• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1## usersPage.py - show selinux mappings
2## Copyright (C) 2006,2007,2008 Red Hat, Inc.
3
4## This program is free software; you can redistribute it and/or modify
5## it under the terms of the GNU General Public License as published by
6## the Free Software Foundation; either version 2 of the License, or
7## (at your option) any later version.
8
9## This program is distributed in the hope that it will be useful,
10## but WITHOUT ANY WARRANTY; without even the implied warranty of
11## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
12## GNU General Public License for more details.
13
14## You should have received a copy of the GNU General Public License
15## along with this program; if not, write to the Free Software
16## Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
17
18## Author: Dan Walsh
19import string
20import gtk
21import gtk.glade
22import os
23import gobject
24import sys
25import commands
26import seobject
27from semanagePage import *
28
29##
30## I18N
31##
32PROGNAME = "policycoreutils"
33import gettext
34gettext.bindtextdomain(PROGNAME, "/usr/share/locale")
35gettext.textdomain(PROGNAME)
36try:
37    gettext.install(PROGNAME, localedir="/usr/share/locale", unicode=1)
38except IOError:
39    import __builtin__
40    __builtin__.__dict__['_'] = unicode
41
42
43class usersPage(semanagePage):
44
45    def __init__(self, xml):
46        semanagePage.__init__(self, xml, "users", _("SELinux User"))
47
48        self.store = gtk.ListStore(gobject.TYPE_STRING, gobject.TYPE_STRING, gobject.TYPE_STRING, gobject.TYPE_STRING, gobject.TYPE_STRING)
49        self.view.set_model(self.store)
50        self.store.set_sort_column_id(0, gtk.SORT_ASCENDING)
51
52        col = gtk.TreeViewColumn(_("SELinux\nUser"), gtk.CellRendererText(), text=0)
53        col.set_sort_column_id(0)
54        col.set_resizable(True)
55        self.view.append_column(col)
56
57        col = gtk.TreeViewColumn(_("MLS/\nMCS Range"), gtk.CellRendererText(), text=1)
58        col.set_resizable(True)
59        self.view.append_column(col)
60
61        col = gtk.TreeViewColumn(_("SELinux Roles"), gtk.CellRendererText(), text=2)
62        col.set_resizable(True)
63        self.view.append_column(col)
64
65        self.load()
66        self.selinuxUserEntry = xml.get_widget("selinuxUserEntry")
67        self.mlsRangeEntry = xml.get_widget("mlsRangeEntry")
68        self.selinuxRolesEntry = xml.get_widget("selinuxRolesEntry")
69
70    def load(self, filter=""):
71        self.filter = filter
72        self.user = seobject.seluserRecords()
73        dict = self.user.get_all()
74        keys = dict.keys()
75        keys.sort()
76        self.store.clear()
77        for k in keys:
78            range = seobject.translate(dict[k][2])
79            if not (self.match(k, filter) or self.match(dict[k][0], filter) or self.match(range, filter) or self.match(dict[k][3], filter)):
80                continue
81
82            iter = self.store.append()
83            self.store.set_value(iter, 0, k)
84            self.store.set_value(iter, 1, range)
85            self.store.set_value(iter, 2, dict[k][3])
86        self.view.get_selection().select_path((0,))
87
88    def delete(self):
89        if semanagePage.delete(self) == gtk.RESPONSE_NO:
90            return None
91
92    def dialogInit(self):
93        store, iter = self.view.get_selection().get_selected()
94        self.selinuxUserEntry.set_text(store.get_value(iter, 0))
95        self.selinuxUserEntry.set_sensitive(False)
96        self.mlsRangeEntry.set_text(store.get_value(iter, 1))
97        self.selinuxRolesEntry.set_text(store.get_value(iter, 2))
98
99    def dialogClear(self):
100        self.selinuxUserEntry.set_text("")
101        self.selinuxUserEntry.set_sensitive(True)
102        self.mlsRangeEntry.set_text("s0")
103        self.selinuxRolesEntry.set_text("")
104
105    def add(self):
106        user = self.selinuxUserEntry.get_text()
107        range = self.mlsRangeEntry.get_text()
108        roles = self.selinuxRolesEntry.get_text()
109
110        self.wait()
111        (rc, out) = commands.getstatusoutput("semanage user -a -R '%s' -r %s %s" % (roles, range, user))
112        self.ready()
113        if rc != 0:
114            self.error(out)
115            return False
116        iter = self.store.append()
117        self.store.set_value(iter, 0, user)
118        self.store.set_value(iter, 1, range)
119        self.store.set_value(iter, 2, roles)
120
121    def modify(self):
122        user = self.selinuxUserEntry.get_text()
123        range = self.mlsRangeEntry.get_text()
124        roles = self.selinuxRolesEntry.get_text()
125
126        self.wait()
127        (rc, out) = commands.getstatusoutput("semanage user -m -R '%s' -r %s %s" % (roles, range, user))
128        self.ready()
129
130        if rc != 0:
131            self.error(out)
132            return False
133        self.load(self.filter)
134
135    def delete(self):
136        store, iter = self.view.get_selection().get_selected()
137        try:
138            user = store.get_value(iter, 0)
139            if user == "root" or user == "user_u":
140                raise ValueError(_("SELinux user '%s' is required") % user)
141
142            self.wait()
143            (rc, out) = commands.getstatusoutput("semanage user -d %s" % user)
144            self.ready()
145            if rc != 0:
146                self.error(out)
147                return False
148            store.remove(iter)
149            self.view.get_selection().select_path((0,))
150        except ValueError, e:
151            self.error(e.args[0])
152