1## loginsPage.py - show selinux mappings
2## Copyright (C) 2006 Red Hat, Inc.
3
4## This program is free software; you can redistribute it and/or modify
5## it under the terms of the GNU General Public License as published by
6## the Free Software Foundation; either version 2 of the License, or
7## (at your option) any later version.
8
9## This program is distributed in the hope that it will be useful,
10## but WITHOUT ANY WARRANTY; without even the implied warranty of
11## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
12## GNU General Public License for more details.
13
14## You should have received a copy of the GNU General Public License
15## along with this program; if not, write to the Free Software
16## Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
17
18## Author: Dan Walsh
19import string
20import gtk
21import gtk.glade
22import os
23import gobject
24import sys
25try:
26    from subprocess import getstatusoutput
27except ImportError:
28    from commands import getstatusoutput
29
30import seobject
31from semanagePage import *
32
33##
34## I18N
35##
36PROGNAME = "policycoreutils"
37try:
38    import gettext
39    kwargs = {}
40    if sys.version_info < (3,):
41        kwargs['unicode'] = True
42    gettext.install(PROGNAME,
43                    localedir="/usr/share/locale",
44                    codeset='utf-8',
45                    **kwargs)
46except:
47    try:
48        import builtins
49        builtins.__dict__['_'] = str
50    except ImportError:
51        import __builtin__
52        __builtin__.__dict__['_'] = unicode
53
54
55class loginsPage(semanagePage):
56
57    def __init__(self, xml):
58        self.firstTime = False
59        semanagePage.__init__(self, xml, "logins", _("User Mapping"))
60        self.store = gtk.ListStore(gobject.TYPE_STRING, gobject.TYPE_STRING, gobject.TYPE_STRING)
61        self.view.set_model(self.store)
62        self.store.set_sort_column_id(0, gtk.SORT_ASCENDING)
63        col = gtk.TreeViewColumn(_("Login\nName"), gtk.CellRendererText(), text=0)
64        col.set_sort_column_id(0)
65        col.set_resizable(True)
66        self.view.append_column(col)
67        col = gtk.TreeViewColumn(_("SELinux\nUser"), gtk.CellRendererText(), text=1)
68        col.set_resizable(True)
69        self.view.append_column(col)
70        col = gtk.TreeViewColumn(_("MLS/\nMCS Range"), gtk.CellRendererText(), text=2)
71        col.set_resizable(True)
72        self.view.append_column(col)
73        self.load()
74        self.loginsNameEntry = xml.get_widget("loginsNameEntry")
75        self.loginsSelinuxUserCombo = xml.get_widget("loginsSelinuxUserCombo")
76        self.loginsMLSEntry = xml.get_widget("loginsMLSEntry")
77
78    def load(self, filter=""):
79        self.filter = filter
80        self.login = seobject.loginRecords()
81        dict = self.login.get_all(0)
82        self.store.clear()
83        for k in sorted(dict.keys()):
84            range = seobject.translate(dict[k][1])
85            if not (self.match(k, filter) or self.match(dict[k][0], filter) or self.match(range, filter)):
86                continue
87            iter = self.store.append()
88            self.store.set_value(iter, 0, k)
89            self.store.set_value(iter, 1, dict[k][0])
90            self.store.set_value(iter, 2, range)
91        self.view.get_selection().select_path((0,))
92
93    def __dialogSetup(self):
94        if self.firstTime == True:
95            return
96        self.firstTime = True
97        liststore = gtk.ListStore(gobject.TYPE_STRING)
98        self.loginsSelinuxUserCombo.set_model(liststore)
99        cell = gtk.CellRendererText()
100        self.loginsSelinuxUserCombo.pack_start(cell, True)
101        self.loginsSelinuxUserCombo.add_attribute(cell, 'text', 0)
102
103        selusers = seobject.seluserRecords().get_all(0)
104        for k in sorted(selusers.keys()):
105            if k != "system_u":
106                self.loginsSelinuxUserCombo.append_text(k)
107
108        iter = liststore.get_iter_first()
109        while liststore.get_value(iter, 0) != "user_u":
110            iter = liststore.iter_next(iter)
111        self.loginsSelinuxUserCombo.set_active_iter(iter)
112
113    def dialogInit(self):
114        self.__dialogSetup()
115        store, iter = self.view.get_selection().get_selected()
116        self.loginsNameEntry.set_text(store.get_value(iter, 0))
117        self.loginsNameEntry.set_sensitive(False)
118
119        self.loginsMLSEntry.set_text(store.get_value(iter, 2))
120        seuser = store.get_value(iter, 1)
121        liststore = self.loginsSelinuxUserCombo.get_model()
122        iter = liststore.get_iter_first()
123        while iter != None and liststore.get_value(iter, 0) != seuser:
124            iter = liststore.iter_next(iter)
125        if iter != None:
126            self.loginsSelinuxUserCombo.set_active_iter(iter)
127
128    def dialogClear(self):
129        self.__dialogSetup()
130        self.loginsNameEntry.set_text("")
131        self.loginsNameEntry.set_sensitive(True)
132        self.loginsMLSEntry.set_text("s0")
133
134    def delete(self):
135        store, iter = self.view.get_selection().get_selected()
136        try:
137            login = store.get_value(iter, 0)
138            if login == "root" or login == "__default__":
139                raise ValueError(_("Login '%s' is required") % login)
140
141            self.wait()
142            (rc, out) = getstatusoutput("semanage login -d %s" % login)
143            self.ready()
144            if rc != 0:
145                self.error(out)
146                return False
147            store.remove(iter)
148            self.view.get_selection().select_path((0,))
149        except ValueError as e:
150            self.error(e.args[0])
151
152    def add(self):
153        target = self.loginsNameEntry.get_text().strip()
154        serange = self.loginsMLSEntry.get_text().strip()
155        if serange == "":
156            serange = "s0"
157        list_model = self.loginsSelinuxUserCombo.get_model()
158        iter = self.loginsSelinuxUserCombo.get_active_iter()
159        seuser = list_model.get_value(iter, 0)
160        self.wait()
161        (rc, out) = getstatusoutput("semanage login -a -s %s -r %s %s" % (seuser, serange, target))
162        self.ready()
163        if rc != 0:
164            self.error(out)
165            return False
166
167        iter = self.store.append()
168        self.store.set_value(iter, 0, target)
169        self.store.set_value(iter, 1, seuser)
170        self.store.set_value(iter, 2, seobject.translate(serange))
171
172    def modify(self):
173        target = self.loginsNameEntry.get_text().strip()
174        serange = self.loginsMLSEntry.get_text().strip()
175        if serange == "":
176            serange = "s0"
177        list_model = self.loginsSelinuxUserCombo.get_model()
178        iter = self.loginsSelinuxUserCombo.get_active_iter()
179        seuser = list_model.get_value(iter, 0)
180        self.wait()
181        (rc, out) = getstatusoutput("semanage login -m -s %s -r %s %s" % (seuser, serange, target))
182        self.ready()
183        if rc != 0:
184            self.error(out)
185            return False
186
187        store, iter = self.view.get_selection().get_selected()
188        self.store.set_value(iter, 0, target)
189        self.store.set_value(iter, 1, seuser)
190        self.store.set_value(iter, 2, seobject.translate(serange))
191