1## domainsPage.py - show selinux domains
2## Copyright (C) 2009 Red Hat, Inc.
3
4## This program is free software; you can redistribute it and/or modify
5## it under the terms of the GNU General Public License as published by
6## the Free Software Foundation; either version 2 of the License, or
7## (at your option) any later version.
8
9## This program is distributed in the hope that it will be useful,
10## but WITHOUT ANY WARRANTY; without even the implied warranty of
11## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
12## GNU General Public License for more details.
13
14## You should have received a copy of the GNU General Public License
15## along with this program; if not, write to the Free Software
16## Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
17
18## Author: Dan Walsh
19import string
20import gtk
21import gtk.glade
22import os
23try:
24    from subprocess import getstatusoutput
25except ImportError:
26    from commands import getstatusoutput
27
28import gobject
29import sys
30import seobject
31import selinux
32import sepolicy
33from semanagePage import *
34
35##
36## I18N
37##
38PROGNAME = "policycoreutils"
39try:
40    import gettext
41    kwargs = {}
42    if sys.version_info < (3,):
43        kwargs['unicode'] = True
44    gettext.install(PROGNAME,
45                    localedir="/usr/share/locale",
46                    codeset='utf-8',
47                    **kwargs)
48except:
49    try:
50        import builtins
51        builtins.__dict__['_'] = str
52    except ImportError:
53        import __builtin__
54        __builtin__.__dict__['_'] = unicode
55
56
57class domainsPage(semanagePage):
58
59    def __init__(self, xml):
60        semanagePage.__init__(self, xml, "domains", _("Process Domain"))
61        self.domain_filter = xml.get_widget("domainsFilterEntry")
62        self.domain_filter.connect("focus_out_event", self.filter_changed)
63        self.domain_filter.connect("activate", self.filter_changed)
64
65        self.store = gtk.ListStore(gobject.TYPE_STRING, gobject.TYPE_STRING)
66        self.view.set_model(self.store)
67        self.store.set_sort_column_id(0, gtk.SORT_ASCENDING)
68        col = gtk.TreeViewColumn(_("Domain Name"), gtk.CellRendererText(), text=0)
69        col.set_sort_column_id(0)
70        col.set_resizable(True)
71        self.view.append_column(col)
72        self.store.set_sort_column_id(0, gtk.SORT_ASCENDING)
73        col = gtk.TreeViewColumn(_("Mode"), gtk.CellRendererText(), text=1)
74        col.set_sort_column_id(1)
75        col.set_resizable(True)
76        self.view.append_column(col)
77        self.view.get_selection().connect("changed", self.itemSelected)
78
79        self.permissive_button = xml.get_widget("permissiveButton")
80        self.enforcing_button = xml.get_widget("enforcingButton")
81
82        self.domains = sepolicy.get_all_entrypoint_domains()
83        self.load()
84
85    def get_modules(self):
86        modules = []
87        fd = os.popen("semodule -l")
88        mods = fd.readlines()
89        fd.close()
90        for l in mods:
91            modules.append(l.split()[0])
92        return modules
93
94    def load(self, filter=""):
95        self.filter = filter
96        self.store.clear()
97        try:
98            modules = self.get_modules()
99            for domain in self.domains:
100                if not self.match(domain, filter):
101                    continue
102                iter = self.store.append()
103                self.store.set_value(iter, 0, domain)
104                t = "permissive_%s_t" % domain
105                if t in modules:
106                    self.store.set_value(iter, 1, _("Permissive"))
107                else:
108                    self.store.set_value(iter, 1, "")
109        except:
110            pass
111        self.view.get_selection().select_path((0,))
112
113    def itemSelected(self, selection):
114        store, iter = selection.get_selected()
115        if iter == None:
116            return
117        p = store.get_value(iter, 1) == _("Permissive")
118        self.permissive_button.set_sensitive(not p)
119        self.enforcing_button.set_sensitive(p)
120
121    def deleteDialog(self):
122        # Do nothing
123        return self.delete()
124
125    def delete(self):
126        selection = self.view.get_selection()
127        store, iter = selection.get_selected()
128        domain = store.get_value(iter, 0)
129        try:
130            self.wait()
131            status, output = getstatusoutput("semanage permissive -d %s_t" % domain)
132            self.ready()
133            if status != 0:
134                self.error(output)
135            else:
136                domain = store.set_value(iter, 1, "")
137                self.itemSelected(selection)
138
139        except ValueError as e:
140            self.error(e.args[0])
141
142    def propertiesDialog(self):
143        # Do nothing
144        return
145
146    def addDialog(self):
147        # Do nothing
148        return self.add()
149
150    def add(self):
151        selection = self.view.get_selection()
152        store, iter = selection.get_selected()
153        domain = store.get_value(iter, 0)
154        try:
155            self.wait()
156            status, output = getstatusoutput("semanage permissive -a %s_t" % domain)
157            self.ready()
158            if status != 0:
159                self.error(output)
160            else:
161                domain = store.set_value(iter, 1, _("Permissive"))
162                self.itemSelected(selection)
163
164        except ValueError as e:
165            self.error(e.args[0])
166