普通文本  |  265行  |  10.2 KB

## portsPage.py - show selinux mappings
## Copyright (C) 2006 Red Hat, Inc.

## This program is free software; you can redistribute it and/or modify
## it under the terms of the GNU General Public License as published by
## the Free Software Foundation; either version 2 of the License, or
## (at your option) any later version.

## This program is distributed in the hope that it will be useful,
## but WITHOUT ANY WARRANTY; without even the implied warranty of
## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
## GNU General Public License for more details.

## You should have received a copy of the GNU General Public License
## along with this program; if not, write to the Free Software
## Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.

## Author: Dan Walsh
import sys
from gi.repository import GObject, Gtk
import seobject

TYPE_COL = 0
PROTOCOL_COL = 1
MLS_COL = 2
PORT_COL = 3

try:
    from subprocess import getstatusoutput
except ImportError:
    from commands import getstatusoutput

from semanagePage import *

##
## I18N
##
PROGNAME = "policycoreutils"
try:
    import gettext
    kwargs = {}
    if sys.version_info < (3,):
        kwargs['unicode'] = True
    gettext.install(PROGNAME,
                    localedir="/usr/share/locale",
                    codeset='utf-8',
                    **kwargs)
except:
    try:
        import builtins
        builtins.__dict__['_'] = str
    except ImportError:
        import __builtin__
        __builtin__.__dict__['_'] = unicode


class portsPage(semanagePage):

    def __init__(self, xml):
        semanagePage.__init__(self, xml, "ports", _("Network Port"))
        group_listview = xml.get_object("listViewButton")
        group_listview.connect("clicked", self.on_group_clicked)
        self.group = False
        self.ports_filter = xml.get_object("portsFilterEntry")
        self.ports_filter.connect("focus_out_event", self.filter_changed)
        self.ports_filter.connect("activate", self.filter_changed)
        self.ports_name_entry = xml.get_object("portsNameEntry")
        self.ports_protocol_combo = xml.get_object("portsProtocolCombo")
        self.ports_number_entry = xml.get_object("portsNumberEntry")
        self.ports_mls_entry = xml.get_object("portsMLSEntry")
        self.ports_add_button = xml.get_object("portsAddButton")
        self.ports_properties_button = xml.get_object("portsPropertiesButton")
        self.ports_delete_button = xml.get_object("portsDeleteButton")
        liststore = self.ports_protocol_combo.get_model()
        iter = liststore.get_iter_first()
        self.ports_protocol_combo.set_active_iter(iter)
        self.init_store()
        self.edit = True
        self.load()

    def filter_changed(self, *arg):
        filter = arg[0].get_text()
        if filter != self.filter:
            if self.edit:
                self.load(filter)
            else:
                self.group_load(filter)

    def init_store(self):
        self.store = Gtk.ListStore(GObject.TYPE_STRING, GObject.TYPE_STRING, GObject.TYPE_STRING, GObject.TYPE_STRING)
        self.view.set_model(self.store)
        self.store.set_sort_column_id(0, Gtk.SortType.ASCENDING)

        self.view.set_search_equal_func(self.search)
        col = Gtk.TreeViewColumn(_("SELinux Port\nType"), Gtk.CellRendererText(), text=TYPE_COL)
        col.set_sort_column_id(TYPE_COL)
        col.set_resizable(True)
        self.view.append_column(col)
        self.store.set_sort_column_id(TYPE_COL, Gtk.SortType.ASCENDING)

        col = Gtk.TreeViewColumn(_("Protocol"), Gtk.CellRendererText(), text=PROTOCOL_COL)
        col.set_sort_column_id(PROTOCOL_COL)
        col.set_resizable(True)
        self.view.append_column(col)

        self.mls_col = Gtk.TreeViewColumn(_("MLS/MCS\nLevel"), Gtk.CellRendererText(), text=MLS_COL)
        self.mls_col.set_resizable(True)
        self.mls_col.set_sort_column_id(MLS_COL)
        self.view.append_column(self.mls_col)

        col = Gtk.TreeViewColumn(_("Port"), Gtk.CellRendererText(), text=PORT_COL)
        col.set_sort_column_id(PORT_COL)
        col.set_resizable(True)
        self.view.append_column(col)
        self.store.set_sort_func(PORT_COL, self.sort_int, "")

    def sort_int(self, treemodel, iter1, iter2, user_data):
        try:
            p1 = int(treemodel.get_value(iter1, PORT_COL).split('-')[0])
            p2 = int(treemodel.get_value(iter2, PORT_COL).split('-')[0])
            if p1 > p2:
                return 1
            if p1 == p2:
                return 0
            return -1
        except:
            return 0

    def load(self, filter=""):
        self.filter = filter
        self.port = seobject.portRecords()
        dict = self.port.get_all(self.local)
        self.store.clear()
        for k in sorted(dict.keys()):
            if not (self.match(str(k[0]), filter) or self.match(dict[k][0], filter) or self.match(k[2], filter) or self.match(dict[k][1], filter) or self.match(dict[k][1], filter)):
                continue
            iter = self.store.append()
            if k[0] == k[1]:
                self.store.set_value(iter, PORT_COL, str(k[0]))
            else:
                rec = "%s-%s" % k[:2]
                self.store.set_value(iter, PORT_COL, rec)
            self.store.set_value(iter, TYPE_COL, dict[k][0])
            self.store.set_value(iter, PROTOCOL_COL, k[2])
            self.store.set_value(iter, MLS_COL, dict[k][1])
        self.view.get_selection().select_path((0,))

    def group_load(self, filter=""):
        self.filter = filter
        self.port = seobject.portRecords()
        dict = self.port.get_all_by_type(self.local)
        self.store.clear()
        for k in sorted(dict.keys()):
            ports_string = ", ".join(dict[k])
            if not (self.match(ports_string, filter) or self.match(k[0], filter) or self.match(k[1], filter)):
                continue
            iter = self.store.append()
            self.store.set_value(iter, TYPE_COL, k[0])
            self.store.set_value(iter, PROTOCOL_COL, k[1])
            self.store.set_value(iter, PORT_COL, ports_string)
            self.store.set_value(iter, MLS_COL, "")
        self.view.get_selection().select_path((0,))

    def propertiesDialog(self):
        if self.edit:
            semanagePage.propertiesDialog(self)

    def dialogInit(self):
        store, iter = self.view.get_selection().get_selected()
        self.ports_number_entry.set_text(store.get_value(iter, PORT_COL))
        self.ports_number_entry.set_sensitive(False)
        self.ports_protocol_combo.set_sensitive(False)
        self.ports_name_entry.set_text(store.get_value(iter, TYPE_COL))
        self.ports_mls_entry.set_text(store.get_value(iter, MLS_COL))
        protocol = store.get_value(iter, PROTOCOL_COL)
        liststore = self.ports_protocol_combo.get_model()
        iter = liststore.get_iter_first()
        while iter != None and liststore.get_value(iter, 0) != protocol:
            iter = liststore.iter_next(iter)
        if iter != None:
            self.ports_protocol_combo.set_active_iter(iter)

    def dialogClear(self):
        self.ports_number_entry.set_text("")
        self.ports_number_entry.set_sensitive(True)
        self.ports_protocol_combo.set_sensitive(True)
        self.ports_name_entry.set_text("")
        self.ports_mls_entry.set_text("s0")

    def delete(self):
        store, iter = self.view.get_selection().get_selected()
        port = store.get_value(iter, PORT_COL)
        protocol = store.get_value(iter, 1)
        try:
            self.wait()
            (rc, out) = getstatusoutput("semanage port -d -p %s %s" % (protocol, port))
            self.ready()
            if rc != 0:
                return self.error(out)
            store.remove(iter)
            self.view.get_selection().select_path((0,))
        except ValueError as e:
            self.error(e.args[0])

    def add(self):
        target = self.ports_name_entry.get_text().strip()
        mls = self.ports_mls_entry.get_text().strip()
        port_number = self.ports_number_entry.get_text().strip()
        if port_number == "":
            port_number = "1"
        for i in port_number.split("-"):
            if not i.isdigit():
                self.error(_("Port number \"%s\" is not valid.  0 < PORT_NUMBER < 65536 ") % port_number)
                return False
        list_model = self.ports_protocol_combo.get_model()
        iter = self.ports_protocol_combo.get_active_iter()
        protocol = list_model.get_value(iter, 0)
        self.wait()
        (rc, out) = getstatusoutput("semanage port -a -p %s -r %s -t %s %s" % (protocol, mls, target, port_number))
        self.ready()
        if rc != 0:
            self.error(out)
            return False
        iter = self.store.append()

        self.store.set_value(iter, TYPE_COL, target)
        self.store.set_value(iter, PORT_COL, port_number)
        self.store.set_value(iter, PROTOCOL_COL, protocol)
        self.store.set_value(iter, MLS_COL, mls)

    def modify(self):
        target = self.ports_name_entry.get_text().strip()
        mls = self.ports_mls_entry.get_text().strip()
        port_number = self.ports_number_entry.get_text().strip()
        list_model = self.ports_protocol_combo.get_model()
        iter = self.ports_protocol_combo.get_active_iter()
        protocol = list_model.get_value(iter, 0)
        self.wait()
        (rc, out) = getstatusoutput("semanage port -m -p %s -r %s -t %s %s" % (protocol, mls, target, port_number))
        self.ready()
        if rc != 0:
            self.error(out)
            return False
        store, iter = self.view.get_selection().get_selected()
        self.store.set_value(iter, TYPE_COL, target)
        self.store.set_value(iter, PORT_COL, port_number)
        self.store.set_value(iter, PROTOCOL_COL, protocol)
        self.store.set_value(iter, MLS_COL, mls)

    def on_group_clicked(self, button):
        self.ports_add_button.set_sensitive(self.group)
        self.ports_properties_button.set_sensitive(self.group)
        self.ports_delete_button.set_sensitive(self.group)
        self.mls_col.set_visible(self.group)

        self.group = not self.group
        if self.group:
            button.set_label(_("List View"))
            self.group_load(self.filter)
        else:
            button.set_label(_("Group View"))
            self.load(self.filter)

        return True