1## modulesPage.py - show selinux mappings 2## Copyright (C) 2006-2009 Red Hat, Inc. 3 4## This program is free software; you can redistribute it and/or modify 5## it under the terms of the GNU General Public License as published by 6## the Free Software Foundation; either version 2 of the License, or 7## (at your option) any later version. 8 9## This program is distributed in the hope that it will be useful, 10## but WITHOUT ANY WARRANTY; without even the implied warranty of 11## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 12## GNU General Public License for more details. 13 14## You should have received a copy of the GNU General Public License 15## along with this program; if not, write to the Free Software 16## Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. 17 18## Author: Dan Walsh 19import sys 20from subprocess import Popen, PIPE 21try: 22 from subprocess import getstatusoutput 23except ImportError: 24 from commands import getstatusoutput 25 26from gi.repository import GObject, Gtk 27import selinux 28from semanagePage import * 29 30## 31## I18N 32## 33PROGNAME = "selinux-gui" 34try: 35 import gettext 36 kwargs = {} 37 if sys.version_info < (3,): 38 kwargs['unicode'] = True 39 t = gettext.translation(PROGNAME, 40 localedir="/usr/share/locale", 41 **kwargs, 42 fallback=True) 43 _ = t.gettext 44except: 45 try: 46 import builtins 47 builtins.__dict__['_'] = str 48 except ImportError: 49 import __builtin__ 50 __builtin__.__dict__['_'] = unicode 51 52 53class modulesPage(semanagePage): 54 55 def __init__(self, xml): 56 semanagePage.__init__(self, xml, "modules", _("Policy Module")) 57 self.module_filter = xml.get_object("modulesFilterEntry") 58 self.module_filter.connect("focus_out_event", self.filter_changed) 59 self.module_filter.connect("activate", self.filter_changed) 60 self.audit_enabled = False 61 62 self.store = Gtk.ListStore(GObject.TYPE_STRING, GObject.TYPE_STRING, 63 GObject.TYPE_STRING) 64 self.view.set_model(self.store) 65 self.store.set_sort_column_id(0, Gtk.SortType.ASCENDING) 66 col = Gtk.TreeViewColumn(_("Module Name"), Gtk.CellRendererText(), text=0) 67 col.set_sort_column_id(0) 68 col.set_resizable(True) 69 self.view.append_column(col) 70 self.store.set_sort_column_id(0, Gtk.SortType.ASCENDING) 71 col = Gtk.TreeViewColumn(_("Priority"), Gtk.CellRendererText(), text=1) 72 self.enable_audit_button = xml.get_object("enableAuditButton") 73 self.enable_audit_button.connect("clicked", self.enable_audit) 74 self.new_button = xml.get_object("newModuleButton") 75 self.new_button.connect("clicked", self.new_module) 76 col.set_sort_column_id(1) 77 col.set_resizable(True) 78 self.view.append_column(col) 79 self.store.set_sort_column_id(2, Gtk.SortType.ASCENDING) 80 col = Gtk.TreeViewColumn(_("Kind"), Gtk.CellRendererText(), text=2) 81 col.set_sort_column_id(2) 82 col.set_resizable(True) 83 self.view.append_column(col) 84 self.store.set_sort_func(1, self.sort_int, "") 85 status, self.policy_type = selinux.selinux_getpolicytype() 86 87 self.load() 88 89 def sort_int(self, treemodel, iter1, iter2, user_data): 90 try: 91 p1 = int(treemodel.get_value(iter1, 1)) 92 p2 = int(treemodel.get_value(iter1, 1)) 93 if p1 > p2: 94 return 1 95 if p1 == p2: 96 return 0 97 return -1 98 except: 99 return 0 100 101 def load(self, filter=""): 102 self.filter = filter 103 self.store.clear() 104 try: 105 fd = Popen("semodule -lfull", shell=True, stdout=PIPE).stdout 106 l = fd.readlines() 107 fd.close() 108 for i in l: 109 priority, module, kind = i.decode('utf-8').split() 110 if not (self.match(module, filter) or self.match(priority, filter)): 111 continue 112 iter = self.store.append() 113 self.store.set_value(iter, 0, module.strip()) 114 self.store.set_value(iter, 1, priority.strip()) 115 self.store.set_value(iter, 2, kind.strip()) 116 except: 117 pass 118 self.view.get_selection().select_path((0,)) 119 120 def new_module(self, args): 121 try: 122 Popen(["selinux-polgengui"]) 123 except ValueError as e: 124 self.error(e.args[0]) 125 126 def delete(self): 127 store, iter = self.view.get_selection().get_selected() 128 module = store.get_value(iter, 0) 129 priority = store.get_value(iter, 1) 130 try: 131 self.wait() 132 status, output = getstatusoutput("semodule -X %s -r %s" % (priority, module)) 133 self.ready() 134 if status != 0: 135 self.error(output) 136 else: 137 store.remove(iter) 138 self.view.get_selection().select_path((0,)) 139 140 except ValueError as e: 141 self.error(e.args[0]) 142 143 def enable_audit(self, button): 144 self.audit_enabled = not self.audit_enabled 145 try: 146 self.wait() 147 if self.audit_enabled: 148 status, output = getstatusoutput("semodule -DB") 149 button.set_label(_("Disable Audit")) 150 else: 151 status, output = getstatusoutput("semodule -B") 152 button.set_label(_("Enable Audit")) 153 self.ready() 154 155 if status != 0: 156 self.error(output) 157 158 except ValueError as e: 159 self.error(e.args[0]) 160 161 def disable_audit(self, button): 162 try: 163 self.wait() 164 status, output = getstatusoutput("semodule -B") 165 self.ready() 166 if status != 0: 167 self.error(output) 168 169 except ValueError as e: 170 self.error(e.args[0]) 171 172 def propertiesDialog(self): 173 # Do nothing 174 return 175 176 def addDialog(self): 177 dialog = Gtk.FileChooserDialog(_("Load Policy Module"), 178 None, 179 Gtk.FileChooserAction.OPEN, 180 (Gtk.STOCK_CANCEL, Gtk.ResponseType.CANCEL, 181 Gtk.STOCK_OPEN, Gtk.ResponseType.OK)) 182 dialog.set_default_response(Gtk.ResponseType.OK) 183 184 filter = Gtk.FileFilter() 185 filter.set_name("Policy Files") 186 filter.add_pattern("*.pp") 187 dialog.add_filter(filter) 188 189 response = dialog.run() 190 if response == Gtk.ResponseType.OK: 191 self.add(dialog.get_filename()) 192 dialog.destroy() 193 194 def add(self, file): 195 try: 196 self.wait() 197 status, output = getstatusoutput("semodule -i %s" % file) 198 self.ready() 199 if status != 0: 200 self.error(output) 201 else: 202 self.load() 203 204 except ValueError as e: 205 self.error(e.args[0]) 206