ca8e5bbe7c
- Fixes for polgengui
8072 lines
316 KiB
Diff
8072 lines
316 KiB
Diff
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/booleansPage.py policycoreutils-2.0.10/gui/booleansPage.py
|
|
--- nsapolicycoreutils/gui/booleansPage.py 1969-12-31 19:00:00.000000000 -0500
|
|
+++ policycoreutils-2.0.10/gui/booleansPage.py 2007-04-24 14:43:23.000000000 -0400
|
|
@@ -0,0 +1,224 @@
|
|
+#
|
|
+# booleansPage.py - GUI for Booleans page in system-config-securitylevel
|
|
+#
|
|
+# Brent Fox <bfox@redhat.com>
|
|
+# Dan Walsh <dwalsh@redhat.com>
|
|
+#
|
|
+# Copyright 2006 Red Hat, Inc.
|
|
+#
|
|
+# This program is free software; you can redistribute it and/or modify
|
|
+# it under the terms of the GNU General Public License as published by
|
|
+# the Free Software Foundation; either version 2 of the License, or
|
|
+# (at your option) any later version.
|
|
+#
|
|
+# This program is distributed in the hope that it will be useful,
|
|
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
+# GNU General Public License for more details.
|
|
+#
|
|
+# You should have received a copy of the GNU General Public License
|
|
+# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
|
|
+#
|
|
+import string
|
|
+import gtk
|
|
+import gtk.glade
|
|
+import os
|
|
+import libxml2
|
|
+import gobject
|
|
+import sys
|
|
+import tempfile
|
|
+
|
|
+INSTALLPATH='/usr/share/system-config-selinux'
|
|
+sys.path.append(INSTALLPATH)
|
|
+
|
|
+import commands
|
|
+ENFORCING=0
|
|
+PERMISSIVE=1
|
|
+DISABLED=2
|
|
+
|
|
+##
|
|
+## I18N
|
|
+##
|
|
+PROGNAME="system-config-selinux"
|
|
+
|
|
+import gettext
|
|
+gettext.bindtextdomain(PROGNAME, "/usr/share/locale")
|
|
+gettext.textdomain(PROGNAME)
|
|
+try:
|
|
+ gettext.install(PROGNAME, localedir="/usr/share/locale", unicode=1)
|
|
+except IOError:
|
|
+ import __builtin__
|
|
+ __builtin__.__dict__['_'] = unicode
|
|
+
|
|
+from glob import fnmatch
|
|
+
|
|
+class Translation:
|
|
+ def __init__(self):
|
|
+ self.translation={}
|
|
+ fd=open(INSTALLPATH + "/selinux.tbl","r")
|
|
+ lines=fd.readlines()
|
|
+ fd.close()
|
|
+ for i in lines:
|
|
+ try:
|
|
+ line=i.strip().split("_(\"")
|
|
+ key=line[0].strip()
|
|
+ category=line[1].split("\"")[0]
|
|
+ value=line[2].split("\"")[0]
|
|
+ self.translation[key]=(category,value)
|
|
+ except:
|
|
+ continue
|
|
+
|
|
+ def match(self,key, filter=""):
|
|
+ try:
|
|
+ f=filter.lower()
|
|
+ val=self.get_value(key).lower()
|
|
+ k=key.lower()
|
|
+ return val.find(f) >= 0 or k.find(f) >= 0
|
|
+ except:
|
|
+ return False
|
|
+
|
|
+ def get_category(self,key):
|
|
+ try:
|
|
+ return _(self.translation[key][0])
|
|
+ except:
|
|
+ return _("Other")
|
|
+
|
|
+ def get_value(self,key):
|
|
+ try:
|
|
+ return _(self.translation[key][1])
|
|
+ except:
|
|
+ return key
|
|
+
|
|
+class Modifier:
|
|
+ def __init__(self,name, on, save):
|
|
+ self.on=on
|
|
+ self.name=name
|
|
+ self.save=save
|
|
+
|
|
+ def set(self,value):
|
|
+ self.on=value
|
|
+ self.save=True
|
|
+
|
|
+ def isOn(self):
|
|
+ return self.on
|
|
+
|
|
+class Boolean(Modifier):
|
|
+ def __init__(self,name, val, save=False):
|
|
+ Modifier.__init__(self,name, val, save)
|
|
+
|
|
+class Modifiers:
|
|
+ def __init__(self,store):
|
|
+ self.modifiers={}
|
|
+ self.translation=Translation()
|
|
+ self.store=store
|
|
+ self.store.clear()
|
|
+
|
|
+ def add(self,name,val):
|
|
+ if name == "targeted_policy":
|
|
+ return
|
|
+ category=self.translation.get_category(name)
|
|
+ if not self.modifiers.has_key(category):
|
|
+ self.modifiers[category]={}
|
|
+ iter=self.store.append(None)
|
|
+ self.modifiers[category]["iter"] = iter
|
|
+ self.store.set_value(iter, 1, category)
|
|
+ self.store.set_value(iter, 3, False)
|
|
+
|
|
+ self.modifiers[category][name]=val;
|
|
+ iter=self.store.append(self.modifiers[category]["iter"])
|
|
+ self.store.set_value(iter, 0, val.isOn())
|
|
+ self.store.set_value(iter, 1, self.translation.get_value(name))
|
|
+ self.store.set_value(iter, 2, name)
|
|
+ self.store.set_value(iter, 3, True)
|
|
+
|
|
+ def set(self,name,val):
|
|
+ category=self.translation.get_category(name)
|
|
+ self.modifiers[category][name].set(val)
|
|
+
|
|
+ def isBoolean(self,name):
|
|
+ c=self.translation.get_category(name)
|
|
+ return isinstance(self.modifiers[c][name], Boolean)
|
|
+
|
|
+ def get_booleans(self):
|
|
+ booleans={}
|
|
+ for c in self.modifiers.keys():
|
|
+ for n in self.modifiers[c].keys():
|
|
+ if isinstance(self.modifiers[c][n], Boolean):
|
|
+ booleans[n]=self.modifiers[c][n]
|
|
+ return booleans
|
|
+
|
|
+class booleansPage:
|
|
+ def __init__(self, xml, doDebug=None):
|
|
+ self.xml = xml
|
|
+ self.types=[]
|
|
+ self.selinuxsupport = True
|
|
+ self.translation = Translation()
|
|
+ self.typechanged = False
|
|
+ self.doDebug = doDebug
|
|
+
|
|
+ # Bring in widgets from glade file.
|
|
+ self.typeHBox = xml.get_widget("typeHBox")
|
|
+ self.booleanSW = xml.get_widget("booleanSW")
|
|
+ self.booleansFilter = xml.get_widget("booleansFilter")
|
|
+ self.booleansFilter.connect("focus_out_event", self.filter_changed)
|
|
+ self.booleansFilter.connect("activate", self.filter_changed)
|
|
+
|
|
+ self.booleansView = xml.get_widget("booleansView")
|
|
+ self.typeLabel = xml.get_widget("typeLabel")
|
|
+ self.modifySeparator = xml.get_widget("modifySeparator")
|
|
+
|
|
+ listStore = gtk.ListStore(gobject.TYPE_STRING)
|
|
+ cell = gtk.CellRendererText()
|
|
+
|
|
+ self.booleansStore = gtk.TreeStore(gobject.TYPE_BOOLEAN, gobject.TYPE_STRING, gobject.TYPE_PYOBJECT, gobject.TYPE_BOOLEAN)
|
|
+ self.booleansStore.set_sort_column_id(1, gtk.SORT_ASCENDING)
|
|
+ self.booleansView.set_model(self.booleansStore)
|
|
+
|
|
+ checkbox = gtk.CellRendererToggle()
|
|
+ checkbox.connect("toggled", self.boolean_toggled)
|
|
+ col = gtk.TreeViewColumn('', checkbox, active = 0,visible=3)
|
|
+ col.set_fixed_width(20)
|
|
+ col.set_clickable(True)
|
|
+ self.booleansView.append_column(col)
|
|
+
|
|
+ col = gtk.TreeViewColumn("", gtk.CellRendererText(), text=1)
|
|
+ self.booleansView.append_column(col)
|
|
+ self.filter=""
|
|
+ self.refreshBooleans(self.filter)
|
|
+
|
|
+ def filter_changed(self, *arg):
|
|
+ filter = arg[0].get_text()
|
|
+ if filter != self.filter:
|
|
+ self.refreshBooleans(filter)
|
|
+ self.filter=filter
|
|
+
|
|
+ def use_menus(self):
|
|
+ return False
|
|
+
|
|
+ def get_description(self):
|
|
+ return _("Boolean")
|
|
+
|
|
+ def refreshBooleans(self, filter=None):
|
|
+ self.modifiers=Modifiers(self.booleansStore)
|
|
+ booleansList=commands.getoutput("/usr/sbin/getsebool -a").split("\n")
|
|
+ for i in booleansList:
|
|
+ rec=i.split()
|
|
+ name=rec[0]
|
|
+ if self.translation.match(name, filter):
|
|
+ if rec[2]=="on" or rec[2]=="active":
|
|
+ on=1
|
|
+ else:
|
|
+ on=0
|
|
+ self.modifiers.add(name,Boolean(name,on))
|
|
+
|
|
+ def boolean_toggled(self, widget, row):
|
|
+ if len(row) == 1:
|
|
+ return
|
|
+ iter = self.booleansStore.get_iter(row)
|
|
+ val = self.booleansStore.get_value(iter, 0)
|
|
+ key = self.booleansStore.get_value(iter, 2)
|
|
+ self.booleansStore.set_value(iter, 0 , not val)
|
|
+ self.modifiers.set(key, not val)
|
|
+
|
|
+ setsebool="/usr/sbin/setsebool -P %s=%d" % (key, not val)
|
|
+ commands.getstatusoutput(setsebool)
|
|
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/fcontextPage.py policycoreutils-2.0.10/gui/fcontextPage.py
|
|
--- nsapolicycoreutils/gui/fcontextPage.py 1969-12-31 19:00:00.000000000 -0500
|
|
+++ policycoreutils-2.0.10/gui/fcontextPage.py 2007-04-24 14:43:23.000000000 -0400
|
|
@@ -0,0 +1,207 @@
|
|
+## fcontextPage.py - show selinux mappings
|
|
+## Copyright (C) 2006 Red Hat, Inc.
|
|
+
|
|
+## This program is free software; you can redistribute it and/or modify
|
|
+## it under the terms of the GNU General Public License as published by
|
|
+## the Free Software Foundation; either version 2 of the License, or
|
|
+## (at your option) any later version.
|
|
+
|
|
+## This program is distributed in the hope that it will be useful,
|
|
+## but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
+## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
+## GNU General Public License for more details.
|
|
+
|
|
+## You should have received a copy of the GNU General Public License
|
|
+## along with this program; if not, write to the Free Software
|
|
+## Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
|
|
+
|
|
+## Author: Dan Walsh
|
|
+import gtk
|
|
+import gtk.glade
|
|
+import os
|
|
+import libxml2
|
|
+import gobject
|
|
+import seobject
|
|
+import commands
|
|
+from semanagePage import *;
|
|
+
|
|
+SPEC_COL = 0
|
|
+TYPE_COL = 1
|
|
+FTYPE_COL = 2
|
|
+
|
|
+class context:
|
|
+ def __init__(self, scontext):
|
|
+ self.scontext = scontext
|
|
+ con=scontext.split(":")
|
|
+ self.user = con[0]
|
|
+ self.role = con[1]
|
|
+ self.type = con[2]
|
|
+ if len(con) > 3:
|
|
+ self.mls = con[3]
|
|
+ else:
|
|
+ self.mls = "s0"
|
|
+
|
|
+ def __str__(self):
|
|
+ return self.scontext
|
|
+
|
|
+##
|
|
+## I18N
|
|
+##
|
|
+PROGNAME="system-config-selinux"
|
|
+
|
|
+import gettext
|
|
+gettext.bindtextdomain(PROGNAME, "/usr/share/locale")
|
|
+gettext.textdomain(PROGNAME)
|
|
+try:
|
|
+ gettext.install(PROGNAME, localedir="/usr/share/locale", unicode=1)
|
|
+except IOError:
|
|
+ import __builtin__
|
|
+ __builtin__.__dict__['_'] = unicode
|
|
+
|
|
+class fcontextPage(semanagePage):
|
|
+ def __init__(self, xml):
|
|
+ semanagePage.__init__(self, xml, "fcontext", _("File Labeling"))
|
|
+ self.fcontextFilter = xml.get_widget("fcontextFilterEntry")
|
|
+ self.fcontextFilter.connect("focus_out_event", self.filter_changed)
|
|
+ self.fcontextFilter.connect("activate", self.filter_changed)
|
|
+ self.view = xml.get_widget("fcontextView")
|
|
+ self.store = gtk.ListStore(gobject.TYPE_STRING, gobject.TYPE_STRING, gobject.TYPE_STRING)
|
|
+ self.view.set_model(self.store)
|
|
+# self.store.set_sort_column_id(0, gtk.SORT_ASCENDING)
|
|
+
|
|
+ col = gtk.TreeViewColumn(_("File\nSpecification"), gtk.CellRendererText(), text=SPEC_COL)
|
|
+ col.set_sizing(gtk.TREE_VIEW_COLUMN_FIXED)
|
|
+ col.set_fixed_width(250)
|
|
+
|
|
+ col.set_sort_column_id(SPEC_COL)
|
|
+ col.set_resizable(True)
|
|
+ self.view.append_column(col)
|
|
+ col = gtk.TreeViewColumn(_("Selinux\nFile Context"), gtk.CellRendererText(), text=TYPE_COL)
|
|
+
|
|
+ col.set_sizing(gtk.TREE_VIEW_COLUMN_FIXED)
|
|
+ col.set_fixed_width(250)
|
|
+ col.set_sort_column_id(TYPE_COL)
|
|
+ col.set_resizable(True)
|
|
+ self.view.append_column(col)
|
|
+ col = gtk.TreeViewColumn(_("File\nType"), gtk.CellRendererText(), text=2)
|
|
+ col.set_sort_column_id(FTYPE_COL)
|
|
+ col.set_resizable(True)
|
|
+ self.view.append_column(col)
|
|
+ self.load()
|
|
+ self.fcontextEntry = xml.get_widget("fcontextEntry")
|
|
+ self.fcontextFileTypeCombo = xml.get_widget("fcontextFileTypeCombo")
|
|
+ liststore=self.fcontextFileTypeCombo.get_model()
|
|
+ for k in seobject.file_types:
|
|
+ if len(k) > 0 and k[0] != '-':
|
|
+ iter=liststore.append()
|
|
+ liststore.set_value(iter, 0, k)
|
|
+ iter = liststore.get_iter_first()
|
|
+ self.fcontextFileTypeCombo.set_active_iter(iter)
|
|
+ self.fcontextTypeEntry = xml.get_widget("fcontextTypeEntry")
|
|
+ self.fcontextMLSEntry = xml.get_widget("fcontextMLSEntry")
|
|
+
|
|
+ def match(self, fcon, filter):
|
|
+ try:
|
|
+ f=filter.lower()
|
|
+ for con in fcon:
|
|
+ k=con.lower()
|
|
+ if k.find(f) >= 0:
|
|
+ return True
|
|
+ except:
|
|
+ pass
|
|
+ return False
|
|
+
|
|
+ def load(self, filter=""):
|
|
+ self.filter=filter
|
|
+ self.fcontext=seobject.fcontextRecords()
|
|
+ fcon_list=self.fcontext.get_all()
|
|
+ self.store.clear()
|
|
+ for fcon in fcon_list:
|
|
+ if not self.match(fcon, filter):
|
|
+ continue
|
|
+ iter=self.store.append()
|
|
+ self.store.set_value(iter, SPEC_COL, fcon[0])
|
|
+ self.store.set_value(iter, FTYPE_COL, fcon[1])
|
|
+ if len(fcon) > 3:
|
|
+ rec="%s:%s:%s:%s " % (fcon[2], fcon[3],fcon[4], seobject.translate(fcon[5],False))
|
|
+ else:
|
|
+ rec="<<None>>"
|
|
+ self.store.set_value(iter, 1, rec)
|
|
+ self.view.get_selection().select_path ((0,))
|
|
+
|
|
+ def filter_changed(self, *arg):
|
|
+ filter = arg[0].get_text()
|
|
+ if filter != self.filter:
|
|
+ self.load(filter)
|
|
+
|
|
+ def dialogInit(self):
|
|
+ store, iter = self.view.get_selection().get_selected()
|
|
+ self.fcontextEntry.set_text(store.get_value(iter, SPEC_COL))
|
|
+ self.fcontextEntry.set_sensitive(False)
|
|
+ scontext = store.get_value(iter, TYPE_COL)
|
|
+ scon=context(scontext)
|
|
+ self.fcontextTypeEntry.set_text(scon.type)
|
|
+ self.fcontextMLSEntry.set_text(scon.mls)
|
|
+ type=store.get_value(iter, FTYPE_COL)
|
|
+ liststore=self.fcontextFileTypeCombo.get_model()
|
|
+ iter = liststore.get_iter_first()
|
|
+ while iter != None and liststore.get_value(iter,0) != type:
|
|
+ iter = liststore.iter_next(iter)
|
|
+ if iter != None:
|
|
+ self.fcontextFileTypeCombo.set_active_iter(iter)
|
|
+ self.fcontextFileTypeCombo.set_sensitive(False)
|
|
+
|
|
+ def dialogClear(self):
|
|
+ self.fcontextEntry.set_text("")
|
|
+ self.fcontextEntry.set_sensitive(True)
|
|
+ self.fcontextFileTypeCombo.set_sensitive(True)
|
|
+ self.fcontextTypeEntry.set_text("")
|
|
+ self.fcontextMLSEntry.set_text("s0")
|
|
+
|
|
+ def delete(self):
|
|
+ store, iter = self.view.get_selection().get_selected()
|
|
+ try:
|
|
+ fspec=store.get_value(iter, SPEC_COL)
|
|
+ ftype=store.get_value(iter, FTYPE_COL)
|
|
+ (rc, out) = commands.getstatusoutput("semanage fcontext -d -f '%s' %s" % (ftype, fspec))
|
|
+
|
|
+ if rc != 0:
|
|
+ return self.error(out)
|
|
+ store.remove(iter)
|
|
+ self.view.get_selection().select_path ((0,))
|
|
+ except ValueError, e:
|
|
+ self.error(e.args[0])
|
|
+
|
|
+ def add(self):
|
|
+ fspec=self.fcontextEntry.get_text().strip()
|
|
+ type=self.fcontextTypeEntry.get_text().strip()
|
|
+ mls=self.fcontextMLSEntry.get_text().strip()
|
|
+ list_model=self.fcontextFileTypeCombo.get_model()
|
|
+ iter = self.fcontextFileTypeCombo.get_active_iter()
|
|
+ ftype=list_model.get_value(iter,0)
|
|
+ (rc, out) = commands.getstatusoutput("semanage fcontext -a -t %s -r %s -f '%s' %s" % (type, mls, ftype, fspec))
|
|
+ if rc != 0:
|
|
+ self.error(out)
|
|
+ return False
|
|
+
|
|
+ iter=self.store.append()
|
|
+ self.store.set_value(iter, SPEC_COL, fspec)
|
|
+ self.store.set_value(iter, FTYPE_COL, ftype)
|
|
+ self.store.set_value(iter, TYPE_COL, "system_u:object_r:%s:%s" % (type, mls))
|
|
+
|
|
+ def modify(self):
|
|
+ fspec=self.fcontextEntry.get_text().strip()
|
|
+ type=self.fcontextTypeEntry.get_text().strip()
|
|
+ mls=self.fcontextMLSEntry.get_text().strip()
|
|
+ list_model=self.fcontextFileTypeCombo.get_model()
|
|
+ iter = self.fcontextFileTypeCombo.get_active_iter()
|
|
+ ftype=list_model.get_value(iter,0)
|
|
+ (rc, out) = commands.getstatusoutput("semanage fcontext -m -t %s -r %s -f '%s' %s" % (type, mls, ftype, fspec))
|
|
+ if rc != 0:
|
|
+ self.error(out)
|
|
+ return False
|
|
+
|
|
+ store, iter = self.view.get_selection().get_selected()
|
|
+ self.store.set_value(iter, SPEC_COL, fspec)
|
|
+ self.store.set_value(iter, FTYPE_COL, ftype)
|
|
+ self.store.set_value(iter, TYPE_COL, "system_u:object_r:%s:%s" % (type, mls))
|
|
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/loginsPage.py policycoreutils-2.0.10/gui/loginsPage.py
|
|
--- nsapolicycoreutils/gui/loginsPage.py 1969-12-31 19:00:00.000000000 -0500
|
|
+++ policycoreutils-2.0.10/gui/loginsPage.py 2007-04-24 14:43:23.000000000 -0400
|
|
@@ -0,0 +1,173 @@
|
|
+## loginsPage.py - show selinux mappings
|
|
+## Copyright (C) 2006 Red Hat, Inc.
|
|
+
|
|
+## This program is free software; you can redistribute it and/or modify
|
|
+## it under the terms of the GNU General Public License as published by
|
|
+## the Free Software Foundation; either version 2 of the License, or
|
|
+## (at your option) any later version.
|
|
+
|
|
+## This program is distributed in the hope that it will be useful,
|
|
+## but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
+## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
+## GNU General Public License for more details.
|
|
+
|
|
+## You should have received a copy of the GNU General Public License
|
|
+## along with this program; if not, write to the Free Software
|
|
+## Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
|
|
+
|
|
+## Author: Dan Walsh
|
|
+import string
|
|
+import gtk
|
|
+import gtk.glade
|
|
+import os
|
|
+import libxml2
|
|
+import gobject
|
|
+import sys
|
|
+import commands
|
|
+import seobject
|
|
+from semanagePage import *;
|
|
+
|
|
+##
|
|
+## I18N
|
|
+##
|
|
+PROGNAME="policycoreutils"
|
|
+import gettext
|
|
+gettext.bindtextdomain(PROGNAME, "/usr/share/locale")
|
|
+gettext.textdomain(PROGNAME)
|
|
+try:
|
|
+ gettext.install(PROGNAME, localedir="/usr/share/locale", unicode=1)
|
|
+except IOError:
|
|
+ import __builtin__
|
|
+ __builtin__.__dict__['_'] = unicode
|
|
+
|
|
+class loginsPage(semanagePage):
|
|
+ def __init__(self, xml):
|
|
+ self.firstTime = False
|
|
+ semanagePage.__init__(self, xml, "logins", _("User Mapping"))
|
|
+ self.store = gtk.ListStore(gobject.TYPE_STRING, gobject.TYPE_STRING, gobject.TYPE_STRING)
|
|
+ self.view.set_model(self.store)
|
|
+ self.store.set_sort_column_id(0, gtk.SORT_ASCENDING)
|
|
+ col = gtk.TreeViewColumn(_("Login\nName"), gtk.CellRendererText(), text = 0)
|
|
+ col.set_sort_column_id(0)
|
|
+ col.set_resizable(True)
|
|
+ self.view.append_column(col)
|
|
+ col = gtk.TreeViewColumn(_("SELinux\nUser"), gtk.CellRendererText(), text = 1)
|
|
+ col.set_resizable(True)
|
|
+ self.view.append_column(col)
|
|
+ col = gtk.TreeViewColumn(_("MLS/\nMCS Range"), gtk.CellRendererText(), text = 2)
|
|
+ col.set_resizable(True)
|
|
+ self.view.append_column(col)
|
|
+ self.load()
|
|
+ self.loginsNameEntry = xml.get_widget("loginsNameEntry")
|
|
+ self.loginsSelinuxUserCombo = xml.get_widget("loginsSelinuxUserCombo")
|
|
+ self.loginsMLSEntry = xml.get_widget("loginsMLSEntry")
|
|
+
|
|
+ def load(self):
|
|
+ self.login = seobject.loginRecords()
|
|
+ dict = self.login.get_all()
|
|
+ keys = dict.keys()
|
|
+ keys.sort()
|
|
+ self.store.clear()
|
|
+ for k in keys:
|
|
+ iter = self.store.append()
|
|
+ self.store.set_value(iter, 0, k)
|
|
+ self.store.set_value(iter, 1, dict[k][0])
|
|
+ self.store.set_value(iter, 2, seobject.translate(dict[k][1]))
|
|
+ self.view.get_selection().select_path ((0,))
|
|
+
|
|
+ def __dialogSetup(self):
|
|
+ if self.firstTime == True:
|
|
+ return
|
|
+ self.firstTime = True
|
|
+ liststore = gtk.ListStore(gobject.TYPE_STRING)
|
|
+ self.loginsSelinuxUserCombo.set_model(liststore)
|
|
+ cell = gtk.CellRendererText()
|
|
+ self.loginsSelinuxUserCombo.pack_start(cell, True)
|
|
+ self.loginsSelinuxUserCombo.add_attribute(cell, 'text', 0)
|
|
+
|
|
+ selusers = seobject.seluserRecords().get_all()
|
|
+ keys = selusers.keys()
|
|
+ keys.sort()
|
|
+ for k in keys:
|
|
+ if k != "system_u":
|
|
+ self.loginsSelinuxUserCombo.append_text(k)
|
|
+
|
|
+ iter = liststore.get_iter_first()
|
|
+ while liststore.get_value(iter,0) != "user_u":
|
|
+ iter = liststore.iter_next(iter)
|
|
+ self.loginsSelinuxUserCombo.set_active_iter(iter)
|
|
+
|
|
+ def dialogInit(self):
|
|
+ self.__dialogSetup()
|
|
+ store, iter = self.view.get_selection().get_selected()
|
|
+ self.loginsNameEntry.set_text(store.get_value(iter, 0))
|
|
+ self.loginsNameEntry.set_sensitive(False)
|
|
+
|
|
+ self.loginsMLSEntry.set_text(store.get_value(iter, 2))
|
|
+ seuser = store.get_value(iter, 1)
|
|
+ liststore = self.loginsSelinuxUserCombo.get_model()
|
|
+ iter = liststore.get_iter_first()
|
|
+ while iter != None and liststore.get_value(iter,0) != seuser:
|
|
+ iter = liststore.iter_next(iter)
|
|
+ if iter != None:
|
|
+ self.loginsSelinuxUserCombo.set_active_iter(iter)
|
|
+
|
|
+
|
|
+ def dialogClear(self):
|
|
+ self.__dialogSetup()
|
|
+ self.loginsNameEntry.set_text("")
|
|
+ self.loginsNameEntry.set_sensitive(True)
|
|
+ self.loginsMLSEntry.set_text("s0")
|
|
+
|
|
+ def delete(self):
|
|
+ store, iter = self.view.get_selection().get_selected()
|
|
+ try:
|
|
+ login=store.get_value(iter, 0)
|
|
+ if login == "root" or login == "__default__":
|
|
+ raise ValueError(_("Login '%s' is required") % login)
|
|
+
|
|
+ (rc, out) = commands.getstatusoutput("semanage login -d %s" % login)
|
|
+ if rc != 0:
|
|
+ self.error(out)
|
|
+ return False
|
|
+ store.remove(iter)
|
|
+ self.view.get_selection().select_path ((0,))
|
|
+ except ValueError, e:
|
|
+ self.error(e.args[0])
|
|
+
|
|
+ def add(self):
|
|
+ target=self.loginsNameEntry.get_text().strip()
|
|
+ serange=self.loginsMLSEntry.get_text().strip()
|
|
+ if serange == "":
|
|
+ serange="s0"
|
|
+ list_model=self.loginsSelinuxUserCombo.get_model()
|
|
+ iter = self.loginsSelinuxUserCombo.get_active_iter()
|
|
+ seuser = list_model.get_value(iter,0)
|
|
+ (rc, out) = commands.getstatusoutput("semanage login -a -s %s -r %s %s" % (seuser, serange, target))
|
|
+ if rc != 0:
|
|
+ self.error(out)
|
|
+ return False
|
|
+
|
|
+ iter = self.store.append()
|
|
+ self.store.set_value(iter, 0, target)
|
|
+ self.store.set_value(iter, 1, seuser)
|
|
+ self.store.set_value(iter, 2, seobject.translate(serange))
|
|
+
|
|
+ def modify(self):
|
|
+ target=self.loginsNameEntry.get_text().strip()
|
|
+ serange=self.loginsMLSEntry.get_text().strip()
|
|
+ if serange == "":
|
|
+ serange = "s0"
|
|
+ list_model = self.loginsSelinuxUserCombo.get_model()
|
|
+ iter = self.loginsSelinuxUserCombo.get_active_iter()
|
|
+ seuser=list_model.get_value(iter,0)
|
|
+ (rc, out) = commands.getstatusoutput("semanage login -m -s %s -r %s %s" % (seuser, serange, target))
|
|
+ if rc != 0:
|
|
+ self.error(out)
|
|
+ return False
|
|
+
|
|
+ store, iter = self.view.get_selection().get_selected()
|
|
+ self.store.set_value(iter, 0, target)
|
|
+ self.store.set_value(iter, 1, seuser)
|
|
+ self.store.set_value(iter, 2, seobject.translate(serange))
|
|
+
|
|
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/Makefile policycoreutils-2.0.10/gui/Makefile
|
|
--- nsapolicycoreutils/gui/Makefile 1969-12-31 19:00:00.000000000 -0500
|
|
+++ policycoreutils-2.0.10/gui/Makefile 2007-04-24 14:43:23.000000000 -0400
|
|
@@ -0,0 +1,34 @@
|
|
+# Installation directories.
|
|
+PREFIX ?= ${DESTDIR}/usr
|
|
+SHAREDIR ?= $(PREFIX)/share/system-config-selinux
|
|
+
|
|
+TARGETS= \
|
|
+booleansPage.py \
|
|
+fcontextPage.py \
|
|
+loginsPage.py \
|
|
+mappingsPage.py \
|
|
+modulesPage.py \
|
|
+polgen.py \
|
|
+polgen.glade \
|
|
+portsPage.py \
|
|
+semanagePage.py \
|
|
+statusPage.py \
|
|
+system-config-selinux.glade \
|
|
+translationsPage.py \
|
|
+usersPage.py \
|
|
+selinux.tbl
|
|
+
|
|
+all: $(TARGETS) system-config-selinux.py polgengui.py templates
|
|
+
|
|
+install: all
|
|
+ -mkdir -p $(SHAREDIR)/templates
|
|
+ install -m 755 system-config-selinux.py $(SHAREDIR)
|
|
+ install -m 755 polgengui.py $(SHAREDIR)
|
|
+ install -m 644 $(TARGETS) $(SHAREDIR)
|
|
+ install -m 644 templates/*.py $(SHAREDIR)/templates/
|
|
+
|
|
+clean:
|
|
+
|
|
+indent:
|
|
+
|
|
+relabel:
|
|
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/mappingsPage.py policycoreutils-2.0.10/gui/mappingsPage.py
|
|
--- nsapolicycoreutils/gui/mappingsPage.py 1969-12-31 19:00:00.000000000 -0500
|
|
+++ policycoreutils-2.0.10/gui/mappingsPage.py 2007-04-24 14:43:23.000000000 -0400
|
|
@@ -0,0 +1,54 @@
|
|
+## mappingsPage.py - show selinux mappings
|
|
+## Copyright (C) 2006 Red Hat, Inc.
|
|
+
|
|
+## This program is free software; you can redistribute it and/or modify
|
|
+## it under the terms of the GNU General Public License as published by
|
|
+## the Free Software Foundation; either version 2 of the License, or
|
|
+## (at your option) any later version.
|
|
+
|
|
+## This program is distributed in the hope that it will be useful,
|
|
+## but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
+## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
+## GNU General Public License for more details.
|
|
+
|
|
+## You should have received a copy of the GNU General Public License
|
|
+## along with this program; if not, write to the Free Software
|
|
+## Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
|
|
+
|
|
+## Author: Dan Walsh
|
|
+import string
|
|
+import gtk
|
|
+import gtk.glade
|
|
+import os
|
|
+import libxml2
|
|
+import gobject
|
|
+import sys
|
|
+import seobject
|
|
+
|
|
+##
|
|
+## I18N
|
|
+##
|
|
+PROGNAME="policycoreutils"
|
|
+import gettext
|
|
+gettext.bindtextdomain(PROGNAME, "/usr/share/locale")
|
|
+gettext.textdomain(PROGNAME)
|
|
+try:
|
|
+ gettext.install(PROGNAME, localedir="/usr/share/locale", unicode=1)
|
|
+except IOError:
|
|
+ import __builtin__
|
|
+ __builtin__.__dict__['_'] = unicode
|
|
+
|
|
+class loginsPage:
|
|
+ def __init__(self, xml):
|
|
+ self.xml = xml
|
|
+ self.view = xml.get_widget("mappingsView")
|
|
+ self.store = gtk.ListStore(gobject.TYPE_STRING, gobject.TYPE_STRING, gobject.TYPE_STRING)
|
|
+ self.store.set_sort_column_id(0, gtk.SORT_ASCENDING)
|
|
+ self.view.set_model(self.store)
|
|
+ self.login = loginRecords()
|
|
+ dict = self.login.get_all()
|
|
+ keys = dict.keys()
|
|
+ keys.sort()
|
|
+ for k in keys:
|
|
+ print "%-25s %-25s %-25s" % (k, dict[k][0], translate(dict[k][1]))
|
|
+
|
|
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/modulesPage.py policycoreutils-2.0.10/gui/modulesPage.py
|
|
--- nsapolicycoreutils/gui/modulesPage.py 1969-12-31 19:00:00.000000000 -0500
|
|
+++ policycoreutils-2.0.10/gui/modulesPage.py 2007-04-24 14:43:23.000000000 -0400
|
|
@@ -0,0 +1,172 @@
|
|
+## modulesPage.py - show selinux mappings
|
|
+## Copyright (C) 2006 Red Hat, Inc.
|
|
+
|
|
+## This program is free software; you can redistribute it and/or modify
|
|
+## it under the terms of the GNU General Public License as published by
|
|
+## the Free Software Foundation; either version 2 of the License, or
|
|
+## (at your option) any later version.
|
|
+
|
|
+## This program is distributed in the hope that it will be useful,
|
|
+## but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
+## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
+## GNU General Public License for more details.
|
|
+
|
|
+## You should have received a copy of the GNU General Public License
|
|
+## along with this program; if not, write to the Free Software
|
|
+## Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
|
|
+
|
|
+## Author: Dan Walsh
|
|
+import string
|
|
+import gtk
|
|
+import gtk.glade
|
|
+import os
|
|
+import commands
|
|
+import libxml2
|
|
+import gobject
|
|
+import sys
|
|
+import seobject
|
|
+import selinux
|
|
+from semanagePage import *;
|
|
+
|
|
+##
|
|
+## I18N
|
|
+##
|
|
+PROGNAME="policycoreutils"
|
|
+import gettext
|
|
+gettext.bindtextdomain(PROGNAME, "/usr/share/locale")
|
|
+gettext.textdomain(PROGNAME)
|
|
+try:
|
|
+ gettext.install(PROGNAME, localedir="/usr/share/locale", unicode=1)
|
|
+except IOError:
|
|
+ import __builtin__
|
|
+ __builtin__.__dict__['_'] = unicode
|
|
+
|
|
+class modulesPage(semanagePage):
|
|
+ def __init__(self, xml):
|
|
+ semanagePage.__init__(self, xml, "modules", _("Policy Module"))
|
|
+ self.store = gtk.ListStore(gobject.TYPE_STRING, gobject.TYPE_STRING)
|
|
+ self.view.set_model(self.store)
|
|
+ self.store.set_sort_column_id(0, gtk.SORT_ASCENDING)
|
|
+ col = gtk.TreeViewColumn(_("Module Name"), gtk.CellRendererText(), text = 0)
|
|
+ col.set_sort_column_id(0)
|
|
+ col.set_resizable(True)
|
|
+ self.view.append_column(col)
|
|
+ self.store.set_sort_column_id(0, gtk.SORT_ASCENDING)
|
|
+ col = gtk.TreeViewColumn(_("Version"), gtk.CellRendererText(), text = 1)
|
|
+ self.enable_audit_button = xml.get_widget("enableAuditButton")
|
|
+ self.enable_audit_button.connect("clicked", self.enable_audit)
|
|
+ self.disable_audit_button = xml.get_widget("disableAuditButton")
|
|
+ self.disable_audit_button.connect("clicked", self.disable_audit)
|
|
+ self.new_button = xml.get_widget("newModuleButton")
|
|
+ self.new_button.connect("clicked", self.new_module)
|
|
+ col.set_sort_column_id(1)
|
|
+ col.set_resizable(True)
|
|
+ self.view.append_column(col)
|
|
+ self.store.set_sort_func(1,self.sort_int, "")
|
|
+ status, self.policy_type = selinux.selinux_getpolicytype()
|
|
+
|
|
+ self.load()
|
|
+
|
|
+ def sort_int(self, treemodel, iter1, iter2, user_data):
|
|
+ try:
|
|
+ p1 = int(treemodel.get_value(iter1,1))
|
|
+ p2 = int(treemodel.get_value(iter1,1))
|
|
+ if p1 > p2:
|
|
+ return 1
|
|
+ if p1 == p2:
|
|
+ return 0
|
|
+ return -1
|
|
+ except:
|
|
+ return 0
|
|
+
|
|
+ def load(self):
|
|
+ self.store.clear()
|
|
+ try:
|
|
+ fd=os.popen("semodule -l")
|
|
+ l = fd.readlines()
|
|
+ fd.close()
|
|
+ for i in l:
|
|
+ module, ver = i.split('\t')
|
|
+ iter = self.store.append()
|
|
+ self.store.set_value(iter, 0, module.strip())
|
|
+ self.store.set_value(iter, 1, ver.strip())
|
|
+ except:
|
|
+ pass
|
|
+ self.view.get_selection().select_path ((0,))
|
|
+
|
|
+
|
|
+ def new_module(self, args):
|
|
+ try:
|
|
+ os.spawnl(os.P_NOWAIT, "/usr/share/system-config-selinux/polgengui.py")
|
|
+ except ValueError, e:
|
|
+ self.error(e.args[0])
|
|
+
|
|
+ def delete(self):
|
|
+ store, iter = self.view.get_selection().get_selected()
|
|
+ module = store.get_value(iter, 0)
|
|
+ try:
|
|
+ status, output = commands.getstatusoutput("semodule -r %s" % module)
|
|
+ if status != 0:
|
|
+ self.error(output)
|
|
+ else:
|
|
+ store.remove(iter)
|
|
+ self.view.get_selection().select_path ((0,))
|
|
+
|
|
+ except ValueError, e:
|
|
+ self.error(e.args[0])
|
|
+
|
|
+ def enable_audit(self, button):
|
|
+ try:
|
|
+ status, output =commands.getstatusoutput("semodule -b /usr/share/selinux/%s/enableaudit.pp" % self.policy_type)
|
|
+ if status != 0:
|
|
+ self.error(output)
|
|
+
|
|
+ except ValueError, e:
|
|
+ self.error(e.args[0])
|
|
+
|
|
+ def disable_audit(self, button):
|
|
+ try:
|
|
+ status, output =commands.getstatusoutput("semodule -b /usr/share/selinux/%s/base.pp" % self.policy_type)
|
|
+ if status != 0:
|
|
+ self.error(output)
|
|
+
|
|
+ except ValueError, e:
|
|
+ self.error(e.args[0])
|
|
+
|
|
+ def propertiesDialog(self):
|
|
+ # Do nothing
|
|
+ return
|
|
+
|
|
+ def addDialog(self):
|
|
+ dialog = gtk.FileChooserDialog(_("Load Policy Module"),
|
|
+ None,
|
|
+ gtk.FILE_CHOOSER_ACTION_OPEN,
|
|
+ (gtk.STOCK_CANCEL, gtk.RESPONSE_CANCEL,
|
|
+ gtk.STOCK_OPEN, gtk.RESPONSE_OK))
|
|
+ dialog.set_default_response(gtk.RESPONSE_OK)
|
|
+
|
|
+ filter = gtk.FileFilter()
|
|
+ filter.set_name("Policy Files")
|
|
+ filter.add_pattern("*.pp")
|
|
+ dialog.add_filter(filter)
|
|
+
|
|
+ response = dialog.run()
|
|
+ if response == gtk.RESPONSE_OK:
|
|
+ self.add(dialog.get_filename())
|
|
+ dialog.destroy()
|
|
+
|
|
+ def add(self, file):
|
|
+ try:
|
|
+ status, output =commands.getstatusoutput("semodule -i %s" % file)
|
|
+ if status != 0:
|
|
+ self.error(output)
|
|
+ else:
|
|
+ self.load()
|
|
+
|
|
+ except ValueError, e:
|
|
+ self.error(e.args[0])
|
|
+
|
|
+
|
|
+
|
|
+
|
|
+
|
|
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.glade policycoreutils-2.0.10/gui/polgen.glade
|
|
--- nsapolicycoreutils/gui/polgen.glade 1969-12-31 19:00:00.000000000 -0500
|
|
+++ policycoreutils-2.0.10/gui/polgen.glade 2007-04-24 14:49:29.000000000 -0400
|
|
@@ -0,0 +1,1168 @@
|
|
+<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*-->
|
|
+<!DOCTYPE glade-interface SYSTEM "http://glade.gnome.org/glade-2.0.dtd">
|
|
+
|
|
+<glade-interface>
|
|
+<requires lib="gnome"/>
|
|
+
|
|
+<widget class="GtkWindow" id="main_window">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="title" translatable="yes">Selinux Policy Generation Tool</property>
|
|
+ <property name="type">GTK_WINDOW_TOPLEVEL</property>
|
|
+ <property name="window_position">GTK_WIN_POS_MOUSE</property>
|
|
+ <property name="modal">False</property>
|
|
+ <property name="resizable">True</property>
|
|
+ <property name="destroy_with_parent">False</property>
|
|
+ <property name="decorated">True</property>
|
|
+ <property name="skip_taskbar_hint">False</property>
|
|
+ <property name="skip_pager_hint">False</property>
|
|
+ <property name="type_hint">GDK_WINDOW_TYPE_HINT_NORMAL</property>
|
|
+ <property name="gravity">GDK_GRAVITY_NORTH_WEST</property>
|
|
+ <property name="focus_on_map">True</property>
|
|
+ <property name="urgency_hint">False</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkVBox" id="vbox1">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">0</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GnomeDruid" id="druid1">
|
|
+ <property name="border_width">4</property>
|
|
+ <property name="visible">True</property>
|
|
+ <property name="show_help">False</property>
|
|
+ <signal name="cancel" handler="on_druid_cancel" last_modification_time="Tue, 24 Apr 2007 18:48:08 GMT"/>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GnomeDruidPageEdge" id="druidpagestart1">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="position">GNOME_EDGE_START</property>
|
|
+ <property name="title" translatable="yes">SELinux Policy Generation Druid</property>
|
|
+ <property name="text" translatable="yes">This tool can be used to generate a policy framework, to confine an application using SELinux. The tool will generate a Type Enforcement File (te), an interface file (if), a File Context File (fc) and a shell script (sh) used to compile the policy. </property>
|
|
+ </widget>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GnomeDruidPageStandard" id="name_page">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="title" translatable="yes">Name of application to be confined</property>
|
|
+
|
|
+ <child internal-child="vbox">
|
|
+ <widget class="GtkVBox" id="druid-vbox5">
|
|
+ <property name="border_width">16</property>
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">6</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkTable" id="table5">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="n_rows">2</property>
|
|
+ <property name="n_columns">3</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="row_spacing">0</property>
|
|
+ <property name="column_spacing">5</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label1">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">Name</property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">0</property>
|
|
+ <property name="right_attach">1</property>
|
|
+ <property name="top_attach">0</property>
|
|
+ <property name="bottom_attach">1</property>
|
|
+ <property name="x_options">fill</property>
|
|
+ <property name="y_options"></property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkEntry" id="exec_entry">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="tooltip" translatable="yes">Enter path to executable to be confined.</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="editable">True</property>
|
|
+ <property name="visibility">True</property>
|
|
+ <property name="max_length">0</property>
|
|
+ <property name="text" translatable="yes"></property>
|
|
+ <property name="has_frame">True</property>
|
|
+ <property name="invisible_char">•</property>
|
|
+ <property name="activates_default">False</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">1</property>
|
|
+ <property name="right_attach">2</property>
|
|
+ <property name="top_attach">1</property>
|
|
+ <property name="bottom_attach">2</property>
|
|
+ <property name="y_options"></property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkButton" id="button1">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="label" translatable="yes">...</property>
|
|
+ <property name="use_underline">True</property>
|
|
+ <property name="relief">GTK_RELIEF_NORMAL</property>
|
|
+ <property name="focus_on_click">True</property>
|
|
+ <signal name="clicked" handler="on_exec_select_clicked" last_modification_time="Wed, 21 Feb 2007 18:45:26 GMT"/>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">2</property>
|
|
+ <property name="right_attach">3</property>
|
|
+ <property name="top_attach">1</property>
|
|
+ <property name="bottom_attach">2</property>
|
|
+ <property name="x_options">fill</property>
|
|
+ <property name="y_options"></property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkEntry" id="name_entry">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="tooltip" translatable="yes">Enter unigue policy type name for confined application.</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="editable">True</property>
|
|
+ <property name="visibility">True</property>
|
|
+ <property name="max_length">0</property>
|
|
+ <property name="text" translatable="yes"></property>
|
|
+ <property name="has_frame">True</property>
|
|
+ <property name="invisible_char">•</property>
|
|
+ <property name="activates_default">False</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">1</property>
|
|
+ <property name="right_attach">3</property>
|
|
+ <property name="top_attach">0</property>
|
|
+ <property name="bottom_attach">1</property>
|
|
+ <property name="y_options"></property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label2">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">Executable</property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">0</property>
|
|
+ <property name="right_attach">1</property>
|
|
+ <property name="top_attach">1</property>
|
|
+ <property name="bottom_attach">2</property>
|
|
+ <property name="x_options">fill</property>
|
|
+ <property name="y_options"></property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">True</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GnomeDruidPageStandard" id="druidpagestandard11">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="title" translatable="yes">Application Type</property>
|
|
+
|
|
+ <child internal-child="vbox">
|
|
+ <widget class="GtkVBox" id="druid-vbox11">
|
|
+ <property name="border_width">16</property>
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">6</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkVBox" id="vbox6">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">0</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkRadioButton" id="init_radiobutton">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="label" translatable="yes">Standard Init Daemon</property>
|
|
+ <property name="use_underline">True</property>
|
|
+ <property name="relief">GTK_RELIEF_NORMAL</property>
|
|
+ <property name="focus_on_click">True</property>
|
|
+ <property name="active">False</property>
|
|
+ <property name="inconsistent">False</property>
|
|
+ <property name="draw_indicator">True</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">False</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkRadioButton" id="inetd_radiobutton">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="label" translatable="yes">Internet Services Daemon (inetd)</property>
|
|
+ <property name="use_underline">True</property>
|
|
+ <property name="relief">GTK_RELIEF_NORMAL</property>
|
|
+ <property name="focus_on_click">True</property>
|
|
+ <property name="active">False</property>
|
|
+ <property name="inconsistent">False</property>
|
|
+ <property name="draw_indicator">True</property>
|
|
+ <property name="group">init_radiobutton</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">False</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkRadioButton" id="cgi_radiobutton">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="label" translatable="yes">Web Application/Script (CGI)</property>
|
|
+ <property name="use_underline">True</property>
|
|
+ <property name="relief">GTK_RELIEF_NORMAL</property>
|
|
+ <property name="focus_on_click">True</property>
|
|
+ <property name="active">False</property>
|
|
+ <property name="inconsistent">False</property>
|
|
+ <property name="draw_indicator">True</property>
|
|
+ <property name="group">init_radiobutton</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">False</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkRadioButton" id="user_radiobutton">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="label" translatable="yes">User Application</property>
|
|
+ <property name="use_underline">True</property>
|
|
+ <property name="relief">GTK_RELIEF_NORMAL</property>
|
|
+ <property name="focus_on_click">True</property>
|
|
+ <property name="active">False</property>
|
|
+ <property name="inconsistent">False</property>
|
|
+ <property name="draw_indicator">True</property>
|
|
+ <property name="group">init_radiobutton</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">False</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">True</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GnomeDruidPageStandard" id="druidpagestandard6">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="title" translatable="yes">Incoming Network Port Connections</property>
|
|
+
|
|
+ <child internal-child="vbox">
|
|
+ <widget class="GtkVBox" id="druid-vbox6">
|
|
+ <property name="border_width">16</property>
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">6</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkTable" id="table6">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="n_rows">2</property>
|
|
+ <property name="n_columns">2</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="row_spacing">0</property>
|
|
+ <property name="column_spacing">5</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label7">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">TCP Ports</property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">0</property>
|
|
+ <property name="right_attach">1</property>
|
|
+ <property name="top_attach">0</property>
|
|
+ <property name="bottom_attach">1</property>
|
|
+ <property name="x_options">fill</property>
|
|
+ <property name="y_options"></property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label8">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">UDP Ports</property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">0</property>
|
|
+ <property name="right_attach">1</property>
|
|
+ <property name="top_attach">1</property>
|
|
+ <property name="bottom_attach">2</property>
|
|
+ <property name="x_options">fill</property>
|
|
+ <property name="y_options"></property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkEntry" id="in_tcp_entry">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="tooltip" translatable="yes">Enter a comma separated list of tcp ports that this application binds to. </property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="editable">True</property>
|
|
+ <property name="visibility">True</property>
|
|
+ <property name="max_length">0</property>
|
|
+ <property name="text" translatable="yes"></property>
|
|
+ <property name="has_frame">True</property>
|
|
+ <property name="invisible_char">•</property>
|
|
+ <property name="activates_default">False</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">1</property>
|
|
+ <property name="right_attach">2</property>
|
|
+ <property name="top_attach">0</property>
|
|
+ <property name="bottom_attach">1</property>
|
|
+ <property name="y_options"></property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkEntry" id="in_udp_entry">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="tooltip" translatable="yes">Enter a comma separated list of tcp ports that this application binds to. </property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="editable">True</property>
|
|
+ <property name="visibility">True</property>
|
|
+ <property name="max_length">0</property>
|
|
+ <property name="text" translatable="yes"></property>
|
|
+ <property name="has_frame">True</property>
|
|
+ <property name="invisible_char">•</property>
|
|
+ <property name="activates_default">False</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">1</property>
|
|
+ <property name="right_attach">2</property>
|
|
+ <property name="top_attach">1</property>
|
|
+ <property name="bottom_attach">2</property>
|
|
+ <property name="y_options"></property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">True</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GnomeDruidPageStandard" id="druidpagestandard7">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="title" translatable="yes">Outgoing Network Port Connections</property>
|
|
+
|
|
+ <child internal-child="vbox">
|
|
+ <widget class="GtkVBox" id="druid-vbox7">
|
|
+ <property name="border_width">16</property>
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">6</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkTable" id="table7">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="n_rows">2</property>
|
|
+ <property name="n_columns">2</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="row_spacing">0</property>
|
|
+ <property name="column_spacing">5</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label9">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">TCP Ports</property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">0</property>
|
|
+ <property name="right_attach">1</property>
|
|
+ <property name="top_attach">0</property>
|
|
+ <property name="bottom_attach">1</property>
|
|
+ <property name="x_options">fill</property>
|
|
+ <property name="y_options"></property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label10">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">UDP Ports</property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">0</property>
|
|
+ <property name="right_attach">1</property>
|
|
+ <property name="top_attach">1</property>
|
|
+ <property name="bottom_attach">2</property>
|
|
+ <property name="x_options">fill</property>
|
|
+ <property name="y_options"></property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkEntry" id="out_tcp_entry">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="tooltip" translatable="yes">Enter a comma separated list of tcp ports that this application connects to.</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="editable">True</property>
|
|
+ <property name="visibility">True</property>
|
|
+ <property name="max_length">0</property>
|
|
+ <property name="text" translatable="yes"></property>
|
|
+ <property name="has_frame">True</property>
|
|
+ <property name="invisible_char">•</property>
|
|
+ <property name="activates_default">False</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">1</property>
|
|
+ <property name="right_attach">2</property>
|
|
+ <property name="top_attach">0</property>
|
|
+ <property name="bottom_attach">1</property>
|
|
+ <property name="y_options"></property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkEntry" id="out_udp_entry">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="tooltip" translatable="yes">Enter a comma separated list of udp ports that this application connects to.</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="editable">True</property>
|
|
+ <property name="visibility">True</property>
|
|
+ <property name="max_length">0</property>
|
|
+ <property name="text" translatable="yes"></property>
|
|
+ <property name="has_frame">True</property>
|
|
+ <property name="invisible_char">•</property>
|
|
+ <property name="activates_default">False</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">1</property>
|
|
+ <property name="right_attach">2</property>
|
|
+ <property name="top_attach">1</property>
|
|
+ <property name="bottom_attach">2</property>
|
|
+ <property name="y_options"></property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">True</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GnomeDruidPageStandard" id="druidpagestandard8">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="title" translatable="yes">Common Application Traits</property>
|
|
+
|
|
+ <child internal-child="vbox">
|
|
+ <widget class="GtkVBox" id="druid-vbox8">
|
|
+ <property name="border_width">16</property>
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">6</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkVBox" id="vbox4">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">0</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkCheckButton" id="syslog_checkbutton">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="label" translatable="yes">Application uses syslog to log messages </property>
|
|
+ <property name="use_underline">True</property>
|
|
+ <property name="relief">GTK_RELIEF_NORMAL</property>
|
|
+ <property name="focus_on_click">True</property>
|
|
+ <property name="active">False</property>
|
|
+ <property name="inconsistent">False</property>
|
|
+ <property name="draw_indicator">True</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">False</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkCheckButton" id="tmp_checkbutton">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="label" translatable="yes">Applicaiton uses /tmp to Create/Manipulate temporary files</property>
|
|
+ <property name="use_underline">True</property>
|
|
+ <property name="relief">GTK_RELIEF_NORMAL</property>
|
|
+ <property name="focus_on_click">True</property>
|
|
+ <property name="active">False</property>
|
|
+ <property name="inconsistent">False</property>
|
|
+ <property name="draw_indicator">True</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">False</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkCheckButton" id="pam_checkbutton">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="label" translatable="yes">Application uses Pam for authentication</property>
|
|
+ <property name="use_underline">True</property>
|
|
+ <property name="relief">GTK_RELIEF_NORMAL</property>
|
|
+ <property name="focus_on_click">True</property>
|
|
+ <property name="active">False</property>
|
|
+ <property name="inconsistent">False</property>
|
|
+ <property name="draw_indicator">True</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">False</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkCheckButton" id="uid_checkbutton">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="label" translatable="yes">Application uses nsswitch or translates UID's (daemons that run as non root)</property>
|
|
+ <property name="use_underline">True</property>
|
|
+ <property name="relief">GTK_RELIEF_NORMAL</property>
|
|
+ <property name="focus_on_click">True</property>
|
|
+ <property name="active">False</property>
|
|
+ <property name="inconsistent">False</property>
|
|
+ <property name="draw_indicator">True</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">False</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">True</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GnomeDruidPageStandard" id="druidpagestandard9">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="title" translatable="yes">Files and Directories</property>
|
|
+
|
|
+ <child internal-child="vbox">
|
|
+ <widget class="GtkVBox" id="druid-vbox9">
|
|
+ <property name="border_width">16</property>
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">6</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkFrame" id="frame3">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label_xalign">0</property>
|
|
+ <property name="label_yalign">0.5</property>
|
|
+ <property name="shadow_type">GTK_SHADOW_NONE</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkAlignment" id="alignment3">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="xalign">0.5</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xscale">1</property>
|
|
+ <property name="yscale">1</property>
|
|
+ <property name="top_padding">0</property>
|
|
+ <property name="bottom_padding">0</property>
|
|
+ <property name="left_padding">12</property>
|
|
+ <property name="right_padding">0</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkHBox" id="hbox1">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">0</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkVBox" id="vbox3">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">0</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkButton" id="button2">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="relief">GTK_RELIEF_NORMAL</property>
|
|
+ <property name="focus_on_click">True</property>
|
|
+ <signal name="clicked" handler="on_add_clicked" last_modification_time="Wed, 21 Feb 2007 18:47:51 GMT"/>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkAlignment" id="alignment6">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="xalign">0.5</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xscale">0</property>
|
|
+ <property name="yscale">0</property>
|
|
+ <property name="top_padding">0</property>
|
|
+ <property name="bottom_padding">0</property>
|
|
+ <property name="left_padding">0</property>
|
|
+ <property name="right_padding">0</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkHBox" id="hbox4">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">2</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkImage" id="image3">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="stock">gtk-add</property>
|
|
+ <property name="icon_size">4</property>
|
|
+ <property name="xalign">0.5</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">False</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label17">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label">Add File</property>
|
|
+ <property name="use_underline">True</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0.5</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">False</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">False</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkButton" id="button9">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="relief">GTK_RELIEF_NORMAL</property>
|
|
+ <property name="focus_on_click">True</property>
|
|
+ <signal name="clicked" handler="on_add_dir_clicked" last_modification_time="Wed, 21 Feb 2007 22:15:43 GMT"/>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkAlignment" id="alignment5">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="xalign">0.5</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xscale">0</property>
|
|
+ <property name="yscale">0</property>
|
|
+ <property name="top_padding">0</property>
|
|
+ <property name="bottom_padding">0</property>
|
|
+ <property name="left_padding">0</property>
|
|
+ <property name="right_padding">0</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkHBox" id="hbox3">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">2</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkImage" id="image2">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="stock">gtk-add</property>
|
|
+ <property name="icon_size">4</property>
|
|
+ <property name="xalign">0.5</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">False</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label16">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label">Add Directory</property>
|
|
+ <property name="use_underline">True</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0.5</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">False</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">False</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkButton" id="button4">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="label">gtk-delete</property>
|
|
+ <property name="use_stock">True</property>
|
|
+ <property name="relief">GTK_RELIEF_NORMAL</property>
|
|
+ <property name="focus_on_click">True</property>
|
|
+ <signal name="clicked" handler="on_delete_clicked" last_modification_time="Wed, 21 Feb 2007 18:48:10 GMT"/>
|
|
+ <accelerator key="Delete" modifiers="0" signal="clicked"/>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">False</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">4</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkScrolledWindow" id="scrolledwindow1">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="hscrollbar_policy">GTK_POLICY_NEVER</property>
|
|
+ <property name="vscrollbar_policy">GTK_POLICY_NEVER</property>
|
|
+ <property name="shadow_type">GTK_SHADOW_IN</property>
|
|
+ <property name="window_placement">GTK_CORNER_TOP_LEFT</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkViewport" id="viewport1">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="shadow_type">GTK_SHADOW_IN</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkVBox" id="vbox2">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">0</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkScrolledWindow" id="scrolledwindow2">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="hscrollbar_policy">GTK_POLICY_ALWAYS</property>
|
|
+ <property name="vscrollbar_policy">GTK_POLICY_ALWAYS</property>
|
|
+ <property name="shadow_type">GTK_SHADOW_IN</property>
|
|
+ <property name="window_placement">GTK_CORNER_TOP_LEFT</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkTreeView" id="write_treeview">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="tooltip" translatable="yes">Add Files/Directories that this application will need to "Write" to. Pid Files, Log Files, /var/lib Files ...</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="headers_visible">False</property>
|
|
+ <property name="rules_hint">False</property>
|
|
+ <property name="reorderable">False</property>
|
|
+ <property name="enable_search">True</property>
|
|
+ <property name="fixed_height_mode">False</property>
|
|
+ <property name="hover_selection">False</property>
|
|
+ <property name="hover_expand">False</property>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">True</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">True</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">True</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GnomeDruidPageStandard" id="druidpagestandard10">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="title" translatable="yes">Generate policy in this directory</property>
|
|
+
|
|
+ <child internal-child="vbox">
|
|
+ <widget class="GtkVBox" id="druid-vbox10">
|
|
+ <property name="border_width">16</property>
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">5</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkHBox" id="hbox6">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">0</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label18">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">Policy Directory</property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0.5</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">5</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">False</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkEntry" id="output_entry">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="editable">True</property>
|
|
+ <property name="visibility">True</property>
|
|
+ <property name="max_length">0</property>
|
|
+ <property name="text" translatable="yes"></property>
|
|
+ <property name="has_frame">True</property>
|
|
+ <property name="invisible_char">•</property>
|
|
+ <property name="activates_default">False</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">True</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkButton" id="output_button">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="label" translatable="yes">...</property>
|
|
+ <property name="use_underline">True</property>
|
|
+ <property name="relief">GTK_RELIEF_NORMAL</property>
|
|
+ <property name="focus_on_click">True</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">False</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GnomeDruidPageEdge" id="finish_page">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="position">GNOME_EDGE_FINISH</property>
|
|
+ <property name="title" translatable="yes">Generated Policy Files</property>
|
|
+ <property name="text" translatable="yes">This tool will generate the following: Type Enforcment(te), File Context(fc), Interface(if), Shell Script(sh).
|
|
+Execute shell script to compile/install and relabel files/directories. Now you can put the machine in permissive mode (setenforce 0).
|
|
+Run/restart the application to generate avc messages.
|
|
+Use audit2allow -R to generate additional rules for the te file.
|
|
+</property>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">True</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+</widget>
|
|
+
|
|
+<widget class="GtkFileChooserDialog" id="filechooserdialog">
|
|
+ <property name="action">GTK_FILE_CHOOSER_ACTION_OPEN</property>
|
|
+ <property name="local_only">True</property>
|
|
+ <property name="select_multiple">True</property>
|
|
+ <property name="show_hidden">True</property>
|
|
+ <property name="do_overwrite_confirmation">False</property>
|
|
+ <property name="type">GTK_WINDOW_TOPLEVEL</property>
|
|
+ <property name="window_position">GTK_WIN_POS_MOUSE</property>
|
|
+ <property name="modal">False</property>
|
|
+ <property name="resizable">True</property>
|
|
+ <property name="destroy_with_parent">False</property>
|
|
+ <property name="decorated">True</property>
|
|
+ <property name="skip_taskbar_hint">False</property>
|
|
+ <property name="skip_pager_hint">False</property>
|
|
+ <property name="type_hint">GDK_WINDOW_TYPE_HINT_DIALOG</property>
|
|
+ <property name="gravity">GDK_GRAVITY_NORTH_WEST</property>
|
|
+ <property name="focus_on_map">True</property>
|
|
+ <property name="urgency_hint">False</property>
|
|
+
|
|
+ <child internal-child="vbox">
|
|
+ <widget class="GtkVBox" id="dialog-vbox1">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">24</property>
|
|
+
|
|
+ <child internal-child="action_area">
|
|
+ <widget class="GtkHButtonBox" id="dialog-action_area1">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="layout_style">GTK_BUTTONBOX_END</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkButton" id="button5">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_default">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="label">gtk-cancel</property>
|
|
+ <property name="use_stock">True</property>
|
|
+ <property name="relief">GTK_RELIEF_NORMAL</property>
|
|
+ <property name="focus_on_click">True</property>
|
|
+ <property name="response_id">-6</property>
|
|
+ </widget>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkButton" id="button6">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_default">True</property>
|
|
+ <property name="has_default">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="label">gtk-add</property>
|
|
+ <property name="use_stock">True</property>
|
|
+ <property name="relief">GTK_RELIEF_NORMAL</property>
|
|
+ <property name="focus_on_click">True</property>
|
|
+ <property name="response_id">-5</property>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">True</property>
|
|
+ <property name="pack_type">GTK_PACK_END</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+</widget>
|
|
+
|
|
+<widget class="GtkAboutDialog" id="about_dialog">
|
|
+ <property name="destroy_with_parent">False</property>
|
|
+ <property name="name" translatable="yes">Polgen</property>
|
|
+ <property name="copyright" translatable="yes">Red Hat 2007</property>
|
|
+ <property name="license" translatable="yes">GPL</property>
|
|
+ <property name="wrap_license">False</property>
|
|
+ <property name="website">www.redhat.com</property>
|
|
+ <property name="authors">Daniel Walsh <dwalsh@redhat.com></property>
|
|
+ <property name="translator_credits" translatable="yes" comments="TRANSLATORS: Replace this string with your names, one name per line.">translator-credits</property>
|
|
+</widget>
|
|
+
|
|
+</glade-interface>
|
|
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgengui.py policycoreutils-2.0.10/gui/polgengui.py
|
|
--- nsapolicycoreutils/gui/polgengui.py 1969-12-31 19:00:00.000000000 -0500
|
|
+++ policycoreutils-2.0.10/gui/polgengui.py 2007-04-24 14:49:20.000000000 -0400
|
|
@@ -0,0 +1,253 @@
|
|
+#!/usr/bin/python
|
|
+#
|
|
+# system-config-selinux.py - GUI for SELinux Config tool in system-config-selinux
|
|
+#
|
|
+# Dan Walsh <dwalsh@redhat.com>
|
|
+#
|
|
+# Copyright 2007 Red Hat, Inc.
|
|
+#
|
|
+# This program is free software; you can redistribute it and/or modify
|
|
+# it under the terms of the GNU General Public License as published by
|
|
+# the Free Software Foundation; either version 2 of the License, or
|
|
+# (at your option) any later version.
|
|
+#
|
|
+# This program is distributed in the hope that it will be useful,
|
|
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
+# GNU General Public License for more details.
|
|
+#
|
|
+# You should have received a copy of the GNU General Public License
|
|
+# along with this program; if not, write to the Free Software
|
|
+# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
|
|
+#
|
|
+import signal
|
|
+import string
|
|
+import gtk
|
|
+import gtk.glade
|
|
+import os
|
|
+import libxml2
|
|
+import gobject
|
|
+import gnome
|
|
+import sys
|
|
+import polgen
|
|
+
|
|
+##
|
|
+## I18N
|
|
+##
|
|
+PROGNAME="system-config-selinux"
|
|
+
|
|
+import gettext
|
|
+gettext.bindtextdomain(PROGNAME, "/usr/share/locale")
|
|
+gettext.textdomain(PROGNAME)
|
|
+try:
|
|
+ gettext.install(PROGNAME, localedir="/usr/share/locale", unicode=1)
|
|
+except IOError:
|
|
+ import __builtin__
|
|
+ __builtin__.__dict__['_'] = unicode
|
|
+
|
|
+gnome.program_init("SELinux Poligy Generation Tool", "5")
|
|
+
|
|
+version = "1.0"
|
|
+
|
|
+sys.path.append('/usr/share/system-config-selinux')
|
|
+sys.path.append('.')
|
|
+
|
|
+##
|
|
+## Pull in the Glade file
|
|
+##
|
|
+if os.access("polgen.glade", os.F_OK):
|
|
+ xml = gtk.glade.XML ("polgen.glade", domain=PROGNAME)
|
|
+else:
|
|
+ xml = gtk.glade.XML ("/usr/share/system-config-selinux/polgen.glade", domain=PROGNAME)
|
|
+
|
|
+FILE = 1
|
|
+DIR = 2
|
|
+class childWindow:
|
|
+ def __init__(self):
|
|
+ self.xml = xml
|
|
+ xml.signal_connect("on_druid_cancel", self.quit)
|
|
+ xml.signal_connect("on_delete_clicked", self.delete)
|
|
+ xml.signal_connect("on_exec_select_clicked", self.exec_select)
|
|
+ xml.signal_connect("on_add_clicked", self.add)
|
|
+ xml.signal_connect("on_add_dir_clicked", self.add_dir)
|
|
+ xml.signal_connect("on_about_clicked", self.on_about_clicked)
|
|
+
|
|
+ def verify(self, message, title="" ):
|
|
+ dlg = gtk.MessageDialog(None, 0, gtk.MESSAGE_INFO,
|
|
+ gtk.BUTTONS_YES_NO,
|
|
+ message)
|
|
+ dlg.set_title(title)
|
|
+ dlg.set_position(gtk.WIN_POS_MOUSE)
|
|
+ dlg.show_all()
|
|
+ rc = dlg.run()
|
|
+ dlg.destroy()
|
|
+ return rc
|
|
+
|
|
+ def info(self, message):
|
|
+ dlg = gtk.MessageDialog(None, 0, gtk.MESSAGE_INFO,
|
|
+ gtk.BUTTONS_OK,
|
|
+ message)
|
|
+ dlg.set_position(gtk.WIN_POS_MOUSE)
|
|
+ dlg.show_all()
|
|
+ dlg.run()
|
|
+ dlg.destroy()
|
|
+
|
|
+ def error(self, message):
|
|
+ dlg = gtk.MessageDialog(None, 0, gtk.MESSAGE_ERROR,
|
|
+ gtk.BUTTONS_CLOSE,
|
|
+ message)
|
|
+ dlg.set_position(gtk.WIN_POS_MOUSE)
|
|
+ dlg.show_all()
|
|
+ dlg.run()
|
|
+ dlg.destroy()
|
|
+
|
|
+ def get_type(self):
|
|
+ if self.cgi_radiobutton.get_active():
|
|
+ return polgen.policy.CGI
|
|
+ if self.user_radiobutton.get_active():
|
|
+ return polgen.policy.USER
|
|
+ if self.init_radiobutton.get_active():
|
|
+ return polgen.policy.Daemon
|
|
+ if self.inetd_radiobutton.get_active():
|
|
+ return polgen.policy.INETD
|
|
+
|
|
+ def generate_policy(self, *args):
|
|
+ try:
|
|
+ my_policy=polgen.policy(self.name_entry.get_text(), self.exec_entry.get_text(), self.get_type())
|
|
+ my_policy.set_in_tcp(self.in_tcp_entry.get_text())
|
|
+ my_policy.set_in_udp(self.in_udp_entry.get_text())
|
|
+ my_policy.set_out_tcp(self.out_tcp_entry.get_text())
|
|
+ my_policy.set_out_udp(self.out_udp_entry.get_text())
|
|
+ my_policy.set_use_syslog(self.syslog_checkbutton.get_active() == 1)
|
|
+ my_policy.set_use_tmp(self.tmp_checkbutton.get_active() == 1)
|
|
+ my_policy.set_use_uid(self.uid_checkbutton.get_active() == 1)
|
|
+ my_policy.set_use_pam(self.pam_checkbutton.get_active() == 1)
|
|
+
|
|
+ iter= self.store.get_iter_first()
|
|
+ while(iter):
|
|
+ if self.store.get_value(iter, 1) == FILE:
|
|
+ my_policy.add_file(self.store.get_value(iter, 0))
|
|
+ else:
|
|
+ my_policy.add_dir(self.store.get_value(iter, 0))
|
|
+ iter= self.store.iter_next(iter)
|
|
+
|
|
+ self.info(my_policy.generate(self.output_entry.get_text()))
|
|
+ return False
|
|
+ except ValueError, e:
|
|
+ self.error(e.message)
|
|
+
|
|
+ def delete(self, args):
|
|
+ store, iter = self.view.get_selection().get_selected()
|
|
+ if iter != None:
|
|
+ store.remove(iter)
|
|
+ self.view.get_selection().select_path ((0,))
|
|
+
|
|
+ def __add(self,type):
|
|
+ rc = self.file_dialog.run()
|
|
+ self.file_dialog.hide()
|
|
+ if rc == gtk.RESPONSE_CANCEL:
|
|
+ return
|
|
+ for i in self.file_dialog.get_filenames():
|
|
+ iter = self.store.append()
|
|
+ self.store.set_value(iter, 0, i)
|
|
+ self.store.set_value(iter, 1, type)
|
|
+
|
|
+ def exec_select(self, args):
|
|
+ self.file_dialog.set_select_multiple(0)
|
|
+ self.file_dialog.set_title(_("Select executable file to be confined."))
|
|
+ self.file_dialog.set_action(gtk.FILE_CHOOSER_ACTION_SAVE)
|
|
+ rc = self.file_dialog.run()
|
|
+ self.file_dialog.hide()
|
|
+ if rc == gtk.RESPONSE_CANCEL:
|
|
+ return
|
|
+ self.exec_entry.set_text(self.file_dialog.get_filename())
|
|
+
|
|
+ def add(self, args):
|
|
+ self.file_dialog.set_title(_("Select file(s) that confined application creates or writes"))
|
|
+ self.file_dialog.set_select_multiple(1)
|
|
+ self.file_dialog.set_action(gtk.FILE_CHOOSER_ACTION_OPEN)
|
|
+ self.__add(FILE)
|
|
+
|
|
+ def add_dir(self, args):
|
|
+ self.file_dialog.set_title(_("Select directory(s) that the confined application owns and writes into"))
|
|
+ self.file_dialog.set_select_multiple(0)
|
|
+ self.file_dialog.set_action(gtk.FILE_CHOOSER_ACTION_CREATE_FOLDER)
|
|
+ self.__add(DIR)
|
|
+
|
|
+ def on_about_clicked(self, args):
|
|
+ dlg = xml.get_widget ("about_dialog")
|
|
+ dlg.run ()
|
|
+ dlg.hide ()
|
|
+
|
|
+ def quit(self, args):
|
|
+ gtk.main_quit()
|
|
+
|
|
+ def setupScreen(self):
|
|
+ # Bring in widgets from glade file.
|
|
+ self.mainWindow = self.xml.get_widget("main_window")
|
|
+ self.type = 0
|
|
+ self.name_entry = self.xml.get_widget("name_entry")
|
|
+ self.exec_entry = self.xml.get_widget("exec_entry")
|
|
+ self.in_tcp_entry = self.xml.get_widget("in_tcp_entry")
|
|
+ self.in_udp_entry = self.xml.get_widget("in_udp_entry")
|
|
+ self.out_tcp_entry = self.xml.get_widget("out_tcp_entry")
|
|
+ self.output_entry = self.xml.get_widget("output_entry")
|
|
+ self.output_entry.set_text(os.getcwd())
|
|
+ self.xml.get_widget("output_button").connect("clicked",self.output_button_clicked)
|
|
+
|
|
+ self.out_udp_entry = self.xml.get_widget("out_udp_entry")
|
|
+ self.user_radiobutton = self.xml.get_widget("user_radiobutton")
|
|
+ self.init_radiobutton = self.xml.get_widget("init_radiobutton")
|
|
+ self.inetd_radiobutton = self.xml.get_widget("inetd_radiobutton")
|
|
+ self.cgi_radiobutton = self.xml.get_widget("cgi_radiobutton")
|
|
+ self.tmp_checkbutton = self.xml.get_widget("tmp_checkbutton")
|
|
+ self.uid_checkbutton = self.xml.get_widget("uid_checkbutton")
|
|
+ self.pam_checkbutton = self.xml.get_widget("pam_checkbutton")
|
|
+ self.syslog_checkbutton = self.xml.get_widget("syslog_checkbutton")
|
|
+ self.view = self.xml.get_widget("write_treeview")
|
|
+ self.file_dialog = self.xml.get_widget("filechooserdialog")
|
|
+ self.xml.get_widget("name_page").connect("next",self.on_name_page_next)
|
|
+ self.xml.get_widget("finish_page").connect("finish",self.generate_policy)
|
|
+
|
|
+ self.store = gtk.ListStore(gobject.TYPE_STRING, gobject.TYPE_INT)
|
|
+ self.view.set_model(self.store)
|
|
+ col = gtk.TreeViewColumn("", gtk.CellRendererText(), text = 0)
|
|
+ col.set_resizable(True)
|
|
+ self.view.append_column(col)
|
|
+ self.view.get_selection().select_path ((0,))
|
|
+
|
|
+ def output_button_clicked(self, *args):
|
|
+ self.file_dialog.set_title(_("Select directory to generate policy files in"))
|
|
+ self.file_dialog.set_action(gtk.FILE_CHOOSER_ACTION_SELECT_FOLDER)
|
|
+ self.file_dialog.set_select_multiple(0)
|
|
+ rc = self.file_dialog.run()
|
|
+ self.file_dialog.hide()
|
|
+ if rc == gtk.RESPONSE_CANCEL:
|
|
+ return
|
|
+ self.output_entry.set_text(self.file_dialog.get_filename())
|
|
+
|
|
+ def on_name_page_next(self, *args):
|
|
+ name=self.name_entry.get_text()
|
|
+ if name == "":
|
|
+ self.error(_("You must enter a name"))
|
|
+ return True
|
|
+
|
|
+ exe = self.exec_entry.get_text()
|
|
+ if exe == "":
|
|
+ self.error(_("You must enter a executable"))
|
|
+ return True
|
|
+
|
|
+ def stand_alone(self):
|
|
+ desktopName = _("Configue SELinux")
|
|
+
|
|
+ self.setupScreen()
|
|
+ self.mainWindow.connect("destroy", self.quit)
|
|
+
|
|
+ self.mainWindow.show_all()
|
|
+ gtk.main()
|
|
+
|
|
+if __name__ == "__main__":
|
|
+ signal.signal (signal.SIGINT, signal.SIG_DFL)
|
|
+
|
|
+ app = childWindow()
|
|
+ app.stand_alone()
|
|
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycoreutils-2.0.10/gui/polgen.py
|
|
--- nsapolicycoreutils/gui/polgen.py 1969-12-31 19:00:00.000000000 -0500
|
|
+++ policycoreutils-2.0.10/gui/polgen.py 2007-04-24 14:44:30.000000000 -0400
|
|
@@ -0,0 +1,455 @@
|
|
+#! /usr/bin/python
|
|
+# Copyright (C) 2007 Red Hat
|
|
+# see file 'COPYING' for use and warranty information
|
|
+#
|
|
+# policygentool is a tool for the initial generation of SELinux policy
|
|
+#
|
|
+# This program is free software; you can redistribute it and/or
|
|
+# modify it under the terms of the GNU General Public License as
|
|
+# published by the Free Software Foundation; either version 2 of
|
|
+# the License, or (at your option) any later version.
|
|
+#
|
|
+# This program is distributed in the hope that it will be useful,
|
|
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
+# GNU General Public License for more details.
|
|
+#
|
|
+# You should have received a copy of the GNU General Public License
|
|
+# along with this program; if not, write to the Free Software
|
|
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
|
|
+# 02111-1307 USA
|
|
+#
|
|
+#
|
|
+import os, sys, getopt, stat
|
|
+import re
|
|
+from templates import executable
|
|
+from templates import var_spool
|
|
+from templates import var_lib
|
|
+from templates import var_log
|
|
+from templates import var_run
|
|
+from templates import tmp
|
|
+from templates import rw
|
|
+from templates import network
|
|
+from templates import script
|
|
+import seobject
|
|
+
|
|
+##
|
|
+## I18N
|
|
+##
|
|
+PROGNAME="system-config-selinux"
|
|
+
|
|
+import gettext
|
|
+gettext.bindtextdomain(PROGNAME, "/usr/share/locale")
|
|
+gettext.textdomain(PROGNAME)
|
|
+try:
|
|
+ gettext.install(PROGNAME, localedir="/usr/share/locale", unicode=1)
|
|
+except IOError:
|
|
+ import __builtin__
|
|
+ __builtin__.__dict__['_'] = unicode
|
|
+
|
|
+
|
|
+class policy:
|
|
+ Daemon = 0
|
|
+ INETD = 1
|
|
+ USER = 2
|
|
+ CGI = 3
|
|
+ def __init__(self, name, program, type):
|
|
+ ports = seobject.portRecords()
|
|
+ self.dict = ports.get_all()
|
|
+
|
|
+ self.DEFAULT_DIRS = {}
|
|
+ self.DEFAULT_DIRS["rw"] = ["rw", [], rw];
|
|
+ self.DEFAULT_DIRS["tmp"] = ["tmp", [], tmp];
|
|
+ self.DEFAULT_DIRS["/var/spool"] = ["var_spool", [], var_spool];
|
|
+ self.DEFAULT_DIRS["/var/lib"] = ["var_lib", [], var_lib];
|
|
+ self.DEFAULT_DIRS["/var/log"] = ["var_log", [], var_log];
|
|
+ self.DEFAULT_DIRS["/var/run"] = ["var_run", [], var_run];
|
|
+
|
|
+ self.DEFAULT_TYPES = (( self.generate_daemon_types, self.generate_daemon_rules), ( self.generate_inetd_types, self.generate_inetd_rules), ( self.generate_userapp_types, self.generate_userapp_rules), ( self.generate_cgi_types, self.generate_cgi_rules))
|
|
+ if name == "":
|
|
+ raise ValueError(_("You must enter a name for your confined process"))
|
|
+ if type == self.CGI:
|
|
+ self.name = "httpd_%s_script" % name
|
|
+ else:
|
|
+ self.name = name
|
|
+ self.file_name = name
|
|
+ if program == "":
|
|
+ raise ValueError(_("You must enter the executable path for your confined process"))
|
|
+ self.program = program
|
|
+ self.type = type
|
|
+ self.in_tcp = []
|
|
+ self.in_udp = []
|
|
+ self.out_tcp = []
|
|
+ self.out_udp = []
|
|
+ self.use_tmp = False
|
|
+ self.use_uid = False
|
|
+ self.use_pam = False
|
|
+ self.use_syslog = False
|
|
+ self.files = {}
|
|
+ self.dirs = {}
|
|
+ self.found_tcp_ports=[]
|
|
+ self.found_udp_ports=[]
|
|
+ self.need_tcp_type=False
|
|
+ self.need_udp_type=False
|
|
+
|
|
+ def find_port(self, port):
|
|
+ for begin,end in self.dict.keys():
|
|
+ if port >= begin and port <= end:
|
|
+ return self.dict[begin,end]
|
|
+ return None
|
|
+
|
|
+ def __verify_ports(self, ports):
|
|
+ if ports == "":
|
|
+ return []
|
|
+ max_port=2**16
|
|
+ try:
|
|
+ temp = []
|
|
+ for p in ports.split(","):
|
|
+ i = int(p.strip())
|
|
+ if i < 1 or i > max_port:
|
|
+ raise ValueError()
|
|
+ temp.append(i)
|
|
+ return temp
|
|
+ except ValueError:
|
|
+ raise ValueError(_("Ports must be be numbers from 1 to %d " % max_port ))
|
|
+
|
|
+ def set_in_tcp(self, ports):
|
|
+ self.in_tcp = self.__verify_ports(ports)
|
|
+
|
|
+ def set_in_udp(self, ports):
|
|
+ self.in_udp = self.__verify_ports(ports)
|
|
+
|
|
+ def set_out_tcp(self, ports):
|
|
+ self.out_tcp = self.__verify_ports(ports)
|
|
+
|
|
+ def set_out_udp(self, ports):
|
|
+ self.out_udp = self.__verify_ports(ports)
|
|
+
|
|
+ def set_use_syslog(self, val):
|
|
+ if val != True and val != False:
|
|
+ raise ValueError(_("use_syslog must be a boolean value "))
|
|
+
|
|
+ self.use_syslog = val
|
|
+
|
|
+ def set_use_pam(self, val):
|
|
+ if val != True and val != False:
|
|
+ raise ValueError(_("use_pam must be a boolean value "))
|
|
+
|
|
+ self.use_pam = val
|
|
+
|
|
+ def set_use_tmp(self, val):
|
|
+ if val == True:
|
|
+ self.DEFAULT_DIRS["tmp"][1].append("/tmp");
|
|
+ return
|
|
+ if val == False:
|
|
+ self.DEFAULT_DIRS["tmp"][1]=[]
|
|
+ return
|
|
+ raise ValueError(_("use_tmp must be a boolean value "))
|
|
+
|
|
+
|
|
+ def set_use_uid(self, val):
|
|
+ if val != True and val != False:
|
|
+ raise ValueError(_("use_uid must be a boolean value "))
|
|
+
|
|
+ self.use_uid = val
|
|
+
|
|
+ def generate_uid_rules(self):
|
|
+ return re.sub("TEMPLATETYPE", self.name, executable.te_uid_rules)
|
|
+ def generate_syslog_rules(self):
|
|
+ return re.sub("TEMPLATETYPE", self.name, executable.te_syslog_rules)
|
|
+
|
|
+ def generate_pam_rules(self):
|
|
+ return re.sub("TEMPLATETYPE", self.name, executable.te_pam_rules)
|
|
+
|
|
+ def generate_network_types(self):
|
|
+ for i in self.in_tcp:
|
|
+ rec = self.find_port(int(i))
|
|
+ if rec == None:
|
|
+ self.need_tcp_type = True;
|
|
+ else:
|
|
+ port_name = rec[0][:-2]
|
|
+ line = "corenet_tcp_bind_%s(%s_t)\n" % (port_name, self.name)
|
|
+ if line not in self.found_tcp_ports:
|
|
+ self.found_tcp_ports.append(line)
|
|
+
|
|
+ for i in self.out_tcp:
|
|
+ rec = self.find_port(int(i))
|
|
+ if rec == None:
|
|
+ self.need_tcp_type = True;
|
|
+ else:
|
|
+ port_name = rec[0][:-2]
|
|
+ line = "corenet_tcp_connect_%s(%s_t)\n" % (port_name, self.name)
|
|
+ if line not in self.found_tcp_ports:
|
|
+ self.found_tcp_ports.append(line)
|
|
+
|
|
+ for i in self.in_udp:
|
|
+ rec = self.find_port(int(i))
|
|
+ if rec == None:
|
|
+ self.need_udp_type = True;
|
|
+ else:
|
|
+ port_name = rec[0][:-2]
|
|
+ line = "corenet_udp_bind_%s(%s_t)\n" % (port_name, self.name)
|
|
+ if line not in self.found_udp_ports:
|
|
+ self.found_udp_ports.append(line)
|
|
+
|
|
+ if self.need_udp_type == True or self.need_tcp_type == True:
|
|
+ return re.sub("TEMPLATETYPE", self.name, network.te_port_types)
|
|
+ return ""
|
|
+
|
|
+ def __find_path(self, file):
|
|
+ for d in self.DEFAULT_DIRS:
|
|
+ if file.find(d) == 0:
|
|
+ self.DEFAULT_DIRS[d][1].append(file)
|
|
+ return self.DEFAULT_DIRS[d]
|
|
+ self.DEFAULT_DIRS["rw"][1].append(file)
|
|
+ return self.DEFAULT_DIRS["rw"]
|
|
+
|
|
+ def add_file(self, file):
|
|
+ self.files[file] = self.__find_path(file)
|
|
+
|
|
+ def add_dir(self, file):
|
|
+ self.dirs[file] = self.__find_path(file)
|
|
+
|
|
+ def generate_network_rules(self):
|
|
+ newte = ""
|
|
+ tcp = len(self.in_tcp) + len(self.out_tcp)
|
|
+ udp = len(self.in_udp) + len(self.out_udp)
|
|
+ if tcp > 0 or udp > 0:
|
|
+ newte = "\n"
|
|
+
|
|
+ newte += re.sub("TEMPLATETYPE", self.name, network.te_network)
|
|
+
|
|
+ if tcp > 0:
|
|
+ newte += "\n"
|
|
+ newte += re.sub("TEMPLATETYPE", self.name, network.te_tcp)
|
|
+ if self.need_tcp_type and len(self.out_tcp) > 0:
|
|
+ newte += re.sub("TEMPLATETYPE", self.name, network.te_out_need_port_tcp)
|
|
+ if self.need_tcp_type and len(self.in_tcp) > 0:
|
|
+ newte += re.sub("TEMPLATETYPE", self.name, network.te_in_need_port_tcp)
|
|
+ if len(self.in_tcp) > 0:
|
|
+ newte += re.sub("TEMPLATETYPE", self.name, network.te_in_tcp)
|
|
+ for i in self.found_tcp_ports:
|
|
+ newte += i
|
|
+
|
|
+ if udp > 0:
|
|
+ newte += "\n"
|
|
+ newte += re.sub("TEMPLATETYPE", self.name, network.te_udp)
|
|
+ if self.need_udp_type and len(self.in_udp) > 0:
|
|
+ newte += re.sub("TEMPLATETYPE", self.name, network.te_in_need_port_udp)
|
|
+ if len(self.in_udp) > 0:
|
|
+ newte += re.sub("TEMPLATETYPE", self.name, network.te_in_udp)
|
|
+ for i in self.found_udp_ports:
|
|
+ newte += i
|
|
+ return newte
|
|
+
|
|
+ def generate_cgi_types(self):
|
|
+ newte = ""
|
|
+ newte += re.sub("TEMPLATETYPE", self.file_name, executable.te_cgi_types)
|
|
+ return newte
|
|
+
|
|
+ def generate_userapp_types(self):
|
|
+ newte = ""
|
|
+ newte += re.sub("TEMPLATETYPE", self.name, executable.te_userapp_types)
|
|
+ return newte
|
|
+
|
|
+ def generate_inetd_types(self):
|
|
+ newte = ""
|
|
+ newte += re.sub("TEMPLATETYPE", self.name, executable.te_inetd_types)
|
|
+ return newte
|
|
+
|
|
+ def generate_daemon_types(self):
|
|
+ newte = ""
|
|
+ newte += re.sub("TEMPLATETYPE", self.name, executable.te_daemon_types)
|
|
+ return newte
|
|
+
|
|
+ def generate_cgi_te(self):
|
|
+ newte = ""
|
|
+ newte += re.sub("TEMPLATETYPE", self.name, executable.te_cgi_types)
|
|
+ return newte
|
|
+
|
|
+ def generate_daemon_rules(self):
|
|
+ newte = ""
|
|
+ newte += re.sub("TEMPLATETYPE", self.name, executable.te_daemon_rules)
|
|
+ return newte
|
|
+
|
|
+ def generate_userapp_rules(self):
|
|
+ newte = ""
|
|
+ newte += re.sub("TEMPLATETYPE", self.name, executable.te_userapp_rules)
|
|
+ return newte
|
|
+
|
|
+ def generate_inetd_rules(self):
|
|
+ newte = ""
|
|
+ newte += re.sub("TEMPLATETYPE", self.name, executable.te_inetd_rules)
|
|
+ return newte
|
|
+
|
|
+ def generate_cgi_rules(self):
|
|
+ newte = ""
|
|
+ newte += re.sub("TEMPLATETYPE", self.name, executable.te_cgi_rules)
|
|
+ return newte
|
|
+
|
|
+ def generate_if(self):
|
|
+ newif = re.sub("TEMPLATETYPE", self.name, executable.if_rules)
|
|
+
|
|
+ for d in self.DEFAULT_DIRS:
|
|
+ if len(self.DEFAULT_DIRS[d][1]) > 0:
|
|
+ newif += re.sub("TEMPLATETYPE", self.name, self.DEFAULT_DIRS[d][2].if_rules)
|
|
+ for i in self.DEFAULT_DIRS[d][1]:
|
|
+ if os.path.exists(i) and stat.S_ISSOCK(os.stat(i)[stat.ST_MODE]):
|
|
+ newif += re.sub("TEMPLATETYPE", self.name, self.DEFAULT_DIRS[d][2].if_stream_rules)
|
|
+ break
|
|
+ return newif
|
|
+
|
|
+ def generate_default_types(self):
|
|
+ return self.DEFAULT_TYPES[self.type][0]()
|
|
+
|
|
+ def generate_default_rules(self):
|
|
+ return self.DEFAULT_TYPES[self.type][1]()
|
|
+
|
|
+ def generate_te(self):
|
|
+ newte = self.generate_default_types()
|
|
+ for d in self.DEFAULT_DIRS:
|
|
+ if len(self.DEFAULT_DIRS[d][1]) > 0:
|
|
+ # CGI scripts already have a rw_t
|
|
+ if self.type != self.CGI or d != "rw":
|
|
+ newte += re.sub("TEMPLATETYPE", self.name, self.DEFAULT_DIRS[d][2].te_types)
|
|
+
|
|
+ newte += self.generate_network_types()
|
|
+ if self.use_tmp:
|
|
+ newte += self.generate_tmp_types()
|
|
+
|
|
+ newte += self.generate_default_rules()
|
|
+ for d in self.DEFAULT_DIRS:
|
|
+ if len(self.DEFAULT_DIRS[d][1]) > 0:
|
|
+ newte += re.sub("TEMPLATETYPE", self.name, self.DEFAULT_DIRS[d][2].te_rules)
|
|
+ for i in self.DEFAULT_DIRS[d][1]:
|
|
+ if os.path.exists(i) and stat.S_ISSOCK(os.stat(i)[stat.ST_MODE]):
|
|
+ newte += re.sub("TEMPLATETYPE", self.name, self.DEFAULT_DIRS[d][2].te_stream_rules)
|
|
+ break
|
|
+
|
|
+ newte += self.generate_network_rules()
|
|
+ if self.use_tmp:
|
|
+ newte += self.generate_tmp_rules()
|
|
+
|
|
+ if self.use_uid:
|
|
+ newte += self.generate_uid_rules()
|
|
+
|
|
+ if self.use_syslog:
|
|
+ newte += self.generate_syslog_rules()
|
|
+
|
|
+ if self.use_pam:
|
|
+ newte += self.generate_pam_rules()
|
|
+
|
|
+ return newte
|
|
+
|
|
+ def generate_fc(self):
|
|
+ newfc = ""
|
|
+ t1 = re.sub("EXECUTABLE", self.program, executable.fc_file)
|
|
+ newfc += re.sub("TEMPLATETYPE", self.name, t1)
|
|
+
|
|
+ for i in self.files.keys():
|
|
+ if os.path.exists(i) and stat.S_ISSOCK(os.stat(i)[stat.ST_MODE]):
|
|
+ t1 = re.sub("TEMPLATETYPE", self.name, self.files[i][2].fc_sock_file)
|
|
+ else:
|
|
+ t1 = re.sub("TEMPLATETYPE", self.name, self.files[i][2].fc_file)
|
|
+ t2 = re.sub("FILENAME", i, t1)
|
|
+ newfc += re.sub("FILETYPE", self.files[i][0], t2)
|
|
+
|
|
+ for i in self.dirs.keys():
|
|
+ t1 = re.sub("TEMPLATETYPE", self.name, self.dirs[i][2].fc_dir)
|
|
+ t2 = re.sub("FILENAME", i, t1)
|
|
+ newfc += re.sub("FILETYPE", self.dirs[i][0], t2)
|
|
+
|
|
+ return newfc
|
|
+
|
|
+ def generate_sh(self):
|
|
+ newsh = re.sub("TEMPLATETYPE", self.name, script.compile)
|
|
+ newsh = re.sub("PACKAGEFILENAME", self.file_name, newsh)
|
|
+ newsh += re.sub("FILENAME", self.program, script.restorecon)
|
|
+
|
|
+ for i in self.files.keys():
|
|
+ newsh += re.sub("FILENAME", i, script.restorecon)
|
|
+
|
|
+ for i in self.dirs.keys():
|
|
+ newsh += re.sub("FILENAME", i, script.restorecon)
|
|
+
|
|
+ for i in self.in_tcp + self.out_tcp:
|
|
+ if self.find_port(i) == None:
|
|
+ t1 = re.sub("PORTNUM", "%d" % i, script.tcp_ports)
|
|
+ newsh += re.sub("TEMPLATETYPE", self.name, t1)
|
|
+
|
|
+ for i in self.in_udp + self.out_udp:
|
|
+ if self.find_port(i) == None:
|
|
+ t1 = re.sub("PORTNUM", "%d" % i, script.udp_ports)
|
|
+ newsh += re.sub("TEMPLATETYPE", self.name, t1)
|
|
+
|
|
+ return newsh
|
|
+
|
|
+ def write_te(self, out_dir):
|
|
+ tefile = "%s/%s.te" % (out_dir, self.file_name)
|
|
+ fd = open(tefile, "w")
|
|
+ fd.write(self.generate_te())
|
|
+ fd.close()
|
|
+ return tefile
|
|
+
|
|
+ def write_sh(self, out_dir):
|
|
+ shfile = "%s/%s.sh" % (out_dir, self.file_name)
|
|
+ fd = open(shfile, "w")
|
|
+ fd.write(self.generate_sh())
|
|
+ fd.close()
|
|
+ return shfile
|
|
+
|
|
+ def write_if(self, out_dir):
|
|
+ iffile = "%s/%s.if" % (out_dir, self.file_name)
|
|
+ fd = open(iffile, "w")
|
|
+ fd.write(self.generate_if())
|
|
+ fd.close()
|
|
+ return iffile
|
|
+
|
|
+ def write_fc(self,out_dir):
|
|
+ fcfile = "%s/%s.fc" % (out_dir, self.file_name)
|
|
+ fd = open(fcfile, "w")
|
|
+ fd.write(self.generate_fc())
|
|
+ fd.close()
|
|
+ return fcfile
|
|
+
|
|
+ def generate(self, out_dir = "."):
|
|
+ out = "Created the following files:\n"
|
|
+ out += "%-25s %s\n" % (_("Type Enforcment file"), self.write_te(out_dir))
|
|
+ out += "%-25s %s\n" % (_("Interface file"), self.write_if(out_dir))
|
|
+ out += "%-25s %s\n" % (_("File Contexts file"), self.write_fc(out_dir))
|
|
+ out += "%-25s %s\n" % (_("Setup Script"),self.write_sh(out_dir))
|
|
+ return out
|
|
+
|
|
+def errorExit(error):
|
|
+ sys.stderr.write("%s: " % sys.argv[0])
|
|
+ sys.stderr.write("%s\n" % error)
|
|
+ sys.stderr.flush()
|
|
+ sys.exit(1)
|
|
+
|
|
+
|
|
+if __name__ == '__main__':
|
|
+ mypolicy = policy("cgi", "/var/www/cgi-bin/cgi", 3)
|
|
+ mypolicy.set_in_tcp("513")
|
|
+ mypolicy.set_in_udp("513")
|
|
+ mypolicy.set_use_uid(True)
|
|
+ mypolicy.set_use_tmp(True)
|
|
+ mypolicy.set_use_syslog(True)
|
|
+ mypolicy.set_use_pam(True)
|
|
+ mypolicy.add_file("/var/lib/mysql/mysql.sock")
|
|
+ mypolicy.add_file("/var/run/rpcbind.sock")
|
|
+ mypolicy.add_file("/var/run/daemon.pub")
|
|
+ mypolicy.add_file("/var/log/daemon.log")
|
|
+ mypolicy.add_dir("/var/lib/daemon")
|
|
+ mypolicy.add_dir("/etc/daemon")
|
|
+ mypolicy.add_dir("/etc/daemon/special")
|
|
+ mypolicy.set_out_tcp("8000")
|
|
+ print mypolicy.generate()
|
|
+# mypolicy = policy("inetd", "/usr/sbin/inetd", 1)
|
|
+# mypolicy.generate()
|
|
+# mypolicy = policy("userapp", "/usr/sbin/userapp", 2)
|
|
+# mypolicy.generate()
|
|
+# mypolicy = policy("cgi", "cgi", 3)
|
|
+# mypolicy.generate()
|
|
+ sys.exit(0)
|
|
+
|
|
+
|
|
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/portsPage.py policycoreutils-2.0.10/gui/portsPage.py
|
|
--- nsapolicycoreutils/gui/portsPage.py 1969-12-31 19:00:00.000000000 -0500
|
|
+++ policycoreutils-2.0.10/gui/portsPage.py 2007-04-24 14:43:23.000000000 -0400
|
|
@@ -0,0 +1,227 @@
|
|
+## portsPage.py - show selinux mappings
|
|
+## Copyright (C) 2006 Red Hat, Inc.
|
|
+
|
|
+## This program is free software; you can redistribute it and/or modify
|
|
+## it under the terms of the GNU General Public License as published by
|
|
+## the Free Software Foundation; either version 2 of the License, or
|
|
+## (at your option) any later version.
|
|
+
|
|
+## This program is distributed in the hope that it will be useful,
|
|
+## but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
+## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
+## GNU General Public License for more details.
|
|
+
|
|
+## You should have received a copy of the GNU General Public License
|
|
+## along with this program; if not, write to the Free Software
|
|
+## Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
|
|
+
|
|
+## Author: Dan Walsh
|
|
+import string
|
|
+import gtk
|
|
+import gtk.glade
|
|
+import os
|
|
+import libxml2
|
|
+import gobject
|
|
+import sys
|
|
+import seobject
|
|
+import commands
|
|
+from semanagePage import *;
|
|
+
|
|
+##
|
|
+## I18N
|
|
+##
|
|
+PROGNAME = "policycoreutils"
|
|
+import gettext
|
|
+gettext.bindtextdomain(PROGNAME, "/usr/share/locale")
|
|
+gettext.textdomain(PROGNAME)
|
|
+TYPE_COL = 0
|
|
+PROTOCOL_COL = 1
|
|
+MLS_COL = 2
|
|
+PORT_COL = 3
|
|
+try:
|
|
+ gettext.install(PROGNAME, localedir = "/usr/share/locale", unicode = 1)
|
|
+except IOError:
|
|
+ import __builtin__
|
|
+ __builtin__.__dict__['_'] = unicode
|
|
+
|
|
+class portsPage(semanagePage):
|
|
+ def __init__(self, xml):
|
|
+ semanagePage.__init__(self, xml, "ports", "Network Port")
|
|
+ self.ports_name_entry = xml.get_widget("portsNameEntry")
|
|
+ self.ports_protocol_combo = xml.get_widget("portsProtocolCombo")
|
|
+ self.ports_number_entry = xml.get_widget("portsNumberEntry")
|
|
+ self.ports_mls_entry = xml.get_widget("portsMLSEntry")
|
|
+ self.ports_add_button = xml.get_widget("portsAddButton")
|
|
+ self.ports_properties_button = xml.get_widget("portsPropertiesButton")
|
|
+ self.ports_delete_button = xml.get_widget("portsDeleteButton")
|
|
+ self.ports_group_togglebutton = xml.get_widget("portsGroupTogglebutton")
|
|
+ self.ports_group_togglebutton.connect("toggled", self.group_toggle)
|
|
+ liststore = self.ports_protocol_combo.get_model()
|
|
+ iter = liststore.get_iter_first()
|
|
+ self.ports_protocol_combo.set_active_iter(iter)
|
|
+ self.init_store()
|
|
+ self.edit = True
|
|
+ self.load()
|
|
+
|
|
+ def init_store(self):
|
|
+ self.store = gtk.ListStore(gobject.TYPE_STRING, gobject.TYPE_STRING, gobject.TYPE_STRING , gobject.TYPE_STRING)
|
|
+ self.view.set_model(self.store)
|
|
+ self.store.set_sort_column_id(0, gtk.SORT_ASCENDING)
|
|
+
|
|
+ col = gtk.TreeViewColumn(_("SELinux Port\nType"), gtk.CellRendererText(), text = TYPE_COL)
|
|
+ col.set_sort_column_id(TYPE_COL)
|
|
+ col.set_resizable(True)
|
|
+ self.view.append_column(col)
|
|
+ self.store.set_sort_column_id(TYPE_COL, gtk.SORT_ASCENDING)
|
|
+
|
|
+ col = gtk.TreeViewColumn(_("Protocol"), gtk.CellRendererText(), text = PROTOCOL_COL)
|
|
+ col.set_sort_column_id(PROTOCOL_COL)
|
|
+ col.set_resizable(True)
|
|
+ self.view.append_column(col)
|
|
+
|
|
+ self.mls_col = gtk.TreeViewColumn(_("MLS/MCS\nLevel"), gtk.CellRendererText(), text = MLS_COL)
|
|
+ self.mls_col.set_resizable(True)
|
|
+ self.mls_col.set_sort_column_id(MLS_COL)
|
|
+ self.view.append_column(self.mls_col)
|
|
+
|
|
+ col = gtk.TreeViewColumn(_("Port"), gtk.CellRendererText(), text = PORT_COL)
|
|
+ col.set_sort_column_id(PORT_COL)
|
|
+ col.set_resizable(True)
|
|
+ self.view.append_column(col)
|
|
+ self.store.set_sort_func(PORT_COL,self.sort_int, "")
|
|
+
|
|
+ def group_toggle(self, button):
|
|
+ self.edit = not button.get_active()
|
|
+ self.ports_add_button.set_sensitive(self.edit)
|
|
+ self.ports_properties_button.set_sensitive(self.edit)
|
|
+ self.ports_delete_button.set_sensitive(self.edit)
|
|
+ self.mls_col.set_visible(self.edit)
|
|
+ if self.edit:
|
|
+ self.load()
|
|
+ else:
|
|
+ self.group_load()
|
|
+
|
|
+ def sort_int(self, treemodel, iter1, iter2, user_data):
|
|
+ try:
|
|
+ p1 = int(treemodel.get_value(iter1,2))
|
|
+ p2 = int(treemodel.get_value(iter2,2))
|
|
+ if p1 > p2:
|
|
+ return 1
|
|
+ if p1 == p2:
|
|
+ return 0
|
|
+ return -1
|
|
+ except:
|
|
+ return 0
|
|
+
|
|
+ def load(self):
|
|
+ self.port = seobject.portRecords()
|
|
+ dict = self.port.get_all()
|
|
+ keys = dict.keys()
|
|
+ keys.sort()
|
|
+ self.store.clear()
|
|
+ for k in keys:
|
|
+ iter = self.store.append()
|
|
+ if k[0] == k[1]:
|
|
+ self.store.set_value(iter, PORT_COL, k[0])
|
|
+ else:
|
|
+ rec = "%s-%s" % k
|
|
+ self.store.set_value(iter, PORT_COL, rec)
|
|
+ self.store.set_value(iter, TYPE_COL, dict[k][0])
|
|
+ self.store.set_value(iter, PROTOCOL_COL, dict[k][1])
|
|
+ self.store.set_value(iter, MLS_COL, dict[k][2])
|
|
+ self.view.get_selection().select_path ((0,))
|
|
+
|
|
+ def group_load(self):
|
|
+ self.port = seobject.portRecords()
|
|
+ dict = self.port.get_all_by_type()
|
|
+ keys = dict.keys()
|
|
+ keys.sort()
|
|
+ self.store.clear()
|
|
+ for k in keys:
|
|
+ iter = self.store.append()
|
|
+ self.store.set_value(iter, TYPE_COL, k[0])
|
|
+ self.store.set_value(iter, PROTOCOL_COL, k[1])
|
|
+ self.store.set_value(iter, PORT_COL, ", ".join(dict[k]))
|
|
+ self.store.set_value(iter, MLS_COL, "")
|
|
+ self.view.get_selection().select_path ((0,))
|
|
+
|
|
+ def propertiesDialog(self):
|
|
+ if self.edit:
|
|
+ semanagePage.propertiesDialog(self)
|
|
+
|
|
+ def dialogInit(self):
|
|
+ store, iter = self.view.get_selection().get_selected()
|
|
+ self.ports_number_entry.set_text(store.get_value(iter, PORT_COL))
|
|
+ self.ports_number_entry.set_sensitive(False)
|
|
+ self.ports_protocol_combo.set_sensitive(False)
|
|
+ self.ports_name_entry.set_text(store.get_value(iter, TYPE_COL))
|
|
+ self.ports_mls_entry.set_text(store.get_value(iter, MLS_COL))
|
|
+ protocol = store.get_value(iter, PROTOCOL_COL)
|
|
+ liststore = self.ports_protocol_combo.get_model()
|
|
+ iter = liststore.get_iter_first()
|
|
+ while iter != None and liststore.get_value(iter,0) != protocol:
|
|
+ iter = liststore.iter_next(iter)
|
|
+ if iter != None:
|
|
+ self.ports_protocol_combo.set_active_iter(iter)
|
|
+
|
|
+ def dialogClear(self):
|
|
+ self.ports_number_entry.set_text("")
|
|
+ self.ports_number_entry.set_sensitive(True)
|
|
+ self.ports_protocol_combo.set_sensitive(True)
|
|
+ self.ports_name_entry.set_text("")
|
|
+ self.ports_mls_entry.set_text("s0")
|
|
+
|
|
+ def delete(self):
|
|
+ store, iter = self.view.get_selection().get_selected()
|
|
+ port = store.get_value(iter, PORT_COL)
|
|
+ protocol = store.get_value(iter, 1)
|
|
+ try:
|
|
+ (rc, out) = commands.getstatusoutput("semanage port -d -p %s %s" % (protocol, port))
|
|
+ if rc != 0:
|
|
+ return self.error(out)
|
|
+ store.remove(iter)
|
|
+ self.view.get_selection().select_path ((0,))
|
|
+ except ValueError, e:
|
|
+ self.error(e.args[0])
|
|
+
|
|
+ def add(self):
|
|
+ target = self.ports_name_entry.get_text().strip()
|
|
+ mls = self.ports_mls_entry.get_text().strip()
|
|
+ port_number = self.ports_number_entry.get_text().strip()
|
|
+ if port_number == "":
|
|
+ port_number = "1"
|
|
+ if not port_number.isdigit():
|
|
+ self.error(_("Port number \"%s\" is not valid. 0 < PORT_NUMBER < 65536 ") % port_number )
|
|
+ return False
|
|
+ list_model = self.ports_protocol_combo.get_model()
|
|
+ iter = self.ports_protocol_combo.get_active_iter()
|
|
+ protocol = list_model.get_value(iter,0)
|
|
+ (rc, out) = commands.getstatusoutput("semanage port -a -p %s -r %s -t %s %s" % (protocol, mls, target, port_number))
|
|
+ if rc != 0:
|
|
+ self.error(out)
|
|
+ return False
|
|
+ iter = self.store.append()
|
|
+
|
|
+ self.store.set_value(iter, TYPE_COL, target)
|
|
+ self.store.set_value(iter, PORT_COL, port_number)
|
|
+ self.store.set_value(iter, PROTOCOL_COL, protocol)
|
|
+ self.store.set_value(iter, MLS_COL, mls)
|
|
+
|
|
+ def modify(self):
|
|
+ target = self.ports_name_entry.get_text().strip()
|
|
+ mls = self.ports_mls_entry.get_text().strip()
|
|
+ port_number = self.ports_number_entry.get_text().strip()
|
|
+ list_model = self.ports_protocol_combo.get_model()
|
|
+ iter = self.ports_protocol_combo.get_active_iter()
|
|
+ protocol = list_model.get_value(iter,0)
|
|
+ (rc, out) = commands.getstatusoutput("semanage port -m -p %s -r %s -t %s %s" % (protocol, mls, target, port_number))
|
|
+ if rc != 0:
|
|
+ self.error(out)
|
|
+ return False
|
|
+ store, iter = self.view.get_selection().get_selected()
|
|
+ self.store.set_value(iter, TYPE_COL, target)
|
|
+ self.store.set_value(iter, PORT_COL, port_number)
|
|
+ self.store.set_value(iter, PROTOCOL_COL, protocol)
|
|
+ self.store.set_value(iter, MLS_COL, mls)
|
|
+
|
|
+
|
|
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/selinux.tbl policycoreutils-2.0.10/gui/selinux.tbl
|
|
--- nsapolicycoreutils/gui/selinux.tbl 1969-12-31 19:00:00.000000000 -0500
|
|
+++ policycoreutils-2.0.10/gui/selinux.tbl 2007-04-24 14:43:23.000000000 -0400
|
|
@@ -0,0 +1,274 @@
|
|
+acct_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for acct daemon")
|
|
+allow_cvs_read_shadow _("CVS") _("Allow cvs daemon to read shadow")
|
|
+allow_daemons_dump_core _("Admin") _("Allow all daemons to write corefiles to /.")
|
|
+allow_daemons_use_tty _("Admin") _("Allow all daemons the ability to use unallocated ttys.")
|
|
+allow_execheap _("Memory Protection") _("Allow unconfined executables to make their heap memory executable. Doing this is a really bad idea. Probably indicates a badly coded executable, but could indicate an attack. This executable should be reported in bugzilla")
|
|
+allow_execmem _("Memory Protection") _("Allow unconfined executables to map a memory region as both executable and writable, this is dangerous and the executable should be reported in bugzilla")
|
|
+allow_execmod _("Memory Protection") _("Allow all unconfined executables to use libraries requiring text relocation that are not labeled textrel_shlib_t")
|
|
+allow_execstack _("Memory Protection") _("Allow unconfined executables to make their stack executable. This should never, ever be neessary. Probably indicates a badly coded executable, but could indicate an attack. This executable should be reported in bugzilla")
|
|
+allow_ftpd_full_access _("FTP") _("Allow ftpd to full access to the system")
|
|
+allow_ftpd_anon_write _("FTP") _("Allow ftpd to upload files to directories labeled public_content_rw_t")
|
|
+allow_ftpd_use_cifs _("FTP") _("Allow ftp servers to use cifs used for public file transfer services.")
|
|
+allow_ftpd_use_nfs _("FTP") _("Allow ftp servers to use nfs used for public file transfer services.")
|
|
+allow_gpg_execstack _("Memory Protection") _("Allow gpg executable stack")
|
|
+allow_gssd_read_tmp _("NFS") _("Allow gssd to read temp directory.")
|
|
+allow_httpd_anon_write _("HTTPD Service") _("Allow httpd daemon to write files in directories labeled public_content_rw_t")
|
|
+allow_httpd_mod_auth_pam _("HTTPD Service") _("Allow Apache to use mod_auth_pam.")
|
|
+allow_httpd_sys_script_anon_write _("HTTPD Service") _("Allow httpd scripts to write files in directories labeled public_content_rw_t")
|
|
+allow_java_execstack _("Memory Protection") _("Allow java executable stack")
|
|
+allow_kerberos _("Kerberos") _("Allow daemons to use kerberos files")
|
|
+allow_mount_anyfile _("Mount") _("Allow mount to mount any file")
|
|
+allow_mounton_anydir _("Mount") _("Allow mount to mount any dir")
|
|
+allow_mplayer_execstack _("Memory Protection") _("Allow mplayer executable stack")
|
|
+allow_nfsd_anon_write _("NFS") _("Allow nfs servers to modify public files used for public file transfer services.")
|
|
+allow_polyinstantiation _("Polyinstatiation") _("Enable polyinstantiated directory support.")
|
|
+allow_ptrace _("Compatibility") _("Allow sysadm_t to debug or ptrace applications)
|
|
+allow_rsync_anon_write _("rsync") _("Allow rsync to write files in directories labeled public_content_rw_t")
|
|
+allow_smbd_anon_write _("Samba") _("Allow Samba to write files in directories labeled public_content_rw_t")
|
|
+allow_ssh_keysign _("SSH") _("Allow ssh to run ssh-keysign")
|
|
+allow_unconfined_execmem_dyntrans _("Memory Protection") _("Allow unconfined to dyntrans to unconfined_execmem")
|
|
+allow_user_mysql_connect _("Databases") _("Allow user to connect to mysql socket")
|
|
+allow_user_postgresql_connect _("Databases") _("Allow user to connect to postgres socket")
|
|
+allow_write_xshm _("XServer") _("Allow clients to write to X shared memory")
|
|
+allow_ypbind _("NIS") _("Allow daemons to run with NIS")
|
|
+allow_zebra_write_config _("Zebra") _("Allow zebra daemon to write it configuration files")
|
|
+amanda_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for amanda")
|
|
+amavis_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for amavis")
|
|
+apmd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for apmd daemon")
|
|
+arpwatch_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for arpwatch daemon")
|
|
+auditd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for auditd daemon")
|
|
+automount_disable_trans _("Mount") _("Disable SELinux protection for automount daemon")
|
|
+avahi_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for avahi")
|
|
+bluetooth_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for bluetooth daemon")
|
|
+canna_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for canna daemon")
|
|
+cardmgr_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for cardmgr daemon")
|
|
+ccs_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for Cluster Server")
|
|
+cdrecord_read_content _("User Privs") _("Allow cdrecord to read various content. nfs, samba, removable devices, user temp and untrusted content files")
|
|
+ciped_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for ciped daemon")
|
|
+clamd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for clamd daemon")
|
|
+clamscan_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for clamscan")
|
|
+clvmd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for clvmd")
|
|
+comsat_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for comsat daemon")
|
|
+courier_authdaemon_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for courier daemon")
|
|
+courier_pcp_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for courier daemon")
|
|
+courier_pop_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for courier daemon")
|
|
+courier_sqwebmail_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for courier daemon")
|
|
+courier_tcpd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for courier daemon")
|
|
+cpucontrol_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for cpucontrol daemon")
|
|
+cpuspeed_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for cpuspeed daemon")
|
|
+cron_can_relabel _("Cron") _("Allow system cron jobs to relabel filesystem for restoring file contexts.")
|
|
+crond_disable_trans _("Cron") _("Disable SELinux protection for crond daemon")
|
|
+cupsd_config_disable_trans _("Printing") _("Disable SELinux protection for cupsd backend server")
|
|
+cupsd_disable_trans _("Printing") _("Disable SELinux protection for cupsd daemon")
|
|
+cupsd_lpd_disable_trans _("Printing") _("Disable SELinux protection for cupsd_lpd")
|
|
+cvs_disable_trans _("CVS") _("Disable SELinux protection for cvs daemon")
|
|
+cyrus_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for cyrus daemon")
|
|
+dbskkd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for dbskkd daemon")
|
|
+dbusd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for dbusd daemon")
|
|
+dccd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for dccd")
|
|
+dccifd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for dccifd")
|
|
+dccm_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for dccm")
|
|
+ddt_client_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for ddt daemon")
|
|
+devfsd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for devfsd daemon")
|
|
+dhcpc_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for dhcpc daemon")
|
|
+dhcpd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for dhcpd daemon")
|
|
+dictd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for dictd daemon")
|
|
+direct_sysadm_daemon _("Admin") _("Allow sysadm_t to directly start daemons")
|
|
+disable_evolution_trans _("Web Applications") _("Disable SELinux protection for Evolution")
|
|
+disable_games_trans _("Games") _("Disable SELinux protection for games")
|
|
+disable_mozilla_trans _("Web Applications") _("Disable SELinux protection for the web browsers")
|
|
+disable_thunderbird_trans _("Web Applications") _("Disable SELinux protection for Thunderbird")
|
|
+distccd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for distccd daemon")
|
|
+dmesg_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for dmesg daemon")
|
|
+dnsmasq_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for dnsmasq daemon")
|
|
+dovecot_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for dovecot daemon")
|
|
+entropyd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for entropyd daemon")
|
|
+fcron_crond _("Cron") _("Enable extra rules in the cron domain to support fcron.")
|
|
+fetchmail_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for fetchmail")
|
|
+fingerd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for fingerd daemon")
|
|
+freshclam_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for freshclam daemon")
|
|
+fsdaemon_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for fsdaemon daemon")
|
|
+ftpd_disable_trans _("FTP") _("Disable SELinux protection for ftpd daemon")
|
|
+ftpd_is_daemon _("FTP") _("Allow ftpd to run directly without inetd")
|
|
+ftp_home_dir _("FTP") _("Allow ftp to read/write files in the user home directories")
|
|
+global_ssp _("Admin") _("This should be enabled when all programs are compiled with ProPolice/SSP stack smashing protection. All domains will be allowed to read from /dev/urandom.")
|
|
+gpm_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for gpm daemon")
|
|
+gssd_disable_trans _("NFS") _("Disable SELinux protection for gss daemon")
|
|
+hald_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for hal daemon")
|
|
+hide_broken_symptoms _("Compatibility") _("Do not audit things that we know to be broken but which are not security risks")
|
|
+hostname_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for hostname daemon")
|
|
+hotplug_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for hotplug daemon")
|
|
+howl_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for howl daemon")
|
|
+hplip_disable_trans _("Printing") _("Disable SELinux protection for cups hplip daemon")
|
|
+httpd_builtin_scripting _("HTTPD Service") _("Allow HTTPD to support built-in scripting")
|
|
+httpd_can_network_connect_db _("HTTPD Service") _("Allow HTTPD scripts and modules to network connect to databases.")
|
|
+httpd_can_network_connect _("HTTPD Service") _("Allow HTTPD scripts and modules to connect to the network.")
|
|
+httpd_can_network_relay _("HTTPD Service") _("Allow httpd to act as a relay.")
|
|
+httpd_disable_trans _("HTTPD Service") _("Disable SELinux protection for httpd daemon")
|
|
+httpd_enable_cgi _("HTTPD Service") _("Allow HTTPD cgi support")
|
|
+httpd_enable_ftp_server _("HTTPD Service") _("Allow HTTPD to run as a ftp server")
|
|
+httpd_enable_homedirs _("HTTPD Service") _("Allow HTTPD to read home directories")
|
|
+httpd_rotatelogs_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for httpd rotatelogs")
|
|
+httpd_ssi_exec _("HTTPD Service") _("Allow HTTPD to run SSI executables in the same domain as system CGI scripts.")
|
|
+httpd_suexec_disable_trans _("HTTPD Service") _("Disable SELinux protection for http suexec")
|
|
+httpd_tty_comm _("HTTPD Service") _("Unify HTTPD to communicate with the terminal. Needed for handling certificates.")
|
|
+httpd_unified _("HTTPD Service") _("Unify HTTPD handling of all content files.")
|
|
+hwclock_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for hwclock daemon")
|
|
+i18n_input_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for i18n daemon")
|
|
+imazesrv_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for imazesrv daemon")
|
|
+inetd_child_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for inetd child daemons")
|
|
+inetd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for inetd daemon")
|
|
+innd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for innd daemon")
|
|
+iptables_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for iptables daemon")
|
|
+ircd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for ircd daemon")
|
|
+irqbalance_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for irqbalance daemon")
|
|
+iscsid_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for iscsi daemon")
|
|
+jabberd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for jabberd daemon")
|
|
+kadmind_disable_trans _("Kerberos") _("Disable SELinux protection for kadmind daemon")
|
|
+klogd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for klogd daemon")
|
|
+krb5kdc_disable_trans _("Kerberos") _("Disable SELinux protection for krb5kdc daemon")
|
|
+ktalkd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for ktalk daemons")
|
|
+kudzu_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for kudzu daemon")
|
|
+locate_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for locate daemon")
|
|
+lpd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for lpd daemon")
|
|
+lrrd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for lrrd daemon")
|
|
+lvm_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for lvm daemon")
|
|
+mailman_mail_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for mailman")
|
|
+mail_read_content _("Web Applications") _("Allow evolution and thunderbird to read user files")
|
|
+mdadm_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for mdadm daemon")
|
|
+monopd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for monopd daemon")
|
|
+mozilla_read_content _("Web Applications") _("Allow the mozilla browser to read user files")
|
|
+mrtg_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for mrtg daemon")
|
|
+mysqld_disable_trans _("Databases") _("Disable SELinux protection for mysqld daemon")
|
|
+nagios_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for nagios daemon")
|
|
+named_disable_trans _("Name Service") _("Disable SELinux protection for named daemon")
|
|
+named_write_master_zones _("Name Service") _("Allow named to overwrite master zone files")
|
|
+nessusd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for nessusd daemon")
|
|
+NetworkManager_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for NetworkManager")
|
|
+nfsd_disable_trans _("NFS") _("Disable SELinux protection for nfsd daemon")
|
|
+nfs_export_all_ro _("NFS") _("Allow NFS to share any file/directory read only")
|
|
+nfs_export_all_rw _("NFS") _("Allow NFS to share any file/directory read/write")
|
|
+nmbd_disable_trans _("Samba") _("Disable SELinux protection for nmbd daemon")
|
|
+nrpe_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for nrpe daemon")
|
|
+nscd_disable_trans _("Name Service") _("Disable SELinux protection for nscd daemon")
|
|
+nsd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for nsd daemon")
|
|
+ntpd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for ntpd daemon")
|
|
+oddjob_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for oddjob")
|
|
+oddjob_mkhomedir_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for oddjob_mkhomedir")
|
|
+openvpn_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for openvpn daemon")
|
|
+pam_console_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for pam daemon")
|
|
+pegasus_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for pegasus")
|
|
+perdition_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for perdition daemon")
|
|
+portmap_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for portmap daemon")
|
|
+portslave_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for portslave daemon")
|
|
+postfix_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for postfix")
|
|
+postgresql_disable_trans _("Databases") _("Disable SELinux protection for postgresql daemon")
|
|
+pppd_can_insmod _("pppd") _("Allow pppd daemon to insert modules into the kernel")
|
|
+pppd_disable_trans _("pppd") _("Disable SELinux protection for pppd daemon")
|
|
+pppd_disable_trans _("pppd") _("Disable SELinux protection for the mozilla ppp daemon")
|
|
+pppd_for_user _("pppd") _("Allow pppd to be run for a regular user.")
|
|
+pptp_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for pptp")
|
|
+prelink_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for prelink daemon")
|
|
+privoxy_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for privoxy daemon")
|
|
+ptal_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for ptal daemon")
|
|
+pxe_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for pxe daemon")
|
|
+pyzord_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for pyzord")
|
|
+quota_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for quota daemon")
|
|
+radiusd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for radiusd daemon")
|
|
+radvd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for radvd daemon")
|
|
+rdisc_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for rdisc")
|
|
+readahead_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for readahead")
|
|
+read_default_t _("Admin") _("Allow programs to read files in non-standard locations (default_t)")
|
|
+read_untrusted_content _("Web Applications") _("Allow programs to read untrusted content without relabel")
|
|
+restorecond_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for restorecond")
|
|
+rhgb_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for rhgb daemon")
|
|
+ricci_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for ricci")
|
|
+ricci_modclusterd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for ricci_modclusterd")
|
|
+rlogind_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for rlogind daemon")
|
|
+rpcd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for rpcd daemon")
|
|
+rshd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for rshd")
|
|
+rsync_disable_trans _("rsync") _("Disable SELinux protection for rsync daemon")
|
|
+run_ssh_inetd _("SSH") _("Allow ssh to run from inetd instead of as a daemon")
|
|
+samba_enable_home_dirs _("Samba") _("Allow Samba to share users home directories")
|
|
+samba_share_nfs _("Samba") _("Allow Samba to share nfs directories")
|
|
+allow_saslauthd_read_shadow _("SASL authentication server") _("Allow sasl authentication server to read /etc/shadow")
|
|
+saslauthd_disable_trans _("SASL authentication server") _("Disable SELinux protection for saslauthd daemon")
|
|
+scannerdaemon_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for scannerdaemon daemon")
|
|
+secure_mode _("Admin") _("Do not allow transition to sysadm_t, sudo and su effected")
|
|
+secure_mode_insmod _("Admin") _("Do not allow any processes to load kernel modules")
|
|
+secure_mode_policyload _("Admin") _("Do not allow any processes to modify kernel SELinux policy")
|
|
+sendmail_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for sendmail daemon")
|
|
+setrans_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for setrans")
|
|
+setroubleshootd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for setroublesoot daemon")
|
|
+slapd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for slapd daemon")
|
|
+slrnpull_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for slrnpull daemon")
|
|
+smbd_disable_trans _("Samba") _("Disable SELinux protection for smbd daemon")
|
|
+snmpd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for snmpd daemon")
|
|
+snort_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for snort daemon")
|
|
+soundd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for soundd daemon")
|
|
+sound_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for sound daemon")
|
|
+spamassassin_can_network _("Spam Assassin") _("Allow Spam Assasin daemon network access")
|
|
+spamd_disable_trans _("spam Protection") _("Disable SELinux protection for spamd daemon")
|
|
+spamd_enable_home_dirs _("spam Protection") _("Allow spamd to access home directories")
|
|
+spammassasin_can_network _("spam Protection") _("Allow spammassasin to access the network")
|
|
+speedmgmt_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for speedmgmt daemon")
|
|
+squid_connect_any _("Squid") _("Allow squid daemon to connect to the network")
|
|
+squid_disable_trans _("Squid") _("Disable SELinux protection for squid daemon")
|
|
+ssh_keygen_disable_trans _("SSH") _("Disable SELinux protection for ssh daemon")
|
|
+ssh_sysadm_login _("SSH") _("Allow ssh logins as sysadm_r:sysadm_t")
|
|
+staff_read_sysadm_file _("Admin") _("Allow staff_r users to search the sysadm home dir and read files (such as ~/.bashrc)")
|
|
+stunnel_disable_trans _("Universal SSL tunnel") _("Disable SELinux protection for stunnel daemon")
|
|
+stunnel_is_daemon _("Universal SSL tunnel") _("Allow stunnel daemon to run as standalone, outside of xinetd")
|
|
+swat_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for swat daemon")
|
|
+sxid_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for sxid daemon")
|
|
+syslogd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for syslogd daemon")
|
|
+system_crond_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for system cron jobs")
|
|
+tcpd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for tcp daemon")
|
|
+telnetd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for telnet daemon")
|
|
+tftpd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for tftpd daemon")
|
|
+transproxy_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for transproxy daemon")
|
|
+udev_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for udev daemon")
|
|
+uml_switch_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for uml daemon")
|
|
+unlimitedInetd _("Admin") _("Allow xinetd to run unconfined, including any services it starts that do not have a domain transition explicitly defined.")
|
|
+unlimitedRC _("Admin") _("Allow rc scripts to run unconfined, including any daemon started by an rc script that does not have a domain transition explicitly defined.")
|
|
+unlimitedRPM _("Admin") _("Allow rpm to run unconfined.")
|
|
+unlimitedUtils _("Admin") _("Allow privileged utilities like hotplug and insmod to run unconfined.")
|
|
+updfstab_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for updfstab daemon")
|
|
+uptimed_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for uptimed daemon")
|
|
+use_lpd_server _("Printing") _("Use lpd server instead of cups")
|
|
+use_nfs_home_dirs _("NFS") _("Support NFS home directories")
|
|
+user_canbe_sysadm _("User Privs") _("Allow user_r to reach sysadm_r via su, sudo, or userhelper. Otherwise, only staff_r can do so.")
|
|
+user_can_mount _("Mount") _("Allow users to execute the mount command")
|
|
+user_direct_mouse _("User Privs") _("Allow regular users direct mouse access (only allow the X server)")
|
|
+user_dmesg _("User Privs") _("Allow users to run the dmesg command")
|
|
+user_net_control _("User Privs") _("Allow users to control network interfaces (also needs USERCTL=true)")
|
|
+user_ping _("User Privs") _("Allow normal user to execute ping")
|
|
+user_rw_noexattrfile _("User Privs") _("Allow user to r/w noextattrfile (FAT, CDROM, FLOPPY)")
|
|
+user_rw_usb _("User Privs") _("Allow users to rw usb devices")
|
|
+user_tcp_server _("User Privs") _("Allow users to run TCP servers (bind to ports and accept connection from the same domain and outside users) disabling this forces FTP passive mode and may change other protocols")
|
|
+user_ttyfile_stat _("User Privs") _("Allow user to stat ttyfiles")
|
|
+use_samba_home_dirs _("Samba") _("Allow users to login with CIFS home directories")
|
|
+uucpd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for uucpd daemon")
|
|
+vmware_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for vmware daemon")
|
|
+watchdog_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for watchdog daemon")
|
|
+winbind_disable_trans _("Samba") _("Disable SELinux protection for winbind daemon")
|
|
+write_untrusted_content _("Web Applications") _("Allow web applications to write untrusted content to disk (implies read)")
|
|
+xdm_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for xdm daemon")
|
|
+xdm_sysadm_login _("XServer") _("Allow xdm logins as sysadm_r:sysadm_t")
|
|
+xend_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for xen daemon")
|
|
+xen_use_raw_disk _("XEN") _("Allow xen to read/write physical disk devices")
|
|
+xfs_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for xfs daemon")
|
|
+xm_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for xen constrol")
|
|
+ypbind_disable_trans _("NIS") _("Disable SELinux protection for ypbind daemon")
|
|
+yppasswdd_disable_trans _("NIS") _("Disable SELinux protection for NIS Password Daemon")
|
|
+ypserv_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for ypserv daemon")
|
|
+ypxfr_disable_trans _("NIS") _("Disable SELinux protection for NIS Transfer Daemon")
|
|
+zebra_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for zebra daemon")
|
|
+httpd_use_cifs _("HTTPD Service") _("Allow httpd to access samba/cifs file systems.")
|
|
+httpd_use_nfs _("HTTPD Service") _("Allow httpd to access nfs file systems.")
|
|
+samba_domain_controller _("Samba") _("Allow samba to act as the domain controller, add users, groups and change passwords")
|
|
+samba_export_all_ro _("Samba") _("Allow Samba to share any file/directory read only")
|
|
+samba_export_all_rw _("Samba") _("Allow Samba to share any file/directory read/write")
|
|
+webadm_manage_users_files _("HTTPD Service") _("Allow httpd to access nfs file systems.")
|
|
+webadm_read_users_files _("HTTPD Service") _("Allow httpd to access nfs file systems.")
|
|
+
|
|
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/semanagePage.py policycoreutils-2.0.10/gui/semanagePage.py
|
|
--- nsapolicycoreutils/gui/semanagePage.py 1969-12-31 19:00:00.000000000 -0500
|
|
+++ policycoreutils-2.0.10/gui/semanagePage.py 2007-04-24 14:43:23.000000000 -0400
|
|
@@ -0,0 +1,115 @@
|
|
+## semanagePage.py - show selinux mappings
|
|
+## Copyright (C) 2006 Red Hat, Inc.
|
|
+
|
|
+## This program is free software; you can redistribute it and/or modify
|
|
+## it under the terms of the GNU General Public License as published by
|
|
+## the Free Software Foundation; either version 2 of the License, or
|
|
+## (at your option) any later version.
|
|
+
|
|
+## This program is distributed in the hope that it will be useful,
|
|
+## but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
+## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
+## GNU General Public License for more details.
|
|
+
|
|
+## You should have received a copy of the GNU General Public License
|
|
+## along with this program; if not, write to the Free Software
|
|
+## Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
|
|
+
|
|
+## Author: Dan Walsh
|
|
+import string
|
|
+import gtk
|
|
+import gtk.glade
|
|
+import os
|
|
+import libxml2
|
|
+import gobject
|
|
+import sys
|
|
+import seobject
|
|
+
|
|
+##
|
|
+## I18N
|
|
+##
|
|
+PROGNAME="policycoreutils"
|
|
+import gettext
|
|
+gettext.bindtextdomain(PROGNAME, "/usr/share/locale")
|
|
+gettext.textdomain(PROGNAME)
|
|
+try:
|
|
+ gettext.install(PROGNAME, localedir="/usr/share/locale", unicode=1)
|
|
+except IOError:
|
|
+ import __builtin__
|
|
+ __builtin__.__dict__['_'] = unicode
|
|
+
|
|
+class semanagePage:
|
|
+ def __init__(self, xml, name, description):
|
|
+ self.xml = xml
|
|
+ self.view = xml.get_widget("%sView" % name)
|
|
+ self.dialog = xml.get_widget("%sDialog" % name)
|
|
+ self.view.connect("row_activated", self.rowActivated)
|
|
+ self.view.get_selection().connect("changed", self.itemSelected)
|
|
+ self.description = description;
|
|
+
|
|
+ def get_description(self):
|
|
+ return self.description
|
|
+
|
|
+ def itemSelected(self, args):
|
|
+ return
|
|
+
|
|
+ def rowActivated(self, view, row, Column):
|
|
+ self.propertiesDialog()
|
|
+
|
|
+ def verify(self, message, title="" ):
|
|
+ dlg = gtk.MessageDialog(None, 0, gtk.MESSAGE_INFO,
|
|
+ gtk.BUTTONS_YES_NO,
|
|
+ message)
|
|
+ dlg.set_title(title)
|
|
+ dlg.set_position(gtk.WIN_POS_MOUSE)
|
|
+ dlg.show_all()
|
|
+ rc = dlg.run()
|
|
+ dlg.destroy()
|
|
+ return rc
|
|
+
|
|
+ def error(self, message):
|
|
+ dlg = gtk.MessageDialog(None, 0, gtk.MESSAGE_ERROR,
|
|
+ gtk.BUTTONS_CLOSE,
|
|
+ message)
|
|
+ dlg.set_position(gtk.WIN_POS_MOUSE)
|
|
+ dlg.show_all()
|
|
+ dlg.run()
|
|
+ dlg.destroy()
|
|
+
|
|
+ def deleteDialog(self):
|
|
+ store, iter = self.view.get_selection().get_selected()
|
|
+ if self.verify(_("Are you sure you want to delete %s '%s'?" % (self.description, store.get_value(iter, 0))), _("Delete %s" % self.description)) == gtk.RESPONSE_YES:
|
|
+ self.delete()
|
|
+
|
|
+ def use_menus(self):
|
|
+ return True
|
|
+
|
|
+ def addDialog(self):
|
|
+ self.dialogClear()
|
|
+ self.dialog.set_title(_("Add %s" % self.description))
|
|
+ self.dialog.set_position(gtk.WIN_POS_MOUSE)
|
|
+
|
|
+ while self.dialog.run() == gtk.RESPONSE_OK:
|
|
+ try:
|
|
+ if self.add() == False:
|
|
+ continue
|
|
+ break;
|
|
+ except ValueError, e:
|
|
+ self.error(e.args[0])
|
|
+ print
|
|
+ self.dialog.hide()
|
|
+
|
|
+ def propertiesDialog(self):
|
|
+ self.dialogInit()
|
|
+ self.dialog.set_title(_("Modify %s" % self.description))
|
|
+ self.dialog.set_position(gtk.WIN_POS_MOUSE)
|
|
+ while self.dialog.run() == gtk.RESPONSE_OK:
|
|
+ try:
|
|
+ if self.modify() == False:
|
|
+ continue
|
|
+ break;
|
|
+ except ValueError, e:
|
|
+ self.error(e.args[0])
|
|
+ self.dialog.hide()
|
|
+
|
|
+
|
|
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/statusPage.py policycoreutils-2.0.10/gui/statusPage.py
|
|
--- nsapolicycoreutils/gui/statusPage.py 1969-12-31 19:00:00.000000000 -0500
|
|
+++ policycoreutils-2.0.10/gui/statusPage.py 2007-04-24 14:43:23.000000000 -0400
|
|
@@ -0,0 +1,220 @@
|
|
+## statusPage.py - show selinux status
|
|
+## Copyright (C) 2006 Red Hat, Inc.
|
|
+
|
|
+## This program is free software; you can redistribute it and/or modify
|
|
+## it under the terms of the GNU General Public License as published by
|
|
+## the Free Software Foundation; either version 2 of the License, or
|
|
+## (at your option) any later version.
|
|
+
|
|
+## This program is distributed in the hope that it will be useful,
|
|
+## but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
+## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
+## GNU General Public License for more details.
|
|
+
|
|
+## You should have received a copy of the GNU General Public License
|
|
+## along with this program; if not, write to the Free Software
|
|
+## Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
|
|
+
|
|
+## Author: Dan Walsh
|
|
+import string
|
|
+import gtk
|
|
+import gtk.glade
|
|
+import os
|
|
+import libxml2
|
|
+import gobject
|
|
+import sys
|
|
+import tempfile
|
|
+
|
|
+INSTALLPATH = '/usr/share/system-config-selinux'
|
|
+sys.path.append(INSTALLPATH)
|
|
+
|
|
+rhplPath = "/usr/lib/python%d.%d/site-packages/rhpl" % (sys.version_info[0], sys.version_info[1])
|
|
+if not rhplPath in sys.path:
|
|
+ sys.path.append(rhplPath)
|
|
+
|
|
+rhplPath = "/usr/lib64/python%d.%d/site-packages/rhpl" % (sys.version_info[0], sys.version_info[1])
|
|
+if not rhplPath in sys.path:
|
|
+ sys.path.append(rhplPath)
|
|
+
|
|
+from Conf import *
|
|
+import commands
|
|
+ENFORCING = 0
|
|
+PERMISSIVE = 1
|
|
+DISABLED = 2
|
|
+modearray = ( "enforcing", "permissive", "disabled" )
|
|
+
|
|
+SELINUXDIR = "/etc/selinux/"
|
|
+RELABELFILE = "/.autorelabel"
|
|
+
|
|
+##
|
|
+## I18N
|
|
+##
|
|
+PROGNAME="policycoreutils"
|
|
+import gettext
|
|
+gettext.bindtextdomain(PROGNAME, "/usr/share/locale")
|
|
+gettext.textdomain(PROGNAME)
|
|
+import selinux
|
|
+try:
|
|
+ gettext.install(PROGNAME, localedir="/usr/share/locale", unicode=1)
|
|
+except IOError:
|
|
+ import __builtin__
|
|
+ __builtin__.__dict__['_'] = unicode
|
|
+
|
|
+class statusPage:
|
|
+ def __init__(self, xml):
|
|
+ self.xml = xml
|
|
+ self.needRelabel = False
|
|
+
|
|
+ self.type = selinux.selinux_getpolicytype()
|
|
+ # Bring in widgets from glade file.
|
|
+ self.typeHBox = xml.get_widget("typeHBox")
|
|
+ self.selinuxTypeOptionMenu = xml.get_widget("selinuxTypeOptionMenu")
|
|
+ self.typeLabel = xml.get_widget("typeLabel")
|
|
+ self.enabledOptionMenu = xml.get_widget("enabledOptionMenu")
|
|
+ self.currentOptionMenu = xml.get_widget("currentOptionMenu")
|
|
+ self.relabel_checkbutton = xml.get_widget("relabelCheckbutton")
|
|
+ self.relabel_checkbutton.set_active(self.is_relabel())
|
|
+ self.relabel_checkbutton.connect("toggled", self.on_relabel_toggle)
|
|
+ if self.get_current_mode() == ENFORCING or self.get_current_mode() == PERMISSIVE:
|
|
+ self.currentOptionMenu.append_text(_("Enforcing"))
|
|
+ self.currentOptionMenu.append_text(_("Permissive"))
|
|
+ self.currentOptionMenu.set_active(self.get_current_mode())
|
|
+ self.currentOptionMenu.connect("changed", self.set_current_mode)
|
|
+ self.currentOptionMenu.set_sensitive(True)
|
|
+ else:
|
|
+ self.currentOptionMenu.append_text(_("Disabled"))
|
|
+ self.currentOptionMenu.set_active(0)
|
|
+ self.currentOptionMenu.set_sensitive(False)
|
|
+
|
|
+
|
|
+ if self.read_selinux_config() == None:
|
|
+ self.selinuxsupport = False
|
|
+ else:
|
|
+ self.enabledOptionMenu.connect("changed", self.enabled_changed)
|
|
+ #
|
|
+ # This line must come after read_selinux_config
|
|
+ #
|
|
+ self.selinuxTypeOptionMenu.connect("changed", self.typemenu_changed)
|
|
+
|
|
+ self.typeLabel.set_mnemonic_widget(self.selinuxTypeOptionMenu)
|
|
+
|
|
+ def use_menus(self):
|
|
+ return False
|
|
+
|
|
+ def get_description(self):
|
|
+ return _("Status")
|
|
+
|
|
+ def get_current_mode(self):
|
|
+ if selinux.is_selinux_enabled():
|
|
+ if selinux.security_getenforce() > 0:
|
|
+ return ENFORCING
|
|
+ else:
|
|
+ return PERMISSIVE
|
|
+ else:
|
|
+ return DISABLED
|
|
+
|
|
+ def set_current_mode(self,menu):
|
|
+ selinux.security_setenforce(menu.get_active() == 0)
|
|
+
|
|
+ def is_relabel(self):
|
|
+ return os.access(RELABELFILE, os.F_OK) != 0
|
|
+
|
|
+ def on_relabel_toggle(self,button):
|
|
+ if button.get_active():
|
|
+ fd = open(RELABELFILE,"w")
|
|
+ fd.close()
|
|
+ else:
|
|
+ if os.access(RELABELFILE, os.F_OK) != 0:
|
|
+ os.unlink(RELABELFILE)
|
|
+
|
|
+ def verify(self, message):
|
|
+ dlg = gtk.MessageDialog(None, 0, gtk.MESSAGE_INFO,
|
|
+ gtk.BUTTONS_YES_NO,
|
|
+ message)
|
|
+ dlg.set_position(gtk.WIN_POS_MOUSE)
|
|
+ dlg.show_all()
|
|
+ rc = dlg.run()
|
|
+ dlg.destroy()
|
|
+ return rc
|
|
+
|
|
+ def typemenu_changed(self, menu):
|
|
+ type = self.get_type()
|
|
+ enabled = self.enabledOptionMenu.get_active()
|
|
+ if self.initialtype != type:
|
|
+ if self.verify(_("Changing the policy type will cause a relabel of the entire file system on the next boot. Relabeling takes a long time depending on the size of the file system. Do you wish to continue?")) == gtk.RESPONSE_NO:
|
|
+ menu.set_active(self.typeHistory)
|
|
+ return None
|
|
+
|
|
+ self.relabel_checkbutton.set_active(True)
|
|
+ self.conf["SELINUX"] = modearray[enabled]
|
|
+ self.conf["SELINUXTYPE"]=type
|
|
+ self.conf.write()
|
|
+ self.typeHistory = menu.get_active()
|
|
+
|
|
+ def enabled_changed(self, combo):
|
|
+ enabled = combo.get_active()
|
|
+ type = self.get_type()
|
|
+
|
|
+ if self.initEnabled == DISABLED and enabled < 2:
|
|
+ if self.verify(_("Changing to SELinux enabled will cause a relabel of the entire file system on the next boot. Relabeling takes a long time depending on the size of the file system. Do you wish to continue?")) == gtk.RESPONSE_NO:
|
|
+ return None
|
|
+ self.relabel_checkbutton.set_active(True)
|
|
+
|
|
+ if self.initEnabled != DISABLED and enabled == DISABLED:
|
|
+ if self.verify(_("Changing to SELinux disabled requires a reboot. It is not recommended. If you later decide to turn SELinux back on, the system will be required to relabel. If you just want to see if SELinux is causing a problem on your system, you can go to permissive mode which will only log errors and not enforce SELinux policy. Permissive mode does not require a reboot Do you wish to continue?")) == gtk.RESPONSE_NO:
|
|
+ return None
|
|
+
|
|
+ self.conf["SELINUX"] = modearray[enabled]
|
|
+ self.conf["SELINUXTYPE"]=type
|
|
+ self.conf.write()
|
|
+
|
|
+ def read_selinux_config(self):
|
|
+ self.initialtype = "targeted"
|
|
+ self.initEnabled = DISABLED
|
|
+ self.types = []
|
|
+ if os.access(SELINUXDIR, os.F_OK) == 0:
|
|
+ #File doesn't exist. return
|
|
+ return None
|
|
+
|
|
+ self.conf = ConfShellVar(SELINUXDIR+"config")
|
|
+ self.conf.rcs = 1
|
|
+ if self.conf.has_key("SELINUX"):
|
|
+ value = self.conf.vars["SELINUX"].upper().strip()
|
|
+ else:
|
|
+ value = "ENFORCING"
|
|
+ self.conf.vars["SELINUX"] = value
|
|
+
|
|
+ if value == "ENFORCING":
|
|
+ self.initEnabled = ENFORCING
|
|
+ self.enabledOptionMenu.set_active(ENFORCING)
|
|
+ elif value == "PERMISSIVE":
|
|
+ self.initEnabled = PERMISSIVE
|
|
+ self.enabledOptionMenu.set_active(PERMISSIVE)
|
|
+ elif value == "DISABLED":
|
|
+ self.initEnabled = DISABLED
|
|
+ self.enabledOptionMenu.set_active(DISABLED)
|
|
+
|
|
+ if self.conf.has_key("SELINUXTYPE"):
|
|
+ self.initialtype = self.conf.vars["SELINUXTYPE"].strip()
|
|
+ else:
|
|
+ self.conf.vars["SELINUXTYPE"] = self.initialtype
|
|
+
|
|
+ n = 0
|
|
+ current = n
|
|
+
|
|
+ for i in os.listdir(SELINUXDIR):
|
|
+ if os.path.isdir(SELINUXDIR+i) and os.path.isdir(SELINUXDIR+i+"/policy"):
|
|
+ self.types.append(i)
|
|
+ self.selinuxTypeOptionMenu.append_text(i)
|
|
+ if i == self.initialtype:
|
|
+ current = n
|
|
+ n = n+1
|
|
+ self.selinuxTypeOptionMenu.set_active(current)
|
|
+ self.typeHistory = current
|
|
+
|
|
+ return 0
|
|
+
|
|
+ def get_type(self):
|
|
+ return self.types[self.selinuxTypeOptionMenu.get_active()]
|
|
+
|
|
+
|
|
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinux.glade policycoreutils-2.0.10/gui/system-config-selinux.glade
|
|
--- nsapolicycoreutils/gui/system-config-selinux.glade 1969-12-31 19:00:00.000000000 -0500
|
|
+++ policycoreutils-2.0.10/gui/system-config-selinux.glade 2007-04-24 14:43:23.000000000 -0400
|
|
@@ -0,0 +1,3034 @@
|
|
+<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*-->
|
|
+<!DOCTYPE glade-interface SYSTEM "http://glade.gnome.org/glade-2.0.dtd">
|
|
+
|
|
+<glade-interface>
|
|
+<requires lib="gnome"/>
|
|
+<requires lib="bonobo"/>
|
|
+
|
|
+<widget class="GtkAboutDialog" id="aboutWindow">
|
|
+ <property name="destroy_with_parent">False</property>
|
|
+ <property name="name" translatable="yes">system-config-selinux</property>
|
|
+ <property name="copyright" translatable="yes">Copyright (c)2006 Red Hat, Inc.
|
|
+Copyright (c) 2006 Dan Walsh <dwalsh@redhat.com></property>
|
|
+ <property name="wrap_license">False</property>
|
|
+ <property name="authors">Daniel Walsh <dwalsh@redhat.com>
|
|
+</property>
|
|
+ <property name="translator_credits" translatable="yes" comments="TRANSLATORS: Replace this string with your names, one name per line.">translator-credits</property>
|
|
+ <property name="logo">system-config-selinux.png</property>
|
|
+</widget>
|
|
+
|
|
+<widget class="GtkDialog" id="loginsDialog">
|
|
+ <property name="title" translatable="yes">Add SELinux Login Mapping</property>
|
|
+ <property name="type">GTK_WINDOW_TOPLEVEL</property>
|
|
+ <property name="window_position">GTK_WIN_POS_NONE</property>
|
|
+ <property name="modal">False</property>
|
|
+ <property name="resizable">True</property>
|
|
+ <property name="destroy_with_parent">False</property>
|
|
+ <property name="decorated">True</property>
|
|
+ <property name="skip_taskbar_hint">False</property>
|
|
+ <property name="skip_pager_hint">False</property>
|
|
+ <property name="type_hint">GDK_WINDOW_TYPE_HINT_DIALOG</property>
|
|
+ <property name="gravity">GDK_GRAVITY_NORTH_WEST</property>
|
|
+ <property name="focus_on_map">True</property>
|
|
+ <property name="urgency_hint">False</property>
|
|
+ <property name="has_separator">True</property>
|
|
+
|
|
+ <child internal-child="vbox">
|
|
+ <widget class="GtkVBox" id="dialog-vbox1">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">0</property>
|
|
+
|
|
+ <child internal-child="action_area">
|
|
+ <widget class="GtkHButtonBox" id="dialog-action_area1">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="layout_style">GTK_BUTTONBOX_END</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkButton" id="cancelbutton1">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_default">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="label">gtk-cancel</property>
|
|
+ <property name="use_stock">True</property>
|
|
+ <property name="relief">GTK_RELIEF_NORMAL</property>
|
|
+ <property name="focus_on_click">True</property>
|
|
+ <property name="response_id">-6</property>
|
|
+ </widget>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkButton" id="okbutton1">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_default">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="label">gtk-ok</property>
|
|
+ <property name="use_stock">True</property>
|
|
+ <property name="relief">GTK_RELIEF_NORMAL</property>
|
|
+ <property name="focus_on_click">True</property>
|
|
+ <property name="response_id">-5</property>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">True</property>
|
|
+ <property name="pack_type">GTK_PACK_END</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkVBox" id="vbox2">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">0</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkTable" id="table1">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="n_rows">3</property>
|
|
+ <property name="n_columns">2</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="row_spacing">4</property>
|
|
+ <property name="column_spacing">6</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label15">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">Login Name</property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">0</property>
|
|
+ <property name="right_attach">1</property>
|
|
+ <property name="top_attach">0</property>
|
|
+ <property name="bottom_attach">1</property>
|
|
+ <property name="x_options">fill</property>
|
|
+ <property name="y_options"></property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label16">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">SELinux User</property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">0</property>
|
|
+ <property name="right_attach">1</property>
|
|
+ <property name="top_attach">1</property>
|
|
+ <property name="bottom_attach">2</property>
|
|
+ <property name="x_options">fill</property>
|
|
+ <property name="y_options"></property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label17">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">MLS/MCS Range</property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">0</property>
|
|
+ <property name="right_attach">1</property>
|
|
+ <property name="top_attach">2</property>
|
|
+ <property name="bottom_attach">3</property>
|
|
+ <property name="x_options">fill</property>
|
|
+ <property name="y_options"></property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkEntry" id="loginsNameEntry">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="editable">True</property>
|
|
+ <property name="visibility">True</property>
|
|
+ <property name="max_length">0</property>
|
|
+ <property name="text" translatable="yes"></property>
|
|
+ <property name="has_frame">True</property>
|
|
+ <property name="invisible_char">*</property>
|
|
+ <property name="activates_default">False</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">1</property>
|
|
+ <property name="right_attach">2</property>
|
|
+ <property name="top_attach">0</property>
|
|
+ <property name="bottom_attach">1</property>
|
|
+ <property name="y_options"></property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkComboBox" id="loginsSelinuxUserCombo">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="add_tearoffs">False</property>
|
|
+ <property name="focus_on_click">True</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">1</property>
|
|
+ <property name="right_attach">2</property>
|
|
+ <property name="top_attach">1</property>
|
|
+ <property name="bottom_attach">2</property>
|
|
+ <property name="x_options">fill</property>
|
|
+ <property name="y_options">fill</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkEntry" id="loginsMLSEntry">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="editable">True</property>
|
|
+ <property name="visibility">True</property>
|
|
+ <property name="max_length">0</property>
|
|
+ <property name="text" translatable="yes"></property>
|
|
+ <property name="has_frame">True</property>
|
|
+ <property name="invisible_char">*</property>
|
|
+ <property name="activates_default">False</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">1</property>
|
|
+ <property name="right_attach">2</property>
|
|
+ <property name="top_attach">2</property>
|
|
+ <property name="bottom_attach">3</property>
|
|
+ <property name="y_options"></property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">5</property>
|
|
+ <property name="expand">True</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">True</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+</widget>
|
|
+
|
|
+<widget class="GtkDialog" id="portsDialog">
|
|
+ <property name="title" translatable="yes">Add SELinux Network Ports</property>
|
|
+ <property name="type">GTK_WINDOW_TOPLEVEL</property>
|
|
+ <property name="window_position">GTK_WIN_POS_NONE</property>
|
|
+ <property name="modal">False</property>
|
|
+ <property name="resizable">True</property>
|
|
+ <property name="destroy_with_parent">False</property>
|
|
+ <property name="decorated">True</property>
|
|
+ <property name="skip_taskbar_hint">False</property>
|
|
+ <property name="skip_pager_hint">False</property>
|
|
+ <property name="type_hint">GDK_WINDOW_TYPE_HINT_DIALOG</property>
|
|
+ <property name="gravity">GDK_GRAVITY_NORTH_WEST</property>
|
|
+ <property name="focus_on_map">True</property>
|
|
+ <property name="urgency_hint">False</property>
|
|
+ <property name="has_separator">True</property>
|
|
+
|
|
+ <child internal-child="vbox">
|
|
+ <widget class="GtkVBox" id="vbox3">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">0</property>
|
|
+
|
|
+ <child internal-child="action_area">
|
|
+ <widget class="GtkHButtonBox" id="hbuttonbox1">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="layout_style">GTK_BUTTONBOX_END</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkButton" id="button1">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_default">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="label">gtk-cancel</property>
|
|
+ <property name="use_stock">True</property>
|
|
+ <property name="relief">GTK_RELIEF_NORMAL</property>
|
|
+ <property name="focus_on_click">True</property>
|
|
+ <property name="response_id">-6</property>
|
|
+ </widget>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkButton" id="button2">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_default">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="label">gtk-ok</property>
|
|
+ <property name="use_stock">True</property>
|
|
+ <property name="relief">GTK_RELIEF_NORMAL</property>
|
|
+ <property name="focus_on_click">True</property>
|
|
+ <property name="response_id">-5</property>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">True</property>
|
|
+ <property name="pack_type">GTK_PACK_END</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkVBox" id="vbox4">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">0</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkTable" id="table2">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="n_rows">4</property>
|
|
+ <property name="n_columns">2</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="row_spacing">4</property>
|
|
+ <property name="column_spacing">6</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label18">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">Port Number</property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">0</property>
|
|
+ <property name="right_attach">1</property>
|
|
+ <property name="top_attach">0</property>
|
|
+ <property name="bottom_attach">1</property>
|
|
+ <property name="x_options">fill</property>
|
|
+ <property name="y_options"></property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label19">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">Protocol</property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">0</property>
|
|
+ <property name="right_attach">1</property>
|
|
+ <property name="top_attach">1</property>
|
|
+ <property name="bottom_attach">2</property>
|
|
+ <property name="x_options">fill</property>
|
|
+ <property name="y_options"></property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label20">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">SELinux Type</property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">0</property>
|
|
+ <property name="right_attach">1</property>
|
|
+ <property name="top_attach">2</property>
|
|
+ <property name="bottom_attach">3</property>
|
|
+ <property name="x_options">fill</property>
|
|
+ <property name="y_options"></property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkEntry" id="portsNumberEntry">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="editable">True</property>
|
|
+ <property name="visibility">True</property>
|
|
+ <property name="max_length">0</property>
|
|
+ <property name="text" translatable="yes"></property>
|
|
+ <property name="has_frame">True</property>
|
|
+ <property name="invisible_char">*</property>
|
|
+ <property name="activates_default">False</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">1</property>
|
|
+ <property name="right_attach">2</property>
|
|
+ <property name="top_attach">0</property>
|
|
+ <property name="bottom_attach">1</property>
|
|
+ <property name="y_options"></property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkComboBox" id="portsProtocolCombo">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="items" translatable="yes">tcp
|
|
+udp</property>
|
|
+ <property name="add_tearoffs">False</property>
|
|
+ <property name="focus_on_click">True</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">1</property>
|
|
+ <property name="right_attach">2</property>
|
|
+ <property name="top_attach">1</property>
|
|
+ <property name="bottom_attach">2</property>
|
|
+ <property name="x_options">fill</property>
|
|
+ <property name="y_options">fill</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkEntry" id="portsNameEntry">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="editable">True</property>
|
|
+ <property name="visibility">True</property>
|
|
+ <property name="max_length">0</property>
|
|
+ <property name="text" translatable="yes"></property>
|
|
+ <property name="has_frame">True</property>
|
|
+ <property name="invisible_char">*</property>
|
|
+ <property name="activates_default">False</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">1</property>
|
|
+ <property name="right_attach">2</property>
|
|
+ <property name="top_attach">2</property>
|
|
+ <property name="bottom_attach">3</property>
|
|
+ <property name="y_options"></property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label21">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">MLS/MCS
|
|
+Level</property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">0</property>
|
|
+ <property name="right_attach">1</property>
|
|
+ <property name="top_attach">3</property>
|
|
+ <property name="bottom_attach">4</property>
|
|
+ <property name="x_options">fill</property>
|
|
+ <property name="y_options"></property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkEntry" id="portsMLSEntry">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="editable">True</property>
|
|
+ <property name="visibility">True</property>
|
|
+ <property name="max_length">0</property>
|
|
+ <property name="text" translatable="yes"></property>
|
|
+ <property name="has_frame">True</property>
|
|
+ <property name="invisible_char">*</property>
|
|
+ <property name="activates_default">False</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">1</property>
|
|
+ <property name="right_attach">2</property>
|
|
+ <property name="top_attach">3</property>
|
|
+ <property name="bottom_attach">4</property>
|
|
+ <property name="y_options"></property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">5</property>
|
|
+ <property name="expand">True</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">True</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+</widget>
|
|
+
|
|
+<widget class="GtkDialog" id="translationsDialog">
|
|
+ <property name="title" translatable="yes">Add SELinux Login Mapping</property>
|
|
+ <property name="type">GTK_WINDOW_TOPLEVEL</property>
|
|
+ <property name="window_position">GTK_WIN_POS_NONE</property>
|
|
+ <property name="modal">False</property>
|
|
+ <property name="resizable">True</property>
|
|
+ <property name="destroy_with_parent">False</property>
|
|
+ <property name="decorated">True</property>
|
|
+ <property name="skip_taskbar_hint">False</property>
|
|
+ <property name="skip_pager_hint">False</property>
|
|
+ <property name="type_hint">GDK_WINDOW_TYPE_HINT_DIALOG</property>
|
|
+ <property name="gravity">GDK_GRAVITY_NORTH_WEST</property>
|
|
+ <property name="focus_on_map">True</property>
|
|
+ <property name="urgency_hint">False</property>
|
|
+ <property name="has_separator">True</property>
|
|
+
|
|
+ <child internal-child="vbox">
|
|
+ <widget class="GtkVBox" id="vbox5">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">0</property>
|
|
+
|
|
+ <child internal-child="action_area">
|
|
+ <widget class="GtkHButtonBox" id="hbuttonbox2">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="layout_style">GTK_BUTTONBOX_END</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkButton" id="button3">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_default">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="label">gtk-cancel</property>
|
|
+ <property name="use_stock">True</property>
|
|
+ <property name="relief">GTK_RELIEF_NORMAL</property>
|
|
+ <property name="focus_on_click">True</property>
|
|
+ <property name="response_id">-6</property>
|
|
+ </widget>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkButton" id="button4">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_default">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="label">gtk-ok</property>
|
|
+ <property name="use_stock">True</property>
|
|
+ <property name="relief">GTK_RELIEF_NORMAL</property>
|
|
+ <property name="focus_on_click">True</property>
|
|
+ <property name="response_id">-5</property>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">True</property>
|
|
+ <property name="pack_type">GTK_PACK_END</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkVBox" id="vbox6">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">0</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkTable" id="table3">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="n_rows">2</property>
|
|
+ <property name="n_columns">2</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="row_spacing">4</property>
|
|
+ <property name="column_spacing">6</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label22">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">SELinux MLS/MCS
|
|
+Level</property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">0</property>
|
|
+ <property name="right_attach">1</property>
|
|
+ <property name="top_attach">0</property>
|
|
+ <property name="bottom_attach">1</property>
|
|
+ <property name="x_options">fill</property>
|
|
+ <property name="y_options"></property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label24">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">Translation</property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">0</property>
|
|
+ <property name="right_attach">1</property>
|
|
+ <property name="top_attach">1</property>
|
|
+ <property name="bottom_attach">2</property>
|
|
+ <property name="x_options">fill</property>
|
|
+ <property name="y_options"></property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkEntry" id="translationsLevelEntry">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="editable">True</property>
|
|
+ <property name="visibility">True</property>
|
|
+ <property name="max_length">0</property>
|
|
+ <property name="text" translatable="yes"></property>
|
|
+ <property name="has_frame">True</property>
|
|
+ <property name="invisible_char">*</property>
|
|
+ <property name="activates_default">False</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">1</property>
|
|
+ <property name="right_attach">2</property>
|
|
+ <property name="top_attach">0</property>
|
|
+ <property name="bottom_attach">1</property>
|
|
+ <property name="y_options"></property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkEntry" id="translationsEntry">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="editable">True</property>
|
|
+ <property name="visibility">True</property>
|
|
+ <property name="max_length">0</property>
|
|
+ <property name="text" translatable="yes"></property>
|
|
+ <property name="has_frame">True</property>
|
|
+ <property name="invisible_char">*</property>
|
|
+ <property name="activates_default">False</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">1</property>
|
|
+ <property name="right_attach">2</property>
|
|
+ <property name="top_attach">1</property>
|
|
+ <property name="bottom_attach">2</property>
|
|
+ <property name="y_options"></property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">5</property>
|
|
+ <property name="expand">True</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">True</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+</widget>
|
|
+
|
|
+<widget class="GtkDialog" id="fcontextDialog">
|
|
+ <property name="title" translatable="yes">Add SELinux Login Mapping</property>
|
|
+ <property name="type">GTK_WINDOW_TOPLEVEL</property>
|
|
+ <property name="window_position">GTK_WIN_POS_NONE</property>
|
|
+ <property name="modal">False</property>
|
|
+ <property name="resizable">True</property>
|
|
+ <property name="destroy_with_parent">False</property>
|
|
+ <property name="decorated">True</property>
|
|
+ <property name="skip_taskbar_hint">False</property>
|
|
+ <property name="skip_pager_hint">False</property>
|
|
+ <property name="type_hint">GDK_WINDOW_TYPE_HINT_DIALOG</property>
|
|
+ <property name="gravity">GDK_GRAVITY_NORTH_WEST</property>
|
|
+ <property name="focus_on_map">True</property>
|
|
+ <property name="urgency_hint">False</property>
|
|
+ <property name="has_separator">True</property>
|
|
+
|
|
+ <child internal-child="vbox">
|
|
+ <widget class="GtkVBox" id="vbox7">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">0</property>
|
|
+
|
|
+ <child internal-child="action_area">
|
|
+ <widget class="GtkHButtonBox" id="hbuttonbox3">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="layout_style">GTK_BUTTONBOX_END</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkButton" id="button5">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_default">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="label">gtk-cancel</property>
|
|
+ <property name="use_stock">True</property>
|
|
+ <property name="relief">GTK_RELIEF_NORMAL</property>
|
|
+ <property name="focus_on_click">True</property>
|
|
+ <property name="response_id">-6</property>
|
|
+ </widget>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkButton" id="button6">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_default">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="label">gtk-ok</property>
|
|
+ <property name="use_stock">True</property>
|
|
+ <property name="relief">GTK_RELIEF_NORMAL</property>
|
|
+ <property name="focus_on_click">True</property>
|
|
+ <property name="response_id">-5</property>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">True</property>
|
|
+ <property name="pack_type">GTK_PACK_END</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkVBox" id="vbox8">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">0</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkTable" id="table4">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="n_rows">4</property>
|
|
+ <property name="n_columns">2</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="row_spacing">4</property>
|
|
+ <property name="column_spacing">6</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label25">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">File Specification</property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">0</property>
|
|
+ <property name="right_attach">1</property>
|
|
+ <property name="top_attach">0</property>
|
|
+ <property name="bottom_attach">1</property>
|
|
+ <property name="x_options">fill</property>
|
|
+ <property name="y_options"></property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label26">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">File Type</property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">0</property>
|
|
+ <property name="right_attach">1</property>
|
|
+ <property name="top_attach">1</property>
|
|
+ <property name="bottom_attach">2</property>
|
|
+ <property name="x_options">fill</property>
|
|
+ <property name="y_options"></property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label27">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">SELinux Type</property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">0</property>
|
|
+ <property name="right_attach">1</property>
|
|
+ <property name="top_attach">2</property>
|
|
+ <property name="bottom_attach">3</property>
|
|
+ <property name="x_options">fill</property>
|
|
+ <property name="y_options"></property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkEntry" id="fcontextEntry">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="editable">True</property>
|
|
+ <property name="visibility">True</property>
|
|
+ <property name="max_length">0</property>
|
|
+ <property name="text" translatable="yes"></property>
|
|
+ <property name="has_frame">True</property>
|
|
+ <property name="invisible_char">*</property>
|
|
+ <property name="activates_default">False</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">1</property>
|
|
+ <property name="right_attach">2</property>
|
|
+ <property name="top_attach">0</property>
|
|
+ <property name="bottom_attach">1</property>
|
|
+ <property name="y_options"></property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkComboBox" id="fcontextFileTypeCombo">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="items" translatable="yes">all files
|
|
+regular file
|
|
+directory
|
|
+character device
|
|
+block device
|
|
+socket
|
|
+symbolic link
|
|
+named pipe
|
|
+</property>
|
|
+ <property name="add_tearoffs">False</property>
|
|
+ <property name="focus_on_click">True</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">1</property>
|
|
+ <property name="right_attach">2</property>
|
|
+ <property name="top_attach">1</property>
|
|
+ <property name="bottom_attach">2</property>
|
|
+ <property name="x_options">fill</property>
|
|
+ <property name="y_options">fill</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkEntry" id="fcontextTypeEntry">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="editable">True</property>
|
|
+ <property name="visibility">True</property>
|
|
+ <property name="max_length">0</property>
|
|
+ <property name="text" translatable="yes"></property>
|
|
+ <property name="has_frame">True</property>
|
|
+ <property name="invisible_char">*</property>
|
|
+ <property name="activates_default">False</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">1</property>
|
|
+ <property name="right_attach">2</property>
|
|
+ <property name="top_attach">2</property>
|
|
+ <property name="bottom_attach">3</property>
|
|
+ <property name="y_options"></property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label31">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">MLS</property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">0</property>
|
|
+ <property name="right_attach">1</property>
|
|
+ <property name="top_attach">3</property>
|
|
+ <property name="bottom_attach">4</property>
|
|
+ <property name="x_options">fill</property>
|
|
+ <property name="y_options"></property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkEntry" id="fcontextMLSEntry">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="editable">True</property>
|
|
+ <property name="visibility">True</property>
|
|
+ <property name="max_length">0</property>
|
|
+ <property name="text" translatable="yes"></property>
|
|
+ <property name="has_frame">True</property>
|
|
+ <property name="invisible_char">*</property>
|
|
+ <property name="activates_default">False</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">1</property>
|
|
+ <property name="right_attach">2</property>
|
|
+ <property name="top_attach">3</property>
|
|
+ <property name="bottom_attach">4</property>
|
|
+ <property name="y_options"></property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">5</property>
|
|
+ <property name="expand">True</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">True</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+</widget>
|
|
+
|
|
+<widget class="GtkDialog" id="usersDialog">
|
|
+ <property name="title" translatable="yes">Add SELinux User</property>
|
|
+ <property name="type">GTK_WINDOW_TOPLEVEL</property>
|
|
+ <property name="window_position">GTK_WIN_POS_NONE</property>
|
|
+ <property name="modal">False</property>
|
|
+ <property name="resizable">True</property>
|
|
+ <property name="destroy_with_parent">False</property>
|
|
+ <property name="decorated">True</property>
|
|
+ <property name="skip_taskbar_hint">False</property>
|
|
+ <property name="skip_pager_hint">False</property>
|
|
+ <property name="type_hint">GDK_WINDOW_TYPE_HINT_DIALOG</property>
|
|
+ <property name="gravity">GDK_GRAVITY_NORTH_WEST</property>
|
|
+ <property name="focus_on_map">True</property>
|
|
+ <property name="urgency_hint">False</property>
|
|
+ <property name="has_separator">True</property>
|
|
+
|
|
+ <child internal-child="vbox">
|
|
+ <widget class="GtkVBox" id="vbox9">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">0</property>
|
|
+
|
|
+ <child internal-child="action_area">
|
|
+ <widget class="GtkHButtonBox" id="hbuttonbox4">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="layout_style">GTK_BUTTONBOX_END</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkButton" id="button7">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_default">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="label">gtk-cancel</property>
|
|
+ <property name="use_stock">True</property>
|
|
+ <property name="relief">GTK_RELIEF_NORMAL</property>
|
|
+ <property name="focus_on_click">True</property>
|
|
+ <property name="response_id">-6</property>
|
|
+ </widget>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkButton" id="button8">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_default">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="label">gtk-ok</property>
|
|
+ <property name="use_stock">True</property>
|
|
+ <property name="relief">GTK_RELIEF_NORMAL</property>
|
|
+ <property name="focus_on_click">True</property>
|
|
+ <property name="response_id">-5</property>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">True</property>
|
|
+ <property name="pack_type">GTK_PACK_END</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkVBox" id="vbox10">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">0</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkTable" id="table5">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="n_rows">5</property>
|
|
+ <property name="n_columns">2</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="row_spacing">4</property>
|
|
+ <property name="column_spacing">6</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label32">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">SELinux User</property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">0</property>
|
|
+ <property name="right_attach">1</property>
|
|
+ <property name="top_attach">0</property>
|
|
+ <property name="bottom_attach">1</property>
|
|
+ <property name="x_options">fill</property>
|
|
+ <property name="y_options"></property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label33">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">Label Prefix</property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">0</property>
|
|
+ <property name="right_attach">1</property>
|
|
+ <property name="top_attach">1</property>
|
|
+ <property name="bottom_attach">2</property>
|
|
+ <property name="x_options">fill</property>
|
|
+ <property name="y_options"></property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label34">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">MLS/MCS Range</property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">0</property>
|
|
+ <property name="right_attach">1</property>
|
|
+ <property name="top_attach">3</property>
|
|
+ <property name="bottom_attach">4</property>
|
|
+ <property name="x_options">fill</property>
|
|
+ <property name="y_options"></property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkEntry" id="mlsRangeEntry">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="editable">True</property>
|
|
+ <property name="visibility">True</property>
|
|
+ <property name="max_length">0</property>
|
|
+ <property name="text" translatable="yes"></property>
|
|
+ <property name="has_frame">True</property>
|
|
+ <property name="invisible_char">*</property>
|
|
+ <property name="activates_default">False</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">1</property>
|
|
+ <property name="right_attach">2</property>
|
|
+ <property name="top_attach">3</property>
|
|
+ <property name="bottom_attach">4</property>
|
|
+ <property name="y_options"></property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label35">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">MLS/MCS Level</property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">0</property>
|
|
+ <property name="right_attach">1</property>
|
|
+ <property name="top_attach">2</property>
|
|
+ <property name="bottom_attach">3</property>
|
|
+ <property name="x_options">fill</property>
|
|
+ <property name="y_options"></property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkEntry" id="mlsLevelEntry">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="editable">True</property>
|
|
+ <property name="visibility">True</property>
|
|
+ <property name="max_length">0</property>
|
|
+ <property name="text" translatable="yes"></property>
|
|
+ <property name="has_frame">True</property>
|
|
+ <property name="invisible_char">*</property>
|
|
+ <property name="activates_default">False</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">1</property>
|
|
+ <property name="right_attach">2</property>
|
|
+ <property name="top_attach">2</property>
|
|
+ <property name="bottom_attach">3</property>
|
|
+ <property name="y_options"></property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label36">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">SELinux Roles</property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">0</property>
|
|
+ <property name="right_attach">1</property>
|
|
+ <property name="top_attach">4</property>
|
|
+ <property name="bottom_attach">5</property>
|
|
+ <property name="x_options">fill</property>
|
|
+ <property name="y_options"></property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkEntry" id="selinuxRolesEntry">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="editable">True</property>
|
|
+ <property name="visibility">True</property>
|
|
+ <property name="max_length">0</property>
|
|
+ <property name="text" translatable="yes"></property>
|
|
+ <property name="has_frame">True</property>
|
|
+ <property name="invisible_char">*</property>
|
|
+ <property name="activates_default">False</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">1</property>
|
|
+ <property name="right_attach">2</property>
|
|
+ <property name="top_attach">4</property>
|
|
+ <property name="bottom_attach">5</property>
|
|
+ <property name="y_options"></property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkEntry" id="selinuxUserEntry">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="editable">True</property>
|
|
+ <property name="visibility">True</property>
|
|
+ <property name="max_length">0</property>
|
|
+ <property name="text" translatable="yes"></property>
|
|
+ <property name="has_frame">True</property>
|
|
+ <property name="invisible_char">*</property>
|
|
+ <property name="activates_default">False</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">1</property>
|
|
+ <property name="right_attach">2</property>
|
|
+ <property name="top_attach">0</property>
|
|
+ <property name="bottom_attach">1</property>
|
|
+ <property name="y_options"></property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkEntry" id="labelPrefixEntry">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="editable">True</property>
|
|
+ <property name="visibility">True</property>
|
|
+ <property name="max_length">0</property>
|
|
+ <property name="text" translatable="yes"></property>
|
|
+ <property name="has_frame">True</property>
|
|
+ <property name="invisible_char">*</property>
|
|
+ <property name="activates_default">False</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">1</property>
|
|
+ <property name="right_attach">2</property>
|
|
+ <property name="top_attach">1</property>
|
|
+ <property name="bottom_attach">2</property>
|
|
+ <property name="y_options"></property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">5</property>
|
|
+ <property name="expand">True</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">True</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+</widget>
|
|
+
|
|
+<widget class="GnomeApp" id="mainWindow">
|
|
+ <property name="width_request">800</property>
|
|
+ <property name="height_request">500</property>
|
|
+ <property name="type">GTK_WINDOW_TOPLEVEL</property>
|
|
+ <property name="window_position">GTK_WIN_POS_NONE</property>
|
|
+ <property name="modal">False</property>
|
|
+ <property name="resizable">True</property>
|
|
+ <property name="destroy_with_parent">False</property>
|
|
+ <property name="icon">system-config-selinux.png</property>
|
|
+ <property name="decorated">True</property>
|
|
+ <property name="skip_taskbar_hint">False</property>
|
|
+ <property name="skip_pager_hint">False</property>
|
|
+ <property name="type_hint">GDK_WINDOW_TYPE_HINT_NORMAL</property>
|
|
+ <property name="gravity">GDK_GRAVITY_NORTH_WEST</property>
|
|
+ <property name="focus_on_map">True</property>
|
|
+ <property name="urgency_hint">False</property>
|
|
+ <property name="enable_layout_config">True</property>
|
|
+
|
|
+ <child internal-child="dock">
|
|
+ <widget class="BonoboDock" id="bonobodock2">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="allow_floating">True</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="BonoboDockItem" id="bonobodockitem3">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="shadow_type">GTK_SHADOW_NONE</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkMenuBar" id="menubar1">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="pack_direction">GTK_PACK_DIRECTION_LTR</property>
|
|
+ <property name="child_pack_direction">GTK_PACK_DIRECTION_LTR</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkMenuItem" id="file1">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="stock_item">GNOMEUIINFO_MENU_FILE_TREE</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkMenu" id="file1_menu">
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkImageMenuItem" id="add_menu_item">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">Add</property>
|
|
+ <property name="use_underline">True</property>
|
|
+ <signal name="activate" handler="on_add_clicked" last_modification_time="Sat, 17 Mar 2007 12:21:12 GMT"/>
|
|
+ <accelerator key="a" modifiers="GDK_CONTROL_MASK" signal="activate"/>
|
|
+
|
|
+ <child internal-child="image">
|
|
+ <widget class="GtkImage" id="image13">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="stock">gtk-add</property>
|
|
+ <property name="icon_size">1</property>
|
|
+ <property name="xalign">0.5</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkImageMenuItem" id="properties_menu_item">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">_Properties</property>
|
|
+ <property name="use_underline">True</property>
|
|
+ <signal name="activate" handler="on_properties_clicked" last_modification_time="Sat, 17 Mar 2007 12:21:12 GMT"/>
|
|
+ <accelerator key="p" modifiers="GDK_CONTROL_MASK" signal="activate"/>
|
|
+
|
|
+ <child internal-child="image">
|
|
+ <widget class="GtkImage" id="image14">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="stock">gtk-properties</property>
|
|
+ <property name="icon_size">1</property>
|
|
+ <property name="xalign">0.5</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkImageMenuItem" id="delete_menu_item">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">_Delete</property>
|
|
+ <property name="use_underline">True</property>
|
|
+ <signal name="activate" handler="on_delete_clicked" last_modification_time="Sat, 17 Mar 2007 12:21:12 GMT"/>
|
|
+ <accelerator key="Delete" modifiers="0" signal="activate"/>
|
|
+
|
|
+ <child internal-child="image">
|
|
+ <widget class="GtkImage" id="image15">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="stock">gtk-delete</property>
|
|
+ <property name="icon_size">1</property>
|
|
+ <property name="xalign">0.5</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkImageMenuItem" id="quit">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="stock_item">GNOMEUIINFO_MENU_EXIT_ITEM</property>
|
|
+ <signal name="activate" handler="on_quit_activate" last_modification_time="Fri, 06 Oct 2006 13:58:19 GMT"/>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkMenuItem" id="help1">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="stock_item">GNOMEUIINFO_MENU_HELP_TREE</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkMenu" id="help1_menu">
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkImageMenuItem" id="about">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="stock_item">GNOMEUIINFO_MENU_ABOUT_ITEM</property>
|
|
+ <signal name="activate" handler="on_about_activate" last_modification_time="Fri, 06 Oct 2006 13:58:02 GMT"/>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="placement">BONOBO_DOCK_TOP</property>
|
|
+ <property name="band">0</property>
|
|
+ <property name="position">0</property>
|
|
+ <property name="offset">0</property>
|
|
+ <property name="behavior">BONOBO_DOCK_ITEM_BEH_EXCLUSIVE|BONOBO_DOCK_ITEM_BEH_NEVER_VERTICAL|BONOBO_DOCK_ITEM_BEH_LOCKED</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkHPaned" id="hpaned1">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="position">0</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkFrame" id="frame1">
|
|
+ <property name="border_width">5</property>
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label_xalign">0</property>
|
|
+ <property name="label_yalign">0.5</property>
|
|
+ <property name="shadow_type">GTK_SHADOW_NONE</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkAlignment" id="alignment1">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="xalign">0.5</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xscale">1</property>
|
|
+ <property name="yscale">1</property>
|
|
+ <property name="top_padding">0</property>
|
|
+ <property name="bottom_padding">0</property>
|
|
+ <property name="left_padding">12</property>
|
|
+ <property name="right_padding">0</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkTreeView" id="selectView">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="tooltip" translatable="yes">Select Managment Object</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="headers_visible">False</property>
|
|
+ <property name="rules_hint">False</property>
|
|
+ <property name="reorderable">False</property>
|
|
+ <property name="enable_search">True</property>
|
|
+ <property name="fixed_height_mode">False</property>
|
|
+ <property name="hover_selection">False</property>
|
|
+ <property name="hover_expand">False</property>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label45">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes"><b>Select:</b></property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">True</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0.5</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="type">label_item</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="shrink">False</property>
|
|
+ <property name="resize">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkNotebook" id="notebook">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="show_tabs">False</property>
|
|
+ <property name="show_border">True</property>
|
|
+ <property name="tab_pos">GTK_POS_TOP</property>
|
|
+ <property name="scrollable">False</property>
|
|
+ <property name="enable_popup">False</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkVBox" id="vbox1">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">0</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkTable" id="table6">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="n_rows">4</property>
|
|
+ <property name="n_columns">2</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="row_spacing">5</property>
|
|
+ <property name="column_spacing">5</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label29">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">System Default Enforcing Mode</property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0.5</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">0</property>
|
|
+ <property name="right_attach">1</property>
|
|
+ <property name="top_attach">0</property>
|
|
+ <property name="bottom_attach">1</property>
|
|
+ <property name="x_options">fill</property>
|
|
+ <property name="y_options"></property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkComboBox" id="enabledOptionMenu">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="items" translatable="yes">Enforcing
|
|
+Permissive
|
|
+Disabled
|
|
+</property>
|
|
+ <property name="add_tearoffs">False</property>
|
|
+ <property name="focus_on_click">True</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">1</property>
|
|
+ <property name="right_attach">2</property>
|
|
+ <property name="top_attach">0</property>
|
|
+ <property name="bottom_attach">1</property>
|
|
+ <property name="y_options">fill</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label48">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">Current Enforcing Mode</property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0.5</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">0</property>
|
|
+ <property name="right_attach">1</property>
|
|
+ <property name="top_attach">1</property>
|
|
+ <property name="bottom_attach">2</property>
|
|
+ <property name="x_options">fill</property>
|
|
+ <property name="y_options"></property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkComboBox" id="currentOptionMenu">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="items" translatable="yes"></property>
|
|
+ <property name="add_tearoffs">False</property>
|
|
+ <property name="focus_on_click">True</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">1</property>
|
|
+ <property name="right_attach">2</property>
|
|
+ <property name="top_attach">1</property>
|
|
+ <property name="bottom_attach">2</property>
|
|
+ <property name="x_options">fill</property>
|
|
+ <property name="y_options">fill</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="typeLabel">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">System Default Policy Type: </property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0.5</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">0</property>
|
|
+ <property name="right_attach">1</property>
|
|
+ <property name="top_attach">2</property>
|
|
+ <property name="bottom_attach">3</property>
|
|
+ <property name="x_options">fill</property>
|
|
+ <property name="y_options"></property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkComboBox" id="selinuxTypeOptionMenu">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="items" translatable="yes"></property>
|
|
+ <property name="add_tearoffs">False</property>
|
|
+ <property name="focus_on_click">True</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">1</property>
|
|
+ <property name="right_attach">2</property>
|
|
+ <property name="top_attach">2</property>
|
|
+ <property name="bottom_attach">3</property>
|
|
+ <property name="x_options">fill</property>
|
|
+ <property name="y_options">fill</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkCheckButton" id="relabelCheckbutton">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="tooltip" translatable="yes">Select if you wish to relabel then entire file system on next reboot. Relabeling can take a very long time, depending on the size of the system. If you are changing policy types or going from disabled to enforing, a relabel is required.</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="relief">GTK_RELIEF_NORMAL</property>
|
|
+ <property name="focus_on_click">True</property>
|
|
+ <property name="active">False</property>
|
|
+ <property name="inconsistent">False</property>
|
|
+ <property name="draw_indicator">True</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkAlignment" id="alignment4">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="xalign">0.5</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xscale">0</property>
|
|
+ <property name="yscale">0</property>
|
|
+ <property name="top_padding">0</property>
|
|
+ <property name="bottom_padding">0</property>
|
|
+ <property name="left_padding">0</property>
|
|
+ <property name="right_padding">0</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkHBox" id="hbox6">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">2</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkImage" id="image2">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="stock">gtk-refresh</property>
|
|
+ <property name="icon_size">4</property>
|
|
+ <property name="xalign">0.5</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">False</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label49">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">Relabel on next reboot.</property>
|
|
+ <property name="use_underline">True</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0.5</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">False</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">0</property>
|
|
+ <property name="right_attach">2</property>
|
|
+ <property name="top_attach">3</property>
|
|
+ <property name="bottom_attach">4</property>
|
|
+ <property name="x_options">fill</property>
|
|
+ <property name="y_options">fill</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">True</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="tab_expand">False</property>
|
|
+ <property name="tab_fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label37">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">label37</property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0.5</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="type">tab</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkVBox" id="vbox18">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">0</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkHBox" id="hbox7">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">0</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label51">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">Filter</property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0.5</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">10</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">False</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkEntry" id="booleansFilter">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="editable">True</property>
|
|
+ <property name="visibility">True</property>
|
|
+ <property name="max_length">0</property>
|
|
+ <property name="text" translatable="yes"></property>
|
|
+ <property name="has_frame">True</property>
|
|
+ <property name="invisible_char">•</property>
|
|
+ <property name="activates_default">False</property>
|
|
+ <signal name="changed" handler="on_booleansFilter_changed" last_modification_time="Fri, 06 Apr 2007 12:39:26 GMT"/>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">True</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">10</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkScrolledWindow" id="scrolledwindow18">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="hscrollbar_policy">GTK_POLICY_ALWAYS</property>
|
|
+ <property name="vscrollbar_policy">GTK_POLICY_ALWAYS</property>
|
|
+ <property name="shadow_type">GTK_SHADOW_NONE</property>
|
|
+ <property name="window_placement">GTK_CORNER_TOP_LEFT</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkTreeView" id="booleansView">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="headers_visible">False</property>
|
|
+ <property name="rules_hint">False</property>
|
|
+ <property name="reorderable">False</property>
|
|
+ <property name="enable_search">True</property>
|
|
+ <property name="fixed_height_mode">False</property>
|
|
+ <property name="hover_selection">False</property>
|
|
+ <property name="hover_expand">False</property>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">True</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="tab_expand">False</property>
|
|
+ <property name="tab_fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label50">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">label50</property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0.5</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="type">tab</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkVBox" id="vbox11">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">0</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkToolbar" id="toolbar2">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="orientation">GTK_ORIENTATION_HORIZONTAL</property>
|
|
+ <property name="toolbar_style">GTK_TOOLBAR_BOTH</property>
|
|
+ <property name="tooltips">True</property>
|
|
+ <property name="show_arrow">True</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkToolButton" id="toolbutton5">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="tooltip" translatable="yes">Add File Context</property>
|
|
+ <property name="stock_id">gtk-add</property>
|
|
+ <property name="visible_horizontal">True</property>
|
|
+ <property name="visible_vertical">True</property>
|
|
+ <property name="is_important">False</property>
|
|
+ <signal name="clicked" handler="on_add_clicked" last_modification_time="Mon, 16 Jan 2006 18:27:03 GMT"/>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="homogeneous">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkToolButton" id="toolbutton6">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="tooltip" translatable="yes">Modify File Context</property>
|
|
+ <property name="stock_id">gtk-properties</property>
|
|
+ <property name="visible_horizontal">True</property>
|
|
+ <property name="visible_vertical">True</property>
|
|
+ <property name="is_important">False</property>
|
|
+ <signal name="clicked" handler="on_properties_clicked" last_modification_time="Mon, 16 Jan 2006 18:26:51 GMT"/>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="homogeneous">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkToolButton" id="toolbutton7">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="tooltip" translatable="yes">Delete File Context</property>
|
|
+ <property name="stock_id">gtk-delete</property>
|
|
+ <property name="visible_horizontal">True</property>
|
|
+ <property name="visible_vertical">True</property>
|
|
+ <property name="is_important">False</property>
|
|
+ <signal name="clicked" handler="on_delete_clicked" last_modification_time="Mon, 16 Jan 2006 18:26:29 GMT"/>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="homogeneous">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">False</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkScrolledWindow" id="scrolledwindow17">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="hscrollbar_policy">GTK_POLICY_ALWAYS</property>
|
|
+ <property name="vscrollbar_policy">GTK_POLICY_ALWAYS</property>
|
|
+ <property name="shadow_type">GTK_SHADOW_NONE</property>
|
|
+ <property name="window_placement">GTK_CORNER_TOP_LEFT</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkViewport" id="viewport1">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="shadow_type">GTK_SHADOW_IN</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkVBox" id="vbox19">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">0</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkHBox" id="hbox8">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">0</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label52">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">Filter</property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0.5</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">10</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">False</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkEntry" id="fcontextFilterEntry">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="editable">True</property>
|
|
+ <property name="visibility">True</property>
|
|
+ <property name="max_length">0</property>
|
|
+ <property name="text" translatable="yes"></property>
|
|
+ <property name="has_frame">True</property>
|
|
+ <property name="invisible_char">•</property>
|
|
+ <property name="activates_default">False</property>
|
|
+ <signal name="changed" handler="on_booleansFilter_changed" last_modification_time="Fri, 06 Apr 2007 12:39:26 GMT"/>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">True</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">5</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkTreeView" id="fcontextView">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="headers_visible">True</property>
|
|
+ <property name="rules_hint">False</property>
|
|
+ <property name="reorderable">False</property>
|
|
+ <property name="enable_search">True</property>
|
|
+ <property name="fixed_height_mode">False</property>
|
|
+ <property name="hover_selection">False</property>
|
|
+ <property name="hover_expand">False</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">True</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">True</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="tab_expand">False</property>
|
|
+ <property name="tab_fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label38">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">label38</property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0.5</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="type">tab</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkVBox" id="vbox12">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">0</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkToolbar" id="toolbar3">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="orientation">GTK_ORIENTATION_HORIZONTAL</property>
|
|
+ <property name="toolbar_style">GTK_TOOLBAR_BOTH</property>
|
|
+ <property name="tooltips">True</property>
|
|
+ <property name="show_arrow">True</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkToolButton" id="toolbutton8">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="tooltip" translatable="yes">Add SELinux User Mapping</property>
|
|
+ <property name="stock_id">gtk-add</property>
|
|
+ <property name="visible_horizontal">True</property>
|
|
+ <property name="visible_vertical">True</property>
|
|
+ <property name="is_important">False</property>
|
|
+ <signal name="clicked" handler="on_add_clicked" last_modification_time="Mon, 16 Jan 2006 18:27:03 GMT"/>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="homogeneous">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkToolButton" id="toolbutton29">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="tooltip" translatable="yes">Modify SELinux User Mapping</property>
|
|
+ <property name="stock_id">gtk-properties</property>
|
|
+ <property name="visible_horizontal">True</property>
|
|
+ <property name="visible_vertical">True</property>
|
|
+ <property name="is_important">False</property>
|
|
+ <signal name="clicked" handler="on_properties_clicked" last_modification_time="Wed, 15 Nov 2006 16:38:33 GMT"/>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="homogeneous">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkToolButton" id="toolbutton10">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="tooltip" translatable="yes">Delete SELinux User Mapping</property>
|
|
+ <property name="stock_id">gtk-delete</property>
|
|
+ <property name="visible_horizontal">True</property>
|
|
+ <property name="visible_vertical">True</property>
|
|
+ <property name="is_important">False</property>
|
|
+ <signal name="clicked" handler="on_delete_clicked" last_modification_time="Mon, 16 Jan 2006 18:26:29 GMT"/>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="homogeneous">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">False</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkScrolledWindow" id="scrolledwindow16">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="hscrollbar_policy">GTK_POLICY_ALWAYS</property>
|
|
+ <property name="vscrollbar_policy">GTK_POLICY_ALWAYS</property>
|
|
+ <property name="shadow_type">GTK_SHADOW_NONE</property>
|
|
+ <property name="window_placement">GTK_CORNER_TOP_LEFT</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkTreeView" id="loginsView">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="headers_visible">True</property>
|
|
+ <property name="rules_hint">False</property>
|
|
+ <property name="reorderable">False</property>
|
|
+ <property name="enable_search">True</property>
|
|
+ <property name="fixed_height_mode">False</property>
|
|
+ <property name="hover_selection">False</property>
|
|
+ <property name="hover_expand">False</property>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">True</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="tab_expand">False</property>
|
|
+ <property name="tab_fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label39">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">label39</property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0.5</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="type">tab</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkVBox" id="vbox14">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">0</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkToolbar" id="toolbar5">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="orientation">GTK_ORIENTATION_HORIZONTAL</property>
|
|
+ <property name="toolbar_style">GTK_TOOLBAR_BOTH</property>
|
|
+ <property name="tooltips">True</property>
|
|
+ <property name="show_arrow">True</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkToolButton" id="toolbutton14">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="tooltip" translatable="yes">Add Translation</property>
|
|
+ <property name="stock_id">gtk-add</property>
|
|
+ <property name="visible_horizontal">True</property>
|
|
+ <property name="visible_vertical">True</property>
|
|
+ <property name="is_important">False</property>
|
|
+ <signal name="clicked" handler="on_add_clicked" last_modification_time="Mon, 16 Jan 2006 18:27:03 GMT"/>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="homogeneous">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkToolButton" id="toolbutton15">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="tooltip" translatable="yes">Modify Translation</property>
|
|
+ <property name="stock_id">gtk-properties</property>
|
|
+ <property name="visible_horizontal">True</property>
|
|
+ <property name="visible_vertical">True</property>
|
|
+ <property name="is_important">False</property>
|
|
+ <signal name="clicked" handler="on_properties_clicked" last_modification_time="Mon, 16 Jan 2006 18:26:51 GMT"/>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="homogeneous">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkToolButton" id="toolbutton16">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="tooltip" translatable="yes">Delete Translation</property>
|
|
+ <property name="stock_id">gtk-delete</property>
|
|
+ <property name="visible_horizontal">True</property>
|
|
+ <property name="visible_vertical">True</property>
|
|
+ <property name="is_important">False</property>
|
|
+ <signal name="clicked" handler="on_delete_clicked" last_modification_time="Mon, 16 Jan 2006 18:26:29 GMT"/>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="homogeneous">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">False</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkScrolledWindow" id="scrolledwindow11">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="hscrollbar_policy">GTK_POLICY_ALWAYS</property>
|
|
+ <property name="vscrollbar_policy">GTK_POLICY_ALWAYS</property>
|
|
+ <property name="shadow_type">GTK_SHADOW_NONE</property>
|
|
+ <property name="window_placement">GTK_CORNER_TOP_LEFT</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkTreeView" id="usersView">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="headers_visible">True</property>
|
|
+ <property name="rules_hint">False</property>
|
|
+ <property name="reorderable">False</property>
|
|
+ <property name="enable_search">True</property>
|
|
+ <property name="fixed_height_mode">False</property>
|
|
+ <property name="hover_selection">False</property>
|
|
+ <property name="hover_expand">False</property>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">True</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="tab_expand">False</property>
|
|
+ <property name="tab_fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label41">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">label41</property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0.5</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="type">tab</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkVBox" id="vbox13">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">0</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkToolbar" id="toolbar4">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="orientation">GTK_ORIENTATION_HORIZONTAL</property>
|
|
+ <property name="toolbar_style">GTK_TOOLBAR_BOTH</property>
|
|
+ <property name="tooltips">True</property>
|
|
+ <property name="show_arrow">True</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkToolButton" id="toolbutton11">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="tooltip" translatable="yes">Add SELinux User</property>
|
|
+ <property name="stock_id">gtk-add</property>
|
|
+ <property name="visible_horizontal">True</property>
|
|
+ <property name="visible_vertical">True</property>
|
|
+ <property name="is_important">False</property>
|
|
+ <signal name="clicked" handler="on_add_clicked" last_modification_time="Mon, 16 Jan 2006 18:27:03 GMT"/>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="homogeneous">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkToolButton" id="toolbutton12">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="tooltip" translatable="yes">Modify SELinux User</property>
|
|
+ <property name="stock_id">gtk-properties</property>
|
|
+ <property name="visible_horizontal">True</property>
|
|
+ <property name="visible_vertical">True</property>
|
|
+ <property name="is_important">False</property>
|
|
+ <signal name="clicked" handler="on_properties_clicked" last_modification_time="Mon, 16 Jan 2006 18:26:51 GMT"/>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="homogeneous">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkToolButton" id="toolbutton13">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="tooltip" translatable="yes">Add SELinux User</property>
|
|
+ <property name="stock_id">gtk-delete</property>
|
|
+ <property name="visible_horizontal">True</property>
|
|
+ <property name="visible_vertical">True</property>
|
|
+ <property name="is_important">False</property>
|
|
+ <signal name="clicked" handler="on_delete_clicked" last_modification_time="Mon, 16 Jan 2006 18:26:29 GMT"/>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="homogeneous">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">False</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkScrolledWindow" id="scrolledwindow12">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="hscrollbar_policy">GTK_POLICY_ALWAYS</property>
|
|
+ <property name="vscrollbar_policy">GTK_POLICY_ALWAYS</property>
|
|
+ <property name="shadow_type">GTK_SHADOW_NONE</property>
|
|
+ <property name="window_placement">GTK_CORNER_TOP_LEFT</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkTreeView" id="translationsView">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="headers_visible">True</property>
|
|
+ <property name="rules_hint">False</property>
|
|
+ <property name="reorderable">False</property>
|
|
+ <property name="enable_search">True</property>
|
|
+ <property name="fixed_height_mode">False</property>
|
|
+ <property name="hover_selection">False</property>
|
|
+ <property name="hover_expand">False</property>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">True</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="tab_expand">False</property>
|
|
+ <property name="tab_fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label40">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">label40</property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0.5</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="type">tab</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkVBox" id="vbox15">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">0</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkToolbar" id="toolbar6">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="orientation">GTK_ORIENTATION_HORIZONTAL</property>
|
|
+ <property name="toolbar_style">GTK_TOOLBAR_BOTH</property>
|
|
+ <property name="tooltips">False</property>
|
|
+ <property name="show_arrow">True</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkToolButton" id="portsAddButton">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="tooltip" translatable="yes">Add Network Port</property>
|
|
+ <property name="stock_id">gtk-add</property>
|
|
+ <property name="visible_horizontal">True</property>
|
|
+ <property name="visible_vertical">True</property>
|
|
+ <property name="is_important">False</property>
|
|
+ <signal name="clicked" handler="on_add_clicked" last_modification_time="Mon, 16 Jan 2006 18:27:03 GMT"/>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="homogeneous">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkToolButton" id="portsPropertiesButton">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="tooltip" translatable="yes">Edit Network Port</property>
|
|
+ <property name="stock_id">gtk-properties</property>
|
|
+ <property name="visible_horizontal">True</property>
|
|
+ <property name="visible_vertical">True</property>
|
|
+ <property name="is_important">False</property>
|
|
+ <signal name="clicked" handler="on_properties_clicked" last_modification_time="Mon, 16 Jan 2006 18:26:51 GMT"/>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="homogeneous">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkToolButton" id="portsDeleteButton">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="tooltip" translatable="yes">Delete Network Port</property>
|
|
+ <property name="stock_id">gtk-delete</property>
|
|
+ <property name="visible_horizontal">True</property>
|
|
+ <property name="visible_vertical">True</property>
|
|
+ <property name="is_important">False</property>
|
|
+ <signal name="clicked" handler="on_delete_clicked" last_modification_time="Mon, 16 Jan 2006 18:26:29 GMT"/>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="homogeneous">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkToolItem" id="toolitem2">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="visible_horizontal">True</property>
|
|
+ <property name="visible_vertical">True</property>
|
|
+ <property name="is_important">False</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkVSeparator" id="vseparator1">
|
|
+ <property name="width_request">32</property>
|
|
+ <property name="visible">True</property>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkToolItem" id="toolitem1">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="visible_horizontal">True</property>
|
|
+ <property name="visible_vertical">True</property>
|
|
+ <property name="is_important">False</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkToggleButton" id="portsGroupTogglebutton">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="tooltip" translatable="yes">Group/ungroup network ports by SELinux type.</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="relief">GTK_RELIEF_NORMAL</property>
|
|
+ <property name="focus_on_click">True</property>
|
|
+ <property name="active">False</property>
|
|
+ <property name="inconsistent">False</property>
|
|
+ <signal name="toggled" handler="on_groupview_toggled" last_modification_time="Wed, 15 Nov 2006 16:55:38 GMT"/>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkAlignment" id="alignment3">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="xalign">0.5</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xscale">0</property>
|
|
+ <property name="yscale">0</property>
|
|
+ <property name="top_padding">0</property>
|
|
+ <property name="bottom_padding">0</property>
|
|
+ <property name="left_padding">0</property>
|
|
+ <property name="right_padding">0</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkHBox" id="hbox5">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">2</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkImage" id="image1">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="stock">gtk-indent</property>
|
|
+ <property name="icon_size">4</property>
|
|
+ <property name="xalign">0.5</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">False</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label46">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">Group View</property>
|
|
+ <property name="use_underline">True</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0.5</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">False</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">False</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkScrolledWindow" id="scrolledwindow13">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="hscrollbar_policy">GTK_POLICY_ALWAYS</property>
|
|
+ <property name="vscrollbar_policy">GTK_POLICY_ALWAYS</property>
|
|
+ <property name="shadow_type">GTK_SHADOW_NONE</property>
|
|
+ <property name="window_placement">GTK_CORNER_TOP_LEFT</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkTreeView" id="portsView">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="headers_visible">True</property>
|
|
+ <property name="rules_hint">False</property>
|
|
+ <property name="reorderable">False</property>
|
|
+ <property name="enable_search">True</property>
|
|
+ <property name="fixed_height_mode">False</property>
|
|
+ <property name="hover_selection">False</property>
|
|
+ <property name="hover_expand">False</property>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">True</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="tab_expand">False</property>
|
|
+ <property name="tab_fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label42">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">label42</property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0.5</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="type">tab</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkVBox" id="vbox17">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">0</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkToolbar" id="toolbar8">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="orientation">GTK_ORIENTATION_HORIZONTAL</property>
|
|
+ <property name="toolbar_style">GTK_TOOLBAR_BOTH</property>
|
|
+ <property name="tooltips">True</property>
|
|
+ <property name="show_arrow">True</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkToolButton" id="newModuleButton">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="tooltip" translatable="yes">Generate new policy module</property>
|
|
+ <property name="stock_id">gtk-new</property>
|
|
+ <property name="visible_horizontal">True</property>
|
|
+ <property name="visible_vertical">True</property>
|
|
+ <property name="is_important">False</property>
|
|
+ <signal name="clicked" handler="on_new_clicked" last_modification_time="Sat, 17 Mar 2007 15:53:29 GMT"/>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="homogeneous">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkToolButton" id="toolbutton23">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="tooltip" translatable="yes">Load policy module</property>
|
|
+ <property name="stock_id">gtk-add</property>
|
|
+ <property name="visible_horizontal">True</property>
|
|
+ <property name="visible_vertical">True</property>
|
|
+ <property name="is_important">False</property>
|
|
+ <signal name="clicked" handler="on_add_clicked" last_modification_time="Mon, 16 Jan 2006 18:27:03 GMT"/>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="homogeneous">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkToolButton" id="toolbutton25">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="tooltip" translatable="yes">Remove loadable policy module</property>
|
|
+ <property name="stock_id">gtk-remove</property>
|
|
+ <property name="visible_horizontal">True</property>
|
|
+ <property name="visible_vertical">True</property>
|
|
+ <property name="is_important">False</property>
|
|
+ <signal name="clicked" handler="on_delete_clicked" last_modification_time="Mon, 16 Jan 2006 18:26:29 GMT"/>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="homogeneous">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkToolItem" id="toolitem3">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="visible_horizontal">True</property>
|
|
+ <property name="visible_vertical">True</property>
|
|
+ <property name="is_important">False</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkVSeparator" id="vseparator2">
|
|
+ <property name="width_request">10</property>
|
|
+ <property name="visible">True</property>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkToolButton" id="enableAuditButton">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="tooltip" translatable="yes">Enable additional audit rules, that are normally not reported in the log files.</property>
|
|
+ <property name="label" translatable="yes">Enable Audit</property>
|
|
+ <property name="use_underline">True</property>
|
|
+ <property name="stock_id">gtk-zoom-in</property>
|
|
+ <property name="visible_horizontal">True</property>
|
|
+ <property name="visible_vertical">True</property>
|
|
+ <property name="is_important">False</property>
|
|
+ <signal name="clicked" handler="on_disable_audit_clicked" last_modification_time="Wed, 15 Nov 2006 16:29:34 GMT"/>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="homogeneous">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkToolButton" id="disableAuditButton">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="tooltip" translatable="yes">Disable additional audit rules, that are normally not reported in the log files.</property>
|
|
+ <property name="label" translatable="yes">Disable Audit</property>
|
|
+ <property name="use_underline">True</property>
|
|
+ <property name="stock_id">gtk-zoom-out</property>
|
|
+ <property name="visible_horizontal">True</property>
|
|
+ <property name="visible_vertical">True</property>
|
|
+ <property name="is_important">False</property>
|
|
+ <signal name="clicked" handler="on_disable_audit_clicked" last_modification_time="Wed, 15 Nov 2006 16:29:34 GMT"/>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="homogeneous">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">False</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkScrolledWindow" id="scrolledwindow15">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="hscrollbar_policy">GTK_POLICY_ALWAYS</property>
|
|
+ <property name="vscrollbar_policy">GTK_POLICY_ALWAYS</property>
|
|
+ <property name="shadow_type">GTK_SHADOW_NONE</property>
|
|
+ <property name="window_placement">GTK_CORNER_TOP_LEFT</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkTreeView" id="modulesView">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="headers_visible">True</property>
|
|
+ <property name="rules_hint">False</property>
|
|
+ <property name="reorderable">False</property>
|
|
+ <property name="enable_search">True</property>
|
|
+ <property name="fixed_height_mode">False</property>
|
|
+ <property name="hover_selection">False</property>
|
|
+ <property name="hover_expand">False</property>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">True</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="tab_expand">False</property>
|
|
+ <property name="tab_fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label44">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">label44</property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0.5</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="type">tab</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="shrink">True</property>
|
|
+ <property name="resize">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">True</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child internal-child="appbar">
|
|
+ <widget class="GnomeAppBar" id="appbar2">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="has_progress">True</property>
|
|
+ <property name="has_status">True</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">True</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+</widget>
|
|
+
|
|
+</glade-interface>
|
|
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinux.py policycoreutils-2.0.10/gui/system-config-selinux.py
|
|
--- nsapolicycoreutils/gui/system-config-selinux.py 1969-12-31 19:00:00.000000000 -0500
|
|
+++ policycoreutils-2.0.10/gui/system-config-selinux.py 2007-04-24 14:43:23.000000000 -0400
|
|
@@ -0,0 +1,169 @@
|
|
+#!/usr/bin/python
|
|
+#
|
|
+# system-config-selinux.py - GUI for SELinux Config tool in system-config-selinux
|
|
+#
|
|
+# Dan Walsh <dwalsh@redhat.com>
|
|
+#
|
|
+# Copyright 2006 Red Hat, Inc.
|
|
+#
|
|
+# This program is free software; you can redistribute it and/or modify
|
|
+# it under the terms of the GNU General Public License as published by
|
|
+# the Free Software Foundation; either version 2 of the License, or
|
|
+# (at your option) any later version.
|
|
+#
|
|
+# This program is distributed in the hope that it will be useful,
|
|
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
+# GNU General Public License for more details.
|
|
+#
|
|
+# You should have received a copy of the GNU General Public License
|
|
+# along with this program; if not, write to the Free Software
|
|
+# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
|
|
+#
|
|
+import signal
|
|
+import string
|
|
+import gtk
|
|
+import gtk.glade
|
|
+import os
|
|
+import libxml2
|
|
+import gobject
|
|
+import gnome
|
|
+import sys
|
|
+import statusPage
|
|
+import booleansPage
|
|
+import loginsPage
|
|
+import usersPage
|
|
+import portsPage
|
|
+import modulesPage
|
|
+import fcontextPage
|
|
+import translationsPage
|
|
+import selinux
|
|
+##
|
|
+## I18N
|
|
+##
|
|
+PROGNAME="system-config-selinux"
|
|
+
|
|
+import gettext
|
|
+gettext.bindtextdomain(PROGNAME, "/usr/share/locale")
|
|
+gettext.textdomain(PROGNAME)
|
|
+try:
|
|
+ gettext.install(PROGNAME, localedir="/usr/share/locale", unicode=1)
|
|
+except IOError:
|
|
+ import __builtin__
|
|
+ __builtin__.__dict__['_'] = unicode
|
|
+
|
|
+gnome.program_init("SELinux Management Tool", "5")
|
|
+
|
|
+version = "1.0"
|
|
+
|
|
+sys.path.append('/usr/share/system-config-selinux')
|
|
+
|
|
+
|
|
+
|
|
+##
|
|
+## Pull in the Glade file
|
|
+##
|
|
+if os.access("system-config-selinux.glade", os.F_OK):
|
|
+ xml = gtk.glade.XML ("system-config-selinux.glade", domain=PROGNAME)
|
|
+else:
|
|
+ xml = gtk.glade.XML ("/usr/share/system-config-selinux/system-config-selinux.glade", domain=PROGNAME)
|
|
+
|
|
+class childWindow:
|
|
+ def __init__(self):
|
|
+ self.tabs=[]
|
|
+ self.xml = xml
|
|
+ xml.signal_connect("on_quit_activate", self.destroy)
|
|
+ xml.signal_connect("on_delete_clicked", self.delete)
|
|
+ xml.signal_connect("on_add_clicked", self.add)
|
|
+ xml.signal_connect("on_properties_clicked", self.properties)
|
|
+ self.add_page(statusPage.statusPage(xml))
|
|
+ if selinux.is_selinux_enabled() > 0:
|
|
+ self.add_page(booleansPage.booleansPage(xml))
|
|
+ self.add_page(fcontextPage.fcontextPage(xml))
|
|
+ self.add_page(loginsPage.loginsPage(xml))
|
|
+ self.add_page(usersPage.usersPage(xml))
|
|
+ self.add_page(translationsPage.translationsPage(xml))
|
|
+ self.add_page(portsPage.portsPage(xml))
|
|
+ self.add_page(modulesPage.modulesPage(xml)) # modules
|
|
+
|
|
+ xml.signal_connect("on_quit_activate", self.destroy)
|
|
+ xml.signal_connect("on_policy_activate", self.policy)
|
|
+ xml.signal_connect("on_logging_activate", self.logging)
|
|
+ xml.signal_connect("on_about_activate", self.on_about_activate)
|
|
+
|
|
+ self.add_menu = xml.get_widget("add_menu_item")
|
|
+ self.properties_menu = xml.get_widget("properties_menu_item")
|
|
+ self.delete_menu = xml.get_widget("delete_menu_item")
|
|
+
|
|
+ def add_page(self, page):
|
|
+ self.tabs.append(page)
|
|
+
|
|
+ def policy(self, args):
|
|
+ os.spawnl(os.P_NOWAIT, "/usr/share/system-config-selinux/semanagegui.py")
|
|
+ def logging(self, args):
|
|
+ os.spawnl(os.P_NOWAIT, "/usr/bin/seaudit")
|
|
+
|
|
+ def delete(self, args):
|
|
+ self.tabs[self.notebook.get_current_page()].deleteDialog()
|
|
+
|
|
+ def add(self, args):
|
|
+ self.tabs[self.notebook.get_current_page()].addDialog()
|
|
+
|
|
+ def properties(self, args):
|
|
+ self.tabs[self.notebook.get_current_page()].propertiesDialog()
|
|
+
|
|
+ def on_about_activate(self, args):
|
|
+ dlg = xml.get_widget ("aboutWindow")
|
|
+ dlg.run ()
|
|
+ dlg.hide ()
|
|
+
|
|
+ def destroy(self, args):
|
|
+ gtk.main_quit()
|
|
+
|
|
+ def use_menus(self, use_menus):
|
|
+ self.add_menu.set_sensitive(use_menus)
|
|
+ self.properties_menu.set_sensitive(use_menus)
|
|
+ self.delete_menu.set_sensitive(use_menus)
|
|
+
|
|
+ def itemSelected(self, selection):
|
|
+ store, rows = selection.get_selected_rows()
|
|
+ if store != None and len(rows) > 0:
|
|
+ self.notebook.set_current_page(rows[0][0])
|
|
+ self.use_menus(self.tabs[rows[0][0]].use_menus())
|
|
+ else:
|
|
+ self.notebook.set_current_page(0)
|
|
+ self.use_menus(self.tabs[0].use_menus())
|
|
+
|
|
+
|
|
+ def setupScreen(self):
|
|
+ # Bring in widgets from glade file.
|
|
+ self.mainWindow = self.xml.get_widget("mainWindow")
|
|
+ self.notebook = self.xml.get_widget("notebook")
|
|
+ self.view = self.xml.get_widget("selectView")
|
|
+ self.view.get_selection().connect("changed", self.itemSelected)
|
|
+ self.store = gtk.ListStore(gobject.TYPE_STRING)
|
|
+ self.view.set_model(self.store)
|
|
+ col = gtk.TreeViewColumn("", gtk.CellRendererText(), text = 0)
|
|
+ col.set_resizable(True)
|
|
+ self.view.append_column(col)
|
|
+
|
|
+ for page in self.tabs:
|
|
+ iter = self.store.append()
|
|
+ self.store.set_value(iter, 0, page.get_description())
|
|
+ self.view.get_selection().select_path ((0,))
|
|
+
|
|
+ def stand_alone(self):
|
|
+ desktopName = _("Configue SELinux")
|
|
+
|
|
+ self.setupScreen()
|
|
+
|
|
+ self.mainWindow.connect("destroy", self.destroy)
|
|
+
|
|
+ self.mainWindow.show_all()
|
|
+ gtk.main()
|
|
+
|
|
+if __name__ == "__main__":
|
|
+ signal.signal (signal.SIGINT, signal.SIG_DFL)
|
|
+
|
|
+ app = childWindow()
|
|
+ app.stand_alone()
|
|
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/executable.py policycoreutils-2.0.10/gui/templates/executable.py
|
|
--- nsapolicycoreutils/gui/templates/executable.py 1969-12-31 19:00:00.000000000 -0500
|
|
+++ policycoreutils-2.0.10/gui/templates/executable.py 2007-04-24 14:43:23.000000000 -0400
|
|
@@ -0,0 +1,156 @@
|
|
+#! /usr/bin/env python
|
|
+# Copyright (C) 2007 Red Hat
|
|
+# see file 'COPYING' for use and warranty information
|
|
+#
|
|
+# policygentool is a tool for the initial generation of SELinux policy
|
|
+#
|
|
+# This program is free software; you can redistribute it and/or
|
|
+# modify it under the terms of the GNU General Public License as
|
|
+# published by the Free Software Foundation; either version 2 of
|
|
+# the License, or (at your option) any later version.
|
|
+#
|
|
+# This program is distributed in the hope that it will be useful,
|
|
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
+# GNU General Public License for more details.
|
|
+#
|
|
+# You should have received a copy of the GNU General Public License
|
|
+# along with this program; if not, write to the Free Software
|
|
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
|
|
+# 02111-1307 USA
|
|
+#
|
|
+#
|
|
+########################### Type Enforcement File #############################
|
|
+te_daemon_types="""\
|
|
+policy_module(TEMPLATETYPE,1.0.0)
|
|
+
|
|
+########################################
|
|
+#
|
|
+# Declarations
|
|
+#
|
|
+
|
|
+type TEMPLATETYPE_t;
|
|
+type TEMPLATETYPE_exec_t;
|
|
+domain_type(TEMPLATETYPE_t)
|
|
+init_daemon_domain(TEMPLATETYPE_t, TEMPLATETYPE_exec_t)
|
|
+"""
|
|
+
|
|
+te_inetd_types="""\
|
|
+policy_module(TEMPLATETYPE,1.0.0)
|
|
+
|
|
+########################################
|
|
+#
|
|
+# Declarations
|
|
+#
|
|
+
|
|
+type TEMPLATETYPE_t;
|
|
+type TEMPLATETYPE_exec_t;
|
|
+inetd_service_domain(TEMPLATETYPE_t, TEMPLATETYPE_exec_t)
|
|
+"""
|
|
+
|
|
+te_userapp_types="""\
|
|
+policy_module(TEMPLATETYPE,1.0.0)
|
|
+
|
|
+########################################
|
|
+#
|
|
+# Declarations
|
|
+#
|
|
+
|
|
+type TEMPLATETYPE_exec_t;
|
|
+corecmd_executable_file(TEMPLATETYPE_exec_t)
|
|
+"""
|
|
+
|
|
+te_cgi_types="""\
|
|
+policy_module(TEMPLATETYPE,1.0.0)
|
|
+
|
|
+########################################
|
|
+#
|
|
+# Declarations
|
|
+#
|
|
+
|
|
+apache_content_template(TEMPLATETYPE)
|
|
+"""
|
|
+
|
|
+te_daemon_rules="""
|
|
+########################################
|
|
+#
|
|
+# TEMPLATETYPE local policy
|
|
+#
|
|
+
|
|
+# Init script handling
|
|
+init_use_fds(TEMPLATETYPE_t)
|
|
+init_use_script_ptys(TEMPLATETYPE_t)
|
|
+domain_use_interactive_fds(TEMPLATETYPE_t)
|
|
+
|
|
+## internal communication is often done using fifo and unix sockets.
|
|
+allow TEMPLATETYPE_t self:fifo_file rw_file_perms;
|
|
+allow TEMPLATETYPE_t self:unix_stream_socket create_stream_socket_perms;
|
|
+
|
|
+files_read_etc_files(TEMPLATETYPE_t)
|
|
+
|
|
+libs_use_ld_so(TEMPLATETYPE_t)
|
|
+libs_use_shared_libs(TEMPLATETYPE_t)
|
|
+
|
|
+miscfiles_read_localization(TEMPLATETYPE_t)
|
|
+
|
|
+ifdef(`targeted_policy',`
|
|
+ term_dontaudit_use_unallocated_ttys(TEMPLATETYPE_t)
|
|
+ term_dontaudit_use_generic_ptys(TEMPLATETYPE_t)
|
|
+')
|
|
+
|
|
+"""
|
|
+
|
|
+te_inetd_rules="""
|
|
+"""
|
|
+
|
|
+te_userapp_rules="""
|
|
+"""
|
|
+
|
|
+te_cgi_rules="""
|
|
+"""
|
|
+
|
|
+te_uid_rules="""
|
|
+auth_use_nsswitch(TEMPLATETYPE_t)
|
|
+"""
|
|
+
|
|
+te_syslog_rules="""
|
|
+logging_send_syslog_msg(TEMPLATETYPE_t)
|
|
+"""
|
|
+
|
|
+te_pam_rules="""
|
|
+auth_domtrans_chk_passwd(TEMPLATETYPE_t)
|
|
+"""
|
|
+
|
|
+########################### Interface File #############################
|
|
+if_rules="""
|
|
+## <summary>policy for TEMPLATETYPE</summary>
|
|
+
|
|
+########################################
|
|
+## <summary>
|
|
+## Execute a domain transition to run TEMPLATETYPE.
|
|
+## </summary>
|
|
+## <param name=\"domain\">
|
|
+## <summary>
|
|
+## Domain allowed to transition.
|
|
+## </summary>
|
|
+## </param>
|
|
+#
|
|
+interface(`TEMPLATETYPE_domtrans',`
|
|
+ gen_require(`
|
|
+ type TEMPLATETYPE_t, TEMPLATETYPE_exec_t;
|
|
+ ')
|
|
+
|
|
+ domain_auto_trans($1,TEMPLATETYPE_exec_t,TEMPLATETYPE_t)
|
|
+
|
|
+ allow TEMPLATETYPE_t $1:fd use;
|
|
+ allow TEMPLATETYPE_t $1:fifo_file rw_file_perms;
|
|
+ allow TEMPLATETYPE_t $1:process sigchld;
|
|
+')
|
|
+"""
|
|
+
|
|
+########################### File Context ##################################
|
|
+fc_file="""\
|
|
+
|
|
+EXECUTABLE -- gen_context(system_u:object_r:TEMPLATETYPE_exec_t,s0)
|
|
+"""
|
|
+
|
|
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/__init__.py policycoreutils-2.0.10/gui/templates/__init__.py
|
|
--- nsapolicycoreutils/gui/templates/__init__.py 1969-12-31 19:00:00.000000000 -0500
|
|
+++ policycoreutils-2.0.10/gui/templates/__init__.py 2007-04-24 14:43:23.000000000 -0400
|
|
@@ -0,0 +1,18 @@
|
|
+#
|
|
+# Copyright (C) 2007 Red Hat, Inc.
|
|
+#
|
|
+# This program is free software; you can redistribute it and/or modify
|
|
+# it under the terms of the GNU General Public License as published by
|
|
+# the Free Software Foundation; either version 2 of the License, or
|
|
+# (at your option) any later version.
|
|
+#
|
|
+# This program is distributed in the hope that it will be useful,
|
|
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
+# GNU General Public License for more details.
|
|
+#
|
|
+# You should have received a copy of the GNU General Public License
|
|
+# along with this program; if not, write to the Free Software
|
|
+# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
|
|
+#
|
|
+
|
|
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/network.py policycoreutils-2.0.10/gui/templates/network.py
|
|
--- nsapolicycoreutils/gui/templates/network.py 1969-12-31 19:00:00.000000000 -0500
|
|
+++ policycoreutils-2.0.10/gui/templates/network.py 2007-04-24 14:43:23.000000000 -0400
|
|
@@ -0,0 +1,44 @@
|
|
+te_port_types="""\
|
|
+type TEMPLATETYPE_port_t;
|
|
+corenet_port(TEMPLATETYPE_port_t)
|
|
+"""
|
|
+
|
|
+te_network="""\
|
|
+sysnet_dns_name_resolve(TEMPLATETYPE_t)
|
|
+corenet_non_ipsec_sendrecv(TEMPLATETYPE_t)
|
|
+"""
|
|
+
|
|
+te_tcp="""\
|
|
+allow TEMPLATETYPE_t self:tcp_socket create_stream_socket_perms;
|
|
+corenet_tcp_sendrecv_all_if(TEMPLATETYPE_t)
|
|
+corenet_tcp_sendrecv_all_nodes(TEMPLATETYPE_t)
|
|
+corenet_tcp_sendrecv_all_ports(TEMPLATETYPE_t)
|
|
+"""
|
|
+
|
|
+te_in_tcp="""\
|
|
+corenet_tcp_bind_all_nodes(TEMPLATETYPE_t)
|
|
+"""
|
|
+
|
|
+te_in_need_port_tcp="""\
|
|
+allow TEMPLATETYPE_t TEMPLATETYPE_port_t:tcp_socket name_bind;
|
|
+"""
|
|
+
|
|
+te_out_need_port_tcp="""\
|
|
+allow TEMPLATETYPE_t TEMPLATETYPE_port_t:tcp_socket name_connect;
|
|
+"""
|
|
+
|
|
+te_udp="""\
|
|
+allow TEMPLATETYPE_t self:udp_socket { create_socket_perms listen };
|
|
+corenet_udp_sendrecv_all_if(TEMPLATETYPE_t)
|
|
+corenet_udp_sendrecv_all_nodes(TEMPLATETYPE_t)
|
|
+corenet_udp_sendrecv_all_ports(TEMPLATETYPE_t)
|
|
+"""
|
|
+
|
|
+te_in_udp="""\
|
|
+corenet_udp_bind_all_nodes(TEMPLATETYPE_t)
|
|
+"""
|
|
+
|
|
+te_in_need_port_udp="""\
|
|
+allow TEMPLATETYPE_t TEMPLATETYPE_port_t:udp_socket name_bind;
|
|
+"""
|
|
+
|
|
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/rw.py policycoreutils-2.0.10/gui/templates/rw.py
|
|
--- nsapolicycoreutils/gui/templates/rw.py 1969-12-31 19:00:00.000000000 -0500
|
|
+++ policycoreutils-2.0.10/gui/templates/rw.py 2007-04-24 14:43:23.000000000 -0400
|
|
@@ -0,0 +1,104 @@
|
|
+# Copyright (C) 2007 Red Hat
|
|
+# see file 'COPYING' for use and warranty information
|
|
+#
|
|
+# policygentool is a tool for the initial generation of SELinux policy
|
|
+#
|
|
+# This program is free software; you can redistribute it and/or
|
|
+# modify it under the terms of the GNU General Public License as
|
|
+# published by the Free Software Foundation; either version 2 of
|
|
+# the License, or (at your option) any later version.
|
|
+#
|
|
+# This program is distributed in the hope that it will be useful,
|
|
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
+# GNU General Public License for more details.
|
|
+#
|
|
+# You should have received a copy of the GNU General Public License
|
|
+# along with this program; if not, write to the Free Software
|
|
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
|
|
+# 02111-1307 USA
|
|
+#
|
|
+#
|
|
+
|
|
+########################### tmp Template File #############################
|
|
+te_types="""
|
|
+type TEMPLATETYPE_rw_t;
|
|
+file_type(TEMPLATETYPE_rw_t)
|
|
+"""
|
|
+
|
|
+te_rules="""
|
|
+allow TEMPLATETYPE_t TEMPLATETYPE_rw_t:file manage_file_perms;
|
|
+allow TEMPLATETYPE_t TEMPLATETYPE_rw_t:dir create_dir_perms;
|
|
+files_pid_filetrans(TEMPLATETYPE_t,TEMPLATETYPE_rw_t, { file dir })
|
|
+"""
|
|
+
|
|
+########################### Interface File #############################
|
|
+if_rules="""
|
|
+########################################
|
|
+## <summary>
|
|
+## Search TEMPLATETYPE rw directories.
|
|
+## </summary>
|
|
+## <param name="domain">
|
|
+## <summary>
|
|
+## Domain allowed access.
|
|
+## </summary>
|
|
+## </param>
|
|
+#
|
|
+interface(`TEMPLATETYPE_search_rw_dir',`
|
|
+ gen_require(`
|
|
+ type TEMPLATETYPE_rw_t;
|
|
+ ')
|
|
+
|
|
+ allow $1 TEMPLATETYPE_rw_t:dir search_dir_perms;
|
|
+ files_search_rw($1)
|
|
+')
|
|
+
|
|
+########################################
|
|
+## <summary>
|
|
+## Read TEMPLATETYPE rw files.
|
|
+## </summary>
|
|
+## <param name="domain">
|
|
+## <summary>
|
|
+## Domain allowed access.
|
|
+## </summary>
|
|
+## </param>
|
|
+#
|
|
+interface(`TEMPLATETYPE_read_rw_files',`
|
|
+ gen_require(`
|
|
+ type TEMPLATETYPE_rw_t;
|
|
+ ')
|
|
+
|
|
+ allow $1 TEMPLATETYPE_rw_t:file r_file_perms;
|
|
+ allow $1 TEMPLATETYPE_rw_t:dir list_dir_perms;
|
|
+ files_search_rw($1)
|
|
+')
|
|
+
|
|
+########################################
|
|
+## <summary>
|
|
+## Create, read, write, and delete
|
|
+## TEMPLATETYPE rw files.
|
|
+## </summary>
|
|
+## <param name="domain">
|
|
+## <summary>
|
|
+## Domain allowed access.
|
|
+## </summary>
|
|
+## </param>
|
|
+#
|
|
+interface(`TEMPLATETYPE_manage_rw_files',`
|
|
+ gen_require(`
|
|
+ type TEMPLATETYPE_rw_t;
|
|
+ ')
|
|
+
|
|
+ allow $1 TEMPLATETYPE_rw_t:file manage_file_perms;
|
|
+ allow $1 TEMPLATETYPE_rw_t:dir rw_dir_perms;
|
|
+')
|
|
+"""
|
|
+
|
|
+########################### File Context ##################################
|
|
+fc_file="""
|
|
+FILENAME -- gen_context(system_u:object_r:TEMPLATETYPE_rw_t,s0)
|
|
+"""
|
|
+
|
|
+fc_dir="""
|
|
+FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_rw_t,s0)
|
|
+"""
|
|
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/script.py policycoreutils-2.0.10/gui/templates/script.py
|
|
--- nsapolicycoreutils/gui/templates/script.py 1969-12-31 19:00:00.000000000 -0500
|
|
+++ policycoreutils-2.0.10/gui/templates/script.py 2007-04-24 14:43:23.000000000 -0400
|
|
@@ -0,0 +1,42 @@
|
|
+# Copyright (C) 2007 Red Hat
|
|
+# see file 'COPYING' for use and warranty information
|
|
+#
|
|
+# policygentool is a tool for the initial generation of SELinux policy
|
|
+#
|
|
+# This program is free software; you can redistribute it and/or
|
|
+# modify it under the terms of the GNU General Public License as
|
|
+# published by the Free Software Foundation; either version 2 of
|
|
+# the License, or (at your option) any later version.
|
|
+#
|
|
+# This program is distributed in the hope that it will be useful,
|
|
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
+# GNU General Public License for more details.
|
|
+#
|
|
+# You should have received a copy of the GNU General Public License
|
|
+# along with this program; if not, write to the Free Software
|
|
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
|
|
+# 02111-1307 USA
|
|
+#
|
|
+#
|
|
+
|
|
+########################### tmp Template File #############################
|
|
+compile="""
|
|
+#!/bin/sh
|
|
+make -f /usr/share/selinux/devel/Makefile
|
|
+/usr/sbin/semodule -i PACKAGEFILENAME.pp
|
|
+
|
|
+"""
|
|
+
|
|
+restorecon="""\
|
|
+/sbin/restorecon -F -R -v FILENAME
|
|
+"""
|
|
+
|
|
+tcp_ports="""\
|
|
+/usr/sbin/semanage port -a -t TEMPLATETYPE_port_t -p tcp PORTNUM
|
|
+"""
|
|
+
|
|
+udp_ports="""\
|
|
+/usr/sbin/semanage port -a -t TEMPLATETYPE_port_t -p udp PORTNUM
|
|
+"""
|
|
+
|
|
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/semodule.py policycoreutils-2.0.10/gui/templates/semodule.py
|
|
--- nsapolicycoreutils/gui/templates/semodule.py 1969-12-31 19:00:00.000000000 -0500
|
|
+++ policycoreutils-2.0.10/gui/templates/semodule.py 2007-04-24 14:43:23.000000000 -0400
|
|
@@ -0,0 +1,41 @@
|
|
+# Copyright (C) 2007 Red Hat
|
|
+# see file 'COPYING' for use and warranty information
|
|
+#
|
|
+# policygentool is a tool for the initial generation of SELinux policy
|
|
+#
|
|
+# This program is free software; you can redistribute it and/or
|
|
+# modify it under the terms of the GNU General Public License as
|
|
+# published by the Free Software Foundation; either version 2 of
|
|
+# the License, or (at your option) any later version.
|
|
+#
|
|
+# This program is distributed in the hope that it will be useful,
|
|
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
+# GNU General Public License for more details.
|
|
+#
|
|
+# You should have received a copy of the GNU General Public License
|
|
+# along with this program; if not, write to the Free Software
|
|
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
|
|
+# 02111-1307 USA
|
|
+#
|
|
+#
|
|
+
|
|
+########################### tmp Template File #############################
|
|
+compile="""
|
|
+#!/bin/sh
|
|
+make -f /usr/share/selinux/devel/Makefile
|
|
+semodule -i TEMPLATETYPE.pp
|
|
+"""
|
|
+
|
|
+restorecon="""
|
|
+restorecon -R -v FILENAME
|
|
+"""
|
|
+
|
|
+tcp_ports="""
|
|
+semanage ports -a -t TEMPLATETYPE_port_t -p tcp PORTNUM
|
|
+"""
|
|
+
|
|
+udp_ports="""
|
|
+semanage ports -a -t TEMPLATETYPE_port_t -p udp PORTNUM
|
|
+"""
|
|
+
|
|
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/tmp.py policycoreutils-2.0.10/gui/templates/tmp.py
|
|
--- nsapolicycoreutils/gui/templates/tmp.py 1969-12-31 19:00:00.000000000 -0500
|
|
+++ policycoreutils-2.0.10/gui/templates/tmp.py 2007-04-24 14:43:23.000000000 -0400
|
|
@@ -0,0 +1,72 @@
|
|
+# Copyright (C) 2007 Red Hat
|
|
+# see file 'COPYING' for use and warranty information
|
|
+#
|
|
+# policygentool is a tool for the initial generation of SELinux policy
|
|
+#
|
|
+# This program is free software; you can redistribute it and/or
|
|
+# modify it under the terms of the GNU General Public License as
|
|
+# published by the Free Software Foundation; either version 2 of
|
|
+# the License, or (at your option) any later version.
|
|
+#
|
|
+# This program is distributed in the hope that it will be useful,
|
|
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
+# GNU General Public License for more details.
|
|
+#
|
|
+# You should have received a copy of the GNU General Public License
|
|
+# along with this program; if not, write to the Free Software
|
|
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
|
|
+# 02111-1307 USA
|
|
+#
|
|
+#
|
|
+########################### tmp Template File #############################
|
|
+
|
|
+te_types="""
|
|
+type TEMPLATETYPE_tmp_t;
|
|
+files_tmp_file(TEMPLATETYPE_tmp_t)
|
|
+"""
|
|
+
|
|
+te_rules="""
|
|
+allow TEMPLATETYPE_t TEMPLATETYPE_tmp_t:file manage_file_perms;
|
|
+allow TEMPLATETYPE_t TEMPLATETYPE_tmp_t:dir create_dir_perms;
|
|
+files_pid_filetrans(TEMPLATETYPE_t,TEMPLATETYPE_tmp_t, { file dir })
|
|
+"""
|
|
+
|
|
+if_rules="""
|
|
+########################################
|
|
+## <summary>
|
|
+## Do not audit attempts to read,
|
|
+## TEMPLATETYPE tmp files
|
|
+## </summary>
|
|
+## <param name="domain">
|
|
+## <summary>
|
|
+## Domain to not audit.
|
|
+## </summary>
|
|
+## </param>
|
|
+#
|
|
+interface(`TEMPLATETYPE_dontaudit_read_tmp_files',`
|
|
+ gen_require(`
|
|
+ type TEMPLATETYPE_tmp_t;
|
|
+ ')
|
|
+
|
|
+ dontaudit $1 TEMPLATETYPE_tmp_t:file r_file_perms;
|
|
+')
|
|
+
|
|
+########################################
|
|
+## <summary>
|
|
+## Allow domain to read, TEMPLATETYPE tmp files
|
|
+## </summary>
|
|
+## <param name="domain">
|
|
+## <summary>
|
|
+## Domain to not audit.
|
|
+## </summary>
|
|
+## </param>
|
|
+#
|
|
+interface(`TEMPLATETYPE_read_tmp_files',`
|
|
+ gen_require(`
|
|
+ type TEMPLATETYPE_tmp_t;
|
|
+ ')
|
|
+
|
|
+ dontaudit $1 TEMPLATETYPE_tmp_t:file r_file_perms;
|
|
+')
|
|
+"""
|
|
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_lib.py policycoreutils-2.0.10/gui/templates/var_lib.py
|
|
--- nsapolicycoreutils/gui/templates/var_lib.py 1969-12-31 19:00:00.000000000 -0500
|
|
+++ policycoreutils-2.0.10/gui/templates/var_lib.py 2007-04-24 14:43:23.000000000 -0400
|
|
@@ -0,0 +1,137 @@
|
|
+# Copyright (C) 2007 Red Hat
|
|
+# see file 'COPYING' for use and warranty information
|
|
+#
|
|
+# policygentool is a tool for the initial generation of SELinux policy
|
|
+#
|
|
+# This program is free software; you can redistribute it and/or
|
|
+# modify it under the terms of the GNU General Public License as
|
|
+# published by the Free Software Foundation; either version 2 of
|
|
+# the License, or (at your option) any later version.
|
|
+#
|
|
+# This program is distributed in the hope that it will be useful,
|
|
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
+# GNU General Public License for more details.
|
|
+#
|
|
+# You should have received a copy of the GNU General Public License
|
|
+# along with this program; if not, write to the Free Software
|
|
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
|
|
+# 02111-1307 USA
|
|
+#
|
|
+#
|
|
+########################### var_lib Template File #############################
|
|
+
|
|
+########################### Type Enforcement File #############################
|
|
+te_types="""
|
|
+type TEMPLATETYPE_var_lib_t;
|
|
+files_type(TEMPLATETYPE_var_lib_t)
|
|
+"""
|
|
+te_rules="""
|
|
+allow TEMPLATETYPE_t TEMPLATETYPE_var_lib_t:file manage_file_perms;
|
|
+allow TEMPLATETYPE_t TEMPLATETYPE_var_lib_t:dir manage_dir_perms;
|
|
+files_var_lib_filetrans(TEMPLATETYPE_t,TEMPLATETYPE_var_lib_t, { file dir })
|
|
+"""
|
|
+
|
|
+te_stream_rules="""\
|
|
+allow TEMPLATETYPE_t TEMPLATETYPE_var_lib_t:sock_file manage_file_perms;
|
|
+files_pid_filetrans(TEMPLATETYPE_t,TEMPLATETYPE_var_lib_t, sock_file)
|
|
+"""
|
|
+
|
|
+
|
|
+########################### Interface File #############################
|
|
+if_rules="""
|
|
+########################################
|
|
+## <summary>
|
|
+## Search TEMPLATETYPE lib directories.
|
|
+## </summary>
|
|
+## <param name="domain">
|
|
+## <summary>
|
|
+## Domain allowed access.
|
|
+## </summary>
|
|
+## </param>
|
|
+#
|
|
+interface(`TEMPLATETYPE_search_lib',`
|
|
+ gen_require(`
|
|
+ type TEMPLATETYPE_var_lib_t;
|
|
+ ')
|
|
+
|
|
+ allow $1 TEMPLATETYPE_var_lib_t:dir search_dir_perms;
|
|
+ files_search_var_lib($1)
|
|
+')
|
|
+
|
|
+########################################
|
|
+## <summary>
|
|
+## Read TEMPLATETYPE lib files.
|
|
+## </summary>
|
|
+## <param name="domain">
|
|
+## <summary>
|
|
+## Domain allowed access.
|
|
+## </summary>
|
|
+## </param>
|
|
+#
|
|
+interface(`TEMPLATETYPE_read_lib_files',`
|
|
+ gen_require(`
|
|
+ type TEMPLATETYPE_var_lib_t;
|
|
+ ')
|
|
+
|
|
+ allow $1 TEMPLATETYPE_var_lib_t:file r_file_perms;
|
|
+ allow $1 TEMPLATETYPE_var_lib_t:dir list_dir_perms;
|
|
+ files_search_var_lib($1)
|
|
+')
|
|
+
|
|
+########################################
|
|
+## <summary>
|
|
+## Create, read, write, and delete
|
|
+## TEMPLATETYPE lib files.
|
|
+## </summary>
|
|
+## <param name="domain">
|
|
+## <summary>
|
|
+## Domain allowed access.
|
|
+## </summary>
|
|
+## </param>
|
|
+#
|
|
+interface(`TEMPLATETYPE_manage_lib_files',`
|
|
+ gen_require(`
|
|
+ type TEMPLATETYPE_var_lib_t;
|
|
+ ')
|
|
+
|
|
+ allow $1 TEMPLATETYPE_var_lib_t:file manage_file_perms;
|
|
+ allow $1 TEMPLATETYPE_var_lib_t:dir rw_dir_perms;
|
|
+ files_search_var_lib($1)
|
|
+')
|
|
+"""
|
|
+
|
|
+if_stream_rules="""
|
|
+########################################
|
|
+## <summary>
|
|
+## Connect to TEMPLATETYPE over an unix stream socket.
|
|
+## </summary>
|
|
+## <param name="domain">
|
|
+## <summary>
|
|
+## Domain allowed access.
|
|
+## </summary>
|
|
+## </param>
|
|
+#
|
|
+interface(`TEMPLATETYPE_stream_connect',`
|
|
+ gen_require(`
|
|
+ type TEMPLATETYPE_t, TEMPLATETYPE_var_lib_t;
|
|
+ ')
|
|
+
|
|
+ files_search_pids($1)
|
|
+ allow $1 TEMPLATETYPE_var_lib_t:sock_file write;
|
|
+ allow $1 TEMPLATETYPE_t:unix_stream_socket connectto;
|
|
+')
|
|
+"""
|
|
+
|
|
+########################### File Context ##################################
|
|
+fc_file="""\
|
|
+FILENAME -- gen_context(system_u:object_r:TEMPLATETYPE_var_lib_t,s0)
|
|
+"""
|
|
+
|
|
+fc_sock_file="""\
|
|
+FILENAME -s gen_context(system_u:object_r:TEMPLATETYPE_var_lib_t,s0)
|
|
+"""
|
|
+
|
|
+fc_dir="""\
|
|
+FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_var_lib_t,s0)
|
|
+"""
|
|
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_log.py policycoreutils-2.0.10/gui/templates/var_log.py
|
|
--- nsapolicycoreutils/gui/templates/var_log.py 1969-12-31 19:00:00.000000000 -0500
|
|
+++ policycoreutils-2.0.10/gui/templates/var_log.py 2007-04-24 14:43:23.000000000 -0400
|
|
@@ -0,0 +1,89 @@
|
|
+# Copyright (C) 2007 Red Hat
|
|
+# see file 'COPYING' for use and warranty information
|
|
+#
|
|
+# policygentool is a tool for the initial generation of SELinux policy
|
|
+#
|
|
+# This program is free software; you can redistribute it and/or
|
|
+# modify it under the terms of the GNU General Public License as
|
|
+# published by the Free Software Foundation; either version 2 of
|
|
+# the License, or (at your option) any later version.
|
|
+#
|
|
+# This program is distributed in the hope that it will be useful,
|
|
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
+# GNU General Public License for more details.
|
|
+#
|
|
+# You should have received a copy of the GNU General Public License
|
|
+# along with this program; if not, write to the Free Software
|
|
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
|
|
+# 02111-1307 USA
|
|
+#
|
|
+#
|
|
+########################### var_log Template File #############################
|
|
+
|
|
+########################### Type Enforcement File #############################
|
|
+te_types="""
|
|
+type TEMPLATETYPE_log_t;
|
|
+logging_log_file(TEMPLATETYPE_log_t)
|
|
+"""
|
|
+
|
|
+te_rules="""
|
|
+allow TEMPLATETYPE_t TEMPLATETYPE_log_t:file manage_file_perms;
|
|
+allow TEMPLATETYPE_t TEMPLATETYPE_log_t:dir { rw_dir_perms setattr };
|
|
+logging_log_filetrans(TEMPLATETYPE_t,TEMPLATETYPE_log_t,{ file dir })
|
|
+"""
|
|
+
|
|
+########################### Interface File #############################
|
|
+if_rules="""
|
|
+########################################
|
|
+## <summary>
|
|
+## Allow the specified domain to read TEMPLATETYPE's log files.
|
|
+## </summary>
|
|
+## <param name="domain">
|
|
+## <summary>
|
|
+## Domain allowed access.
|
|
+## </summary>
|
|
+## </param>
|
|
+## <rolecap/>
|
|
+#
|
|
+interface(`TEMPLATETYPE_read_log',`
|
|
+ gen_require(`
|
|
+ type TEMPLATETYPE_log_t;
|
|
+ ')
|
|
+
|
|
+ logging_search_logs($1)
|
|
+ allow $1 TEMPLATETYPE_log_t:dir r_dir_perms;
|
|
+ allow $1 TEMPLATETYPE_log_t:file { read getattr lock };
|
|
+')
|
|
+
|
|
+########################################
|
|
+## <summary>
|
|
+## Allow the specified domain to append
|
|
+## TEMPLATETYPE log files.
|
|
+## </summary>
|
|
+## <param name="domain">
|
|
+## <summary>
|
|
+## Domain allowed to transition.
|
|
+## </summary>
|
|
+## </param>
|
|
+#
|
|
+interface(`TEMPLATETYPE_append_log',`
|
|
+ gen_require(`
|
|
+ type var_log_t, TEMPLATETYPE_log_t;
|
|
+ ')
|
|
+
|
|
+ logging_search_logs($1)
|
|
+ allow $1 TEMPLATETYPE_log_t:dir r_dir_perms;
|
|
+ allow $1 TEMPLATETYPE_log_t:file { getattr append };
|
|
+')
|
|
+
|
|
+"""
|
|
+
|
|
+########################### File Context ##################################
|
|
+fc_file="""\
|
|
+FILENAME -- gen_context(system_u:object_r:TEMPLATETYPE_log_t,s0)
|
|
+"""
|
|
+
|
|
+fc_dir="""\
|
|
+FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_log_t,s0)
|
|
+"""
|
|
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_run.py policycoreutils-2.0.10/gui/templates/var_run.py
|
|
--- nsapolicycoreutils/gui/templates/var_run.py 1969-12-31 19:00:00.000000000 -0500
|
|
+++ policycoreutils-2.0.10/gui/templates/var_run.py 2007-04-24 14:43:23.000000000 -0400
|
|
@@ -0,0 +1,95 @@
|
|
+# Copyright (C) 2007 Red Hat
|
|
+# see file 'COPYING' for use and warranty information
|
|
+#
|
|
+# policygentool is a tool for the initial generation of SELinux policy
|
|
+#
|
|
+# This program is free software; you can redistribute it and/or
|
|
+# modify it under the terms of the GNU General Public License as
|
|
+# published by the Free Software Foundation; either version 2 of
|
|
+# the License, or (at your option) any later version.
|
|
+#
|
|
+# This program is distributed in the hope that it will be useful,
|
|
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
+# GNU General Public License for more details.
|
|
+#
|
|
+# You should have received a copy of the GNU General Public License
|
|
+# along with this program; if not, write to the Free Software
|
|
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
|
|
+# 02111-1307 USA
|
|
+#
|
|
+#
|
|
+########################### var_run Template File #############################
|
|
+
|
|
+te_types="""
|
|
+type TEMPLATETYPE_var_run_t;
|
|
+files_pid_file(TEMPLATETYPE_var_run_t)
|
|
+"""
|
|
+
|
|
+te_rules="""
|
|
+allow TEMPLATETYPE_t TEMPLATETYPE_var_run_t:file manage_file_perms;
|
|
+allow TEMPLATETYPE_t TEMPLATETYPE_var_run_t:dir manage_dir_perms;
|
|
+files_pid_filetrans(TEMPLATETYPE_t,TEMPLATETYPE_var_run_t, { file dir })
|
|
+"""
|
|
+
|
|
+te_stream_rules="""
|
|
+allow TEMPLATETYPE_t TEMPLATETYPE_var_run_t:sock_file manage_file_perms;
|
|
+files_pid_filetrans(TEMPLATETYPE_t,TEMPLATETYPE_var_run_t, sock_file)
|
|
+"""
|
|
+
|
|
+if_rules="""
|
|
+########################################
|
|
+## <summary>
|
|
+## Read TEMPLATETYPE PID files.
|
|
+## </summary>
|
|
+## <param name="domain">
|
|
+## <summary>
|
|
+## Domain allowed access.
|
|
+## </summary>
|
|
+## </param>
|
|
+#
|
|
+interface(`TEMPLATETYPE_read_pid_files',`
|
|
+ gen_require(`
|
|
+ type TEMPLATETYPE_var_run_t;
|
|
+ ')
|
|
+
|
|
+ files_search_pids($1)
|
|
+ allow $1 TEMPLATETYPE_var_run_t:file r_file_perms;
|
|
+')
|
|
+
|
|
+"""
|
|
+
|
|
+if_stream_rules="""\
|
|
+########################################
|
|
+## <summary>
|
|
+## Connect to TEMPLATETYPE over an unix stream socket.
|
|
+## </summary>
|
|
+## <param name="domain">
|
|
+## <summary>
|
|
+## Domain allowed access.
|
|
+## </summary>
|
|
+## </param>
|
|
+#
|
|
+interface(`TEMPLATETYPE_stream_connect',`
|
|
+ gen_require(`
|
|
+ type TEMPLATETYPE_t, TEMPLATETYPE_var_run_t;
|
|
+ ')
|
|
+
|
|
+ files_search_pids($1)
|
|
+ allow $1 TEMPLATETYPE_var_run_t:sock_file write;
|
|
+ allow $1 TEMPLATETYPE_t:unix_stream_socket connectto;
|
|
+')
|
|
+"""
|
|
+
|
|
+fc_file="""\
|
|
+FILENAME -- gen_context(system_u:object_r:TEMPLATETYPE_var_run_t,s0)
|
|
+"""
|
|
+
|
|
+fc_sock_file="""\
|
|
+FILENAME -s gen_context(system_u:object_r:TEMPLATETYPE_var_run_t,s0)
|
|
+"""
|
|
+
|
|
+fc_dir="""\
|
|
+FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_var_run_t,s0)
|
|
+"""
|
|
+
|
|
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_spool.py policycoreutils-2.0.10/gui/templates/var_spool.py
|
|
--- nsapolicycoreutils/gui/templates/var_spool.py 1969-12-31 19:00:00.000000000 -0500
|
|
+++ policycoreutils-2.0.10/gui/templates/var_spool.py 2007-04-24 14:43:23.000000000 -0400
|
|
@@ -0,0 +1,105 @@
|
|
+# Copyright (C) 2007 Red Hat
|
|
+# see file 'COPYING' for use and warranty information
|
|
+#
|
|
+# policygentool is a tool for the initial generation of SELinux policy
|
|
+#
|
|
+# This program is free software; you can redistribute it and/or
|
|
+# modify it under the terms of the GNU General Public License as
|
|
+# published by the Free Software Foundation; either version 2 of
|
|
+# the License, or (at your option) any later version.
|
|
+#
|
|
+# This program is distributed in the hope that it will be useful,
|
|
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
+# GNU General Public License for more details.
|
|
+#
|
|
+# You should have received a copy of the GNU General Public License
|
|
+# along with this program; if not, write to the Free Software
|
|
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
|
|
+# 02111-1307 USA
|
|
+#
|
|
+#
|
|
+########################### var_spool Template File #############################
|
|
+
|
|
+########################### Type Enforcement File #############################
|
|
+te_types="""
|
|
+type TEMPLATETYPE_spool_t;
|
|
+files_type(TEMPLATETYPE_spool_t)
|
|
+"""
|
|
+te_rules="""
|
|
+allow TEMPLATETYPE_t TEMPLATETYPE_spool_t:dir manage_dir_perms;
|
|
+allow TEMPLATETYPE_t TEMPLATETYPE_spool_t:file manage_file_perms;
|
|
+allow TEMPLATETYPE_t TEMPLATETYPE_spool_t:sock_file create_file_perms;
|
|
+files_spool_filetrans(TEMPLATETYPE_t,TEMPLATETYPE_spool_t, { file dir sock_file })
|
|
+"""
|
|
+
|
|
+########################### Interface File #############################
|
|
+if_rules="""
|
|
+########################################
|
|
+## <summary>
|
|
+## Search TEMPLATETYPE spool directories.
|
|
+## </summary>
|
|
+## <param name="domain">
|
|
+## <summary>
|
|
+## Domain allowed access.
|
|
+## </summary>
|
|
+## </param>
|
|
+#
|
|
+interface(`TEMPLATETYPE_search_spool',`
|
|
+ gen_require(`
|
|
+ type TEMPLATETYPE_spool_t;
|
|
+ ')
|
|
+
|
|
+ allow $1 TEMPLATETYPE_spool_t:dir search_dir_perms;
|
|
+ files_search_spool($1)
|
|
+')
|
|
+
|
|
+########################################
|
|
+## <summary>
|
|
+## Read TEMPLATETYPE spool files.
|
|
+## </summary>
|
|
+## <param name="domain">
|
|
+## <summary>
|
|
+## Domain allowed access.
|
|
+## </summary>
|
|
+## </param>
|
|
+#
|
|
+interface(`TEMPLATETYPE_read_spool_files',`
|
|
+ gen_require(`
|
|
+ type TEMPLATETYPE_spool_t;
|
|
+ ')
|
|
+
|
|
+ allow $1 TEMPLATETYPE_spool_t:file r_file_perms;
|
|
+ allow $1 TEMPLATETYPE_spool_t:dir list_dir_perms;
|
|
+ files_search_spool($1)
|
|
+')
|
|
+
|
|
+########################################
|
|
+## <summary>
|
|
+## Create, read, write, and delete
|
|
+## TEMPLATETYPE spool files.
|
|
+## </summary>
|
|
+## <param name="domain">
|
|
+## <summary>
|
|
+## Domain allowed access.
|
|
+## </summary>
|
|
+## </param>
|
|
+#
|
|
+interface(`TEMPLATETYPE_manage_spool_files',`
|
|
+ gen_require(`
|
|
+ type TEMPLATETYPE_spool_t;
|
|
+ ')
|
|
+
|
|
+ allow $1 TEMPLATETYPE_spool_t:file manage_file_perms;
|
|
+ allow $1 TEMPLATETYPE_spool_t:dir rw_dir_perms;
|
|
+ files_search_spool($1)
|
|
+')
|
|
+"""
|
|
+########################### File Context ##################################
|
|
+fc_file="""\
|
|
+FILENAME -- gen_context(system_u:object_r:TEMPLATETYPE_spool_t,s0)
|
|
+"""
|
|
+
|
|
+fc_dir="""\
|
|
+FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_spool_t,s0)
|
|
+"""
|
|
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/translationsPage.py policycoreutils-2.0.10/gui/translationsPage.py
|
|
--- nsapolicycoreutils/gui/translationsPage.py 1969-12-31 19:00:00.000000000 -0500
|
|
+++ policycoreutils-2.0.10/gui/translationsPage.py 2007-04-24 14:43:23.000000000 -0400
|
|
@@ -0,0 +1,111 @@
|
|
+## translationsPage.py - show selinux translations
|
|
+## Copyright (C) 2006 Red Hat, Inc.
|
|
+
|
|
+## This program is free software; you can redistribute it and/or modify
|
|
+## it under the terms of the GNU General Public License as published by
|
|
+## the Free Software Foundation; either version 2 of the License, or
|
|
+## (at your option) any later version.
|
|
+
|
|
+## This program is distributed in the hope that it will be useful,
|
|
+## but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
+## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
+## GNU General Public License for more details.
|
|
+
|
|
+## You should have received a copy of the GNU General Public License
|
|
+## along with this program; if not, write to the Free Software
|
|
+## Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
|
|
+
|
|
+## Author: Dan Walsh
|
|
+import string
|
|
+import gtk
|
|
+import gtk.glade
|
|
+import os
|
|
+import libxml2
|
|
+import gobject
|
|
+import sys
|
|
+import seobject
|
|
+from semanagePage import *;
|
|
+
|
|
+##
|
|
+## I18N
|
|
+##
|
|
+PROGNAME="policycoreutils"
|
|
+import gettext
|
|
+gettext.bindtextdomain(PROGNAME, "/usr/share/locale")
|
|
+gettext.textdomain(PROGNAME)
|
|
+try:
|
|
+ gettext.install(PROGNAME, localedir="/usr/share/locale", unicode=1)
|
|
+except IOError:
|
|
+ import __builtin__
|
|
+ __builtin__.__dict__['_'] = unicode
|
|
+
|
|
+class translationsPage(semanagePage):
|
|
+ def __init__(self, xml):
|
|
+ self.firstTime = False
|
|
+ semanagePage.__init__(self, xml, "translations", _("Translation"))
|
|
+ self.store = gtk.ListStore(gobject.TYPE_STRING, gobject.TYPE_STRING)
|
|
+ self.view.set_model(self.store)
|
|
+ self.store.set_sort_column_id(0, gtk.SORT_ASCENDING)
|
|
+ col = gtk.TreeViewColumn(_("Sensitvity Level"), gtk.CellRendererText(), text = 0)
|
|
+ col.set_sort_column_id(0)
|
|
+ col.set_sizing(gtk.TREE_VIEW_COLUMN_FIXED)
|
|
+ col.set_resizable(True)
|
|
+ col.set_fixed_width(250)
|
|
+ self.view.append_column(col)
|
|
+ col = gtk.TreeViewColumn(_("Translation"), gtk.CellRendererText(), text = 1)
|
|
+ col.set_sort_column_id(1)
|
|
+ col.set_resizable(True)
|
|
+ self.view.append_column(col)
|
|
+
|
|
+ self.load()
|
|
+ self.translationsLevelEntry = xml.get_widget("translationsLevelEntry")
|
|
+ self.translationsEntry = xml.get_widget("translationsEntry")
|
|
+
|
|
+ def load(self):
|
|
+ self.translation = seobject.setransRecords()
|
|
+ dict = self.translation.get_all()
|
|
+ keys = dict.keys()
|
|
+ keys.sort()
|
|
+ self.store.clear()
|
|
+ for k in keys:
|
|
+ iter = self.store.append()
|
|
+ self.store.set_value(iter, 0, k)
|
|
+ self.store.set_value(iter, 1, dict[k])
|
|
+ self.view.get_selection().select_path ((0,))
|
|
+
|
|
+ def dialogInit(self):
|
|
+ store, iter = self.view.get_selection().get_selected()
|
|
+ self.translationsLevelEntry.set_text(store.get_value(iter, 0))
|
|
+ self.translationsLevelEntry.set_sensitive(False)
|
|
+ self.translationsEntry.set_text(store.get_value(iter, 1))
|
|
+
|
|
+ def dialogClear(self):
|
|
+ self.translationsLevelEntry.set_text("")
|
|
+ self.translationsLevelEntry.set_sensitive(True)
|
|
+ self.translationsEntry.set_text("")
|
|
+
|
|
+ def delete(self):
|
|
+ store, iter = self.view.get_selection().get_selected()
|
|
+ try:
|
|
+ level = store.get_value(iter, 0)
|
|
+ self.translation.delete(level)
|
|
+ store.remove(iter)
|
|
+ self.view.get_selection().select_path ((0,))
|
|
+ except ValueError, e:
|
|
+ self.error(e.args[0])
|
|
+
|
|
+ def add(self):
|
|
+ level = self.translationsLevelEntry.get_text().strip()
|
|
+ translation = self.translationsEntry.get_text().strip()
|
|
+ self.translation.add(level, translation)
|
|
+ iter = self.store.append()
|
|
+ self.store.set_value(iter, 0, level)
|
|
+ self.store.set_value(iter, 1, translation)
|
|
+
|
|
+ def modify(self):
|
|
+ level = self.translationsLevelEntry.get_text().strip()
|
|
+ translation = self.translationsEntry.get_text().strip()
|
|
+ self.translation.modify(level, translation)
|
|
+ store, iter = self.view.get_selection().get_selected()
|
|
+ self.store.set_value(iter, 0, level)
|
|
+ self.store.set_value(iter, 1, translation)
|
|
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/usersPage.py policycoreutils-2.0.10/gui/usersPage.py
|
|
--- nsapolicycoreutils/gui/usersPage.py 1969-12-31 19:00:00.000000000 -0500
|
|
+++ policycoreutils-2.0.10/gui/usersPage.py 2007-04-24 14:43:23.000000000 -0400
|
|
@@ -0,0 +1,166 @@
|
|
+## usersPage.py - show selinux mappings
|
|
+## Copyright (C) 2006 Red Hat, Inc.
|
|
+
|
|
+## This program is free software; you can redistribute it and/or modify
|
|
+## it under the terms of the GNU General Public License as published by
|
|
+## the Free Software Foundation; either version 2 of the License, or
|
|
+## (at your option) any later version.
|
|
+
|
|
+## This program is distributed in the hope that it will be useful,
|
|
+## but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
+## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
+## GNU General Public License for more details.
|
|
+
|
|
+## You should have received a copy of the GNU General Public License
|
|
+## along with this program; if not, write to the Free Software
|
|
+## Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
|
|
+
|
|
+## Author: Dan Walsh
|
|
+import string
|
|
+import gtk
|
|
+import gtk.glade
|
|
+import os
|
|
+import libxml2
|
|
+import gobject
|
|
+import sys
|
|
+import commands
|
|
+import seobject
|
|
+from semanagePage import *;
|
|
+
|
|
+##
|
|
+## I18N
|
|
+##
|
|
+PROGNAME="policycoreutils"
|
|
+import gettext
|
|
+gettext.bindtextdomain(PROGNAME, "/usr/share/locale")
|
|
+gettext.textdomain(PROGNAME)
|
|
+try:
|
|
+ gettext.install(PROGNAME, localedir="/usr/share/locale", unicode=1)
|
|
+except IOError:
|
|
+ import __builtin__
|
|
+ __builtin__.__dict__['_'] = unicode
|
|
+
|
|
+class usersPage(semanagePage):
|
|
+ def __init__(self, xml):
|
|
+ semanagePage.__init__(self, xml, "users", "SELinux User")
|
|
+ self.store = gtk.ListStore(gobject.TYPE_STRING, gobject.TYPE_STRING, gobject.TYPE_STRING, gobject.TYPE_STRING, gobject.TYPE_STRING)
|
|
+ self.view.set_model(self.store)
|
|
+ self.store.set_sort_column_id(0, gtk.SORT_ASCENDING)
|
|
+
|
|
+ col = gtk.TreeViewColumn(_("SELinux\nUser"), gtk.CellRendererText(), text = 0)
|
|
+ col.set_sort_column_id(0)
|
|
+ col.set_resizable(True)
|
|
+ self.view.append_column(col)
|
|
+
|
|
+ col = gtk.TreeViewColumn(_("Labeling\nPrefix"), gtk.CellRendererText(), text = 1)
|
|
+ col.set_resizable(True)
|
|
+ self.view.append_column(col)
|
|
+ col = gtk.TreeViewColumn(_("MLS/\nMCS Level"), gtk.CellRendererText(), text = 2)
|
|
+ col.set_resizable(True)
|
|
+ self.view.append_column(col)
|
|
+ col = gtk.TreeViewColumn(_("MLS/\nMCS Range"), gtk.CellRendererText(), text = 3)
|
|
+ col.set_resizable(True)
|
|
+ self.view.append_column(col)
|
|
+
|
|
+ col = gtk.TreeViewColumn(_("SELinux Roles"), gtk.CellRendererText(), text = 4)
|
|
+ col.set_resizable(True)
|
|
+ self.view.append_column(col)
|
|
+
|
|
+ self.load()
|
|
+ self.selinuxUserEntry = xml.get_widget("selinuxUserEntry")
|
|
+ self.labelPrefixEntry = xml.get_widget("labelPrefixEntry")
|
|
+ self.mlsLevelEntry = xml.get_widget("mlsLevelEntry")
|
|
+ self.mlsRangeEntry = xml.get_widget("mlsRangeEntry")
|
|
+ self.selinuxRolesEntry = xml.get_widget("selinuxRolesEntry")
|
|
+
|
|
+ def load(self):
|
|
+ self.user = seobject.seluserRecords()
|
|
+ dict = self.user.get_all()
|
|
+ keys = dict.keys()
|
|
+ keys.sort()
|
|
+ self.store.clear()
|
|
+ for k in keys:
|
|
+ iter = self.store.append()
|
|
+ self.store.set_value(iter, 0, k)
|
|
+ self.store.set_value(iter, 1, dict[k][0])
|
|
+ self.store.set_value(iter, 2, seobject.translate(dict[k][1]))
|
|
+ self.store.set_value(iter, 3, seobject.translate(dict[k][2]))
|
|
+ self.store.set_value(iter, 4, dict[k][3])
|
|
+ self.view.get_selection().select_path ((0,))
|
|
+
|
|
+ def delete(self):
|
|
+ if semanagePage.delete(self) == gtk.RESPONSE_NO:
|
|
+ return None
|
|
+
|
|
+ def dialogInit(self):
|
|
+ store, iter = self.view.get_selection().get_selected()
|
|
+ self.selinuxUserEntry.set_text(store.get_value(iter, 0))
|
|
+ self.selinuxUserEntry.set_sensitive(False)
|
|
+ self.labelPrefixEntry.set_text(store.get_value(iter, 1))
|
|
+ self.mlsLevelEntry.set_text(store.get_value(iter, 2))
|
|
+ self.mlsRangeEntry.set_text(store.get_value(iter, 3))
|
|
+ self.selinuxRolesEntry.set_text(store.get_value(iter, 4))
|
|
+ protocol=store.get_value(iter, 2)
|
|
+
|
|
+ def dialogClear(self):
|
|
+ self.selinuxUserEntry.set_text("")
|
|
+ self.selinuxUserEntry.set_sensitive(True)
|
|
+ self.labelPrefixEntry.set_text("")
|
|
+ self.mlsLevelEntry.set_text("s0")
|
|
+ self.mlsRangeEntry.set_text("s0")
|
|
+ self.selinuxRolesEntry.set_text("")
|
|
+
|
|
+ def add(self):
|
|
+ user = self.selinuxUserEntry.get_text()
|
|
+ prefix = self.labelPrefixEntry.get_text()
|
|
+ level = self.mlsLevelEntry.get_text()
|
|
+ range = self.mlsRangeEntry.get_text()
|
|
+ roles = self.selinuxRolesEntry.get_text()
|
|
+
|
|
+ (rc, out) = commands.getstatusoutput("semanage user -a -R '%s' -r %s-%s -P %s %s" % (roles, level, range, prefix, user))
|
|
+ if rc != 0:
|
|
+ self.error(out)
|
|
+ return False
|
|
+ iter = self.store.append()
|
|
+ self.store.set_value(iter, 0, user)
|
|
+ self.store.set_value(iter, 1, prefix)
|
|
+ self.store.set_value(iter, 2, level)
|
|
+ self.store.set_value(iter, 3, range)
|
|
+ self.store.set_value(iter, 4, roles)
|
|
+
|
|
+ def modify(self):
|
|
+ user = self.selinuxUserEntry.get_text()
|
|
+ prefix = self.labelPrefixEntry.get_text()
|
|
+ level = self.mlsLevelEntry.get_text()
|
|
+ range = self.mlsRangeEntry.get_text()
|
|
+ roles = self.selinuxRolesEntry.get_text()
|
|
+
|
|
+ (rc, out) = commands.getstatusoutput("semanage user -m -R '%s' -r %s-%s -P %s %s" % (roles, level, range, prefix, user))
|
|
+
|
|
+ if rc != 0:
|
|
+ self.error(out)
|
|
+ return False
|
|
+ store, iter = self.view.get_selection().get_selected()
|
|
+ iter = self.store.append()
|
|
+ self.store.set_value(iter, 0, user)
|
|
+ self.store.set_value(iter, 1, prefix)
|
|
+ self.store.set_value(iter, 2, level)
|
|
+ self.store.set_value(iter, 3, range)
|
|
+ self.store.set_value(iter, 4, roles)
|
|
+
|
|
+ def delete(self):
|
|
+ store, iter = self.view.get_selection().get_selected()
|
|
+ try:
|
|
+ user=store.get_value(iter, 0)
|
|
+ if user == "root" or user == "user_u":
|
|
+ raise ValueError(_("SELinux user '%s' is required") % user)
|
|
+
|
|
+ (rc, out) = commands.getstatusoutput("semanage user -d %s" % user)
|
|
+ if rc != 0:
|
|
+ self.error(out)
|
|
+ return False
|
|
+ store.remove(iter)
|
|
+ self.view.get_selection().select_path ((0,))
|
|
+ except ValueError, e:
|
|
+ self.error(e.args[0])
|
|
+
|