selinonlib.leaf_predicate module

Leaf predicate in condition - should always return True/False for the given input.

class selinonlib.leaf_predicate.LeafPredicate(predicate_func, node, flow, args=None)[source]

Bases: selinonlib.predicate.Predicate

Leaf predicate representation.

ast()[source]

Create Python AST of this predicate.

Returns:AST representation of predicate
check()[source]

Check whether predicate is correctly used.

Raises:ValueError
classmethod create(name, node, flow, args=None)[source]

Create predicate.

Parameters:
  • name (str) – predicate name
  • node (Node) – node to which predicate belongs
  • flow (Flow) – flow to which predicate belongs
  • args – predicate arguments
Returns:

an instantiated predicate
Raises:

ImportError
nodes_used()[source]

Return a list of nodes that are used by this predicate.

Returns:list of nodes that are used
Return type:List[Node]
predicates_used()[source]

Return a list of predicates that are used.

Returns:list of predicates that are used
Return type:List[Predicate]
requires_message()[source]

Check whether this predicate requires results from parent node.

Returns:True if predicate requires a message from a parent node
requires_node_args()[source]

Check whether this predicate inspects arguments passed to flow.

Returns:True if predicate requires a node arguments