1*2d543d20SAndroid Build Coastguard Worker## loginsPage.py - show selinux mappings 2*2d543d20SAndroid Build Coastguard Worker## Copyright (C) 2006 Red Hat, Inc. 3*2d543d20SAndroid Build Coastguard Worker 4*2d543d20SAndroid Build Coastguard Worker## This program is free software; you can redistribute it and/or modify 5*2d543d20SAndroid Build Coastguard Worker## it under the terms of the GNU General Public License as published by 6*2d543d20SAndroid Build Coastguard Worker## the Free Software Foundation; either version 2 of the License, or 7*2d543d20SAndroid Build Coastguard Worker## (at your option) any later version. 8*2d543d20SAndroid Build Coastguard Worker 9*2d543d20SAndroid Build Coastguard Worker## This program is distributed in the hope that it will be useful, 10*2d543d20SAndroid Build Coastguard Worker## but WITHOUT ANY WARRANTY; without even the implied warranty of 11*2d543d20SAndroid Build Coastguard Worker## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 12*2d543d20SAndroid Build Coastguard Worker## GNU General Public License for more details. 13*2d543d20SAndroid Build Coastguard Worker 14*2d543d20SAndroid Build Coastguard Worker## You should have received a copy of the GNU General Public License 15*2d543d20SAndroid Build Coastguard Worker## along with this program; if not, write to the Free Software 16*2d543d20SAndroid Build Coastguard Worker## Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. 17*2d543d20SAndroid Build Coastguard Worker 18*2d543d20SAndroid Build Coastguard Worker## Author: Dan Walsh 19*2d543d20SAndroid Build Coastguard Workerimport sys 20*2d543d20SAndroid Build Coastguard Workertry: 21*2d543d20SAndroid Build Coastguard Worker from subprocess import getstatusoutput 22*2d543d20SAndroid Build Coastguard Workerexcept ImportError: 23*2d543d20SAndroid Build Coastguard Worker from commands import getstatusoutput 24*2d543d20SAndroid Build Coastguard Worker 25*2d543d20SAndroid Build Coastguard Workerfrom gi.repository import GObject, Gtk 26*2d543d20SAndroid Build Coastguard Workerimport seobject 27*2d543d20SAndroid Build Coastguard Workerfrom semanagePage import * 28*2d543d20SAndroid Build Coastguard Worker 29*2d543d20SAndroid Build Coastguard Worker## 30*2d543d20SAndroid Build Coastguard Worker## I18N 31*2d543d20SAndroid Build Coastguard Worker## 32*2d543d20SAndroid Build Coastguard WorkerPROGNAME = "selinux-gui" 33*2d543d20SAndroid Build Coastguard Workertry: 34*2d543d20SAndroid Build Coastguard Worker import gettext 35*2d543d20SAndroid Build Coastguard Worker kwargs = {} 36*2d543d20SAndroid Build Coastguard Worker if sys.version_info < (3,): 37*2d543d20SAndroid Build Coastguard Worker kwargs['unicode'] = True 38*2d543d20SAndroid Build Coastguard Worker t = gettext.translation(PROGNAME, 39*2d543d20SAndroid Build Coastguard Worker localedir="/usr/share/locale", 40*2d543d20SAndroid Build Coastguard Worker **kwargs, 41*2d543d20SAndroid Build Coastguard Worker fallback=True) 42*2d543d20SAndroid Build Coastguard Worker _ = t.gettext 43*2d543d20SAndroid Build Coastguard Workerexcept: 44*2d543d20SAndroid Build Coastguard Worker try: 45*2d543d20SAndroid Build Coastguard Worker import builtins 46*2d543d20SAndroid Build Coastguard Worker builtins.__dict__['_'] = str 47*2d543d20SAndroid Build Coastguard Worker except ImportError: 48*2d543d20SAndroid Build Coastguard Worker import __builtin__ 49*2d543d20SAndroid Build Coastguard Worker __builtin__.__dict__['_'] = unicode 50*2d543d20SAndroid Build Coastguard Worker 51*2d543d20SAndroid Build Coastguard Worker 52*2d543d20SAndroid Build Coastguard Workerclass loginsPage(semanagePage): 53*2d543d20SAndroid Build Coastguard Worker 54*2d543d20SAndroid Build Coastguard Worker def __init__(self, xml): 55*2d543d20SAndroid Build Coastguard Worker self.firstTime = False 56*2d543d20SAndroid Build Coastguard Worker semanagePage.__init__(self, xml, "logins", _("User Mapping")) 57*2d543d20SAndroid Build Coastguard Worker self.store = Gtk.ListStore(GObject.TYPE_STRING, GObject.TYPE_STRING, GObject.TYPE_STRING) 58*2d543d20SAndroid Build Coastguard Worker self.view.set_model(self.store) 59*2d543d20SAndroid Build Coastguard Worker self.store.set_sort_column_id(0, Gtk.SortType.ASCENDING) 60*2d543d20SAndroid Build Coastguard Worker col = Gtk.TreeViewColumn(_("Login\nName"), Gtk.CellRendererText(), text=0) 61*2d543d20SAndroid Build Coastguard Worker col.set_sort_column_id(0) 62*2d543d20SAndroid Build Coastguard Worker col.set_resizable(True) 63*2d543d20SAndroid Build Coastguard Worker self.view.append_column(col) 64*2d543d20SAndroid Build Coastguard Worker col = Gtk.TreeViewColumn(_("SELinux\nUser"), Gtk.CellRendererText(), text=1) 65*2d543d20SAndroid Build Coastguard Worker col.set_resizable(True) 66*2d543d20SAndroid Build Coastguard Worker self.view.append_column(col) 67*2d543d20SAndroid Build Coastguard Worker col = Gtk.TreeViewColumn(_("MLS/\nMCS Range"), Gtk.CellRendererText(), text=2) 68*2d543d20SAndroid Build Coastguard Worker col.set_resizable(True) 69*2d543d20SAndroid Build Coastguard Worker self.view.append_column(col) 70*2d543d20SAndroid Build Coastguard Worker self.load() 71*2d543d20SAndroid Build Coastguard Worker self.loginsNameEntry = xml.get_object("loginsNameEntry") 72*2d543d20SAndroid Build Coastguard Worker self.loginsSelinuxUserCombo = xml.get_object("loginsSelinuxUserCombo") 73*2d543d20SAndroid Build Coastguard Worker self.loginsMLSEntry = xml.get_object("loginsMLSEntry") 74*2d543d20SAndroid Build Coastguard Worker 75*2d543d20SAndroid Build Coastguard Worker def load(self, filter=""): 76*2d543d20SAndroid Build Coastguard Worker self.filter = filter 77*2d543d20SAndroid Build Coastguard Worker self.login = seobject.loginRecords() 78*2d543d20SAndroid Build Coastguard Worker dict = self.login.get_all(0) 79*2d543d20SAndroid Build Coastguard Worker self.store.clear() 80*2d543d20SAndroid Build Coastguard Worker for k in sorted(dict.keys()): 81*2d543d20SAndroid Build Coastguard Worker range = seobject.translate(dict[k][1]) 82*2d543d20SAndroid Build Coastguard Worker if not (self.match(k, filter) or self.match(dict[k][0], filter) or self.match(range, filter)): 83*2d543d20SAndroid Build Coastguard Worker continue 84*2d543d20SAndroid Build Coastguard Worker iter = self.store.append() 85*2d543d20SAndroid Build Coastguard Worker self.store.set_value(iter, 0, k) 86*2d543d20SAndroid Build Coastguard Worker self.store.set_value(iter, 1, dict[k][0]) 87*2d543d20SAndroid Build Coastguard Worker self.store.set_value(iter, 2, range) 88*2d543d20SAndroid Build Coastguard Worker self.view.get_selection().select_path((0,)) 89*2d543d20SAndroid Build Coastguard Worker 90*2d543d20SAndroid Build Coastguard Worker def __dialogSetup(self): 91*2d543d20SAndroid Build Coastguard Worker if self.firstTime: 92*2d543d20SAndroid Build Coastguard Worker return 93*2d543d20SAndroid Build Coastguard Worker self.firstTime = True 94*2d543d20SAndroid Build Coastguard Worker liststore = Gtk.ListStore(GObject.TYPE_STRING) 95*2d543d20SAndroid Build Coastguard Worker self.loginsSelinuxUserCombo.set_model(liststore) 96*2d543d20SAndroid Build Coastguard Worker cell = Gtk.CellRendererText() 97*2d543d20SAndroid Build Coastguard Worker self.loginsSelinuxUserCombo.pack_start(cell, True) 98*2d543d20SAndroid Build Coastguard Worker self.loginsSelinuxUserCombo.add_attribute(cell, 'text', 0) 99*2d543d20SAndroid Build Coastguard Worker 100*2d543d20SAndroid Build Coastguard Worker selusers = seobject.seluserRecords().get_all(0) 101*2d543d20SAndroid Build Coastguard Worker for k in sorted(selusers.keys()): 102*2d543d20SAndroid Build Coastguard Worker if k != "system_u": 103*2d543d20SAndroid Build Coastguard Worker self.loginsSelinuxUserCombo.append_text(k) 104*2d543d20SAndroid Build Coastguard Worker 105*2d543d20SAndroid Build Coastguard Worker iter = liststore.get_iter_first() 106*2d543d20SAndroid Build Coastguard Worker while liststore.get_value(iter, 0) != "user_u": 107*2d543d20SAndroid Build Coastguard Worker iter = liststore.iter_next(iter) 108*2d543d20SAndroid Build Coastguard Worker self.loginsSelinuxUserCombo.set_active_iter(iter) 109*2d543d20SAndroid Build Coastguard Worker 110*2d543d20SAndroid Build Coastguard Worker def dialogInit(self): 111*2d543d20SAndroid Build Coastguard Worker self.__dialogSetup() 112*2d543d20SAndroid Build Coastguard Worker store, iter = self.view.get_selection().get_selected() 113*2d543d20SAndroid Build Coastguard Worker self.loginsNameEntry.set_text(store.get_value(iter, 0)) 114*2d543d20SAndroid Build Coastguard Worker self.loginsNameEntry.set_sensitive(False) 115*2d543d20SAndroid Build Coastguard Worker 116*2d543d20SAndroid Build Coastguard Worker self.loginsMLSEntry.set_text(store.get_value(iter, 2)) 117*2d543d20SAndroid Build Coastguard Worker seuser = store.get_value(iter, 1) 118*2d543d20SAndroid Build Coastguard Worker liststore = self.loginsSelinuxUserCombo.get_model() 119*2d543d20SAndroid Build Coastguard Worker iter = liststore.get_iter_first() 120*2d543d20SAndroid Build Coastguard Worker while iter != None and liststore.get_value(iter, 0) != seuser: 121*2d543d20SAndroid Build Coastguard Worker iter = liststore.iter_next(iter) 122*2d543d20SAndroid Build Coastguard Worker if iter != None: 123*2d543d20SAndroid Build Coastguard Worker self.loginsSelinuxUserCombo.set_active_iter(iter) 124*2d543d20SAndroid Build Coastguard Worker 125*2d543d20SAndroid Build Coastguard Worker def dialogClear(self): 126*2d543d20SAndroid Build Coastguard Worker self.__dialogSetup() 127*2d543d20SAndroid Build Coastguard Worker self.loginsNameEntry.set_text("") 128*2d543d20SAndroid Build Coastguard Worker self.loginsNameEntry.set_sensitive(True) 129*2d543d20SAndroid Build Coastguard Worker self.loginsMLSEntry.set_text("s0") 130*2d543d20SAndroid Build Coastguard Worker 131*2d543d20SAndroid Build Coastguard Worker def delete(self): 132*2d543d20SAndroid Build Coastguard Worker store, iter = self.view.get_selection().get_selected() 133*2d543d20SAndroid Build Coastguard Worker try: 134*2d543d20SAndroid Build Coastguard Worker login = store.get_value(iter, 0) 135*2d543d20SAndroid Build Coastguard Worker if login == "root" or login == "__default__": 136*2d543d20SAndroid Build Coastguard Worker raise ValueError(_("Login '%s' is required") % login) 137*2d543d20SAndroid Build Coastguard Worker 138*2d543d20SAndroid Build Coastguard Worker self.wait() 139*2d543d20SAndroid Build Coastguard Worker (rc, out) = getstatusoutput("semanage login -d %s" % login) 140*2d543d20SAndroid Build Coastguard Worker self.ready() 141*2d543d20SAndroid Build Coastguard Worker if rc != 0: 142*2d543d20SAndroid Build Coastguard Worker self.error(out) 143*2d543d20SAndroid Build Coastguard Worker return False 144*2d543d20SAndroid Build Coastguard Worker store.remove(iter) 145*2d543d20SAndroid Build Coastguard Worker self.view.get_selection().select_path((0,)) 146*2d543d20SAndroid Build Coastguard Worker except ValueError as e: 147*2d543d20SAndroid Build Coastguard Worker self.error(e.args[0]) 148*2d543d20SAndroid Build Coastguard Worker 149*2d543d20SAndroid Build Coastguard Worker def add(self): 150*2d543d20SAndroid Build Coastguard Worker target = self.loginsNameEntry.get_text().strip() 151*2d543d20SAndroid Build Coastguard Worker serange = self.loginsMLSEntry.get_text().strip() 152*2d543d20SAndroid Build Coastguard Worker if serange == "": 153*2d543d20SAndroid Build Coastguard Worker serange = "s0" 154*2d543d20SAndroid Build Coastguard Worker list_model = self.loginsSelinuxUserCombo.get_model() 155*2d543d20SAndroid Build Coastguard Worker iter = self.loginsSelinuxUserCombo.get_active_iter() 156*2d543d20SAndroid Build Coastguard Worker seuser = list_model.get_value(iter, 0) 157*2d543d20SAndroid Build Coastguard Worker self.wait() 158*2d543d20SAndroid Build Coastguard Worker (rc, out) = getstatusoutput("semanage login -a -s %s -r %s %s" % (seuser, serange, target)) 159*2d543d20SAndroid Build Coastguard Worker self.ready() 160*2d543d20SAndroid Build Coastguard Worker if rc != 0: 161*2d543d20SAndroid Build Coastguard Worker self.error(out) 162*2d543d20SAndroid Build Coastguard Worker return False 163*2d543d20SAndroid Build Coastguard Worker 164*2d543d20SAndroid Build Coastguard Worker iter = self.store.append() 165*2d543d20SAndroid Build Coastguard Worker self.store.set_value(iter, 0, target) 166*2d543d20SAndroid Build Coastguard Worker self.store.set_value(iter, 1, seuser) 167*2d543d20SAndroid Build Coastguard Worker self.store.set_value(iter, 2, seobject.translate(serange)) 168*2d543d20SAndroid Build Coastguard Worker 169*2d543d20SAndroid Build Coastguard Worker def modify(self): 170*2d543d20SAndroid Build Coastguard Worker target = self.loginsNameEntry.get_text().strip() 171*2d543d20SAndroid Build Coastguard Worker serange = self.loginsMLSEntry.get_text().strip() 172*2d543d20SAndroid Build Coastguard Worker if serange == "": 173*2d543d20SAndroid Build Coastguard Worker serange = "s0" 174*2d543d20SAndroid Build Coastguard Worker list_model = self.loginsSelinuxUserCombo.get_model() 175*2d543d20SAndroid Build Coastguard Worker iter = self.loginsSelinuxUserCombo.get_active_iter() 176*2d543d20SAndroid Build Coastguard Worker seuser = list_model.get_value(iter, 0) 177*2d543d20SAndroid Build Coastguard Worker self.wait() 178*2d543d20SAndroid Build Coastguard Worker (rc, out) = getstatusoutput("semanage login -m -s %s -r %s %s" % (seuser, serange, target)) 179*2d543d20SAndroid Build Coastguard Worker self.ready() 180*2d543d20SAndroid Build Coastguard Worker if rc != 0: 181*2d543d20SAndroid Build Coastguard Worker self.error(out) 182*2d543d20SAndroid Build Coastguard Worker return False 183*2d543d20SAndroid Build Coastguard Worker 184*2d543d20SAndroid Build Coastguard Worker store, iter = self.view.get_selection().get_selected() 185*2d543d20SAndroid Build Coastguard Worker self.store.set_value(iter, 0, target) 186*2d543d20SAndroid Build Coastguard Worker self.store.set_value(iter, 1, seuser) 187*2d543d20SAndroid Build Coastguard Worker self.store.set_value(iter, 2, seobject.translate(serange)) 188