• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1## loginsPage.py - show selinux mappings
2## Copyright (C) 2006 Red Hat, Inc.
3
4## This program is free software; you can redistribute it and/or modify
5## it under the terms of the GNU General Public License as published by
6## the Free Software Foundation; either version 2 of the License, or
7## (at your option) any later version.
8
9## This program is distributed in the hope that it will be useful,
10## but WITHOUT ANY WARRANTY; without even the implied warranty of
11## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
12## GNU General Public License for more details.
13
14## You should have received a copy of the GNU General Public License
15## along with this program; if not, write to the Free Software
16## Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
17
18## Author: Dan Walsh
19import sys
20try:
21    from subprocess import getstatusoutput
22except ImportError:
23    from commands import getstatusoutput
24
25from gi.repository import GObject, Gtk
26import seobject
27from semanagePage import *
28
29##
30## I18N
31##
32PROGNAME = "selinux-gui"
33try:
34    import gettext
35    kwargs = {}
36    if sys.version_info < (3,):
37        kwargs['unicode'] = True
38    t = gettext.translation(PROGNAME,
39                    localedir="/usr/share/locale",
40                    **kwargs,
41                    fallback=True)
42    _ = t.gettext
43except:
44    try:
45        import builtins
46        builtins.__dict__['_'] = str
47    except ImportError:
48        import __builtin__
49        __builtin__.__dict__['_'] = unicode
50
51
52class loginsPage(semanagePage):
53
54    def __init__(self, xml):
55        self.firstTime = False
56        semanagePage.__init__(self, xml, "logins", _("User Mapping"))
57        self.store = Gtk.ListStore(GObject.TYPE_STRING, GObject.TYPE_STRING, GObject.TYPE_STRING)
58        self.view.set_model(self.store)
59        self.store.set_sort_column_id(0, Gtk.SortType.ASCENDING)
60        col = Gtk.TreeViewColumn(_("Login\nName"), Gtk.CellRendererText(), text=0)
61        col.set_sort_column_id(0)
62        col.set_resizable(True)
63        self.view.append_column(col)
64        col = Gtk.TreeViewColumn(_("SELinux\nUser"), Gtk.CellRendererText(), text=1)
65        col.set_resizable(True)
66        self.view.append_column(col)
67        col = Gtk.TreeViewColumn(_("MLS/\nMCS Range"), Gtk.CellRendererText(), text=2)
68        col.set_resizable(True)
69        self.view.append_column(col)
70        self.load()
71        self.loginsNameEntry = xml.get_object("loginsNameEntry")
72        self.loginsSelinuxUserCombo = xml.get_object("loginsSelinuxUserCombo")
73        self.loginsMLSEntry = xml.get_object("loginsMLSEntry")
74
75    def load(self, filter=""):
76        self.filter = filter
77        self.login = seobject.loginRecords()
78        dict = self.login.get_all(0)
79        self.store.clear()
80        for k in sorted(dict.keys()):
81            range = seobject.translate(dict[k][1])
82            if not (self.match(k, filter) or self.match(dict[k][0], filter) or self.match(range, filter)):
83                continue
84            iter = self.store.append()
85            self.store.set_value(iter, 0, k)
86            self.store.set_value(iter, 1, dict[k][0])
87            self.store.set_value(iter, 2, range)
88        self.view.get_selection().select_path((0,))
89
90    def __dialogSetup(self):
91        if self.firstTime:
92            return
93        self.firstTime = True
94        liststore = Gtk.ListStore(GObject.TYPE_STRING)
95        self.loginsSelinuxUserCombo.set_model(liststore)
96        cell = Gtk.CellRendererText()
97        self.loginsSelinuxUserCombo.pack_start(cell, True)
98        self.loginsSelinuxUserCombo.add_attribute(cell, 'text', 0)
99
100        selusers = seobject.seluserRecords().get_all(0)
101        for k in sorted(selusers.keys()):
102            if k != "system_u":
103                self.loginsSelinuxUserCombo.append_text(k)
104
105        iter = liststore.get_iter_first()
106        while liststore.get_value(iter, 0) != "user_u":
107            iter = liststore.iter_next(iter)
108        self.loginsSelinuxUserCombo.set_active_iter(iter)
109
110    def dialogInit(self):
111        self.__dialogSetup()
112        store, iter = self.view.get_selection().get_selected()
113        self.loginsNameEntry.set_text(store.get_value(iter, 0))
114        self.loginsNameEntry.set_sensitive(False)
115
116        self.loginsMLSEntry.set_text(store.get_value(iter, 2))
117        seuser = store.get_value(iter, 1)
118        liststore = self.loginsSelinuxUserCombo.get_model()
119        iter = liststore.get_iter_first()
120        while iter != None and liststore.get_value(iter, 0) != seuser:
121            iter = liststore.iter_next(iter)
122        if iter != None:
123            self.loginsSelinuxUserCombo.set_active_iter(iter)
124
125    def dialogClear(self):
126        self.__dialogSetup()
127        self.loginsNameEntry.set_text("")
128        self.loginsNameEntry.set_sensitive(True)
129        self.loginsMLSEntry.set_text("s0")
130
131    def delete(self):
132        store, iter = self.view.get_selection().get_selected()
133        try:
134            login = store.get_value(iter, 0)
135            if login == "root" or login == "__default__":
136                raise ValueError(_("Login '%s' is required") % login)
137
138            self.wait()
139            (rc, out) = getstatusoutput("semanage login -d %s" % login)
140            self.ready()
141            if rc != 0:
142                self.error(out)
143                return False
144            store.remove(iter)
145            self.view.get_selection().select_path((0,))
146        except ValueError as e:
147            self.error(e.args[0])
148
149    def add(self):
150        target = self.loginsNameEntry.get_text().strip()
151        serange = self.loginsMLSEntry.get_text().strip()
152        if serange == "":
153            serange = "s0"
154        list_model = self.loginsSelinuxUserCombo.get_model()
155        iter = self.loginsSelinuxUserCombo.get_active_iter()
156        seuser = list_model.get_value(iter, 0)
157        self.wait()
158        (rc, out) = getstatusoutput("semanage login -a -s %s -r %s %s" % (seuser, serange, target))
159        self.ready()
160        if rc != 0:
161            self.error(out)
162            return False
163
164        iter = self.store.append()
165        self.store.set_value(iter, 0, target)
166        self.store.set_value(iter, 1, seuser)
167        self.store.set_value(iter, 2, seobject.translate(serange))
168
169    def modify(self):
170        target = self.loginsNameEntry.get_text().strip()
171        serange = self.loginsMLSEntry.get_text().strip()
172        if serange == "":
173            serange = "s0"
174        list_model = self.loginsSelinuxUserCombo.get_model()
175        iter = self.loginsSelinuxUserCombo.get_active_iter()
176        seuser = list_model.get_value(iter, 0)
177        self.wait()
178        (rc, out) = getstatusoutput("semanage login -m -s %s -r %s %s" % (seuser, serange, target))
179        self.ready()
180        if rc != 0:
181            self.error(out)
182            return False
183
184        store, iter = self.view.get_selection().get_selected()
185        self.store.set_value(iter, 0, target)
186        self.store.set_value(iter, 1, seuser)
187        self.store.set_value(iter, 2, seobject.translate(serange))
188