2012-04-13 15:04:45 +00:00
|
|
|
## fcontextPage.py - show selinux mappings
|
|
|
|
## Copyright (C) 2006 Red Hat, Inc.
|
|
|
|
|
|
|
|
## This program is free software; you can redistribute it and/or modify
|
|
|
|
## it under the terms of the GNU General Public License as published by
|
|
|
|
## the Free Software Foundation; either version 2 of the License, or
|
|
|
|
## (at your option) any later version.
|
|
|
|
|
|
|
|
## This program is distributed in the hope that it will be useful,
|
|
|
|
## but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
## GNU General Public License for more details.
|
|
|
|
|
|
|
|
## You should have received a copy of the GNU General Public License
|
|
|
|
## along with this program; if not, write to the Free Software
|
|
|
|
## Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
|
|
|
|
|
|
|
|
## Author: Dan Walsh
|
2017-09-20 06:56:54 +00:00
|
|
|
from gi.repository import GObject, Gtk
|
2012-04-13 15:04:45 +00:00
|
|
|
import seobject
|
2016-08-04 18:34:04 +00:00
|
|
|
try:
|
|
|
|
from subprocess import getstatusoutput
|
|
|
|
except ImportError:
|
|
|
|
from commands import getstatusoutput
|
|
|
|
|
2015-07-24 08:07:13 +00:00
|
|
|
from semanagePage import *
|
2012-04-13 15:04:45 +00:00
|
|
|
|
|
|
|
SPEC_COL = 0
|
|
|
|
TYPE_COL = 1
|
|
|
|
FTYPE_COL = 2
|
|
|
|
|
2015-07-24 08:07:13 +00:00
|
|
|
|
2012-04-13 15:04:45 +00:00
|
|
|
class context:
|
2015-07-24 08:07:13 +00:00
|
|
|
|
2012-04-13 15:04:45 +00:00
|
|
|
def __init__(self, scontext):
|
|
|
|
self.scontext = scontext
|
2015-07-24 08:07:13 +00:00
|
|
|
con = scontext.split(":")
|
2012-04-13 15:04:45 +00:00
|
|
|
self.type = con[0]
|
|
|
|
if len(con) > 1:
|
|
|
|
self.mls = con[1]
|
|
|
|
else:
|
|
|
|
self.mls = "s0"
|
|
|
|
|
|
|
|
def __str__(self):
|
|
|
|
return self.scontext
|
|
|
|
|
|
|
|
##
|
|
|
|
## I18N
|
|
|
|
##
|
2022-04-01 09:57:24 +00:00
|
|
|
PROGNAME = "selinux-gui"
|
2012-04-13 15:04:45 +00:00
|
|
|
try:
|
2016-08-04 18:34:02 +00:00
|
|
|
import gettext
|
|
|
|
kwargs = {}
|
|
|
|
if sys.version_info < (3,):
|
|
|
|
kwargs['unicode'] = True
|
2022-05-06 14:06:23 +00:00
|
|
|
t = gettext.translation(PROGNAME,
|
2012-04-13 15:04:45 +00:00
|
|
|
localedir="/usr/share/locale",
|
2022-06-24 14:24:25 +00:00
|
|
|
**kwargs,
|
|
|
|
fallback=True)
|
2022-05-06 14:06:23 +00:00
|
|
|
_ = t.gettext
|
2016-08-04 18:34:02 +00:00
|
|
|
except:
|
|
|
|
try:
|
|
|
|
import builtins
|
|
|
|
builtins.__dict__['_'] = str
|
|
|
|
except ImportError:
|
|
|
|
import __builtin__
|
|
|
|
__builtin__.__dict__['_'] = unicode
|
2012-04-13 15:04:45 +00:00
|
|
|
|
|
|
|
|
|
|
|
class fcontextPage(semanagePage):
|
2015-07-24 08:07:13 +00:00
|
|
|
|
2012-04-13 15:04:45 +00:00
|
|
|
def __init__(self, xml):
|
|
|
|
semanagePage.__init__(self, xml, "fcontext", _("File Labeling"))
|
2017-09-20 06:56:54 +00:00
|
|
|
self.fcontextFilter = xml.get_object("fcontextFilterEntry")
|
2012-04-13 15:04:45 +00:00
|
|
|
self.fcontextFilter.connect("focus_out_event", self.filter_changed)
|
|
|
|
self.fcontextFilter.connect("activate", self.filter_changed)
|
|
|
|
|
2017-09-20 06:56:54 +00:00
|
|
|
self.store = Gtk.ListStore(GObject.TYPE_STRING, GObject.TYPE_STRING, GObject.TYPE_STRING)
|
|
|
|
self.view = xml.get_object("fcontextView")
|
2012-04-13 15:04:45 +00:00
|
|
|
self.view.set_model(self.store)
|
|
|
|
self.view.set_search_equal_func(self.search)
|
|
|
|
|
2017-09-20 06:56:54 +00:00
|
|
|
col = Gtk.TreeViewColumn(_("File\nSpecification"), Gtk.CellRendererText(), text=SPEC_COL)
|
|
|
|
col.set_sizing(Gtk.TreeViewColumnSizing.FIXED)
|
2015-07-24 08:07:13 +00:00
|
|
|
col.set_fixed_width(250)
|
2012-04-13 15:04:45 +00:00
|
|
|
|
|
|
|
col.set_sort_column_id(SPEC_COL)
|
|
|
|
col.set_resizable(True)
|
|
|
|
self.view.append_column(col)
|
2017-09-20 06:56:54 +00:00
|
|
|
col = Gtk.TreeViewColumn(_("Selinux\nFile Type"), Gtk.CellRendererText(), text=TYPE_COL)
|
2012-04-13 15:04:45 +00:00
|
|
|
|
2017-09-20 06:56:54 +00:00
|
|
|
col.set_sizing(Gtk.TreeViewColumnSizing.FIXED)
|
2015-07-24 08:07:13 +00:00
|
|
|
col.set_fixed_width(250)
|
2012-04-13 15:04:45 +00:00
|
|
|
col.set_sort_column_id(TYPE_COL)
|
|
|
|
col.set_resizable(True)
|
|
|
|
self.view.append_column(col)
|
2017-09-20 06:56:54 +00:00
|
|
|
col = Gtk.TreeViewColumn(_("File\nType"), Gtk.CellRendererText(), text=2)
|
2012-04-13 15:04:45 +00:00
|
|
|
col.set_sort_column_id(FTYPE_COL)
|
|
|
|
col.set_resizable(True)
|
|
|
|
self.view.append_column(col)
|
|
|
|
|
2017-09-20 06:56:54 +00:00
|
|
|
self.store.set_sort_column_id(SPEC_COL, Gtk.SortType.ASCENDING)
|
2012-04-13 15:04:45 +00:00
|
|
|
self.load()
|
2017-09-20 06:56:54 +00:00
|
|
|
self.fcontextEntry = xml.get_object("fcontextEntry")
|
|
|
|
self.fcontextFileTypeCombo = xml.get_object("fcontextFileTypeCombo")
|
gui: fix "file type" selection in fcontextPage
A change in seobject.py file_type_str_to_option made the "file type"
list not compatible with items in this ComboBox.
See commit 317743bbe2a ("python/semanage: fix export of fcontext socket
entries")
Avoid this in the future by populating the ComboBox using keys from
file_type_str_to_option.
This change disables translations on the file types, but those cause
other issues (adding file context fails the same way as with 'socket
file' since the translated strings differ form
file_type_str_to_option.keys, 'properties' of a file context entry
shows no file type for the same reason).
Fixes:
Traceback (most recent call last):
File "/usr/share/system-config-selinux/system-config-selinux.py", line 136, in add
self.tabs[self.notebook.get_current_page()].addDialog()
File "/usr/share/system-config-selinux/semanagePage.py", line 143, in addDialog
if self.add() is False:
File "/usr/share/system-config-selinux/fcontextPage.py", line 195, in add
(rc, out) = getstatusoutput("semanage fcontext -a -t %s -r %s -f '%s' '%s'" % (type, mls, seobject.file_type_str_to_option[ftype], fspec))
KeyError: 'socket file'
Signed-off-by: Vit Mojzis <vmojzis@redhat.com>
2021-02-19 14:23:14 +00:00
|
|
|
# Populate file type combo_box
|
|
|
|
liststore = self.fcontextFileTypeCombo.get_model()
|
|
|
|
for ftype in seobject.file_type_str_to_option.keys():
|
|
|
|
iter = liststore.append()
|
|
|
|
liststore.set_value(iter, 0, ftype)
|
|
|
|
iter = liststore.get_iter_first()
|
|
|
|
self.fcontextFileTypeCombo.set_active_iter(iter)
|
2017-09-20 06:56:54 +00:00
|
|
|
self.fcontextTypeEntry = xml.get_object("fcontextTypeEntry")
|
|
|
|
self.fcontextMLSEntry = xml.get_object("fcontextMLSEntry")
|
2012-04-13 15:04:45 +00:00
|
|
|
|
|
|
|
def match(self, fcon_dict, k, filter):
|
|
|
|
try:
|
2015-07-24 08:07:13 +00:00
|
|
|
f = filter.lower()
|
2012-04-13 15:04:45 +00:00
|
|
|
for con in k:
|
2015-07-24 08:07:13 +00:00
|
|
|
k = con.lower()
|
2012-04-13 15:04:45 +00:00
|
|
|
if k.find(f) >= 0:
|
|
|
|
return True
|
|
|
|
for con in fcon_dict[k]:
|
2015-07-24 08:07:13 +00:00
|
|
|
k = con.lower()
|
2012-04-13 15:04:45 +00:00
|
|
|
if k.find(f) >= 0:
|
|
|
|
return True
|
|
|
|
except:
|
|
|
|
pass
|
|
|
|
return False
|
|
|
|
|
|
|
|
def load(self, filter=""):
|
2015-07-24 08:07:13 +00:00
|
|
|
self.filter = filter
|
|
|
|
self.fcontext = seobject.fcontextRecords()
|
2012-04-13 15:04:45 +00:00
|
|
|
self.store.clear()
|
2015-07-24 08:07:13 +00:00
|
|
|
fcon_dict = self.fcontext.get_all(self.local)
|
2016-08-04 18:34:03 +00:00
|
|
|
for k in sorted(fcon_dict.keys()):
|
2012-04-13 15:04:45 +00:00
|
|
|
if not self.match(fcon_dict, k, filter):
|
|
|
|
continue
|
2015-07-24 08:07:13 +00:00
|
|
|
iter = self.store.append()
|
2012-04-13 15:04:45 +00:00
|
|
|
self.store.set_value(iter, SPEC_COL, k[0])
|
|
|
|
self.store.set_value(iter, FTYPE_COL, k[1])
|
|
|
|
if fcon_dict[k]:
|
2015-07-24 08:07:13 +00:00
|
|
|
rec = "%s:%s" % (fcon_dict[k][2], seobject.translate(fcon_dict[k][3], False))
|
2012-04-13 15:04:45 +00:00
|
|
|
else:
|
2015-07-24 08:07:13 +00:00
|
|
|
rec = "<<None>>"
|
2012-04-13 15:04:45 +00:00
|
|
|
self.store.set_value(iter, TYPE_COL, rec)
|
2015-07-24 08:07:13 +00:00
|
|
|
self.view.get_selection().select_path((0,))
|
2012-04-13 15:04:45 +00:00
|
|
|
|
|
|
|
def filter_changed(self, *arg):
|
2015-07-24 08:07:13 +00:00
|
|
|
filter = arg[0].get_text()
|
2012-04-13 15:04:45 +00:00
|
|
|
if filter != self.filter:
|
|
|
|
self.load(filter)
|
|
|
|
|
|
|
|
def dialogInit(self):
|
|
|
|
store, iter = self.view.get_selection().get_selected()
|
|
|
|
self.fcontextEntry.set_text(store.get_value(iter, SPEC_COL))
|
|
|
|
self.fcontextEntry.set_sensitive(False)
|
|
|
|
scontext = store.get_value(iter, TYPE_COL)
|
2015-07-24 08:07:13 +00:00
|
|
|
scon = context(scontext)
|
2012-04-13 15:04:45 +00:00
|
|
|
self.fcontextTypeEntry.set_text(scon.type)
|
|
|
|
self.fcontextMLSEntry.set_text(scon.mls)
|
2015-07-24 08:07:13 +00:00
|
|
|
type = store.get_value(iter, FTYPE_COL)
|
|
|
|
liststore = self.fcontextFileTypeCombo.get_model()
|
2012-04-13 15:04:45 +00:00
|
|
|
iter = liststore.get_iter_first()
|
2015-07-24 08:07:13 +00:00
|
|
|
while iter != None and liststore.get_value(iter, 0) != type:
|
2012-04-13 15:04:45 +00:00
|
|
|
iter = liststore.iter_next(iter)
|
|
|
|
if iter != None:
|
|
|
|
self.fcontextFileTypeCombo.set_active_iter(iter)
|
|
|
|
self.fcontextFileTypeCombo.set_sensitive(False)
|
|
|
|
|
|
|
|
def dialogClear(self):
|
|
|
|
self.fcontextEntry.set_text("")
|
|
|
|
self.fcontextEntry.set_sensitive(True)
|
|
|
|
self.fcontextFileTypeCombo.set_sensitive(True)
|
2018-03-01 11:03:06 +00:00
|
|
|
self.fcontextFileTypeCombo.set_active(0)
|
2012-04-13 15:04:45 +00:00
|
|
|
self.fcontextTypeEntry.set_text("")
|
|
|
|
self.fcontextMLSEntry.set_text("s0")
|
|
|
|
|
|
|
|
def delete(self):
|
|
|
|
store, iter = self.view.get_selection().get_selected()
|
|
|
|
try:
|
2015-07-24 08:07:13 +00:00
|
|
|
fspec = store.get_value(iter, SPEC_COL)
|
|
|
|
ftype = store.get_value(iter, FTYPE_COL)
|
2012-04-13 15:04:45 +00:00
|
|
|
self.wait()
|
2016-10-19 12:36:03 +00:00
|
|
|
(rc, out) = getstatusoutput("semanage fcontext -d -f '%s' '%s'" % (seobject.file_type_str_to_option[ftype], fspec))
|
2012-04-13 15:04:45 +00:00
|
|
|
self.ready()
|
|
|
|
|
|
|
|
if rc != 0:
|
|
|
|
return self.error(out)
|
|
|
|
store.remove(iter)
|
2015-07-24 08:07:13 +00:00
|
|
|
self.view.get_selection().select_path((0,))
|
2016-08-04 18:34:03 +00:00
|
|
|
except ValueError as e:
|
2012-04-13 15:04:45 +00:00
|
|
|
self.error(e.args[0])
|
|
|
|
|
|
|
|
def add(self):
|
2015-07-24 08:07:13 +00:00
|
|
|
fspec = self.fcontextEntry.get_text().strip()
|
|
|
|
type = self.fcontextTypeEntry.get_text().strip()
|
|
|
|
mls = self.fcontextMLSEntry.get_text().strip()
|
|
|
|
list_model = self.fcontextFileTypeCombo.get_model()
|
2016-10-19 12:36:03 +00:00
|
|
|
it = self.fcontextFileTypeCombo.get_active_iter()
|
2017-09-20 06:56:54 +00:00
|
|
|
ftype = list_model.get_value(it, 0)
|
2012-04-13 15:04:45 +00:00
|
|
|
self.wait()
|
2016-10-19 12:36:03 +00:00
|
|
|
(rc, out) = getstatusoutput("semanage fcontext -a -t %s -r %s -f '%s' '%s'" % (type, mls, seobject.file_type_str_to_option[ftype], fspec))
|
2012-04-13 15:04:45 +00:00
|
|
|
self.ready()
|
|
|
|
if rc != 0:
|
|
|
|
self.error(out)
|
|
|
|
return False
|
|
|
|
|
2015-07-24 08:07:13 +00:00
|
|
|
iter = self.store.append()
|
2012-04-13 15:04:45 +00:00
|
|
|
self.store.set_value(iter, SPEC_COL, fspec)
|
|
|
|
self.store.set_value(iter, FTYPE_COL, ftype)
|
|
|
|
self.store.set_value(iter, TYPE_COL, "%s:%s" % (type, mls))
|
|
|
|
|
|
|
|
def modify(self):
|
2015-07-24 08:07:13 +00:00
|
|
|
fspec = self.fcontextEntry.get_text().strip()
|
|
|
|
type = self.fcontextTypeEntry.get_text().strip()
|
|
|
|
mls = self.fcontextMLSEntry.get_text().strip()
|
|
|
|
list_model = self.fcontextFileTypeCombo.get_model()
|
2012-04-13 15:04:45 +00:00
|
|
|
iter = self.fcontextFileTypeCombo.get_active_iter()
|
2015-07-24 08:07:13 +00:00
|
|
|
ftype = list_model.get_value(iter, 0)
|
2012-04-13 15:04:45 +00:00
|
|
|
self.wait()
|
2016-10-19 12:36:03 +00:00
|
|
|
(rc, out) = getstatusoutput("semanage fcontext -m -t %s -r %s -f '%s' '%s'" % (type, mls, seobject.file_type_str_to_option[ftype], fspec))
|
2012-04-13 15:04:45 +00:00
|
|
|
self.ready()
|
|
|
|
if rc != 0:
|
|
|
|
self.error(out)
|
|
|
|
return False
|
|
|
|
|
|
|
|
store, iter = self.view.get_selection().get_selected()
|
|
|
|
self.store.set_value(iter, SPEC_COL, fspec)
|
|
|
|
self.store.set_value(iter, FTYPE_COL, ftype)
|
|
|
|
self.store.set_value(iter, TYPE_COL, "%s:%s" % (type, mls))
|