1## domainsPage.py - show selinux domains
2## Copyright (C) 2009 Red Hat, Inc.
3
4## This program is free software; you can redistribute it and/or modify
5## it under the terms of the GNU General Public License as published by
6## the Free Software Foundation; either version 2 of the License, or
7## (at your option) any later version.
8
9## This program is distributed in the hope that it will be useful,
10## but WITHOUT ANY WARRANTY; without even the implied warranty of
11## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
12## GNU General Public License for more details.
13
14## You should have received a copy of the GNU General Public License
15## along with this program; if not, write to the Free Software
16## Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
17
18## Author: Dan Walsh
19import os
20try:
21    from subprocess import getstatusoutput
22except ImportError:
23    from commands import getstatusoutput
24
25import sys
26from gi.repository import GObject, Gtk
27import sepolicy
28from semanagePage import *
29
30##
31## I18N
32##
33PROGNAME = "policycoreutils"
34try:
35    import gettext
36    kwargs = {}
37    if sys.version_info < (3,):
38        kwargs['unicode'] = True
39    gettext.install(PROGNAME,
40                    localedir="/usr/share/locale",
41                    codeset='utf-8',
42                    **kwargs)
43except:
44    try:
45        import builtins
46        builtins.__dict__['_'] = str
47    except ImportError:
48        import __builtin__
49        __builtin__.__dict__['_'] = unicode
50
51
52class domainsPage(semanagePage):
53
54    def __init__(self, xml):
55        semanagePage.__init__(self, xml, "domains", _("Process Domain"))
56        self.domain_filter = xml.get_object("domainsFilterEntry")
57        self.domain_filter.connect("focus_out_event", self.filter_changed)
58        self.domain_filter.connect("activate", self.filter_changed)
59
60        self.store = Gtk.ListStore(GObject.TYPE_STRING, GObject.TYPE_STRING)
61        self.view.set_model(self.store)
62        self.store.set_sort_column_id(0, Gtk.SortType.ASCENDING)
63        col = Gtk.TreeViewColumn(_("Domain Name"), Gtk.CellRendererText(), text=0)
64        col.set_sort_column_id(0)
65        col.set_resizable(True)
66        self.view.append_column(col)
67        self.store.set_sort_column_id(0, Gtk.SortType.ASCENDING)
68        col = Gtk.TreeViewColumn(_("Mode"), Gtk.CellRendererText(), text=1)
69        col.set_sort_column_id(1)
70        col.set_resizable(True)
71        self.view.append_column(col)
72        self.view.get_selection().connect("changed", self.itemSelected)
73
74        self.permissive_button = xml.get_object("permissiveButton")
75        self.enforcing_button = xml.get_object("enforcingButton")
76
77        self.domains = sepolicy.get_all_entrypoint_domains()
78        self.load()
79
80    def get_modules(self):
81        modules = []
82        fd = os.popen("semodule -l")
83        mods = fd.readlines()
84        fd.close()
85        for l in mods:
86            modules.append(l.split()[0])
87        return modules
88
89    def load(self, filter=""):
90        self.filter = filter
91        self.store.clear()
92        try:
93            modules = self.get_modules()
94            for domain in self.domains:
95                if not self.match(domain, filter):
96                    continue
97                iter = self.store.append()
98                self.store.set_value(iter, 0, domain)
99                t = "permissive_%s_t" % domain
100                if t in modules:
101                    self.store.set_value(iter, 1, _("Permissive"))
102                else:
103                    self.store.set_value(iter, 1, "")
104        except:
105            pass
106        self.view.get_selection().select_path((0,))
107
108    def itemSelected(self, selection):
109        store, iter = selection.get_selected()
110        if iter is None:
111            return
112        p = store.get_value(iter, 1) == _("Permissive")
113        self.permissive_button.set_sensitive(not p)
114        self.enforcing_button.set_sensitive(p)
115
116    def deleteDialog(self):
117        # Do nothing
118        return self.delete()
119
120    def delete(self):
121        selection = self.view.get_selection()
122        store, iter = selection.get_selected()
123        domain = store.get_value(iter, 0)
124        try:
125            self.wait()
126            status, output = getstatusoutput("semanage permissive -d %s_t" % domain)
127            self.ready()
128            if status != 0:
129                self.error(output)
130            else:
131                domain = store.set_value(iter, 1, "")
132                self.itemSelected(selection)
133
134        except ValueError as e:
135            self.error(e.args[0])
136
137    def propertiesDialog(self):
138        # Do nothing
139        return
140
141    def addDialog(self):
142        # Do nothing
143        return self.add()
144
145    def add(self):
146        selection = self.view.get_selection()
147        store, iter = selection.get_selected()
148        domain = store.get_value(iter, 0)
149        try:
150            self.wait()
151            status, output = getstatusoutput("semanage permissive -a %s_t" % domain)
152            self.ready()
153            if status != 0:
154                self.error(output)
155            else:
156                domain = store.set_value(iter, 1, _("Permissive"))
157                self.itemSelected(selection)
158
159        except ValueError as e:
160            self.error(e.args[0])
161