* Mon Apr 9 2007 Dan Walsh <dwalsh@redhat.com> 2.0.7-10

- Add filter to booleans page
2007-04-09 14:15:34 +00:00 · 2007-04-09 14:15:34 +00:00 · 841174a0a4
commit 841174a0a4
parent 3001352ed7
2 changed files with 150 additions and 43 deletions
--- a/policycoreutils-gui.patch
+++ b/policycoreutils-gui.patch
@ -1,7 +1,7 @@
 diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/booleansPage.py policycoreutils-2.0.7/gui/booleansPage.py
 --- nsapolicycoreutils/gui/booleansPage.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.7/gui/booleansPage.py	2007-03-23 09:03:56.000000000 -0400
-@@ -0,0 +1,202 @@
+++ policycoreutils-2.0.7/gui/booleansPage.py	2007-04-06 15:20:14.000000000 -0400
+@@ -0,0 +1,224 @@
 +#
 +# booleansPage.py - GUI for Booleans page in system-config-securitylevel
 +#
@ -35,7 +35,6 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/booleansPage.py poli
 +INSTALLPATH='/usr/share/system-config-selinux'
 +sys.path.append(INSTALLPATH)
 +
-+from Conf import *
 +import commands
 +ENFORCING=0
 +PERMISSIVE=1
@ -55,6 +54,8 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/booleansPage.py poli
 +    import __builtin__
 +    __builtin__.__dict__['_'] = unicode
 +
+from glob import fnmatch
+
 +class Translation:
 +    def __init__(self):
 +        self.translation={}
@ -71,6 +72,15 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/booleansPage.py poli
 +            except:
 +                continue
 +
+    def match(self,key, filter=""):
+        try:
+            f=filter.lower()
+            val=self.get_value(key).lower()
+            k=key.lower()
+            return val.find(f) >= 0 or k.find(f) >= 0
+        except:
+            return False
+
 +    def get_category(self,key):
 +        try:
 +            return _(self.translation[key][0])
@ -153,6 +163,10 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/booleansPage.py poli
 +        # Bring in widgets from glade file.
 +        self.typeHBox = xml.get_widget("typeHBox")
 +        self.booleanSW = xml.get_widget("booleanSW")
+        self.booleansFilter = xml.get_widget("booleansFilter")
+        self.booleansFilter.connect("focus_out_event", self.filter_changed)
+        self.booleansFilter.connect("activate", self.filter_changed)
+        
 +        self.booleansView = xml.get_widget("booleansView")
 +        self.typeLabel = xml.get_widget("typeLabel")
 +        self.modifySeparator = xml.get_widget("modifySeparator")
@ -173,25 +187,33 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/booleansPage.py poli
 +
 +        col = gtk.TreeViewColumn("", gtk.CellRendererText(), text=1)
 +        self.booleansView.append_column(col)
-+        self.refreshBooleans()
+        self.filter=""
+        self.refreshBooleans(self.filter)
 +            
+    def filter_changed(self, *arg):
+        filter =  arg[0].get_text()
+        if filter != self.filter:
+            self.refreshBooleans(filter)
+            self.filter=filter
+        
 +    def use_menus(self):
 +        return False
 +    
 +    def get_description(self):
 +        return _("Boolean")
 +
-+    def refreshBooleans(self):
+    def refreshBooleans(self, filter=None):
 +        self.modifiers=Modifiers(self.booleansStore)
 +        booleansList=commands.getoutput("/usr/sbin/getsebool -a").split("\n")
 +        for i in booleansList:
 +            rec=i.split()
 +            name=rec[0]
-+            if rec[2]=="on" or rec[2]=="active":
-+                on=1
-+            else:
-+                on=0
-+            self.modifiers.add(name,Boolean(name,on))
+            if self.translation.match(name, filter):
+                if rec[2]=="on" or rec[2]=="active":
+                    on=1
+                else:
+                    on=0
+                self.modifiers.add(name,Boolean(name,on))
 +
 +    def boolean_toggled(self, widget, row):
 +        if len(row) == 1:
@ -664,8 +686,8 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/mappingsPage.py poli
 +
 diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/modulesPage.py policycoreutils-2.0.7/gui/modulesPage.py
 --- nsapolicycoreutils/gui/modulesPage.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.7/gui/modulesPage.py	2007-03-23 09:03:56.000000000 -0400
-@@ -0,0 +1,170 @@
+++ policycoreutils-2.0.7/gui/modulesPage.py	2007-04-05 10:09:19.000000000 -0400
+@@ -0,0 +1,172 @@
 +## modulesPage.py - show selinux mappings
 +## Copyright (C) 2006 Red Hat, Inc.
 +
@ -749,15 +771,17 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/modulesPage.py polic
 +
 +    def load(self):
 +        self.store.clear()
-+        fd=os.popen("semodule -l")
-+        l = fd.readlines()
-+        fd.close()
-+        for i in l:
-+            module, ver = i.split('\t')
-+            iter = self.store.append()
-+            self.store.set_value(iter, 0, module.strip())
-+            self.store.set_value(iter, 1, ver.strip())
-+        
+        try:
+            fd=os.popen("semodule -l")
+            l = fd.readlines()
+            fd.close()
+            for i in l:
+                module, ver = i.split('\t')
+                iter = self.store.append()
+                self.store.set_value(iter, 0, module.strip())
+                self.store.set_value(iter, 1, ver.strip())
+        except:
+            pass
 +        self.view.get_selection().select_path ((0,))
 +    
 +
@ -2855,8 +2879,8 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/portsPage.py policyc
 +
 diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/selinux.tbl policycoreutils-2.0.7/gui/selinux.tbl
 --- nsapolicycoreutils/gui/selinux.tbl	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.7/gui/selinux.tbl	2007-03-23 09:03:56.000000000 -0400
-@@ -0,0 +1,265 @@
+++ policycoreutils-2.0.7/gui/selinux.tbl	2007-04-06 15:33:02.000000000 -0400
+@@ -0,0 +1,274 @@
 +acct_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for acct daemon")
 +allow_cvs_read_shadow  _("CVS") _("Allow cvs daemon to read shadow")
 +allow_daemons_dump_core _("Admin") _("Allow all daemons to write corefiles to /.")
@ -2865,6 +2889,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/selinux.tbl policyco
 +allow_execmem _("Memory Protection") _("Allow unconfined executables to map a memory region as both executable and writable, this is dangerous and the executable should be reported in bugzilla")
 +allow_execmod _("Memory Protection") _("Allow all unconfined executables to use libraries requiring text relocation that are not labeled textrel_shlib_t")
 +allow_execstack _("Memory Protection") _("Allow unconfined executables to make their stack executable.  This should never, ever be neessary. Probably indicates a badly coded executable, but could indicate an attack. This executable should be reported in bugzilla")
+allow_ftpd_full_access _("FTP") _("Allow ftpd to full access to the system")
 +allow_ftpd_anon_write _("FTP") _("Allow ftpd to upload files to directories labeled public_content_rw_t")
 +allow_ftpd_use_cifs _("FTP") _("Allow ftp servers to use cifs used for public file transfer services.")
 +allow_ftpd_use_nfs _("FTP") _("Allow ftp servers to use nfs used for public file transfer services.")
@ -3004,8 +3029,8 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/selinux.tbl policyco
 +nessusd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for nessusd daemon")
 +NetworkManager_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for NetworkManager")
 +nfsd_disable_trans _("NFS") _("Disable SELinux protection for nfsd daemon")
-+nfs_export_all_ro _("NFS") _("Allow the reading on any NFS file system")
-+nfs_export_all_rw _("NFS") _("Allow the read/write/create on any NFS file system")
+nfs_export_all_ro _("NFS") _("Allow NFS to share any file/directory read only")
+nfs_export_all_rw _("NFS") _("Allow NFS to share any file/directory read/write")
 +nmbd_disable_trans _("Samba") _("Disable SELinux protection for nmbd daemon")
 +nrpe_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for nrpe daemon")
 +nscd_disable_trans _("Name Service") _("Disable SELinux protection for nscd daemon")
@ -3065,7 +3090,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/selinux.tbl policyco
 +snort_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for snort daemon")
 +soundd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for soundd daemon")
 +sound_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for sound daemon")
-+spamassasin_can_network _("Spam Assassin") _("Allow Spam Assasin daemon network access")
+spamassassin_can_network _("Spam Assassin") _("Allow Spam Assasin daemon network access")
 +spamd_disable_trans _("spam Protection") _("Disable SELinux protection for spamd daemon")
 +spamd_enable_home_dirs _("spam Protection") _("Allow spamd to access home directories")
 +spammassasin_can_network _("spam Protection") _("Allow spammassasin to access the network")
@ -3122,6 +3147,14 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/selinux.tbl policyco
 +ypserv_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for ypserv daemon")
 +ypxfr_disable_trans _("NIS") _("Disable SELinux protection for NIS Transfer Daemon")
 +zebra_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for zebra daemon")
+httpd_use_cifs _("HTTPD Service") _("Allow httpd to access samba/cifs file systems.")
+httpd_use_nfs _("HTTPD Service") _("Allow httpd to access nfs file systems.")
+samba_domain_controller _("Samba") _("Allow samba to act as the domain controller, add users, groups and change passwords")
+samba_export_all_ro _("Samba") _("Allow Samba to share any file/directory read only")
+samba_export_all_rw _("Samba") _("Allow Samba to share any file/directory read/write")
+webadm_manage_users_files _("HTTPD Service") _("Allow httpd to access nfs file systems.")
+webadm_read_users_files _("HTTPD Service") _("Allow httpd to access nfs file systems.")
+
 diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/semanagePage.py policycoreutils-2.0.7/gui/semanagePage.py
 --- nsapolicycoreutils/gui/semanagePage.py	1969-12-31 19:00:00.000000000 -0500
 +++ policycoreutils-2.0.7/gui/semanagePage.py	2007-03-23 09:03:56.000000000 -0400
@ -3467,8 +3500,8 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/statusPage.py policy
 +
 diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinux.glade policycoreutils-2.0.7/gui/system-config-selinux.glade
 --- nsapolicycoreutils/gui/system-config-selinux.glade	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.7/gui/system-config-selinux.glade	2007-03-23 09:03:56.000000000 -0400
-@@ -0,0 +1,2885 @@
+++ policycoreutils-2.0.7/gui/system-config-selinux.glade	2007-04-06 15:13:41.000000000 -0400
+@@ -0,0 +1,2956 @@
 +<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*-->
 +<!DOCTYPE glade-interface SYSTEM "http://glade.gnome.org/glade-2.0.dtd">
 +
@ -5339,26 +5372,97 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinu
 +	      </child>
 +
 +	      <child>
-+		<widget class="GtkScrolledWindow" id="scrolledwindow18">
+		<widget class="GtkVBox" id="vbox18">
 +		  <property name="visible">True</property>
-+		  <property name="can_focus">True</property>
-+		  <property name="hscrollbar_policy">GTK_POLICY_ALWAYS</property>
-+		  <property name="vscrollbar_policy">GTK_POLICY_ALWAYS</property>
-+		  <property name="shadow_type">GTK_SHADOW_NONE</property>
-+		  <property name="window_placement">GTK_CORNER_TOP_LEFT</property>
+		  <property name="homogeneous">False</property>
+		  <property name="spacing">0</property>
 +
 +		  <child>
-+		    <widget class="GtkTreeView" id="booleansView">
+		    <widget class="GtkHBox" id="hbox7">
+		      <property name="visible">True</property>
+		      <property name="homogeneous">False</property>
+		      <property name="spacing">0</property>
+
+		      <child>
+			<widget class="GtkLabel" id="label51">
+			  <property name="visible">True</property>
+			  <property name="label" translatable="yes">Filter</property>
+			  <property name="use_underline">False</property>
+			  <property name="use_markup">False</property>
+			  <property name="justify">GTK_JUSTIFY_LEFT</property>
+			  <property name="wrap">False</property>
+			  <property name="selectable">False</property>
+			  <property name="xalign">0.5</property>
+			  <property name="yalign">0.5</property>
+			  <property name="xpad">0</property>
+			  <property name="ypad">0</property>
+			  <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
+			  <property name="width_chars">-1</property>
+			  <property name="single_line_mode">False</property>
+			  <property name="angle">0</property>
+			</widget>
+			<packing>
+			  <property name="padding">10</property>
+			  <property name="expand">False</property>
+			  <property name="fill">False</property>
+			</packing>
+		      </child>
+
+		      <child>
+			<widget class="GtkEntry" id="booleansFilter">
+			  <property name="visible">True</property>
+			  <property name="can_focus">True</property>
+			  <property name="editable">True</property>
+			  <property name="visibility">True</property>
+			  <property name="max_length">0</property>
+			  <property name="text" translatable="yes"></property>
+			  <property name="has_frame">True</property>
+			  <property name="invisible_char">•</property>
+			  <property name="activates_default">False</property>
+			  <signal name="changed" handler="on_booleansFilter_changed" last_modification_time="Fri, 06 Apr 2007 12:39:26 GMT"/>
+			</widget>
+			<packing>
+			  <property name="padding">0</property>
+			  <property name="expand">True</property>
+			  <property name="fill">True</property>
+			</packing>
+		      </child>
+		    </widget>
+		    <packing>
+		      <property name="padding">10</property>
+		      <property name="expand">False</property>
+		      <property name="fill">True</property>
+		    </packing>
+		  </child>
+
+		  <child>
+		    <widget class="GtkScrolledWindow" id="scrolledwindow18">
 +		      <property name="visible">True</property>
 +		      <property name="can_focus">True</property>
-+		      <property name="headers_visible">False</property>
-+		      <property name="rules_hint">False</property>
-+		      <property name="reorderable">False</property>
-+		      <property name="enable_search">True</property>
-+		      <property name="fixed_height_mode">False</property>
-+		      <property name="hover_selection">False</property>
-+		      <property name="hover_expand">False</property>
+		      <property name="hscrollbar_policy">GTK_POLICY_ALWAYS</property>
+		      <property name="vscrollbar_policy">GTK_POLICY_ALWAYS</property>
+		      <property name="shadow_type">GTK_SHADOW_NONE</property>
+		      <property name="window_placement">GTK_CORNER_TOP_LEFT</property>
+
+		      <child>
+			<widget class="GtkTreeView" id="booleansView">
+			  <property name="visible">True</property>
+			  <property name="can_focus">True</property>
+			  <property name="headers_visible">False</property>
+			  <property name="rules_hint">False</property>
+			  <property name="reorderable">False</property>
+			  <property name="enable_search">True</property>
+			  <property name="fixed_height_mode">False</property>
+			  <property name="hover_selection">False</property>
+			  <property name="hover_expand">False</property>
+			</widget>
+		      </child>
 +		    </widget>
+		    <packing>
+		      <property name="padding">0</property>
+		      <property name="expand">True</property>
+		      <property name="fill">True</property>
+		    </packing>
 +		  </child>
 +		</widget>
 +		<packing>
--- a/policycoreutils.spec
+++ b/policycoreutils.spec
@ -6,7 +6,7 @@
 Summary: SELinux policy core utilities.
 Name: policycoreutils
 Version: 2.0.7
-Release: 9%{?dist}
+Release: 10%{?dist}
 License: GPL
 Group: System Environment/Base
 Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz
@ -186,6 +186,9 @@ if [ "$1" -ge "1" ]; then
 fi

 %changelog
+* Mon Apr 9 2007 Dan Walsh <dwalsh@redhat.com> 2.0.7-10
+- Add filter to booleans page
+
 * Tue Apr 3 2007 Dan Walsh <dwalsh@redhat.com> 2.0.7-9
 - Fix polgen.py to not generate udp rules on tcp input