1 ## usersPage.py - show selinux mappings 2 ## Copyright (C) 2006,2007,2008 Red Hat, Inc. 3 4 ## This program is free software; you can redistribute it and/or modify 5 ## it under the terms of the GNU General Public License as published by 6 ## the Free Software Foundation; either version 2 of the License, or 7 ## (at your option) any later version. 8 9 ## This program is distributed in the hope that it will be useful, 10 ## but WITHOUT ANY WARRANTY; without even the implied warranty of 11 ## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 12 ## GNU General Public License for more details. 13 14 ## You should have received a copy of the GNU General Public License 15 ## along with this program; if not, write to the Free Software 16 ## Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. 17 18 ## Author: Dan Walsh 19 import string 20 import gtk 21 import gtk.glade 22 import os 23 import gobject 24 import sys 25 import commands 26 import seobject 27 from semanagePage import *; 28 29 ## 30 ## I18N 31 ## 32 PROGNAME="policycoreutils" 33 import gettext 34 gettext.bindtextdomain(PROGNAME, "/usr/share/locale") 35 gettext.textdomain(PROGNAME) 36 try: 37 gettext.install(PROGNAME, localedir="/usr/share/locale", unicode=1) 38 except IOError: 39 import __builtin__ 40 __builtin__.__dict__['_'] = unicode 41 42 class usersPage(semanagePage): 43 def __init__(self, xml): 44 semanagePage.__init__(self, xml, "users", _("SELinux User")) 45 46 self.store = gtk.ListStore(gobject.TYPE_STRING, gobject.TYPE_STRING, gobject.TYPE_STRING, gobject.TYPE_STRING, gobject.TYPE_STRING) 47 self.view.set_model(self.store) 48 self.store.set_sort_column_id(0, gtk.SORT_ASCENDING) 49 50 col = gtk.TreeViewColumn(_("SELinux\nUser"), gtk.CellRendererText(), text = 0) 51 col.set_sort_column_id(0) 52 col.set_resizable(True) 53 self.view.append_column(col) 54 55 col = gtk.TreeViewColumn(_("MLS/\nMCS Range"), gtk.CellRendererText(), text = 1) 56 col.set_resizable(True) 57 self.view.append_column(col) 58 59 col = gtk.TreeViewColumn(_("SELinux Roles"), gtk.CellRendererText(), text = 2) 60 col.set_resizable(True) 61 self.view.append_column(col) 62 63 self.load() 64 self.selinuxUserEntry = xml.get_widget("selinuxUserEntry") 65 self.mlsRangeEntry = xml.get_widget("mlsRangeEntry") 66 self.selinuxRolesEntry = xml.get_widget("selinuxRolesEntry") 67 68 def load(self, filter = ""): 69 self.filter=filter 70 self.user = seobject.seluserRecords() 71 dict = self.user.get_all() 72 keys = dict.keys() 73 keys.sort() 74 self.store.clear() 75 for k in keys: 76 range = seobject.translate(dict[k][2]) 77 if not (self.match(k, filter) or self.match(dict[k][0], filter) or self.match(range, filter) or self.match(dict[k][3], filter)): 78 continue 79 80 iter = self.store.append() 81 self.store.set_value(iter, 0, k) 82 self.store.set_value(iter, 1, range) 83 self.store.set_value(iter, 2, dict[k][3]) 84 self.view.get_selection().select_path ((0,)) 85 86 def delete(self): 87 if semanagePage.delete(self) == gtk.RESPONSE_NO: 88 return None 89 90 def dialogInit(self): 91 store, iter = self.view.get_selection().get_selected() 92 self.selinuxUserEntry.set_text(store.get_value(iter, 0)) 93 self.selinuxUserEntry.set_sensitive(False) 94 self.mlsRangeEntry.set_text(store.get_value(iter, 1)) 95 self.selinuxRolesEntry.set_text(store.get_value(iter, 2)) 96 97 def dialogClear(self): 98 self.selinuxUserEntry.set_text("") 99 self.selinuxUserEntry.set_sensitive(True) 100 self.mlsRangeEntry.set_text("s0") 101 self.selinuxRolesEntry.set_text("") 102 103 def add(self): 104 user = self.selinuxUserEntry.get_text() 105 range = self.mlsRangeEntry.get_text() 106 roles = self.selinuxRolesEntry.get_text() 107 108 self.wait() 109 (rc, out) = commands.getstatusoutput("semanage user -a -R '%s' -r %s %s" % (roles, range, user)) 110 self.ready() 111 if rc != 0: 112 self.error(out) 113 return False 114 iter = self.store.append() 115 self.store.set_value(iter, 0, user) 116 self.store.set_value(iter, 1, range) 117 self.store.set_value(iter, 2, roles) 118 119 def modify(self): 120 user = self.selinuxUserEntry.get_text() 121 range = self.mlsRangeEntry.get_text() 122 roles = self.selinuxRolesEntry.get_text() 123 124 self.wait() 125 (rc, out) = commands.getstatusoutput("semanage user -m -R '%s' -r %s %s" % (roles, range, user)) 126 self.ready() 127 128 if rc != 0: 129 self.error(out) 130 return False 131 self.load(self.filter) 132 133 def delete(self): 134 store, iter = self.view.get_selection().get_selected() 135 try: 136 user=store.get_value(iter, 0) 137 if user == "root" or user == "user_u": 138 raise ValueError(_("SELinux user '%s' is required") % user) 139 140 self.wait() 141 (rc, out) = commands.getstatusoutput("semanage user -d %s" % user) 142 self.ready() 143 if rc != 0: 144 self.error(out) 145 return False 146 store.remove(iter) 147 self.view.get_selection().select_path ((0,)) 148 except ValueError, e: 149 self.error(e.args[0]) 150
