1514af85b89fff54f079f239294c727e4d61319edDan Walsh## modulesPage.py - show selinux mappings 2514af85b89fff54f079f239294c727e4d61319edDan Walsh## Copyright (C) 2006-2009 Red Hat, Inc. 3514af85b89fff54f079f239294c727e4d61319edDan Walsh 4514af85b89fff54f079f239294c727e4d61319edDan Walsh## This program is free software; you can redistribute it and/or modify 5514af85b89fff54f079f239294c727e4d61319edDan Walsh## it under the terms of the GNU General Public License as published by 6514af85b89fff54f079f239294c727e4d61319edDan Walsh## the Free Software Foundation; either version 2 of the License, or 7514af85b89fff54f079f239294c727e4d61319edDan Walsh## (at your option) any later version. 8514af85b89fff54f079f239294c727e4d61319edDan Walsh 9514af85b89fff54f079f239294c727e4d61319edDan Walsh## This program is distributed in the hope that it will be useful, 10514af85b89fff54f079f239294c727e4d61319edDan Walsh## but WITHOUT ANY WARRANTY; without even the implied warranty of 11514af85b89fff54f079f239294c727e4d61319edDan Walsh## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 12514af85b89fff54f079f239294c727e4d61319edDan Walsh## GNU General Public License for more details. 13514af85b89fff54f079f239294c727e4d61319edDan Walsh 14514af85b89fff54f079f239294c727e4d61319edDan Walsh## You should have received a copy of the GNU General Public License 15514af85b89fff54f079f239294c727e4d61319edDan Walsh## along with this program; if not, write to the Free Software 16514af85b89fff54f079f239294c727e4d61319edDan Walsh## Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. 17514af85b89fff54f079f239294c727e4d61319edDan Walsh 18514af85b89fff54f079f239294c727e4d61319edDan Walsh## Author: Dan Walsh 19514af85b89fff54f079f239294c727e4d61319edDan Walshimport string 20514af85b89fff54f079f239294c727e4d61319edDan Walshimport gtk 21514af85b89fff54f079f239294c727e4d61319edDan Walshimport gtk.glade 22514af85b89fff54f079f239294c727e4d61319edDan Walshimport os 23514af85b89fff54f079f239294c727e4d61319edDan Walshimport commands 24514af85b89fff54f079f239294c727e4d61319edDan Walshimport gobject 25514af85b89fff54f079f239294c727e4d61319edDan Walshimport sys 26514af85b89fff54f079f239294c727e4d61319edDan Walshimport seobject 27514af85b89fff54f079f239294c727e4d61319edDan Walshimport selinux 28514af85b89fff54f079f239294c727e4d61319edDan Walshfrom semanagePage import *; 2945b324e27b0955e93371508f9ab79ed8d9e5bb7crhatdanfrom subprocess import Popen, PIPE 30514af85b89fff54f079f239294c727e4d61319edDan Walsh 31514af85b89fff54f079f239294c727e4d61319edDan Walsh## 32514af85b89fff54f079f239294c727e4d61319edDan Walsh## I18N 33514af85b89fff54f079f239294c727e4d61319edDan Walsh## 34514af85b89fff54f079f239294c727e4d61319edDan WalshPROGNAME="policycoreutils" 35514af85b89fff54f079f239294c727e4d61319edDan Walshimport gettext 36514af85b89fff54f079f239294c727e4d61319edDan Walshgettext.bindtextdomain(PROGNAME, "/usr/share/locale") 37514af85b89fff54f079f239294c727e4d61319edDan Walshgettext.textdomain(PROGNAME) 38514af85b89fff54f079f239294c727e4d61319edDan Walshtry: 39514af85b89fff54f079f239294c727e4d61319edDan Walsh gettext.install(PROGNAME, 40514af85b89fff54f079f239294c727e4d61319edDan Walsh localedir="/usr/share/locale", 41514af85b89fff54f079f239294c727e4d61319edDan Walsh unicode=False, 42514af85b89fff54f079f239294c727e4d61319edDan Walsh codeset = 'utf-8') 43514af85b89fff54f079f239294c727e4d61319edDan Walshexcept IOError: 44514af85b89fff54f079f239294c727e4d61319edDan Walsh import __builtin__ 45514af85b89fff54f079f239294c727e4d61319edDan Walsh __builtin__.__dict__['_'] = unicode 46514af85b89fff54f079f239294c727e4d61319edDan Walsh 47514af85b89fff54f079f239294c727e4d61319edDan Walshclass modulesPage(semanagePage): 48514af85b89fff54f079f239294c727e4d61319edDan Walsh def __init__(self, xml): 49514af85b89fff54f079f239294c727e4d61319edDan Walsh semanagePage.__init__(self, xml, "modules", _("Policy Module")) 50514af85b89fff54f079f239294c727e4d61319edDan Walsh self.module_filter = xml.get_widget("modulesFilterEntry") 51514af85b89fff54f079f239294c727e4d61319edDan Walsh self.module_filter.connect("focus_out_event", self.filter_changed) 52514af85b89fff54f079f239294c727e4d61319edDan Walsh self.module_filter.connect("activate", self.filter_changed) 53514af85b89fff54f079f239294c727e4d61319edDan Walsh self.audit_enabled = False 54514af85b89fff54f079f239294c727e4d61319edDan Walsh 55514af85b89fff54f079f239294c727e4d61319edDan Walsh self.store = gtk.ListStore(gobject.TYPE_STRING, gobject.TYPE_STRING) 56514af85b89fff54f079f239294c727e4d61319edDan Walsh self.view.set_model(self.store) 57514af85b89fff54f079f239294c727e4d61319edDan Walsh self.store.set_sort_column_id(0, gtk.SORT_ASCENDING) 58514af85b89fff54f079f239294c727e4d61319edDan Walsh col = gtk.TreeViewColumn(_("Module Name"), gtk.CellRendererText(), text = 0) 59514af85b89fff54f079f239294c727e4d61319edDan Walsh col.set_sort_column_id(0) 60514af85b89fff54f079f239294c727e4d61319edDan Walsh col.set_resizable(True) 61514af85b89fff54f079f239294c727e4d61319edDan Walsh self.view.append_column(col) 62514af85b89fff54f079f239294c727e4d61319edDan Walsh self.store.set_sort_column_id(0, gtk.SORT_ASCENDING) 63514af85b89fff54f079f239294c727e4d61319edDan Walsh col = gtk.TreeViewColumn(_("Version"), gtk.CellRendererText(), text = 1) 64514af85b89fff54f079f239294c727e4d61319edDan Walsh self.enable_audit_button = xml.get_widget("enableAuditButton") 65514af85b89fff54f079f239294c727e4d61319edDan Walsh self.enable_audit_button.connect("clicked", self.enable_audit) 66514af85b89fff54f079f239294c727e4d61319edDan Walsh self.new_button = xml.get_widget("newModuleButton") 67514af85b89fff54f079f239294c727e4d61319edDan Walsh self.new_button.connect("clicked", self.new_module) 68514af85b89fff54f079f239294c727e4d61319edDan Walsh col.set_sort_column_id(1) 69514af85b89fff54f079f239294c727e4d61319edDan Walsh col.set_resizable(True) 70514af85b89fff54f079f239294c727e4d61319edDan Walsh self.view.append_column(col) 71514af85b89fff54f079f239294c727e4d61319edDan Walsh self.store.set_sort_func(1,self.sort_int, "") 72514af85b89fff54f079f239294c727e4d61319edDan Walsh status, self.policy_type = selinux.selinux_getpolicytype() 73514af85b89fff54f079f239294c727e4d61319edDan Walsh 74514af85b89fff54f079f239294c727e4d61319edDan Walsh self.load() 75514af85b89fff54f079f239294c727e4d61319edDan Walsh 76514af85b89fff54f079f239294c727e4d61319edDan Walsh def sort_int(self, treemodel, iter1, iter2, user_data): 77514af85b89fff54f079f239294c727e4d61319edDan Walsh try: 78514af85b89fff54f079f239294c727e4d61319edDan Walsh p1 = int(treemodel.get_value(iter1,1)) 79514af85b89fff54f079f239294c727e4d61319edDan Walsh p2 = int(treemodel.get_value(iter1,1)) 80514af85b89fff54f079f239294c727e4d61319edDan Walsh if p1 > p2: 81514af85b89fff54f079f239294c727e4d61319edDan Walsh return 1 82514af85b89fff54f079f239294c727e4d61319edDan Walsh if p1 == p2: 83514af85b89fff54f079f239294c727e4d61319edDan Walsh return 0 84514af85b89fff54f079f239294c727e4d61319edDan Walsh return -1 85514af85b89fff54f079f239294c727e4d61319edDan Walsh except: 86514af85b89fff54f079f239294c727e4d61319edDan Walsh return 0 87514af85b89fff54f079f239294c727e4d61319edDan Walsh 88514af85b89fff54f079f239294c727e4d61319edDan Walsh def load(self, filter=""): 89514af85b89fff54f079f239294c727e4d61319edDan Walsh self.filter=filter 90514af85b89fff54f079f239294c727e4d61319edDan Walsh self.store.clear() 91514af85b89fff54f079f239294c727e4d61319edDan Walsh try: 9245b324e27b0955e93371508f9ab79ed8d9e5bb7crhatdan fd = Popen("semodule -l", shell=True, stdout=PIPE).stdout 93514af85b89fff54f079f239294c727e4d61319edDan Walsh l = fd.readlines() 94514af85b89fff54f079f239294c727e4d61319edDan Walsh fd.close() 95514af85b89fff54f079f239294c727e4d61319edDan Walsh for i in l: 96514af85b89fff54f079f239294c727e4d61319edDan Walsh module, ver, newline = i.split('\t') 97514af85b89fff54f079f239294c727e4d61319edDan Walsh if not (self.match(module, filter) or self.match(ver, filter)): 98514af85b89fff54f079f239294c727e4d61319edDan Walsh continue 99514af85b89fff54f079f239294c727e4d61319edDan Walsh iter = self.store.append() 100514af85b89fff54f079f239294c727e4d61319edDan Walsh self.store.set_value(iter, 0, module.strip()) 101514af85b89fff54f079f239294c727e4d61319edDan Walsh self.store.set_value(iter, 1, ver.strip()) 102514af85b89fff54f079f239294c727e4d61319edDan Walsh except: 103514af85b89fff54f079f239294c727e4d61319edDan Walsh pass 104514af85b89fff54f079f239294c727e4d61319edDan Walsh self.view.get_selection().select_path ((0,)) 105514af85b89fff54f079f239294c727e4d61319edDan Walsh 106514af85b89fff54f079f239294c727e4d61319edDan Walsh 107514af85b89fff54f079f239294c727e4d61319edDan Walsh def new_module(self, args): 108514af85b89fff54f079f239294c727e4d61319edDan Walsh try: 10945b324e27b0955e93371508f9ab79ed8d9e5bb7crhatdan Popen(["/usr/share/system-config-selinux/polgengui.py"]) 110514af85b89fff54f079f239294c727e4d61319edDan Walsh except ValueError, e: 111514af85b89fff54f079f239294c727e4d61319edDan Walsh self.error(e.args[0]) 112514af85b89fff54f079f239294c727e4d61319edDan Walsh 113514af85b89fff54f079f239294c727e4d61319edDan Walsh def delete(self): 114514af85b89fff54f079f239294c727e4d61319edDan Walsh store, iter = self.view.get_selection().get_selected() 115514af85b89fff54f079f239294c727e4d61319edDan Walsh module = store.get_value(iter, 0) 116514af85b89fff54f079f239294c727e4d61319edDan Walsh try: 117514af85b89fff54f079f239294c727e4d61319edDan Walsh self.wait() 118514af85b89fff54f079f239294c727e4d61319edDan Walsh status, output = commands.getstatusoutput("semodule -r %s" % module) 119514af85b89fff54f079f239294c727e4d61319edDan Walsh self.ready() 120514af85b89fff54f079f239294c727e4d61319edDan Walsh if status != 0: 121514af85b89fff54f079f239294c727e4d61319edDan Walsh self.error(output) 122514af85b89fff54f079f239294c727e4d61319edDan Walsh else: 123514af85b89fff54f079f239294c727e4d61319edDan Walsh store.remove(iter) 124514af85b89fff54f079f239294c727e4d61319edDan Walsh self.view.get_selection().select_path ((0,)) 125514af85b89fff54f079f239294c727e4d61319edDan Walsh 126514af85b89fff54f079f239294c727e4d61319edDan Walsh except ValueError, e: 127514af85b89fff54f079f239294c727e4d61319edDan Walsh self.error(e.args[0]) 128514af85b89fff54f079f239294c727e4d61319edDan Walsh 129514af85b89fff54f079f239294c727e4d61319edDan Walsh def enable_audit(self, button): 130514af85b89fff54f079f239294c727e4d61319edDan Walsh self.audit_enabled = not self.audit_enabled 131514af85b89fff54f079f239294c727e4d61319edDan Walsh try: 132514af85b89fff54f079f239294c727e4d61319edDan Walsh self.wait() 133514af85b89fff54f079f239294c727e4d61319edDan Walsh if self.audit_enabled: 134514af85b89fff54f079f239294c727e4d61319edDan Walsh status, output =commands.getstatusoutput("semodule -DB") 135514af85b89fff54f079f239294c727e4d61319edDan Walsh button.set_label(_("Disable Audit")) 136514af85b89fff54f079f239294c727e4d61319edDan Walsh else: 137514af85b89fff54f079f239294c727e4d61319edDan Walsh status, output =commands.getstatusoutput("semodule -B") 138514af85b89fff54f079f239294c727e4d61319edDan Walsh button.set_label(_("Enable Audit")) 139514af85b89fff54f079f239294c727e4d61319edDan Walsh self.ready() 140514af85b89fff54f079f239294c727e4d61319edDan Walsh 141514af85b89fff54f079f239294c727e4d61319edDan Walsh if status != 0: 142514af85b89fff54f079f239294c727e4d61319edDan Walsh self.error(output) 143514af85b89fff54f079f239294c727e4d61319edDan Walsh 144514af85b89fff54f079f239294c727e4d61319edDan Walsh except ValueError, e: 145514af85b89fff54f079f239294c727e4d61319edDan Walsh self.error(e.args[0]) 146514af85b89fff54f079f239294c727e4d61319edDan Walsh 147514af85b89fff54f079f239294c727e4d61319edDan Walsh def disable_audit(self, button): 148514af85b89fff54f079f239294c727e4d61319edDan Walsh try: 149514af85b89fff54f079f239294c727e4d61319edDan Walsh self.wait() 150514af85b89fff54f079f239294c727e4d61319edDan Walsh status, output =commands.getstatusoutput("semodule -B") 151514af85b89fff54f079f239294c727e4d61319edDan Walsh self.ready() 152514af85b89fff54f079f239294c727e4d61319edDan Walsh if status != 0: 153514af85b89fff54f079f239294c727e4d61319edDan Walsh self.error(output) 154514af85b89fff54f079f239294c727e4d61319edDan Walsh 155514af85b89fff54f079f239294c727e4d61319edDan Walsh except ValueError, e: 156514af85b89fff54f079f239294c727e4d61319edDan Walsh self.error(e.args[0]) 157514af85b89fff54f079f239294c727e4d61319edDan Walsh 158514af85b89fff54f079f239294c727e4d61319edDan Walsh def propertiesDialog(self): 159514af85b89fff54f079f239294c727e4d61319edDan Walsh # Do nothing 160514af85b89fff54f079f239294c727e4d61319edDan Walsh return 161514af85b89fff54f079f239294c727e4d61319edDan Walsh 162514af85b89fff54f079f239294c727e4d61319edDan Walsh def addDialog(self): 163514af85b89fff54f079f239294c727e4d61319edDan Walsh dialog = gtk.FileChooserDialog(_("Load Policy Module"), 164514af85b89fff54f079f239294c727e4d61319edDan Walsh None, 165514af85b89fff54f079f239294c727e4d61319edDan Walsh gtk.FILE_CHOOSER_ACTION_OPEN, 166514af85b89fff54f079f239294c727e4d61319edDan Walsh (gtk.STOCK_CANCEL, gtk.RESPONSE_CANCEL, 167514af85b89fff54f079f239294c727e4d61319edDan Walsh gtk.STOCK_OPEN, gtk.RESPONSE_OK)) 168514af85b89fff54f079f239294c727e4d61319edDan Walsh dialog.set_default_response(gtk.RESPONSE_OK) 169514af85b89fff54f079f239294c727e4d61319edDan Walsh 170514af85b89fff54f079f239294c727e4d61319edDan Walsh filter = gtk.FileFilter() 171514af85b89fff54f079f239294c727e4d61319edDan Walsh filter.set_name("Policy Files") 172514af85b89fff54f079f239294c727e4d61319edDan Walsh filter.add_pattern("*.pp") 173514af85b89fff54f079f239294c727e4d61319edDan Walsh dialog.add_filter(filter) 174514af85b89fff54f079f239294c727e4d61319edDan Walsh 175514af85b89fff54f079f239294c727e4d61319edDan Walsh response = dialog.run() 176514af85b89fff54f079f239294c727e4d61319edDan Walsh if response == gtk.RESPONSE_OK: 177514af85b89fff54f079f239294c727e4d61319edDan Walsh self.add(dialog.get_filename()) 178514af85b89fff54f079f239294c727e4d61319edDan Walsh dialog.destroy() 179514af85b89fff54f079f239294c727e4d61319edDan Walsh 180514af85b89fff54f079f239294c727e4d61319edDan Walsh def add(self, file): 181514af85b89fff54f079f239294c727e4d61319edDan Walsh try: 182514af85b89fff54f079f239294c727e4d61319edDan Walsh self.wait() 183514af85b89fff54f079f239294c727e4d61319edDan Walsh status, output =commands.getstatusoutput("semodule -i %s" % file) 184514af85b89fff54f079f239294c727e4d61319edDan Walsh self.ready() 185514af85b89fff54f079f239294c727e4d61319edDan Walsh if status != 0: 186514af85b89fff54f079f239294c727e4d61319edDan Walsh self.error(output) 187514af85b89fff54f079f239294c727e4d61319edDan Walsh else: 188514af85b89fff54f079f239294c727e4d61319edDan Walsh self.load() 189514af85b89fff54f079f239294c727e4d61319edDan Walsh 190514af85b89fff54f079f239294c727e4d61319edDan Walsh except ValueError, e: 191514af85b89fff54f079f239294c727e4d61319edDan Walsh self.error(e.args[0]) 192