1## usersPage.py - show selinux mappings
2## Copyright (C) 2006,2007,2008 Red Hat, Inc.
3
4## This program is free software; you can redistribute it and/or modify
5## it under the terms of the GNU General Public License as published by
6## the Free Software Foundation; either version 2 of the License, or
7## (at your option) any later version.
8
9## This program is distributed in the hope that it will be useful,
10## but WITHOUT ANY WARRANTY; without even the implied warranty of
11## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
12## GNU General Public License for more details.
13
14## You should have received a copy of the GNU General Public License
15## along with this program; if not, write to the Free Software
16## Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
17
18## Author: Dan Walsh
19import string
20import gtk
21import gtk.glade
22import os
23import gobject
24import sys
25import commands
26import seobject
27from semanagePage import *;
28
29##
30## I18N
31##
32PROGNAME="policycoreutils"
33import gettext
34gettext.bindtextdomain(PROGNAME, "/usr/share/locale")
35gettext.textdomain(PROGNAME)
36try:
37    gettext.install(PROGNAME, localedir="/usr/share/locale", unicode=1)
38except IOError:
39    import __builtin__
40    __builtin__.__dict__['_'] = unicode
41
42class usersPage(semanagePage):
43    def __init__(self, xml):
44        semanagePage.__init__(self, xml, "users", _("SELinux User"))
45
46        self.store = gtk.ListStore(gobject.TYPE_STRING, gobject.TYPE_STRING, gobject.TYPE_STRING, gobject.TYPE_STRING, gobject.TYPE_STRING)
47        self.view.set_model(self.store)
48        self.store.set_sort_column_id(0, gtk.SORT_ASCENDING)
49
50        col = gtk.TreeViewColumn(_("SELinux\nUser"), gtk.CellRendererText(), text = 0)
51        col.set_sort_column_id(0)
52        col.set_resizable(True)
53        self.view.append_column(col)
54
55        col = gtk.TreeViewColumn(_("MLS/\nMCS Range"), gtk.CellRendererText(), text = 1)
56        col.set_resizable(True)
57        self.view.append_column(col)
58
59        col = gtk.TreeViewColumn(_("SELinux Roles"), gtk.CellRendererText(), text = 2)
60        col.set_resizable(True)
61        self.view.append_column(col)
62
63        self.load()
64        self.selinuxUserEntry = xml.get_widget("selinuxUserEntry")
65        self.mlsRangeEntry = xml.get_widget("mlsRangeEntry")
66        self.selinuxRolesEntry = xml.get_widget("selinuxRolesEntry")
67
68    def load(self, filter = ""):
69        self.filter=filter
70        self.user = seobject.seluserRecords()
71        dict = self.user.get_all()
72        keys = dict.keys()
73        keys.sort()
74        self.store.clear()
75        for k in keys:
76            range = seobject.translate(dict[k][2])
77            if not (self.match(k, filter) or self.match(dict[k][0], filter) or self.match(range, filter) or self.match(dict[k][3], filter)):
78                continue
79
80            iter = self.store.append()
81            self.store.set_value(iter, 0, k)
82            self.store.set_value(iter, 1, range)
83            self.store.set_value(iter, 2, dict[k][3])
84        self.view.get_selection().select_path ((0,))
85
86    def delete(self):
87        if semanagePage.delete(self) == gtk.RESPONSE_NO:
88                return None
89
90    def dialogInit(self):
91        store, iter = self.view.get_selection().get_selected()
92        self.selinuxUserEntry.set_text(store.get_value(iter, 0))
93        self.selinuxUserEntry.set_sensitive(False)
94        self.mlsRangeEntry.set_text(store.get_value(iter, 1))
95        self.selinuxRolesEntry.set_text(store.get_value(iter, 2))
96
97    def dialogClear(self):
98        self.selinuxUserEntry.set_text("")
99        self.selinuxUserEntry.set_sensitive(True)
100        self.mlsRangeEntry.set_text("s0")
101        self.selinuxRolesEntry.set_text("")
102
103    def add(self):
104        user = self.selinuxUserEntry.get_text()
105        range = self.mlsRangeEntry.get_text()
106        roles = self.selinuxRolesEntry.get_text()
107
108        self.wait()
109        (rc, out) = commands.getstatusoutput("semanage user -a -R '%s' -r %s %s" %  (roles, range, user))
110        self.ready()
111        if rc != 0:
112            self.error(out)
113            return False
114        iter = self.store.append()
115        self.store.set_value(iter, 0, user)
116        self.store.set_value(iter, 1, range)
117        self.store.set_value(iter, 2, roles)
118
119    def modify(self):
120        user = self.selinuxUserEntry.get_text()
121        range = self.mlsRangeEntry.get_text()
122        roles = self.selinuxRolesEntry.get_text()
123
124        self.wait()
125        (rc, out) = commands.getstatusoutput("semanage user -m -R '%s' -r %s %s" %  (roles, range, user))
126        self.ready()
127
128        if rc != 0:
129            self.error(out)
130            return False
131        self.load(self.filter)
132
133    def delete(self):
134        store, iter = self.view.get_selection().get_selected()
135        try:
136            user=store.get_value(iter, 0)
137            if user == "root" or user == "user_u":
138                raise ValueError(_("SELinux user '%s' is required") % user)
139
140            self.wait()
141            (rc, out) = commands.getstatusoutput("semanage user -d %s" %  user)
142            self.ready()
143            if rc != 0:
144                self.error(out)
145                return False
146            store.remove(iter)
147            self.view.get_selection().select_path ((0,))
148        except ValueError, e:
149            self.error(e.args[0])
150