* Mon Apr 9 2007 Dan Walsh <dwalsh@redhat.com> 2.0.7-10

- Add filter to booleans page
This commit is contained in:
Daniel J Walsh 2007-04-09 14:15:34 +00:00
parent 3001352ed7
commit 841174a0a4
2 changed files with 150 additions and 43 deletions

View File

@ -1,7 +1,7 @@
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/booleansPage.py policycoreutils-2.0.7/gui/booleansPage.py
--- nsapolicycoreutils/gui/booleansPage.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.7/gui/booleansPage.py 2007-03-23 09:03:56.000000000 -0400
@@ -0,0 +1,202 @@
+++ policycoreutils-2.0.7/gui/booleansPage.py 2007-04-06 15:20:14.000000000 -0400
@@ -0,0 +1,224 @@
+#
+# booleansPage.py - GUI for Booleans page in system-config-securitylevel
+#
@ -35,7 +35,6 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/booleansPage.py poli
+INSTALLPATH='/usr/share/system-config-selinux'
+sys.path.append(INSTALLPATH)
+
+from Conf import *
+import commands
+ENFORCING=0
+PERMISSIVE=1
@ -55,6 +54,8 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/booleansPage.py poli
+ import __builtin__
+ __builtin__.__dict__['_'] = unicode
+
+from glob import fnmatch
+
+class Translation:
+ def __init__(self):
+ self.translation={}
@ -71,6 +72,15 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/booleansPage.py poli
+ except:
+ continue
+
+ def match(self,key, filter=""):
+ try:
+ f=filter.lower()
+ val=self.get_value(key).lower()
+ k=key.lower()
+ return val.find(f) >= 0 or k.find(f) >= 0
+ except:
+ return False
+
+ def get_category(self,key):
+ try:
+ return _(self.translation[key][0])
@ -153,6 +163,10 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/booleansPage.py poli
+ # Bring in widgets from glade file.
+ self.typeHBox = xml.get_widget("typeHBox")
+ self.booleanSW = xml.get_widget("booleanSW")
+ self.booleansFilter = xml.get_widget("booleansFilter")
+ self.booleansFilter.connect("focus_out_event", self.filter_changed)
+ self.booleansFilter.connect("activate", self.filter_changed)
+
+ self.booleansView = xml.get_widget("booleansView")
+ self.typeLabel = xml.get_widget("typeLabel")
+ self.modifySeparator = xml.get_widget("modifySeparator")
@ -173,7 +187,14 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/booleansPage.py poli
+
+ col = gtk.TreeViewColumn("", gtk.CellRendererText(), text=1)
+ self.booleansView.append_column(col)
+ self.refreshBooleans()
+ self.filter=""
+ self.refreshBooleans(self.filter)
+
+ def filter_changed(self, *arg):
+ filter = arg[0].get_text()
+ if filter != self.filter:
+ self.refreshBooleans(filter)
+ self.filter=filter
+
+ def use_menus(self):
+ return False
@ -181,12 +202,13 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/booleansPage.py poli
+ def get_description(self):
+ return _("Boolean")
+
+ def refreshBooleans(self):
+ def refreshBooleans(self, filter=None):
+ self.modifiers=Modifiers(self.booleansStore)
+ booleansList=commands.getoutput("/usr/sbin/getsebool -a").split("\n")
+ for i in booleansList:
+ rec=i.split()
+ name=rec[0]
+ if self.translation.match(name, filter):
+ if rec[2]=="on" or rec[2]=="active":
+ on=1
+ else:
@ -664,8 +686,8 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/mappingsPage.py poli
+
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/modulesPage.py policycoreutils-2.0.7/gui/modulesPage.py
--- nsapolicycoreutils/gui/modulesPage.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.7/gui/modulesPage.py 2007-03-23 09:03:56.000000000 -0400
@@ -0,0 +1,170 @@
+++ policycoreutils-2.0.7/gui/modulesPage.py 2007-04-05 10:09:19.000000000 -0400
@@ -0,0 +1,172 @@
+## modulesPage.py - show selinux mappings
+## Copyright (C) 2006 Red Hat, Inc.
+
@ -749,6 +771,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/modulesPage.py polic
+
+ def load(self):
+ self.store.clear()
+ try:
+ fd=os.popen("semodule -l")
+ l = fd.readlines()
+ fd.close()
@ -757,7 +780,8 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/modulesPage.py polic
+ iter = self.store.append()
+ self.store.set_value(iter, 0, module.strip())
+ self.store.set_value(iter, 1, ver.strip())
+
+ except:
+ pass
+ self.view.get_selection().select_path ((0,))
+
+
@ -2855,8 +2879,8 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/portsPage.py policyc
+
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/selinux.tbl policycoreutils-2.0.7/gui/selinux.tbl
--- nsapolicycoreutils/gui/selinux.tbl 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.7/gui/selinux.tbl 2007-03-23 09:03:56.000000000 -0400
@@ -0,0 +1,265 @@
+++ policycoreutils-2.0.7/gui/selinux.tbl 2007-04-06 15:33:02.000000000 -0400
@@ -0,0 +1,274 @@
+acct_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for acct daemon")
+allow_cvs_read_shadow _("CVS") _("Allow cvs daemon to read shadow")
+allow_daemons_dump_core _("Admin") _("Allow all daemons to write corefiles to /.")
@ -2865,6 +2889,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/selinux.tbl policyco
+allow_execmem _("Memory Protection") _("Allow unconfined executables to map a memory region as both executable and writable, this is dangerous and the executable should be reported in bugzilla")
+allow_execmod _("Memory Protection") _("Allow all unconfined executables to use libraries requiring text relocation that are not labeled textrel_shlib_t")
+allow_execstack _("Memory Protection") _("Allow unconfined executables to make their stack executable. This should never, ever be neessary. Probably indicates a badly coded executable, but could indicate an attack. This executable should be reported in bugzilla")
+allow_ftpd_full_access _("FTP") _("Allow ftpd to full access to the system")
+allow_ftpd_anon_write _("FTP") _("Allow ftpd to upload files to directories labeled public_content_rw_t")
+allow_ftpd_use_cifs _("FTP") _("Allow ftp servers to use cifs used for public file transfer services.")
+allow_ftpd_use_nfs _("FTP") _("Allow ftp servers to use nfs used for public file transfer services.")
@ -3004,8 +3029,8 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/selinux.tbl policyco
+nessusd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for nessusd daemon")
+NetworkManager_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for NetworkManager")
+nfsd_disable_trans _("NFS") _("Disable SELinux protection for nfsd daemon")
+nfs_export_all_ro _("NFS") _("Allow the reading on any NFS file system")
+nfs_export_all_rw _("NFS") _("Allow the read/write/create on any NFS file system")
+nfs_export_all_ro _("NFS") _("Allow NFS to share any file/directory read only")
+nfs_export_all_rw _("NFS") _("Allow NFS to share any file/directory read/write")
+nmbd_disable_trans _("Samba") _("Disable SELinux protection for nmbd daemon")
+nrpe_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for nrpe daemon")
+nscd_disable_trans _("Name Service") _("Disable SELinux protection for nscd daemon")
@ -3065,7 +3090,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/selinux.tbl policyco
+snort_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for snort daemon")
+soundd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for soundd daemon")
+sound_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for sound daemon")
+spamassasin_can_network _("Spam Assassin") _("Allow Spam Assasin daemon network access")
+spamassassin_can_network _("Spam Assassin") _("Allow Spam Assasin daemon network access")
+spamd_disable_trans _("spam Protection") _("Disable SELinux protection for spamd daemon")
+spamd_enable_home_dirs _("spam Protection") _("Allow spamd to access home directories")
+spammassasin_can_network _("spam Protection") _("Allow spammassasin to access the network")
@ -3122,6 +3147,14 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/selinux.tbl policyco
+ypserv_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for ypserv daemon")
+ypxfr_disable_trans _("NIS") _("Disable SELinux protection for NIS Transfer Daemon")
+zebra_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for zebra daemon")
+httpd_use_cifs _("HTTPD Service") _("Allow httpd to access samba/cifs file systems.")
+httpd_use_nfs _("HTTPD Service") _("Allow httpd to access nfs file systems.")
+samba_domain_controller _("Samba") _("Allow samba to act as the domain controller, add users, groups and change passwords")
+samba_export_all_ro _("Samba") _("Allow Samba to share any file/directory read only")
+samba_export_all_rw _("Samba") _("Allow Samba to share any file/directory read/write")
+webadm_manage_users_files _("HTTPD Service") _("Allow httpd to access nfs file systems.")
+webadm_read_users_files _("HTTPD Service") _("Allow httpd to access nfs file systems.")
+
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/semanagePage.py policycoreutils-2.0.7/gui/semanagePage.py
--- nsapolicycoreutils/gui/semanagePage.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.7/gui/semanagePage.py 2007-03-23 09:03:56.000000000 -0400
@ -3467,8 +3500,8 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/statusPage.py policy
+
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinux.glade policycoreutils-2.0.7/gui/system-config-selinux.glade
--- nsapolicycoreutils/gui/system-config-selinux.glade 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.7/gui/system-config-selinux.glade 2007-03-23 09:03:56.000000000 -0400
@@ -0,0 +1,2885 @@
+++ policycoreutils-2.0.7/gui/system-config-selinux.glade 2007-04-06 15:13:41.000000000 -0400
@@ -0,0 +1,2956 @@
+<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*-->
+<!DOCTYPE glade-interface SYSTEM "http://glade.gnome.org/glade-2.0.dtd">
+
@ -5339,6 +5372,70 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinu
+ </child>
+
+ <child>
+ <widget class="GtkVBox" id="vbox18">
+ <property name="visible">True</property>
+ <property name="homogeneous">False</property>
+ <property name="spacing">0</property>
+
+ <child>
+ <widget class="GtkHBox" id="hbox7">
+ <property name="visible">True</property>
+ <property name="homogeneous">False</property>
+ <property name="spacing">0</property>
+
+ <child>
+ <widget class="GtkLabel" id="label51">
+ <property name="visible">True</property>
+ <property name="label" translatable="yes">Filter</property>
+ <property name="use_underline">False</property>
+ <property name="use_markup">False</property>
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
+ <property name="wrap">False</property>
+ <property name="selectable">False</property>
+ <property name="xalign">0.5</property>
+ <property name="yalign">0.5</property>
+ <property name="xpad">0</property>
+ <property name="ypad">0</property>
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
+ <property name="width_chars">-1</property>
+ <property name="single_line_mode">False</property>
+ <property name="angle">0</property>
+ </widget>
+ <packing>
+ <property name="padding">10</property>
+ <property name="expand">False</property>
+ <property name="fill">False</property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkEntry" id="booleansFilter">
+ <property name="visible">True</property>
+ <property name="can_focus">True</property>
+ <property name="editable">True</property>
+ <property name="visibility">True</property>
+ <property name="max_length">0</property>
+ <property name="text" translatable="yes"></property>
+ <property name="has_frame">True</property>
+ <property name="invisible_char">•</property>
+ <property name="activates_default">False</property>
+ <signal name="changed" handler="on_booleansFilter_changed" last_modification_time="Fri, 06 Apr 2007 12:39:26 GMT"/>
+ </widget>
+ <packing>
+ <property name="padding">0</property>
+ <property name="expand">True</property>
+ <property name="fill">True</property>
+ </packing>
+ </child>
+ </widget>
+ <packing>
+ <property name="padding">10</property>
+ <property name="expand">False</property>
+ <property name="fill">True</property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkScrolledWindow" id="scrolledwindow18">
+ <property name="visible">True</property>
+ <property name="can_focus">True</property>
@ -5362,6 +5459,13 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinu
+ </child>
+ </widget>
+ <packing>
+ <property name="padding">0</property>
+ <property name="expand">True</property>
+ <property name="fill">True</property>
+ </packing>
+ </child>
+ </widget>
+ <packing>
+ <property name="tab_expand">False</property>
+ <property name="tab_fill">True</property>
+ </packing>

View File

@ -6,7 +6,7 @@
Summary: SELinux policy core utilities.
Name: policycoreutils
Version: 2.0.7
Release: 9%{?dist}
Release: 10%{?dist}
License: GPL
Group: System Environment/Base
Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz
@ -186,6 +186,9 @@ if [ "$1" -ge "1" ]; then
fi
%changelog
* Mon Apr 9 2007 Dan Walsh <dwalsh@redhat.com> 2.0.7-10
- Add filter to booleans page
* Tue Apr 3 2007 Dan Walsh <dwalsh@redhat.com> 2.0.7-9
- Fix polgen.py to not generate udp rules on tcp input