Provide basic support for allowxperm, auditallowxperm, dontauditxperm and neverallowxperm. While I would prefer additional changes to help avoid the presence of magic numbers (e.g. a new macro, much like interface, but for recursively defining named xperm numbers), this patch set is sufficient for my and - hopefully - the majority of the community's needs. In particular, this change will keep /usr/bin/sepolgen-ifgen from spewing errors on the following policy every time selinux-policy-targeted gets updated: https://github.com/openzfs/zfs/pull/13271/files#diff-70b325e496b997b3c4a5a9f0aacee16343b82e07a8ed8220304ccb5f6504a582 Signed-off-by: Chris Lindee <chris.lindee+github@xxxxxxxxx> --- python/sepolgen/src/sepolgen/refparser.py | 96 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++- python/sepolgen/src/sepolgen/refpolicy.py | 18 ++++++++++++++++++ 2 files changed, 113 insertions(+), 1 deletion(-)
