• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1## domainsPage.py - show selinux domains
2## Copyright (C) 2009 Red Hat, Inc.
3
4## This program is free software; you can redistribute it and/or modify
5## it under the terms of the GNU General Public License as published by
6## the Free Software Foundation; either version 2 of the License, or
7## (at your option) any later version.
8
9## This program is distributed in the hope that it will be useful,
10## but WITHOUT ANY WARRANTY; without even the implied warranty of
11## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
12## GNU General Public License for more details.
13
14## You should have received a copy of the GNU General Public License
15## along with this program; if not, write to the Free Software
16## Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
17
18## Author: Dan Walsh
19import os
20try:
21    from subprocess import getstatusoutput
22except ImportError:
23    from commands import getstatusoutput
24
25import sys
26from gi.repository import GObject, Gtk
27import sepolicy
28from semanagePage import *
29
30##
31## I18N
32##
33PROGNAME = "selinux-gui"
34try:
35    import gettext
36    kwargs = {}
37    if sys.version_info < (3,):
38        kwargs['unicode'] = True
39    t = gettext.translation(PROGNAME,
40                    localedir="/usr/share/locale",
41                    **kwargs,
42                    fallback=True)
43    _ = t.gettext
44except:
45    try:
46        import builtins
47        builtins.__dict__['_'] = str
48    except ImportError:
49        import __builtin__
50        __builtin__.__dict__['_'] = unicode
51
52
53class domainsPage(semanagePage):
54
55    def __init__(self, xml):
56        semanagePage.__init__(self, xml, "domains", _("Process Domain"))
57        self.domain_filter = xml.get_object("domainsFilterEntry")
58        self.domain_filter.connect("focus_out_event", self.filter_changed)
59        self.domain_filter.connect("activate", self.filter_changed)
60
61        self.store = Gtk.ListStore(GObject.TYPE_STRING, GObject.TYPE_STRING)
62        self.view.set_model(self.store)
63        self.store.set_sort_column_id(0, Gtk.SortType.ASCENDING)
64        col = Gtk.TreeViewColumn(_("Domain Name"), Gtk.CellRendererText(), text=0)
65        col.set_sort_column_id(0)
66        col.set_resizable(True)
67        self.view.append_column(col)
68        self.store.set_sort_column_id(0, Gtk.SortType.ASCENDING)
69        col = Gtk.TreeViewColumn(_("Mode"), Gtk.CellRendererText(), text=1)
70        col.set_sort_column_id(1)
71        col.set_resizable(True)
72        self.view.append_column(col)
73        self.view.get_selection().connect("changed", self.itemSelected)
74
75        self.permissive_button = xml.get_object("permissiveButton")
76        self.enforcing_button = xml.get_object("enforcingButton")
77
78        self.domains = sepolicy.get_all_entrypoint_domains()
79        self.load()
80
81    def get_modules(self):
82        modules = []
83        fd = os.popen("semodule -l")
84        mods = fd.readlines()
85        fd.close()
86        for l in mods:
87            modules.append(l.split()[0])
88        return modules
89
90    def load(self, filter=""):
91        self.filter = filter
92        self.store.clear()
93        try:
94            modules = self.get_modules()
95            for domain in self.domains:
96                if not self.match(domain, filter):
97                    continue
98                iter = self.store.append()
99                self.store.set_value(iter, 0, domain)
100                t = "permissive_%s_t" % domain
101                if t in modules:
102                    self.store.set_value(iter, 1, _("Permissive"))
103                else:
104                    self.store.set_value(iter, 1, "")
105        except:
106            pass
107        self.view.get_selection().select_path((0,))
108
109    def itemSelected(self, selection):
110        store, iter = selection.get_selected()
111        if iter is None:
112            return
113        p = store.get_value(iter, 1) == _("Permissive")
114        self.permissive_button.set_sensitive(not p)
115        self.enforcing_button.set_sensitive(p)
116
117    def deleteDialog(self):
118        # Do nothing
119        return self.delete()
120
121    def delete(self):
122        selection = self.view.get_selection()
123        store, iter = selection.get_selected()
124        domain = store.get_value(iter, 0)
125        try:
126            self.wait()
127            status, output = getstatusoutput("semanage permissive -d %s_t" % domain)
128            self.ready()
129            if status != 0:
130                self.error(output)
131            else:
132                domain = store.set_value(iter, 1, "")
133                self.itemSelected(selection)
134
135        except ValueError as e:
136            self.error(e.args[0])
137
138    def propertiesDialog(self):
139        # Do nothing
140        return
141
142    def addDialog(self):
143        # Do nothing
144        return self.add()
145
146    def add(self):
147        selection = self.view.get_selection()
148        store, iter = selection.get_selected()
149        domain = store.get_value(iter, 0)
150        try:
151            self.wait()
152            status, output = getstatusoutput("semanage permissive -a %s_t" % domain)
153            self.ready()
154            if status != 0:
155                self.error(output)
156            else:
157                domain = store.set_value(iter, 1, _("Permissive"))
158                self.itemSelected(selection)
159
160        except ValueError as e:
161            self.error(e.args[0])
162