1 ## usersPage.py - show selinux mappings 2 ## Copyright (C) 2006,2007,2008 Red Hat, Inc. 3 4 ## This program is free software; you can redistribute it and/or modify 5 ## it under the terms of the GNU General Public License as published by 6 ## the Free Software Foundation; either version 2 of the License, or 7 ## (at your option) any later version. 8 9 ## This program is distributed in the hope that it will be useful, 10 ## but WITHOUT ANY WARRANTY; without even the implied warranty of 11 ## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 12 ## GNU General Public License for more details. 13 14 ## You should have received a copy of the GNU General Public License 15 ## along with this program; if not, write to the Free Software 16 ## Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. 17 18 ## Author: Dan Walsh 19 import sys 20 try: 21 from subprocess import getstatusoutput 22 except ImportError: 23 from commands import getstatusoutput 24 25 from gi.repository import GObject, Gtk 26 import seobject 27 from semanagePage import * 28 29 ## 30 ## I18N 31 ## 32 PROGNAME = "policycoreutils" 33 try: 34 import gettext 35 kwargs = {} 36 if sys.version_info < (3,): 37 kwargs['unicode'] = True 38 gettext.install(PROGNAME, 39 localedir="/usr/share/locale", 40 codeset='utf-8', 41 **kwargs) 42 except: 43 try: 44 import builtins 45 builtins.__dict__['_'] = str 46 except ImportError: 47 import __builtin__ 48 __builtin__.__dict__['_'] = unicode 49 50 51 class usersPage(semanagePage): 52 53 def __init__(self, xml): 54 semanagePage.__init__(self, xml, "users", _("SELinux User")) 55 56 self.store = Gtk.ListStore(GObject.TYPE_STRING, GObject.TYPE_STRING, GObject.TYPE_STRING, GObject.TYPE_STRING, GObject.TYPE_STRING) 57 self.view.set_model(self.store) 58 self.store.set_sort_column_id(0, Gtk.SortType.ASCENDING) 59 60 col = Gtk.TreeViewColumn(_("SELinux\nUser"), Gtk.CellRendererText(), text=0) 61 col.set_sort_column_id(0) 62 col.set_resizable(True) 63 self.view.append_column(col) 64 65 col = Gtk.TreeViewColumn(_("MLS/\nMCS Range"), Gtk.CellRendererText(), text=1) 66 col.set_resizable(True) 67 self.view.append_column(col) 68 69 col = Gtk.TreeViewColumn(_("SELinux Roles"), Gtk.CellRendererText(), text=2) 70 col.set_resizable(True) 71 self.view.append_column(col) 72 73 self.load() 74 self.selinuxUserEntry = xml.get_object("selinuxUserEntry") 75 self.mlsRangeEntry = xml.get_object("mlsRangeEntry") 76 self.selinuxRolesEntry = xml.get_object("selinuxRolesEntry") 77 78 def load(self, filter=""): 79 self.filter = filter 80 self.user = seobject.seluserRecords() 81 dict = self.user.get_all() 82 self.store.clear() 83 for k in sorted(dict.keys()): 84 range = seobject.translate(dict[k][2]) 85 if not (self.match(k, filter) or self.match(dict[k][0], filter) or self.match(range, filter) or self.match(dict[k][3], filter)): 86 continue 87 88 iter = self.store.append() 89 self.store.set_value(iter, 0, k) 90 self.store.set_value(iter, 1, range) 91 self.store.set_value(iter, 2, dict[k][3]) 92 self.view.get_selection().select_path((0,)) 93 94 def dialogInit(self): 95 store, iter = self.view.get_selection().get_selected() 96 self.selinuxUserEntry.set_text(store.get_value(iter, 0)) 97 self.selinuxUserEntry.set_sensitive(False) 98 self.mlsRangeEntry.set_text(store.get_value(iter, 1)) 99 self.selinuxRolesEntry.set_text(store.get_value(iter, 2)) 100 101 def dialogClear(self): 102 self.selinuxUserEntry.set_text("") 103 self.selinuxUserEntry.set_sensitive(True) 104 self.mlsRangeEntry.set_text("s0") 105 self.selinuxRolesEntry.set_text("") 106 107 def add(self): 108 user = self.selinuxUserEntry.get_text() 109 range = self.mlsRangeEntry.get_text() 110 roles = self.selinuxRolesEntry.get_text() 111 112 self.wait() 113 (rc, out) = getstatusoutput("semanage user -a -R '%s' -r %s %s" % (roles, range, user)) 114 self.ready() 115 if rc != 0: 116 self.error(out) 117 return False 118 iter = self.store.append() 119 self.store.set_value(iter, 0, user) 120 self.store.set_value(iter, 1, range) 121 self.store.set_value(iter, 2, roles) 122 123 def modify(self): 124 user = self.selinuxUserEntry.get_text() 125 range = self.mlsRangeEntry.get_text() 126 roles = self.selinuxRolesEntry.get_text() 127 128 self.wait() 129 (rc, out) = getstatusoutput("semanage user -m -R '%s' -r %s %s" % (roles, range, user)) 130 self.ready() 131 132 if rc != 0: 133 self.error(out) 134 return False 135 self.load(self.filter) 136 137 def delete(self): 138 store, iter = self.view.get_selection().get_selected() 139 try: 140 user = store.get_value(iter, 0) 141 if user == "root" or user == "user_u": 142 raise ValueError(_("SELinux user '%s' is required") % user) 143 144 self.wait() 145 (rc, out) = getstatusoutput("semanage user -d %s" % user) 146 self.ready() 147 if rc != 0: 148 self.error(out) 149 return False 150 store.remove(iter) 151 self.view.get_selection().select_path((0,)) 152 except ValueError as e: 153 self.error(e.args[0]) 154
