• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1## modulesPage.py - show selinux mappings
2## Copyright (C) 2006-2009 Red Hat, Inc.
3
4## This program is free software; you can redistribute it and/or modify
5## it under the terms of the GNU General Public License as published by
6## the Free Software Foundation; either version 2 of the License, or
7## (at your option) any later version.
8
9## This program is distributed in the hope that it will be useful,
10## but WITHOUT ANY WARRANTY; without even the implied warranty of
11## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
12## GNU General Public License for more details.
13
14## You should have received a copy of the GNU General Public License
15## along with this program; if not, write to the Free Software
16## Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
17
18## Author: Dan Walsh
19import sys
20from subprocess import Popen, PIPE
21try:
22    from subprocess import getstatusoutput
23except ImportError:
24    from commands import getstatusoutput
25
26from gi.repository import GObject, Gtk
27import selinux
28from semanagePage import *
29
30##
31## I18N
32##
33PROGNAME = "policycoreutils"
34try:
35    import gettext
36    kwargs = {}
37    if sys.version_info < (3,):
38        kwargs['unicode'] = True
39    gettext.install(PROGNAME,
40                    localedir="/usr/share/locale",
41                    codeset='utf-8',
42                    **kwargs)
43except:
44    try:
45        import builtins
46        builtins.__dict__['_'] = str
47    except ImportError:
48        import __builtin__
49        __builtin__.__dict__['_'] = unicode
50
51
52class modulesPage(semanagePage):
53
54    def __init__(self, xml):
55        semanagePage.__init__(self, xml, "modules", _("Policy Module"))
56        self.module_filter = xml.get_object("modulesFilterEntry")
57        self.module_filter.connect("focus_out_event", self.filter_changed)
58        self.module_filter.connect("activate", self.filter_changed)
59        self.audit_enabled = False
60
61        self.store = Gtk.ListStore(GObject.TYPE_STRING, GObject.TYPE_STRING,
62                                   GObject.TYPE_STRING)
63        self.view.set_model(self.store)
64        self.store.set_sort_column_id(0, Gtk.SortType.ASCENDING)
65        col = Gtk.TreeViewColumn(_("Module Name"), Gtk.CellRendererText(), text=0)
66        col.set_sort_column_id(0)
67        col.set_resizable(True)
68        self.view.append_column(col)
69        self.store.set_sort_column_id(0, Gtk.SortType.ASCENDING)
70        col = Gtk.TreeViewColumn(_("Priority"), Gtk.CellRendererText(), text=1)
71        self.enable_audit_button = xml.get_object("enableAuditButton")
72        self.enable_audit_button.connect("clicked", self.enable_audit)
73        self.new_button = xml.get_object("newModuleButton")
74        self.new_button.connect("clicked", self.new_module)
75        col.set_sort_column_id(1)
76        col.set_resizable(True)
77        self.view.append_column(col)
78        self.store.set_sort_column_id(2, Gtk.SortType.ASCENDING)
79        col = Gtk.TreeViewColumn(_("Kind"), Gtk.CellRendererText(), text=2)
80        col.set_sort_column_id(2)
81        col.set_resizable(True)
82        self.view.append_column(col)
83        self.store.set_sort_func(1, self.sort_int, "")
84        status, self.policy_type = selinux.selinux_getpolicytype()
85
86        self.load()
87
88    def sort_int(self, treemodel, iter1, iter2, user_data):
89        try:
90            p1 = int(treemodel.get_value(iter1, 1))
91            p2 = int(treemodel.get_value(iter1, 1))
92            if p1 > p2:
93                return 1
94            if p1 == p2:
95                return 0
96            return -1
97        except:
98            return 0
99
100    def load(self, filter=""):
101        self.filter = filter
102        self.store.clear()
103        try:
104            fd = Popen("semodule -lfull", shell=True, stdout=PIPE).stdout
105            l = fd.readlines()
106            fd.close()
107            for i in l:
108                priority, module, kind = i.decode('utf-8').split()
109                if not (self.match(module, filter) or self.match(priority, filter)):
110                    continue
111                iter = self.store.append()
112                self.store.set_value(iter, 0, module.strip())
113                self.store.set_value(iter, 1, priority.strip())
114                self.store.set_value(iter, 2, kind.strip())
115        except:
116            pass
117        self.view.get_selection().select_path((0,))
118
119    def new_module(self, args):
120        try:
121            Popen(["/usr/share/system-config-selinux/polgengui.py"])
122        except ValueError as e:
123            self.error(e.args[0])
124
125    def delete(self):
126        store, iter = self.view.get_selection().get_selected()
127        module = store.get_value(iter, 0)
128        try:
129            self.wait()
130            status, output = getstatusoutput("semodule -r %s" % module)
131            self.ready()
132            if status != 0:
133                self.error(output)
134            else:
135                store.remove(iter)
136                self.view.get_selection().select_path((0,))
137
138        except ValueError as e:
139            self.error(e.args[0])
140
141    def enable_audit(self, button):
142        self.audit_enabled = not self.audit_enabled
143        try:
144            self.wait()
145            if self.audit_enabled:
146                status, output = getstatusoutput("semodule -DB")
147                button.set_label(_("Disable Audit"))
148            else:
149                status, output = getstatusoutput("semodule -B")
150                button.set_label(_("Enable Audit"))
151            self.ready()
152
153            if status != 0:
154                self.error(output)
155
156        except ValueError as e:
157            self.error(e.args[0])
158
159    def disable_audit(self, button):
160        try:
161            self.wait()
162            status, output = getstatusoutput("semodule -B")
163            self.ready()
164            if status != 0:
165                self.error(output)
166
167        except ValueError as e:
168            self.error(e.args[0])
169
170    def propertiesDialog(self):
171        # Do nothing
172        return
173
174    def addDialog(self):
175        dialog = Gtk.FileChooserDialog(_("Load Policy Module"),
176                                       None,
177                                       Gtk.FileChooserAction.OPEN,
178                                       (Gtk.STOCK_CANCEL, Gtk.ResponseType.CANCEL,
179                                        Gtk.STOCK_OPEN, Gtk.ResponseType.OK))
180        dialog.set_default_response(Gtk.ResponseType.OK)
181
182        filter = Gtk.FileFilter()
183        filter.set_name("Policy Files")
184        filter.add_pattern("*.pp")
185        dialog.add_filter(filter)
186
187        response = dialog.run()
188        if response == Gtk.ResponseType.OK:
189            self.add(dialog.get_filename())
190        dialog.destroy()
191
192    def add(self, file):
193        try:
194            self.wait()
195            status, output = getstatusoutput("semodule -i %s" % file)
196            self.ready()
197            if status != 0:
198                self.error(output)
199            else:
200                self.load()
201
202        except ValueError as e:
203            self.error(e.args[0])
204