1## modulesPage.py - show selinux mappings 2## Copyright (C) 2006-2009 Red Hat, Inc. 3 4## This program is free software; you can redistribute it and/or modify 5## it under the terms of the GNU General Public License as published by 6## the Free Software Foundation; either version 2 of the License, or 7## (at your option) any later version. 8 9## This program is distributed in the hope that it will be useful, 10## but WITHOUT ANY WARRANTY; without even the implied warranty of 11## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 12## GNU General Public License for more details. 13 14## You should have received a copy of the GNU General Public License 15## along with this program; if not, write to the Free Software 16## Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. 17 18## Author: Dan Walsh 19import sys 20from subprocess import Popen, PIPE 21try: 22 from subprocess import getstatusoutput 23except ImportError: 24 from commands import getstatusoutput 25 26from gi.repository import GObject, Gtk 27import selinux 28from semanagePage import * 29 30## 31## I18N 32## 33PROGNAME = "policycoreutils" 34try: 35 import gettext 36 kwargs = {} 37 if sys.version_info < (3,): 38 kwargs['unicode'] = True 39 gettext.install(PROGNAME, 40 localedir="/usr/share/locale", 41 codeset='utf-8', 42 **kwargs) 43except: 44 try: 45 import builtins 46 builtins.__dict__['_'] = str 47 except ImportError: 48 import __builtin__ 49 __builtin__.__dict__['_'] = unicode 50 51 52class modulesPage(semanagePage): 53 54 def __init__(self, xml): 55 semanagePage.__init__(self, xml, "modules", _("Policy Module")) 56 self.module_filter = xml.get_object("modulesFilterEntry") 57 self.module_filter.connect("focus_out_event", self.filter_changed) 58 self.module_filter.connect("activate", self.filter_changed) 59 self.audit_enabled = False 60 61 self.store = Gtk.ListStore(GObject.TYPE_STRING, GObject.TYPE_STRING, 62 GObject.TYPE_STRING) 63 self.view.set_model(self.store) 64 self.store.set_sort_column_id(0, Gtk.SortType.ASCENDING) 65 col = Gtk.TreeViewColumn(_("Module Name"), Gtk.CellRendererText(), text=0) 66 col.set_sort_column_id(0) 67 col.set_resizable(True) 68 self.view.append_column(col) 69 self.store.set_sort_column_id(0, Gtk.SortType.ASCENDING) 70 col = Gtk.TreeViewColumn(_("Priority"), Gtk.CellRendererText(), text=1) 71 self.enable_audit_button = xml.get_object("enableAuditButton") 72 self.enable_audit_button.connect("clicked", self.enable_audit) 73 self.new_button = xml.get_object("newModuleButton") 74 self.new_button.connect("clicked", self.new_module) 75 col.set_sort_column_id(1) 76 col.set_resizable(True) 77 self.view.append_column(col) 78 self.store.set_sort_column_id(2, Gtk.SortType.ASCENDING) 79 col = Gtk.TreeViewColumn(_("Kind"), Gtk.CellRendererText(), text=2) 80 col.set_sort_column_id(2) 81 col.set_resizable(True) 82 self.view.append_column(col) 83 self.store.set_sort_func(1, self.sort_int, "") 84 status, self.policy_type = selinux.selinux_getpolicytype() 85 86 self.load() 87 88 def sort_int(self, treemodel, iter1, iter2, user_data): 89 try: 90 p1 = int(treemodel.get_value(iter1, 1)) 91 p2 = int(treemodel.get_value(iter1, 1)) 92 if p1 > p2: 93 return 1 94 if p1 == p2: 95 return 0 96 return -1 97 except: 98 return 0 99 100 def load(self, filter=""): 101 self.filter = filter 102 self.store.clear() 103 try: 104 fd = Popen("semodule -lfull", shell=True, stdout=PIPE).stdout 105 l = fd.readlines() 106 fd.close() 107 for i in l: 108 priority, module, kind = i.decode('utf-8').split() 109 if not (self.match(module, filter) or self.match(priority, filter)): 110 continue 111 iter = self.store.append() 112 self.store.set_value(iter, 0, module.strip()) 113 self.store.set_value(iter, 1, priority.strip()) 114 self.store.set_value(iter, 2, kind.strip()) 115 except: 116 pass 117 self.view.get_selection().select_path((0,)) 118 119 def new_module(self, args): 120 try: 121 Popen(["/usr/share/system-config-selinux/polgengui.py"]) 122 except ValueError as e: 123 self.error(e.args[0]) 124 125 def delete(self): 126 store, iter = self.view.get_selection().get_selected() 127 module = store.get_value(iter, 0) 128 try: 129 self.wait() 130 status, output = getstatusoutput("semodule -r %s" % module) 131 self.ready() 132 if status != 0: 133 self.error(output) 134 else: 135 store.remove(iter) 136 self.view.get_selection().select_path((0,)) 137 138 except ValueError as e: 139 self.error(e.args[0]) 140 141 def enable_audit(self, button): 142 self.audit_enabled = not self.audit_enabled 143 try: 144 self.wait() 145 if self.audit_enabled: 146 status, output = getstatusoutput("semodule -DB") 147 button.set_label(_("Disable Audit")) 148 else: 149 status, output = getstatusoutput("semodule -B") 150 button.set_label(_("Enable Audit")) 151 self.ready() 152 153 if status != 0: 154 self.error(output) 155 156 except ValueError as e: 157 self.error(e.args[0]) 158 159 def disable_audit(self, button): 160 try: 161 self.wait() 162 status, output = getstatusoutput("semodule -B") 163 self.ready() 164 if status != 0: 165 self.error(output) 166 167 except ValueError as e: 168 self.error(e.args[0]) 169 170 def propertiesDialog(self): 171 # Do nothing 172 return 173 174 def addDialog(self): 175 dialog = Gtk.FileChooserDialog(_("Load Policy Module"), 176 None, 177 Gtk.FileChooserAction.OPEN, 178 (Gtk.STOCK_CANCEL, Gtk.ResponseType.CANCEL, 179 Gtk.STOCK_OPEN, Gtk.ResponseType.OK)) 180 dialog.set_default_response(Gtk.ResponseType.OK) 181 182 filter = Gtk.FileFilter() 183 filter.set_name("Policy Files") 184 filter.add_pattern("*.pp") 185 dialog.add_filter(filter) 186 187 response = dialog.run() 188 if response == Gtk.ResponseType.OK: 189 self.add(dialog.get_filename()) 190 dialog.destroy() 191 192 def add(self, file): 193 try: 194 self.wait() 195 status, output = getstatusoutput("semodule -i %s" % file) 196 self.ready() 197 if status != 0: 198 self.error(output) 199 else: 200 self.load() 201 202 except ValueError as e: 203 self.error(e.args[0]) 204