dontaudit rules were accidentally dropped during rewrite to SETools 4 API in 97d5f6a2 Fixes: >>> import sepolicy >>> sepolicy.search(['dontaudit']) [] Signed-off-by: Petr Lautrbach <plautrba@xxxxxxxxxx> --- Same patch as https://lore.kernel.org/selinux/20180918134401.22956-1-plautrba@xxxxxxxxxx/ but with a slightly reworded commit message python/sepolicy/sepolicy/__init__.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/python/sepolicy/sepolicy/__init__.py b/python/sepolicy/sepolicy/__init__.py index cd7af7cf..fbeb731d 100644 --- a/python/sepolicy/sepolicy/__init__.py +++ b/python/sepolicy/sepolicy/__init__.py @@ -344,6 +344,8 @@ def search(types, seinfo=None): tertypes.append(NEVERALLOW) if AUDITALLOW in types: tertypes.append(AUDITALLOW) + if DONTAUDIT in types: + tertypes.append(DONTAUDIT) if len(tertypes) > 0: q = setools.TERuleQuery(_pol, -- 2.19.2
