[SSSD] [PATCH] Process SELinux mapping while offline

This patchset fixes the SELinux processing so that it works also offline for cases described in #1626 for example. The code was architected in an extremely strange way where every request would store a per-request/per-user score attribute in the selinux mapping objects themselves and the responder would just pick the highest score. At the same time, the scores were only calculated when the mappings were downloaded and only for rules that matched, which pretty much broke offline support. I intend to fix the architecture by only making the provider only download and store the rules and let the responder pick the context. But I'm not sure if I can do that right during the current time constraints. I filed #1743 to track that effort and I'll be sending some patches for master so far, but I'd like to include this patchset to fix the functionality at last. I also noticed that the rules are downloaded on *every login*, without any timeout in between, so I filed #1744 to either reuse IPA_HBAC_REFRESH or introduce a similar timeout for performance reasons. [PATCH 1/4] SYSDB: Remove duplicate selinux defines Some constants were defined in both sysdb.h and sysdb_selinux.h. This patch removes the duplicates. [PATCH 2/4] SYSDB: Split a function to read all SELinux maps This function will be reused in the DP to read maps from cache when offline. [PATCH 3/4] SELINUX: Process maps even when offline The patch is quite big, but I couldn't split it in a meaningful way, sorry. The patch changes the ipa_get_selinux{send,recv} to only provide data independently on the offline stat and moves all the processing to the ipa_selinux_handler. The scores are calculated [PATCH 4/4] IPA: Rename IPA_CONFIG_SELINUX_DEFAULT_MAP The option IPA_CONFIG_SELINUX_DEFAULT_MAP was misnamed. It doesn't describe any map, but the default context the user should obtain when nothing else matches.