1*2d543d20SAndroid Build Coastguard Worker## portsPage.py - show selinux mappings 2*2d543d20SAndroid Build Coastguard Worker## Copyright (C) 2006 Red Hat, Inc. 3*2d543d20SAndroid Build Coastguard Worker 4*2d543d20SAndroid Build Coastguard Worker## This program is free software; you can redistribute it and/or modify 5*2d543d20SAndroid Build Coastguard Worker## it under the terms of the GNU General Public License as published by 6*2d543d20SAndroid Build Coastguard Worker## the Free Software Foundation; either version 2 of the License, or 7*2d543d20SAndroid Build Coastguard Worker## (at your option) any later version. 8*2d543d20SAndroid Build Coastguard Worker 9*2d543d20SAndroid Build Coastguard Worker## This program is distributed in the hope that it will be useful, 10*2d543d20SAndroid Build Coastguard Worker## but WITHOUT ANY WARRANTY; without even the implied warranty of 11*2d543d20SAndroid Build Coastguard Worker## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 12*2d543d20SAndroid Build Coastguard Worker## GNU General Public License for more details. 13*2d543d20SAndroid Build Coastguard Worker 14*2d543d20SAndroid Build Coastguard Worker## You should have received a copy of the GNU General Public License 15*2d543d20SAndroid Build Coastguard Worker## along with this program; if not, write to the Free Software 16*2d543d20SAndroid Build Coastguard Worker## Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. 17*2d543d20SAndroid Build Coastguard Worker 18*2d543d20SAndroid Build Coastguard Worker## Author: Dan Walsh 19*2d543d20SAndroid Build Coastguard Workerimport sys 20*2d543d20SAndroid Build Coastguard Workerfrom gi.repository import GObject, Gtk 21*2d543d20SAndroid Build Coastguard Workerimport seobject 22*2d543d20SAndroid Build Coastguard Worker 23*2d543d20SAndroid Build Coastguard WorkerTYPE_COL = 0 24*2d543d20SAndroid Build Coastguard WorkerPROTOCOL_COL = 1 25*2d543d20SAndroid Build Coastguard WorkerMLS_COL = 2 26*2d543d20SAndroid Build Coastguard WorkerPORT_COL = 3 27*2d543d20SAndroid Build Coastguard Worker 28*2d543d20SAndroid Build Coastguard Workertry: 29*2d543d20SAndroid Build Coastguard Worker from subprocess import getstatusoutput 30*2d543d20SAndroid Build Coastguard Workerexcept ImportError: 31*2d543d20SAndroid Build Coastguard Worker from commands import getstatusoutput 32*2d543d20SAndroid Build Coastguard Worker 33*2d543d20SAndroid Build Coastguard Workerfrom semanagePage import * 34*2d543d20SAndroid Build Coastguard Worker 35*2d543d20SAndroid Build Coastguard Worker## 36*2d543d20SAndroid Build Coastguard Worker## I18N 37*2d543d20SAndroid Build Coastguard Worker## 38*2d543d20SAndroid Build Coastguard WorkerPROGNAME = "selinux-gui" 39*2d543d20SAndroid Build Coastguard Workertry: 40*2d543d20SAndroid Build Coastguard Worker import gettext 41*2d543d20SAndroid Build Coastguard Worker kwargs = {} 42*2d543d20SAndroid Build Coastguard Worker if sys.version_info < (3,): 43*2d543d20SAndroid Build Coastguard Worker kwargs['unicode'] = True 44*2d543d20SAndroid Build Coastguard Worker t = gettext.translation(PROGNAME, 45*2d543d20SAndroid Build Coastguard Worker localedir="/usr/share/locale", 46*2d543d20SAndroid Build Coastguard Worker **kwargs, 47*2d543d20SAndroid Build Coastguard Worker fallback=True) 48*2d543d20SAndroid Build Coastguard Worker _ = t.gettext 49*2d543d20SAndroid Build Coastguard Workerexcept: 50*2d543d20SAndroid Build Coastguard Worker try: 51*2d543d20SAndroid Build Coastguard Worker import builtins 52*2d543d20SAndroid Build Coastguard Worker builtins.__dict__['_'] = str 53*2d543d20SAndroid Build Coastguard Worker except ImportError: 54*2d543d20SAndroid Build Coastguard Worker import __builtin__ 55*2d543d20SAndroid Build Coastguard Worker __builtin__.__dict__['_'] = unicode 56*2d543d20SAndroid Build Coastguard Worker 57*2d543d20SAndroid Build Coastguard Worker 58*2d543d20SAndroid Build Coastguard Workerclass portsPage(semanagePage): 59*2d543d20SAndroid Build Coastguard Worker 60*2d543d20SAndroid Build Coastguard Worker def __init__(self, xml): 61*2d543d20SAndroid Build Coastguard Worker semanagePage.__init__(self, xml, "ports", _("Network Port")) 62*2d543d20SAndroid Build Coastguard Worker group_listview = xml.get_object("listViewButton") 63*2d543d20SAndroid Build Coastguard Worker group_listview.connect("clicked", self.on_group_clicked) 64*2d543d20SAndroid Build Coastguard Worker self.group = False 65*2d543d20SAndroid Build Coastguard Worker self.ports_filter = xml.get_object("portsFilterEntry") 66*2d543d20SAndroid Build Coastguard Worker self.ports_filter.connect("focus_out_event", self.filter_changed) 67*2d543d20SAndroid Build Coastguard Worker self.ports_filter.connect("activate", self.filter_changed) 68*2d543d20SAndroid Build Coastguard Worker self.ports_name_entry = xml.get_object("portsNameEntry") 69*2d543d20SAndroid Build Coastguard Worker self.ports_protocol_combo = xml.get_object("portsProtocolCombo") 70*2d543d20SAndroid Build Coastguard Worker self.ports_number_entry = xml.get_object("portsNumberEntry") 71*2d543d20SAndroid Build Coastguard Worker self.ports_mls_entry = xml.get_object("portsMLSEntry") 72*2d543d20SAndroid Build Coastguard Worker self.ports_add_button = xml.get_object("portsAddButton") 73*2d543d20SAndroid Build Coastguard Worker self.ports_properties_button = xml.get_object("portsPropertiesButton") 74*2d543d20SAndroid Build Coastguard Worker self.ports_delete_button = xml.get_object("portsDeleteButton") 75*2d543d20SAndroid Build Coastguard Worker liststore = self.ports_protocol_combo.get_model() 76*2d543d20SAndroid Build Coastguard Worker iter = liststore.get_iter_first() 77*2d543d20SAndroid Build Coastguard Worker self.ports_protocol_combo.set_active_iter(iter) 78*2d543d20SAndroid Build Coastguard Worker self.init_store() 79*2d543d20SAndroid Build Coastguard Worker self.edit = True 80*2d543d20SAndroid Build Coastguard Worker self.load() 81*2d543d20SAndroid Build Coastguard Worker 82*2d543d20SAndroid Build Coastguard Worker def filter_changed(self, *arg): 83*2d543d20SAndroid Build Coastguard Worker filter = arg[0].get_text() 84*2d543d20SAndroid Build Coastguard Worker if filter != self.filter: 85*2d543d20SAndroid Build Coastguard Worker if self.edit: 86*2d543d20SAndroid Build Coastguard Worker self.load(filter) 87*2d543d20SAndroid Build Coastguard Worker else: 88*2d543d20SAndroid Build Coastguard Worker self.group_load(filter) 89*2d543d20SAndroid Build Coastguard Worker 90*2d543d20SAndroid Build Coastguard Worker def init_store(self): 91*2d543d20SAndroid Build Coastguard Worker self.store = Gtk.ListStore(GObject.TYPE_STRING, GObject.TYPE_STRING, GObject.TYPE_STRING, GObject.TYPE_STRING) 92*2d543d20SAndroid Build Coastguard Worker self.view.set_model(self.store) 93*2d543d20SAndroid Build Coastguard Worker self.store.set_sort_column_id(0, Gtk.SortType.ASCENDING) 94*2d543d20SAndroid Build Coastguard Worker 95*2d543d20SAndroid Build Coastguard Worker self.view.set_search_equal_func(self.search) 96*2d543d20SAndroid Build Coastguard Worker col = Gtk.TreeViewColumn(_("SELinux Port\nType"), Gtk.CellRendererText(), text=TYPE_COL) 97*2d543d20SAndroid Build Coastguard Worker col.set_sort_column_id(TYPE_COL) 98*2d543d20SAndroid Build Coastguard Worker col.set_resizable(True) 99*2d543d20SAndroid Build Coastguard Worker self.view.append_column(col) 100*2d543d20SAndroid Build Coastguard Worker self.store.set_sort_column_id(TYPE_COL, Gtk.SortType.ASCENDING) 101*2d543d20SAndroid Build Coastguard Worker 102*2d543d20SAndroid Build Coastguard Worker col = Gtk.TreeViewColumn(_("Protocol"), Gtk.CellRendererText(), text=PROTOCOL_COL) 103*2d543d20SAndroid Build Coastguard Worker col.set_sort_column_id(PROTOCOL_COL) 104*2d543d20SAndroid Build Coastguard Worker col.set_resizable(True) 105*2d543d20SAndroid Build Coastguard Worker self.view.append_column(col) 106*2d543d20SAndroid Build Coastguard Worker 107*2d543d20SAndroid Build Coastguard Worker self.mls_col = Gtk.TreeViewColumn(_("MLS/MCS\nLevel"), Gtk.CellRendererText(), text=MLS_COL) 108*2d543d20SAndroid Build Coastguard Worker self.mls_col.set_resizable(True) 109*2d543d20SAndroid Build Coastguard Worker self.mls_col.set_sort_column_id(MLS_COL) 110*2d543d20SAndroid Build Coastguard Worker self.view.append_column(self.mls_col) 111*2d543d20SAndroid Build Coastguard Worker 112*2d543d20SAndroid Build Coastguard Worker col = Gtk.TreeViewColumn(_("Port"), Gtk.CellRendererText(), text=PORT_COL) 113*2d543d20SAndroid Build Coastguard Worker col.set_sort_column_id(PORT_COL) 114*2d543d20SAndroid Build Coastguard Worker col.set_resizable(True) 115*2d543d20SAndroid Build Coastguard Worker self.view.append_column(col) 116*2d543d20SAndroid Build Coastguard Worker self.store.set_sort_func(PORT_COL, self.sort_int, "") 117*2d543d20SAndroid Build Coastguard Worker 118*2d543d20SAndroid Build Coastguard Worker def sort_int(self, treemodel, iter1, iter2, user_data): 119*2d543d20SAndroid Build Coastguard Worker try: 120*2d543d20SAndroid Build Coastguard Worker p1 = int(treemodel.get_value(iter1, PORT_COL).split('-')[0]) 121*2d543d20SAndroid Build Coastguard Worker p2 = int(treemodel.get_value(iter2, PORT_COL).split('-')[0]) 122*2d543d20SAndroid Build Coastguard Worker if p1 > p2: 123*2d543d20SAndroid Build Coastguard Worker return 1 124*2d543d20SAndroid Build Coastguard Worker if p1 == p2: 125*2d543d20SAndroid Build Coastguard Worker return 0 126*2d543d20SAndroid Build Coastguard Worker return -1 127*2d543d20SAndroid Build Coastguard Worker except: 128*2d543d20SAndroid Build Coastguard Worker return 0 129*2d543d20SAndroid Build Coastguard Worker 130*2d543d20SAndroid Build Coastguard Worker def load(self, filter=""): 131*2d543d20SAndroid Build Coastguard Worker self.filter = filter 132*2d543d20SAndroid Build Coastguard Worker self.port = seobject.portRecords() 133*2d543d20SAndroid Build Coastguard Worker dict = self.port.get_all(self.local) 134*2d543d20SAndroid Build Coastguard Worker self.store.clear() 135*2d543d20SAndroid Build Coastguard Worker for k in sorted(dict.keys()): 136*2d543d20SAndroid Build Coastguard Worker if not (self.match(str(k[0]), filter) or self.match(dict[k][0], filter) or self.match(k[2], filter) or self.match(dict[k][1], filter) or self.match(dict[k][1], filter)): 137*2d543d20SAndroid Build Coastguard Worker continue 138*2d543d20SAndroid Build Coastguard Worker iter = self.store.append() 139*2d543d20SAndroid Build Coastguard Worker if k[0] == k[1]: 140*2d543d20SAndroid Build Coastguard Worker self.store.set_value(iter, PORT_COL, str(k[0])) 141*2d543d20SAndroid Build Coastguard Worker else: 142*2d543d20SAndroid Build Coastguard Worker rec = "%s-%s" % k[:2] 143*2d543d20SAndroid Build Coastguard Worker self.store.set_value(iter, PORT_COL, rec) 144*2d543d20SAndroid Build Coastguard Worker self.store.set_value(iter, TYPE_COL, dict[k][0]) 145*2d543d20SAndroid Build Coastguard Worker self.store.set_value(iter, PROTOCOL_COL, k[2]) 146*2d543d20SAndroid Build Coastguard Worker self.store.set_value(iter, MLS_COL, dict[k][1]) 147*2d543d20SAndroid Build Coastguard Worker self.view.get_selection().select_path((0,)) 148*2d543d20SAndroid Build Coastguard Worker 149*2d543d20SAndroid Build Coastguard Worker def group_load(self, filter=""): 150*2d543d20SAndroid Build Coastguard Worker self.filter = filter 151*2d543d20SAndroid Build Coastguard Worker self.port = seobject.portRecords() 152*2d543d20SAndroid Build Coastguard Worker dict = self.port.get_all_by_type(self.local) 153*2d543d20SAndroid Build Coastguard Worker self.store.clear() 154*2d543d20SAndroid Build Coastguard Worker for k in sorted(dict.keys()): 155*2d543d20SAndroid Build Coastguard Worker ports_string = ", ".join(dict[k]) 156*2d543d20SAndroid Build Coastguard Worker if not (self.match(ports_string, filter) or self.match(k[0], filter) or self.match(k[1], filter)): 157*2d543d20SAndroid Build Coastguard Worker continue 158*2d543d20SAndroid Build Coastguard Worker iter = self.store.append() 159*2d543d20SAndroid Build Coastguard Worker self.store.set_value(iter, TYPE_COL, k[0]) 160*2d543d20SAndroid Build Coastguard Worker self.store.set_value(iter, PROTOCOL_COL, k[1]) 161*2d543d20SAndroid Build Coastguard Worker self.store.set_value(iter, PORT_COL, ports_string) 162*2d543d20SAndroid Build Coastguard Worker self.store.set_value(iter, MLS_COL, "") 163*2d543d20SAndroid Build Coastguard Worker self.view.get_selection().select_path((0,)) 164*2d543d20SAndroid Build Coastguard Worker 165*2d543d20SAndroid Build Coastguard Worker def propertiesDialog(self): 166*2d543d20SAndroid Build Coastguard Worker if self.edit: 167*2d543d20SAndroid Build Coastguard Worker semanagePage.propertiesDialog(self) 168*2d543d20SAndroid Build Coastguard Worker 169*2d543d20SAndroid Build Coastguard Worker def dialogInit(self): 170*2d543d20SAndroid Build Coastguard Worker store, iter = self.view.get_selection().get_selected() 171*2d543d20SAndroid Build Coastguard Worker self.ports_number_entry.set_text(store.get_value(iter, PORT_COL)) 172*2d543d20SAndroid Build Coastguard Worker self.ports_number_entry.set_sensitive(False) 173*2d543d20SAndroid Build Coastguard Worker self.ports_protocol_combo.set_sensitive(False) 174*2d543d20SAndroid Build Coastguard Worker self.ports_name_entry.set_text(store.get_value(iter, TYPE_COL)) 175*2d543d20SAndroid Build Coastguard Worker self.ports_mls_entry.set_text(store.get_value(iter, MLS_COL)) 176*2d543d20SAndroid Build Coastguard Worker protocol = store.get_value(iter, PROTOCOL_COL) 177*2d543d20SAndroid Build Coastguard Worker liststore = self.ports_protocol_combo.get_model() 178*2d543d20SAndroid Build Coastguard Worker iter = liststore.get_iter_first() 179*2d543d20SAndroid Build Coastguard Worker while iter != None and liststore.get_value(iter, 0) != protocol: 180*2d543d20SAndroid Build Coastguard Worker iter = liststore.iter_next(iter) 181*2d543d20SAndroid Build Coastguard Worker if iter != None: 182*2d543d20SAndroid Build Coastguard Worker self.ports_protocol_combo.set_active_iter(iter) 183*2d543d20SAndroid Build Coastguard Worker 184*2d543d20SAndroid Build Coastguard Worker def dialogClear(self): 185*2d543d20SAndroid Build Coastguard Worker self.ports_number_entry.set_text("") 186*2d543d20SAndroid Build Coastguard Worker self.ports_number_entry.set_sensitive(True) 187*2d543d20SAndroid Build Coastguard Worker self.ports_protocol_combo.set_sensitive(True) 188*2d543d20SAndroid Build Coastguard Worker self.ports_name_entry.set_text("") 189*2d543d20SAndroid Build Coastguard Worker self.ports_mls_entry.set_text("s0") 190*2d543d20SAndroid Build Coastguard Worker 191*2d543d20SAndroid Build Coastguard Worker def delete(self): 192*2d543d20SAndroid Build Coastguard Worker store, iter = self.view.get_selection().get_selected() 193*2d543d20SAndroid Build Coastguard Worker port = store.get_value(iter, PORT_COL) 194*2d543d20SAndroid Build Coastguard Worker protocol = store.get_value(iter, 1) 195*2d543d20SAndroid Build Coastguard Worker try: 196*2d543d20SAndroid Build Coastguard Worker self.wait() 197*2d543d20SAndroid Build Coastguard Worker (rc, out) = getstatusoutput("semanage port -d -p %s %s" % (protocol, port)) 198*2d543d20SAndroid Build Coastguard Worker self.ready() 199*2d543d20SAndroid Build Coastguard Worker if rc != 0: 200*2d543d20SAndroid Build Coastguard Worker return self.error(out) 201*2d543d20SAndroid Build Coastguard Worker store.remove(iter) 202*2d543d20SAndroid Build Coastguard Worker self.view.get_selection().select_path((0,)) 203*2d543d20SAndroid Build Coastguard Worker except ValueError as e: 204*2d543d20SAndroid Build Coastguard Worker self.error(e.args[0]) 205*2d543d20SAndroid Build Coastguard Worker 206*2d543d20SAndroid Build Coastguard Worker def add(self): 207*2d543d20SAndroid Build Coastguard Worker target = self.ports_name_entry.get_text().strip() 208*2d543d20SAndroid Build Coastguard Worker mls = self.ports_mls_entry.get_text().strip() 209*2d543d20SAndroid Build Coastguard Worker port_number = self.ports_number_entry.get_text().strip() 210*2d543d20SAndroid Build Coastguard Worker if port_number == "": 211*2d543d20SAndroid Build Coastguard Worker port_number = "1" 212*2d543d20SAndroid Build Coastguard Worker for i in port_number.split("-"): 213*2d543d20SAndroid Build Coastguard Worker if not i.isdigit(): 214*2d543d20SAndroid Build Coastguard Worker self.error(_("Port number \"%s\" is not valid. 0 < PORT_NUMBER < 65536 ") % port_number) 215*2d543d20SAndroid Build Coastguard Worker return False 216*2d543d20SAndroid Build Coastguard Worker list_model = self.ports_protocol_combo.get_model() 217*2d543d20SAndroid Build Coastguard Worker iter = self.ports_protocol_combo.get_active_iter() 218*2d543d20SAndroid Build Coastguard Worker protocol = list_model.get_value(iter, 0) 219*2d543d20SAndroid Build Coastguard Worker self.wait() 220*2d543d20SAndroid Build Coastguard Worker (rc, out) = getstatusoutput("semanage port -a -p %s -r %s -t %s %s" % (protocol, mls, target, port_number)) 221*2d543d20SAndroid Build Coastguard Worker self.ready() 222*2d543d20SAndroid Build Coastguard Worker if rc != 0: 223*2d543d20SAndroid Build Coastguard Worker self.error(out) 224*2d543d20SAndroid Build Coastguard Worker return False 225*2d543d20SAndroid Build Coastguard Worker iter = self.store.append() 226*2d543d20SAndroid Build Coastguard Worker 227*2d543d20SAndroid Build Coastguard Worker self.store.set_value(iter, TYPE_COL, target) 228*2d543d20SAndroid Build Coastguard Worker self.store.set_value(iter, PORT_COL, port_number) 229*2d543d20SAndroid Build Coastguard Worker self.store.set_value(iter, PROTOCOL_COL, protocol) 230*2d543d20SAndroid Build Coastguard Worker self.store.set_value(iter, MLS_COL, mls) 231*2d543d20SAndroid Build Coastguard Worker 232*2d543d20SAndroid Build Coastguard Worker def modify(self): 233*2d543d20SAndroid Build Coastguard Worker target = self.ports_name_entry.get_text().strip() 234*2d543d20SAndroid Build Coastguard Worker mls = self.ports_mls_entry.get_text().strip() 235*2d543d20SAndroid Build Coastguard Worker port_number = self.ports_number_entry.get_text().strip() 236*2d543d20SAndroid Build Coastguard Worker list_model = self.ports_protocol_combo.get_model() 237*2d543d20SAndroid Build Coastguard Worker iter = self.ports_protocol_combo.get_active_iter() 238*2d543d20SAndroid Build Coastguard Worker protocol = list_model.get_value(iter, 0) 239*2d543d20SAndroid Build Coastguard Worker self.wait() 240*2d543d20SAndroid Build Coastguard Worker (rc, out) = getstatusoutput("semanage port -m -p %s -r %s -t %s %s" % (protocol, mls, target, port_number)) 241*2d543d20SAndroid Build Coastguard Worker self.ready() 242*2d543d20SAndroid Build Coastguard Worker if rc != 0: 243*2d543d20SAndroid Build Coastguard Worker self.error(out) 244*2d543d20SAndroid Build Coastguard Worker return False 245*2d543d20SAndroid Build Coastguard Worker store, iter = self.view.get_selection().get_selected() 246*2d543d20SAndroid Build Coastguard Worker self.store.set_value(iter, TYPE_COL, target) 247*2d543d20SAndroid Build Coastguard Worker self.store.set_value(iter, PORT_COL, port_number) 248*2d543d20SAndroid Build Coastguard Worker self.store.set_value(iter, PROTOCOL_COL, protocol) 249*2d543d20SAndroid Build Coastguard Worker self.store.set_value(iter, MLS_COL, mls) 250*2d543d20SAndroid Build Coastguard Worker 251*2d543d20SAndroid Build Coastguard Worker def on_group_clicked(self, button): 252*2d543d20SAndroid Build Coastguard Worker self.ports_add_button.set_sensitive(self.group) 253*2d543d20SAndroid Build Coastguard Worker self.ports_properties_button.set_sensitive(self.group) 254*2d543d20SAndroid Build Coastguard Worker self.ports_delete_button.set_sensitive(self.group) 255*2d543d20SAndroid Build Coastguard Worker self.mls_col.set_visible(self.group) 256*2d543d20SAndroid Build Coastguard Worker 257*2d543d20SAndroid Build Coastguard Worker self.group = not self.group 258*2d543d20SAndroid Build Coastguard Worker if self.group: 259*2d543d20SAndroid Build Coastguard Worker button.set_label(_("List View")) 260*2d543d20SAndroid Build Coastguard Worker self.group_load(self.filter) 261*2d543d20SAndroid Build Coastguard Worker else: 262*2d543d20SAndroid Build Coastguard Worker button.set_label(_("Group View")) 263*2d543d20SAndroid Build Coastguard Worker self.load(self.filter) 264*2d543d20SAndroid Build Coastguard Worker 265*2d543d20SAndroid Build Coastguard Worker return True 266