a

U+e��@s�dd
lm
Z

ddlmZ
ddlZddlZddlTddlmZ
ddlm	Z	
ddl
Z
ddlmZm
Z

e
je
dd	�e
dd
�dd�Zz
ejaWney�


ej
aYn0gd
�
Zedkr�e
je
dd	�e
dd
�d�
ddl
ma
ddlm
Z

ddlTddlTddlTddlTddlmZ
ddlTddlZddlTddl m!Z!
ddl"Z"ddl#Z#dd�Z$dZ%dZ&dZ'e%td�
e&td�
e'td�
iZ(e%de&de'diZ)e%e&e'd�Z*Gdd�de+�Z,Gd d!�d!e-�Z.Gd"d#�d#e-�Z/Gd$d%�d%e-�Z0iZ1td&�
e1d'<td(�
e1d)<td*�
e1d+<td,�
e1d-<td.�
e1d/<td0�
e1d0<td1�
e1d1<td2�
e1d2<td3�
e1d3<td4�
e1d4<td5�
e1d5<td6�
e1d6<td7�
e1d7<d8d9�Z2Gd:d;�d;e-�Z3Gd<d=�d=e-�Z4Gd>d?�d?e-�Z5Gd@dA�dAe-�Z6GdBdC�dCe-�Z7GdDdE�dEe-�Z8GdFdG�dGe-�Z9GdHdI�dIe-�Z:GdJdK�dKe-�Z;GdLdM�dMe-�Z<edk�r�ddl=Z=e=�>dN�

dOZ?e9�Z@e@�Ae?dP�
e@jBdZCeCjDjEdZFeGeFjH�

eGdQeCjD�

eGe@�

e=�I�
e=�>dN�
dk�r�eGdR�

neGdSe=�>dN�
�

e=�J�
dS)T�)
�absolute_import)
�print_functionN)
�
*)
�range)
�
cmp_to_key)�parse_config_setting�
get_configZgeneralZi18n_text_domainZi18n_locale_dirT)�domain�	localedir�fallback)�SignatureMatch�SEFilter�SEFaultSignature�SEFaultSignatureInfo�SEFaultSignatureSet�SEFaultSignatureUser�
SEEnvironment�SEDatabaseProperties�SEFaultUserInfo�SEFaultUserSet�SEPlugin�SEEmailRecipient�SEEmailRecipientSet�FILTER_NEVER�
FILTER_ALWAYS�FILTER_AFTER_FIRST�filter_text�__main__)r	r
)
�ngettext)
r)
�TemplatecCs||
k||
kS�
N�)�
x�
yr!r!�</usr/lib/python3.9/site-packages/setroubleshoot/signature.py�<lambda>Q�r%��zNever Ignorez
Ignore AlwayszIgnore After First Alert�never�always�after_first)r)r*r+c@seZ
dZd
d�ZdS)rcCs|
|_||_
dSr )�siginfo�score)�selfr,r-r!r!r$�__init__os

zSignatureMatch.__init__N)�__name__�
__module__�__qualname__r/r!r!r!r$rmsrc
s�eZ
dZd
dd�d�ddi
ddi
ddi
ddi
ddi
ddi
ded�ded�ddi
ddi
ddi
d�Z�f
d	d
�Zdd�Zd
d�Zdd�Z�Z	S)r�	attributec
Csd
S�Nz1.0r!r!r!r!r$r%vr&zSEEnvironment.<lambda>��XMLForm�defaultr6�element�r6�import_typecast)�version�platform�kernel�policy_type�
policy_rpm�local_policy_rpm�enforce�selinux_enabled�selinux_mls_enabled�
policyvers�hostname�unamec

stt
|���
|��
dSr )�superrr/�update�
r.�
�	__class__r!r$r/�s

zSEEnvironment.__init__c
Cs�td
�

ddl
}
ddl}t�\|_
|_|��d|_td|j�
|_|j|_	t
|���
|_|�
�}|dkrrd|_nd|_t|���
|_t|���
|_|
��|_d�|
���
|_dS)Nzupdating SEEnvironmentr
�
z/etc/selinux/%s�
PermissiveZ	Enforcing�
 )�	log_debugr<�selinuxZget_os_environmentr=Zselinux_getpolicytyper>Zget_package_nvr_by_file_pathr?r@�strZsecurity_policyversrDZsecurity_getenforcerA�boolZis_selinux_enabledrBZis_selinux_mls_enabledrC�noderE�joinrF)r.r<rPrAr!r!r$rH�s 












zSEEnvironment.updatecCs|�|
�
Sr )
�__eq__)r.�otherr!r!r$�__ne__�s
zSEEnvironment.__ne__cCs2t|j
���
D]}t||�t|
|�kr
d
SqdS)NFT)�list�	_xml_info�keys�getattr)r.rV�namer!r!r$rU�s



zSEEnvironment.__eq__)
r0r1r2�booleanrYr/rHrWrU�
__classcell__r!r!rJr$rts"










�rcsBeZ
dZd
edd�d�d
edd�d�d�Zef
�f
dd�	Z�ZS)	r
r8c
CstSr )
rr!r!r!r$r%�r&zSEFilter.<lambda>�r6r:r7c
Csd
S�Nr
r!r!r!r!r$r%�r&)�filter_type�countcstt
|���
|
|_dSr )rGr
r/ra)r.rarJr!r$r/�s

zSEFilter.__init__)r0r1r2�intrYrr/r^r!r!rJr$r
�s
�r
csdeZ
dZd
di
dedd�d�dedd�d�dedd�d�d	�Z�f
d
d�Zdd
�Zddd�
Z�Z	S)rr6r3c
Csd
S�NFr!r!r!r!r$r%�r&zSEFaultSignatureUser.<lambda>r_c
Csd
Srdr!r!r!r!r$r%�r&r8c
Cst�Sr )
r
r!r!r!r$r%�r&)�usernameZ	seen_flagZdelete_flag�filtercstt
|���
|
|_dSr )rGrr/re�r.rerJr!r$r/�s

zSEFaultSignatureUser.__init__cCs:|
|jv
rt
td
|
��
|
dkr*t
td��
t||
|�
dS)Nz!item (%s) is not a defined memberrez changing the username is illegal)Z_names�ProgramErrorZERR_NOT_MEMBERZERR_ILLEGAL_USER_CHANGE�setattr)r.�item�datar!r!r$�update_item�s





z SEFaultSignatureUser.update_itemNcCsXtd
t
�|
d�|f�

|
tks0|
tks0|
tkrHtd�

t|
d�
|_dStd|
�
�
dS)Nz%update_filter: filter_type=%s data=%s�unknownzupdate_filter: !!!)
raTzBad filter_type (%s))	rO�map_filter_value_to_name�getrrrr
rf�
ValueError)r.rarkr!r!r$�
update_filter�s


��

z"SEFaultSignatureUser.update_filter)
N)
r0r1r2r]r
rYr/rlrqr^r!r!rJr$r�s


�	r�	directory�dirZ	semaphoreZsemz
shared memoryZshmz
message queueZmsgq�message�msg�fileZsocket�process�process2Z
filesystemrS�
capability�capability2c

Cs|tt
���
vrt
|S|Sr )rX�
class_dictrZ)
�tclassr!r!r$�translate_class�s


r}cs eZ
dZd
Z�f
dd�Z�ZS)�AttributeValueDictionaryZunstructuredc

stt
|���
dSr )rGr~r/rIrJr!r$r/�s
z!AttributeValueDictionary.__init__�r0r1r2rYr/r^r!r!rJr$r~�s
r~c	sZeZ
dZd
dd�d�ddi
ddd�ded	�ded	�ddi
ded	�d
�Z�f
dd�Z�ZS)
rr3c
Csd
S)Nz4.0r!r!r!r!r$r%�r&zSEFaultSignature.<lambda>r5r6r8Z	operation�r6rXr9)r;�host�access�scontext�tcontextr|�portc
s4tt
|���
t|
���
D]\}}t|||�
qdSr )rGrr/rX�itemsri)r.�kwds�
k�
vrJr!r$r/
s


zSEFaultSignature.__init__)r0r1r2�
AvcContextrcrYr/r^r!r!rJr$r�s





�
rcs8eZ
dZd
di
ddd�d�Z�f
dd�Zdd	�Z�ZS)
rr6r8�argr�)�analysis_id�argscstt
|���
|
|_||_dSr )rGrr/r�r�)r.r�r�rJr!r$r/
s


zSEPlugin.__init__c

Cst|j
|jf�
Sr )rQr�r�rIr!r!r$�__str__
s
zSEPlugin.__str__)r0r1r2rYr/r�r^r!r!rJr$r
s

�rcs�
eZ
dZd
ded�d
ed�dd
i
dd
i
dd
i
d
dd�d
dd�d
ed�d
ed�dd
i
d
ed�d
ed�dd
i
dd
i
dd
i
d
ed�d
e	d�d
e	d�d
edd	�d
�dd
i
d
de
d�dd
i
dd
i
dd
i
d�Zgd
�
Z�f
dd�Z
dd�Zdd�Zdd�Zdd�Zdd�Zdd�Zd<dd�
Zd=dd �
Zd!d"�Zd#d$�Zd%d&�Zd'd(�Zd)d*�Zd+d,�Zd-d.�Zd>d0d1�
Zd2d3�Zd4d5�Zd?d6d7�
Z d8d9�Z!d@d:d;�
Z"�Z#S)Arr8Zplugin�r6rXr:r9r6Zrpmr�c
Csd
Sr`r!r!r!r!r$r%+
r&zSEFaultSignatureInfo.<lambda>r_�user)�plugin_list�audit_event�source�spath�tpath�src_rpm_list�tgt_rpm_listr�r�r|r��sigZif_textZ	then_textZdo_text�environment�first_seen_date�last_seen_date�report_count�local_id�users�levelZfixableZbutton_text)
r�r�r�r�r�r�r|r�r�r�c
sxtt
|���
t|
���
D]\}}t|||�
qd
|_g|_d}t�	�dkrPd}zt
|j|d�|j_
Wn


Yn0dS)NrLTr
F)
�use_dbus)rGrr/rXr�rir�r��os�getuidZget_rpm_nvr_by_scontextr�r�r@)r.r�r�r�r�rJr!r$r/9
s








zSEFaultSignatureInfo.__init__cCsV|
j|jkr"|
j|_|j
d
7_
|jD]}t||t|
|��
q(|jdurR|
j|_dS�NrL)r�r��
merge_includerir[r�)r.r,r\r!r!r$�update_mergeJ
s






z!SEFaultSignatureInfo.update_mergec


Cs|jj
Sr )r�r?rIr!r!r$�get_policy_rpmV
s
z#SEFaultSignatureInfo.get_policy_rpmc

Cs(d
|j|j
j|jj|jd�|jj�
fS)Nz%s,%s,%s,%s,%s�
,)r�r��typer�r|rTr�r�rIr!r!r$�get_hash_strY
s
z!SEFaultSignatureInfo.get_hash_strc
Cst�
|���d
�
�
}
|
��S)Nzutf-8)�hashlibZsha256r��encode�	hexdigest)r.�hashr!r!r$�get_hash\
s

zSEFaultSignatureInfo.get_hashcCsB|jD]}|j
|
kr|
Sqtd
|
�

t|
�
}|j�|�

|S)Nznew SEFaultSignatureUser for %s)r�rerOr�append�r.rer�r!r!r$�
get_user_data`
s









z"SEFaultSignatureInfo.get_user_datacCs,td
|
�

d}|�
|
�
}|du
r(|j}|S)Nzfind_filter_by_username %s)rOr�rf)r.rerf�	user_datar!r!r$�find_filter_by_usernamei
s





z,SEFaultSignatureInfo.find_filter_by_usernameNcCs|�|
�
}|�
||�
dSr )r�rq)r.rerarkr�r!r!r$�update_user_filterr
s


z'SEFaultSignatureInfo.update_user_filtercCsTd
}|�|
�
}t
d|
|f�

|du
rP|du
r4||_|�|�
}t
d|
||f�

|S)N�displayz5evaluate_filter_for_user: found %s user's filter = %sz4evaluate_filter_for_user: found filter for %s: %s
%s)r�rOra�evaluate_filter)r.rera�action�
fr!r!r$�evaluate_filter_for_userv
s










z-SEFaultSignatureInfo.evaluate_filter_for_usercCsb|
j}d
}|t
krd
}n8|tkr6|
jdkr0d
}qPd}n|tkrDd}ntd|�
�
|
jd7_|S)Nr�r
�ignorezunknown filter_type (%s)rL)rarrrbrrp)r.rfrar�r!r!r$r��
s









z$SEFaultSignatureInfo.evaluate_filtercCs2t|
t
�r&t|
�
d
kr d�|
�
SdSntd�
SdS)Nr
rN�)�
isinstancerX�lenrT�default_text)r.Zrpm_listr!r!r$�format_rpm_list�
s





z$SEFaultSignatureInfo.format_rpm_listc

Csd
|j|j
fS)Nz	%s [ %s ])r�r|rIr!r!r$�format_target_object�
s
z)SEFaultSignatureInfo.format_target_objectc
CsTd}
|j�
d
�
}|dkr<|�d�
dkr<td�
|j|jjf}
|jjdkrPtd�
}
dS)NZSYSCALL�success�yesz:%s has a permissive type (%s). This access was not denied.rMz:SELinux is in permissive mode. This access was not denied.)	r�Zget_record_of_typeZ	get_field�
_r�r�r�r�rA)r.Zpermissive_msgZsyscall_recordr!r!r$�#description_adjusted_for_permissive�
s




z8SEFaultSignatureInfo.description_adjusted_for_permissivec
Cs�
i|_|j
j|jd
<|jj|jd<|j|jd<|j|jd<tj�|j�
|jd<t	�
dd|j�|jd<|jr�t	�
d	d
|j�|jd<n
td�
|_|j|jd
<tj�|j�
|jd<|jr�t	�
d	d
|j�|jd<|jdur�d|jd<nD|j
dkr�|j|jd<n,|j
dk�
rtj�|j�
|jd<n
d|jd<|j
dk�
r:d|jd<n|j
|jd<|jjdu�
r`d|jd<nd	�|jj�
|jd<t|j�
dk�
r�|jd|jd<|j|jd<t|j���
D]"\}
}|du�
r�t|�
|j|
<�
q�dS)NZSOURCE_TYPEZTARGET_TYPEZSOURCEZSOURCE_PATHZSOURCE_BASE_PATHz[^a-zA-Z0-9]r�ZMODULE_NAMErN�
.ZFIX_SOURCE_PATHzN/AZTARGET_PATHZTARGET_BASE_PATHZFIX_TARGET_PATHZ
TARGET_DIRrsrvrrZTARGET_CLASSZACCESSr
ZSOURCE_PACKAGEZPORT_NUMBER)�template_substitutionsr�r�r�r�r�r��path�basename�re�subr�r�r|�dirnamer�r�rTr�r�r�rXr�r�)r.�key�valuer!r!r$�%update_derived_template_substitutions�
sB


























z:SEFaultSignatureInfo.update_derived_template_substitutionscCst|d
j
|
d
j
�Sr`)�cmp�priority)r.r"r#r!r!r$�
priority_sort�
s
z"SEFaultSignatureInfo.priority_sortc

Cs�|jd
vr:t
td�
td�
t|jj�
�|jd�|jj�
fS|jdvrtt
td�
td�
t|jj�
�|jd�|jj�
fS|jdvr�t
td	�
td
�
t|jj�
�|jd�|jj�
t	|j�
|j
jfSt
td�
td�
t|jj�
�|jd�|jj�
t	|j�
|jfS)
N)rwrxz?SELinux is preventing %s from using the %s access on a process.zCSELinux is preventing %s from using the '%s' accesses on a process.z, )ryrzz6SELinux is preventing %s from using the %s capability.z:SELinux is preventing %s from using the '%s' capabilities.)z(null)ZUnknownz=SELinux is preventing %s from %s access on the %s labeled %s.zASELinux is preventing %s from '%s' accesses on the %s labeled %s.z5SELinux is preventing %s from %s access on the %s %s.z9SELinux is preventing %s from '%s' accesses on the %s %s.)r|�P_r�r�r�r�r�rTr�r}r�r�rIr!r!r$�summary�
s


0

0


>
zSEFaultSignatureInfo.summaryFc
s�t��_
g}d
}|
r:�j
D]}||j7}|�|df�

qnV�jD]N}�j
D]B}|j|jkrJ||j7}|�t|j�
�

|�|t|j�
f�


q@qJq@|j	t
�j�
d�

gd�
}d��f
dd�|D�
�
}|D]$}||vr�|D]\}}	d|_
q�
q�q�||fS)	Nr
)Zallow_ypbind�
1�
r�)Zmozilla_read_contentZ"mozilla_plugin_can_network_connectZmozilla_plugin_use_bluejeansZ$unconfined_mozilla_plugin_transitionrNc
s g|]\}
}|
��j
j|��qSr!)�get_do_textr��records)�.0�
p�
arIr!r$�
<listcomp>�
r&z4SEFaultSignatureInfo.get_plugins.<locals>.<listcomp>F)Zload_plugins�pluginsr�r�r�r�Z	init_args�tupler��sortrr�rTZ
report_bug)
r.�allr��total_priorityr�ZsolutionZnoreport_booleansZdo_texts�
br�r!rIr$�get_plugins�
s.




















z SEFaultSignatureInfo.get_pluginscCst|
�
�
|j�
Sr )rZsafe_substituter�)r.�txtr!r!r$�
substitutes
zSEFaultSignatureInfo.substitutecs�f
d
d�|
D�
S)Nc
sg|]}
��|
�
�qSr!)
r�)r�r�rIr!r$r�r&z9SEFaultSignatureInfo.substitute_array.<locals>.<listcomp>r!)r.r�r!rIr$�substitute_array
s
z%SEFaultSignatureInfo.substitute_arrayc
s�|j}t
d
�
}|tt
d�
|j���7}|tt
d�
|j���7}|tt
d�
|���7}|tt
d�
t|j�
�7}|tt
d�
t|j	�
�7}|tt
d�
t|j
�
�7}|
r�|tt
d�
d	�7}n|tt
d�
t|jj�
�7}|tt
d
�
t|�
|j�
�
�7}|tt
d�
t|�
|j�
�
�7}|tt
d�
t|j�
�7}|tt
d
�
t|j�
�7}|tt
d�
t|j�
�7}|tt
d�
t|j�
�7}|tt
d�
t|j�
�7}|
�
r�|tt
d�
d	�7}n|tt
d�
t|j�
�7}|
�
r�|j��}d	|d<|tt
d�
td�|�
�
�7}n|tt
d�
t|j�
�7}|tt
d�
t|j�
�7}d}|tt
d�
|j�|�
�7}|tt
d�
|j�|�
�7}|tt
d�
t|j�
�7}|dt
d�
7}d}|jjD]^��jdk�r�|d�� �d7}n6|d�j�j!f7}|d��f
dd ��j"D�
�
d7}�q�|d!|�#�7}z~d"}t$j%�&|�
�rrd#}t'|g
t(t(d$�}	||	�)|�
d%7}t$j%�*d&�
�rj|d'7}t'|d(gt(t(d$�}	||	�)|�
d%7}||7}Wn


Yn0||d7}|S))NzAdditional Information:
zSource ContextzTarget ContextzTarget ObjectsZSourcezSource PathZPortZHostz	(removed)zSource RPM PackageszTarget RPM PackageszSELinux Policy RPMzLocal Policy RPMzSelinux EnabledzPolicy TypezEnforcing Modez	Host NamerLZPlatformrNzAlert Countz%Y-%m-%d %H:%M:%S %Zz
First Seenz	Last SeenzLocal ID�

zRaw Audit Messagesr�ZAVCz
type=%s msg=%s: c
sg|]}
d|
�j|
f�qS)
z%s=%s)
�fields)r�r��
Zaudit_recordr!r$r�:r&z7SEFaultSignatureInfo.format_details.<locals>.<listcomp>z
Hash: z/usr/bin/audit2allowz

audit2allow)�stdin�stdoutr
z /var/lib/sepolgen/interface_infoz
audit2allow -Rz-R)+r�r�Zformat_2_column_name_valuer��formatr�r�r�r�r�r�r�r�r�r�r�r?r@rBr>rArErF�splitrTr�r�r�r�r�r��record_typeZto_textZevent_idZ
fields_ordr�r�r�Zexist�Popen�PIPEZcommunicate�exists)
r.�replace�env�textrFZdate_formatZavcbufZaudit2allowZnewbufr�r!r�r$�format_details
sl































&











z#SEFaultSignatureInfo.format_detailscOs@t}t
}z(d
d�add�a
|
|i|�
�
W|a|a
S|a|a
0dS)zdefine.*untranslated\(.*\ncSs|d
kr|S|
Sr�r!)r"r#�
zr!r!r$r%Zr&z3SEFaultSignatureInfo.untranslated.<locals>.<lambda>c


Ss|Sr r!)
r"r!r!r$r%[r&N)r�r�)r.�funcr��kwargsZsaved_translateP_Zsaved_translate_r!r!r$�untranslatedPs




�
�
z!SEFaultSignatureInfo.untranslatedcCs2
|��
|�
�}|�|
�
\}}|D]�\}}td
�
|jt|j�
t|�
ddf}||7}tt|�
d�D]}	|td�
7}qh|td�
7}|�	|�
|jj|��
}
|td�
|
7}|�	|�
|jj|��
}
|td�
|
d��|
d	d�7}|�	|�|jj|��
}
|td
�
|
d��|
d	d�7}q"|td�
7}|S)Nz0

*****  Plugin %s (%.4s confidence) suggests   �dg�?�Prr�z
Then r
rLz
Do
z

)r�r�r�r�r��floatr�rr�r�Zget_if_textr�r�Z
get_then_text�lowerr�)r.r�r�r�r�r�r�r��title�
ir�r!r!r$�format_textas"

(







$
&
z SEFaultSignatureInfo.format_text)
N)
N)
F)
F)FF)$r0r1r2rZ
AuditEventr�rcrrZ	TimeStamprrYr�r/r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r^r!r!rJr$r
s`






















�		

		/

"
CrcsReZ
dZd
dd�d�dd
i
dedd�d�dd	d
�d�Z�f
dd
�Zdd�Z�ZS)rr3c
Csd
Sr4r!r!r!r!r$r%|r&zSEFaultUserInfo.<lambda>r5r6r8c
Csd
Srdr!r!r!r!r$r%~r&r_�
email_addressr�)r;reZemail_alert�email_address_listcstt
|���
|
|_dSr )rGrr/rergrJr!r$r/�s

zSEFaultUserInfo.__init__cCs|
|jv
r|j�
|
�

dSr )r

r�)r.r
r!r!r$�add_email_address�s


z!SEFaultUserInfo.add_email_address)r0r1r2r]rYr/r
r^r!r!rJr$rzs


�rcsHeZ
dZd
dd�d�dded�d�Z�f
d	d
�Zdd�Zd
d�Z�ZS)rr3c
Csd
Sr4r!r!r!r!r$r%�r&zSEFaultUserSet.<lambda>r5r8r�r�)r;�	user_listc

stt
|���
dSr )rGrr/rIrJr!r$r/�s
zSEFaultUserSet.__init__cCs"|jD]}|
|j
kr|
SqdSr )r
rer�r!r!r$�get_user�s






zSEFaultUserSet.get_usercCs*|�|
�
du
rdSt
|
�
}|j�|�

|Sr )r
rr
r�r�r!r!r$�add_user�s





zSEFaultUserSet.add_user)	r0r1r2rrYr/r
r
r^r!r!rJr$r�s

�rcs�eZ
dZd
dd�d�dedd�d�dded	�d
�Z�f
dd�Zd
d�Zdd�Zdd�Z	dd�Z
dd�Zdd�Zde
jfdd�
Z�ZS)rr3cCsd
tt
fS)Nz%d.%d)ZDATABASE_MAJOR_VERSIONZDATABASE_MINOR_VERSIONr!r!r!r$r%�r&zSEFaultSignatureSet.<lambda>r5r8c
Cst�Sr )
rr!r!r!r$r%�r&r_r,r�)r;r��signature_listc

stt
|���
dSr )rGrr/rIrJr!r$r/�s
zSEFaultSignatureSet.__init__c
cs|jD]
}
|
V
qdSr �
r
�r.r,r!r!r$�siginfos�s


zSEFaultSignatureSet.siginfoscCs|j�
|
�

|
Sr )r
r�r
r!r!r$�add_siginfo�s

zSEFaultSignatureSet.add_siginfocCs|j�
|
�

dSr )r
�remover
r!r!r$�remove_siginfo�s
z"SEFaultSignatureSet.remove_siginfoc

Cs
g|_dSr r
rIr!r!r$�clear�s
zSEFaultSignatureSet.clearc

Cstt
���
Sr )rQ�uuidZuuid4rIr!r!r$�generate_local_id�s
z%SEFaultSignatureSet.generate_local_idcCs.|
durdS|jD]}|j
|
kr|
SqdSr )r
r�)r.r�r,r!r!r$�lookup_local_id�s






z#SEFaultSignatureSet.lookup_local_id�exactc
Cs�t|�
��
}d
}|dkrd}n(t|t�r:t|�
}d|}ntd|�
�
g}|jD]�}	d}
|	j}|D]8}t|
|�t||�kr�|r�d}
q�|
|7}
qb|rbd}

q�qb|r�|
dkr�|�	t
|	|
��

qP|
|krP|�	t
|	|
��

qP|jtdd��
d	�

|S)
NFr
Tg�?zunknown criteria = %sgcSst|
j
|j
�Sr )r�r-)r�r�r!r!r$r%�r&z6SEFaultSignatureSet.match_signatures.<locals>.<lambda>r�)
rXrZr�r�r�rpr
r�r[r�rr�r)
r.�patZcriteriaZxml_infoZ
match_targetsr
Znum_match_targetsZscore_per_match_target�matchesr,r-r�r\r!r!r$�match_signatures�s6

























z$SEFaultSignatureSet.match_signatures)r0r1r2rrrYr/r	
r

r
r

r
r
rr
r^r!r!rJr$r�s


�
rcs6eZ
dZd
di
d
di
d
di
d�Zd�f
dd�	Z�ZS)rr6r8)r\�
friendly_name�filepathNcs<tt
|���
|
du
r|
|_|du
r*||_|du
r8||_dSr )rGrr/r\r
r
)r.r\r
r
rJr!r$r/�s






zSEDatabaseProperties.__init__)NNNrr!r!rJr$r�s


�rcs@eZ
dZd
di
dedd�d�d�Zd�f
dd	�	Zd
d�Z�ZS)
rr6r8c
CstSr )
rr!r!r!r$r%�r&zSEEmailRecipient.<lambda>r_)�addressraNcs&tt
|���
|
|_|du
r"||_dSr )rGrr/r
ra)r.r
rarJr!r$r/
s



zSEEmailRecipient.__init__c

Csd
|jt
�|jd�fS)Nz%s:%srm)r
rnrorarIr!r!r$r�s
zSEEmailRecipient.__str__)
N)r0r1r2rcrYr/r�r^r!r!rJr$r�s

�rcsneZ
dZd
dd�d�dded�d�Zd�f
d
d�	Zdd
�Zdd�Zef
dd�
Z	dd�Z
dd�Zdd�Z�Z
S)rr3c
Csd
S)Nr�r!r!r!r!r$r%
r&zSEEmailRecipientSet.<lambda>r5r8�	recipientr�)r;�recipient_listNcs tt
|���
|
du
r|
|_dSr )rGrr/r
)r.r
rJr!r$r/s


zSEEmailRecipientSet.__init__c

Csd
�dd�|j
D�
�
S)Nr�c
Ssg|]}
t|
�
�qSr!)
rQ)r�r"r!r!r$r�r&z/SEEmailRecipientSet.__str__.<locals>.<listcomp>)rTr
rIr!r!r$r�s
zSEEmailRecipientSet.__str__cCs*|
��}
|j
D]}|
|jkr|
SqdSr )�stripr
r
)r.r
r
r!r!r$�find_addresss








z SEEmailRecipientSet.find_addresscCsP|
��}
t
|
�
s$ttd
|
d��
dS|�|
�
}|du
r:dS|j�t|
|��

dS)Nzaddress='%s'�
Zdetail)r
Zvalid_email_addressrh�ERR_INVALID_EMAIL_ADDRr
r
r�r)r.r
rar
r!r!r$�add_address s







zSEEmailRecipientSet.add_addressc

Cs
g|_dSr )
r
rIr!r!r$�clear_recipient_list+s
z(SEEmailRecipientSet.clear_recipient_listcCs�
d
dl}|�
d�
}|�
d�
}|�
d�
}ddddddddd�}zt|
�
}Wn:ty�
}
z"ttd|
|jfd	��
WYd}~n
d}~00|��
|��D�
]}	|�	d
|	�}	|	�
�}	|	r�|�|	�
}
|
r�|
�d�
}|
�d�
}d}
|�
rH|�
|�
D]^}
|
�d�
}|
�d
�
}|dk�
r6t�|��d�}
|
du�
rFtd||f�

q�td||f�

q�z|�||
�
Wq�t�
y�
}
z(|jtk�
r�t|j�

n|�
WYd}~q�d}~00q�|��
dS)Nr
z#.*z(\S+)(\s+(.+))?z(\w+)\s*=\s*(\S+)TF)Zenabled�truer�ZonZdisabledZfalse�noZoff�%s, %sr
r�rL��raz(unknown email filter (%s) for address %sz(unknown email option (%s) for address %s)r��compile�open�IOErrorrh�
ERR_FILE_OPEN�strerrorr
�	readlinesr�r
�search�group�finditer�map_filter_name_to_valueror�rOr
�errnor
�close)r.r
r�Z
comment_reZentry_reZkey_value_reZmap_booleanr��
e�line�matchr
�optionsra�optionr�r!r!r$�parse_recipient_file.sV













�



,
























z(SEEmailRecipientSet.parse_recipient_filec
Cs�zt|
d
�}Wn:t
yH
}
z"ttd|
|jfd��
WYd}~n
d}~00|jD]"}t|j}|�d|j	|f�

qP|�
�
dS)N�
wr"
r
z%-40s filter_type=%s
)r&
r'
rhr(
r)
r
rnra�writer
r0
)r.r
r�r1
r
rar!r!r$�write_recipient_filefs



,



z(SEEmailRecipientSet.write_recipient_file)
N)r0r1r2rrYr/r�r
rr
r
r6
r9
r^r!r!rJr$rs

�8rrLzaudit_listener_database.xml�sigszsiginfo.audit_event=%sz	Memory OKzMemory leak %d bytes)KZ
__future__rrZsixZsyslog�
subprocessZ	six.movesr�	functoolsr�gettextZsetroubleshoot.configrr�translationZugettextr��AttributeError�__all__r0�installrr�Zsetroubleshoot.errcodeZsetroubleshoot.utilZsetroubleshoot.xml_serializeZsetroubleshoot.html_utilZsetroubleshoot.uuidr
Zsetroubleshoot.audit_datar��types�stringrr�r�r�rrrrrnr.
�objectrZXmlSerializerr
rr{r}r~rrrrrrrrrZlibxml2ZdebugMemoryZxml_filer:
Z
read_xml_filer
r,r�r��record�printr�Z
cleanupParserZ
dumpMemoryr!r!r!r$�<module>
s�








�





�















�

�

�	6!












gHk