1 ## usersPage.py - show selinux mappings 2 ## Copyright (C) 2006,2007,2008 Red Hat, Inc. 3 4 ## This program is free software; you can redistribute it and/or modify 5 ## it under the terms of the GNU General Public License as published by 6 ## the Free Software Foundation; either version 2 of the License, or 7 ## (at your option) any later version. 8 9 ## This program is distributed in the hope that it will be useful, 10 ## but WITHOUT ANY WARRANTY; without even the implied warranty of 11 ## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 12 ## GNU General Public License for more details. 13 14 ## You should have received a copy of the GNU General Public License 15 ## along with this program; if not, write to the Free Software 16 ## Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. 17 18 ## Author: Dan Walsh 19 import string 20 import gtk 21 import gtk.glade 22 import os 23 import gobject 24 import sys 25 import commands 26 import seobject 27 from semanagePage import * 28 29 ## 30 ## I18N 31 ## 32 PROGNAME = "policycoreutils" 33 import gettext 34 gettext.bindtextdomain(PROGNAME, "/usr/share/locale") 35 gettext.textdomain(PROGNAME) 36 try: 37 gettext.install(PROGNAME, localedir="/usr/share/locale", unicode=1) 38 except IOError: 39 import __builtin__ 40 __builtin__.__dict__['_'] = unicode 41 42 43 class usersPage(semanagePage): 44 45 def __init__(self, xml): 46 semanagePage.__init__(self, xml, "users", _("SELinux User")) 47 48 self.store = gtk.ListStore(gobject.TYPE_STRING, gobject.TYPE_STRING, gobject.TYPE_STRING, gobject.TYPE_STRING, gobject.TYPE_STRING) 49 self.view.set_model(self.store) 50 self.store.set_sort_column_id(0, gtk.SORT_ASCENDING) 51 52 col = gtk.TreeViewColumn(_("SELinux\nUser"), gtk.CellRendererText(), text=0) 53 col.set_sort_column_id(0) 54 col.set_resizable(True) 55 self.view.append_column(col) 56 57 col = gtk.TreeViewColumn(_("MLS/\nMCS Range"), gtk.CellRendererText(), text=1) 58 col.set_resizable(True) 59 self.view.append_column(col) 60 61 col = gtk.TreeViewColumn(_("SELinux Roles"), gtk.CellRendererText(), text=2) 62 col.set_resizable(True) 63 self.view.append_column(col) 64 65 self.load() 66 self.selinuxUserEntry = xml.get_widget("selinuxUserEntry") 67 self.mlsRangeEntry = xml.get_widget("mlsRangeEntry") 68 self.selinuxRolesEntry = xml.get_widget("selinuxRolesEntry") 69 70 def load(self, filter=""): 71 self.filter = filter 72 self.user = seobject.seluserRecords() 73 dict = self.user.get_all() 74 keys = dict.keys() 75 keys.sort() 76 self.store.clear() 77 for k in keys: 78 range = seobject.translate(dict[k][2]) 79 if not (self.match(k, filter) or self.match(dict[k][0], filter) or self.match(range, filter) or self.match(dict[k][3], filter)): 80 continue 81 82 iter = self.store.append() 83 self.store.set_value(iter, 0, k) 84 self.store.set_value(iter, 1, range) 85 self.store.set_value(iter, 2, dict[k][3]) 86 self.view.get_selection().select_path((0,)) 87 88 def delete(self): 89 if semanagePage.delete(self) == gtk.RESPONSE_NO: 90 return None 91 92 def dialogInit(self): 93 store, iter = self.view.get_selection().get_selected() 94 self.selinuxUserEntry.set_text(store.get_value(iter, 0)) 95 self.selinuxUserEntry.set_sensitive(False) 96 self.mlsRangeEntry.set_text(store.get_value(iter, 1)) 97 self.selinuxRolesEntry.set_text(store.get_value(iter, 2)) 98 99 def dialogClear(self): 100 self.selinuxUserEntry.set_text("") 101 self.selinuxUserEntry.set_sensitive(True) 102 self.mlsRangeEntry.set_text("s0") 103 self.selinuxRolesEntry.set_text("") 104 105 def add(self): 106 user = self.selinuxUserEntry.get_text() 107 range = self.mlsRangeEntry.get_text() 108 roles = self.selinuxRolesEntry.get_text() 109 110 self.wait() 111 (rc, out) = commands.getstatusoutput("semanage user -a -R '%s' -r %s %s" % (roles, range, user)) 112 self.ready() 113 if rc != 0: 114 self.error(out) 115 return False 116 iter = self.store.append() 117 self.store.set_value(iter, 0, user) 118 self.store.set_value(iter, 1, range) 119 self.store.set_value(iter, 2, roles) 120 121 def modify(self): 122 user = self.selinuxUserEntry.get_text() 123 range = self.mlsRangeEntry.get_text() 124 roles = self.selinuxRolesEntry.get_text() 125 126 self.wait() 127 (rc, out) = commands.getstatusoutput("semanage user -m -R '%s' -r %s %s" % (roles, range, user)) 128 self.ready() 129 130 if rc != 0: 131 self.error(out) 132 return False 133 self.load(self.filter) 134 135 def delete(self): 136 store, iter = self.view.get_selection().get_selected() 137 try: 138 user = store.get_value(iter, 0) 139 if user == "root" or user == "user_u": 140 raise ValueError(_("SELinux user '%s' is required") % user) 141 142 self.wait() 143 (rc, out) = commands.getstatusoutput("semanage user -d %s" % user) 144 self.ready() 145 if rc != 0: 146 self.error(out) 147 return False 148 store.remove(iter) 149 self.view.get_selection().select_path((0,)) 150 except ValueError, e: 151 self.error(e.args[0]) 152
