1## modulesPage.py - show selinux mappings 2## Copyright (C) 2006-2009 Red Hat, Inc. 3 4## This program is free software; you can redistribute it and/or modify 5## it under the terms of the GNU General Public License as published by 6## the Free Software Foundation; either version 2 of the License, or 7## (at your option) any later version. 8 9## This program is distributed in the hope that it will be useful, 10## but WITHOUT ANY WARRANTY; without even the implied warranty of 11## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 12## GNU General Public License for more details. 13 14## You should have received a copy of the GNU General Public License 15## along with this program; if not, write to the Free Software 16## Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. 17 18## Author: Dan Walsh 19import sys 20from subprocess import Popen, PIPE 21try: 22 from subprocess import getstatusoutput 23except ImportError: 24 from commands import getstatusoutput 25 26from gi.repository import GObject, Gtk 27import selinux 28from semanagePage import * 29 30## 31## I18N 32## 33PROGNAME = "policycoreutils" 34try: 35 import gettext 36 kwargs = {} 37 if sys.version_info < (3,): 38 kwargs['unicode'] = True 39 gettext.install(PROGNAME, 40 localedir="/usr/share/locale", 41 codeset='utf-8', 42 **kwargs) 43except: 44 try: 45 import builtins 46 builtins.__dict__['_'] = str 47 except ImportError: 48 import __builtin__ 49 __builtin__.__dict__['_'] = unicode 50 51 52class modulesPage(semanagePage): 53 54 def __init__(self, xml): 55 semanagePage.__init__(self, xml, "modules", _("Policy Module")) 56 self.module_filter = xml.get_object("modulesFilterEntry") 57 self.module_filter.connect("focus_out_event", self.filter_changed) 58 self.module_filter.connect("activate", self.filter_changed) 59 self.audit_enabled = False 60 61 self.store = Gtk.ListStore(GObject.TYPE_STRING, GObject.TYPE_STRING, 62 GObject.TYPE_STRING) 63 self.view.set_model(self.store) 64 self.store.set_sort_column_id(0, Gtk.SortType.ASCENDING) 65 col = Gtk.TreeViewColumn(_("Module Name"), Gtk.CellRendererText(), text=0) 66 col.set_sort_column_id(0) 67 col.set_resizable(True) 68 self.view.append_column(col) 69 self.store.set_sort_column_id(0, Gtk.SortType.ASCENDING) 70 col = Gtk.TreeViewColumn(_("Priority"), Gtk.CellRendererText(), text=1) 71 self.enable_audit_button = xml.get_object("enableAuditButton") 72 self.enable_audit_button.connect("clicked", self.enable_audit) 73 self.new_button = xml.get_object("newModuleButton") 74 self.new_button.connect("clicked", self.new_module) 75 col.set_sort_column_id(1) 76 col.set_resizable(True) 77 self.view.append_column(col) 78 self.store.set_sort_column_id(2, Gtk.SortType.ASCENDING) 79 col = Gtk.TreeViewColumn(_("Kind"), Gtk.CellRendererText(), text=2) 80 col.set_sort_column_id(2) 81 col.set_resizable(True) 82 self.view.append_column(col) 83 self.store.set_sort_func(1, self.sort_int, "") 84 status, self.policy_type = selinux.selinux_getpolicytype() 85 86 self.load() 87 88 def sort_int(self, treemodel, iter1, iter2, user_data): 89 try: 90 p1 = int(treemodel.get_value(iter1, 1)) 91 p2 = int(treemodel.get_value(iter1, 1)) 92 if p1 > p2: 93 return 1 94 if p1 == p2: 95 return 0 96 return -1 97 except: 98 return 0 99 100 def load(self, filter=""): 101 self.filter = filter 102 self.store.clear() 103 try: 104 fd = Popen("semodule -lfull", shell=True, stdout=PIPE).stdout 105 l = fd.readlines() 106 fd.close() 107 for i in l: 108 priority, module, kind = i.decode('utf-8').split() 109 if not (self.match(module, filter) or self.match(priority, filter)): 110 continue 111 iter = self.store.append() 112 self.store.set_value(iter, 0, module.strip()) 113 self.store.set_value(iter, 1, priority.strip()) 114 self.store.set_value(iter, 2, kind.strip()) 115 except: 116 pass 117 self.view.get_selection().select_path((0,)) 118 119 def new_module(self, args): 120 try: 121 Popen(["selinux-polgengui"]) 122 except ValueError as e: 123 self.error(e.args[0]) 124 125 def delete(self): 126 store, iter = self.view.get_selection().get_selected() 127 module = store.get_value(iter, 0) 128 priority = store.get_value(iter, 1) 129 try: 130 self.wait() 131 status, output = getstatusoutput("semodule -X %s -r %s" % (priority, module)) 132 self.ready() 133 if status != 0: 134 self.error(output) 135 else: 136 store.remove(iter) 137 self.view.get_selection().select_path((0,)) 138 139 except ValueError as e: 140 self.error(e.args[0]) 141 142 def enable_audit(self, button): 143 self.audit_enabled = not self.audit_enabled 144 try: 145 self.wait() 146 if self.audit_enabled: 147 status, output = getstatusoutput("semodule -DB") 148 button.set_label(_("Disable Audit")) 149 else: 150 status, output = getstatusoutput("semodule -B") 151 button.set_label(_("Enable Audit")) 152 self.ready() 153 154 if status != 0: 155 self.error(output) 156 157 except ValueError as e: 158 self.error(e.args[0]) 159 160 def disable_audit(self, button): 161 try: 162 self.wait() 163 status, output = getstatusoutput("semodule -B") 164 self.ready() 165 if status != 0: 166 self.error(output) 167 168 except ValueError as e: 169 self.error(e.args[0]) 170 171 def propertiesDialog(self): 172 # Do nothing 173 return 174 175 def addDialog(self): 176 dialog = Gtk.FileChooserDialog(_("Load Policy Module"), 177 None, 178 Gtk.FileChooserAction.OPEN, 179 (Gtk.STOCK_CANCEL, Gtk.ResponseType.CANCEL, 180 Gtk.STOCK_OPEN, Gtk.ResponseType.OK)) 181 dialog.set_default_response(Gtk.ResponseType.OK) 182 183 filter = Gtk.FileFilter() 184 filter.set_name("Policy Files") 185 filter.add_pattern("*.pp") 186 dialog.add_filter(filter) 187 188 response = dialog.run() 189 if response == Gtk.ResponseType.OK: 190 self.add(dialog.get_filename()) 191 dialog.destroy() 192 193 def add(self, file): 194 try: 195 self.wait() 196 status, output = getstatusoutput("semodule -i %s" % file) 197 self.ready() 198 if status != 0: 199 self.error(output) 200 else: 201 self.load() 202 203 except ValueError as e: 204 self.error(e.args[0]) 205