
+_ISOC99_SOURCE = 1 # Variable c_int
+RSBAC_MAC_MIN_CAT_VECTOR = 0 # Variable c_ulonglong
+JAIL_allow_mount = 16384 # Variable c_int
+RSBAC_EMUSTCHANGE = 1029 # Variable c_int
+__STDC_IEC_559_COMPLEX__ = 1 # Variable c_int
+ESPIPE = 29 # Variable c_int
+RSBAC_EBUSY = 1030 # Variable c_int
+__NR_dup2 = 63 # Variable c_int
+__NR_mq_getsetattr = 282 # Variable c_int
+RSBAC_FF_ROOT_DEF = 0 # Variable c_int
+__NR_request_key = 287 # Variable c_int
+RSBAC_NET_TEMP_VERSION = 2 # Variable c_int
+EMSGSIZE = 90 # Variable c_int
+__NR_bdflush = 134 # Variable c_int
+__NR_vm86 = 166 # Variable c_int
+CAP_SYS_CHROOT = 18 # Variable c_int
+__NR_read = 3 # Variable c_int
+RSBAC_UM_NR_GROUP_LISTS = 8 # Variable c_int
+EROFS = 30 # Variable c_int
+ECONNREFUSED = 111 # Variable c_int
+__NR_mmap = 90 # Variable c_int
+RSBAC_ACL_ROLE_EVERYROLE = 64 # Variable c_int
+__NR_alarm = 27 # Variable c_int
+RSBAC_RC_BOOT_ROLE = 999999 # Variable c_int
+__NR_getresuid32 = 209 # Variable c_int
+EOVERFLOW = 75 # Variable c_int
+ENETDOWN = 100 # Variable c_int
+ENOEXEC = 8 # Variable c_int
+RC_type_no_create = 4294967293L # Variable c_uint
+__NR_mq_timedreceive = 280 # Variable c_int
+EBADF = 9 # Variable c_int
+EBADE = 52 # Variable c_int
+RSBAC_EINVALIDTARGET = 1017 # Variable c_int
+RSBAC_NWE_REQUEST_VECTOR = 512 # Variable c_ulonglong
+RSBAC_AUTH_MAX_MAXNUM = 1000000 # Variable c_int
+RC_type_max_value = 4294967264L # Variable c_uint
+RSBAC_PM_A_WRITING = 30 # Variable c_int
+JAIL_allow_inet_localhost = 32 # Variable c_int
+RSBAC_UM_NAME_LEN = 16 # Variable c_int
+__NR_truncate64 = 193 # Variable c_int
+FF_no_mount = 512 # Variable c_int
+__SIZEOF_PTHREAD_RWLOCKATTR_T = 8 # Variable c_int
+EBADR = 53 # Variable c_int
+__NR_getrusage = 77 # Variable c_int
+EXDEV = 18 # Variable c_int
+_LARGEFILE64_SOURCE = 1 # Variable c_int
+__NR_ioperm = 101 # Variable c_int
+ENAVAIL = 119 # Variable c_int
+__NR_mknodat = 297 # Variable c_int
+RSBAC_AUTH_OLD_OWNER_F_CAP = 65533 # Variable c_ushort
+__NR_listxattr = 232 # Variable c_int
+RSBAC_EPATHTOOLONG = 1007 # Variable c_int
+__NR_getitimer = 105 # Variable c_int
+_SIGSET_NWORDS = 32 # Variable c_uint
+RSBAC_UM_NR_USER_LISTS = 8 # Variable c_int
+__NR_mbind = 274 # Variable c_int
+CAP_SYS_PTRACE = 19 # Variable c_int
+__NR_fchown32 = 207 # Variable c_int
+CAP_KILL = 5 # Variable c_int
+__NR_setreuid = 70 # Variable c_int
+DAZ_max = 2 # Variable c_int
+RSBAC_MAXNAMELEN = 256 # Variable c_int
+ENOTBLK = 15 # Variable c_int
+RSBAC_UM_NR_USER_PWHISTORY_LISTS = 8 # Variable c_int
+__NR_ptrace = 26 # Variable c_int
+__NR_setgroups32 = 206 # Variable c_int
+RSBAC_NET_TEMP_AUTO_ID = 100105 # Variable c_int
+__NR_fchmod = 94 # Variable c_int
+__NR_getpgid = 132 # Variable c_int
+EL2HLT = 51 # Variable c_int
+RSBAC_EINTERNONLY = 1020 # Variable c_int
+__NR_setgid = 46 # Variable c_int
+__kernel_ino_t = c_ulong
+__kernel_mode_t = c_ushort
+__kernel_nlink_t = c_ushort
+__kernel_off_t = c_long
+__kernel_pid_t = c_int
+__kernel_ipc_pid_t = c_ushort
+__kernel_uid_t = c_ushort
+__kernel_gid_t = c_ushort
+__kernel_size_t = c_uint
+__kernel_ssize_t = c_int
+__kernel_ptrdiff_t = c_int
+__kernel_time_t = c_long
+__kernel_suseconds_t = c_long
+__kernel_clock_t = c_long
+__kernel_timer_t = c_int
+__kernel_clockid_t = c_int
+__kernel_daddr_t = c_int
+__kernel_caddr_t = STRING
+__kernel_uid16_t = c_ushort
+__kernel_gid16_t = c_ushort
+__kernel_uid32_t = c_uint
+__kernel_gid32_t = c_uint
+__kernel_old_uid_t = c_ushort
+__kernel_old_gid_t = c_ushort
+__kernel_old_dev_t = c_ushort
+__kernel_loff_t = c_longlong
+class __kernel_fsid_t(Structure):
+ pass
+__kernel_fsid_t._fields_ = [
+ ('__val', c_int * 2),
+]
+assert sizeof(__kernel_fsid_t) == 8, sizeof(__kernel_fsid_t)
+assert alignment(__kernel_fsid_t) == 4, alignment(__kernel_fsid_t)
+umode_t = c_ushort
+__s8 = c_byte
+__s16 = c_short
+__s64 = c_longlong
+pthread_t = c_ulong
+class pthread_attr_t(Union):
+ pass
+pthread_attr_t._fields_ = [
+ ('__size', c_char * 36),
+ ('__align', c_long),
+]
+assert sizeof(pthread_attr_t) == 36, sizeof(pthread_attr_t)
+assert alignment(pthread_attr_t) == 4, alignment(pthread_attr_t)
+class __pthread_internal_slist(Structure):
+ pass
+__pthread_internal_slist._fields_ = [
+ ('__next', POINTER(__pthread_internal_slist)),
+]
+assert sizeof(__pthread_internal_slist) == 4, sizeof(__pthread_internal_slist)
+assert alignment(__pthread_internal_slist) == 4, alignment(__pthread_internal_slist)
+__pthread_slist_t = __pthread_internal_slist
+class __pthread_mutex_s(Structure):
+ pass
+class N15pthread_mutex_t17__pthread_mutex_s3DOT_5E(Union):
+ pass
+N15pthread_mutex_t17__pthread_mutex_s3DOT_5E._fields_ = [
+ ('__spins', c_int),
+ ('__list', __pthread_slist_t),
+]
+assert sizeof(N15pthread_mutex_t17__pthread_mutex_s3DOT_5E) == 4, sizeof(N15pthread_mutex_t17__pthread_mutex_s3DOT_5E)
+assert alignment(N15pthread_mutex_t17__pthread_mutex_s3DOT_5E) == 4, alignment(N15pthread_mutex_t17__pthread_mutex_s3DOT_5E)
+__pthread_mutex_s._anonymous_ = ['_0']
+__pthread_mutex_s._fields_ = [
+ ('__lock', c_int),
+ ('__count', c_uint),
+ ('__owner', c_int),
+ ('__kind', c_int),
+ ('__nusers', c_uint),
+ ('_0', N15pthread_mutex_t17__pthread_mutex_s3DOT_5E),
+]
+assert sizeof(__pthread_mutex_s) == 24, sizeof(__pthread_mutex_s)
+assert alignment(__pthread_mutex_s) == 4, alignment(__pthread_mutex_s)
+class pthread_mutex_t(Union):
+ pass
+pthread_mutex_t._fields_ = [
+ ('__data', __pthread_mutex_s),
+ ('__size', c_char * 24),
+ ('__align', c_long),
+]
+assert sizeof(pthread_mutex_t) == 24, sizeof(pthread_mutex_t)
+assert alignment(pthread_mutex_t) == 4, alignment(pthread_mutex_t)
+class pthread_mutexattr_t(Union):
+ pass
+pthread_mutexattr_t._fields_ = [
+ ('__size', c_char * 4),
+ ('__align', c_long),
+]
+assert sizeof(pthread_mutexattr_t) == 4, sizeof(pthread_mutexattr_t)
+assert alignment(pthread_mutexattr_t) == 4, alignment(pthread_mutexattr_t)
+class N14pthread_cond_t3DOT_8E(Structure):
+ pass
+N14pthread_cond_t3DOT_8E._pack_ = 4
+N14pthread_cond_t3DOT_8E._fields_ = [
+ ('__lock', c_int),
+ ('__futex', c_uint),
+ ('__total_seq', c_ulonglong),
+ ('__wakeup_seq', c_ulonglong),
+ ('__woken_seq', c_ulonglong),
+ ('__mutex', c_void_p),
+ ('__nwaiters', c_uint),
+ ('__broadcast_seq', c_uint),
+]
+assert sizeof(N14pthread_cond_t3DOT_8E) == 44, sizeof(N14pthread_cond_t3DOT_8E)
+assert alignment(N14pthread_cond_t3DOT_8E) == 4, alignment(N14pthread_cond_t3DOT_8E)
+class pthread_cond_t(Union):
+ pass
+pthread_cond_t._pack_ = 4
+pthread_cond_t._fields_ = [
+ ('__data', N14pthread_cond_t3DOT_8E),
+ ('__size', c_char * 48),
+ ('__align', c_longlong),
+]
+assert sizeof(pthread_cond_t) == 48, sizeof(pthread_cond_t)
+assert alignment(pthread_cond_t) == 4, alignment(pthread_cond_t)
+class pthread_condattr_t(Union):
+ pass
+pthread_condattr_t._fields_ = [
+ ('__size', c_char * 4),
+ ('__align', c_long),
+]
+assert sizeof(pthread_condattr_t) == 4, sizeof(pthread_condattr_t)
+assert alignment(pthread_condattr_t) == 4, alignment(pthread_condattr_t)
+pthread_key_t = c_uint
+pthread_once_t = c_int
+class N16pthread_rwlock_t4DOT_11E(Structure):
+ pass
+N16pthread_rwlock_t4DOT_11E._fields_ = [
+ ('__lock', c_int),
+ ('__nr_readers', c_uint),
+ ('__readers_wakeup', c_uint),
+ ('__writer_wakeup', c_uint),
+ ('__nr_readers_queued', c_uint),
+ ('__nr_writers_queued', c_uint),
+ ('__flags', c_uint),
+ ('__writer', c_int),
+]
+assert sizeof(N16pthread_rwlock_t4DOT_11E) == 32, sizeof(N16pthread_rwlock_t4DOT_11E)
+assert alignment(N16pthread_rwlock_t4DOT_11E) == 4, alignment(N16pthread_rwlock_t4DOT_11E)
+class pthread_rwlock_t(Union):
+ pass
+pthread_rwlock_t._fields_ = [
+ ('__data', N16pthread_rwlock_t4DOT_11E),
+ ('__size', c_char * 32),
+ ('__align', c_long),
+]
+assert sizeof(pthread_rwlock_t) == 32, sizeof(pthread_rwlock_t)
+assert alignment(pthread_rwlock_t) == 4, alignment(pthread_rwlock_t)
+class pthread_rwlockattr_t(Union):
+ pass
+pthread_rwlockattr_t._fields_ = [
+ ('__size', c_char * 8),
+ ('__align', c_long),
+]
+assert sizeof(pthread_rwlockattr_t) == 8, sizeof(pthread_rwlockattr_t)
+assert alignment(pthread_rwlockattr_t) == 4, alignment(pthread_rwlockattr_t)
+pthread_spinlock_t = c_int
+class pthread_barrier_t(Union):
+ pass
+pthread_barrier_t._fields_ = [
+ ('__size', c_char * 20),
+ ('__align', c_long),
+]
+assert sizeof(pthread_barrier_t) == 20, sizeof(pthread_barrier_t)
+assert alignment(pthread_barrier_t) == 4, alignment(pthread_barrier_t)
+class pthread_barrierattr_t(Union):
+ pass
+pthread_barrierattr_t._fields_ = [
+ ('__size', c_char * 4),
+ ('__align', c_int),
+]
+assert sizeof(pthread_barrierattr_t) == 4, sizeof(pthread_barrierattr_t)
+assert alignment(pthread_barrierattr_t) == 4, alignment(pthread_barrierattr_t)
+__sig_atomic_t = c_int
+class __sigset_t(Structure):
+ pass
+__sigset_t._fields_ = [
+ ('__val', c_ulong * 32),
+]
+assert sizeof(__sigset_t) == 128, sizeof(__sigset_t)
+assert alignment(__sigset_t) == 4, alignment(__sigset_t)
+class timeval(Structure):
+ pass
+__time_t = c_long
+__suseconds_t = c_long
+timeval._fields_ = [
+ ('tv_sec', __time_t),
+ ('tv_usec', __suseconds_t),
+]
+assert sizeof(timeval) == 8, sizeof(timeval)
+assert alignment(timeval) == 4, alignment(timeval)
+__int8_t = c_byte
+__uint8_t = c_ubyte
+__int16_t = c_short
+__uint16_t = c_ushort
+__int32_t = c_int
+__uint32_t = c_uint
+__int64_t = c_longlong
+__uint64_t = c_ulonglong
+__dev_t = __u_quad_t
+__uid_t = c_uint
+__gid_t = c_uint
+__ino_t = c_ulong
+__ino64_t = __u_quad_t
+__mode_t = c_uint
+__nlink_t = c_uint
+__off_t = c_long
+__off64_t = __quad_t
+__pid_t = c_int
+class __fsid_t(Structure):
+ pass
+__fsid_t._fields_ = [
+ ('__val', c_int * 2),
+]
+assert sizeof(__fsid_t) == 8, sizeof(__fsid_t)
+assert alignment(__fsid_t) == 4, alignment(__fsid_t)
+__clock_t = c_long
+__rlim_t = c_ulong
+__rlim64_t = __u_quad_t
+__id_t = c_uint
+__useconds_t = c_uint
+__daddr_t = c_int
+__swblk_t = c_long
+__key_t = c_int
+__clockid_t = c_int
+__timer_t = c_void_p
+__blksize_t = c_long
+__blkcnt_t = c_long
+__blkcnt64_t = __quad_t
+__fsblkcnt_t = c_ulong
+__fsblkcnt64_t = __u_quad_t
+__fsfilcnt_t = c_ulong
+__fsfilcnt64_t = __u_quad_t
+__ssize_t = c_int
+__loff_t = __off64_t
+__qaddr_t = POINTER(__quad_t)
+__caddr_t = STRING
+__intptr_t = c_int
+__socklen_t = c_uint
+error_t = c_int
+class __user_cap_header_struct(Structure):
+ pass
+__user_cap_header_struct._fields_ = [
+ ('version', __u32),
+ ('pid', c_int),
+]
+assert sizeof(__user_cap_header_struct) == 8, sizeof(__user_cap_header_struct)
+assert alignment(__user_cap_header_struct) == 4, alignment(__user_cap_header_struct)
+cap_user_header_t = POINTER(__user_cap_header_struct)
+class __user_cap_data_struct(Structure):
+ pass
+__user_cap_data_struct._fields_ = [
+ ('effective', __u32),
+ ('permitted', __u32),
+ ('inheritable', __u32),
+]
+assert sizeof(__user_cap_data_struct) == 12, sizeof(__user_cap_data_struct)
+assert alignment(__user_cap_data_struct) == 4, alignment(__user_cap_data_struct)
+cap_user_data_t = POINTER(__user_cap_data_struct)
+class __kernel_fd_set(Structure):
+ pass
+__kernel_fd_set._fields_ = [
+ ('fds_bits', c_ulong * 32),
+]
+assert sizeof(__kernel_fd_set) == 128, sizeof(__kernel_fd_set)
+assert alignment(__kernel_fd_set) == 4, alignment(__kernel_fd_set)
+__kernel_sighandler_t = CFUNCTYPE(None, c_int)
+__kernel_key_t = c_int
+__kernel_mqd_t = c_int
+__le16 = __u16
+__be16 = __u16
+__le32 = __u32
+__be32 = __u32
+__le64 = __u64
+__be64 = __u64
+sigset_t = __sigset_t
+__fd_mask = c_long
+class fd_set(Structure):
+ pass
+fd_set._fields_ = [
+ ('fds_bits', __fd_mask * 32),
+]
+assert sizeof(fd_set) == 128, sizeof(fd_set)
+assert alignment(fd_set) == 4, alignment(fd_set)
+fd_mask = __fd_mask
+quad_t = __quad_t
+u_quad_t = __u_quad_t
+fsid_t = __fsid_t
+loff_t = __loff_t
+ino_t = __ino_t
+ino64_t = __ino64_t
+dev_t = __dev_t
+gid_t = __gid_t
+mode_t = __mode_t
+nlink_t = __nlink_t
+uid_t = __uid_t
+off_t = __off_t
+off64_t = __off64_t
+pid_t = __pid_t
+id_t = __id_t
+ssize_t = __ssize_t
+daddr_t = __daddr_t
+caddr_t = __caddr_t
+key_t = __key_t
+useconds_t = __useconds_t
+suseconds_t = __suseconds_t
+ulong = c_ulong
+ushort = c_ushort
+uint = c_uint
+int8_t = c_byte
+int16_t = c_short
+int32_t = c_int
+int64_t = c_longlong
+u_int8_t = c_ubyte
+u_int16_t = c_ushort
+u_int32_t = c_uint
+u_int64_t = c_ulonglong
+register_t = c_int
+blksize_t = __blksize_t
+blkcnt_t = __blkcnt_t
+fsblkcnt_t = __fsblkcnt_t
+fsfilcnt_t = __fsfilcnt_t
+blkcnt64_t = __blkcnt64_t
+fsblkcnt64_t = __fsblkcnt64_t
+fsfilcnt64_t = __fsfilcnt64_t
+clock_t = __clock_t
+time_t = __time_t
+clockid_t = __clockid_t
+timer_t = __timer_t
+class timespec(Structure):
+ pass
+timespec._fields_ = [
+ ('tv_sec', __time_t),
+ ('tv_nsec', c_long),
+]
+assert sizeof(timespec) == 8, sizeof(timespec)
+assert alignment(timespec) == 4, alignment(timespec)
+class tm(Structure):
+ pass
+tm._fields_ = [
+ ('tm_sec', c_int),
+ ('tm_min', c_int),
+ ('tm_hour', c_int),
+ ('tm_mday', c_int),
+ ('tm_mon', c_int),
+ ('tm_year', c_int),
+ ('tm_wday', c_int),
+ ('tm_yday', c_int),
+ ('tm_isdst', c_int),
+ ('tm_gmtoff', c_long),
+ ('tm_zone', STRING),
+]
+assert sizeof(tm) == 44, sizeof(tm)
+assert alignment(tm) == 4, alignment(tm)
+class itimerspec(Structure):
+ pass
+itimerspec._fields_ = [
+ ('it_interval', timespec),
+ ('it_value', timespec),
+]
+assert sizeof(itimerspec) == 16, sizeof(itimerspec)
+assert alignment(itimerspec) == 4, alignment(itimerspec)
+class sigevent(Structure):
+ pass
+sigevent._fields_ = [
+]
+class __locale_struct(Structure):
+ pass
+class locale_data(Structure):
+ pass
+__locale_struct._fields_ = [
+ ('__locales', POINTER(locale_data) * 13),
+ ('__ctype_b', POINTER(c_ushort)),
+ ('__ctype_tolower', POINTER(c_int)),
+ ('__ctype_toupper', POINTER(c_int)),
+ ('__names', STRING * 13),
+]
+assert sizeof(__locale_struct) == 116, sizeof(__locale_struct)
+assert alignment(__locale_struct) == 4, alignment(__locale_struct)
+locale_data._fields_ = [
+]
+__locale_t = POINTER(__locale_struct)
+size_t = c_uint
+__all__ = ['rsbac_rc_special_rights_t', 'ACLC_remove_user',
+ 'rsbac_acl_remove_group_arg_t', 'RSBAC_EWEAKPASSWORD',
+ '__OFF64_T_TYPE', '__off64_t', 'ETXTBSY',
+ 'RSBAC_RC_DEFAULT_RIGHTS_VECTOR', 'rsbac_request_vector_t',
+ 'EL3HLT', 'RSBAC_PAX_ALL_FLAGS', 'RSBAC_TPMAN_UID',
+ 'ACLC_remove_from_acl_entry', 'A_max_read_categories',
+ 'EFBIG', 'RSBAC_EACCESS', '__NR_epoll_wait', '__NR_sync',
+ 'ENOLINK', 'rsbac_mac_file_flags_t', 'RSYS_um_remove_user',
+ '__NFDBITS', 'RI_type_nettemp_name', 'AMS_last_auth_only',
+ 'RSBAC_AUTH_MAX_RANGE_UID', 'umode_t', 'rsbac_log_array_t',
+ 'A_log_user_based', '__NR_rt_sigtimedwait',
+ 'pthread_once_t', 'NTS_get_netdev', '__NR_setfsuid',
+ 'I_mqueue', '__NR_swapoff', 'RSBAC_NET_MAX_ADDRESS_LEN',
+ 'cap_user_header_t', '__NR_readahead', '__NR_stat64',
+ '__NR_getcwd', 'u_int32_t', 'RSBAC_ALL_USERS',
+ 'RSBAC_EMALWAREDETECTED', '__NR_getgid',
+ 'rsys_rc_change_role_t', '__NR_fsync', 'rsys_init_t',
+ 'RI_boot_role', 'RI_type_ipc_name',
+ 'RSYS_acl_list_all_group', 'A_local_log_array_low',
+ 'RI_def_ipc_create_type', 'rsbac_pm_task_id_t',
+ 'A_daz_role', 'E2BIG', 'EHOSTDOWN', 'SL_max',
+ '__NR_setitimer', 'rsbac_pm_tkt_function_param_t',
+ '__NR_restart_syscall', 'EBUSY',
+ 'PTF_delete_authorized_tp', 'rsbac_pm_delete_na_t',
+ 'A_pm_role', 'RSBAC_NO_USER', '__NR_unlinkat', 'ENOSTR',
+ 'SW_JAIL', 'RSYS_get_attr', 'A_remote_mac_categories',
+ 'RSBAC_ACL_SYSADM_RIGHTS_VECTOR',
+ 'rsbac_pm_delete_responsible_user_t', 'PL_none',
+ 'CAP_IPC_OWNER', 'FF_read_only', 'RSYS_list_all_ipc',
+ '__NR_get_kernel_syms', '__NR_linkat', 'EDQUOT',
+ 'SL_old_none', '__NR_sethostname', '__NR_sync_file_range',
+ 'PL_pp', '__kernel_loff_t', 'RSYS_um_get_gm_list',
+ 'rsbac_net_temp_inet_addr_t', 'UM_ttl', 'EXFULL', 'T_USER',
+ 'T_SCD', 'off_t', 'NTS_none', 'RI_none',
+ 'rsys_mac_set_curr_level_t', 'RCR_ASSIGN', '__fsblkcnt_t',
+ 'RSBAC_PM_A_APPEND', '__NR_flistxattr', '__NR_chroot',
+ 'ACLGS_list_groups', 'LL_full', 'EIO',
+ 'rsbac_pm_set_object_class_t',
+ 'rsbac_pm_set_auth_may_set_cap_t', '_XOPEN_SOURCE',
+ 'A_symlink_add_rc_role', 'rsbac_rc_role_vector_t', '__s64',
+ '__NR_inotify_add_watch', '__GLIBC__',
+ 'pthread_rwlockattr_t', '__NR_setfsgid32',
+ 'rsbac_acl_syscall_arg_t', 'DAZ_infected',
+ 'CAP_AUDIT_WRITE', 'D_block', 'PH_none', '_XLOCALE_H',
+ 'R_NONE', '__NR_sgetmask', '__kernel_pid_t',
+ 'R_CHANGE_DAC_EFF_OWNER', 'ST_kmem', 'A_res_min', 'ENOTTY',
+ 'pthread_mutexattr_t', 'ACT_fs', '__NR_signal', 'TRUE',
+ '__NR_clock_nanosleep', '__cast__', 'rsbac_rc_target_id_t',
+ 'blkcnt_t', 'R_WRITE_OPEN', 'RSBAC_MAC_MAX_CAT',
+ 'rsbac_acl_syscall_type_t', 'ECANCELED',
+ 'RC_type_inherit_process', 'u_char', 'ACLGS_add_member',
+ 'PF_set_auth_may_set_cap', 'uid_t', 'u_int64_t',
+ 'u_int16_t', 'PF_PAX_EMUTRAMP', 'RSYS_stats',
+ '__NR_lchown', 'rsbac_pm_switch_pm_t', 'NTS_copy_template',
+ 'ACLC_set_acl_entry', '__be64', 'A_fake_root_uid',
+ '__NR_epoll_create', '__NR_utime',
+ 'RSBAC_RC_GEN_RIGHTS_VECTOR', 'sigevent',
+ 'ACLR_ACCESS_CONTROL', '__NR_mq_timedreceive', 'R_CONNECT',
+ 'AMS_none', 'rsbac_pm_process_type_t',
+ 'RSBAC_PM_IPC_OBJECT_CLASS_ID', '__INO64_T_TYPE',
+ 'RSBAC_AUTH_LOGIN_PATH_DIR', 'ACLC_none',
+ 'RSBAC_UM_USER_PWHISTORY_LIST_NAME', 'PTF_switch_auth',
+ 'R_TERMINATE', 'ELOOP', 'rsbac_dev_type_t', 'RSBAC_ENOMEM',
+ 'rsys_check_t', 'PTF_add_task', 'A_mac_user_flags',
+ '__NR_clock_getres', 'ST_ksyms', '__NR_unshare',
+ 'MAC_allow_auto', '__rlim64_t', 'ino_t', 'CAP_SYS_TIME',
+ '__kernel_daddr_t', '__NR_fchdir', '__NR_access',
+ '__NR_sched_getparam', 'rsys_um_remove_group_t',
+ 'RC_type_use_fd', '__blksize_t', '__NR_fcntl',
+ '__USE_ANSI', 'fsblkcnt_t', 'rsys_um_get_group_list_t',
+ 'RSBAC_ADF_REQUEST_ARRAY_VERSION', 'CAP_NET_BIND_SERVICE',
+ 'A_pm_process_type', 'rsbac_cwi_relation_id_t',
+ 'SL_unclassified', 'ino64_t', 'RCR_MODIFY_AUTH', 'EISNAM',
+ 'EDOM', '__NR_break', '__NR_setreuid32', 'A_mac_auto',
+ 'ST_sysctl', '__STDC_ISO_10646__', 'rsys_um_get_uid_t',
+ 'JAIL_allow_dev_read', 'FALSE', 'rsbac_scd_vector_t',
+ '__s16', '__NR_getegid32', 'NTS_new_template',
+ 'rsys_um_user_exists_t', 'SL_secret',
+ '__NR_sched_rr_get_interval', '_BITS_TYPES_H', 'GRANTED',
+ 'rsys_acl_t', '__kernel_ptrdiff_t', 'EILSEQ', 'PDP_ENDIAN',
+ '__NR_setdomainname', '__rlim_t', '__FLOAT_WORD_ORDER',
+ 'RSBAC_AUDITOR_UID', 'ENONET', '__kernel_off_t', 'ECHRNG',
+ '__NR_set_tid_address', 'RSYS_um_get_uid', 'FR_off',
+ 'A_jail_scd_get', '__SIZEOF_PTHREAD_RWLOCK_T', 'ESRCH',
+ 'RI_remove_role', '__NR_getdents', 'rsys_um_remove_user_t',
+ 'RSYS_acl_n', 'RSBAC_NET_TEMP_AUTO_ADDRESS',
+ 'RSYS_um_get_next_user', 'JAIL_allow_dev_mod_system',
+ 'RSBAC_ACL_ACMAN_RIGHTS_VECTOR', 'PL_tp',
+ 'RSYS_rc_copy_type', 'suseconds_t', '__key_t',
+ 'JAIL_allow_suid_files', 'ENOMSG', 'EISDIR', 'rsbac_gid_t',
+ '__GNU_LIBRARY__', '_BITS_TYPESIZES_H', '__NR_munlockall',
+ 'RI_type_user_remove', 'R_LISTEN', 'PA_ru_set', '__NR_tee',
+ '__NR_stime', '__NR_kill', 'PF_add_object_class',
+ '__kernel_mode_t', 'T_FILE', 'EBADRQC',
+ 'RC_default_root_dir_initial_role',
+ 'rsbac_rc_request_vector_t', '__NR_vhangup',
+ 'RSBAC_EREADFAILED', 'EMEDIUMTYPE',
+ 'rsys_list_all_group_t', 'RI_type_process_remove',
+ 'D_none', 'rsys_log_t', 'RSYS_acl_get_tlist', '__timer_t',
+ 'RSBAC_RC_GENERAL_ROLE', '__NR_gtty', '__NR_delete_module',
+ 'A_auth_role', 'RSBAC_ACL_OLD_SPECIAL_RIGHT_BASE',
+ 'CAP_NET_ADMIN', 'ENOTNAM', 'MAC_write_down',
+ '__NR_setuid', '__NR_fchmodat', 'PH_full',
+ 'rsbac_ta_number_t', 'RC_role_max_value',
+ '__NR_ioprio_get', 'rsys_list_ta_commit_t',
+ 'PF_add_authorized_task', 'A_symlink_add_uid',
+ 'RC_default_initial_role', 'PH_off', '__u16',
+ '__FD_SETSIZE', 'rsbac_pm_delete_consent_t',
+ 'RSBAC_PM_A_READ', 'A_local_rc_type', '__NR_waitpid',
+ '__NR__sysctl', '__NR_getegid', 'RSYS_list_ta_commit',
+ 'rsys_acl_get_mask_t', 'A_jail_role', 'CAP_NET_RAW',
+ '__NR_rt_sigprocmask', 'EMFILE', 'int32_t', 'off64_t',
+ 'RSBAC_ACL_DEFAULT_NETTEMP_MASK', '__NR_exit_group',
+ 'ACT_real', 'RSBAC_OLD_ALL_USERS', 'ST_rsbac_remote_log',
+ 'rsys_rc_get_current_role_t', 'A_ff_flags', 'UM_name',
+ 'rsbac_pm_set_device_object_type_t', 'rsbac_res_limit_t',
+ 'A_rc_type_fd', 'A_mac_check', '__NR_mbind',
+ 'A_auth_may_set_cap', 'A_local_log_array_high',
+ '__NR_sched_getscheduler', 'rsbac_mac_category_vector_t',
+ '__suseconds_t', 'PTF_set_device_object_type',
+ 'rsbac_pm_tkt_function_type_t', 'PTF_delete_purpose',
+ '__NR_geteuid', 'ACLGS_remove_group',
+ 'rsbac_pm_delete_object_class_t',
+ 'rsbac_cap_process_hiding_int_t', 'RSYS_mac_add_p_tru',
+ 'LD_deny', 'rsys_um_get_gm_list_t', 'A_mac_prop_trusted',
+ 'RSYS_list_all_user', 'FF_execute_only', 'u_short',
+ 'A_cap_process_hiding', '__NR_sched_getaffinity',
+ 'ACLR_SUPERVISOR', 'RI_type_netdev_remove',
+ 'RSYS_rc_get_item', '__SIZEOF_PTHREAD_ATTR_T', 'MAC_auto',
+ 'pthread_mutex_t', 'RSYS_version', '__NR_clone',
+ '__NR_sigaction', 'pthread_condattr_t', 'I_msg',
+ '__NR_query_module', '__fsid_t', '__NR_nfsservctl',
+ '__uint32_t', 'RSBAC_NET_ANY', 'rsbac_old_uid_t',
+ 'ST_network', 'CAP_SETGID', 'PTF_set_role',
+ 'RSBAC_NO_GROUP', 'R_CLONE', 'A_jail_scd_modify', 'loff_t',
+ 'rsbac_ipc_type_t', 'blksize_t', '__kernel_time_t',
+ 'rsys_acl_list_all_user_t', 'RI_admin_roles',
+ 'rsys_um_get_user_list_t', '__NR_umount2', 'dev_t',
+ '__NR_ssetmask', '__NR_ustat', 'PP_none', 'MA_yes',
+ 'A_local_pm_ipc_purpose', '_ISOC99_SOURCE', '__NR_dup',
+ 'R_CHDIR', 'R_UMOUNT', 'ESRMNT', 'RSYS_um_set_pass_name',
+ '__kernel_caddr_t', 'rsys_acl_n_t', 'RI_type_user_name',
+ 'rsbac_adf_req_ret_t', '__id_t', 'RSBAC_FF_DEF',
+ 'rsbac_mac_file_t', 'RSBAC_EINTERNONLY',
+ 'RSYS_um_get_user_list', 'ESTALE', '__kernel_clock_t',
+ '__timer_t_defined', 'rsbac_acl_syscall_n_arg_t',
+ '__NR_rmdir', '__NR_tkill', 'FD_ISSET', '__NR_chown',
+ 'RSBAC_ECOULDNOTADDITEM', 'RI_def_process_chown_type',
+ 'LL_invalid', '__kernel_old_uid_t', 'NTS_set_ports',
+ 'RSBAC_SYSTEM_REQUEST_VECTOR', '_SIGSET_H_types',
+ 'RSBAC_VERSION_NR', 'rsys_mac_get_max_level_t',
+ '__kernel_ssize_t', '__kernel_suseconds_t',
+ 'RSYS_mac_add_f_tru', 'RSBAC_MAC_F_FLAGS', '__NR_mincore',
+ 'RSBAC_NWC_REQUEST_VECTOR', 'rsbac_security_level_t',
+ 'SW_DAC_DISABLE', 'SL_none', '__NR_read', 'FR_both',
+ 'I_anonpipe', 'ST_rsbac_log', 'EKEYREJECTED',
+ '__NR_setresgid32', 'ENOTCONN', 'PTF_add_na',
+ 'ENETUNREACH', 'rsys_auth_add_p_cap_t',
+ 'rsbac_cap_process_hiding_t', 'RI_type_fd_name',
+ 'LL_request', '__kernel_old_gid_t', 'RSBAC_FF_ROOT_DEF',
+ 'RSYS_set_attr', 'RSBAC_NET_TEMP_VERSION', '_ENDIAN_H',
+ 'CAP_SYS_CHROOT', 'A_pm_ipc_purpose',
+ 'RSYS_um_group_exists', '__NR_timer_create',
+ 'rsys_auth_get_p_caplist_t', '__NR_mmap',
+ 'rsbac_pm_add_object_class_t',
+ 'RI_def_unixsock_create_type', '__NR_fchownat',
+ 'RSYS_auth_get_p_caplist', 'BYTE_ORDER', 'NTS_get_type',
+ 'RSBAC_NWE_REQUEST_VECTOR', 'ACT_eff', 'RC_type_max_value',
+ 'RSBAC_PM_A_WRITING', '__quad_t', 'rsbac_nanotime_t',
+ '__SIZEOF_PTHREAD_RWLOCKATTR_T', '__u_quad_t', '__u_short',
+ '__NR_sendfile', 'rsys_auth_remove_f_cap_t',
+ '_LARGEFILE64_SOURCE', 'D_char_major',
+ 'rsbac_pm_object_type_t', 'A_remote_log_array_high',
+ 'RSYS_auth_remove_p_cap', 'PA_pp_set', 'useconds_t',
+ '__bos0', 'PF_delete_task', 'ENOTBLK',
+ 'rsys_remove_target_n_t', 'rsys_mac_add_p_tru_t',
+ 'PA_task', '__NR_fchmod', 'NFDBITS', 'A_pax_flags',
+ 'ENOPKG', '__NR_mq_open', 'rsbac_net_description_t',
+ '__NR_getgid32', 'rsys_net_template_t',
+ 'RSBAC_JAIL_LOCALHOST', 'PF_delete_object_class', '__s8',
+ 'RSYS_net_list_all_netdev', 'rsys_um_get_gid_t',
+ 'RSBAC_EXECUTE_REQUEST_VECTOR', '__NR_mount',
+ '__NR_vserver', 'rsbac_jail_id_t',
+ 'PF_add_responsible_user', '__NR_keyctl', 'R_RECEIVE',
+ 'NTS_set_address', '__time_t', 'RSBAC_ENOROOTDEV',
+ '__GLIBC_PREREQ', 'RSYS_mac_get_p_trulist',
+ 'CAP_NET_BROADCAST', 'RSBAC_UM_PASS_LEN',
+ 'pthread_rwlock_t', 'fsfilcnt_t', 'RSYS_jail',
+ 'PF_create_tp', 'JAIL_allow_dev_write', 'LD_keep',
+ 'rsys_um_auth_uid_t', '__NR_pipe', 'ELNRNG', '__NR_unlink',
+ 'RSYS_um_remove_group', 'ERESTART',
+ 'RSBAC_ACL_GROUP_EVERYONE', 'PA_task_set',
+ 'rsbac_pm_object_class_id_t', '__NR_fremovexattr',
+ 'UM_homedir', 'ENOPROTOOPT', '__NR_geteuid32', 'T_PROCESS',
+ '__attribute_format_strfmon__', 'RC_default_force_role',
+ 'CAP_SYS_RAWIO', '__NR_setfsgid', '__NR_poll', 'A_pm_tp',
+ 'PR_data_protection_officer', '__u_long', 'RCR_NONE',
+ '__NR_ioctl', 'A_max_read_open', 'NTS_get_name',
+ 'CLOCK_THREAD_CPUTIME_ID', 'RI_type_scd_name',
+ '__kernel_sighandler_t',
+ 'rsbac_pm_delete_authorized_task_t', '__NR_ftruncate64',
+ '_LARGEFILE_SOURCE', '__NR_timer_gettime', '__NR_fstat64',
+ 'JAIL_allow_all_net_family', 'rsbac_pm_delete_tp_t',
+ '__off_t', 'u_quad_t', 'daddr_t', 'rsbac_time_t',
+ 'PL_task', 'RSBAC_MAC_MIN_CAT_VECTOR', 'PF_switch_auth',
+ 'rsys_acl_get_rights_t', 'rsbac_rc_target_t', 'ELIBACC',
+ '__NR_rename', '__u32', 'R_CHANGE_DAC_EFF_GROUP',
+ '__FSFILCNT64_T_TYPE', 'RSYS_auth_add_f_cap',
+ '__NR_mlockall', 'RSYS_um_get_user_item',
+ '__NR_socketcall', 'RSBAC_UM_USER_PWHISTORY_LIST_KEY',
+ '_LINUX_CAPABILITY_VERSION', 'rsys_um_mod_user_t',
+ '__NR_inotify_rm_watch', 'A_jail_flags',
+ 'rsys_acl_get_rights_n_t', '__locale_struct', 'u_int8_t',
+ 'rsbac_cap_vector_t', 'PF_add_purpose', '__USE_BSD',
+ 'ENOTDIR', 'rsbac_acl_change_group_arg_t',
+ '__NR_sigreturn', 'FD_ZERO', 'T_IPC',
+ 'R_MODIFY_ACCESS_DATA', 'rsbac_acl_list_groups_arg_t',
+ '__locale_t', 'LL_none',
+ 'RSBAC_UM_OLD_USER_PWHISTORY_LIST_NAME',
+ 'rsbac_pm_delete_authorized_tp_t', 'ACT_none', 'ENETRESET',
+ '__kernel_old_dev_t', 'RI_type_comp_dev',
+ 'rsys_um_get_next_user_t', '__NR_setuid32',
+ '__kernel_fd_set', 'RSYS_um_auth_name', 'rsys_reg_t',
+ 'RSBAC_UM_NAME_LEN', 'AMS_full', 'rsys_get_attr_t',
+ 'rsys_auth_remove_p_cap_t', 'rsbac_um_days_t', 'EINVAL',
+ 'rsbac_mac_user_flags_t', '__NR_setgroups32',
+ 'PTF_add_authorized_tp', 'RC_role_min_special',
+ 'rsys_adf_log_switch_t', 'R_LOCK', 'EHOSTUNREACH',
+ 'rsys_acl_group_t', 'RSYS_um_set_group_pass',
+ 'rsys_mac_get_curr_level_t', '__cond_lock',
+ '__NR_oldlstat', 'size_t', 'RSYS_um_get_gid',
+ 'RSBAC_NWA_REQUEST_VECTOR', 'SL_inherit',
+ 'RSBAC_NET_MAX_PORT', 'rsbac_log_level_t', 'MAC_read_up',
+ 'rsbac_pm_add_na_t', '__WORDSIZE',
+ 'rsbac_pm_delete_purpose_t', 'rsbac_pm_create_ticket_t',
+ '__NR_pause', 'PR_none', 'ACLGS_get_group_members',
+ 'RSBAC_MAC_DEF_INIT_P_FLAGS', 'rsys_mac_get_min_level_t',
+ 'rsbac_pseudo_t', 'RSYS_acl_get_rights_n', 'MA_inherit',
+ 'RSYS_auth_get_f_caplist', 'R_IOCTL', 'AST_min',
+ '__USE_POSIX', 'R_TRUNCATE', 'ST_firewall', 'ST_other',
+ '__NR_mremap', '__fd_mask', 'RSBAC_UM_NR_GROUP_LISTS',
+ 'RSBAC_VERSION_MAKE_NR', '__useconds_t',
+ '__clockid_t_defined', '__NR_pselect6', 'RSBAC_EPERM',
+ 'RSBAC_UM_MAX_MAXNUM', '__SQUAD_TYPE',
+ 'RSBAC_CAP_DEFAULT_MAX', '__NR_swapon', 'EKEYEXPIRED',
+ 'EREMOTE', '__NR_sigprocmask', '_SYS_TYPES_H', '__P',
+ 'FF_search_only', 'ACLR_FORWARD', 'PF_delete_consent',
+ '__USE_GNU', '__NR_io_cancel', 'RSBAC_RC_GENERAL_TYPE',
+ 'pthread_attr_t', '__attribute_format_arg__',
+ 'rsbac_syscall_t', 'CAP_FOWNER', 'ACLR_NONE', '__NR_ipc',
+ 'RSYS_um_check_account', '__NR_lseek',
+ 'PF_delete_authorized_tp', 'RSBAC_NET_TEMP_KEY',
+ 'RSBAC_UM_HOMEDIR_LEN', 'I_shm', '__NR_utimes',
+ 'RSYS_init', 'pthread_t', '__NR_fork', 'RSYS_net_template',
+ 'rsbac_pm_role_t', 'RSBAC_MAC_DEF_SYSADM_U_FLAGS',
+ 'cap_user_data_t', 'rsys_set_attr_n_t',
+ 'RSBAC_ACL_GROUP_VERSION', '__NR_msync', 'RSBAC_RES_UNSET',
+ '__NR_kexec_load', 'quad_t', 'RI_type_netdev_name',
+ 'RSBAC_UM_GROUP_LIST_NAME', 'rsbac_pm_purpose_list_item_t',
+ 'rsbac_pm_list_t', 'PF_set_object_class', 'A_auid_exempt',
+ 'RSYS_um_add_group', 'pthread_cond_t', 'SL_confidential',
+ 'RI_type_comp_netdev', 'CAP_LINUX_IMMUTABLE',
+ 'TIMER_ABSTIME', 'FR_uid_only', '__u_int',
+ 'RSBAC_RC_SYSTEM_ADMIN_ROLE',
+ 'rsbac_acl_get_group_entry_arg_t', 'SR_security_officer',
+ 'RSYS_check', 'nlink_t', 'T_NETTEMP', '__UQUAD_TYPE',
+ 'RSBAC_CAP_MAX', 'rsys_mac_remove_f_tru_t',
+ 'CLOCKS_PER_SEC', 'RSBAC_EINVALIDPOINTER',
+ 'rsys_rc_get_eff_rights_n_t', 'ACLC_remove_acl_entry',
+ '__NR_io_getevents', 'RC_system_admin',
+ 'rsbac_pm_set_auth_may_setuid_t',
+ 'RSYS_rc_get_eff_rights_n', 'ulong', 'PF_switch_pm',
+ '__NR_fgetxattr', '__NR_open', 'int8_t',
+ 'PTF_add_object_class', 'CAP_SYS_BOOT', '__fsfilcnt_t',
+ &nb