• Home
  • History
  • Annotate
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1#!/usr/bin/python -Es
2#
3# Copyright (C) 2013 Red Hat
4# see file 'COPYING' for use and warranty information
5#
6# selinux gui is a tool for the examining and modifying SELinux policy
7#
8#    This program is free software; you can redistribute it and/or
9#    modify it under the terms of the GNU General Public License as
10#    published by the Free Software Foundation; either version 2 of
11#    the License, or (at your option) any later version.
12#
13#    This program is distributed in the hope that it will be useful,
14#    but WITHOUT ANY WARRANTY; without even the implied warranty of
15#    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
16#    GNU General Public License for more details.
17#
18#    You should have received a copy of the GNU General Public License
19#    along with this program; if not, write to the Free Software
20#    Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
21#                                        02111-1307  USA
22#
23#    author: Ryan Hallisey rhallisey@redhat.com
24#    author: Dan Walsh dwalsh@redhat.com
25#    author: Miroslav Grepl mgrepl@redhat.com
26#
27#
28
29import gi
30gi.require_version('Gtk', '3.0')
31from gi.repository import Gtk
32from gi.repository import Gdk
33from gi.repository import GLib
34from sepolicy.sedbus import SELinuxDBus
35import sys
36import sepolicy
37import selinux
38from selinux import DISABLED, PERMISSIVE, ENFORCING
39import sepolicy.network
40import sepolicy.manpage
41import dbus
42import os
43import re
44import unicodedata
45
46PROGNAME = "policycoreutils"
47try:
48    import gettext
49    kwargs = {}
50    if sys.version_info < (3,):
51        kwargs['unicode'] = True
52    gettext.install(PROGNAME,
53                    localedir="/usr/share/locale",
54                    codeset='utf-8',
55                    **kwargs)
56except:
57    try:
58        import builtins
59        builtins.__dict__['_'] = str
60    except ImportError:
61        import __builtin__
62        __builtin__.__dict__['_'] = unicode
63
64reverse_file_type_str = {}
65for f in sepolicy.file_type_str:
66    reverse_file_type_str[sepolicy.file_type_str[f]] = f
67
68enabled = [_("No"), _("Yes")]
69action = [_("Disable"), _("Enable")]
70
71
72def compare(a, b):
73    return cmp(a.lower(), b.lower())
74
75import distutils.sysconfig
76ADVANCED_LABEL = (_("Advanced >>"), _("Advanced <<"))
77ADVANCED_SEARCH_LABEL = (_("Advanced Search >>"), _("Advanced Search <<"))
78OUTBOUND_PAGE = 0
79INBOUND_PAGE = 1
80
81TRANSITIONS_FROM_PAGE = 0
82TRANSITIONS_TO_PAGE = 1
83TRANSITIONS_FILE_PAGE = 2
84
85EXE_PAGE = 0
86WRITABLE_PAGE = 1
87APP_PAGE = 2
88
89BOOLEANS_PAGE = 0
90FILES_PAGE = 1
91NETWORK_PAGE = 2
92TRANSITIONS_PAGE = 3
93LOGIN_PAGE = 4
94USER_PAGE = 5
95LOCKDOWN_PAGE = 6
96SYSTEM_PAGE = 7
97FILE_EQUIV_PAGE = 8
98START_PAGE = 9
99
100keys = ["boolean", "fcontext", "fcontext-equiv", "port", "login", "user", "module", "node", "interface"]
101
102DISABLED_TEXT = _("""<small>
103To change from Disabled to Enforcing mode
104- Change the system mode from Disabled to Permissive
105- Reboot, so that the system can relabel
106- Once the system is working as planned
107  * Change the system mode to Enforcing</small>
108""")
109
110
111class SELinuxGui():
112
113    def __init__(self, app=None, test=False):
114        self.finish_init = False
115        self.advanced_init = True
116        self.opage = START_PAGE
117        self.dbus = SELinuxDBus()
118        try:
119            customized = self.dbus.customized()
120        except dbus.exceptions.DBusException as e:
121            print(e)
122            self.quit()
123
124        self.init_cur()
125        self.application = app
126        self.filter_txt = ""
127        builder = Gtk.Builder()  # BUILDER OBJ
128        self.code_path = distutils.sysconfig.get_python_lib(plat_specific=False) + "/sepolicy/"
129        glade_file = self.code_path + "sepolicy.glade"
130        builder.add_from_file(glade_file)
131        self.outer_notebook = builder.get_object("outer_notebook")
132        self.window = builder.get_object("SELinux_window")
133        self.main_selection_window = builder.get_object("Main_selection_menu")
134        self.main_advanced_label = builder.get_object("main_advanced_label")
135        self.popup = 0
136        self.applications_selection_button = builder.get_object("applications_selection_button")
137        self.revert_button = builder.get_object("Revert_button")
138        self.busy_cursor = Gdk.Cursor(Gdk.CursorType.WATCH)
139        self.ready_cursor = Gdk.Cursor(Gdk.CursorType.LEFT_PTR)
140        self.initialtype = selinux.selinux_getpolicytype()[1]
141        self.current_popup = None
142        self.import_export = None
143        self.clear_entry = True
144        self.files_add = False
145        self.network_add = False
146
147        self.all_domains = []
148        self.installed_list = []
149        self.previously_modified = {}
150
151        # file dialog
152        self.file_dialog = builder.get_object("add_path_dialog")
153        # Error check ***************************************
154        self.error_check_window = builder.get_object("error_check_window")
155        self.error_check_label = builder.get_object("error_check_label")
156        self.invalid_entry = False
157        # Advanced search window ****************************
158        self.advanced_search_window = builder.get_object("advanced_search_window")
159        self.advanced_search_filter = builder.get_object("advanced_filter")
160        self.advanced_search_filter.set_visible_func(self.filter_the_data)
161        self.advanced_search_sort = builder.get_object("advanced_sort")
162
163        self.advanced_filter_entry = builder.get_object("advanced_filter_entry")
164        self.advanced_search_treeview = builder.get_object("advanced_search_treeview")
165        self.advanced_search = False
166
167        # Login Items **************************************
168        self.login_label = builder.get_object("Login_label")
169        self.login_seuser_combobox = builder.get_object("login_seuser_combobox")
170        self.login_seuser_combolist = builder.get_object("login_seuser_liststore")
171        self.login_name_entry = builder.get_object("login_name_entry")
172        self.login_mls_label = builder.get_object("login_mls_label")
173        self.login_mls_entry = builder.get_object("login_mls_entry")
174        self.login_radio_button = builder.get_object("Login_button")
175        self.login_treeview = builder.get_object("login_treeview")
176        self.login_liststore = builder.get_object("login_liststore")
177        self.login_liststore.set_sort_column_id(0, Gtk.SortType.ASCENDING)
178        self.login_filter = builder.get_object("login_filter")
179        self.login_filter.set_visible_func(self.filter_the_data)
180        self.login_popup_window = builder.get_object("login_popup_window")
181        self.login_delete_liststore = builder.get_object("login_delete_liststore")
182        self.login_delete_window = builder.get_object("login_delete_window")
183
184        # Users Items **************************************
185        self.user_popup_window = builder.get_object("user_popup_window")
186        self.user_radio_button = builder.get_object("User_button")
187        self.user_liststore = builder.get_object("user_liststore")
188        self.user_liststore.set_sort_column_id(0, Gtk.SortType.ASCENDING)
189        self.user_filter = builder.get_object("user_filter")
190        self.user_filter.set_visible_func(self.filter_the_data)
191        self.user_treeview = builder.get_object("user_treeview")
192        self.user_roles_combobox = builder.get_object("user_roles_combobox")
193        self.user_roles_combolist = builder.get_object("user_roles_liststore")
194        self.user_label = builder.get_object("User_label")
195        self.user_name_entry = builder.get_object("user_name_entry")
196        self.user_mls_label = builder.get_object("user_mls_label")
197        self.user_mls_level_entry = builder.get_object("user_mls_level_entry")
198        self.user_mls_entry = builder.get_object("user_mls_entry")
199        self.user_combobox = builder.get_object("selinux_user_combobox")
200        self.user_delete_liststore = builder.get_object("user_delete_liststore")
201        self.user_delete_window = builder.get_object("user_delete_window")
202
203        # File Equiv Items **************************************
204        self.file_equiv_label = builder.get_object("file_equiv_label")
205        self.file_equiv_source_entry = builder.get_object("file_equiv_source_entry")
206        self.file_equiv_dest_entry = builder.get_object("file_equiv_dest_entry")
207        self.file_equiv_radio_button = builder.get_object("file_equiv_button")
208        self.file_equiv_treeview = builder.get_object("file_equiv_treeview")
209        self.file_equiv_liststore = builder.get_object("file_equiv_liststore")
210        self.file_equiv_liststore.set_sort_column_id(0, Gtk.SortType.ASCENDING)
211        self.file_equiv_popup_window = builder.get_object("file_equiv_popup_window")
212        self.file_equiv_treefilter = builder.get_object("file_equiv_filter")
213        self.file_equiv_treefilter.set_visible_func(self.filter_the_data)
214        self.file_equiv_delete_liststore = builder.get_object("file_equiv_delete_liststore")
215        self.file_equiv_delete_window = builder.get_object("file_equiv_delete_window")
216
217        # System Items **************************************
218        self.app_system_button = builder.get_object("app_system_button")
219        self.system_radio_button = builder.get_object("System_button")
220        self.lockdown_radio_button = builder.get_object("Lockdown_button")
221        self.systems_box = builder.get_object("Systems_box")
222        self.relabel_button = builder.get_object("Relabel_button")
223        self.relabel_button_no = builder.get_object("Relabel_button_no")
224        self.advanced_system = builder.get_object("advanced_system")
225        self.outer_notebook_frame = builder.get_object("outer_notebook_frame")
226        self.system_policy_label = builder.get_object("system_policy_type_label")
227        # Browse Items **************************************
228        self.select_button_browse = builder.get_object("select_button_browse")
229        self.cancel_button_browse = builder.get_object("cancel_button_browse")
230        # More types window items ***************************
231        self.moreTypes_window_files = builder.get_object("moreTypes_window_files")
232        self.more_types_files_liststore = builder.get_object("more_types_file_liststore")
233        self.moreTypes_treeview = builder.get_object("moreTypes_treeview_files")
234        # System policy type ********************************
235        self.system_policy_type_liststore = builder.get_object("system_policy_type_liststore")
236        self.system_policy_type_combobox = builder.get_object("system_policy_type_combobox")
237        self.policy_list = []
238        if self.populate_system_policy() < 2:
239            self.advanced_system.set_visible(False)
240            self.system_policy_label.set_visible(False)
241            self.system_policy_type_combobox.set_visible(False)
242
243        self.enforcing_button_default = builder.get_object("Enforcing_button_default")
244        self.permissive_button_default = builder.get_object("Permissive_button_default")
245        self.disabled_button_default = builder.get_object("Disabled_button_default")
246        self.initialize_system_default_mode()
247
248        # Lockdown Window *********************************
249        self.enable_unconfined_button = builder.get_object("enable_unconfined")
250        self.disable_unconfined_button = builder.get_object("disable_unconfined")
251        self.enable_permissive_button = builder.get_object("enable_permissive")
252        self.disable_permissive_button = builder.get_object("disable_permissive")
253        self.enable_ptrace_button = builder.get_object("enable_ptrace")
254        self.disable_ptrace_button = builder.get_object("disable_ptrace")
255
256        # Help Window *********************************
257        self.help_window = builder.get_object("help_window")
258        self.help_text = builder.get_object("help_textv")
259        self.info_text = builder.get_object("info_text")
260        self.help_image = builder.get_object("help_image")
261        self.forward_button = builder.get_object("forward_button")
262        self.back_button = builder.get_object("back_button")
263        # Update menu items *********************************
264        self.update_window = builder.get_object("update_window")
265        self.update_treeview = builder.get_object("update_treeview")
266        self.update_treestore = builder.get_object("Update_treestore")
267        self.apply_button = builder.get_object("apply_button")
268        self.update_button = builder.get_object("Update_button")
269        # Add button objects ********************************
270        self.add_button = builder.get_object("Add_button")
271        self.delete_button = builder.get_object("Delete_button")
272
273        self.files_path_entry = builder.get_object("files_path_entry")
274        self.network_ports_entry = builder.get_object("network_ports_entry")
275        self.files_popup_window = builder.get_object("files_popup_window")
276        self.network_popup_window = builder.get_object("network_popup_window")
277
278        self.popup_network_label = builder.get_object("Network_label")
279        self.popup_files_label = builder.get_object("files_label")
280
281        self.recursive_path_toggle = builder.get_object("make_path_recursive")
282        self.files_type_combolist = builder.get_object("files_type_combo_store")
283        self.files_class_combolist = builder.get_object("files_class_combo_store")
284        self.files_type_combobox = builder.get_object("files_type_combobox")
285        self.files_class_combobox = builder.get_object("files_class_combobox")
286        self.files_mls_label = builder.get_object("files_mls_label")
287        self.files_mls_entry = builder.get_object("files_mls_entry")
288        self.advanced_text_files = builder.get_object("Advanced_text_files")
289        self.files_cancel_button = builder.get_object("cancel_delete_files")
290
291        self.network_tcp_button = builder.get_object("tcp_button")
292        self.network_udp_button = builder.get_object("udp_button")
293        self.network_port_type_combolist = builder.get_object("network_type_combo_store")
294        self.network_port_type_combobox = builder.get_object("network_type_combobox")
295        self.network_mls_label = builder.get_object("network_mls_label")
296        self.network_mls_entry = builder.get_object("network_mls_entry")
297        self.advanced_text_network = builder.get_object("Advanced_text_network")
298        self.network_cancel_button = builder.get_object("cancel_network_delete")
299
300        # Add button objects ********************************
301
302        # Modify items **************************************
303        self.show_mislabeled_files_only = builder.get_object("Show_mislabeled_files")
304        self.mislabeled_files_label = builder.get_object("mislabeled_files_label")
305        self.warning_files = builder.get_object("warning_files")
306        self.modify_button = builder.get_object("Modify_button")
307        self.modify_button.set_sensitive(False)
308        # Modify items **************************************
309
310        # Fix label *****************************************
311        self.fix_label_window = builder.get_object("fix_label_window")
312        self.fixlabel_label = builder.get_object("fixlabel_label")
313        self.fix_label_cancel = builder.get_object("fix_label_cancel")
314        # Fix label *****************************************
315
316        # Delete items **************************************
317        self.files_delete_window = builder.get_object("files_delete_window")
318        self.files_delete_treeview = builder.get_object("files_delete_treeview")
319        self.files_delete_liststore = builder.get_object("files_delete_liststore")
320        self.network_delete_window = builder.get_object("network_delete_window")
321        self.network_delete_treeview = builder.get_object("network_delete_treeview")
322        self.network_delete_liststore = builder.get_object("network_delete_liststore")
323        # Delete items **************************************
324
325        # Progress bar **************************************
326        self.progress_bar = builder.get_object("progress_bar")
327        # Progress bar **************************************
328
329        # executable_files items ****************************
330        self.executable_files_treeview = builder.get_object("Executable_files_treeview")                  # Get the executable files tree view
331        self.executable_files_filter = builder.get_object("executable_files_filter")
332        self.executable_files_filter.set_visible_func(self.filter_the_data)
333        self.executable_files_tab = builder.get_object("Executable_files_tab")
334        self.executable_files_tab_tooltip_txt = self.executable_files_tab.get_tooltip_text()
335        self.executable_files_liststore = builder.get_object("executable_files_treestore")
336        self.executable_files_liststore.set_sort_column_id(0, Gtk.SortType.ASCENDING)
337
338        self.files_radio_button = builder.get_object("files_button")
339        self.files_button_tooltip_txt = self.files_radio_button.get_tooltip_text()
340        # executable_files items ****************************
341
342        # writable files items ******************************
343        self.writable_files_treeview = builder.get_object("Writable_files_treeview")           # Get the Writable files tree view
344        self.writable_files_liststore = builder.get_object("writable_files_treestore")         # Contains the tree with File Path, SELinux File Label, Class
345        self.writable_files_liststore.set_sort_column_id(0, Gtk.SortType.ASCENDING)
346        self.writable_files_filter = builder.get_object("writable_files_filter")
347        self.writable_files_filter.set_visible_func(self.filter_the_data)
348        self.writable_files_tab = builder.get_object("Writable_files_tab")
349        self.writable_files_tab_tooltip_txt = self.writable_files_tab.get_tooltip_text()
350        # writable files items ******************************
351
352        # Application File Types ****************************
353        self.application_files_treeview = builder.get_object("Application_files_treeview")                    # Get the Application files tree view
354        self.application_files_filter = builder.get_object("application_files_filter")         # Contains the tree with File Path, Description, Class
355        self.application_files_filter.set_visible_func(self.filter_the_data)
356        self.application_files_tab = builder.get_object("Application_files_tab")
357        self.application_files_tab_tooltip_txt = self.writable_files_tab.get_tooltip_text()
358        self.application_files_liststore = builder.get_object("application_files_treestore")
359        self.application_files_liststore.set_sort_column_id(0, Gtk.SortType.ASCENDING)
360        self.application_files_tab = builder.get_object("Application_files_tab")
361        self.application_files_tab_tooltip_txt = self.application_files_tab.get_tooltip_text()
362        # Application File Type *****************************
363
364        # network items *************************************
365        self.network_radio_button = builder.get_object("network_button")
366        self.network_button_tooltip_txt = self.network_radio_button.get_tooltip_text()
367
368        self.network_out_treeview = builder.get_object("outbound_treeview")
369        self.network_out_liststore = builder.get_object("network_out_liststore")
370        self.network_out_liststore.set_sort_column_id(0, Gtk.SortType.ASCENDING)
371        self.network_out_filter = builder.get_object("network_out_filter")
372        self.network_out_filter.set_visible_func(self.filter_the_data)
373        self.network_out_tab = builder.get_object("network_out_tab")
374        self.network_out_tab_tooltip_txt = self.network_out_tab.get_tooltip_text()
375
376        self.network_in_treeview = builder.get_object("inbound_treeview")
377        self.network_in_liststore = builder.get_object("network_in_liststore")
378        self.network_in_liststore.set_sort_column_id(0, Gtk.SortType.ASCENDING)
379        self.network_in_filter = builder.get_object("network_in_filter")
380        self.network_in_filter.set_visible_func(self.filter_the_data)
381        self.network_in_tab = builder.get_object("network_in_tab")
382        self.network_in_tab_tooltip_txt = self.network_in_tab.get_tooltip_text()
383        # network items *************************************
384
385        # boolean items ************************************
386        self.boolean_treeview = builder.get_object("Boolean_treeview")         # Get the booleans tree list
387        self.boolean_liststore = builder.get_object("boolean_liststore")
388        self.boolean_liststore.set_sort_column_id(2, Gtk.SortType.ASCENDING)
389        self.boolean_filter = builder.get_object("boolean_filter")
390        self.boolean_filter.set_visible_func(self.filter_the_data)
391
392        self.boolean_more_detail_window = builder.get_object("booleans_more_detail_window")
393        self.boolean_more_detail_treeview = builder.get_object("booleans_more_detail_treeview")
394        self.boolean_more_detail_tree_data_set = builder.get_object("booleans_more_detail_liststore")
395        self.boolean_radio_button = builder.get_object("Booleans_button")
396        self.active_button = self.boolean_radio_button
397        self.boolean_button_tooltip_txt = self.boolean_radio_button.get_tooltip_text()
398        # boolean items ************************************
399
400        # transitions items ************************************
401        self.transitions_into_treeview = builder.get_object("transitions_into_treeview")         # Get the transitions tree list Enabled, source, Executable File
402        self.transitions_into_liststore = builder.get_object("transitions_into_liststore")   # Contains the tree with
403        self.transitions_into_liststore.set_sort_column_id(1, Gtk.SortType.ASCENDING)
404        self.transitions_into_filter = builder.get_object("transitions_into_filter")
405        self.transitions_into_filter.set_visible_func(self.filter_the_data)
406        self.transitions_into_tab = builder.get_object("Transitions_into_tab")
407        self.transitions_into_tab_tooltip_txt = self.transitions_into_tab.get_tooltip_text()
408
409        self.transitions_radio_button = builder.get_object("Transitions_button")
410        self.transitions_button_tooltip_txt = self.transitions_radio_button.get_tooltip_text()
411
412        self.transitions_from_treeview = builder.get_object("transitions_from_treeview")         # Get the transitions tree list
413        self.transitions_from_treestore = builder.get_object("transitions_from_treestore")       # Contains the tree with Enabled, Executable File Type, Transtype
414        self.transitions_from_treestore.set_sort_column_id(2, Gtk.SortType.ASCENDING)
415        self.transitions_from_filter = builder.get_object("transitions_from_filter")
416        self.transitions_from_filter.set_visible_func(self.filter_the_data)
417        self.transitions_from_tab = builder.get_object("Transitions_from_tab")
418        self.transitions_from_tab_tooltip_txt = self.transitions_from_tab.get_tooltip_text()
419
420        self.transitions_file_treeview = builder.get_object("file_transitions_treeview")         # Get the transitions tree list
421        self.transitions_file_liststore = builder.get_object("file_transitions_liststore")       # Contains the tree with Enabled, Executable File Type, Transtype
422        self.transitions_file_liststore.set_sort_column_id(0, Gtk.SortType.ASCENDING)
423        self.transitions_file_filter = builder.get_object("file_transitions_filter")
424        self.transitions_file_filter.set_visible_func(self.filter_the_data)
425        self.transitions_file_tab = builder.get_object("file_transitions")
426        self.transitions_file_tab_tooltip_txt = self.transitions_from_tab.get_tooltip_text()
427        # transitions items ************************************
428
429        # Combobox and Entry items **************************
430        self.combobox_menu = builder.get_object("combobox_org")                    # This is the combobox box object, aka the arrow next to the entry text bar
431        self.application_liststore = builder.get_object("application_liststore")
432        self.completion_entry = builder.get_object("completion_entry")  # self.combobox_menu.get_child()
433        self.entrycompletion_obj = builder.get_object("entrycompletion_obj")
434        #self.entrycompletion_obj = Gtk.EntryCompletion()
435        self.entrycompletion_obj.set_minimum_key_length(0)
436        self.entrycompletion_obj.set_text_column(0)
437        self.entrycompletion_obj.set_match_func(self.match_func, None)
438        self.completion_entry.set_completion(self.entrycompletion_obj)
439        self.completion_entry.set_icon_from_stock(0, Gtk.STOCK_FIND)
440        # Combobox and Entry items **************************
441
442        # Modify buttons ************************************
443        self.show_modified_only = builder.get_object("Show_modified_only_toggle")
444        # Modify button *************************************
445
446        # status bar *****************************************
447        self.current_status_label = builder.get_object("Enforcing_label")
448        self.current_status_enforcing = builder.get_object("Enforcing_button")
449        self.current_status_permissive = builder.get_object("Permissive_button")
450        self.status_bar = builder.get_object("status_bar")
451        self.context_id = self.status_bar.get_context_id("SELinux status")
452
453        # filters *********************************************
454        self.filter_entry = builder.get_object("filter_entry")
455        self.filter_box = builder.get_object("filter_box")
456        self.add_modify_delete_box = builder.get_object("add_modify_delete_box")
457        # Get_model() sets the tree model filter to be the parent of the tree model (tree model has all the data in it)
458
459        # Toggle button ****************************************
460        self.cell = builder.get_object("activate")
461        self.del_cell_files = builder.get_object("files_toggle_delete")
462        self.del_cell_files.connect("toggled", self.on_toggle_update, self.files_delete_liststore)
463        self.del_cell_files_equiv = builder.get_object("file_equiv_toggle_delete1")
464        self.del_cell_files_equiv.connect("toggled", self.on_toggle_update, self.file_equiv_delete_liststore)
465        self.del_cell_user = builder.get_object("user_toggle_delete")
466        self.del_cell_user.connect("toggled", self.on_toggle_update, self.user_delete_liststore)
467        self.del_cell_login = builder.get_object("login_toggle_delete")
468        self.del_cell_login.connect("toggled", self.on_toggle_update, self.login_delete_liststore)
469        self.del_cell_network = builder.get_object("network_toggle_delete")
470        self.del_cell_network.connect("toggled", self.on_toggle_update, self.network_delete_liststore)
471        self.update_cell = builder.get_object("toggle_update")
472        # Notebook items ***************************************
473        self.outer_notebook = builder.get_object("outer_notebook")
474        self.inner_notebook_files = builder.get_object("files_inner_notebook")
475        self.inner_notebook_network = builder.get_object("network_inner_notebook")
476        self.inner_notebook_transitions = builder.get_object("transitions_inner_notebook")
477        # logind gui ***************************************
478        loading_gui = builder.get_object("loading_gui")
479
480        self.update_cell.connect("toggled", self.on_toggle_update, self.update_treestore)
481        self.all_entries = []
482
483        # Need to connect button on code because the tree view model is a treeviewsort
484        self.cell.connect("toggled", self.on_toggle, self.boolean_liststore)
485
486        self.loading = 1
487        path = None
488        if test:
489            self.all_domains = ["httpd_t", "abrt_t"]
490            if app and app not in self.all_domains:
491                self.all_domains.append(app)
492        else:
493            self.all_domains = sepolicy.get_all_domains()
494        self.all_domains.sort(key=str.lower)
495
496        if app and app not in self.all_domains:
497            self.error(_("%s is not a valid domain" % app))
498            self.quit()
499
500        loading_gui.show()
501        length = len(self.all_domains)
502
503        entrypoint_dict = sepolicy.get_init_entrypoints_str()
504        for domain in self.all_domains:
505            # After the user selects a path in the drop down menu call
506            # get_init_entrypoint_target(entrypoint) to get the transtype
507            # which will give you the application
508            self.combo_box_add(domain, domain)
509            self.percentage = float(float(self.loading) / float(length))
510            self.progress_bar.set_fraction(self.percentage)
511            self.progress_bar.set_pulse_step(self.percentage)
512            self.idle_func()
513
514            for entrypoint in entrypoint_dict.get(domain, []):
515                path = sepolicy.find_entrypoint_path(entrypoint)
516                if path:
517                    self.combo_box_add(path, domain)
518                    self.installed_list.append(path)
519
520            self.loading += 1
521        loading_gui.hide()
522        self.entrycompletion_obj.set_model(self.application_liststore)
523        self.advanced_search_treeview.set_model(self.advanced_search_sort)
524
525        dic = {
526            "on_combo_button_clicked": self.open_combo_menu,
527            "on_disable_ptrace_toggled": self.on_disable_ptrace,
528            "on_SELinux_window_configure_event": self.hide_combo_menu,
529            "on_entrycompletion_obj_match_selected": self.set_application_label,
530            "on_filter_changed": self.get_filter_data,
531            "on_save_changes_file_equiv_clicked": self.update_to_file_equiv,
532            "on_save_changes_login_clicked": self.update_to_login,
533            "on_save_changes_user_clicked": self.update_to_user,
534            "on_save_changes_files_clicked": self.update_to_files,
535            "on_save_changes_network_clicked": self.update_to_network,
536            "on_Advanced_text_files_button_press_event": self.reveal_advanced,
537            "item_in_tree_selected": self.cursor_changed,
538            "on_Application_file_types_treeview_configure_event": self.resize_wrap,
539            "on_save_delete_clicked": self.on_save_delete_clicked,
540            "on_moreTypes_treeview_files_row_activated": self.populate_type_combo,
541            "on_retry_button_files_clicked": self.invalid_entry_retry,
542            "on_make_path_recursive_toggled": self.recursive_path,
543            "on_files_path_entry_button_press_event": self.highlight_entry_text,
544            "on_files_path_entry_changed": self.autofill_add_files_entry,
545            "on_select_type_files_clicked": self.select_type_more,
546            "on_choose_file": self.on_browse_select,
547            "on_Enforcing_button_toggled": self.set_enforce,
548            "on_confirmation_close": self.confirmation_close,
549            "on_column_clicked": self.column_clicked,
550            "on_tab_switch": self.clear_filters,
551
552            "on_file_equiv_button_clicked": self.show_file_equiv_page,
553            "on_app/system_button_clicked": self.system_interface,
554            "on_app/users_button_clicked": self.users_interface,
555            "on_show_advanced_search_window": self.on_show_advanced_search_window,
556
557            "on_Show_mislabeled_files_toggled": self.show_mislabeled_files,
558            "on_Browse_button_files_clicked": self.browse_for_files,
559            "on_cancel_popup_clicked": self.close_popup,
560            "on_treeview_cursor_changed": self.cursor_changed,
561            "on_login_seuser_combobox_changed": self.login_seuser_combobox_change,
562            "on_user_roles_combobox_changed": self.user_roles_combobox_change,
563
564            "on_cancel_button_browse_clicked": self.close_config_window,
565            "on_apply_button_clicked": self.apply_changes_button_press,
566            "on_Revert_button_clicked": self.update_or_revert_changes,
567            "on_Update_button_clicked": self.update_or_revert_changes,
568            "on_advanced_filter_entry_changed": self.get_advanced_filter_data,
569            "on_advanced_search_treeview_row_activated": self.advanced_item_selected,
570            "on_Select_advanced_search_clicked": self.advanced_item_button_push,
571            "on_info_button_button_press_event": self.on_help_button,
572            "on_back_button_clicked": self.on_help_back_clicked,
573            "on_forward_button_clicked": self.on_help_forward_clicked,
574            "on_Boolean_treeview_columns_changed": self.resize_columns,
575            "on_completion_entry_changed": self.application_selected,
576            "on_Add_button_clicked": self.add_button_clicked,
577            "on_Delete_button_clicked": self.delete_button_clicked,
578            "on_Modify_button_clicked": self.modify_button_clicked,
579            "on_Show_modified_only_toggled": self.on_show_modified_only,
580            "on_cancel_button_config_clicked": self.close_config_window,
581            "on_Import_button_clicked": self.import_config_show,
582            "on_Export_button_clicked": self.export_config_show,
583            "on_enable_unconfined_toggled": self.unconfined_toggle,
584            "on_enable_permissive_toggled": self.permissive_toggle,
585            "on_system_policy_type_combobox_changed": self.change_default_policy,
586            "on_Enforcing_button_default_toggled": self.change_default_mode,
587            "on_Permissive_button_default_toggled": self.change_default_mode,
588            "on_Disabled_button_default_toggled": self.change_default_mode,
589
590            "on_Relabel_button_toggled_cb": self.relabel_on_reboot,
591            "on_advanced_system_button_press_event": self.reveal_advanced_system,
592            "on_files_type_combobox_changed": self.show_more_types,
593            "on_filter_row_changed": self.filter_the_data,
594            "on_button_toggled": self.tab_change,
595            "gtk_main_quit": self.closewindow
596        }
597
598        self.previously_modified_initialize(customized)
599        builder.connect_signals(dic)
600        self.window.show()                # Show the gui to the screen
601        GLib.timeout_add_seconds(5, self.selinux_status)
602        self.selinux_status()
603        self.lockdown_inited = False
604        self.add_modify_delete_box.hide()
605        self.filter_box.hide()
606        if self.status == DISABLED:
607            self.show_system_page()
608        else:
609            if self.application:
610                self.applications_selection_button.set_label(self.application)
611                self.completion_entry.set_text(self.application)
612                self.show_applications_page()
613                self.tab_change()
614            else:
615                self.clearbuttons()
616                self.outer_notebook.set_current_page(START_PAGE)
617
618        self.reinit()
619        self.finish_init = True
620        Gtk.main()
621
622    def init_cur(self):
623        self.cur_dict = {}
624        for k in keys:
625            self.cur_dict[k] = {}
626
627    def remove_cur(self, ctr):
628        i = 0
629        for k in self.cur_dict:
630            for j in self.cur_dict[k]:
631                if i == ctr:
632                    del(self.cur_dict[k][j])
633                    return
634                i += 1
635
636    def selinux_status(self):
637        try:
638            self.status = selinux.security_getenforce()
639        except OSError:
640            self.status = DISABLED
641        if self.status == DISABLED:
642            self.current_status_label.set_sensitive(False)
643            self.current_status_enforcing.set_sensitive(False)
644            self.current_status_permissive.set_sensitive(False)
645            self.enforcing_button_default.set_sensitive(False)
646            self.status_bar.push(self.context_id, _("System Status: Disabled"))
647            self.info_text.set_label(DISABLED_TEXT)
648        else:
649            self.set_enforce_text(self.status)
650        if os.path.exists('/.autorelabel'):
651            self.relabel_button.set_active(True)
652        else:
653            self.relabel_button_no.set_active(True)
654
655        policytype = selinux.selinux_getpolicytype()[1]
656
657        mode = selinux.selinux_getenforcemode()[1]
658        if mode == ENFORCING:
659            self.enforcing_button_default.set_active(True)
660        if mode == PERMISSIVE:
661            self.permissive_button_default.set_active(True)
662        if mode == DISABLED:
663            self.disabled_button_default.set_active(True)
664
665        return True
666
667    def lockdown_init(self):
668        if self.lockdown_inited:
669            return
670        self.wait_mouse()
671        self.lockdown_inited = True
672        self.disable_ptrace_button.set_active(selinux.security_get_boolean_active("deny_ptrace"))
673        self.module_dict = {}
674        for m in self.dbus.semodule_list().split("\n"):
675            mod = m.split()
676            if len(mod) < 2:
677                continue
678            self.module_dict[mod[0]] = {"version": mod[1], "Disabled": (len(mod) > 2)}
679
680        self.enable_unconfined_button.set_active(not self.module_dict["unconfined"]["Disabled"])
681        self.enable_permissive_button.set_active(not self.module_dict["permissivedomains"]["Disabled"])
682        self.ready_mouse()
683
684    def column_clicked(self, treeview, treepath, treecol, *args):
685        iter = self.get_selected_iter()
686        if not iter:
687            return
688
689        if self.opage == BOOLEANS_PAGE:
690            if treecol.get_name() == "more_detail_col":
691                self.display_more_detail(self.window, treepath)
692
693        if self.opage == FILES_PAGE:
694            visible = self.liststore.get_value(iter, 3)
695            # If visible is true then fix mislabeled will be visible
696            if treecol.get_name() == "restorecon_col" and visible:
697                self.fix_mislabeled(self.liststore.get_value(iter, 0))
698
699        if self.opage == TRANSITIONS_PAGE:
700            bool_name = self.liststore.get_value(iter, 1)
701            if bool_name:
702                self.boolean_radio_button.clicked()
703                self.filter_entry.set_text(bool_name)
704
705    def idle_func(self):
706        while Gtk.events_pending():
707            Gtk.main_iteration()
708
709    def match_func(self, completion, key_string, iter, func_data):
710        try:
711            if self.application_liststore.get_value(iter, 0).find(key_string) != -1:
712                return True
713            return False
714        except AttributeError:
715            pass
716
717    def help_show_page(self):
718        self.back_button.set_sensitive(self.help_page != 0)
719        self.forward_button.set_sensitive(self.help_page < (len(self.help_list) - 1))
720        try:
721            fd = open("%shelp/%s.txt" % (self.code_path, self.help_list[self.help_page]), "r")
722            buf = fd.read()
723            fd.close()
724        except IOError:
725            buf = ""
726        help_text = self.help_text.get_buffer()
727        help_text.set_text(buf % {"APP": self.application})
728        self.help_text.set_buffer(help_text)
729        self.help_image.set_from_file("%shelp/%s.png" % (self.code_path, self.help_list[self.help_page]))
730        self.show_popup(self.help_window)
731
732    def on_help_back_clicked(self, *args):
733        self.help_page -= 1
734        self.help_show_page()
735
736    def on_help_forward_clicked(self, *args):
737        self.help_page += 1
738        self.help_show_page()
739
740    def on_help_button(self, *args):
741        self.help_page = 0
742        self.help_list = []
743        if self.opage == START_PAGE:
744            self.help_window.set_title(_("Help: Start Page"))
745            self.help_list = ["start"]
746
747        if self.opage == BOOLEANS_PAGE:
748            self.help_window.set_title(_("Help: Booleans Page"))
749            self.help_list = ["booleans", "booleans_toggled", "booleans_more", "booleans_more_show"]
750
751        if self.opage == FILES_PAGE:
752            ipage = self.inner_notebook_files.get_current_page()
753            if ipage == EXE_PAGE:
754                self.help_window.set_title(_("Help: Executable Files Page"))
755                self.help_list = ["files_exec"]
756            if ipage == WRITABLE_PAGE:
757                self.help_window.set_title(_("Help: Writable Files Page"))
758                self.help_list = ["files_write"]
759            if ipage == APP_PAGE:
760                self.help_window.set_title(_("Help: Application Types Page"))
761                self.help_list = ["files_app"]
762        if self.opage == NETWORK_PAGE:
763            ipage = self.inner_notebook_network.get_current_page()
764            if ipage == OUTBOUND_PAGE:
765                self.help_window.set_title(_("Help: Outbound Network Connections Page"))
766                self.help_list = ["ports_outbound"]
767            if ipage == INBOUND_PAGE:
768                self.help_window.set_title(_("Help: Inbound Network Connections Page"))
769                self.help_list = ["ports_inbound"]
770
771        if self.opage == TRANSITIONS_PAGE:
772            ipage = self.inner_notebook_transitions.get_current_page()
773            if ipage == TRANSITIONS_FROM_PAGE:
774                self.help_window.set_title(_("Help: Transition from application Page"))
775                self.help_list = ["transition_from", "transition_from_boolean", "transition_from_boolean_1", "transition_from_boolean_2"]
776            if ipage == TRANSITIONS_TO_PAGE:
777                self.help_window.set_title(_("Help: Transition into application Page"))
778                self.help_list = ["transition_to"]
779            if ipage == TRANSITIONS_FILE_PAGE:
780                self.help_window.set_title(_("Help: Transition application file Page"))
781                self.help_list = ["transition_file"]
782
783        if self.opage == SYSTEM_PAGE:
784            self.help_window.set_title(_("Help: Systems Page"))
785            self.help_list = ["system", "system_boot_mode", "system_current_mode", "system_export", "system_policy_type", "system_relabel"]
786
787        if self.opage == LOCKDOWN_PAGE:
788            self.help_window.set_title(_("Help: Lockdown Page"))
789            self.help_list = ["lockdown", "lockdown_unconfined", "lockdown_permissive", "lockdown_ptrace"]
790
791        if self.opage == LOGIN_PAGE:
792            self.help_window.set_title(_("Help: Login Page"))
793            self.help_list = ["login", "login_default"]
794
795        if self.opage == USER_PAGE:
796            self.help_window.set_title(_("Help: SELinux User Page"))
797            self.help_list = ["users"]
798
799        if self.opage == FILE_EQUIV_PAGE:
800            self.help_window.set_title(_("Help: File Equivalence Page"))
801            self.help_list = ["file_equiv"]
802        return self.help_show_page()
803
804    def open_combo_menu(self, *args):
805        if self.popup == 0:
806            self.popup = 1
807            location = self.window.get_position()
808            self.main_selection_window.move(location[0] + 2, location[1] + 65)
809            self.main_selection_window.show()
810        else:
811            self.main_selection_window.hide()
812            self.popup = 0
813
814    def hide_combo_menu(self, *args):
815        self.main_selection_window.hide()
816        self.popup = 0
817
818    def set_application_label(self, *args):
819        self.set_application_label = True
820
821    def resize_wrap(self, *args):
822        print(args)
823
824    def initialize_system_default_mode(self):
825        self.enforce_mode = selinux.selinux_getenforcemode()[1]
826        if self.enforce_mode == ENFORCING:
827            self.enforce_button = self.enforcing_button_default
828        if self.enforce_mode == PERMISSIVE:
829            self.enforce_button = self.permissive_button_default
830        if self.enforce_mode == DISABLED:
831            self.enforce_button = self.disabled_button_default
832
833    def populate_system_policy(self):
834        selinux_path = selinux.selinux_path()
835        types = map(lambda x: x[1], filter(lambda x: x[0] == selinux_path, os.walk(selinux_path)))[0]
836        types.sort()
837        ctr = 0
838        for item in types:
839            iter = self.system_policy_type_liststore.append()
840            self.system_policy_type_liststore.set_value(iter, 0, item)
841            if item == self.initialtype:
842                self.system_policy_type_combobox.set_active(ctr)
843                self.typeHistory = ctr
844            ctr += 1
845        return ctr
846
847    def filter_the_data(self, list, iter, *args):
848        # When there is no txt in the box show all items in the tree
849        if self.filter_txt == "":
850            return True
851        try:
852            for x in range(0, list.get_n_columns()):
853                try:
854                    val = list.get_value(iter, x)
855                    if val is True or val is False or val is None:
856                        continue
857                    # Returns true if filter_txt exists within the val
858                    if(val.find(self.filter_txt) != -1 or val.lower().find(self.filter_txt) != -1):
859                        return True
860                except (AttributeError, TypeError):
861                    pass
862        except:  # ValueError:
863            pass
864        return False
865
866    def net_update(self, app, netd, protocol, direction, model):
867        for k in netd.keys():
868            for t, ports in netd[k]:
869                pkey = (",".join(ports), protocol)
870                if pkey in self.cur_dict["port"]:
871                    if self.cur_dict["port"][pkey]["action"] == "-d":
872                        continue
873                    if t != self.cur_dict["port"][pkey]["type"]:
874                        continue
875                self.network_initial_data_insert(model, ", ".join(ports), t, protocol)
876
877    def file_equiv_initialize(self):
878        self.wait_mouse()
879        edict = sepolicy.get_file_equiv()
880        self.file_equiv_liststore.clear()
881        for f in edict:
882            iter = self.file_equiv_liststore.append()
883            if edict[f]["modify"]:
884                name = self.markup(f)
885                equiv = self.markup(edict[f]["equiv"])
886            else:
887                name = f
888                equiv = edict[f]["equiv"]
889
890            self.file_equiv_liststore.set_value(iter, 0, name)
891            self.file_equiv_liststore.set_value(iter, 1, equiv)
892            self.file_equiv_liststore.set_value(iter, 2, edict[f]["modify"])
893        self.ready_mouse()
894
895    def user_initialize(self):
896        self.wait_mouse()
897        self.user_liststore.clear()
898        for u in sepolicy.get_selinux_users():
899            iter = self.user_liststore.append()
900            self.user_liststore.set_value(iter, 0, str(u["name"]))
901            roles = u["roles"]
902            if "object_r" in roles:
903                roles.remove("object_r")
904            self.user_liststore.set_value(iter, 1, ", ".join(roles))
905            self.user_liststore.set_value(iter, 2, u["level"])
906            self.user_liststore.set_value(iter, 3, u["range"])
907            self.user_liststore.set_value(iter, 4, True)
908        self.ready_mouse()
909
910    def login_initialize(self):
911        self.wait_mouse()
912        self.login_liststore.clear()
913        for u in sepolicy.get_login_mappings():
914            iter = self.login_liststore.append()
915            self.login_liststore.set_value(iter, 0, u["name"])
916            self.login_liststore.set_value(iter, 1, u["seuser"])
917            self.login_liststore.set_value(iter, 2, u["mls"])
918            self.login_liststore.set_value(iter, 3, True)
919        self.ready_mouse()
920
921    def network_initialize(self, app):
922        netd = sepolicy.network.get_network_connect(app, "tcp", "name_connect", check_bools=True)
923        self.net_update(app, netd, "tcp", OUTBOUND_PAGE, self.network_out_liststore)
924        netd = sepolicy.network.get_network_connect(app, "tcp", "name_bind", check_bools=True)
925        self.net_update(app, netd, "tcp", INBOUND_PAGE, self.network_in_liststore)
926        netd = sepolicy.network.get_network_connect(app, "udp", "name_bind", check_bools=True)
927        self.net_update(app, netd, "udp", INBOUND_PAGE, self.network_in_liststore)
928
929    def network_initial_data_insert(self, model, ports, portType, protocol):
930        iter = model.append()
931        model.set_value(iter, 0, ports)
932        model.set_value(iter, 1, protocol)
933        model.set_value(iter, 2, portType)
934        model.set_value(iter, 4, True)
935
936    def combo_set_active_text(self, combobox, val):
937        ctr = 0
938        liststore = combobox.get_model()
939        for i in liststore:
940            if i[0] == val:
941                combobox.set_active(ctr)
942                return
943            ctr += 1
944
945        niter = liststore.get_iter(ctr - 1)
946        if liststore.get_value(niter, 0) == _("More..."):
947            iter = liststore.insert_before(niter)
948            ctr = ctr - 1
949        else:
950            iter = liststore.append()
951        liststore.set_value(iter, 0, val)
952        combobox.set_active(ctr)
953
954    def combo_get_active_text(self, combobox):
955        liststore = combobox.get_model()
956        index = combobox.get_active()
957        if index < 0:
958            return None
959        iter = liststore.get_iter(index)
960        return liststore.get_value(iter, 0)
961
962    def combo_box_add(self, val, val1):
963        if val is None:
964            return
965        iter = self.application_liststore.append()
966        self.application_liststore.set_value(iter, 0, val)
967        self.application_liststore.set_value(iter, 1, val1)
968
969    def select_type_more(self, *args):
970        app = self.moreTypes_treeview.get_selection()
971        iter = app.get_selected()[1]
972        if iter is None:
973            return
974        app = self.more_types_files_liststore.get_value(iter, 0)
975        self.combo_set_active_text(self.files_type_combobox, app)
976        self.closewindow(self.moreTypes_window_files)
977
978    def advanced_item_button_push(self, *args):
979        row = self.advanced_search_treeview.get_selection()
980        model, iter = row.get_selected()
981        iter = model.convert_iter_to_child_iter(iter)
982        iter = self.advanced_search_filter.convert_iter_to_child_iter(iter)
983        app = self.application_liststore.get_value(iter, 1)
984        if app is None:
985            return
986        self.advanced_filter_entry.set_text('')
987        self.advanced_search_window.hide()
988        self.reveal_advanced(self.main_advanced_label)
989        self.completion_entry.set_text(app)
990
991    def advanced_item_selected(self, treeview, path, *args):
992        iter = self.advanced_search_filter.get_iter(path)
993        iter = self.advanced_search_filter.convert_iter_to_child_iter(iter)
994        app = self.application_liststore.get_value(iter, 1)
995        self.advanced_filter_entry.set_text('')
996        self.advanced_search_window.hide()
997        self.reveal_advanced(self.main_advanced_label)
998        self.completion_entry.set_text(app)
999        self.application_selected()
1000
1001    def find_application(self, app):
1002        if app and len(app) > 0:
1003            for items in self.application_liststore:
1004                if app == items[0]:
1005                    return True
1006        return False
1007
1008    def application_selected(self, *args):
1009        self.show_mislabeled_files_only.set_visible(False)
1010        self.mislabeled_files_label.set_visible(False)
1011        self.warning_files.set_visible(False)
1012        self.filter_entry.set_text('')
1013
1014        app = self.completion_entry.get_text()
1015        if not self.find_application(app):
1016            return
1017        self.show_applications_page()
1018        self.add_button.set_sensitive(True)
1019        self.delete_button.set_sensitive(True)
1020        # Clear the tree to prepare for a new selection otherwise
1021        self.executable_files_liststore.clear()
1022        # data will pile up everytime the user selects a new item from the drop down menu
1023        self.network_in_liststore.clear()
1024        self.network_out_liststore.clear()
1025        self.boolean_liststore.clear()
1026        self.transitions_into_liststore.clear()
1027        self.transitions_from_treestore.clear()
1028        self.application_files_liststore.clear()
1029        self.writable_files_liststore.clear()
1030        self.transitions_file_liststore.clear()
1031
1032        try:
1033            if app[0] == '/':
1034                app = sepolicy.get_init_transtype(app)
1035                if not app:
1036                    return
1037                self.application = app
1038        except IndexError:
1039            pass
1040
1041        self.wait_mouse()
1042        self.previously_modified_initialize(self.dbus.customized())
1043        self.reinit()
1044        self.boolean_initialize(app)
1045        self.mislabeled_files = False
1046        self.executable_files_initialize(app)
1047        self.network_initialize(app)
1048        self.writable_files_initialize(app)
1049        self.transitions_into_initialize(app)
1050        self.transitions_from_initialize(app)
1051        self.application_files_initialize(app)
1052        self.transitions_files_initialize(app)
1053
1054        self.executable_files_tab.set_tooltip_text(_("File path used to enter the '%s' domain." % app))
1055        self.writable_files_tab.set_tooltip_text(_("Files to which the '%s' domain can write." % app))
1056        self.network_out_tab.set_tooltip_text(_("Network Ports to which the '%s' is allowed to connect." % app))
1057        self.network_in_tab.set_tooltip_text(_("Network Ports to which the '%s' is allowed to listen." % app))
1058        self.application_files_tab.set_tooltip_text(_("File Types defined for the '%s'." % app))
1059        self.boolean_radio_button.set_tooltip_text(_("Display boolean information that can be used to modify the policy for the '%s'." % app))
1060        self.files_radio_button.set_tooltip_text(_("Display file type information that can be used by the '%s'." % app))
1061        self.network_radio_button.set_tooltip_text(_("Display network ports to which the '%s' can connect or listen to." % app))
1062        self.transitions_into_tab.set_label(_("Application Transitions Into '%s'" % app))
1063        self.transitions_from_tab.set_label(_("Application Transitions From '%s'" % app))
1064        self.transitions_file_tab.set_label(_("File Transitions From '%s'" % app))
1065        self.transitions_into_tab.set_tooltip_text(_("Executables which will transition to '%s', when executing selected domains entrypoint.") % app)
1066        self.transitions_from_tab.set_tooltip_text(_("Executables which will transition to a different domain, when '%s' executes them.") % app)
1067        self.transitions_file_tab.set_tooltip_text(_("Files by '%s' with transitions to a different label." % app))
1068        self.transitions_radio_button.set_tooltip_text(_("Display applications that can transition into or out of the '%s'." % app))
1069
1070        self.application = app
1071        self.applications_selection_button.set_label(self.application)
1072        self.ready_mouse()
1073
1074    def reinit(self):
1075        sepolicy.reinit()
1076        self.fcdict = sepolicy.get_fcdict()
1077        self.local_file_paths = sepolicy.get_local_file_paths()
1078
1079    def previously_modified_initialize(self, buf):
1080        self.cust_dict = {}
1081        for i in buf.split("\n"):
1082            rec = i.split()
1083            if len(rec) == 0:
1084                continue
1085            if rec[1] == "-D":
1086                continue
1087            if rec[0] not in self.cust_dict:
1088                self.cust_dict[rec[0]] = {}
1089            if rec[0] == "boolean":
1090                self.cust_dict["boolean"][rec[-1]] = {"active": rec[2] == "-1"}
1091            if rec[0] == "login":
1092                self.cust_dict["login"][rec[-1]] = {"seuser": rec[3], "range": rec[5]}
1093            if rec[0] == "interface":
1094                self.cust_dict["interface"][rec[-1]] = {"type": rec[3]}
1095            if rec[0] == "user":
1096                self.cust_dict["user"][rec[-1]] = {"level": "s0", "range": rec[3], "role": rec[5]}
1097            if rec[0] == "port":
1098                self.cust_dict["port"][(rec[-1], rec[-2])] = {"type": rec[3]}
1099            if rec[0] == "node":
1100                self.cust_dict["node"][rec[-1]] = {"mask": rec[3], "protocol": rec[5], "type": rec[7]}
1101            if rec[0] == "fcontext":
1102                if rec[2] == "-e":
1103                    if "fcontext-equiv" not in self.cust_dict:
1104                        self.cust_dict["fcontext-equiv"] = {}
1105                    self.cust_dict["fcontext-equiv"][(rec[-1])] = {"equiv": rec[3]}
1106                else:
1107                    self.cust_dict["fcontext"][(rec[-1], rec[3])] = {"type": rec[5]}
1108            if rec[0] == "module":
1109                self.cust_dict["module"][rec[-1]] = {"enabled": rec[2] != "-d"}
1110
1111        if "module" not in self.cust_dict:
1112            return
1113        for semodule, button in [("unconfined", self.disable_unconfined_button), ("permissivedomains", self.disable_permissive_button)]:
1114            if semodule in self.cust_dict["module"]:
1115                button.set_active(self.cust_dict["module"][semodule]["enabled"])
1116
1117        for i in keys:
1118            if i not in self.cust_dict:
1119                self.cust_dict.update({i: {}})
1120
1121    def executable_files_initialize(self, application):
1122        self.entrypoints = sepolicy.get_entrypoints(application)
1123        for exe in self.entrypoints.keys():
1124            if len(self.entrypoints[exe]) == 0:
1125                continue
1126            file_class = self.entrypoints[exe][1]
1127            for path in self.entrypoints[exe][0]:
1128                if (path, file_class) in self.cur_dict["fcontext"]:
1129                    if self.cur_dict["fcontext"][(path, file_class)]["action"] == "-d":
1130                        continue
1131                    if exe != self.cur_dict["fcontext"][(path, file_class)]["type"]:
1132                        continue
1133                self.files_initial_data_insert(self.executable_files_liststore, path, exe, file_class)
1134
1135    def mislabeled(self, path):
1136        try:
1137            con = selinux.matchpathcon(path, 0)[1]
1138            cur = selinux.getfilecon(path)[1]
1139            return con != cur
1140        except OSError:
1141            return False
1142
1143    def set_mislabeled(self, tree, path, iter, niter):
1144        if not self.mislabeled(path):
1145            return
1146        con = selinux.matchpathcon(path, 0)[1]
1147        cur = selinux.getfilecon(path)[1]
1148        self.mislabeled_files = True
1149        # Set visibility of label
1150        tree.set_value(niter, 3, True)
1151        # Has a mislabel
1152        tree.set_value(iter, 4, True)
1153        tree.set_value(niter, 4, True)
1154        tree.set_value(iter, 5, con.split(":")[2])
1155        tree.set_value(iter, 6, cur.split(":")[2])
1156
1157    def writable_files_initialize(self, application):
1158        # Traversing the dictionary data struct
1159        self.writable_files = sepolicy.get_writable_files(application)
1160        for write in self.writable_files.keys():
1161            if len(self.writable_files[write]) < 2:
1162                self.files_initial_data_insert(self.writable_files_liststore, None, write, _("all files"))
1163                continue
1164            file_class = self.writable_files[write][1]
1165            for path in self.writable_files[write][0]:
1166                if (path, file_class) in self.cur_dict["fcontext"]:
1167                    if self.cur_dict["fcontext"][(path, file_class)]["action"] == "-d":
1168                        continue
1169                    if write != self.cur_dict["fcontext"][(path, file_class)]["type"]:
1170                        continue
1171                self.files_initial_data_insert(self.writable_files_liststore, path, write, file_class)
1172
1173    def files_initial_data_insert(self, liststore, path, seLinux_label, file_class):
1174        iter = liststore.append(None)
1175        if path is None:
1176            path = _("MISSING FILE PATH")
1177            modify = False
1178        else:
1179            modify = (path, file_class) in self.local_file_paths
1180            for p in sepolicy.find_file(path):
1181                niter = liststore.append(iter)
1182                liststore.set_value(niter, 0, p)
1183                self.set_mislabeled(liststore, p, iter, niter)
1184            if modify:
1185                path = self.markup(path)
1186                file_class = self.markup(selinux_label)
1187                file_class = self.markup(file_class)
1188        liststore.set_value(iter, 0, path)
1189        liststore.set_value(iter, 1, seLinux_label)
1190        liststore.set_value(iter, 2, file_class)
1191        liststore.set_value(iter, 7, modify)
1192
1193    def markup(self, f):
1194        return "<b>%s</b>" % f
1195
1196    def unmarkup(self, f):
1197        if f:
1198            return re.sub("</b>$", "", re.sub("^<b>", "", f))
1199        return None
1200
1201    def application_files_initialize(self, application):
1202        self.file_types = sepolicy.get_file_types(application)
1203        for app in self.file_types.keys():
1204            if len(self.file_types[app]) == 0:
1205                continue
1206            file_class = self.file_types[app][1]
1207            for path in self.file_types[app][0]:
1208                desc = sepolicy.get_description(app, markup=self.markup)
1209                if (path, file_class) in self.cur_dict["fcontext"]:
1210                    if self.cur_dict["fcontext"][(path, file_class)]["action"] == "-d":
1211                        continue
1212                    if app != self.cur_dict["fcontext"][(path, file_class)]["type"]:
1213                        continue
1214                self.files_initial_data_insert(self.application_files_liststore, path, desc, file_class)
1215
1216    def modified(self):
1217        i = 0
1218        for k in self.cur_dict:
1219            if len(self.cur_dict[k]) > 0:
1220                return True
1221        return False
1222
1223    def boolean_initialize(self, application):
1224        for blist in sepolicy.get_bools(application):
1225            for b, active in blist:
1226                if b in self.cur_dict["boolean"]:
1227                    active = self.cur_dict["boolean"][b]['active']
1228                desc = sepolicy.boolean_desc(b)
1229                self.boolean_initial_data_insert(b, desc, active)
1230
1231    def boolean_initial_data_insert(self, val, desc, active):
1232        # Insert data from data source into tree
1233        iter = self.boolean_liststore.append()
1234        self.boolean_liststore.set_value(iter, 0, active)
1235        self.boolean_liststore.set_value(iter, 1, desc)
1236        self.boolean_liststore.set_value(iter, 2, val)
1237        self.boolean_liststore.set_value(iter, 3, _('More...'))
1238
1239    def transitions_into_initialize(self, application):
1240        for x in sepolicy.get_transitions_into(application):
1241            active = None
1242            executable = None
1243            source = None
1244            if "boolean" in x:
1245                active = x["boolean"]
1246            if "target" in x:
1247                executable = x["target"]
1248            if "source" in x:
1249                source = x["source"]
1250            self.transitions_into_initial_data_insert(active, executable, source)
1251
1252    def transitions_into_initial_data_insert(self, active, executable, source):
1253        iter = self.transitions_into_liststore.append()
1254        if active != None:
1255            self.transitions_into_liststore.set_value(iter, 0, enabled[active[0][1]])         # active[0][1] is either T or F (enabled is all the way at the top)
1256        else:
1257            self.transitions_into_liststore.set_value(iter, 0, "Default")
1258
1259        self.transitions_into_liststore.set_value(iter, 2, executable)
1260        self.transitions_into_liststore.set_value(iter, 1, source)
1261
1262    def transitions_from_initialize(self, application):
1263        for x in sepolicy.get_transitions(application):
1264            active = None
1265            executable = None
1266            transtype = None
1267            if "boolean" in x:
1268                active = x["boolean"]
1269            if "target" in x:
1270                executable_type = x["target"]
1271            if "transtype" in x:
1272                transtype = x["transtype"]
1273            self.transitions_from_initial_data_insert(active, executable_type, transtype)
1274            try:
1275                for executable in self.fcdict[executable_type]["regex"]:
1276                    self.transitions_from_initial_data_insert(active, executable, transtype)
1277            except KeyError:
1278                pass
1279
1280    def transitions_from_initial_data_insert(self, active, executable, transtype):
1281        iter = self.transitions_from_treestore.append(None)
1282        if active == None:
1283            self.transitions_from_treestore.set_value(iter, 0, "Default")
1284            self.transitions_from_treestore.set_value(iter, 5, False)
1285        else:
1286            niter = self.transitions_from_treestore.append(iter)
1287            # active[0][1] is either T or F (enabled is all the way at the top)
1288            self.transitions_from_treestore.set_value(iter, 0, enabled[active[0][1]])
1289            markup = ('<span foreground="blue"><u>','</u></span>')
1290            if active[0][1]:
1291                self.transitions_from_treestore.set_value(niter, 2, (_("To disable this transition, go to the %sBoolean section%s.") % markup))
1292            else:
1293                self.transitions_from_treestore.set_value(niter, 2, (_("To enable this transition, go to the %sBoolean section%s.") % markup))
1294
1295            # active[0][0] is the Bool Name
1296            self.transitions_from_treestore.set_value(niter, 1, active[0][0])
1297            self.transitions_from_treestore.set_value(niter, 5, True)
1298
1299        self.transitions_from_treestore.set_value(iter, 2, executable)
1300        self.transitions_from_treestore.set_value(iter, 3, transtype)
1301
1302    def transitions_files_initialize(self, application):
1303        for i in sepolicy.get_file_transitions(application):
1304            if 'filename' in i:
1305                filename = i['filename']
1306            else:
1307                filename = None
1308            self.transitions_files_inital_data_insert(i['target'], i['class'], i['transtype'], filename)
1309
1310    def transitions_files_inital_data_insert(self, path, tclass, dest, name):
1311        iter = self.transitions_file_liststore.append()
1312        self.transitions_file_liststore.set_value(iter, 0, path)
1313        self.transitions_file_liststore.set_value(iter, 1, tclass)
1314        self.transitions_file_liststore.set_value(iter, 2, dest)
1315        if name == None:
1316            name = '*'
1317        self.transitions_file_liststore.set_value(iter, 3, name)
1318
1319    def tab_change(self, *args):
1320        self.clear_filters()
1321        self.treeview = None
1322        self.treesort = None
1323        self.treefilter = None
1324        self.liststore = None
1325        self.modify_button.set_sensitive(False)
1326        self.add_modify_delete_box.hide()
1327        self.show_modified_only.set_visible(False)
1328        self.show_mislabeled_files_only.set_visible(False)
1329        self.mislabeled_files_label.set_visible(False)
1330        self.warning_files.set_visible(False)
1331
1332        if self.boolean_radio_button.get_active():
1333            self.outer_notebook.set_current_page(BOOLEANS_PAGE)
1334            self.treeview = self.boolean_treeview
1335            self.show_modified_only.set_visible(True)
1336
1337        if self.files_radio_button.get_active():
1338            self.show_popup(self.add_modify_delete_box)
1339            self.show_modified_only.set_visible(True)
1340            self.show_mislabeled_files_only.set_visible(self.mislabeled_files)
1341            self.mislabeled_files_label.set_visible(self.mislabeled_files)
1342            self.warning_files.set_visible(self.mislabeled_files)
1343            self.outer_notebook.set_current_page(FILES_PAGE)
1344            if args[0] == self.inner_notebook_files:
1345                ipage = args[2]
1346            else:
1347                ipage = self.inner_notebook_files.get_current_page()
1348            if ipage == EXE_PAGE:
1349                self.treeview = self.executable_files_treeview
1350                category = _("executable")
1351            elif ipage == WRITABLE_PAGE:
1352                self.treeview = self.writable_files_treeview
1353                category = _("writable")
1354            elif ipage == APP_PAGE:
1355                self.treeview = self.application_files_treeview
1356                category = _("application")
1357            self.add_button.set_tooltip_text(_("Add new %(TYPE)s file path for '%(DOMAIN)s' domains.") % {"TYPE": category, "DOMAIN": self.application})
1358            self.delete_button.set_tooltip_text(_("Delete %(TYPE)s file paths for '%(DOMAIN)s' domain.") % {"TYPE": category, "DOMAIN": self.application})
1359            self.modify_button.set_tooltip_text(_("Modify %(TYPE)s file path for '%(DOMAIN)s' domain. Only bolded items in the list can be selected, this indicates they were modified previously.") % {"TYPE": category, "DOMAIN": self.application})
1360
1361        if self.network_radio_button.get_active():
1362            self.add_modify_delete_box.show()
1363            self.show_modified_only.set_visible(True)
1364            self.outer_notebook.set_current_page(NETWORK_PAGE)
1365            if args[0] == self.inner_notebook_network:
1366                ipage = args[2]
1367            else:
1368                ipage = self.inner_notebook_network.get_current_page()
1369            if ipage == OUTBOUND_PAGE:
1370                self.treeview = self.network_out_treeview
1371                category = _("connect")
1372            if ipage == INBOUND_PAGE:
1373                self.treeview = self.network_in_treeview
1374                category = _("listen for inbound connections")
1375
1376            self.add_button.set_tooltip_text(_("Add new port definition to which the '%(APP)s' domain is allowed to %s.") % {"APP": self.application, "PERM": category})
1377            self.delete_button.set_tooltip_text(_("Delete modified port definitions to which the '%(APP)s' domain is allowed to %s.") % {"APP": self.application, "PERM": category})
1378            self.modify_button.set_tooltip_text(_("Modify port definitions to which the '%(APP)s' domain is allowed to %(PERM)s.") % {"APP": self.application, "PERM": category})
1379
1380        if self.transitions_radio_button.get_active():
1381            self.outer_notebook.set_current_page(TRANSITIONS_PAGE)
1382            if args[0] == self.inner_notebook_transitions:
1383                ipage = args[2]
1384            else:
1385                ipage = self.inner_notebook_transitions.get_current_page()
1386            if ipage == TRANSITIONS_FROM_PAGE:
1387                self.treeview = self.transitions_from_treeview
1388            if ipage == TRANSITIONS_TO_PAGE:
1389                self.treeview = self.transitions_into_treeview
1390            if ipage == TRANSITIONS_FILE_PAGE:
1391                self.treeview = self.transitions_file_treeview
1392
1393        if self.system_radio_button.get_active():
1394            self.outer_notebook.set_current_page(SYSTEM_PAGE)
1395            self.filter_box.hide()
1396
1397        if self.lockdown_radio_button.get_active():
1398            self.lockdown_init()
1399            self.outer_notebook.set_current_page(LOCKDOWN_PAGE)
1400            self.filter_box.hide()
1401
1402        if self.user_radio_button.get_active():
1403            self.outer_notebook.set_current_page(USER_PAGE)
1404            self.add_modify_delete_box.show()
1405            self.show_modified_only.set_visible(True)
1406            self.treeview = self.user_treeview
1407            self.add_button.set_tooltip_text(_("Add new SELinux User/Role definition."))
1408            self.delete_button.set_tooltip_text(_("Delete modified SELinux User/Role definitions."))
1409            self.modify_button.set_tooltip_text(_("Modify selected modified SELinux User/Role definitions."))
1410
1411        if self.login_radio_button.get_active():
1412            self.outer_notebook.set_current_page(LOGIN_PAGE)
1413            self.add_modify_delete_box.show()
1414            self.show_modified_only.set_visible(True)
1415            self.treeview = self.login_treeview
1416            self.add_button.set_tooltip_text(_("Add new Login Mapping definition."))
1417            self.delete_button.set_tooltip_text(_("Delete modified Login Mapping definitions."))
1418            self.modify_button.set_tooltip_text(_("Modify selected modified Login Mapping definitions."))
1419
1420        if self.file_equiv_radio_button.get_active():
1421            self.outer_notebook.set_current_page(FILE_EQUIV_PAGE)
1422            self.add_modify_delete_box.show()
1423            self.show_modified_only.set_visible(True)
1424            self.treeview = self.file_equiv_treeview
1425            self.add_button.set_tooltip_text(_("Add new File Equivalence definition."))
1426            self.delete_button.set_tooltip_text(_("Delete modified File Equivalence definitions."))
1427            self.modify_button.set_tooltip_text(_("Modify selected modified File Equivalence definitions. Only bolded items in the list can be selected, this indicates they were modified previously."))
1428
1429        self.opage = self.outer_notebook.get_current_page()
1430        if self.treeview:
1431            self.filter_box.show()
1432            self.treesort = self.treeview.get_model()
1433            self.treefilter = self.treesort.get_model()
1434            self.liststore = self.treefilter.get_model()
1435            for x in range(0, self.liststore.get_n_columns()):
1436                col = self.treeview.get_column(x)
1437                if col:
1438                    cell = col.get_cells()[0]
1439                    if isinstance(cell, Gtk.CellRendererText):
1440                        self.liststore.set_sort_func(x, self.stripsort, None)
1441            self.treeview.get_selection().unselect_all()
1442        self.modify_button.set_sensitive(False)
1443
1444    def stripsort(self, model, row1, row2, user_data):
1445        sort_column, _ = model.get_sort_column_id()
1446        val1 = self.unmarkup(model.get_value(row1, sort_column))
1447        val2 = self.unmarkup(model.get_value(row2, sort_column))
1448        return cmp(val1, val2)
1449
1450    def display_more_detail(self, windows, path):
1451        it = self.boolean_filter.get_iter(path)
1452        it = self.boolean_filter.convert_iter_to_child_iter(it)
1453
1454        self.boolean_more_detail_tree_data_set.clear()
1455        self.boolean_more_detail_window.set_title(_("Boolean %s Allow Rules") % self.boolean_liststore.get_value(it, 2))
1456        blist = sepolicy.get_boolean_rules(self.application, self.boolean_liststore.get_value(it, 2))
1457        for b in blist:
1458            self.display_more_detail_init(b["source"], b["target"], b["class"], b["permlist"])
1459        self.show_popup(self.boolean_more_detail_window)
1460
1461    def display_more_detail_init(self, source, target, class_type, permission):
1462        iter = self.boolean_more_detail_tree_data_set.append()
1463        self.boolean_more_detail_tree_data_set.set_value(iter, 0, "allow %s %s:%s { %s };" % (source, target, class_type, " ".join(permission)))
1464
1465    def add_button_clicked(self, *args):
1466        self.modify = False
1467        if self.opage == NETWORK_PAGE:
1468            self.popup_network_label.set_text((_("Add Network Port for %s.  Ports will be created when update is applied.")) % self.application)
1469            self.network_popup_window.set_title((_("Add Network Port for %s")) % self.application)
1470            self.init_network_dialog(args)
1471            return
1472
1473        if self.opage == FILES_PAGE:
1474            self.popup_files_label.set_text((_("Add File Labeling for %s. File labels will be created when update is applied.")) % self.application)
1475            self.files_popup_window.set_title((_("Add File Labeling for %s")) % self.application)
1476            self.init_files_dialog(args)
1477            ipage = self.inner_notebook_files.get_current_page()
1478            if ipage == EXE_PAGE:
1479                self.files_path_entry.set_text("ex: /usr/sbin/Foobar")
1480            else:
1481                self.files_path_entry.set_text("ex: /var/lib/Foobar")
1482            self.clear_entry = True
1483
1484        if self.opage == LOGIN_PAGE:
1485            self.login_label.set_text((_("Add Login Mapping. User Mapping will be created when Update is applied.")))
1486            self.login_popup_window.set_title(_("Add Login Mapping"))
1487            self.login_init_dialog(args)
1488            self.clear_entry = True
1489
1490        if self.opage == USER_PAGE:
1491            self.user_label.set_text((_("Add SELinux User Role. SELinux user roles will be created when update is applied.")))
1492            self.user_popup_window.set_title(_("Add SELinux Users"))
1493            self.user_init_dialog(args)
1494            self.clear_entry = True
1495
1496        if self.opage == FILE_EQUIV_PAGE:
1497            self.file_equiv_source_entry.set_text("")
1498            self.file_equiv_dest_entry.set_text("")
1499            self.file_equiv_label.set_text((_("Add File Equivalency Mapping. Mapping will be created when update is applied.")))
1500            self.file_equiv_popup_window.set_title(_("Add SELinux File Equivalency"))
1501            self.clear_entry = True
1502            self.show_popup(self.file_equiv_popup_window)
1503
1504        self.new_updates()
1505
1506    def show_popup(self, window):
1507        self.current_popup = window
1508        window.show()
1509
1510    def close_popup(self, *args):
1511        self.current_popup.hide()
1512        self.window.set_sensitive(True)
1513        return True
1514
1515    def modify_button_clicked(self, *args):
1516        iter = None
1517        if self.treeview:
1518            iter = self.get_selected_iter()
1519            if not iter:
1520                self.modify_button.set_sensitive(False)
1521                return
1522        self.modify = True
1523        if self.opage == NETWORK_PAGE:
1524            self.modify_button_network_clicked(args)
1525
1526        if self.opage == FILES_PAGE:
1527            self.popup_files_label.set_text((_("Modify File Labeling for %s. File labels will be created when update is applied.")) % self.application)
1528            self.files_popup_window.set_title((_("Add File Labeling for %s")) % self.application)
1529            self.delete_old_item = None
1530            self.init_files_dialog(args)
1531            self.modify = True
1532            operation = "Modify"
1533            mls = 1
1534            ipage = self.inner_notebook_files.get_current_page()
1535
1536            if ipage == EXE_PAGE:
1537                iter = self.executable_files_filter.convert_iter_to_child_iter(iter)
1538                self.delete_old_item = iter
1539                path = self.executable_files_liststore.get_value(iter, 0)
1540                self.files_path_entry.set_text(path)
1541                ftype = self.executable_files_liststore.get_value(iter, 1)
1542                if type != None:
1543                    self.combo_set_active_text(self.files_type_combobox, ftype)
1544                tclass = self.executable_files_liststore.get_value(iter, 2)
1545                if tclass != None:
1546                    self.combo_set_active_text(self.files_class_combobox, tclass)
1547
1548            if ipage == WRITABLE_PAGE:
1549                iter = self.writable_files_filter.convert_iter_to_child_iter(iter)
1550                self.delete_old_item = iter
1551                path = self.writable_files_liststore.get_value(iter, 0)
1552                self.files_path_entry.set_text(path)
1553                type = self.writable_files_liststore.get_value(iter, 1)
1554                if type != None:
1555                    self.combo_set_active_text(self.files_type_combobox, type)
1556                tclass = self.writable_files_liststore.get_value(iter, 2)
1557                if tclass != None:
1558                    self.combo_set_active_text(self.files_class_combobox, tclass)
1559
1560            if ipage == APP_PAGE:
1561                iter = self.application_files_filter.convert_iter_to_child_iter(iter)
1562                self.delete_old_item = iter
1563                path = self.application_files_liststore.get_value(iter, 0)
1564                self.files_path_entry.set_text(path)
1565                try:
1566                    get_type = self.application_files_liststore.get_value(iter, 1)
1567                    get_type = get_type.split("<b>")[1].split("</b>")
1568                except AttributeError:
1569                    pass
1570                type = self.application_files_liststore.get_value(iter, 2)
1571                if type != None:
1572                    self.combo_set_active_text(self.files_type_combobox, type)
1573                tclass = get_type[0]
1574                if tclass != None:
1575                    self.combo_set_active_text(self.files_class_combobox, tclass)
1576
1577        if self.opage == USER_PAGE:
1578            self.user_init_dialog(args)
1579            self.user_name_entry.set_text(self.user_liststore.get_value(iter, 0))
1580            self.user_mls_level_entry.set_text(self.user_liststore.get_value(iter, 2))
1581            self.user_mls_entry.set_text(self.user_liststore.get_value(iter, 3))
1582            self.combo_set_active_text(self.user_roles_combobox, self.user_liststore.get_value(iter, 1))
1583            self.user_label.set_text((_("Modify SELinux User Role. SELinux user roles will be modified when update is applied.")))
1584            self.user_popup_window.set_title(_("Modify SELinux Users"))
1585            self.show_popup(self.user_popup_window)
1586
1587        if self.opage == LOGIN_PAGE:
1588            self.login_init_dialog(args)
1589            self.login_name_entry.set_text(self.login_liststore.get_value(iter, 0))
1590            self.login_mls_entry.set_text(self.login_liststore.get_value(iter, 2))
1591            self.combo_set_active_text(self.login_seuser_combobox, self.login_liststore.get_value(iter, 1))
1592            self.login_label.set_text((_("Modify Login Mapping. Login Mapping will be modified when Update is applied.")))
1593            self.login_popup_window.set_title(_("Modify Login Mapping"))
1594            self.show_popup(self.login_popup_window)
1595
1596        if self.opage == FILE_EQUIV_PAGE:
1597            self.file_equiv_source_entry.set_text(self.file_equiv_liststore.get_value(iter, 0))
1598            self.file_equiv_dest_entry.set_text(self.file_equiv_liststore.get_value(iter, 1))
1599            self.file_equiv_label.set_text((_("Modify File Equivalency Mapping. Mapping will be created when update is applied.")))
1600            self.file_equiv_popup_window.set_title(_("Modify SELinux File Equivalency"))
1601            self.clear_entry = True
1602            self.show_popup(self.file_equiv_popup_window)
1603
1604    def populate_type_combo(self, tree, loc, *args):
1605        iter = self.more_types_files_liststore.get_iter(loc)
1606        ftype = self.more_types_files_liststore.get_value(iter, 0)
1607        self.combo_set_active_text(self.files_type_combobox, ftype)
1608        self.show_popup(self.files_popup_window)
1609        self.moreTypes_window_files.hide()
1610
1611    def strip_domain(self, domain):
1612        if domain == None:
1613            return
1614        if domain.endswith("_script_t"):
1615            split_char = "_script_t"
1616        else:
1617            split_char = "_t"
1618        return domain.split(split_char)[0]
1619
1620    def exclude_type(self, type, exclude_list):
1621        for e in exclude_list:
1622            if type.startswith(e):
1623                return True
1624        return False
1625
1626    def init_files_dialog(self, *args):
1627        exclude_list = []
1628        self.files_class_combobox.set_sensitive(True)
1629        self.show_popup(self.files_popup_window)
1630        ipage = self.inner_notebook_files.get_current_page()
1631        self.files_type_combolist.clear()
1632        self.files_class_combolist.clear()
1633        compare = self.strip_domain(self.application)
1634        for d in self.application_liststore:
1635            if d[0].startswith(compare) and d[0] != self.application and not d[0].startswith("httpd_sys"):
1636                exclude_list.append(self.strip_domain(d[0]))
1637
1638        self.more_types_files_liststore.clear()
1639        try:
1640            for files in sepolicy.file_type_str:
1641                iter = self.files_class_combolist.append()
1642                self.files_class_combolist.set_value(iter, 0, sepolicy.file_type_str[files])
1643
1644            if ipage == EXE_PAGE and self.entrypoints != None:
1645                for exe in self.entrypoints.keys():
1646                    if exe.startswith(compare):
1647                        iter = self.files_type_combolist.append()
1648                        self.files_type_combolist.set_value(iter, 0, exe)
1649                    iter = self.more_types_files_liststore.append()
1650                    self.more_types_files_liststore.set_value(iter, 0, exe)
1651                self.files_class_combobox.set_active(4)
1652                self.files_class_combobox.set_sensitive(False)
1653
1654            elif ipage == WRITABLE_PAGE and self.writable_files != None:
1655                for write in self.writable_files.keys():
1656                    if write.startswith(compare) and not self.exclude_type(write, exclude_list) and write in self.file_types:
1657                        iter = self.files_type_combolist.append()
1658                        self.files_type_combolist.set_value(iter, 0, write)
1659                    iter = self.more_types_files_liststore.append()
1660                    self.more_types_files_liststore.set_value(iter, 0, write)
1661                self.files_class_combobox.set_active(0)
1662            elif ipage == APP_PAGE and self.file_types != None:
1663                for app in sepolicy.get_all_file_types():
1664                    if app.startswith(compare):
1665                        if app.startswith(compare) and not self.exclude_type(app, exclude_list):
1666                            iter = self.files_type_combolist.append()
1667                            self.files_type_combolist.set_value(iter, 0, app)
1668                        iter = self.more_types_files_liststore.append()
1669                        self.more_types_files_liststore.set_value(iter, 0, app)
1670                self.files_class_combobox.set_active(0)
1671        except AttributeError:
1672            print("error")
1673            pass
1674        self.files_type_combobox.set_active(0)
1675        self.files_mls_entry.set_text("s0")
1676        iter = self.files_type_combolist.append()
1677        self.files_type_combolist.set_value(iter, 0, _('More...'))
1678
1679    def modify_button_network_clicked(self, *args):
1680        iter = self.get_selected_iter()
1681        if not iter:
1682            self.modify_button.set_sensitive(False)
1683            return
1684
1685        self.popup_network_label.set_text((_("Modify Network Port for %s.  Ports will be created when update is applied.")) % self.application)
1686        self.network_popup_window.set_title((_("Modify Network Port for %s")) % self.application)
1687        self.delete_old_item = None
1688        self.init_network_dialog(args)
1689        operation = "Modify"
1690        mls = 1
1691        self.modify = True
1692        iter = self.get_selected_iter()
1693        port = self.liststore.get_value(iter, 0)
1694        self.network_ports_entry.set_text(port)
1695        protocol = self.liststore.get_value(iter, 1)
1696        if protocol == "tcp":
1697            self.network_tcp_button.set_active(True)
1698        elif protocol == "udp":
1699            self.network_udp_button.set_active(True)
1700        type = self.liststore.get_value(iter, 2)
1701        if type != None:
1702            self.combo_set_active_text(self.network_port_type_combobox, type)
1703        self.delete_old_item = iter
1704
1705    def init_network_dialog(self, *args):
1706        self.show_popup(self.network_popup_window)
1707        ipage = self.inner_notebook_network.get_current_page()
1708        self.network_port_type_combolist.clear()
1709        self.network_ports_entry.set_text("")
1710
1711        try:
1712            if ipage == OUTBOUND_PAGE:
1713                netd = sepolicy.network.get_network_connect(self.application, "tcp", "name_connect", check_bools=True)
1714            elif ipage == INBOUND_PAGE:
1715                netd = sepolicy.network.get_network_connect(self.application, "tcp", "name_bind", check_bools=True)
1716                netd += sepolicy.network.get_network_connect(self.application, "udp", "name_bind", check_bools=True)
1717
1718            port_types = []
1719            for k in netd.keys():
1720                for t, ports in netd[k]:
1721                    if t not in port_types + ["port_t", "unreserved_port_t"]:
1722                        if t.endswith("_type"):
1723                            continue
1724
1725                        port_types.append(t)
1726
1727            port_types.sort()
1728            short_domain = self.strip_domain(self.application)
1729            if short_domain[-1] == "d":
1730                short_domain = short_domain[:-1]
1731            short_domain = short_domain + "_"
1732            ctr = 0
1733            found = 0
1734            for t in port_types:
1735                if t.startswith(short_domain):
1736                    found = ctr
1737                iter = self.network_port_type_combolist.append()
1738                self.network_port_type_combolist.set_value(iter, 0, t)
1739                ctr += 1
1740            self.network_port_type_combobox.set_active(found)
1741
1742        except AttributeError:
1743            pass
1744
1745        self.network_tcp_button.set_active(True)
1746        self.network_mls_entry.set_text("s0")
1747
1748    def login_seuser_combobox_change(self, combo, *args):
1749        seuser = self.combo_get_active_text(combo)
1750        if self.login_mls_entry.get_text() == "":
1751            for u in sepolicy.get_selinux_users():
1752                if seuser == u['name']:
1753                    self.login_mls_entry.set_text(u['range'])
1754
1755    def user_roles_combobox_change(self, combo, *args):
1756        serole = self.combo_get_active_text(combo)
1757        if self.user_mls_entry.get_text() == "":
1758            for u in sepolicy.get_all_roles():
1759                if serole == u['name']:
1760                    self.user_mls_entry.set_text(u['range'])
1761
1762    def get_selected_iter(self):
1763        iter = None
1764        if not self.treeview:
1765            return None
1766        row = self.treeview.get_selection()
1767        if not row:
1768            return None
1769        treesort, iter = row.get_selected()
1770        if iter:
1771            iter = treesort.convert_iter_to_child_iter(iter)
1772            if iter:
1773                iter = self.treefilter.convert_iter_to_child_iter(iter)
1774        return iter
1775
1776    def cursor_changed(self, *args):
1777        self.modify_button.set_sensitive(False)
1778        iter = self.get_selected_iter()
1779        if iter == None:
1780            self.modify_button.set_sensitive(False)
1781            return
1782        if not self.liststore[iter] or not self.liststore[iter][-1]:
1783            return
1784        self.modify_button.set_sensitive(self.liststore[iter][-1])
1785
1786    def login_init_dialog(self, *args):
1787        self.show_popup(self.login_popup_window)
1788        self.login_seuser_combolist.clear()
1789        users = sepolicy.get_all_users()
1790        users.sort()
1791        for u in users:
1792            iter = self.login_seuser_combolist.append()
1793            self.login_seuser_combolist.set_value(iter, 0, str(u))
1794        self.login_name_entry.set_text("")
1795        self.login_mls_entry.set_text("")
1796
1797    def user_init_dialog(self, *args):
1798        self.show_popup(self.user_popup_window)
1799        self.user_roles_combolist.clear()
1800        roles = sepolicy.get_all_roles()
1801        roles.sort()
1802        for r in roles:
1803            iter = self.user_roles_combolist.append()
1804            self.user_roles_combolist.set_value(iter, 0, str(r))
1805        self.user_name_entry.set_text("")
1806        self.user_mls_entry.set_text("")
1807
1808    def on_disable_ptrace(self, checkbutton):
1809        if self.finish_init:
1810            update_buffer = "boolean -m -%d deny_ptrace" % checkbutton.get_active()
1811            self.wait_mouse()
1812            try:
1813                self.dbus.semanage(update_buffer)
1814            except dbus.exceptions.DBusException as e:
1815                self.error(e)
1816            self.ready_mouse()
1817
1818    def on_show_modified_only(self, checkbutton):
1819        length = self.liststore.get_n_columns()
1820
1821        def dup_row(row):
1822            l = []
1823            for i in range(0, length):
1824                l.append(row[i])
1825            return l
1826
1827        append_list = []
1828        if self.opage == BOOLEANS_PAGE:
1829            if not checkbutton.get_active():
1830                return self.boolean_initialize(self.application)
1831
1832            for row in self.liststore:
1833                if row[2] in self.cust_dict["boolean"]:
1834                    append_list.append(dup_row(row))
1835
1836        if self.opage == FILES_PAGE:
1837            ipage = self.inner_notebook_files.get_current_page()
1838            if not checkbutton.get_active():
1839                if ipage == EXE_PAGE:
1840                    return self.executable_files_initialize(self.application)
1841                if ipage == WRITABLE_PAGE:
1842                    return self.writable_files_initialize(self.application)
1843                if ipage == APP_PAGE:
1844                    return self.application_files_initialize(self.application)
1845            for row in self.liststore:
1846                if (row[0], row[2]) in self.cust_dict["fcontext"]:
1847                    append_list.append(row)
1848
1849        if self.opage == NETWORK_PAGE:
1850            if not checkbutton.get_active():
1851                return self.network_initialize(self.application)
1852            for row in self.liststore:
1853                if (row[0], row[1]) in self.cust_dict["port"]:
1854                    append_list.append(dup_row(row))
1855
1856        if self.opage == FILE_EQUIV_PAGE:
1857            if not checkbutton.get_active() == True:
1858                return self.file_equiv_initialize()
1859
1860            for row in self.liststore:
1861                if row[0] in self.cust_dict["fcontext-equiv"]:
1862                    append_list.append(dup_row(row))
1863
1864        if self.opage == USER_PAGE:
1865            if not checkbutton.get_active():
1866                return self.user_initialize()
1867
1868            for row in self.liststore:
1869                if row[0] in self.cust_dict["user"]:
1870                    append_list.append(dup_row(row))
1871
1872        if self.opage == LOGIN_PAGE:
1873            if not checkbutton.get_active() == True:
1874                return self.login_initialize()
1875
1876            for row in self.liststore:
1877                if row[0] in self.cust_dict["login"]:
1878                    append_list.append(dup_row(row))
1879
1880        self.liststore.clear()
1881        for row in append_list:
1882            iter = self.liststore.append()
1883            for i in range(0, length):
1884                self.liststore.set_value(iter, i, row[i])
1885
1886    def init_modified_files_liststore(self, tree, app, ipage, operation, path, fclass, ftype):
1887        iter = tree.append(None)
1888        tree.set_value(iter, 0, path)
1889        tree.set_value(iter, 1, ftype)
1890        tree.set_value(iter, 2, fclass)
1891
1892    def restore_to_default(self, *args):
1893        print("restore to defualt clicked...")
1894
1895    def invalid_entry_retry(self, *args):
1896        self.closewindow(self.error_check_window)
1897        self.files_popup_window.set_sensitive(True)
1898        self.network_popup_window.set_sensitive(True)
1899
1900    def error_check_files(self, insert_txt):
1901        if len(insert_txt) == 0 or insert_txt[0] != '/':
1902            self.error_check_window.show()
1903            self.files_popup_window.set_sensitive(False)
1904            self.network_popup_window.set_sensitive(False)
1905            self.error_check_label.set_text((_("The entry '%s' is not a valid path.  Paths must begin with a '/'.")) % insert_txt)
1906            return True
1907        return False
1908
1909    def error_check_network(self, port):
1910        try:
1911            pnum = int(port)
1912            if pnum < 1 or pnum > 65536:
1913                raise ValueError
1914        except ValueError:
1915            self.error_check_window.show()
1916            self.files_popup_window.set_sensitive(False)
1917            self.network_popup_window.set_sensitive(False)
1918            self.error_check_label.set_text((_("Port number must be between 1 and 65536")))
1919            return True
1920        return False
1921
1922    def show_more_types(self, *args):
1923        if self.finish_init:
1924            if self.combo_get_active_text(self.files_type_combobox) == _('More...'):
1925                self.files_popup_window.hide()
1926                self.moreTypes_window_files.show()
1927
1928    def update_to_login(self, *args):
1929        self.close_popup()
1930        seuser = self.combo_get_active_text(self.login_seuser_combobox)
1931        mls_range = self.login_mls_entry.get_text()
1932        name = self.login_name_entry.get_text()
1933        if self.modify:
1934            iter = self.get_selected_iter()
1935            oldname = self.login_liststore.get_value(iter, 0)
1936            oldseuser = self.login_liststore.get_value(iter, 1)
1937            oldrange = self.login_liststore.get_value(iter, 2)
1938            self.liststore.set_value(iter, 0, oldname)
1939            self.liststore.set_value(iter, 1, oldseuser)
1940            self.liststore.set_value(iter, 2, oldrange)
1941            self.cur_dict["login"][name] = {"action": "-m", "range": mls_range, "seuser": seuser, "oldrange": oldrange, "oldseuser": oldseuser, "oldname": oldname}
1942        else:
1943            iter = self.liststore.append(None)
1944            self.cur_dict["login"][name] = {"action": "-a", "range": mls_range, "seuser": seuser}
1945
1946        self.liststore.set_value(iter, 0, name)
1947        self.liststore.set_value(iter, 1, seuser)
1948        self.liststore.set_value(iter, 2, mls_range)
1949
1950        self.new_updates()
1951
1952    def update_to_user(self, *args):
1953        self.close_popup()
1954        roles = self.combo_get_active_text(self.user_roles_combobox)
1955        level = self.user_mls_level_entry.get_text()
1956        mls_range = self.user_mls_entry.get_text()
1957        name = self.user_name_entry.get_text()
1958        if self.modify:
1959            iter = self.get_selected_iter()
1960            oldname = self.user_liststore.get_value(iter, 0)
1961            oldroles = self.user_liststore.get_value(iter, 1)
1962            oldlevel = self.user_liststore.get_value(iter, 1)
1963            oldrange = self.user_liststore.get_value(iter, 3)
1964            self.liststore.set_value(iter, 0, oldname)
1965            self.liststore.set_value(iter, 1, oldroles)
1966            self.liststore.set_value(iter, 2, oldlevel)
1967            self.liststore.set_value(iter, 3, oldrange)
1968            self.cur_dict["user"][name] = {"action": "-m", "range": mls_range, "level": level, "role": roles, "oldrange": oldrange, "oldlevel": oldlevel, "oldroles": oldroles, "oldname": oldname}
1969        else:
1970            iter = self.liststore.append(None)
1971            self.cur_dict["user"][name] = {"action": "-a", "range": mls_range, "level": level, "role": roles}
1972
1973        self.liststore.set_value(iter, 0, name)
1974        self.liststore.set_value(iter, 1, roles)
1975        self.liststore.set_value(iter, 2, level)
1976        self.liststore.set_value(iter, 3, mls_range)
1977
1978        self.new_updates()
1979
1980    def update_to_file_equiv(self, *args):
1981        self.close_popup()
1982        dest = self.file_equiv_dest_entry.get_text()
1983        src = self.file_equiv_source_entry.get_text()
1984        if self.modify:
1985            iter = self.get_selected_iter()
1986            olddest = self.unmarkup(self.liststore.set_value(iter, 0))
1987            oldsrc = self.unmarkup(self.liststore.set_value(iter, 1))
1988            self.cur_dict["fcontext-equiv"][dest] = {"action": "-m", "src": src, "oldsrc": oldsrc, "olddest": olddest}
1989        else:
1990            iter = self.liststore.append(None)
1991            self.cur_dict["fcontext-equiv"][dest] = {"action": "-a", "src": src}
1992        self.liststore.set_value(iter, 0, self.markup(dest))
1993        self.liststore.set_value(iter, 1, self.markup(src))
1994
1995    def update_to_files(self, *args):
1996        self.close_popup()
1997        self.files_add = True
1998        # Insert Function will be used in the future
1999        path = self.files_path_entry.get_text()
2000        if self.error_check_files(path):
2001            return
2002
2003        setype = self.combo_get_active_text(self.files_type_combobox)
2004        mls = self.files_mls_entry.get_text()
2005        tclass = self.combo_get_active_text(self.files_class_combobox)
2006
2007        if self.modify:
2008            iter = self.get_selected_iter()
2009            oldpath = self.unmark(self.liststore.get_value(iter, 0))
2010            setype = self.unmark(self.liststore.set_value(iter, 1))
2011            oldtclass = self.liststore.get_value(iter, 2)
2012            self.cur_dict["fcontext"][(path, tclass)] = {"action": "-m", "type": setype, "oldtype": oldsetype, "oldmls": oldmls, "oldclass": oldclass}
2013        else:
2014            iter = self.liststore.append(None)
2015            self.cur_dict["fcontext"][(path, tclass)] = {"action": "-a", "type": setype}
2016        self.liststore.set_value(iter, 0, self.markup(path))
2017        self.liststore.set_value(iter, 1, self.markup(setype))
2018        self.liststore.set_value(iter, 2, self.markup(tclass))
2019
2020        self.files_add = False
2021        self.recursive_path_toggle.set_active(False)
2022        self.new_updates()
2023
2024    def update_to_network(self, *args):
2025        self.network_add = True
2026        ports = self.network_ports_entry.get_text()
2027        if self.error_check_network(ports):
2028            return
2029        if self.network_tcp_button.get_active():
2030            protocol = "tcp"
2031        else:
2032            protocol = "udp"
2033
2034        setype = self.combo_get_active_text(self.network_port_type_combobox)
2035        mls = self.network_mls_entry.get_text()
2036
2037        if self.modify:
2038            iter = self.get_selected_iter()
2039            oldports = self.unmark(self.liststore.get_value(iter, 0))
2040            oldprotocol = self.unmark(self.liststore.get_value(iter, 1))
2041            oldsetype = self.unmark(self.liststore.set_value(iter, 2))
2042            self.cur_dict["port"][(ports, protocol)] = {"action": "-m", "type": setype, "mls": mls, "oldtype": oldsetype, "oldmls": oldmls, "oldprotocol": oldprotocol, "oldports": oldports}
2043        else:
2044            iter = self.liststore.append(None)
2045            self.cur_dict["port"][(ports, protocol)] = {"action": "-a", "type": setype, "mls": mls}
2046        self.liststore.set_value(iter, 0, ports)
2047        self.liststore.set_value(iter, 1, protocol)
2048        self.liststore.set_value(iter, 2, setype)
2049
2050        self.network_add = False
2051        self.network_popup_window.hide()
2052        self.window.set_sensitive(True)
2053        self.new_updates()
2054
2055    def delete_button_clicked(self, *args):
2056        operation = "Add"
2057        self.window.set_sensitive(False)
2058        if self.opage == NETWORK_PAGE:
2059            self.network_delete_liststore.clear()
2060            port_dict = self.cust_dict["port"]
2061            for ports, protocol in port_dict:
2062                setype = port_dict[(ports, protocol)]["type"]
2063                iter = self.network_delete_liststore.append()
2064                self.network_delete_liststore.set_value(iter, 1, ports)
2065                self.network_delete_liststore.set_value(iter, 2, protocol)
2066                self.network_delete_liststore.set_value(iter, 3, setype)
2067            self.show_popup(self.network_delete_window)
2068            return
2069
2070        if self.opage == FILES_PAGE:
2071            self.files_delete_liststore.clear()
2072            fcontext_dict = self.cust_dict["fcontext"]
2073            for path, tclass in fcontext_dict:
2074                setype = fcontext_dict[(path, tclass)]["type"]
2075                iter = self.files_delete_liststore.append()
2076                self.files_delete_liststore.set_value(iter, 1, path)
2077                self.files_delete_liststore.set_value(iter, 2, setype)
2078                self.files_delete_liststore.set_value(iter, 3, sepolicy.file_type_str[tclass])
2079            self.show_popup(self.files_delete_window)
2080            return
2081
2082        if self.opage == USER_PAGE:
2083            self.user_delete_liststore.clear()
2084            user_dict = self.cust_dict["user"]
2085            for user in user_dict:
2086                roles = user_dict[user]["role"]
2087                mls = user_dict[user]["range"]
2088                level = user_dict[user]["level"]
2089                iter = self.user_delete_liststore.append()
2090                self.user_delete_liststore.set_value(iter, 1, user)
2091                self.user_delete_liststore.set_value(iter, 2, roles)
2092                self.user_delete_liststore.set_value(iter, 3, level)
2093                self.user_delete_liststore.set_value(iter, 4, mls)
2094            self.show_popup(self.user_delete_window)
2095            return
2096
2097        if self.opage == LOGIN_PAGE:
2098            self.login_delete_liststore.clear()
2099            login_dict = self.cust_dict["login"]
2100            for login in login_dict:
2101                seuser = login_dict[login]["seuser"]
2102                mls = login_dict[login]["range"]
2103                iter = self.login_delete_liststore.append()
2104                self.login_delete_liststore.set_value(iter, 1, seuser)
2105                self.login_delete_liststore.set_value(iter, 2, login)
2106                self.login_delete_liststore.set_value(iter, 3, mls)
2107            self.show_popup(self.login_delete_window)
2108            return
2109
2110        if self.opage == FILE_EQUIV_PAGE:
2111            self.file_equiv_delete_liststore.clear()
2112            for items in self.file_equiv_liststore:
2113                if items[2]:
2114                    iter = self.file_equiv_delete_liststore.append()
2115                    self.file_equiv_delete_liststore.set_value(iter, 1, self.unmarkup(items[0]))
2116                    self.file_equiv_delete_liststore.set_value(iter, 2, self.unmarkup(items[1]))
2117            self.show_popup(self.file_equiv_delete_window)
2118            return
2119
2120    def on_save_delete_clicked(self, *args):
2121        self.close_popup()
2122        if self.opage == NETWORK_PAGE:
2123            for delete in self.network_delete_liststore:
2124                if delete[0]:
2125                    self.cur_dict["port"][(delete[1], delete[2])] = {"action": "-d", "type": delete[3]}
2126        if self.opage == FILES_PAGE:
2127            for delete in self.files_delete_liststore:
2128                if delete[0]:
2129                    self.cur_dict["fcontext"][(delete[1], reverse_file_type_str[delete[3]])] = {"action": "-d", "type": delete[2]}
2130        if self.opage == USER_PAGE:
2131            for delete in self.user_delete_liststore:
2132                if delete[0]:
2133                    self.cur_dict["user"][delete[1]] = {"action": "-d", "role": delete[2], "range": delete[4]}
2134        if self.opage == LOGIN_PAGE:
2135            for delete in self.login_delete_liststore:
2136                if delete[0]:
2137                    self.cur_dict["login"][delete[2]] = {"action": "-d", "login": delete[2], "seuser": delete[1], "range": delete[3]}
2138        if self.opage == FILE_EQUIV_PAGE:
2139            for delete in self.file_equiv_delete_liststore:
2140                if delete[0]:
2141                    self.cur_dict["fcontext-equiv"][delete[1]] = {"action": "-d", "src": delete[2]}
2142        self.new_updates()
2143
2144    def on_save_delete_file_equiv_clicked(self, *args):
2145        for delete in self.files_delete_liststore:
2146            print(delete[0], delete[1], delete[2],)
2147
2148    def on_toggle_update(self, cell, path, model):
2149        model[path][0] = not model[path][0]
2150
2151    def ipage_delete(self, liststore, key):
2152        ctr = 0
2153        for items in liststore:
2154            if items[0] == key[0] and items[2] == key[1]:
2155                iter = liststore.get_iter(ctr)
2156                liststore.remove(iter)
2157                return
2158            ctr += 1
2159
2160    def on_toggle(self, cell, path, model):
2161        if not path:
2162            return
2163        iter = self.boolean_filter.get_iter(path)
2164        iter = self.boolean_filter.convert_iter_to_child_iter(iter)
2165        name = model.get_value(iter, 2)
2166        model.set_value(iter, 0, not model.get_value(iter, 0))
2167        active = model.get_value(iter, 0)
2168        if name in self.cur_dict["boolean"]:
2169            del(self.cur_dict["boolean"][name])
2170        else:
2171            self.cur_dict["boolean"][name] = {"active": active}
2172        self.new_updates()
2173
2174    def get_advanced_filter_data(self, entry, *args):
2175        self.filter_txt = entry.get_text()
2176        self.advanced_search_filter.refilter()
2177
2178    def get_filter_data(self, windows, *args):
2179        #search for desired item
2180        # The txt that the use rinputs into the filter is stored in filter_txt
2181        self.filter_txt = windows.get_text()
2182        self.treefilter.refilter()
2183
2184    def update_gui(self, *args):
2185        self.update = True
2186        self.update_treestore.clear()
2187        for bools in self.cur_dict["boolean"]:
2188            operation = self.cur_dict["boolean"][bools]["action"]
2189            iter = self.update_treestore.append(None)
2190            self.update_treestore.set_value(iter, 0, True)
2191            self.update_treestore.set_value(iter, 1, sepolicy.boolean_desc(bools))
2192            self.update_treestore.set_value(iter, 2, action[self.cur_dict["boolean"][bools]['active']])
2193            self.update_treestore.set_value(iter, 3, True)
2194            niter = self.update_treestore.append(iter)
2195            self.update_treestore.set_value(niter, 1, (_("SELinux name: %s")) % bools)
2196            self.update_treestore.set_value(niter, 3, False)
2197
2198        for path, tclass in self.cur_dict["fcontext"]:
2199            operation = self.cur_dict["fcontext"][(path, tclass)]["action"]
2200            setype = self.cur_dict["fcontext"][(path, tclass)]["type"]
2201            iter = self.update_treestore.append(None)
2202            self.update_treestore.set_value(iter, 0, True)
2203            self.update_treestore.set_value(iter, 2, operation)
2204            self.update_treestore.set_value(iter, 0, True)
2205            if operation == "-a":
2206                self.update_treestore.set_value(iter, 1, (_("Add file labeling for %s")) % self.application)
2207            if operation == "-d":
2208                self.update_treestore.set_value(iter, 1, (_("Delete file labeling for %s")) % self.application)
2209            if operation == "-m":
2210                self.update_treestore.set_value(iter, 1, (_("Modify file labeling for %s")) % self.application)
2211
2212            niter = self.update_treestore.append(iter)
2213            self.update_treestore.set_value(niter, 3, False)
2214            self.update_treestore.set_value(niter, 1, (_("File path: %s")) % path)
2215            niter = self.update_treestore.append(iter)
2216            self.update_treestore.set_value(niter, 3, False)
2217            self.update_treestore.set_value(niter, 1, (_("File class: %s")) % sepolicy.file_type_str[tclass])
2218            niter = self.update_treestore.append(iter)
2219            self.update_treestore.set_value(niter, 3, False)
2220            self.update_treestore.set_value(niter, 1, (_("SELinux file type: %s")) % setype)
2221
2222        for port, protocol in self.cur_dict["port"]:
2223            operation = self.cur_dict["port"][(port, protocol)]["action"]
2224            iter = self.update_treestore.append(None)
2225            self.update_treestore.set_value(iter, 0, True)
2226            self.update_treestore.set_value(iter, 2, operation)
2227            self.update_treestore.set_value(iter, 3, True)
2228            if operation == "-a":
2229                self.update_treestore.set_value(iter, 1, (_("Add ports for %s")) % self.application)
2230            if operation == "-d":
2231                self.update_treestore.set_value(iter, 1, (_("Delete ports for %s")) % self.application)
2232            if operation == "-m":
2233                self.update_treestore.set_value(iter, 1, (_("Modify ports for %s")) % self.application)
2234
2235            niter = self.update_treestore.append(iter)
2236            self.update_treestore.set_value(niter, 1, (_("Network ports: %s")) % port)
2237            self.update_treestore.set_value(niter, 3, False)
2238            niter = self.update_treestore.append(iter)
2239            self.update_treestore.set_value(niter, 1, (_("Network protocol: %s")) % protocol)
2240            self.update_treestore.set_value(niter, 3, False)
2241            setype = self.cur_dict["port"][(port, protocol)]["type"]
2242            niter = self.update_treestore.append(iter)
2243            self.update_treestore.set_value(niter, 3, False)
2244            self.update_treestore.set_value(niter, 1, (_("SELinux file type: %s")) % setype)
2245
2246        for user in self.cur_dict["user"]:
2247            operation = self.cur_dict["user"][user]["action"]
2248            iter = self.update_treestore.append(None)
2249            self.update_treestore.set_value(iter, 0, True)
2250            self.update_treestore.set_value(iter, 2, operation)
2251            self.update_treestore.set_value(iter, 0, True)
2252            if operation == "-a":
2253                self.update_treestore.set_value(iter, 1, _("Add user"))
2254            if operation == "-d":
2255                self.update_treestore.set_value(iter, 1, _("Delete user"))
2256            if operation == "-m":
2257                self.update_treestore.set_value(iter, 1, _("Modify user"))
2258
2259            niter = self.update_treestore.append(iter)
2260            self.update_treestore.set_value(niter, 1, (_("SELinux User : %s")) % user)
2261            self.update_treestore.set_value(niter, 3, False)
2262            niter = self.update_treestore.append(iter)
2263            self.update_treestore.set_value(niter, 3, False)
2264            roles = self.cur_dict["user"][user]["role"]
2265            self.update_treestore.set_value(niter, 1, (_("Roles: %s")) % roles)
2266            mls = self.cur_dict["user"][user]["range"]
2267            niter = self.update_treestore.append(iter)
2268            self.update_treestore.set_value(niter, 3, False)
2269            self.update_treestore.set_value(niter, 1, _("MLS/MCS Range: %s") % mls)
2270
2271        for login in self.cur_dict["login"]:
2272            operation = self.cur_dict["login"][login]["action"]
2273            iter = self.update_treestore.append(None)
2274            self.update_treestore.set_value(iter, 0, True)
2275            self.update_treestore.set_value(iter, 2, operation)
2276            self.update_treestore.set_value(iter, 0, True)
2277            if operation == "-a":
2278                self.update_treestore.set_value(iter, 1, _("Add login mapping"))
2279            if operation == "-d":
2280                self.update_treestore.set_value(iter, 1, _("Delete login mapping"))
2281            if operation == "-m":
2282                self.update_treestore.set_value(iter, 1, _("Modify login mapping"))
2283
2284            niter = self.update_treestore.append(iter)
2285            self.update_treestore.set_value(niter, 3, False)
2286            self.update_treestore.set_value(niter, 1, (_("Login Name : %s")) % login)
2287            niter = self.update_treestore.append(iter)
2288            self.update_treestore.set_value(niter, 3, False)
2289            seuser = self.cur_dict["login"][login]["seuser"]
2290            self.update_treestore.set_value(niter, 1, (_("SELinux User: %s")) % seuser)
2291            mls = self.cur_dict["login"][login]["range"]
2292            niter = self.update_treestore.append(iter)
2293            self.update_treestore.set_value(niter, 3, False)
2294            self.update_treestore.set_value(niter, 1, _("MLS/MCS Range: %s") % mls)
2295
2296        for path in self.cur_dict["fcontext-equiv"]:
2297            operation = self.cur_dict["fcontext-equiv"][path]["action"]
2298            iter = self.update_treestore.append(None)
2299            self.update_treestore.set_value(iter, 0, True)
2300            self.update_treestore.set_value(iter, 2, operation)
2301            self.update_treestore.set_value(iter, 0, True)
2302            if operation == "-a":
2303                self.update_treestore.set_value(iter, 1, (_("Add file equiv labeling.")))
2304            if operation == "-d":
2305                self.update_treestore.set_value(iter, 1, (_("Delete file equiv labeling.")))
2306            if operation == "-m":
2307                self.update_treestore.set_value(iter, 1, (_("Modify file equiv labeling.")))
2308
2309            niter = self.update_treestore.append(iter)
2310            self.update_treestore.set_value(niter, 3, False)
2311            self.update_treestore.set_value(niter, 1, (_("File path : %s")) % path)
2312            niter = self.update_treestore.append(iter)
2313            self.update_treestore.set_value(niter, 3, False)
2314            src = self.cur_dict["fcontext-equiv"][path]["src"]
2315            self.update_treestore.set_value(niter, 1, (_("Equivalence: %s")) % src)
2316
2317        self.show_popup(self.update_window)
2318
2319    def set_active_application_button(self):
2320        if self.boolean_radio_button.get_active():
2321            self.active_button = self.boolean_radio_button
2322        if self.files_radio_button.get_active():
2323            self.active_button = self.files_radio_button
2324        if self.transitions_radio_button.get_active():
2325            self.active_button = self.transitions_radio_button
2326        if self.network_radio_button.get_active():
2327            self.active_button = self.network_radio_button
2328
2329    def clearbuttons(self, clear=True):
2330        self.main_selection_window.hide()
2331        self.boolean_radio_button.set_visible(False)
2332        self.files_radio_button.set_visible(False)
2333        self.network_radio_button.set_visible(False)
2334        self.transitions_radio_button.set_visible(False)
2335        self.system_radio_button.set_visible(False)
2336        self.lockdown_radio_button.set_visible(False)
2337        self.user_radio_button.set_visible(False)
2338        self.login_radio_button.set_visible(False)
2339        if clear:
2340            self.completion_entry.set_text("")
2341
2342    def show_system_page(self):
2343        self.clearbuttons()
2344        self.system_radio_button.set_visible(True)
2345        self.lockdown_radio_button.set_visible(True)
2346        self.applications_selection_button.set_label(_("System"))
2347        self.system_radio_button.set_active(True)
2348        self.tab_change()
2349        self.idle_func()
2350
2351    def show_file_equiv_page(self, *args):
2352        self.clearbuttons()
2353        self.file_equiv_initialize()
2354        self.file_equiv_radio_button.set_active(True)
2355        self.applications_selection_button.set_label(_("File Equivalence"))
2356        self.tab_change()
2357        self.idle_func()
2358        self.add_button.set_sensitive(True)
2359        self.delete_button.set_sensitive(True)
2360
2361    def show_users_page(self):
2362        self.clearbuttons()
2363        self.login_radio_button.set_visible(True)
2364        self.user_radio_button.set_visible(True)
2365        self.applications_selection_button.set_label(_("Users"))
2366        self.login_radio_button.set_active(True)
2367        self.tab_change()
2368        self.user_initialize()
2369        self.login_initialize()
2370        self.idle_func()
2371        self.add_button.set_sensitive(True)
2372        self.delete_button.set_sensitive(True)
2373
2374    def show_applications_page(self):
2375        self.clearbuttons(False)
2376        self.boolean_radio_button.set_visible(True)
2377        self.files_radio_button.set_visible(True)
2378        self.network_radio_button.set_visible(True)
2379        self.transitions_radio_button.set_visible(True)
2380        self.boolean_radio_button.set_active(True)
2381        self.tab_change()
2382        self.idle_func()
2383
2384    def system_interface(self, *args):
2385        self.show_system_page()
2386
2387    def users_interface(self, *args):
2388        self.show_users_page()
2389
2390    def show_mislabeled_files(self, checkbutton, *args):
2391        iterlist = []
2392        ctr = 0
2393        ipage = self.inner_notebook_files.get_current_page()
2394        if checkbutton.get_active() == True:
2395            for items in self.liststore:
2396                iter = self.treesort.get_iter(ctr)
2397                iter = self.treesort.convert_iter_to_child_iter(iter)
2398                iter = self.treefilter.convert_iter_to_child_iter(iter)
2399                if iter != None:
2400                    if self.liststore.get_value(iter, 4) == False:
2401                        iterlist.append(iter)
2402                    ctr += 1
2403            for iters in iterlist:
2404                self.liststore.remove(iters)
2405
2406        elif self.application != None:
2407            self.liststore.clear()
2408            if ipage == EXE_PAGE:
2409                self.executable_files_initialize(self.application)
2410            elif ipage == WRITABLE_PAGE:
2411                self.writable_files_initialize(self.application)
2412            elif ipage == APP_PAGE:
2413                self.application_files_initialize(self.application)
2414
2415    def fix_mislabeled(self, path):
2416        cur = selinux.getfilecon(path)[1].split(":")[2]
2417        con = selinux.matchpathcon(path, 0)[1].split(":")[2]
2418        if self.verify(_("Run restorecon on %(PATH)s to change its type from %(CUR_CONTEXT)s to the default %(DEF_CONTEXT)s?") % {"PATH": path, "CUR_CONTEXT": cur, "DEF_CONTEXT": con}, title="restorecon dialog") == Gtk.ResponseType.YES:
2419            self.dbus.restorecon(path)
2420            self.application_selected()
2421
2422    def new_updates(self, *args):
2423        self.update_button.set_sensitive(self.modified())
2424        self.revert_button.set_sensitive(self.modified())
2425
2426    def update_or_revert_changes(self, button, *args):
2427        self.update_gui()
2428        self.update = (button.get_label() == _("Update"))
2429        if self.update:
2430            self.update_window.set_title(_("Update Changes"))
2431        else:
2432            self.update_window.set_title(_("Revert Changes"))
2433
2434    def apply_changes_button_press(self, *args):
2435        self.close_popup()
2436        if self.update:
2437            self.update_the_system()
2438        else:
2439            self.revert_data()
2440        self.finish_init = False
2441        self.previously_modified_initialize(self.dbus.customized())
2442        self.finish_init = True
2443        self.clear_filters()
2444        self.application_selected()
2445        self.new_updates()
2446        self.update_treestore.clear()
2447
2448    def update_the_system(self, *args):
2449        self.close_popup()
2450        update_buffer = self.format_update()
2451        self.wait_mouse()
2452        try:
2453            self.dbus.semanage(update_buffer)
2454        except dbus.exceptions.DBusException as e:
2455            print(e)
2456        self.ready_mouse()
2457        self.init_cur()
2458
2459    def ipage_value_lookup(self, lookup):
2460        ipage_values = {"Executable Files": 0, "Writable Files": 1, "Application File Type": 2, "Inbound": 1, "Outbound": 0}
2461        for value in ipage_values:
2462            if value == lookup:
2463                return ipage_values[value]
2464        return "Booleans"
2465
2466    def get_attributes_update(self, attribute):
2467        attribute = attribute.split(": ")[1]
2468        bool_id = attribute.split(": ")[0]
2469        if bool_id == "SELinux name":
2470            self.bool_revert = attribute
2471        else:
2472            return attribute
2473
2474    def format_update(self):
2475        self.revert_data()
2476        update_buffer = ""
2477        for k in self.cur_dict:
2478            if k in "boolean":
2479                for b in self.cur_dict[k]:
2480                    update_buffer += "boolean -m -%d %s\n" % (self.cur_dict[k][b]["active"], b)
2481            if k in "login":
2482                for l in self.cur_dict[k]:
2483                    if self.cur_dict[k][l]["action"] == "-d":
2484                        update_buffer += "login -d %s\n" % l
2485                    else:
2486                        update_buffer += "login %s -s %s -r %s %s\n" % (self.cur_dict[k][l]["action"], self.cur_dict[k][l]["seuser"], self.cur_dict[k][l]["range"], l)
2487            if k in "user":
2488                for u in self.cur_dict[k]:
2489                    if self.cur_dict[k][u]["action"] == "-d":
2490                        update_buffer += "user -d %s\n" % u
2491                    else:
2492                        update_buffer += "user %s -L %s -r %s -R %s %s\n" % (self.cur_dict[k][u]["action"], self.cur_dict[k][u]["level"], self.cur_dict[k][u]["range"], self.cur_dict[k][u]["role"], u)
2493
2494            if k in "fcontext-equiv":
2495                for f in self.cur_dict[k]:
2496                    if self.cur_dict[k][f]["action"] == "-d":
2497                        update_buffer += "fcontext -d %s\n" % f
2498                    else:
2499                        update_buffer += "fcontext %s -e %s %s\n" % (self.cur_dict[k][f]["action"], self.cur_dict[k][f]["src"], f)
2500
2501            if k in "fcontext":
2502                for f in self.cur_dict[k]:
2503                    if self.cur_dict[k][f]["action"] == "-d":
2504                        update_buffer += "fcontext -d %s\n" % f
2505                    else:
2506                        update_buffer += "fcontext %s -t %s -f %s %s\n" % (self.cur_dict[k][f]["action"], self.cur_dict[k][f]["type"], self.cur_dict[k][f]["class"], f)
2507
2508            if k in "port":
2509                for port, protocol in self.cur_dict[k]:
2510                    if self.cur_dict[k][(port, protocol)]["action"] == "-d":
2511                        update_buffer += "port -d -p %s %s\n" % (protocol, port)
2512                    else:
2513                        update_buffer += "port %s -t %s -p %s %s\n" % (self.cur_dict[k][f]["action"], self.cur_dict[k][f]["type"], procotol, port)
2514
2515        return update_buffer
2516
2517    def revert_data(self):
2518        ctr = 0
2519        remove_list = []
2520        update_buffer = ""
2521        for items in self.update_treestore:
2522            if not self.update_treestore[ctr][0]:
2523                remove_list.append(ctr)
2524            ctr += 1
2525        remove_list.reverse()
2526        for ctr in remove_list:
2527            self.remove_cur(ctr)
2528
2529    def reveal_advanced_system(self, label, *args):
2530        advanced = label.get_text() == ADVANCED_LABEL[0]
2531        if advanced:
2532            label.set_text(ADVANCED_LABEL[1])
2533        else:
2534            label.set_text(ADVANCED_LABEL[0])
2535        self.system_policy_label.set_visible(advanced)
2536        self.system_policy_type_combobox.set_visible(advanced)
2537
2538    def reveal_advanced(self, label, *args):
2539        advanced = label.get_text() == ADVANCED_LABEL[0]
2540        if advanced:
2541            label.set_text(ADVANCED_LABEL[1])
2542        else:
2543            label.set_text(ADVANCED_LABEL[0])
2544        self.files_mls_label.set_visible(advanced)
2545        self.files_mls_entry.set_visible(advanced)
2546        self.network_mls_label.set_visible(advanced)
2547        self.network_mls_entry.set_visible(advanced)
2548
2549    def on_show_advanced_search_window(self, label, *args):
2550        if label.get_text() == ADVANCED_SEARCH_LABEL[1]:
2551            label.set_text(ADVANCED_SEARCH_LABEL[0])
2552            self.close_popup()
2553        else:
2554            label.set_text(ADVANCED_SEARCH_LABEL[1])
2555            self.show_popup(self.advanced_search_window)
2556
2557    def set_enforce_text(self, value):
2558        if value:
2559            self.status_bar.push(self.context_id, _("System Status: Enforcing"))
2560            self.current_status_enforcing.set_active(True)
2561        else:
2562            self.status_bar.push(self.context_id, _("System Status: Permissive"))
2563            self.current_status_permissive.set_active(True)
2564
2565    def set_enforce(self, button):
2566        if not self.finish_init:
2567            return
2568
2569        self.dbus.setenforce(button.get_active())
2570        self.set_enforce_text(button.get_active())
2571
2572    def on_browse_select(self, *args):
2573        filename = self.file_dialog.get_filename()
2574        if filename == None:
2575            return
2576        self.clear_entry = False
2577        self.file_dialog.hide()
2578        self.files_path_entry.set_text(filename)
2579        if self.import_export == 'Import':
2580            self.import_config(filename)
2581        elif self.import_export == 'Export':
2582            self.export_config(filename)
2583
2584    def recursive_path(self, *args):
2585        path = self.files_path_entry.get_text()
2586        if self.recursive_path_toggle.get_active():
2587            if not path.endswith("(/.*)?"):
2588                self.files_path_entry.set_text(path + "(/.*)?")
2589        elif path.endswith("(/.*)?"):
2590            path = path.split("(/.*)?")[0]
2591            self.files_path_entry.set_text(path)
2592
2593    def highlight_entry_text(self, entry_obj, *args):
2594        txt = entry_obj.get_text()
2595        if self.clear_entry:
2596            entry_obj.set_text('')
2597            self.clear_entry = False
2598
2599    def autofill_add_files_entry(self, entry):
2600        text = entry.get_text()
2601        if text == '':
2602            return
2603        if text.endswith("(/.*)?"):
2604            self.recursive_path_toggle.set_active(True)
2605        for d in sepolicy.DEFAULT_DIRS:
2606            if text.startswith(d):
2607                for t in self.files_type_combolist:
2608                    if t[0].endswith(sepolicy.DEFAULT_DIRS[d]):
2609                        self.combo_set_active_text(self.files_type_combobox, t[0])
2610
2611    def resize_columns(self, *args):
2612        self.boolean_column_1 = self.boolean_treeview.get_col(1)
2613        width = self.boolean_column_1.get_width()
2614        renderer = self.boolean_column_1.get_cell_renderers()
2615
2616    def browse_for_files(self, *args):
2617        self.file_dialog.show()
2618
2619    def close_config_window(self, *args):
2620        self.file_dialog.hide()
2621
2622    def change_default_policy(self, *args):
2623        if self.typeHistory == self.system_policy_type_combobox.get_active():
2624            return
2625
2626        if self.verify(_("Changing the policy type will cause a relabel of the entire file system on the next boot. Relabeling takes a long time depending on the size of the file system.  Do you wish to continue?")) == Gtk.ResponseType.NO:
2627            self.system_policy_type_combobox.set_active(self.typeHistory)
2628            return None
2629
2630        self.dbus.change_default_policy(self.combo_get_active_text(self.system_policy_type_combobox))
2631        self.dbus.relabel_on_boot(True)
2632        self.typeHistory = self.system_policy_type_combobox.get_active()
2633
2634    def change_default_mode(self, button):
2635        if not self.finish_init:
2636            return
2637        self.enabled_changed(button)
2638        if button.get_active():
2639            self.dbus.change_default_mode(button.get_label().lower())
2640
2641    def import_config_show(self, *args):
2642        self.file_dialog.set_action(Gtk.FileChooserAction.OPEN)
2643        self.file_dialog.set_title("Import Configuration")
2644        self.file_dialog.show()
2645        #self.file_dialog.set_uri('/tmp')
2646        self.import_export = 'Import'
2647
2648    def export_config_show(self, *args):
2649        self.file_dialog.set_action(Gtk.FileChooserAction.SAVE)
2650        self.file_dialog.set_title("Export Configuration")
2651        self.file_dialog.show()
2652        self.import_export = 'Export'
2653
2654    def export_config(self, filename):
2655        self.wait_mouse()
2656        buf = self.dbus.customized()
2657        fd = open(filename, 'w')
2658        fd.write(buf)
2659        fd.close()
2660        self.ready_mouse()
2661
2662    def import_config(self, filename):
2663        fd = open(filename, "r")
2664        buf = fd.read()
2665        fd.close()
2666        self.wait_mouse()
2667        try:
2668            self.dbus.semanage(buf)
2669        except OSError:
2670            pass
2671        self.ready_mouse()
2672
2673    def init_dictionary(self, dic, app, ipage, operation, p, q, ftype, mls, changed, old):
2674        if (app, ipage, operation) not in dic:
2675            dic[app, ipage, operation] = {}
2676        if (p, q) not in dic[app, ipage, operation]:
2677            dic[app, ipage, operation][p, q] = {'type': ftype, 'mls': mls, 'changed': changed, 'old': old}
2678
2679    def translate_bool(self, b):
2680        b = b.split('-')[1]
2681        if b == '0':
2682            return False
2683        if b == '1':
2684            return True
2685
2686    def relabel_on_reboot(self, *args):
2687        active = self.relabel_button.get_active()
2688        exists = os.path.exists("/.autorelabel")
2689
2690        if active and exists:
2691            return
2692        if not active and not exists:
2693            return
2694        try:
2695            self.dbus.relabel_on_boot(active)
2696        except dbus.exceptions.DBusException as e:
2697            self.error(e)
2698
2699    def closewindow(self, window, *args):
2700        window.hide()
2701        self.recursive_path_toggle.set_active(False)
2702        self.window.set_sensitive(True)
2703        if self.moreTypes_window_files == window:
2704            self.show_popup(self.files_popup_window)
2705            if self.combo_get_active_text(self.files_type_combobox) == _('More...'):
2706                self.files_type_combobox.set_active(0)
2707        if self.error_check_window == window:
2708            if self.files_add:
2709                self.show_popup(self.files_popup_window)
2710            elif self.network_add:
2711                self.show_popup(self.network_popup_window)
2712        if self.files_mls_label.get_visible() or self.network_mls_label.get_visible():
2713            self.advanced_text_files.set_visible(True)
2714            self.files_mls_label.set_visible(False)
2715            self.files_mls_entry.set_visible(False)
2716            self.advanced_text_network.set_visible(True)
2717            self.network_mls_label.set_visible(False)
2718            self.network_mls_entry.set_visible(False)
2719        if self.main_advanced_label.get_text() == ADVANCED_SEARCH_LABEL[1]:
2720            self.main_advanced_label.set_text(ADVANCED_SEARCH_LABEL[0])
2721        return True
2722
2723    def wait_mouse(self):
2724        self.window.get_window().set_cursor(self.busy_cursor)
2725        self.idle_func()
2726
2727    def ready_mouse(self):
2728        self.window.get_window().set_cursor(self.ready_cursor)
2729        self.idle_func()
2730
2731    def verify(self, message, title=""):
2732        dlg = Gtk.MessageDialog(None, 0, Gtk.MessageType.INFO,
2733                                Gtk.ButtonsType.YES_NO,
2734                                message)
2735        dlg.set_title(title)
2736        dlg.set_position(Gtk.WindowPosition.MOUSE)
2737        dlg.show_all()
2738        rc = dlg.run()
2739        dlg.destroy()
2740        return rc
2741
2742    def error(self, message):
2743        dlg = Gtk.MessageDialog(None, 0, Gtk.MessageType.ERROR,
2744                                Gtk.ButtonsType.CLOSE,
2745                                message)
2746        dlg.set_position(Gtk.WindowPosition.MOUSE)
2747        dlg.show_all()
2748        dlg.run()
2749        dlg.destroy()
2750
2751    def enabled_changed(self, radio):
2752        if not radio.get_active():
2753            return
2754        label = radio.get_label()
2755        if label == 'Disabled' and self.enforce_mode != DISABLED:
2756            if self.verify(_("Changing to SELinux disabled requires a reboot.  It is not recommended.  If you later decide to turn SELinux back on, the system will be required to relabel.  If you just want to see if SELinux is causing a problem on your system, you can go to permissive mode which will only log errors and not enforce SELinux policy.  Permissive mode does not require a reboot.  Do you wish to continue?")) == Gtk.ResponseType.NO:
2757                self.enforce_button.set_active(True)
2758
2759        if label != 'Disabled' and self.enforce_mode == DISABLED:
2760            if self.verify(_("Changing to SELinux enabled will cause a relabel of the entire file system on the next boot. Relabeling takes a long time depending on the size of the file system.  Do you wish to continue?")) == Gtk.ResponseType.NO:
2761                self.enforce_button.set_active(True)
2762        self.enforce_button = radio
2763
2764    def clear_filters(self, *args):
2765        self.filter_entry.set_text('')
2766        self.show_modified_only.set_active(False)
2767
2768    def unconfined_toggle(self, *args):
2769        if not self.finish_init:
2770            return
2771        self.wait_mouse()
2772        if self.enable_unconfined_button.get_active():
2773            self.dbus.semanage("module -e unconfined")
2774        else:
2775            self.dbus.semanage("module -d unconfined")
2776        self.ready_mouse()
2777
2778    def permissive_toggle(self, *args):
2779        if not self.finish_init:
2780            return
2781        self.wait_mouse()
2782        if self.enable_permissive_button.get_active():
2783            self.dbus.semanage("module -e permissivedomains")
2784        else:
2785            self.dbus.semanage("module -d permissivedomains")
2786        self.ready_mouse()
2787
2788    def confirmation_close(self, button, *args):
2789        if len(self.update_treestore) > 0:
2790            if self.verify(_("You are attempting to close the application without applying your changes.\n    *    To apply changes you have made during this session, click No and click Update.\n    *    To leave the application without applying your changes, click Yes.  All changes that you have made during this session will be lost."), _("Loss of data Dialog")) == Gtk.ResponseType.NO:
2791                return True
2792        self.quit()
2793
2794    def quit(self, *args):
2795        sys.exit(0)
2796
2797if __name__ == '__main__':
2798    start = SELinuxGui()
2799