25ac073f85
- Additional checkboxes for application policy
11050 lines
431 KiB
Diff
11050 lines
431 KiB
Diff
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/booleansPage.py policycoreutils-2.0.27/gui/booleansPage.py
|
|
--- nsapolicycoreutils/gui/booleansPage.py 1969-12-31 19:00:00.000000000 -0500
|
|
+++ policycoreutils-2.0.27/gui/booleansPage.py 2007-10-01 17:22:52.000000000 -0400
|
|
@@ -0,0 +1,254 @@
|
|
+#
|
|
+# booleansPage.py - GUI for Booleans page in system-config-securitylevel
|
|
+#
|
|
+# Dan Walsh <dwalsh@redhat.com>
|
|
+#
|
|
+# Copyright 2006, 2007 Red Hat, Inc.
|
|
+#
|
|
+# This program is free software; you can redistribute it and/or modify
|
|
+# it under the terms of the GNU General Public License as published by
|
|
+# the Free Software Foundation; either version 2 of the License, or
|
|
+# (at your option) any later version.
|
|
+#
|
|
+# This program is distributed in the hope that it will be useful,
|
|
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
+# GNU General Public License for more details.
|
|
+#
|
|
+# You should have received a copy of the GNU General Public License
|
|
+# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
|
|
+#
|
|
+import string
|
|
+import gtk
|
|
+import gtk.glade
|
|
+import os
|
|
+import gobject
|
|
+import sys
|
|
+import tempfile
|
|
+import seobject
|
|
+
|
|
+INSTALLPATH='/usr/share/system-config-selinux'
|
|
+sys.path.append(INSTALLPATH)
|
|
+
|
|
+import commands
|
|
+ENFORCING=0
|
|
+PERMISSIVE=1
|
|
+DISABLED=2
|
|
+
|
|
+##
|
|
+## I18N
|
|
+##
|
|
+PROGNAME="system-config-selinux"
|
|
+
|
|
+import gettext
|
|
+gettext.bindtextdomain(PROGNAME, "/usr/share/locale")
|
|
+gettext.textdomain(PROGNAME)
|
|
+try:
|
|
+ gettext.install(PROGNAME,
|
|
+ localedir="/usr/share/locale",
|
|
+ unicode=False,
|
|
+ codeset = 'utf-8')
|
|
+except IOError:
|
|
+ import __builtin__
|
|
+ __builtin__.__dict__['_'] = unicode
|
|
+
|
|
+from glob import fnmatch
|
|
+
|
|
+class Translation:
|
|
+ def __init__(self):
|
|
+ self.translation={}
|
|
+ fd=open(INSTALLPATH + "/selinux.tbl","r")
|
|
+ lines=fd.readlines()
|
|
+ fd.close()
|
|
+ for i in lines:
|
|
+ try:
|
|
+ line=i.strip().split("_(\"")
|
|
+ key=line[0].strip()
|
|
+ category=line[1].split("\"")[0]
|
|
+ value=line[2].split("\"")[0]
|
|
+ self.translation[key]=(category,value)
|
|
+ except:
|
|
+ continue
|
|
+
|
|
+ def match(self,key, filter=""):
|
|
+ try:
|
|
+ f=filter.lower()
|
|
+ val=self.get_value(key).lower()
|
|
+ k=key.lower()
|
|
+ return val.find(f) >= 0 or k.find(f) >= 0
|
|
+ except:
|
|
+ return False
|
|
+
|
|
+ def get_category(self,key):
|
|
+ try:
|
|
+ return _(self.translation[key][0])
|
|
+ except:
|
|
+ #print key, "missing translation"
|
|
+ return _("Other")
|
|
+
|
|
+ def get_value(self,key):
|
|
+ try:
|
|
+ return _(self.translation[key][1])
|
|
+ except:
|
|
+ return key
|
|
+
|
|
+class Modifier:
|
|
+ def __init__(self,name, on, save):
|
|
+ self.on=on
|
|
+ self.name=name
|
|
+ self.save=save
|
|
+
|
|
+ def set(self,value):
|
|
+ self.on=value
|
|
+ self.save=True
|
|
+
|
|
+ def isOn(self):
|
|
+ return self.on
|
|
+
|
|
+class Boolean(Modifier):
|
|
+ def __init__(self,name, val, save=False):
|
|
+ Modifier.__init__(self,name, val, save)
|
|
+
|
|
+class Modifiers:
|
|
+ def __init__(self,store):
|
|
+ self.modifiers={}
|
|
+ self.translation=Translation()
|
|
+ self.store=store
|
|
+ self.store.clear()
|
|
+
|
|
+ def add(self,name,val):
|
|
+ if name == "targeted_policy":
|
|
+ return
|
|
+ category=self.translation.get_category(name)
|
|
+ if not self.modifiers.has_key(category):
|
|
+ self.modifiers[category]={}
|
|
+ iter=self.store.append(None)
|
|
+ self.modifiers[category]["iter"] = iter
|
|
+ self.store.set_value(iter, 1, category)
|
|
+ self.store.set_value(iter, 3, False)
|
|
+
|
|
+ self.modifiers[category][name]=val;
|
|
+ iter=self.store.append(self.modifiers[category]["iter"])
|
|
+ self.store.set_value(iter, 0, val.isOn())
|
|
+ self.store.set_value(iter, 1, self.translation.get_value(name))
|
|
+ self.store.set_value(iter, 2, name)
|
|
+ self.store.set_value(iter, 3, True)
|
|
+
|
|
+ def set(self,name,val):
|
|
+ category=self.translation.get_category(name)
|
|
+ self.modifiers[category][name].set(val)
|
|
+
|
|
+ def isBoolean(self,name):
|
|
+ c=self.translation.get_category(name)
|
|
+ return isinstance(self.modifiers[c][name], Boolean)
|
|
+
|
|
+ def get_booleans(self):
|
|
+ booleans={}
|
|
+ for c in self.modifiers.keys():
|
|
+ for n in self.modifiers[c].keys():
|
|
+ if isinstance(self.modifiers[c][n], Boolean):
|
|
+ booleans[n]=self.modifiers[c][n]
|
|
+ return booleans
|
|
+
|
|
+class booleansPage:
|
|
+ def __init__(self, xml, doDebug=None):
|
|
+ self.xml = xml
|
|
+ self.local = False
|
|
+ self.types=[]
|
|
+ self.selinuxsupport = True
|
|
+ self.translation = Translation()
|
|
+ self.typechanged = False
|
|
+ self.doDebug = doDebug
|
|
+
|
|
+ # Bring in widgets from glade file.
|
|
+ self.typeHBox = xml.get_widget("typeHBox")
|
|
+ self.booleanSW = xml.get_widget("booleanSW")
|
|
+ self.booleansFilter = xml.get_widget("booleansFilter")
|
|
+ self.booleansFilter.connect("focus_out_event", self.filter_changed)
|
|
+ self.booleansFilter.connect("activate", self.filter_changed)
|
|
+
|
|
+ self.booleansView = xml.get_widget("booleansView")
|
|
+ self.typeLabel = xml.get_widget("typeLabel")
|
|
+ self.modifySeparator = xml.get_widget("modifySeparator")
|
|
+
|
|
+ self.revertButton = xml.get_widget("booleanRevertButton")
|
|
+ self.revertButton.set_sensitive(self.local)
|
|
+ listStore = gtk.ListStore(gobject.TYPE_STRING)
|
|
+ cell = gtk.CellRendererText()
|
|
+
|
|
+ self.booleansStore = gtk.TreeStore(gobject.TYPE_BOOLEAN, gobject.TYPE_STRING, gobject.TYPE_PYOBJECT, gobject.TYPE_BOOLEAN)
|
|
+ self.booleansStore.set_sort_column_id(1, gtk.SORT_ASCENDING)
|
|
+ self.booleansView.set_model(self.booleansStore)
|
|
+
|
|
+ checkbox = gtk.CellRendererToggle()
|
|
+ checkbox.connect("toggled", self.boolean_toggled)
|
|
+ col = gtk.TreeViewColumn('', checkbox, active = 0,visible=3)
|
|
+ col.set_fixed_width(20)
|
|
+ col.set_clickable(True)
|
|
+ self.booleansView.append_column(col)
|
|
+
|
|
+ col = gtk.TreeViewColumn("", gtk.CellRendererText(), text=1)
|
|
+ self.booleansView.append_column(col)
|
|
+ self.filter=""
|
|
+ self.load(self.filter)
|
|
+
|
|
+ def deleteDialog(self):
|
|
+ store, iter = self.booleansView.get_selection().get_selected()
|
|
+ boolean = store.get_value(iter, 2)
|
|
+ if boolean == None:
|
|
+ return
|
|
+ try:
|
|
+ (rc, out) = commands.getstatusoutput("semanage boolean -d %s" % boolean)
|
|
+
|
|
+ if rc != 0:
|
|
+ return self.error(out)
|
|
+ self.load(self.filter)
|
|
+ except ValueError, e:
|
|
+ self.error(e.args[0])
|
|
+
|
|
+ def filter_changed(self, *arg):
|
|
+ filter = arg[0].get_text()
|
|
+ if filter != self.filter:
|
|
+ self.load(filter)
|
|
+ self.filter=filter
|
|
+
|
|
+ def use_menus(self):
|
|
+ return False
|
|
+
|
|
+ def get_description(self):
|
|
+ return _("Boolean")
|
|
+
|
|
+ def load(self, filter=None):
|
|
+ self.modifiers=Modifiers(self.booleansStore)
|
|
+ booleans=seobject.booleanRecords()
|
|
+ booleansList=booleans.get_all(self.local)
|
|
+# booleansList=commands.getoutput("/usr/sbin/getsebool -a").split("\n")
|
|
+ for name in booleansList:
|
|
+ rec=booleansList[name]
|
|
+ if self.translation.match(name, filter):
|
|
+ self.modifiers.add(name,Boolean(name,rec[2] == 1))
|
|
+
|
|
+ def boolean_toggled(self, widget, row):
|
|
+ if len(row) == 1:
|
|
+ return
|
|
+ iter = self.booleansStore.get_iter(row)
|
|
+ val = self.booleansStore.get_value(iter, 0)
|
|
+ key = self.booleansStore.get_value(iter, 2)
|
|
+ self.booleansStore.set_value(iter, 0 , not val)
|
|
+ self.modifiers.set(key, not val)
|
|
+
|
|
+ setsebool="/usr/sbin/setsebool -P %s=%d" % (key, not val)
|
|
+ commands.getstatusoutput(setsebool)
|
|
+
|
|
+ def on_local_clicked(self, button):
|
|
+ self.local = not self.local
|
|
+ self.revertButton.set_sensitive(self.local)
|
|
+
|
|
+ if self.local:
|
|
+ button.set_label(_("all"))
|
|
+ else:
|
|
+ button.set_label(_("Customized"))
|
|
+
|
|
+ self.load(self.filter)
|
|
+ return True
|
|
+
|
|
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/fcontextPage.py policycoreutils-2.0.27/gui/fcontextPage.py
|
|
--- nsapolicycoreutils/gui/fcontextPage.py 1969-12-31 19:00:00.000000000 -0500
|
|
+++ policycoreutils-2.0.27/gui/fcontextPage.py 2007-09-27 11:20:32.000000000 -0400
|
|
@@ -0,0 +1,209 @@
|
|
+## fcontextPage.py - show selinux mappings
|
|
+## Copyright (C) 2006 Red Hat, Inc.
|
|
+
|
|
+## This program is free software; you can redistribute it and/or modify
|
|
+## it under the terms of the GNU General Public License as published by
|
|
+## the Free Software Foundation; either version 2 of the License, or
|
|
+## (at your option) any later version.
|
|
+
|
|
+## This program is distributed in the hope that it will be useful,
|
|
+## but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
+## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
+## GNU General Public License for more details.
|
|
+
|
|
+## You should have received a copy of the GNU General Public License
|
|
+## along with this program; if not, write to the Free Software
|
|
+## Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
|
|
+
|
|
+## Author: Dan Walsh
|
|
+import gtk
|
|
+import gtk.glade
|
|
+import os
|
|
+import gobject
|
|
+import seobject
|
|
+import commands
|
|
+from semanagePage import *;
|
|
+
|
|
+SPEC_COL = 0
|
|
+TYPE_COL = 1
|
|
+FTYPE_COL = 2
|
|
+
|
|
+class context:
|
|
+ def __init__(self, scontext):
|
|
+ self.scontext = scontext
|
|
+ con=scontext.split(":")
|
|
+ self.user = con[0]
|
|
+ self.role = con[1]
|
|
+ self.type = con[2]
|
|
+ if len(con) > 3:
|
|
+ self.mls = con[3]
|
|
+ else:
|
|
+ self.mls = "s0"
|
|
+
|
|
+ def __str__(self):
|
|
+ return self.scontext
|
|
+
|
|
+##
|
|
+## I18N
|
|
+##
|
|
+PROGNAME="system-config-selinux"
|
|
+
|
|
+import gettext
|
|
+gettext.bindtextdomain(PROGNAME, "/usr/share/locale")
|
|
+gettext.textdomain(PROGNAME)
|
|
+try:
|
|
+ gettext.install(PROGNAME,
|
|
+ localedir="/usr/share/locale",
|
|
+ unicode=False,
|
|
+ codeset = 'utf-8')
|
|
+except IOError:
|
|
+ import __builtin__
|
|
+ __builtin__.__dict__['_'] = unicode
|
|
+
|
|
+class fcontextPage(semanagePage):
|
|
+ def __init__(self, xml):
|
|
+ semanagePage.__init__(self, xml, "fcontext", _("File Labeling"))
|
|
+ self.fcontextFilter = xml.get_widget("fcontextFilterEntry")
|
|
+ self.fcontextFilter.connect("focus_out_event", self.filter_changed)
|
|
+ self.fcontextFilter.connect("activate", self.filter_changed)
|
|
+ self.view = xml.get_widget("fcontextView")
|
|
+ self.store = gtk.ListStore(gobject.TYPE_STRING, gobject.TYPE_STRING, gobject.TYPE_STRING)
|
|
+ self.view.set_model(self.store)
|
|
+# self.store.set_sort_column_id(0, gtk.SORT_ASCENDING)
|
|
+
|
|
+ col = gtk.TreeViewColumn(_("File\nSpecification"), gtk.CellRendererText(), text=SPEC_COL)
|
|
+ col.set_sizing(gtk.TREE_VIEW_COLUMN_FIXED)
|
|
+ col.set_fixed_width(250)
|
|
+
|
|
+ col.set_sort_column_id(SPEC_COL)
|
|
+ col.set_resizable(True)
|
|
+ self.view.append_column(col)
|
|
+ col = gtk.TreeViewColumn(_("Selinux\nFile Context"), gtk.CellRendererText(), text=TYPE_COL)
|
|
+
|
|
+ col.set_sizing(gtk.TREE_VIEW_COLUMN_FIXED)
|
|
+ col.set_fixed_width(250)
|
|
+ col.set_sort_column_id(TYPE_COL)
|
|
+ col.set_resizable(True)
|
|
+ self.view.append_column(col)
|
|
+ col = gtk.TreeViewColumn(_("File\nType"), gtk.CellRendererText(), text=2)
|
|
+ col.set_sort_column_id(FTYPE_COL)
|
|
+ col.set_resizable(True)
|
|
+ self.view.append_column(col)
|
|
+ self.load()
|
|
+ self.fcontextEntry = xml.get_widget("fcontextEntry")
|
|
+ self.fcontextFileTypeCombo = xml.get_widget("fcontextFileTypeCombo")
|
|
+ liststore=self.fcontextFileTypeCombo.get_model()
|
|
+ for k in seobject.file_types:
|
|
+ if len(k) > 0 and k[0] != '-':
|
|
+ iter=liststore.append()
|
|
+ liststore.set_value(iter, 0, k)
|
|
+ iter = liststore.get_iter_first()
|
|
+ self.fcontextFileTypeCombo.set_active_iter(iter)
|
|
+ self.fcontextTypeEntry = xml.get_widget("fcontextTypeEntry")
|
|
+ self.fcontextMLSEntry = xml.get_widget("fcontextMLSEntry")
|
|
+
|
|
+ def match(self, fcon, filter):
|
|
+ try:
|
|
+ f=filter.lower()
|
|
+ for con in fcon:
|
|
+ k=con.lower()
|
|
+ if k.find(f) >= 0:
|
|
+ return True
|
|
+ except:
|
|
+ pass
|
|
+ return False
|
|
+
|
|
+ def load(self, filter=""):
|
|
+ self.filter=filter
|
|
+ self.fcontext=seobject.fcontextRecords()
|
|
+ fcon_list=self.fcontext.get_all(self.local)
|
|
+ self.store.clear()
|
|
+ for fcon in fcon_list:
|
|
+ if not self.match(fcon, filter):
|
|
+ continue
|
|
+ iter=self.store.append()
|
|
+ self.store.set_value(iter, SPEC_COL, fcon[0])
|
|
+ self.store.set_value(iter, FTYPE_COL, fcon[1])
|
|
+ if len(fcon) > 3:
|
|
+ rec="%s:%s:%s:%s " % (fcon[2], fcon[3],fcon[4], seobject.translate(fcon[5],False))
|
|
+ else:
|
|
+ rec="<<None>>"
|
|
+ self.store.set_value(iter, 1, rec)
|
|
+ self.view.get_selection().select_path ((0,))
|
|
+
|
|
+ def filter_changed(self, *arg):
|
|
+ filter = arg[0].get_text()
|
|
+ if filter != self.filter:
|
|
+ self.load(filter)
|
|
+
|
|
+ def dialogInit(self):
|
|
+ store, iter = self.view.get_selection().get_selected()
|
|
+ self.fcontextEntry.set_text(store.get_value(iter, SPEC_COL))
|
|
+ self.fcontextEntry.set_sensitive(False)
|
|
+ scontext = store.get_value(iter, TYPE_COL)
|
|
+ scon=context(scontext)
|
|
+ self.fcontextTypeEntry.set_text(scon.type)
|
|
+ self.fcontextMLSEntry.set_text(scon.mls)
|
|
+ type=store.get_value(iter, FTYPE_COL)
|
|
+ liststore=self.fcontextFileTypeCombo.get_model()
|
|
+ iter = liststore.get_iter_first()
|
|
+ while iter != None and liststore.get_value(iter,0) != type:
|
|
+ iter = liststore.iter_next(iter)
|
|
+ if iter != None:
|
|
+ self.fcontextFileTypeCombo.set_active_iter(iter)
|
|
+ self.fcontextFileTypeCombo.set_sensitive(False)
|
|
+
|
|
+ def dialogClear(self):
|
|
+ self.fcontextEntry.set_text("")
|
|
+ self.fcontextEntry.set_sensitive(True)
|
|
+ self.fcontextFileTypeCombo.set_sensitive(True)
|
|
+ self.fcontextTypeEntry.set_text("")
|
|
+ self.fcontextMLSEntry.set_text("s0")
|
|
+
|
|
+ def delete(self):
|
|
+ store, iter = self.view.get_selection().get_selected()
|
|
+ try:
|
|
+ fspec=store.get_value(iter, SPEC_COL)
|
|
+ ftype=store.get_value(iter, FTYPE_COL)
|
|
+ (rc, out) = commands.getstatusoutput("semanage fcontext -d -f '%s' %s" % (ftype, fspec))
|
|
+
|
|
+ if rc != 0:
|
|
+ return self.error(out)
|
|
+ store.remove(iter)
|
|
+ self.view.get_selection().select_path ((0,))
|
|
+ except ValueError, e:
|
|
+ self.error(e.args[0])
|
|
+
|
|
+ def add(self):
|
|
+ fspec=self.fcontextEntry.get_text().strip()
|
|
+ type=self.fcontextTypeEntry.get_text().strip()
|
|
+ mls=self.fcontextMLSEntry.get_text().strip()
|
|
+ list_model=self.fcontextFileTypeCombo.get_model()
|
|
+ iter = self.fcontextFileTypeCombo.get_active_iter()
|
|
+ ftype=list_model.get_value(iter,0)
|
|
+ (rc, out) = commands.getstatusoutput("semanage fcontext -a -t %s -r %s -f '%s' %s" % (type, mls, ftype, fspec))
|
|
+ if rc != 0:
|
|
+ self.error(out)
|
|
+ return False
|
|
+
|
|
+ iter=self.store.append()
|
|
+ self.store.set_value(iter, SPEC_COL, fspec)
|
|
+ self.store.set_value(iter, FTYPE_COL, ftype)
|
|
+ self.store.set_value(iter, TYPE_COL, "system_u:object_r:%s:%s" % (type, mls))
|
|
+
|
|
+ def modify(self):
|
|
+ fspec=self.fcontextEntry.get_text().strip()
|
|
+ type=self.fcontextTypeEntry.get_text().strip()
|
|
+ mls=self.fcontextMLSEntry.get_text().strip()
|
|
+ list_model=self.fcontextFileTypeCombo.get_model()
|
|
+ iter = self.fcontextFileTypeCombo.get_active_iter()
|
|
+ ftype=list_model.get_value(iter,0)
|
|
+ (rc, out) = commands.getstatusoutput("semanage fcontext -m -t %s -r %s -f '%s' %s" % (type, mls, ftype, fspec))
|
|
+ if rc != 0:
|
|
+ self.error(out)
|
|
+ return False
|
|
+
|
|
+ store, iter = self.view.get_selection().get_selected()
|
|
+ self.store.set_value(iter, SPEC_COL, fspec)
|
|
+ self.store.set_value(iter, FTYPE_COL, ftype)
|
|
+ self.store.set_value(iter, TYPE_COL, "system_u:object_r:%s:%s" % (type, mls))
|
|
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/loginsPage.py policycoreutils-2.0.27/gui/loginsPage.py
|
|
--- nsapolicycoreutils/gui/loginsPage.py 1969-12-31 19:00:00.000000000 -0500
|
|
+++ policycoreutils-2.0.27/gui/loginsPage.py 2007-09-27 11:20:32.000000000 -0400
|
|
@@ -0,0 +1,179 @@
|
|
+## loginsPage.py - show selinux mappings
|
|
+## Copyright (C) 2006 Red Hat, Inc.
|
|
+
|
|
+## This program is free software; you can redistribute it and/or modify
|
|
+## it under the terms of the GNU General Public License as published by
|
|
+## the Free Software Foundation; either version 2 of the License, or
|
|
+## (at your option) any later version.
|
|
+
|
|
+## This program is distributed in the hope that it will be useful,
|
|
+## but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
+## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
+## GNU General Public License for more details.
|
|
+
|
|
+## You should have received a copy of the GNU General Public License
|
|
+## along with this program; if not, write to the Free Software
|
|
+## Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
|
|
+
|
|
+## Author: Dan Walsh
|
|
+import string
|
|
+import gtk
|
|
+import gtk.glade
|
|
+import os
|
|
+import gobject
|
|
+import sys
|
|
+import commands
|
|
+import seobject
|
|
+from semanagePage import *;
|
|
+
|
|
+##
|
|
+## I18N
|
|
+##
|
|
+PROGNAME="policycoreutils"
|
|
+import gettext
|
|
+gettext.bindtextdomain(PROGNAME, "/usr/share/locale")
|
|
+gettext.textdomain(PROGNAME)
|
|
+try:
|
|
+ gettext.install(PROGNAME,
|
|
+ localedir="/usr/share/locale",
|
|
+ unicode=False,
|
|
+ codeset = 'utf-8')
|
|
+except IOError:
|
|
+ import __builtin__
|
|
+ __builtin__.__dict__['_'] = unicode
|
|
+
|
|
+class loginsPage(semanagePage):
|
|
+ def __init__(self, xml):
|
|
+ self.firstTime = False
|
|
+ semanagePage.__init__(self, xml, "logins", _("User Mapping"))
|
|
+ self.store = gtk.ListStore(gobject.TYPE_STRING, gobject.TYPE_STRING, gobject.TYPE_STRING)
|
|
+ self.view.set_model(self.store)
|
|
+ self.store.set_sort_column_id(0, gtk.SORT_ASCENDING)
|
|
+ col = gtk.TreeViewColumn(_("Login\nName"), gtk.CellRendererText(), text = 0)
|
|
+ col.set_sort_column_id(0)
|
|
+ col.set_resizable(True)
|
|
+ self.view.append_column(col)
|
|
+ col = gtk.TreeViewColumn(_("SELinux\nUser"), gtk.CellRendererText(), text = 1)
|
|
+ col.set_resizable(True)
|
|
+ self.view.append_column(col)
|
|
+ col = gtk.TreeViewColumn(_("MLS/\nMCS Range"), gtk.CellRendererText(), text = 2)
|
|
+ col.set_resizable(True)
|
|
+ self.view.append_column(col)
|
|
+ self.load()
|
|
+ self.loginsNameEntry = xml.get_widget("loginsNameEntry")
|
|
+ self.loginsSelinuxUserCombo = xml.get_widget("loginsSelinuxUserCombo")
|
|
+ self.loginsMLSEntry = xml.get_widget("loginsMLSEntry")
|
|
+
|
|
+ def load(self, filter = ""):
|
|
+ self.filter=filter
|
|
+ self.login = seobject.loginRecords()
|
|
+ dict = self.login.get_all(0)
|
|
+ keys = dict.keys()
|
|
+ keys.sort()
|
|
+ self.store.clear()
|
|
+ for k in keys:
|
|
+ range = seobject.translate(dict[k][1])
|
|
+ if not (self.match(k, filter) or self.match(dict[k][0], filter) or self.match(range, filter)):
|
|
+ continue
|
|
+ iter = self.store.append()
|
|
+ self.store.set_value(iter, 0, k)
|
|
+ self.store.set_value(iter, 1, dict[k][0])
|
|
+ self.store.set_value(iter, 2, range)
|
|
+ self.view.get_selection().select_path ((0,))
|
|
+
|
|
+ def __dialogSetup(self):
|
|
+ if self.firstTime == True:
|
|
+ return
|
|
+ self.firstTime = True
|
|
+ liststore = gtk.ListStore(gobject.TYPE_STRING)
|
|
+ self.loginsSelinuxUserCombo.set_model(liststore)
|
|
+ cell = gtk.CellRendererText()
|
|
+ self.loginsSelinuxUserCombo.pack_start(cell, True)
|
|
+ self.loginsSelinuxUserCombo.add_attribute(cell, 'text', 0)
|
|
+
|
|
+ selusers = seobject.seluserRecords().get_all(0)
|
|
+ keys = selusers.keys()
|
|
+ keys.sort()
|
|
+ for k in keys:
|
|
+ if k != "system_u":
|
|
+ self.loginsSelinuxUserCombo.append_text(k)
|
|
+
|
|
+ iter = liststore.get_iter_first()
|
|
+ while liststore.get_value(iter,0) != "user_u":
|
|
+ iter = liststore.iter_next(iter)
|
|
+ self.loginsSelinuxUserCombo.set_active_iter(iter)
|
|
+
|
|
+ def dialogInit(self):
|
|
+ self.__dialogSetup()
|
|
+ store, iter = self.view.get_selection().get_selected()
|
|
+ self.loginsNameEntry.set_text(store.get_value(iter, 0))
|
|
+ self.loginsNameEntry.set_sensitive(False)
|
|
+
|
|
+ self.loginsMLSEntry.set_text(store.get_value(iter, 2))
|
|
+ seuser = store.get_value(iter, 1)
|
|
+ liststore = self.loginsSelinuxUserCombo.get_model()
|
|
+ iter = liststore.get_iter_first()
|
|
+ while iter != None and liststore.get_value(iter,0) != seuser:
|
|
+ iter = liststore.iter_next(iter)
|
|
+ if iter != None:
|
|
+ self.loginsSelinuxUserCombo.set_active_iter(iter)
|
|
+
|
|
+
|
|
+ def dialogClear(self):
|
|
+ self.__dialogSetup()
|
|
+ self.loginsNameEntry.set_text("")
|
|
+ self.loginsNameEntry.set_sensitive(True)
|
|
+ self.loginsMLSEntry.set_text("s0")
|
|
+
|
|
+ def delete(self):
|
|
+ store, iter = self.view.get_selection().get_selected()
|
|
+ try:
|
|
+ login=store.get_value(iter, 0)
|
|
+ if login == "root" or login == "__default__":
|
|
+ raise ValueError(_("Login '%s' is required") % login)
|
|
+
|
|
+ (rc, out) = commands.getstatusoutput("semanage login -d %s" % login)
|
|
+ if rc != 0:
|
|
+ self.error(out)
|
|
+ return False
|
|
+ store.remove(iter)
|
|
+ self.view.get_selection().select_path ((0,))
|
|
+ except ValueError, e:
|
|
+ self.error(e.args[0])
|
|
+
|
|
+ def add(self):
|
|
+ target=self.loginsNameEntry.get_text().strip()
|
|
+ serange=self.loginsMLSEntry.get_text().strip()
|
|
+ if serange == "":
|
|
+ serange="s0"
|
|
+ list_model=self.loginsSelinuxUserCombo.get_model()
|
|
+ iter = self.loginsSelinuxUserCombo.get_active_iter()
|
|
+ seuser = list_model.get_value(iter,0)
|
|
+ (rc, out) = commands.getstatusoutput("semanage login -a -s %s -r %s %s" % (seuser, serange, target))
|
|
+ if rc != 0:
|
|
+ self.error(out)
|
|
+ return False
|
|
+
|
|
+ iter = self.store.append()
|
|
+ self.store.set_value(iter, 0, target)
|
|
+ self.store.set_value(iter, 1, seuser)
|
|
+ self.store.set_value(iter, 2, seobject.translate(serange))
|
|
+
|
|
+ def modify(self):
|
|
+ target=self.loginsNameEntry.get_text().strip()
|
|
+ serange=self.loginsMLSEntry.get_text().strip()
|
|
+ if serange == "":
|
|
+ serange = "s0"
|
|
+ list_model = self.loginsSelinuxUserCombo.get_model()
|
|
+ iter = self.loginsSelinuxUserCombo.get_active_iter()
|
|
+ seuser=list_model.get_value(iter,0)
|
|
+ (rc, out) = commands.getstatusoutput("semanage login -m -s %s -r %s %s" % (seuser, serange, target))
|
|
+ if rc != 0:
|
|
+ self.error(out)
|
|
+ return False
|
|
+
|
|
+ store, iter = self.view.get_selection().get_selected()
|
|
+ self.store.set_value(iter, 0, target)
|
|
+ self.store.set_value(iter, 1, seuser)
|
|
+ self.store.set_value(iter, 2, seobject.translate(serange))
|
|
+
|
|
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/Makefile policycoreutils-2.0.27/gui/Makefile
|
|
--- nsapolicycoreutils/gui/Makefile 1969-12-31 19:00:00.000000000 -0500
|
|
+++ policycoreutils-2.0.27/gui/Makefile 2007-09-27 11:20:32.000000000 -0400
|
|
@@ -0,0 +1,34 @@
|
|
+# Installation directories.
|
|
+PREFIX ?= ${DESTDIR}/usr
|
|
+SHAREDIR ?= $(PREFIX)/share/system-config-selinux
|
|
+
|
|
+TARGETS= \
|
|
+booleansPage.py \
|
|
+fcontextPage.py \
|
|
+loginsPage.py \
|
|
+mappingsPage.py \
|
|
+modulesPage.py \
|
|
+polgen.py \
|
|
+polgen.glade \
|
|
+portsPage.py \
|
|
+semanagePage.py \
|
|
+statusPage.py \
|
|
+system-config-selinux.glade \
|
|
+translationsPage.py \
|
|
+usersPage.py \
|
|
+selinux.tbl
|
|
+
|
|
+all: $(TARGETS) system-config-selinux.py polgengui.py templates
|
|
+
|
|
+install: all
|
|
+ -mkdir -p $(SHAREDIR)/templates
|
|
+ install -m 755 system-config-selinux.py $(SHAREDIR)
|
|
+ install -m 755 polgengui.py $(SHAREDIR)
|
|
+ install -m 644 $(TARGETS) $(SHAREDIR)
|
|
+ install -m 644 templates/*.py $(SHAREDIR)/templates/
|
|
+
|
|
+clean:
|
|
+
|
|
+indent:
|
|
+
|
|
+relabel:
|
|
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/mappingsPage.py policycoreutils-2.0.27/gui/mappingsPage.py
|
|
--- nsapolicycoreutils/gui/mappingsPage.py 1969-12-31 19:00:00.000000000 -0500
|
|
+++ policycoreutils-2.0.27/gui/mappingsPage.py 2007-09-27 11:20:32.000000000 -0400
|
|
@@ -0,0 +1,56 @@
|
|
+## mappingsPage.py - show selinux mappings
|
|
+## Copyright (C) 2006 Red Hat, Inc.
|
|
+
|
|
+## This program is free software; you can redistribute it and/or modify
|
|
+## it under the terms of the GNU General Public License as published by
|
|
+## the Free Software Foundation; either version 2 of the License, or
|
|
+## (at your option) any later version.
|
|
+
|
|
+## This program is distributed in the hope that it will be useful,
|
|
+## but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
+## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
+## GNU General Public License for more details.
|
|
+
|
|
+## You should have received a copy of the GNU General Public License
|
|
+## along with this program; if not, write to the Free Software
|
|
+## Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
|
|
+
|
|
+## Author: Dan Walsh
|
|
+import string
|
|
+import gtk
|
|
+import gtk.glade
|
|
+import os
|
|
+import gobject
|
|
+import sys
|
|
+import seobject
|
|
+
|
|
+##
|
|
+## I18N
|
|
+##
|
|
+PROGNAME="policycoreutils"
|
|
+import gettext
|
|
+gettext.bindtextdomain(PROGNAME, "/usr/share/locale")
|
|
+gettext.textdomain(PROGNAME)
|
|
+try:
|
|
+ gettext.install(PROGNAME,
|
|
+ localedir="/usr/share/locale",
|
|
+ unicode=False,
|
|
+ codeset = 'utf-8')
|
|
+except IOError:
|
|
+ import __builtin__
|
|
+ __builtin__.__dict__['_'] = unicode
|
|
+
|
|
+class loginsPage:
|
|
+ def __init__(self, xml):
|
|
+ self.xml = xml
|
|
+ self.view = xml.get_widget("mappingsView")
|
|
+ self.store = gtk.ListStore(gobject.TYPE_STRING, gobject.TYPE_STRING, gobject.TYPE_STRING)
|
|
+ self.store.set_sort_column_id(0, gtk.SORT_ASCENDING)
|
|
+ self.view.set_model(self.store)
|
|
+ self.login = loginRecords()
|
|
+ dict = self.login.get_all(0)
|
|
+ keys = dict.keys()
|
|
+ keys.sort()
|
|
+ for k in keys:
|
|
+ print "%-25s %-25s %-25s" % (k, dict[k][0], translate(dict[k][1]))
|
|
+
|
|
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/modulesPage.py policycoreutils-2.0.27/gui/modulesPage.py
|
|
--- nsapolicycoreutils/gui/modulesPage.py 1969-12-31 19:00:00.000000000 -0500
|
|
+++ policycoreutils-2.0.27/gui/modulesPage.py 2007-09-27 11:20:32.000000000 -0400
|
|
@@ -0,0 +1,181 @@
|
|
+## modulesPage.py - show selinux mappings
|
|
+## Copyright (C) 2006 Red Hat, Inc.
|
|
+
|
|
+## This program is free software; you can redistribute it and/or modify
|
|
+## it under the terms of the GNU General Public License as published by
|
|
+## the Free Software Foundation; either version 2 of the License, or
|
|
+## (at your option) any later version.
|
|
+
|
|
+## This program is distributed in the hope that it will be useful,
|
|
+## but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
+## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
+## GNU General Public License for more details.
|
|
+
|
|
+## You should have received a copy of the GNU General Public License
|
|
+## along with this program; if not, write to the Free Software
|
|
+## Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
|
|
+
|
|
+## Author: Dan Walsh
|
|
+import string
|
|
+import gtk
|
|
+import gtk.glade
|
|
+import os
|
|
+import commands
|
|
+import gobject
|
|
+import sys
|
|
+import seobject
|
|
+import selinux
|
|
+from semanagePage import *;
|
|
+
|
|
+##
|
|
+## I18N
|
|
+##
|
|
+PROGNAME="policycoreutils"
|
|
+import gettext
|
|
+gettext.bindtextdomain(PROGNAME, "/usr/share/locale")
|
|
+gettext.textdomain(PROGNAME)
|
|
+try:
|
|
+ gettext.install(PROGNAME,
|
|
+ localedir="/usr/share/locale",
|
|
+ unicode=False,
|
|
+ codeset = 'utf-8')
|
|
+except IOError:
|
|
+ import __builtin__
|
|
+ __builtin__.__dict__['_'] = unicode
|
|
+
|
|
+class modulesPage(semanagePage):
|
|
+ def __init__(self, xml):
|
|
+ semanagePage.__init__(self, xml, "modules", _("Policy Module"))
|
|
+ self.module_filter = xml.get_widget("modulesFilterEntry")
|
|
+ self.module_filter.connect("focus_out_event", self.filter_changed)
|
|
+ self.module_filter.connect("activate", self.filter_changed)
|
|
+
|
|
+ self.store = gtk.ListStore(gobject.TYPE_STRING, gobject.TYPE_STRING)
|
|
+ self.view.set_model(self.store)
|
|
+ self.store.set_sort_column_id(0, gtk.SORT_ASCENDING)
|
|
+ col = gtk.TreeViewColumn(_("Module Name"), gtk.CellRendererText(), text = 0)
|
|
+ col.set_sort_column_id(0)
|
|
+ col.set_resizable(True)
|
|
+ self.view.append_column(col)
|
|
+ self.store.set_sort_column_id(0, gtk.SORT_ASCENDING)
|
|
+ col = gtk.TreeViewColumn(_("Version"), gtk.CellRendererText(), text = 1)
|
|
+ self.enable_audit_button = xml.get_widget("enableAuditButton")
|
|
+ self.enable_audit_button.connect("clicked", self.enable_audit)
|
|
+ self.disable_audit_button = xml.get_widget("disableAuditButton")
|
|
+ self.disable_audit_button.connect("clicked", self.disable_audit)
|
|
+ self.new_button = xml.get_widget("newModuleButton")
|
|
+ self.new_button.connect("clicked", self.new_module)
|
|
+ col.set_sort_column_id(1)
|
|
+ col.set_resizable(True)
|
|
+ self.view.append_column(col)
|
|
+ self.store.set_sort_func(1,self.sort_int, "")
|
|
+ status, self.policy_type = selinux.selinux_getpolicytype()
|
|
+
|
|
+ self.load()
|
|
+
|
|
+ def sort_int(self, treemodel, iter1, iter2, user_data):
|
|
+ try:
|
|
+ p1 = int(treemodel.get_value(iter1,1))
|
|
+ p2 = int(treemodel.get_value(iter1,1))
|
|
+ if p1 > p2:
|
|
+ return 1
|
|
+ if p1 == p2:
|
|
+ return 0
|
|
+ return -1
|
|
+ except:
|
|
+ return 0
|
|
+
|
|
+ def load(self, filter=""):
|
|
+ self.filter=filter
|
|
+ self.store.clear()
|
|
+ try:
|
|
+ fd=os.popen("semodule -l")
|
|
+ l = fd.readlines()
|
|
+ fd.close()
|
|
+ for i in l:
|
|
+ module, ver = i.split('\t')
|
|
+ if not (self.match(module, filter) or self.match(ver, filter)):
|
|
+ continue
|
|
+ iter = self.store.append()
|
|
+ self.store.set_value(iter, 0, module.strip())
|
|
+ self.store.set_value(iter, 1, ver.strip())
|
|
+ except:
|
|
+ pass
|
|
+ self.view.get_selection().select_path ((0,))
|
|
+
|
|
+
|
|
+ def new_module(self, args):
|
|
+ try:
|
|
+ os.spawnl(os.P_NOWAIT, "/usr/share/system-config-selinux/polgengui.py")
|
|
+ except ValueError, e:
|
|
+ self.error(e.args[0])
|
|
+
|
|
+ def delete(self):
|
|
+ store, iter = self.view.get_selection().get_selected()
|
|
+ module = store.get_value(iter, 0)
|
|
+ try:
|
|
+ status, output = commands.getstatusoutput("semodule -r %s" % module)
|
|
+ if status != 0:
|
|
+ self.error(output)
|
|
+ else:
|
|
+ store.remove(iter)
|
|
+ self.view.get_selection().select_path ((0,))
|
|
+
|
|
+ except ValueError, e:
|
|
+ self.error(e.args[0])
|
|
+
|
|
+ def enable_audit(self, button):
|
|
+ try:
|
|
+ status, output =commands.getstatusoutput("semodule -b /usr/share/selinux/%s/enableaudit.pp" % self.policy_type)
|
|
+ if status != 0:
|
|
+ self.error(output)
|
|
+
|
|
+ except ValueError, e:
|
|
+ self.error(e.args[0])
|
|
+
|
|
+ def disable_audit(self, button):
|
|
+ try:
|
|
+ status, output =commands.getstatusoutput("semodule -b /usr/share/selinux/%s/base.pp" % self.policy_type)
|
|
+ if status != 0:
|
|
+ self.error(output)
|
|
+
|
|
+ except ValueError, e:
|
|
+ self.error(e.args[0])
|
|
+
|
|
+ def propertiesDialog(self):
|
|
+ # Do nothing
|
|
+ return
|
|
+
|
|
+ def addDialog(self):
|
|
+ dialog = gtk.FileChooserDialog(_("Load Policy Module"),
|
|
+ None,
|
|
+ gtk.FILE_CHOOSER_ACTION_OPEN,
|
|
+ (gtk.STOCK_CANCEL, gtk.RESPONSE_CANCEL,
|
|
+ gtk.STOCK_OPEN, gtk.RESPONSE_OK))
|
|
+ dialog.set_default_response(gtk.RESPONSE_OK)
|
|
+
|
|
+ filter = gtk.FileFilter()
|
|
+ filter.set_name("Policy Files")
|
|
+ filter.add_pattern("*.pp")
|
|
+ dialog.add_filter(filter)
|
|
+
|
|
+ response = dialog.run()
|
|
+ if response == gtk.RESPONSE_OK:
|
|
+ self.add(dialog.get_filename())
|
|
+ dialog.destroy()
|
|
+
|
|
+ def add(self, file):
|
|
+ try:
|
|
+ status, output =commands.getstatusoutput("semodule -i %s" % file)
|
|
+ if status != 0:
|
|
+ self.error(output)
|
|
+ else:
|
|
+ self.load()
|
|
+
|
|
+ except ValueError, e:
|
|
+ self.error(e.args[0])
|
|
+
|
|
+
|
|
+
|
|
+
|
|
+
|
|
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.glade policycoreutils-2.0.27/gui/polgen.glade
|
|
--- nsapolicycoreutils/gui/polgen.glade 1969-12-31 19:00:00.000000000 -0500
|
|
+++ policycoreutils-2.0.27/gui/polgen.glade 2007-10-02 16:15:50.000000000 -0400
|
|
@@ -0,0 +1,2583 @@
|
|
+<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*-->
|
|
+<!DOCTYPE glade-interface SYSTEM "http://glade.gnome.org/glade-2.0.dtd">
|
|
+
|
|
+<glade-interface>
|
|
+<requires lib="gnome"/>
|
|
+
|
|
+<widget class="GtkFileChooserDialog" id="filechooserdialog">
|
|
+ <property name="border_width">5</property>
|
|
+ <property name="action">GTK_FILE_CHOOSER_ACTION_OPEN</property>
|
|
+ <property name="local_only">True</property>
|
|
+ <property name="select_multiple">True</property>
|
|
+ <property name="show_hidden">True</property>
|
|
+ <property name="do_overwrite_confirmation">False</property>
|
|
+ <property name="type">GTK_WINDOW_TOPLEVEL</property>
|
|
+ <property name="window_position">GTK_WIN_POS_MOUSE</property>
|
|
+ <property name="modal">False</property>
|
|
+ <property name="resizable">True</property>
|
|
+ <property name="destroy_with_parent">False</property>
|
|
+ <property name="decorated">True</property>
|
|
+ <property name="skip_taskbar_hint">False</property>
|
|
+ <property name="skip_pager_hint">False</property>
|
|
+ <property name="type_hint">GDK_WINDOW_TYPE_HINT_DIALOG</property>
|
|
+ <property name="gravity">GDK_GRAVITY_NORTH_WEST</property>
|
|
+ <property name="focus_on_map">True</property>
|
|
+ <property name="urgency_hint">False</property>
|
|
+
|
|
+ <child internal-child="vbox">
|
|
+ <widget class="GtkVBox" id="dialog-vbox1">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">24</property>
|
|
+
|
|
+ <child internal-child="action_area">
|
|
+ <widget class="GtkHButtonBox" id="dialog-action_area1">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="layout_style">GTK_BUTTONBOX_END</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkButton" id="button5">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_default">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="label">gtk-cancel</property>
|
|
+ <property name="use_stock">True</property>
|
|
+ <property name="relief">GTK_RELIEF_NORMAL</property>
|
|
+ <property name="focus_on_click">True</property>
|
|
+ <property name="response_id">-6</property>
|
|
+ </widget>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkButton" id="button6">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_default">True</property>
|
|
+ <property name="has_default">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="label">gtk-add</property>
|
|
+ <property name="use_stock">True</property>
|
|
+ <property name="relief">GTK_RELIEF_NORMAL</property>
|
|
+ <property name="focus_on_click">True</property>
|
|
+ <property name="response_id">-5</property>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">True</property>
|
|
+ <property name="pack_type">GTK_PACK_END</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+</widget>
|
|
+
|
|
+<widget class="GtkAboutDialog" id="about_dialog">
|
|
+ <property name="border_width">5</property>
|
|
+ <property name="destroy_with_parent">False</property>
|
|
+ <property name="name" translatable="yes">Polgen</property>
|
|
+ <property name="copyright" translatable="yes">Red Hat 2007</property>
|
|
+ <property name="license" translatable="yes">GPL</property>
|
|
+ <property name="wrap_license">False</property>
|
|
+ <property name="website">www.redhat.com</property>
|
|
+ <property name="authors">Daniel Walsh <dwalsh@redhat.com></property>
|
|
+ <property name="translator_credits" translatable="yes" comments="TRANSLATORS: Replace this string with your names, one name per line.">translator-credits</property>
|
|
+</widget>
|
|
+
|
|
+<widget class="GtkWindow" id="main_window">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="title" translatable="yes">SELinux Policy Generation Tool</property>
|
|
+ <property name="type">GTK_WINDOW_TOPLEVEL</property>
|
|
+ <property name="window_position">GTK_WIN_POS_NONE</property>
|
|
+ <property name="modal">False</property>
|
|
+ <property name="resizable">True</property>
|
|
+ <property name="destroy_with_parent">False</property>
|
|
+ <property name="decorated">True</property>
|
|
+ <property name="skip_taskbar_hint">False</property>
|
|
+ <property name="skip_pager_hint">False</property>
|
|
+ <property name="type_hint">GDK_WINDOW_TYPE_HINT_NORMAL</property>
|
|
+ <property name="gravity">GDK_GRAVITY_NORTH_WEST</property>
|
|
+ <property name="focus_on_map">True</property>
|
|
+ <property name="urgency_hint">False</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkVBox" id="vbox11">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">0</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkNotebook" id="notebook1">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="show_tabs">False</property>
|
|
+ <property name="show_border">True</property>
|
|
+ <property name="tab_pos">GTK_POS_TOP</property>
|
|
+ <property name="scrollable">False</property>
|
|
+ <property name="enable_popup">False</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GnomeDruidPageEdge" id="start_page">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="position">GNOME_EDGE_START</property>
|
|
+ <property name="title" translatable="yes">SELinux Policy Generation Druid</property>
|
|
+ <property name="text" translatable="yes">This tool can be used to generate a policy framework, to confine applications or users using SELinux.
|
|
+
|
|
+The tool generates:
|
|
+Type enforcement file (te)
|
|
+Interface file (if)
|
|
+File context file (fc)
|
|
+Shell script (sh) - used to compile and install the policy. </property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="tab_expand">True</property>
|
|
+ <property name="tab_fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label25">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">label25</property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0.5</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="type">tab</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GnomeDruidPageStandard" id="select_type_page">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="title" translatable="yes">Select type of the application/user role to be confined</property>
|
|
+ <signal name="next" handler="on_select_type_page_next" last_modification_time="Sat, 04 Aug 2007 11:39:15 GMT"/>
|
|
+
|
|
+ <child internal-child="vbox">
|
|
+ <widget class="GtkVBox" id="druid-vbox17">
|
|
+ <property name="border_width">16</property>
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">6</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkVBox" id="vbox14">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">0</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkFrame" id="frame9">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label_xalign">0</property>
|
|
+ <property name="label_yalign">0.5</property>
|
|
+ <property name="shadow_type">GTK_SHADOW_NONE</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkAlignment" id="alignment15">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="xalign">0.5</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xscale">1</property>
|
|
+ <property name="yscale">1</property>
|
|
+ <property name="top_padding">0</property>
|
|
+ <property name="bottom_padding">0</property>
|
|
+ <property name="left_padding">12</property>
|
|
+ <property name="right_padding">0</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkVBox" id="vbox6">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">0</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkRadioButton" id="init_radiobutton">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="tooltip" translatable="yes">Standard Init Daemon are daemons started on boot via init scripts. Usually requires a script in /etc/init.d</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="label" translatable="yes">Standard Init Daemon</property>
|
|
+ <property name="use_underline">True</property>
|
|
+ <property name="relief">GTK_RELIEF_NORMAL</property>
|
|
+ <property name="focus_on_click">True</property>
|
|
+ <property name="active">False</property>
|
|
+ <property name="inconsistent">False</property>
|
|
+ <property name="draw_indicator">True</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">False</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkRadioButton" id="inetd_radiobutton">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="tooltip" translatable="yes">Internet Services Daemon are daemons started by xinetd</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="label" translatable="yes">Internet Services Daemon (inetd)</property>
|
|
+ <property name="use_underline">True</property>
|
|
+ <property name="relief">GTK_RELIEF_NORMAL</property>
|
|
+ <property name="focus_on_click">True</property>
|
|
+ <property name="active">False</property>
|
|
+ <property name="inconsistent">False</property>
|
|
+ <property name="draw_indicator">True</property>
|
|
+ <property name="group">init_radiobutton</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">False</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkRadioButton" id="cgi_radiobutton">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="tooltip" translatable="yes">Web Applications/Script (CGI) CGI scripts started by the web server (apache)</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="label" translatable="yes">Web Application/Script (CGI)</property>
|
|
+ <property name="use_underline">True</property>
|
|
+ <property name="relief">GTK_RELIEF_NORMAL</property>
|
|
+ <property name="focus_on_click">True</property>
|
|
+ <property name="active">False</property>
|
|
+ <property name="inconsistent">False</property>
|
|
+ <property name="draw_indicator">True</property>
|
|
+ <property name="group">init_radiobutton</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">False</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkRadioButton" id="user_radiobutton">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="tooltip" translatable="yes">User Application are any application that you would like to confine that is started by a user</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="label" translatable="yes">User Application</property>
|
|
+ <property name="use_underline">True</property>
|
|
+ <property name="relief">GTK_RELIEF_NORMAL</property>
|
|
+ <property name="focus_on_click">True</property>
|
|
+ <property name="active">False</property>
|
|
+ <property name="inconsistent">False</property>
|
|
+ <property name="draw_indicator">True</property>
|
|
+ <property name="group">init_radiobutton</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">False</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label41">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes"><b>Applications</b></property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">True</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0.5</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="type">label_item</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">True</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkFrame" id="frame10">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label_xalign">0</property>
|
|
+ <property name="label_yalign">0.5</property>
|
|
+ <property name="shadow_type">GTK_SHADOW_NONE</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkAlignment" id="alignment16">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="xalign">0.5</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xscale">1</property>
|
|
+ <property name="yscale">1</property>
|
|
+ <property name="top_padding">0</property>
|
|
+ <property name="bottom_padding">0</property>
|
|
+ <property name="left_padding">12</property>
|
|
+ <property name="right_padding">0</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkVBox" id="vbox15">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">0</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkRadioButton" id="xwindows_login_user_radiobutton">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="tooltip" translatable="yes">Select X Windows login role, if this is a user who will login to a machine via X</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="label" translatable="yes">X Windows Login User Role</property>
|
|
+ <property name="use_underline">True</property>
|
|
+ <property name="relief">GTK_RELIEF_NORMAL</property>
|
|
+ <property name="focus_on_click">True</property>
|
|
+ <property name="active">False</property>
|
|
+ <property name="inconsistent">False</property>
|
|
+ <property name="draw_indicator">True</property>
|
|
+ <property name="group">init_radiobutton</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">False</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkRadioButton" id="terminal_login_user_radiobutton">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="tooltip" translatable="yes">Select Terminal Login User Role, if this user will login to a machine only via a terminal or remote login</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="label" translatable="yes">Terminal Login User Role</property>
|
|
+ <property name="use_underline">True</property>
|
|
+ <property name="relief">GTK_RELIEF_NORMAL</property>
|
|
+ <property name="focus_on_click">True</property>
|
|
+ <property name="active">False</property>
|
|
+ <property name="inconsistent">False</property>
|
|
+ <property name="draw_indicator">True</property>
|
|
+ <property name="group">init_radiobutton</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">False</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkRadioButton" id="root_user_radiobutton">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="tooltip" translatable="yes">Select Root Administrator User Role, if this user will be used to administer the machine while running as root. This user will not be able to login to the system directly.</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="label" translatable="yes">Root Administrator User Role</property>
|
|
+ <property name="use_underline">True</property>
|
|
+ <property name="relief">GTK_RELIEF_NORMAL</property>
|
|
+ <property name="focus_on_click">True</property>
|
|
+ <property name="active">False</property>
|
|
+ <property name="inconsistent">False</property>
|
|
+ <property name="draw_indicator">True</property>
|
|
+ <property name="group">init_radiobutton</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">False</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label42">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes"><b>Users</b></property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">True</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0.5</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="type">label_item</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">True</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">True</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="tab_expand">False</property>
|
|
+ <property name="tab_fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label26">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">label26</property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0.5</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="type">tab</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GnomeDruidPageStandard" id="app_page">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="title" translatable="yes">Enter name of application or user role to be confined</property>
|
|
+
|
|
+ <child internal-child="vbox">
|
|
+ <widget class="GtkVBox" id="druid-vbox5">
|
|
+ <property name="border_width">16</property>
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">6</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkTable" id="table5">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="n_rows">3</property>
|
|
+ <property name="n_columns">3</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="row_spacing">0</property>
|
|
+ <property name="column_spacing">5</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label1">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">Name</property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">0</property>
|
|
+ <property name="right_attach">1</property>
|
|
+ <property name="top_attach">0</property>
|
|
+ <property name="bottom_attach">1</property>
|
|
+ <property name="x_options">fill</property>
|
|
+ <property name="y_options"></property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkEntry" id="exec_entry">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="tooltip" translatable="yes">Enter complete path for executable to be confined.</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="editable">True</property>
|
|
+ <property name="visibility">True</property>
|
|
+ <property name="max_length">0</property>
|
|
+ <property name="text" translatable="yes"></property>
|
|
+ <property name="has_frame">True</property>
|
|
+ <property name="invisible_char">•</property>
|
|
+ <property name="activates_default">False</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">1</property>
|
|
+ <property name="right_attach">2</property>
|
|
+ <property name="top_attach">1</property>
|
|
+ <property name="bottom_attach">2</property>
|
|
+ <property name="y_options"></property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkButton" id="exec_button">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="label" translatable="yes">...</property>
|
|
+ <property name="use_underline">True</property>
|
|
+ <property name="relief">GTK_RELIEF_NORMAL</property>
|
|
+ <property name="focus_on_click">True</property>
|
|
+ <signal name="clicked" handler="on_exec_select_clicked" last_modification_time="Wed, 21 Feb 2007 18:45:26 GMT"/>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">2</property>
|
|
+ <property name="right_attach">3</property>
|
|
+ <property name="top_attach">1</property>
|
|
+ <property name="bottom_attach">2</property>
|
|
+ <property name="x_options">fill</property>
|
|
+ <property name="y_options"></property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkEntry" id="name_entry">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="tooltip" translatable="yes">Enter unique name for the confined application or user role.</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="editable">True</property>
|
|
+ <property name="visibility">True</property>
|
|
+ <property name="max_length">0</property>
|
|
+ <property name="text" translatable="yes"></property>
|
|
+ <property name="has_frame">True</property>
|
|
+ <property name="invisible_char">•</property>
|
|
+ <property name="activates_default">False</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">1</property>
|
|
+ <property name="right_attach">3</property>
|
|
+ <property name="top_attach">0</property>
|
|
+ <property name="bottom_attach">1</property>
|
|
+ <property name="y_options"></property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label2">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">Executable</property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">0</property>
|
|
+ <property name="right_attach">1</property>
|
|
+ <property name="top_attach">1</property>
|
|
+ <property name="bottom_attach">2</property>
|
|
+ <property name="x_options">fill</property>
|
|
+ <property name="y_options"></property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label40">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">Init script</property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">0</property>
|
|
+ <property name="right_attach">1</property>
|
|
+ <property name="top_attach">2</property>
|
|
+ <property name="bottom_attach">3</property>
|
|
+ <property name="x_options">fill</property>
|
|
+ <property name="y_options"></property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkEntry" id="init_script_entry">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="tooltip" translatable="yes">Enter complete path to init script used to start the confined application.</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="editable">True</property>
|
|
+ <property name="visibility">True</property>
|
|
+ <property name="max_length">0</property>
|
|
+ <property name="text" translatable="yes"></property>
|
|
+ <property name="has_frame">True</property>
|
|
+ <property name="invisible_char">•</property>
|
|
+ <property name="activates_default">False</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">1</property>
|
|
+ <property name="right_attach">2</property>
|
|
+ <property name="top_attach">2</property>
|
|
+ <property name="bottom_attach">3</property>
|
|
+ <property name="y_options"></property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkButton" id="init_script_button">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="label" translatable="yes">...</property>
|
|
+ <property name="use_underline">True</property>
|
|
+ <property name="relief">GTK_RELIEF_NORMAL</property>
|
|
+ <property name="focus_on_click">True</property>
|
|
+ <signal name="clicked" handler="on_init_script_select_clicked" last_modification_time="Thu, 30 Aug 2007 15:36:47 GMT"/>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">2</property>
|
|
+ <property name="right_attach">3</property>
|
|
+ <property name="top_attach">2</property>
|
|
+ <property name="bottom_attach">3</property>
|
|
+ <property name="x_options">fill</property>
|
|
+ <property name="y_options"></property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">True</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="tab_expand">False</property>
|
|
+ <property name="tab_fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label28">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">label28</property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0.5</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="type">tab</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GnomeDruidPageStandard" id="transition_page">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="title" translatable="yes">Select additional domains to which this user role will transition</property>
|
|
+
|
|
+ <child internal-child="vbox">
|
|
+ <widget class="GtkVBox" id="vbox13">
|
|
+ <property name="border_width">16</property>
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">6</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkScrolledWindow" id="scrolledwindow4">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="hscrollbar_policy">GTK_POLICY_ALWAYS</property>
|
|
+ <property name="vscrollbar_policy">GTK_POLICY_ALWAYS</property>
|
|
+ <property name="shadow_type">GTK_SHADOW_IN</property>
|
|
+ <property name="window_placement">GTK_CORNER_TOP_LEFT</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkTreeView" id="transition_treeview">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="tooltip" translatable="yes">Select the applications domains that you would like this user role to transition to.</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="headers_visible">False</property>
|
|
+ <property name="rules_hint">False</property>
|
|
+ <property name="reorderable">False</property>
|
|
+ <property name="enable_search">True</property>
|
|
+ <property name="fixed_height_mode">False</property>
|
|
+ <property name="hover_selection">False</property>
|
|
+ <property name="hover_expand">False</property>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">True</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="tab_expand">False</property>
|
|
+ <property name="tab_fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label39">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">label28</property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0.5</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="type">tab</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GnomeDruidPageStandard" id="user_transition_page">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="title" translatable="yes">Select user roles that will transition to this domain</property>
|
|
+
|
|
+ <child internal-child="vbox">
|
|
+ <widget class="GtkVBox" id="vbox13">
|
|
+ <property name="border_width">16</property>
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">6</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkScrolledWindow" id="scrolledwindow4">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="hscrollbar_policy">GTK_POLICY_ALWAYS</property>
|
|
+ <property name="vscrollbar_policy">GTK_POLICY_ALWAYS</property>
|
|
+ <property name="shadow_type">GTK_SHADOW_IN</property>
|
|
+ <property name="window_placement">GTK_CORNER_TOP_LEFT</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkTreeView" id="user_transition_treeview">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="tooltip" translatable="yes">Select the user roles that will transiton to this applications domains.</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="headers_visible">False</property>
|
|
+ <property name="rules_hint">False</property>
|
|
+ <property name="reorderable">False</property>
|
|
+ <property name="enable_search">True</property>
|
|
+ <property name="fixed_height_mode">False</property>
|
|
+ <property name="hover_selection">False</property>
|
|
+ <property name="hover_expand">False</property>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">True</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="tab_expand">False</property>
|
|
+ <property name="tab_fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label30">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">label30</property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0.5</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="type">tab</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GnomeDruidPageStandard" id="admin_page">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="title" translatable="yes">Select additional domains that this user role will administer</property>
|
|
+
|
|
+ <child internal-child="vbox">
|
|
+ <widget class="GtkVBox" id="vbox13">
|
|
+ <property name="border_width">16</property>
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">6</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkScrolledWindow" id="scrolledwindow4">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="hscrollbar_policy">GTK_POLICY_ALWAYS</property>
|
|
+ <property name="vscrollbar_policy">GTK_POLICY_ALWAYS</property>
|
|
+ <property name="shadow_type">GTK_SHADOW_IN</property>
|
|
+ <property name="window_placement">GTK_CORNER_TOP_LEFT</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkTreeView" id="admin_treeview">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="tooltip" translatable="yes">Select the domains that you would like this user administer.</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="headers_visible">False</property>
|
|
+ <property name="rules_hint">False</property>
|
|
+ <property name="reorderable">False</property>
|
|
+ <property name="enable_search">True</property>
|
|
+ <property name="fixed_height_mode">False</property>
|
|
+ <property name="hover_selection">False</property>
|
|
+ <property name="hover_expand">False</property>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">True</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="tab_expand">False</property>
|
|
+ <property name="tab_fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label31">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">label31</property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0.5</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="type">tab</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GnomeDruidPageStandard" id="roles_page">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="title" translatable="yes">Select additional roles for this user</property>
|
|
+
|
|
+ <child internal-child="vbox">
|
|
+ <widget class="GtkVBox" id="vbox13">
|
|
+ <property name="border_width">16</property>
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">6</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkScrolledWindow" id="scrolledwindow4">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="hscrollbar_policy">GTK_POLICY_ALWAYS</property>
|
|
+ <property name="vscrollbar_policy">GTK_POLICY_ALWAYS</property>
|
|
+ <property name="shadow_type">GTK_SHADOW_IN</property>
|
|
+ <property name="window_placement">GTK_CORNER_TOP_LEFT</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkTreeView" id="role_treeview">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="tooltip" translatable="yes">Select the domains that you would like this user administer.</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="headers_visible">False</property>
|
|
+ <property name="rules_hint">False</property>
|
|
+ <property name="reorderable">False</property>
|
|
+ <property name="enable_search">True</property>
|
|
+ <property name="fixed_height_mode">False</property>
|
|
+ <property name="hover_selection">False</property>
|
|
+ <property name="hover_expand">False</property>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">True</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="tab_expand">False</property>
|
|
+ <property name="tab_fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label32">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">label32</property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0.5</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="type">tab</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GnomeDruidPageStandard" id="in_net_page">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="title" translatable="yes">Enter network ports that application/user role listens to</property>
|
|
+
|
|
+ <child internal-child="vbox">
|
|
+ <widget class="GtkVBox" id="druid-vbox6">
|
|
+ <property name="border_width">16</property>
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">6</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkFrame" id="frame4">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label_xalign">0</property>
|
|
+ <property name="label_yalign">0.5</property>
|
|
+ <property name="shadow_type">GTK_SHADOW_NONE</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkAlignment" id="alignment8">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="xalign">0.5</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xscale">1</property>
|
|
+ <property name="yscale">1</property>
|
|
+ <property name="top_padding">0</property>
|
|
+ <property name="bottom_padding">0</property>
|
|
+ <property name="left_padding">12</property>
|
|
+ <property name="right_padding">0</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkVBox" id="vbox7">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">0</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkHBox" id="hbox7">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">0</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkCheckButton" id="in_tcp_all_checkbutton">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="tooltip" translatable="yes">Allows confined application/user role to bind to any tcp port</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="label" translatable="yes">All</property>
|
|
+ <property name="use_underline">True</property>
|
|
+ <property name="relief">GTK_RELIEF_NORMAL</property>
|
|
+ <property name="focus_on_click">True</property>
|
|
+ <property name="active">False</property>
|
|
+ <property name="inconsistent">False</property>
|
|
+ <property name="draw_indicator">True</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">10</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">False</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkCheckButton" id="in_tcp_reserved_checkbutton">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="tooltip" translatable="yes">Use this checkbutton if your app calls bindresvport with 0.</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="label" translatable="yes">600-1024</property>
|
|
+ <property name="use_underline">True</property>
|
|
+ <property name="relief">GTK_RELIEF_NORMAL</property>
|
|
+ <property name="focus_on_click">True</property>
|
|
+ <property name="active">False</property>
|
|
+ <property name="inconsistent">False</property>
|
|
+ <property name="draw_indicator">True</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">10</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">False</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkCheckButton" id="in_tcp_unreserved_checkbutton">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="tooltip" translatable="yes">Allow application/user role to bind to any tcp ports > 1024</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="label" translatable="yes">Unreserved Ports (> 1024)</property>
|
|
+ <property name="use_underline">True</property>
|
|
+ <property name="relief">GTK_RELIEF_NORMAL</property>
|
|
+ <property name="focus_on_click">True</property>
|
|
+ <property name="active">False</property>
|
|
+ <property name="inconsistent">False</property>
|
|
+ <property name="draw_indicator">True</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">10</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">False</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">True</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkHBox" id="hbox8">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">0</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label7">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">Select Ports</property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">5</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">False</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkEntry" id="in_tcp_entry">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="tooltip" translatable="yes">Enter a comma separated list of tcp ports or ranges of ports that application/user role binds to. Example: 612, 650-660</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="editable">True</property>
|
|
+ <property name="visibility">True</property>
|
|
+ <property name="max_length">0</property>
|
|
+ <property name="text" translatable="yes"></property>
|
|
+ <property name="has_frame">True</property>
|
|
+ <property name="invisible_char">•</property>
|
|
+ <property name="activates_default">False</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">True</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">True</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label19">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes"><b>TCP Ports</b></property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">True</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0.5</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="type">label_item</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">True</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkFrame" id="frame5">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label_xalign">0</property>
|
|
+ <property name="label_yalign">0.5</property>
|
|
+ <property name="shadow_type">GTK_SHADOW_NONE</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkAlignment" id="alignment9">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="xalign">0.5</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xscale">1</property>
|
|
+ <property name="yscale">1</property>
|
|
+ <property name="top_padding">0</property>
|
|
+ <property name="bottom_padding">0</property>
|
|
+ <property name="left_padding">12</property>
|
|
+ <property name="right_padding">0</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkVBox" id="vbox8">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">0</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkHBox" id="hbox9">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">0</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkCheckButton" id="in_udp_all_checkbutton">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="tooltip" translatable="yes">Allows confined application/user role to bind to any udp port</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="label" translatable="yes">All</property>
|
|
+ <property name="use_underline">True</property>
|
|
+ <property name="relief">GTK_RELIEF_NORMAL</property>
|
|
+ <property name="focus_on_click">True</property>
|
|
+ <property name="active">False</property>
|
|
+ <property name="inconsistent">False</property>
|
|
+ <property name="draw_indicator">True</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">10</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">False</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkCheckButton" id="in_udp_reserved_checkbutton">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="tooltip" translatable="yes">Allow application/user role to call bindresvport with 0. Binding to port 600-1024</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="label" translatable="yes">600-1024</property>
|
|
+ <property name="use_underline">True</property>
|
|
+ <property name="relief">GTK_RELIEF_NORMAL</property>
|
|
+ <property name="focus_on_click">True</property>
|
|
+ <property name="active">False</property>
|
|
+ <property name="inconsistent">False</property>
|
|
+ <property name="draw_indicator">True</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">10</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">False</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkCheckButton" id="in_udp_unreserved_checkbutton">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="tooltip" translatable="yes">Enter a comma separated list of udp ports or ranges of ports that application/user role binds to. Example: 612, 650-660</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="label" translatable="yes">Unreserved Ports (>1024)</property>
|
|
+ <property name="use_underline">True</property>
|
|
+ <property name="relief">GTK_RELIEF_NORMAL</property>
|
|
+ <property name="focus_on_click">True</property>
|
|
+ <property name="active">False</property>
|
|
+ <property name="inconsistent">False</property>
|
|
+ <property name="draw_indicator">True</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">10</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">False</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">True</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkHBox" id="hbox10">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">0</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label20">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">Select Ports</property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">5</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">False</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkEntry" id="in_udp_entry">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="tooltip" translatable="yes">Allows application/user role to bind to any udp ports > 1024</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="editable">True</property>
|
|
+ <property name="visibility">True</property>
|
|
+ <property name="max_length">0</property>
|
|
+ <property name="text" translatable="yes"></property>
|
|
+ <property name="has_frame">True</property>
|
|
+ <property name="invisible_char">•</property>
|
|
+ <property name="activates_default">False</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">True</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">True</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label20">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes"><b>UDP Ports</b></property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">True</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0.5</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="type">label_item</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">True</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="tab_expand">False</property>
|
|
+ <property name="tab_fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label33">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">label33</property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0.5</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="type">tab</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GnomeDruidPageStandard" id="out_net_page">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="title" translatable="yes">Enter network ports that application/user role connects to</property>
|
|
+
|
|
+ <child internal-child="vbox">
|
|
+ <widget class="GtkVBox" id="druid-vbox7">
|
|
+ <property name="border_width">16</property>
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">6</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkFrame" id="frame8">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label_xalign">0</property>
|
|
+ <property name="label_yalign">0.5</property>
|
|
+ <property name="shadow_type">GTK_SHADOW_NONE</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkAlignment" id="alignment13">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="xalign">0.5</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xscale">1</property>
|
|
+ <property name="yscale">1</property>
|
|
+ <property name="top_padding">0</property>
|
|
+ <property name="bottom_padding">0</property>
|
|
+ <property name="left_padding">12</property>
|
|
+ <property name="right_padding">0</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkVBox" id="vbox12">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">0</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkAlignment" id="alignment14">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="xalign">0.5</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xscale">1</property>
|
|
+ <property name="yscale">1</property>
|
|
+ <property name="top_padding">0</property>
|
|
+ <property name="bottom_padding">0</property>
|
|
+ <property name="left_padding">12</property>
|
|
+ <property name="right_padding">0</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkHBox" id="hbox15">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">0</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkCheckButton" id="out_tcp_all_checkbutton">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="label" translatable="yes">All</property>
|
|
+ <property name="use_underline">True</property>
|
|
+ <property name="relief">GTK_RELIEF_NORMAL</property>
|
|
+ <property name="focus_on_click">True</property>
|
|
+ <property name="active">False</property>
|
|
+ <property name="inconsistent">False</property>
|
|
+ <property name="draw_indicator">True</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">10</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">False</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label38">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">Select Ports</property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">5</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">False</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkEntry" id="out_tcp_entry">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="tooltip" translatable="yes">Enter a comma separated list of tcp ports or ranges of ports that application/user role connects to. Example: 612, 650-660</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="editable">True</property>
|
|
+ <property name="visibility">True</property>
|
|
+ <property name="max_length">0</property>
|
|
+ <property name="text" translatable="yes"></property>
|
|
+ <property name="has_frame">True</property>
|
|
+ <property name="invisible_char">•</property>
|
|
+ <property name="activates_default">False</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">True</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">True</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label37">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes"><b>TCP Ports</b></property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">True</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0.5</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="type">label_item</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">True</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkFrame" id="frame7">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label_xalign">0</property>
|
|
+ <property name="label_yalign">0.5</property>
|
|
+ <property name="shadow_type">GTK_SHADOW_NONE</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkAlignment" id="alignment11">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="xalign">0.5</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xscale">1</property>
|
|
+ <property name="yscale">1</property>
|
|
+ <property name="top_padding">0</property>
|
|
+ <property name="bottom_padding">0</property>
|
|
+ <property name="left_padding">12</property>
|
|
+ <property name="right_padding">0</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkHBox" id="hbox12">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">0</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkCheckButton" id="out_udp_all_checkbutton">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="label" translatable="yes">All</property>
|
|
+ <property name="use_underline">True</property>
|
|
+ <property name="relief">GTK_RELIEF_NORMAL</property>
|
|
+ <property name="focus_on_click">True</property>
|
|
+ <property name="active">False</property>
|
|
+ <property name="inconsistent">False</property>
|
|
+ <property name="draw_indicator">True</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">10</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">False</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label22">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">Select Ports</property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">5</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">False</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkEntry" id="out_udp_entry">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="tooltip" translatable="yes">Enter a comma separated list of udp ports or ranges of ports that application/user role connects to. Example: 612, 650-660</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="editable">True</property>
|
|
+ <property name="visibility">True</property>
|
|
+ <property name="max_length">0</property>
|
|
+ <property name="text" translatable="yes"></property>
|
|
+ <property name="has_frame">True</property>
|
|
+ <property name="invisible_char">•</property>
|
|
+ <property name="activates_default">False</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">True</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label23">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes"><b>UDP Ports</b></property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">True</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0.5</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="type">label_item</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">True</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="tab_expand">False</property>
|
|
+ <property name="tab_fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label34">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">label34</property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0.5</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="type">tab</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GnomeDruidPageStandard" id="common_apps_page">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="title" translatable="yes">Select common application traits</property>
|
|
+
|
|
+ <child internal-child="vbox">
|
|
+ <widget class="GtkVBox" id="druid-vbox8">
|
|
+ <property name="border_width">16</property>
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">6</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkVBox" id="vbox4">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">0</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkCheckButton" id="syslog_checkbutton">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="label" translatable="yes">Writes syslog messages </property>
|
|
+ <property name="use_underline">True</property>
|
|
+ <property name="relief">GTK_RELIEF_NORMAL</property>
|
|
+ <property name="focus_on_click">True</property>
|
|
+ <property name="active">False</property>
|
|
+ <property name="inconsistent">False</property>
|
|
+ <property name="draw_indicator">True</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">False</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkCheckButton" id="tmp_checkbutton">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="label" translatable="yes">Create/Manipulate temporary files in /tmp</property>
|
|
+ <property name="use_underline">True</property>
|
|
+ <property name="relief">GTK_RELIEF_NORMAL</property>
|
|
+ <property name="focus_on_click">True</property>
|
|
+ <property name="active">False</property>
|
|
+ <property name="inconsistent">False</property>
|
|
+ <property name="draw_indicator">True</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">False</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkCheckButton" id="pam_checkbutton">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="label" translatable="yes">Uses Pam for authentication</property>
|
|
+ <property name="use_underline">True</property>
|
|
+ <property name="relief">GTK_RELIEF_NORMAL</property>
|
|
+ <property name="focus_on_click">True</property>
|
|
+ <property name="active">False</property>
|
|
+ <property name="inconsistent">False</property>
|
|
+ <property name="draw_indicator">True</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">False</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkCheckButton" id="uid_checkbutton">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="label" translatable="yes">Uses nsswitch or getpw* calls</property>
|
|
+ <property name="use_underline">True</property>
|
|
+ <property name="relief">GTK_RELIEF_NORMAL</property>
|
|
+ <property name="focus_on_click">True</property>
|
|
+ <property name="active">False</property>
|
|
+ <property name="inconsistent">False</property>
|
|
+ <property name="draw_indicator">True</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">False</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkCheckButton" id="dbus_checkbutton">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="label" translatable="yes">Uses dbus</property>
|
|
+ <property name="use_underline">True</property>
|
|
+ <property name="relief">GTK_RELIEF_NORMAL</property>
|
|
+ <property name="focus_on_click">True</property>
|
|
+ <property name="active">False</property>
|
|
+ <property name="inconsistent">False</property>
|
|
+ <property name="draw_indicator">True</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">False</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkCheckButton" id="audit_checkbutton">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="label" translatable="yes">Sends audit messages</property>
|
|
+ <property name="use_underline">True</property>
|
|
+ <property name="relief">GTK_RELIEF_NORMAL</property>
|
|
+ <property name="focus_on_click">True</property>
|
|
+ <property name="active">False</property>
|
|
+ <property name="inconsistent">False</property>
|
|
+ <property name="draw_indicator">True</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">False</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkCheckButton" id="terminal_checkbutton">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="label" translatable="yes">Interacts with the terminal</property>
|
|
+ <property name="use_underline">True</property>
|
|
+ <property name="relief">GTK_RELIEF_NORMAL</property>
|
|
+ <property name="focus_on_click">True</property>
|
|
+ <property name="active">False</property>
|
|
+ <property name="inconsistent">False</property>
|
|
+ <property name="draw_indicator">True</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">False</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkCheckButton" id="sendmail_checkbutton">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="label" translatable="yes">Sends email</property>
|
|
+ <property name="use_underline">True</property>
|
|
+ <property name="relief">GTK_RELIEF_NORMAL</property>
|
|
+ <property name="focus_on_click">True</property>
|
|
+ <property name="active">False</property>
|
|
+ <property name="inconsistent">False</property>
|
|
+ <property name="draw_indicator">True</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">False</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">True</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="tab_expand">False</property>
|
|
+ <property name="tab_fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label35">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">label35</property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0.5</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="type">tab</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GnomeDruidPageStandard" id="files_page">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="title" translatable="yes">Select files/directories that the application manages</property>
|
|
+
|
|
+ <child internal-child="vbox">
|
|
+ <widget class="GtkVBox" id="druid-vbox9">
|
|
+ <property name="border_width">16</property>
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">6</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkFrame" id="frame3">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label_xalign">0</property>
|
|
+ <property name="label_yalign">0.5</property>
|
|
+ <property name="shadow_type">GTK_SHADOW_NONE</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkAlignment" id="alignment3">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="xalign">0.5</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xscale">1</property>
|
|
+ <property name="yscale">1</property>
|
|
+ <property name="top_padding">0</property>
|
|
+ <property name="bottom_padding">0</property>
|
|
+ <property name="left_padding">12</property>
|
|
+ <property name="right_padding">0</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkHBox" id="hbox1">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">0</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkVBox" id="vbox3">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">0</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkButton" id="button2">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="relief">GTK_RELIEF_NORMAL</property>
|
|
+ <property name="focus_on_click">True</property>
|
|
+ <signal name="clicked" handler="on_add_clicked" last_modification_time="Wed, 21 Feb 2007 18:47:51 GMT"/>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkAlignment" id="alignment6">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="xalign">0.5</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xscale">0</property>
|
|
+ <property name="yscale">0</property>
|
|
+ <property name="top_padding">0</property>
|
|
+ <property name="bottom_padding">0</property>
|
|
+ <property name="left_padding">0</property>
|
|
+ <property name="right_padding">0</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkHBox" id="hbox4">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">2</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkImage" id="image3">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="stock">gtk-add</property>
|
|
+ <property name="icon_size">4</property>
|
|
+ <property name="xalign">0.5</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">False</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label17">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label">Add File</property>
|
|
+ <property name="use_underline">True</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0.5</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">False</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">False</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkButton" id="button9">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="relief">GTK_RELIEF_NORMAL</property>
|
|
+ <property name="focus_on_click">True</property>
|
|
+ <signal name="clicked" handler="on_add_dir_clicked" last_modification_time="Wed, 21 Feb 2007 22:15:43 GMT"/>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkAlignment" id="alignment5">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="xalign">0.5</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xscale">0</property>
|
|
+ <property name="yscale">0</property>
|
|
+ <property name="top_padding">0</property>
|
|
+ <property name="bottom_padding">0</property>
|
|
+ <property name="left_padding">0</property>
|
|
+ <property name="right_padding">0</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkHBox" id="hbox3">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">2</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkImage" id="image2">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="stock">gtk-add</property>
|
|
+ <property name="icon_size">4</property>
|
|
+ <property name="xalign">0.5</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">False</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label16">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label">Add Directory</property>
|
|
+ <property name="use_underline">True</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0.5</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">False</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">False</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkButton" id="button4">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="label">gtk-delete</property>
|
|
+ <property name="use_stock">True</property>
|
|
+ <property name="relief">GTK_RELIEF_NORMAL</property>
|
|
+ <property name="focus_on_click">True</property>
|
|
+ <signal name="clicked" handler="on_delete_clicked" last_modification_time="Wed, 21 Feb 2007 18:48:10 GMT"/>
|
|
+ <accelerator key="Delete" modifiers="0" signal="clicked"/>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">False</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">4</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkScrolledWindow" id="scrolledwindow1">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="hscrollbar_policy">GTK_POLICY_NEVER</property>
|
|
+ <property name="vscrollbar_policy">GTK_POLICY_NEVER</property>
|
|
+ <property name="shadow_type">GTK_SHADOW_IN</property>
|
|
+ <property name="window_placement">GTK_CORNER_TOP_LEFT</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkViewport" id="viewport1">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="shadow_type">GTK_SHADOW_IN</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkVBox" id="vbox2">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">0</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkScrolledWindow" id="scrolledwindow2">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="hscrollbar_policy">GTK_POLICY_ALWAYS</property>
|
|
+ <property name="vscrollbar_policy">GTK_POLICY_ALWAYS</property>
|
|
+ <property name="shadow_type">GTK_SHADOW_IN</property>
|
|
+ <property name="window_placement">GTK_CORNER_TOP_LEFT</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkTreeView" id="write_treeview">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="tooltip" translatable="yes">Add Files/Directories that application will need to "Write" to. Pid Files, Log Files, /var/lib Files ...</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="headers_visible">False</property>
|
|
+ <property name="rules_hint">False</property>
|
|
+ <property name="reorderable">False</property>
|
|
+ <property name="enable_search">True</property>
|
|
+ <property name="fixed_height_mode">False</property>
|
|
+ <property name="hover_selection">False</property>
|
|
+ <property name="hover_expand">False</property>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">True</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">True</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">True</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="tab_expand">False</property>
|
|
+ <property name="tab_fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label43">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes"></property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0.5</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="type">tab</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GnomeDruidPageStandard" id="gen_policy_page">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="title" translatable="yes">Select directory to generate policy in</property>
|
|
+
|
|
+ <child internal-child="vbox">
|
|
+ <widget class="GtkVBox" id="druid-vbox10">
|
|
+ <property name="border_width">16</property>
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">5</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkHBox" id="hbox6">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">0</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label18">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">Policy Directory</property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0.5</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">5</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">False</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkEntry" id="output_entry">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="editable">True</property>
|
|
+ <property name="visibility">True</property>
|
|
+ <property name="max_length">0</property>
|
|
+ <property name="text" translatable="yes"></property>
|
|
+ <property name="has_frame">True</property>
|
|
+ <property name="invisible_char">•</property>
|
|
+ <property name="activates_default">False</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">True</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkButton" id="output_button">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="label" translatable="yes">...</property>
|
|
+ <property name="use_underline">True</property>
|
|
+ <property name="relief">GTK_RELIEF_NORMAL</property>
|
|
+ <property name="focus_on_click">True</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">False</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="tab_expand">False</property>
|
|
+ <property name="tab_fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label44">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes"></property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0.5</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="type">tab</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GnomeDruidPageEdge" id="role_finish_page">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="position">GNOME_EDGE_FINISH</property>
|
|
+ <property name="title" translatable="yes">Generated Policy Files</property>
|
|
+ <property name="text" translatable="yes">This tool will generate the following:
|
|
+Type Enforcement(te), File Context(fc), Interface(if), Shell Script(sh)
|
|
+Execute shell script to compile/install and relabel files/directories.
|
|
+Use semanage or useradd to map Linux login users to user roles.
|
|
+Put the machine in permissive mode (setenforce 0).
|
|
+Login as the user and test this user role.
|
|
+Use audit2allow -R to generate additional rules for the te file.
|
|
+</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="tab_expand">True</property>
|
|
+ <property name="tab_fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label46">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes"></property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0.5</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="type">tab</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GnomeDruidPageEdge" id="finish_page">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="position">GNOME_EDGE_FINISH</property>
|
|
+ <property name="title" translatable="yes">Generated Policy Files</property>
|
|
+ <property name="text" translatable="yes">This tool will generate the following:
|
|
+Type Enforcement(te), File Context(fc), Interface(if), Shell Script(sh)
|
|
+
|
|
+Execute shell script to compile/install and relabel files/directories.
|
|
+Put the machine in permissive mode (setenforce 0).
|
|
+Run/restart the application to generate avc messages.
|
|
+Use audit2allow -R to generate additional rules for the te file.
|
|
+</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="tab_expand">False</property>
|
|
+ <property name="tab_fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label45">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes"></property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0.5</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="type">tab</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">True</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkAlignment" id="alignment12">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="xalign">0.5</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xscale">1</property>
|
|
+ <property name="yscale">1</property>
|
|
+ <property name="top_padding">0</property>
|
|
+ <property name="bottom_padding">0</property>
|
|
+ <property name="left_padding">0</property>
|
|
+ <property name="right_padding">0</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkHButtonBox" id="hbuttonbox1">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="layout_style">GTK_BUTTONBOX_END</property>
|
|
+ <property name="spacing">0</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkButton" id="cancel_button">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_default">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="label">gtk-cancel</property>
|
|
+ <property name="use_stock">True</property>
|
|
+ <property name="relief">GTK_RELIEF_NORMAL</property>
|
|
+ <property name="focus_on_click">True</property>
|
|
+ <signal name="activate" handler="on_cancel_activate" last_modification_time="Wed, 22 Aug 2007 18:47:18 GMT"/>
|
|
+ </widget>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkButton" id="back_button">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_default">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="label">gtk-go-back</property>
|
|
+ <property name="use_stock">True</property>
|
|
+ <property name="relief">GTK_RELIEF_NORMAL</property>
|
|
+ <property name="focus_on_click">True</property>
|
|
+ <signal name="activate" handler="on_back_activate" last_modification_time="Wed, 22 Aug 2007 18:47:42 GMT"/>
|
|
+ </widget>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkButton" id="forward_button">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_default">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="label">gtk-go-forward</property>
|
|
+ <property name="use_stock">True</property>
|
|
+ <property name="relief">GTK_RELIEF_NORMAL</property>
|
|
+ <property name="focus_on_click">True</property>
|
|
+ <signal name="activate" handler="on_forward_activate" last_modification_time="Wed, 22 Aug 2007 18:48:00 GMT"/>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">True</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+</widget>
|
|
+
|
|
+</glade-interface>
|
|
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgengui.py policycoreutils-2.0.27/gui/polgengui.py
|
|
--- nsapolicycoreutils/gui/polgengui.py 1969-12-31 19:00:00.000000000 -0500
|
|
+++ policycoreutils-2.0.27/gui/polgengui.py 2007-10-02 16:15:59.000000000 -0400
|
|
@@ -0,0 +1,496 @@
|
|
+#!/usr/bin/python
|
|
+#
|
|
+# system-config-selinux.py - GUI for SELinux Config tool in system-config-selinux
|
|
+#
|
|
+# Dan Walsh <dwalsh@redhat.com>
|
|
+#
|
|
+# Copyright 2007 Red Hat, Inc.
|
|
+#
|
|
+# This program is free software; you can redistribute it and/or modify
|
|
+# it under the terms of the GNU General Public License as published by
|
|
+# the Free Software Foundation; either version 2 of the License, or
|
|
+# (at your option) any later version.
|
|
+#
|
|
+# This program is distributed in the hope that it will be useful,
|
|
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
+# GNU General Public License for more details.
|
|
+#
|
|
+# You should have received a copy of the GNU General Public License
|
|
+# along with this program; if not, write to the Free Software
|
|
+# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
|
|
+#
|
|
+import signal
|
|
+import string
|
|
+import gtk
|
|
+import gtk.glade
|
|
+import os
|
|
+import gobject
|
|
+import gnome
|
|
+import sys
|
|
+import polgen
|
|
+import re
|
|
+import commands
|
|
+
|
|
+
|
|
+##
|
|
+## I18N
|
|
+##
|
|
+PROGNAME="system-config-selinux"
|
|
+
|
|
+import gettext
|
|
+gettext.bindtextdomain(PROGNAME, "/usr/share/locale")
|
|
+gettext.textdomain(PROGNAME)
|
|
+try:
|
|
+ gettext.install(PROGNAME,
|
|
+ localedir="/usr/share/locale",
|
|
+ unicode=False,
|
|
+ codeset = 'utf-8')
|
|
+except IOError:
|
|
+ import __builtin__
|
|
+ __builtin__.__dict__['_'] = unicode
|
|
+
|
|
+gnome.program_init("SELinux Poligy Generation Tool", "5")
|
|
+
|
|
+version = "1.0"
|
|
+
|
|
+sys.path.append('/usr/share/system-config-selinux')
|
|
+sys.path.append('.')
|
|
+
|
|
+# From John Hunter http://www.daa.com.au/pipermail/pygtk/2003-February/004454.html
|
|
+def foreach(model, path, iter, selected):
|
|
+ selected.append(model.get_value(iter, 0))
|
|
+
|
|
+##
|
|
+## Pull in the Glade file
|
|
+##
|
|
+if os.access("polgen.glade", os.F_OK):
|
|
+ xml = gtk.glade.XML ("polgen.glade", domain=PROGNAME)
|
|
+else:
|
|
+ xml = gtk.glade.XML ("/usr/share/system-config-selinux/polgen.glade", domain=PROGNAME)
|
|
+
|
|
+FILE = 1
|
|
+DIR = 2
|
|
+
|
|
+class childWindow:
|
|
+ START_PAGE = 0
|
|
+ SELECT_TYPE_PAGE = 1
|
|
+ APP_PAGE = 2
|
|
+ TRANSITION_PAGE = 3
|
|
+ USER_TRANSITION_PAGE = 4
|
|
+ ADMIN_PAGE = 5
|
|
+ ROLE_PAGE = 6
|
|
+ IN_NET_PAGE = 7
|
|
+ OUT_NET_PAGE = 8
|
|
+ COMMON_APPS_PAGE = 9
|
|
+ FILES_PAGE = 10
|
|
+ GEN_POLICY_PAGE = 11
|
|
+ GEN_USER_POLICY_PAGE = 12
|
|
+ FINISH_PAGE = 13
|
|
+
|
|
+ def __init__(self):
|
|
+ self.xml = xml
|
|
+ xml.signal_connect("on_delete_clicked", self.delete)
|
|
+ xml.signal_connect("on_exec_select_clicked", self.exec_select)
|
|
+ xml.signal_connect("on_init_script_select_clicked", self.init_script_select)
|
|
+ xml.signal_connect("on_add_clicked", self.add)
|
|
+ xml.signal_connect("on_add_dir_clicked", self.add_dir)
|
|
+ xml.signal_connect("on_about_clicked", self.on_about_clicked)
|
|
+ xml.get_widget ("cancel_button").connect("clicked",self.quit)
|
|
+ self.forward_button = xml.get_widget ("forward_button")
|
|
+ self.forward_button.connect("clicked",self.forward)
|
|
+ self.back_button = xml.get_widget ("back_button")
|
|
+ self.back_button.connect("clicked",self.back)
|
|
+
|
|
+ self.notebook = xml.get_widget ("notebook1")
|
|
+ self.pages={}
|
|
+ for i in polgen.USERS:
|
|
+ self.pages[i] = [ self.START_PAGE, self.SELECT_TYPE_PAGE, self.APP_PAGE, self.TRANSITION_PAGE, self.ROLE_PAGE, self.IN_NET_PAGE, self.OUT_NET_PAGE, self.GEN_USER_POLICY_PAGE, self.FINISH_PAGE]
|
|
+ self.pages[polgen.RUSER] = [ self.START_PAGE, self.SELECT_TYPE_PAGE, self.APP_PAGE, self.ADMIN_PAGE, self.IN_NET_PAGE, self.OUT_NET_PAGE, self.GEN_USER_POLICY_PAGE, self.FINISH_PAGE]
|
|
+ for i in polgen.APPLICATIONS:
|
|
+ self.pages[i] = [ self.START_PAGE, self.SELECT_TYPE_PAGE, self.APP_PAGE, self.IN_NET_PAGE, self.OUT_NET_PAGE, self.COMMON_APPS_PAGE, self.FILES_PAGE,self.GEN_POLICY_PAGE, self.FINISH_PAGE ]
|
|
+ self.pages[polgen.USER] = [ self.START_PAGE, self.SELECT_TYPE_PAGE, self.APP_PAGE, self.USER_TRANSITION_PAGE, self.IN_NET_PAGE, self.OUT_NET_PAGE, self.COMMON_APPS_PAGE, self.FILES_PAGE,self.GEN_POLICY_PAGE, self.FINISH_PAGE ]
|
|
+
|
|
+ self.current_page = 0
|
|
+ self.back_button.set_sensitive(0)
|
|
+
|
|
+ self.network_buttons = {}
|
|
+
|
|
+ self.in_tcp_all_checkbutton = xml.get_widget ("in_tcp_all_checkbutton")
|
|
+ self.in_tcp_reserved_checkbutton = xml.get_widget ("in_tcp_reserved_checkbutton")
|
|
+ self.in_tcp_unreserved_checkbutton = xml.get_widget ("in_tcp_unreserved_checkbutton")
|
|
+ self.in_tcp_entry = self.xml.get_widget("in_tcp_entry")
|
|
+ self.network_buttons[self.in_tcp_all_checkbutton] = [ self.in_tcp_reserved_checkbutton, self.in_tcp_unreserved_checkbutton, self.in_tcp_entry ]
|
|
+
|
|
+
|
|
+ self.out_tcp_all_checkbutton = xml.get_widget ("out_tcp_all_checkbutton")
|
|
+ self.out_tcp_reserved_checkbutton = xml.get_widget ("out_tcp_reserved_checkbutton")
|
|
+ self.out_tcp_unreserved_checkbutton = xml.get_widget ("out_tcp_unreserved_checkbutton")
|
|
+ self.out_tcp_entry = self.xml.get_widget("out_tcp_entry")
|
|
+
|
|
+ self.network_buttons[self.out_tcp_all_checkbutton] = [ self.out_tcp_entry ]
|
|
+
|
|
+ self.in_udp_all_checkbutton = xml.get_widget ("in_udp_all_checkbutton")
|
|
+ self.in_udp_reserved_checkbutton = xml.get_widget ("in_udp_reserved_checkbutton")
|
|
+ self.in_udp_unreserved_checkbutton = xml.get_widget ("in_udp_unreserved_checkbutton")
|
|
+ self.in_udp_entry = self.xml.get_widget("in_udp_entry")
|
|
+
|
|
+ self.network_buttons[self.in_udp_all_checkbutton] = [ self.in_udp_reserved_checkbutton, self.in_udp_unreserved_checkbutton, self.in_udp_entry ]
|
|
+
|
|
+ self.out_udp_all_checkbutton = xml.get_widget ("out_udp_all_checkbutton")
|
|
+ self.out_udp_entry = self.xml.get_widget("out_udp_entry")
|
|
+ self.network_buttons[self.out_udp_all_checkbutton] = [ self.out_udp_entry ]
|
|
+
|
|
+ for b in self.network_buttons.keys():
|
|
+ b.connect("clicked",self.network_all_clicked)
|
|
+
|
|
+ self.role_treeview = self.xml.get_widget("role_treeview")
|
|
+ self.role_store = gtk.ListStore(gobject.TYPE_STRING)
|
|
+ self.role_treeview.set_model(self.role_store)
|
|
+ self.role_treeview.get_selection().set_mode(gtk.SELECTION_MULTIPLE)
|
|
+ self.role_store.set_sort_column_id(0, gtk.SORT_ASCENDING)
|
|
+ col = gtk.TreeViewColumn(_("Role"), gtk.CellRendererText(), text = 0)
|
|
+ self.role_treeview.append_column(col)
|
|
+
|
|
+ roles = commands.getoutput("/usr/bin/seinfo -r").split()[2:]
|
|
+ for i in roles:
|
|
+ iter = self.role_store.append()
|
|
+ self.role_store.set_value(iter, 0, i[:-2])
|
|
+
|
|
+ self.types = commands.getoutput("/usr/bin/seinfo -t").split()[2:]
|
|
+
|
|
+ self.transition_treeview = self.xml.get_widget("transition_treeview")
|
|
+ self.transition_store = gtk.ListStore(gobject.TYPE_STRING)
|
|
+ self.transition_treeview.set_model(self.transition_store)
|
|
+ self.transition_treeview.get_selection().set_mode(gtk.SELECTION_MULTIPLE)
|
|
+ self.transition_store.set_sort_column_id(0, gtk.SORT_ASCENDING)
|
|
+ col = gtk.TreeViewColumn(_("Application"), gtk.CellRendererText(), text = 0)
|
|
+ self.transition_treeview.append_column(col)
|
|
+
|
|
+ self.user_transition_treeview = self.xml.get_widget("user_transition_treeview")
|
|
+ self.user_transition_store = gtk.ListStore(gobject.TYPE_STRING)
|
|
+ self.user_transition_treeview.set_model(self.user_transition_store)
|
|
+ self.user_transition_treeview.get_selection().set_mode(gtk.SELECTION_MULTIPLE)
|
|
+ self.user_transition_store.set_sort_column_id(0, gtk.SORT_ASCENDING)
|
|
+ col = gtk.TreeViewColumn(_("Application"), gtk.CellRendererText(), text = 0)
|
|
+ self.user_transition_treeview.append_column(col)
|
|
+
|
|
+ for i in polgen.get_users():
|
|
+ iter = self.user_transition_store.append()
|
|
+ self.user_transition_store.set_value(iter, 0, i)
|
|
+
|
|
+ self.admin_treeview = self.xml.get_widget("admin_treeview")
|
|
+ self.admin_store = gtk.ListStore(gobject.TYPE_STRING)
|
|
+ self.admin_treeview.set_model(self.admin_store)
|
|
+ self.admin_treeview.get_selection().set_mode(gtk.SELECTION_MULTIPLE)
|
|
+ self.admin_store.set_sort_column_id(0, gtk.SORT_ASCENDING)
|
|
+ col = gtk.TreeViewColumn(_("Application"), gtk.CellRendererText(), text = 0)
|
|
+ self.admin_treeview.append_column(col)
|
|
+
|
|
+ for i in polgen.methods:
|
|
+ m = re.findall("(.*)%s" % polgen.USER_TRANSITION_INTERFACE, i)
|
|
+ if len(m) > 0:
|
|
+ if "%s_exec_t" % m[0] in self.types and "user_%s_t" % m[0] in self.types:
|
|
+ iter = self.transition_store.append()
|
|
+ self.transition_store.set_value(iter, 0, m[0])
|
|
+ continue
|
|
+
|
|
+ m = re.findall("(.*)%s" % polgen.ADMIN_TRANSITION_INTERFACE, i)
|
|
+ if len(m) > 0:
|
|
+ iter = self.admin_store.append()
|
|
+ self.admin_store.set_value(iter, 0, m[0])
|
|
+ continue
|
|
+
|
|
+ def confine_application(self):
|
|
+ return self.get_type() in polgen.APPLICATIONS
|
|
+
|
|
+ def forward(self, arg):
|
|
+ type = self.get_type()
|
|
+ if self.current_page == self.START_PAGE:
|
|
+ self.back_button.set_sensitive(1)
|
|
+
|
|
+ if self.pages[type][self.current_page] == self.SELECT_TYPE_PAGE:
|
|
+ if self.on_select_type_page_next():
|
|
+ return
|
|
+
|
|
+ if self.pages[type][self.current_page] == self.IN_NET_PAGE:
|
|
+ if self.on_in_net_page_next():
|
|
+ return
|
|
+
|
|
+ if self.pages[type][self.current_page] == self.OUT_NET_PAGE:
|
|
+ if self.on_out_net_page_next():
|
|
+ return
|
|
+
|
|
+ if self.pages[type][self.current_page] == self.APP_PAGE:
|
|
+ if self.on_name_page_next():
|
|
+ return
|
|
+
|
|
+ if self.pages[type][self.current_page] == self.FINISH_PAGE:
|
|
+ self.generate_policy()
|
|
+ else:
|
|
+ self.current_page = self.current_page + 1
|
|
+ self.notebook.set_current_page(self.pages[type][self.current_page])
|
|
+ if self.pages[type][self.current_page] == self.FINISH_PAGE:
|
|
+ self.forward_button.set_label(gtk.STOCK_APPLY)
|
|
+
|
|
+ def back(self,arg):
|
|
+ type = self.get_type()
|
|
+ if self.pages[type][self.current_page] == self.FINISH_PAGE:
|
|
+ self.forward_button.set_label(gtk.STOCK_GO_FORWARD)
|
|
+
|
|
+ self.current_page = self.current_page - 1
|
|
+ self.notebook.set_current_page(self.pages[type][self.current_page])
|
|
+ if self.current_page == 0:
|
|
+ self.back_button.set_sensitive(0)
|
|
+
|
|
+ def network_all_clicked(self, button):
|
|
+ active = button.get_active()
|
|
+ for b in self.network_buttons[button]:
|
|
+ b.set_sensitive(not active)
|
|
+
|
|
+ def verify(self, message, title="" ):
|
|
+ dlg = gtk.MessageDialog(None, 0, gtk.MESSAGE_INFO,
|
|
+ gtk.BUTTONS_YES_NO,
|
|
+ message)
|
|
+ dlg.set_title(title)
|
|
+ dlg.set_position(gtk.WIN_POS_MOUSE)
|
|
+ dlg.show_all()
|
|
+ rc = dlg.run()
|
|
+ dlg.destroy()
|
|
+ return rc
|
|
+
|
|
+ def info(self, message):
|
|
+ dlg = gtk.MessageDialog(None, 0, gtk.MESSAGE_INFO,
|
|
+ gtk.BUTTONS_OK,
|
|
+ message)
|
|
+ dlg.set_position(gtk.WIN_POS_MOUSE)
|
|
+ dlg.show_all()
|
|
+ dlg.run()
|
|
+ dlg.destroy()
|
|
+
|
|
+ def error(self, message):
|
|
+ dlg = gtk.MessageDialog(None, 0, gtk.MESSAGE_ERROR,
|
|
+ gtk.BUTTONS_CLOSE,
|
|
+ message)
|
|
+ dlg.set_position(gtk.WIN_POS_MOUSE)
|
|
+ dlg.show_all()
|
|
+ dlg.run()
|
|
+ dlg.destroy()
|
|
+
|
|
+ def get_name(self):
|
|
+ return self.name_entry.get_text()
|
|
+
|
|
+ def get_type(self):
|
|
+ if self.cgi_radiobutton.get_active():
|
|
+ return polgen.CGI
|
|
+ if self.user_radiobutton.get_active():
|
|
+ return polgen.USER
|
|
+ if self.init_radiobutton.get_active():
|
|
+ return polgen.DAEMON
|
|
+ if self.inetd_radiobutton.get_active():
|
|
+ return polgen.INETD
|
|
+ if self.xwindows_login_user_radiobutton.get_active():
|
|
+ return polgen.XUSER
|
|
+ if self.terminal_login_user_radiobutton.get_active():
|
|
+ return polgen.TUSER
|
|
+ if self.root_user_radiobutton.get_active():
|
|
+ return polgen.RUSER
|
|
+
|
|
+ def generate_policy(self, *args):
|
|
+ try:
|
|
+ my_policy=polgen.policy(self.get_name(), self.get_type())
|
|
+ my_policy.set_in_tcp(self.in_tcp_all_checkbutton.get_active(), self.in_tcp_reserved_checkbutton.get_active(), self.in_tcp_unreserved_checkbutton.get_active(), self.in_tcp_entry.get_text())
|
|
+ my_policy.set_in_udp(self.in_udp_all_checkbutton.get_active(), self.in_udp_reserved_checkbutton.get_active(), self.in_udp_unreserved_checkbutton.get_active(), self.in_udp_entry.get_text())
|
|
+ my_policy.set_out_tcp(self.out_tcp_all_checkbutton.get_active(), self.out_tcp_entry.get_text())
|
|
+ my_policy.set_out_udp(self.out_udp_all_checkbutton.get_active(), self.out_udp_entry.get_text())
|
|
+ if self.get_type() in polgen.APPLICATIONS:
|
|
+ my_policy.set_program(self.exec_entry.get_text())
|
|
+ my_policy.set_use_syslog(self.syslog_checkbutton.get_active() == 1)
|
|
+ my_policy.set_use_tmp(self.tmp_checkbutton.get_active() == 1)
|
|
+ my_policy.set_use_uid(self.uid_checkbutton.get_active() == 1)
|
|
+ my_policy.set_use_pam(self.pam_checkbutton.get_active() == 1)
|
|
+ if self.get_type() is polgen.DAEMON:
|
|
+ my_policy.set_init_script(self.init_script_entry.get_text())
|
|
+ if self.get_type() == polgen.USER:
|
|
+ selected = []
|
|
+ self.user_transition_treeview.get_selection().selected_foreach(foreach, selected)
|
|
+ my_policy.set_transition_users(selected)
|
|
+ else:
|
|
+ if self.get_type() == polgen.RUSER:
|
|
+ selected = []
|
|
+ self.admin_treeview.get_selection().selected_foreach(foreach, selected)
|
|
+ my_policy.set_admin_domains(selected)
|
|
+ else:
|
|
+ selected = []
|
|
+ self.transition_treeview.get_selection().selected_foreach(foreach, selected)
|
|
+ my_policy.set_transition_domains(selected)
|
|
+
|
|
+ selected = []
|
|
+ self.role_treeview.get_selection().selected_foreach(foreach, selected)
|
|
+ my_policy.set_admin_roles(selected)
|
|
+
|
|
+ iter= self.store.get_iter_first()
|
|
+ while(iter):
|
|
+ if self.store.get_value(iter, 1) == FILE:
|
|
+ my_policy.add_file(self.store.get_value(iter, 0))
|
|
+ else:
|
|
+ my_policy.add_dir(self.store.get_value(iter, 0))
|
|
+ iter= self.store.iter_next(iter)
|
|
+
|
|
+ self.info(my_policy.generate(self.output_entry.get_text()))
|
|
+ return False
|
|
+ except ValueError, e:
|
|
+ self.error(e.message)
|
|
+
|
|
+ def delete(self, args):
|
|
+ store, iter = self.view.get_selection().get_selected()
|
|
+ if iter != None:
|
|
+ store.remove(iter)
|
|
+ self.view.get_selection().select_path ((0,))
|
|
+
|
|
+ def __add(self,type):
|
|
+ rc = self.file_dialog.run()
|
|
+ self.file_dialog.hide()
|
|
+ if rc == gtk.RESPONSE_CANCEL:
|
|
+ return
|
|
+ for i in self.file_dialog.get_filenames():
|
|
+ iter = self.store.append()
|
|
+ self.store.set_value(iter, 0, i)
|
|
+ self.store.set_value(iter, 1, type)
|
|
+
|
|
+ def exec_select(self, args):
|
|
+ self.file_dialog.set_select_multiple(0)
|
|
+ self.file_dialog.set_title(_("Select executable file to be confined."))
|
|
+ self.file_dialog.set_action(gtk.FILE_CHOOSER_ACTION_SAVE)
|
|
+ self.file_dialog.set_current_folder("/usr/sbin")
|
|
+ rc = self.file_dialog.run()
|
|
+ self.file_dialog.hide()
|
|
+ if rc == gtk.RESPONSE_CANCEL:
|
|
+ return
|
|
+ self.exec_entry.set_text(self.file_dialog.get_filename())
|
|
+
|
|
+ def init_script_select(self, args):
|
|
+ self.file_dialog.set_select_multiple(0)
|
|
+ self.file_dialog.set_title(_("Select init script file to be confined."))
|
|
+ self.file_dialog.set_action(gtk.FILE_CHOOSER_ACTION_SAVE)
|
|
+ self.file_dialog.set_current_folder("/etc/init.d")
|
|
+ rc = self.file_dialog.run()
|
|
+ self.file_dialog.hide()
|
|
+ if rc == gtk.RESPONSE_CANCEL:
|
|
+ return
|
|
+ self.init_script_entry.set_text(self.file_dialog.get_filename())
|
|
+
|
|
+ def add(self, args):
|
|
+ self.file_dialog.set_title(_("Select file(s) that confined application creates or writes"))
|
|
+ self.file_dialog.set_select_multiple(1)
|
|
+ self.file_dialog.set_action(gtk.FILE_CHOOSER_ACTION_OPEN)
|
|
+ self.__add(FILE)
|
|
+
|
|
+ def add_dir(self, args):
|
|
+ self.file_dialog.set_title(_("Select directory(s) that the confined application owns and writes into"))
|
|
+ self.file_dialog.set_select_multiple(0)
|
|
+ self.file_dialog.set_action(gtk.FILE_CHOOSER_ACTION_CREATE_FOLDER)
|
|
+ self.__add(DIR)
|
|
+
|
|
+ def on_about_clicked(self, args):
|
|
+ dlg = xml.get_widget ("about_dialog")
|
|
+ dlg.run ()
|
|
+ dlg.hide ()
|
|
+
|
|
+ def quit(self, args):
|
|
+ gtk.main_quit()
|
|
+
|
|
+ def setupScreen(self):
|
|
+ # Bring in widgets from glade file.
|
|
+ self.mainWindow = self.xml.get_widget("main_window")
|
|
+ self.druid = self.xml.get_widget("druid")
|
|
+ self.type = 0
|
|
+ self.name_entry = self.xml.get_widget("name_entry")
|
|
+ self.exec_entry = self.xml.get_widget("exec_entry")
|
|
+ self.exec_button = self.xml.get_widget("exec_button")
|
|
+ self.init_script_entry = self.xml.get_widget("init_script_entry")
|
|
+ self.init_script_button = self.xml.get_widget("init_script_button")
|
|
+ self.output_entry = self.xml.get_widget("output_entry")
|
|
+ self.output_entry.set_text(os.getcwd())
|
|
+ self.xml.get_widget("output_button").connect("clicked",self.output_button_clicked)
|
|
+
|
|
+ self.xwindows_login_user_radiobutton = self.xml.get_widget("xwindows_login_user_radiobutton")
|
|
+ self.terminal_login_user_radiobutton = self.xml.get_widget("terminal_login_user_radiobutton")
|
|
+ self.root_user_radiobutton = self.xml.get_widget("root_user_radiobutton")
|
|
+
|
|
+ self.user_radiobutton = self.xml.get_widget("user_radiobutton")
|
|
+ self.init_radiobutton = self.xml.get_widget("init_radiobutton")
|
|
+ self.inetd_radiobutton = self.xml.get_widget("inetd_radiobutton")
|
|
+ self.cgi_radiobutton = self.xml.get_widget("cgi_radiobutton")
|
|
+ self.tmp_checkbutton = self.xml.get_widget("tmp_checkbutton")
|
|
+ self.uid_checkbutton = self.xml.get_widget("uid_checkbutton")
|
|
+ self.pam_checkbutton = self.xml.get_widget("pam_checkbutton")
|
|
+ self.syslog_checkbutton = self.xml.get_widget("syslog_checkbutton")
|
|
+ self.view = self.xml.get_widget("write_treeview")
|
|
+ self.file_dialog = self.xml.get_widget("filechooserdialog")
|
|
+
|
|
+ self.store = gtk.ListStore(gobject.TYPE_STRING, gobject.TYPE_INT)
|
|
+ self.view.set_model(self.store)
|
|
+ col = gtk.TreeViewColumn("", gtk.CellRendererText(), text = 0)
|
|
+ col.set_resizable(True)
|
|
+ self.view.append_column(col)
|
|
+ self.view.get_selection().select_path ((0,))
|
|
+
|
|
+ def output_button_clicked(self, *args):
|
|
+ self.file_dialog.set_title(_("Select directory to generate policy files in"))
|
|
+ self.file_dialog.set_action(gtk.FILE_CHOOSER_ACTION_SELECT_FOLDER)
|
|
+ self.file_dialog.set_select_multiple(0)
|
|
+ rc = self.file_dialog.run()
|
|
+ self.file_dialog.hide()
|
|
+ if rc == gtk.RESPONSE_CANCEL:
|
|
+ return
|
|
+ self.output_entry.set_text(self.file_dialog.get_filename())
|
|
+
|
|
+ def on_in_net_page_next(self, *args):
|
|
+ try:
|
|
+ polgen.verify_ports(self.in_tcp_entry.get_text())
|
|
+ polgen.verify_ports(self.in_udp_entry.get_text())
|
|
+ except ValueError, e:
|
|
+ self.error(e.message)
|
|
+ return True
|
|
+
|
|
+ def on_out_net_page_next(self, *args):
|
|
+ try:
|
|
+ polgen.verify_ports(self.out_tcp_entry.get_text())
|
|
+ polgen.verify_ports(self.out_udp_entry.get_text())
|
|
+ except ValueError, e:
|
|
+ self.error(e.message)
|
|
+ return True
|
|
+
|
|
+ def on_select_type_page_next(self, *args):
|
|
+ self.exec_entry.set_sensitive(self.confine_application())
|
|
+ self.exec_button.set_sensitive(self.confine_application())
|
|
+ self.init_script_entry.set_sensitive(self.init_radiobutton.get_active())
|
|
+ self.init_script_button.set_sensitive(self.init_radiobutton.get_active())
|
|
+
|
|
+ def on_name_page_next(self, *args):
|
|
+ name=self.name_entry.get_text()
|
|
+ if name == "":
|
|
+ self.error(_("You must enter a name"))
|
|
+ return True
|
|
+
|
|
+ if self.confine_application():
|
|
+ exe = self.exec_entry.get_text()
|
|
+ if exe == "":
|
|
+ self.error(_("You must enter a executable"))
|
|
+ return True
|
|
+
|
|
+ def stand_alone(self):
|
|
+ desktopName = _("Configue SELinux")
|
|
+
|
|
+ self.setupScreen()
|
|
+ self.mainWindow.connect("destroy", self.quit)
|
|
+
|
|
+ self.mainWindow.show_all()
|
|
+ gtk.main()
|
|
+
|
|
+if __name__ == "__main__":
|
|
+ signal.signal (signal.SIGINT, signal.SIG_DFL)
|
|
+
|
|
+ app = childWindow()
|
|
+ app.stand_alone()
|
|
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycoreutils-2.0.27/gui/polgen.py
|
|
--- nsapolicycoreutils/gui/polgen.py 1969-12-31 19:00:00.000000000 -0500
|
|
+++ policycoreutils-2.0.27/gui/polgen.py 2007-10-02 16:15:54.000000000 -0400
|
|
@@ -0,0 +1,808 @@
|
|
+# Copyright (C) 2007 Red Hat
|
|
+# see file 'COPYING' for use and warranty information
|
|
+#
|
|
+# policygentool is a tool for the initial generation of SELinux policy
|
|
+#
|
|
+# This program is free software; you can redistribute it and/or
|
|
+# modify it under the terms of the GNU General Public License as
|
|
+# published by the Free Software Foundation; either version 2 of
|
|
+# the License, or (at your option) any later version.
|
|
+#
|
|
+# This program is distributed in the hope that it will be useful,
|
|
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
+# GNU General Public License for more details.
|
|
+#
|
|
+# You should have received a copy of the GNU General Public License
|
|
+# along with this program; if not, write to the Free Software
|
|
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
|
|
+# 02111-1307 USA
|
|
+#
|
|
+#
|
|
+import os, sys, stat
|
|
+import re
|
|
+from templates import executable
|
|
+from templates import var_spool
|
|
+from templates import var_lib
|
|
+from templates import var_log
|
|
+from templates import var_run
|
|
+from templates import tmp
|
|
+from templates import rw
|
|
+from templates import network
|
|
+from templates import script
|
|
+from templates import user
|
|
+import seobject
|
|
+import sepolgen.interfaces as interfaces
|
|
+import sepolgen.defaults as defaults
|
|
+
|
|
+##
|
|
+## I18N
|
|
+##
|
|
+PROGNAME="system-config-selinux"
|
|
+
|
|
+import gettext
|
|
+gettext.bindtextdomain(PROGNAME, "/usr/share/locale")
|
|
+gettext.textdomain(PROGNAME)
|
|
+try:
|
|
+ gettext.install(PROGNAME,
|
|
+ localedir="/usr/share/locale",
|
|
+ unicode=False,
|
|
+ codeset = 'utf-8')
|
|
+except IOError:
|
|
+ import __builtin__
|
|
+ __builtin__.__dict__['_'] = unicode
|
|
+
|
|
+methods = []
|
|
+fn = defaults.interface_info()
|
|
+try:
|
|
+ fd = open(fn)
|
|
+ # List of per_role_template interfaces
|
|
+ ifs = interfaces.InterfaceSet()
|
|
+ ifs.from_file(fd)
|
|
+ methods = ifs.interfaces.keys()
|
|
+ fd.close()
|
|
+except:
|
|
+ sys.stderr.write("could not open interface info [%s]\n" % fn)
|
|
+ sys.exit(1)
|
|
+
|
|
+def get_users():
|
|
+ users = []
|
|
+ userdict = seobject.seluserRecords().get_all()
|
|
+ for i in userdict.keys():
|
|
+ if userdict[i][0] not in users:
|
|
+ users.append(userdict[i][0])
|
|
+ users.sort()
|
|
+ return users
|
|
+
|
|
+
|
|
+ALL = 0
|
|
+RESERVED = 1
|
|
+UNRESERVED = 2
|
|
+PORTS = 3
|
|
+ADMIN_TRANSITION_INTERFACE = "_admin$"
|
|
+USER_TRANSITION_INTERFACE = "_per_role_template$"
|
|
+
|
|
+DAEMON = 0
|
|
+INETD = 1
|
|
+USER = 2
|
|
+CGI = 3
|
|
+XUSER = 4
|
|
+TUSER = 5
|
|
+RUSER = 6
|
|
+APPLICATIONS = [ DAEMON, INETD, USER, CGI ]
|
|
+USERS = [ XUSER, TUSER, RUSER ]
|
|
+
|
|
+def verify_ports(ports):
|
|
+ if ports == "":
|
|
+ return []
|
|
+ max_port=2**16
|
|
+ try:
|
|
+ temp = []
|
|
+ for a in ports.split(","):
|
|
+ r = a.split("-")
|
|
+ if len(r) > 2:
|
|
+ raise ValueError
|
|
+ if len(r) == 1:
|
|
+ begin = int (r[0])
|
|
+ end = int (r[0])
|
|
+ else:
|
|
+ begin = int (r[0])
|
|
+ end = int (r[1])
|
|
+
|
|
+ if begin > end:
|
|
+ raise ValueError
|
|
+
|
|
+ for p in range(begin, end + 1):
|
|
+ if p < 1 or p > max_port:
|
|
+ raise ValueError
|
|
+ temp.append(p)
|
|
+ return temp
|
|
+ except ValueError:
|
|
+ raise ValueError(_("Ports must be be numbers or ranges of numbers from 1 to %d " % max_port ))
|
|
+
|
|
+class policy:
|
|
+
|
|
+ def __init__(self, name, type):
|
|
+ ports = seobject.portRecords()
|
|
+ self.ports = ports.get_all()
|
|
+
|
|
+ self.DEFAULT_DIRS = {}
|
|
+ self.DEFAULT_DIRS["rw"] = ["rw", [], rw];
|
|
+ self.DEFAULT_DIRS["tmp"] = ["tmp", [], tmp];
|
|
+ self.DEFAULT_DIRS["/var/spool"] = ["var_spool", [], var_spool];
|
|
+ self.DEFAULT_DIRS["/var/lib"] = ["var_lib", [], var_lib];
|
|
+ self.DEFAULT_DIRS["/var/log"] = ["var_log", [], var_log];
|
|
+ self.DEFAULT_DIRS["/var/run"] = ["var_run", [], var_run];
|
|
+
|
|
+ self.DEFAULT_TYPES = (( self.generate_daemon_types, self.generate_daemon_rules), ( self.generate_inetd_types, self.generate_inetd_rules), ( self.generate_userapp_types, self.generate_userapp_rules), ( self.generate_cgi_types, self.generate_cgi_rules), ( self.generate_x_login_user_types, self.generate_x_login_user_rules), ( self.generate_login_user_types, self.generate_login_user_rules), ( self.generate_root_user_types, self.generate_root_user_rules))
|
|
+ if name == "":
|
|
+ raise ValueError(_("You must enter a name for your confined process"))
|
|
+ if type == CGI:
|
|
+ self.name = "httpd_%s_script" % name
|
|
+ else:
|
|
+ self.name = name
|
|
+ self.file_name = name
|
|
+
|
|
+ self.type = type
|
|
+ self.initscript = ""
|
|
+ self.program = ""
|
|
+ self.in_tcp = [False, False, False, []]
|
|
+ self.in_udp = [False, False, False, []]
|
|
+ self.out_tcp = [False, False, False, []]
|
|
+ self.out_udp = [False, False, False, []]
|
|
+ self.use_tmp = False
|
|
+ self.use_uid = False
|
|
+ self.use_syslog = False
|
|
+ self.use_pam = False
|
|
+ self.use_dbus = False
|
|
+ self.use_audit = False
|
|
+ self.use_terminal = False
|
|
+ self.use_mail = False
|
|
+ self.files = {}
|
|
+ self.dirs = {}
|
|
+ self.found_tcp_ports=[]
|
|
+ self.found_udp_ports=[]
|
|
+ self.need_tcp_type=False
|
|
+ self.need_udp_type=False
|
|
+ self.admin_domains = []
|
|
+ self.transition_domains = []
|
|
+ self.roles = []
|
|
+
|
|
+ def __isnetset(self, l):
|
|
+ return l[ALL] or l[RESERVED] or l[UNRESERVED] or len(l[PORTS]) > 0
|
|
+
|
|
+ def set_admin_domains(self, admin_domains):
|
|
+ self.admin_domains = admin_domains
|
|
+
|
|
+ def set_admin_roles(self, roles):
|
|
+ self.roles = roles
|
|
+
|
|
+ def set_transition_domains(self, transition_domains):
|
|
+ self.transition_domains = transition_domains
|
|
+
|
|
+ def set_transition_users(self, transition_users):
|
|
+ self.transition_users = transition_users
|
|
+
|
|
+ def use_in_udp(self):
|
|
+ return self.__isnetset(self.in_udp)
|
|
+
|
|
+ def use_out_udp(self):
|
|
+ return self.__isnetset(self.out_udp)
|
|
+
|
|
+ def use_udp(self):
|
|
+ return self.use_in_udp() or self.use_out_udp()
|
|
+
|
|
+ def use_in_tcp(self):
|
|
+ return self.__isnetset(self.in_tcp)
|
|
+
|
|
+ def use_out_tcp(self):
|
|
+ return self.__isnetset(self.out_tcp)
|
|
+
|
|
+ def use_tcp(self):
|
|
+ return self.use_in_tcp() or self.use_out_tcp()
|
|
+
|
|
+ def use_network(self):
|
|
+ return self.use_tcp() or self.use_udp()
|
|
+
|
|
+ def find_port(self, port):
|
|
+ for begin,end in self.ports.keys():
|
|
+ if port >= begin and port <= end:
|
|
+ return self.ports[begin,end]
|
|
+ return None
|
|
+
|
|
+ def set_program(self, program):
|
|
+ if self.type not in APPLICATIONS:
|
|
+ raise ValueError(_("USER Types are not allowed executables"))
|
|
+
|
|
+ self.program = program
|
|
+
|
|
+ def set_init_script(self, initscript):
|
|
+ if self.type != DAEMON:
|
|
+ raise ValueError(_("Only DAEMON apps can use an init script"))
|
|
+
|
|
+ self.initscript = initscript
|
|
+
|
|
+ def set_in_tcp(self, all, reserved, unreserved, ports):
|
|
+ self.in_tcp = [ all, reserved, unreserved, verify_ports(ports)]
|
|
+
|
|
+ def set_in_udp(self, all, reserved, unreserved, ports):
|
|
+ self.in_udp = [ all, reserved, unreserved, verify_ports(ports)]
|
|
+
|
|
+ def set_out_tcp(self, all, ports):
|
|
+ self.out_tcp = [ all , False, False, verify_ports(ports) ]
|
|
+
|
|
+ def set_out_udp(self, all, ports):
|
|
+ self.out_udp = [ all , False, False, verify_ports(ports) ]
|
|
+
|
|
+ def set_use_syslog(self, val):
|
|
+ if val != True and val != False:
|
|
+ raise ValueError(_("use_syslog must be a boolean value "))
|
|
+
|
|
+ self.use_syslog = val
|
|
+
|
|
+ def set_use_pam(self, val):
|
|
+ self.use_pam = val == True
|
|
+
|
|
+ def set_use_dbus(self, val):
|
|
+ self.use_dbus = val == True
|
|
+
|
|
+ def set_use_audit(self, val):
|
|
+ self.use_audit = val == True
|
|
+
|
|
+ def set_use_terminal(self, val):
|
|
+ self.use_terminal = val == True
|
|
+
|
|
+ def set_use_mail(self, val):
|
|
+ self.use_mail = val == True
|
|
+
|
|
+ def set_use_tmp(self, val):
|
|
+ if self.type not in APPLICATIONS:
|
|
+ raise ValueError(_("USER Types autoomatically get a tmp type"))
|
|
+
|
|
+ if val:
|
|
+ self.DEFAULT_DIRS["tmp"][1].append("/tmp");
|
|
+ else:
|
|
+ self.DEFAULT_DIRS["tmp"][1]=[]
|
|
+
|
|
+ def set_use_uid(self, val):
|
|
+ self.use_uid = val == True
|
|
+
|
|
+ def generate_uid_rules(self):
|
|
+ if self.use_uid:
|
|
+ return re.sub("TEMPLATETYPE", self.name, executable.te_uid_rules)
|
|
+ else:
|
|
+ return ""
|
|
+
|
|
+ def generate_syslog_rules(self):
|
|
+ if self.use_syslog:
|
|
+ return re.sub("TEMPLATETYPE", self.name, executable.te_syslog_rules)
|
|
+ else:
|
|
+ return ""
|
|
+
|
|
+ def generate_pam_rules(self):
|
|
+ newte =""
|
|
+ if self.use_pam:
|
|
+ newte = re.sub("TEMPLATETYPE", self.name, executable.te_pam_rules)
|
|
+ return newte
|
|
+
|
|
+ def generate_audit_rules(self):
|
|
+ newte =""
|
|
+ if self.use_audit:
|
|
+ newte = re.sub("TEMPLATETYPE", self.name, executable.te_audit_rules)
|
|
+ return newte
|
|
+
|
|
+ def generate_dbus_rules(self):
|
|
+ newte =""
|
|
+ if self.use_dbus:
|
|
+ newte = re.sub("TEMPLATETYPE", self.name, executable.te_dbus_rules)
|
|
+ return newte
|
|
+
|
|
+ def generate_mail_rules(self):
|
|
+ newte =""
|
|
+ if self.use_mail:
|
|
+ newte = re.sub("TEMPLATETYPE", self.name, executable.te_mail_rules)
|
|
+ return newte
|
|
+
|
|
+ def generate_network_action(self, protocol, action, port_name):
|
|
+ line = ""
|
|
+ method = "corenet_%s_%s_%s" % (protocol, action, port_name)
|
|
+ if method in methods:
|
|
+ line = "%s(%s_t)\n" % (method, self.name)
|
|
+ else:
|
|
+ line = """
|
|
+gen_require(`
|
|
+ type %s_t;
|
|
+')
|
|
+allow %s_t %s_t:%s_socket name_%s;
|
|
+""" % (port_name, self.name, port_name, protocol, action)
|
|
+ return line
|
|
+
|
|
+ def generate_network_types(self):
|
|
+ for i in self.in_tcp[PORTS]:
|
|
+ rec = self.find_port(int(i))
|
|
+ if rec == None:
|
|
+ self.need_tcp_type = True;
|
|
+ else:
|
|
+ port_name = rec[0][:-2]
|
|
+ line = self.generate_network_action("tcp", "bind", port_name)
|
|
+# line = "corenet_tcp_bind_%s(%s_t)\n" % (port_name, self.name)
|
|
+ if line not in self.found_tcp_ports:
|
|
+ self.found_tcp_ports.append(line)
|
|
+
|
|
+ for i in self.out_tcp[PORTS]:
|
|
+ rec = self.find_port(int(i))
|
|
+ if rec == None:
|
|
+ self.need_tcp_type = True;
|
|
+ else:
|
|
+ port_name = rec[0][:-2]
|
|
+ line = self.generate_network_action("tcp", "connect", port_name)
|
|
+# line = "corenet_tcp_connect_%s(%s_t)\n" % (port_name, self.name)
|
|
+ if line not in self.found_tcp_ports:
|
|
+ self.found_tcp_ports.append(line)
|
|
+
|
|
+ for i in self.in_udp[PORTS]:
|
|
+ rec = self.find_port(int(i))
|
|
+ if rec == None:
|
|
+ self.need_udp_type = True;
|
|
+ else:
|
|
+ port_name = rec[0][:-2]
|
|
+ line = self.generate_network_action("udp", "bind", port_name)
|
|
+# line = "corenet_udp_bind_%s(%s_t)\n" % (port_name, self.name)
|
|
+ if line not in self.found_udp_ports:
|
|
+ self.found_udp_ports.append(line)
|
|
+
|
|
+ if self.need_udp_type == True or self.need_tcp_type == True:
|
|
+ return re.sub("TEMPLATETYPE", self.name, network.te_port_types)
|
|
+ return ""
|
|
+
|
|
+ def __find_path(self, file):
|
|
+ for d in self.DEFAULT_DIRS:
|
|
+ if file.find(d) == 0:
|
|
+ self.DEFAULT_DIRS[d][1].append(file)
|
|
+ return self.DEFAULT_DIRS[d]
|
|
+ self.DEFAULT_DIRS["rw"][1].append(file)
|
|
+ return self.DEFAULT_DIRS["rw"]
|
|
+
|
|
+ def add_file(self, file):
|
|
+ self.files[file] = self.__find_path(file)
|
|
+
|
|
+ def add_dir(self, file):
|
|
+ self.dirs[file] = self.__find_path(file)
|
|
+
|
|
+ def generate_network_rules(self):
|
|
+ newte = ""
|
|
+ if self.use_network():
|
|
+ newte = "\n"
|
|
+
|
|
+ newte += re.sub("TEMPLATETYPE", self.name, network.te_network)
|
|
+
|
|
+ if self.use_tcp():
|
|
+ newte += "\n"
|
|
+ newte += re.sub("TEMPLATETYPE", self.name, network.te_tcp)
|
|
+
|
|
+ if self.use_in_tcp():
|
|
+ newte += re.sub("TEMPLATETYPE", self.name, network.te_in_tcp)
|
|
+
|
|
+ if self.need_tcp_type and len(self.in_tcp[PORTS]) > 0:
|
|
+ newte += re.sub("TEMPLATETYPE", self.name, network.te_in_need_port_tcp)
|
|
+
|
|
+ if self.need_tcp_type and len(self.out_tcp[PORTS]) > 0:
|
|
+ newte += re.sub("TEMPLATETYPE", self.name, network.te_out_need_port_tcp)
|
|
+
|
|
+
|
|
+ if self.in_tcp[ALL]:
|
|
+ newte += re.sub("TEMPLATETYPE", self.name, network.te_in_all_ports_tcp)
|
|
+ if self.in_tcp[RESERVED]:
|
|
+ newte += re.sub("TEMPLATETYPE", self.name, network.te_in_reserved_ports_tcp)
|
|
+ if self.in_tcp[UNRESERVED]:
|
|
+ newte += re.sub("TEMPLATETYPE", self.name, network.te_in_unreserved_ports_tcp)
|
|
+
|
|
+ if self.out_tcp[ALL]:
|
|
+ newte += re.sub("TEMPLATETYPE", self.name, network.te_out_all_ports_tcp)
|
|
+ if self.out_tcp[RESERVED]:
|
|
+ newte += re.sub("TEMPLATETYPE", self.name, network.te_out_reserved_ports_tcp)
|
|
+ if self.out_tcp[UNRESERVED]:
|
|
+ newte += re.sub("TEMPLATETYPE", self.name, network.te_out_unreserved_ports_tcp)
|
|
+
|
|
+ for i in self.found_tcp_ports:
|
|
+ newte += i
|
|
+
|
|
+ if self.use_udp():
|
|
+ newte += "\n"
|
|
+ newte += re.sub("TEMPLATETYPE", self.name, network.te_udp)
|
|
+
|
|
+ if self.need_udp_type:
|
|
+ newte += re.sub("TEMPLATETYPE", self.name, network.te_in_need_port_udp)
|
|
+ if self.use_in_udp():
|
|
+ newte += re.sub("TEMPLATETYPE", self.name, network.te_in_udp)
|
|
+ if self.in_udp[ALL]:
|
|
+ newte += re.sub("TEMPLATETYPE", self.name, network.te_in_all_ports_udp)
|
|
+ if self.in_udp[RESERVED]:
|
|
+ newte += re.sub("TEMPLATETYPE", self.name, network.te_in_reserved_ports_udp)
|
|
+ if self.in_udp[UNRESERVED]:
|
|
+ newte += re.sub("TEMPLATETYPE", self.name, network.te_in_unreserved_ports_udp)
|
|
+
|
|
+ for i in self.found_udp_ports:
|
|
+ newte += i
|
|
+ return newte
|
|
+
|
|
+ def generate_transition_rules(self):
|
|
+ newte = ""
|
|
+ for app in self.transition_domains:
|
|
+ tmp = re.sub("TEMPLATETYPE", self.name, user.te_transition_rules)
|
|
+ newte += re.sub("APPLICATION", app, tmp)
|
|
+
|
|
+ if self.type == USER:
|
|
+ for u in self.transition_users:
|
|
+ temp = re.sub("TEMPLATETYPE", self.name, executable.te_userapp_trans_rules)
|
|
+ newte += re.sub("USER", u, temp)
|
|
+
|
|
+ return newte
|
|
+
|
|
+ def generate_admin_rules(self):
|
|
+ newte = ""
|
|
+ if self.type == RUSER:
|
|
+ newte += re.sub("TEMPLATETYPE", self.name, user.te_admin_rules)
|
|
+
|
|
+ for app in self.admin_domains:
|
|
+ tmp = re.sub("TEMPLATETYPE", self.name, user.te_admin_domain_rules)
|
|
+ newte += re.sub("APPLICATION", app, tmp)
|
|
+ return newte
|
|
+
|
|
+ def generate_admin_if(self):
|
|
+ newif = ""
|
|
+ if self.initscript != "":
|
|
+ newif += re.sub("TEMPLATETYPE", self.name, executable.if_initscript_admin)
|
|
+ for d in self.DEFAULT_DIRS:
|
|
+ if len(self.DEFAULT_DIRS[d][1]) > 0:
|
|
+ newif += re.sub("TEMPLATETYPE", self.name, self.DEFAULT_DIRS[d][2].if_admin_rules)
|
|
+
|
|
+ if newif != "":
|
|
+ ret = re.sub("TEMPLATETYPE", self.name, executable.if_begin_admin)
|
|
+ ret += newif
|
|
+ ret += re.sub("TEMPLATETYPE", self.name, executable.if_end_admin)
|
|
+ return ret
|
|
+
|
|
+ return ""
|
|
+
|
|
+ def generate_cgi_types(self):
|
|
+ return re.sub("TEMPLATETYPE", self.file_name, executable.te_cgi_types)
|
|
+
|
|
+ def generate_userapp_types(self):
|
|
+ return re.sub("TEMPLATETYPE", self.name, executable.te_userapp_types)
|
|
+
|
|
+ def generate_inetd_types(self):
|
|
+ return re.sub("TEMPLATETYPE", self.name, executable.te_inetd_types)
|
|
+
|
|
+ def generate_login_user_types(self):
|
|
+ return re.sub("TEMPLATETYPE", self.name, user.te_login_user_types)
|
|
+
|
|
+ def generate_x_login_user_types(self):
|
|
+ return re.sub("TEMPLATETYPE", self.name, user.te_x_login_user_types)
|
|
+
|
|
+ def generate_root_user_types(self):
|
|
+ return re.sub("TEMPLATETYPE", self.name, user.te_root_user_types)
|
|
+
|
|
+ def generate_daemon_types(self):
|
|
+ newte = re.sub("TEMPLATETYPE", self.name, executable.te_daemon_types)
|
|
+ if self.initscript != "":
|
|
+ newte += re.sub("TEMPLATETYPE", self.name, executable.te_initscript_types)
|
|
+ return newte
|
|
+
|
|
+ def generate_tmp_types(self):
|
|
+ if self.use_tmp:
|
|
+ return re.sub("TEMPLATETYPE", self.name, tmp.te_types)
|
|
+ else:
|
|
+ return ""
|
|
+
|
|
+ def generate_cgi_te(self):
|
|
+ return re.sub("TEMPLATETYPE", self.name, executable.te_cgi_types)
|
|
+
|
|
+ def generate_daemon_rules(self):
|
|
+ newif = re.sub("TEMPLATETYPE", self.name, executable.te_daemon_rules)
|
|
+
|
|
+ return newif
|
|
+
|
|
+ def generate_login_user_rules(self):
|
|
+ return re.sub("TEMPLATETYPE", self.name, user.te_login_user_rules)
|
|
+
|
|
+ def generate_x_login_user_rules(self):
|
|
+ return re.sub("TEMPLATETYPE", self.name, user.te_x_login_user_rules)
|
|
+
|
|
+ def generate_root_user_rules(self):
|
|
+ newte =re.sub("TEMPLATETYPE", self.name, user.te_root_user_rules)
|
|
+ return newte
|
|
+
|
|
+ def generate_userapp_rules(self):
|
|
+ return re.sub("TEMPLATETYPE", self.name, executable.te_userapp_rules)
|
|
+
|
|
+ def generate_inetd_rules(self):
|
|
+ return re.sub("TEMPLATETYPE", self.name, executable.te_inetd_rules)
|
|
+
|
|
+ def generate_tmp_rules(self):
|
|
+ if self.use_tmp:
|
|
+ return re.sub("TEMPLATETYPE", self.name, tmp.te_rules)
|
|
+ else:
|
|
+ return ""
|
|
+
|
|
+ def generate_cgi_rules(self):
|
|
+ newte = ""
|
|
+ newte += re.sub("TEMPLATETYPE", self.name, executable.te_cgi_rules)
|
|
+ return newte
|
|
+
|
|
+ def generate_user_if(self):
|
|
+ newif = ""
|
|
+ if self.type == USER:
|
|
+ newif += re.sub("TEMPLATETYPE", self.name, executable.if_user_program_rules)
|
|
+
|
|
+ return newif
|
|
+
|
|
+ def generate_terminal_if(self):
|
|
+ newif =""
|
|
+ if self.use_terminal:
|
|
+ newif = re.sub("TEMPLATETYPE", self.name, executable.if_terminal_rules)
|
|
+ return newif
|
|
+
|
|
+
|
|
+ def generate_if(self):
|
|
+ newif = ""
|
|
+ if self.program != "":
|
|
+ newif += re.sub("TEMPLATETYPE", self.name, executable.if_program_rules)
|
|
+ if self.initscript != "":
|
|
+ newif += re.sub("TEMPLATETYPE", self.name, executable.if_initscript_rules)
|
|
+
|
|
+ for d in self.DEFAULT_DIRS:
|
|
+ if len(self.DEFAULT_DIRS[d][1]) > 0:
|
|
+ newif += re.sub("TEMPLATETYPE", self.name, self.DEFAULT_DIRS[d][2].if_rules)
|
|
+ for i in self.DEFAULT_DIRS[d][1]:
|
|
+ if os.path.exists(i) and stat.S_ISSOCK(os.stat(i)[stat.ST_MODE]):
|
|
+ newif += re.sub("TEMPLATETYPE", self.name, self.DEFAULT_DIRS[d][2].if_stream_rules)
|
|
+ break
|
|
+ newif += self.generate_user_if()
|
|
+ newif += self.generate_admin_if()
|
|
+ newif += self.generate_terminal_if()
|
|
+
|
|
+ return newif
|
|
+
|
|
+ def generate_default_types(self):
|
|
+ return self.DEFAULT_TYPES[self.type][0]()
|
|
+
|
|
+ def generate_default_rules(self):
|
|
+ return self.DEFAULT_TYPES[self.type][1]()
|
|
+
|
|
+ def generate_roles_rules(self):
|
|
+ newte = ""
|
|
+ if self.type in ( TUSER, XUSER):
|
|
+ roles = ""
|
|
+ if len(self.roles) > 0:
|
|
+ newte += re.sub("TEMPLATETYPE", self.name, user.te_newrole_rules)
|
|
+ for role in self.roles:
|
|
+ tmp = re.sub("TEMPLATETYPE", self.name, user.te_roles_rules)
|
|
+ newte += re.sub("ROLE", role, tmp)
|
|
+ return newte
|
|
+
|
|
+ def generate_te(self):
|
|
+ newte = self.generate_default_types()
|
|
+ for d in self.DEFAULT_DIRS:
|
|
+ if len(self.DEFAULT_DIRS[d][1]) > 0:
|
|
+ # CGI scripts already have a rw_t
|
|
+ if self.type != CGI or d != "rw":
|
|
+ newte += re.sub("TEMPLATETYPE", self.name, self.DEFAULT_DIRS[d][2].te_types)
|
|
+
|
|
+ newte += self.generate_network_types()
|
|
+ newte += self.generate_tmp_types()
|
|
+ newte += self.generate_default_rules()
|
|
+
|
|
+ for d in self.DEFAULT_DIRS:
|
|
+ if len(self.DEFAULT_DIRS[d][1]) > 0:
|
|
+ newte += re.sub("TEMPLATETYPE", self.name, self.DEFAULT_DIRS[d][2].te_rules)
|
|
+ for i in self.DEFAULT_DIRS[d][1]:
|
|
+ if os.path.exists(i) and stat.S_ISSOCK(os.stat(i)[stat.ST_MODE]):
|
|
+ newte += re.sub("TEMPLATETYPE", self.name, self.DEFAULT_DIRS[d][2].te_stream_rules)
|
|
+ break
|
|
+
|
|
+ newte += self.generate_network_rules()
|
|
+ newte += self.generate_tmp_rules()
|
|
+ newte += self.generate_uid_rules()
|
|
+ newte += self.generate_syslog_rules()
|
|
+ newte += self.generate_pam_rules()
|
|
+ newte += self.generate_dbus_rules()
|
|
+ newte += self.generate_audit_rules()
|
|
+ newte += self.generate_mail_rules()
|
|
+ newte += self.generate_roles_rules()
|
|
+ newte += self.generate_transition_rules()
|
|
+ newte += self.generate_admin_rules()
|
|
+ return newte
|
|
+
|
|
+ def generate_fc(self):
|
|
+ newfc = ""
|
|
+ if self.program == "":
|
|
+ raise ValueError(_("You must enter the executable path for your confined process"))
|
|
+
|
|
+ t1 = re.sub("EXECUTABLE", self.program, executable.fc_program)
|
|
+ newfc += re.sub("TEMPLATETYPE", self.name, t1)
|
|
+
|
|
+ if self.initscript != "":
|
|
+ t1 = re.sub("EXECUTABLE", self.initscript, executable.fc_initscript)
|
|
+ newfc += re.sub("TEMPLATETYPE", self.name, t1)
|
|
+
|
|
+ for i in self.files.keys():
|
|
+ if os.path.exists(i) and stat.S_ISSOCK(os.stat(i)[stat.ST_MODE]):
|
|
+ t1 = re.sub("TEMPLATETYPE", self.name, self.files[i][2].fc_sock_file)
|
|
+ else:
|
|
+ t1 = re.sub("TEMPLATETYPE", self.name, self.files[i][2].fc_file)
|
|
+ t2 = re.sub("FILENAME", i, t1)
|
|
+ newfc += re.sub("FILETYPE", self.files[i][0], t2)
|
|
+
|
|
+ for i in self.dirs.keys():
|
|
+ t1 = re.sub("TEMPLATETYPE", self.name, self.dirs[i][2].fc_dir)
|
|
+ t2 = re.sub("FILENAME", i, t1)
|
|
+ newfc += re.sub("FILETYPE", self.dirs[i][0], t2)
|
|
+
|
|
+ return newfc
|
|
+
|
|
+ def generate_user_sh(self):
|
|
+ newsh = ""
|
|
+ if self.type in ( TUSER, XUSER):
|
|
+ roles = ""
|
|
+ for role in self.roles:
|
|
+ roles += " %s_r" % role
|
|
+ if roles != "":
|
|
+ roles += " system_r"
|
|
+ tmp = re.sub("TEMPLATETYPE", self.name, script.users)
|
|
+ newsh += re.sub("ROLES", roles, tmp)
|
|
+ return newsh
|
|
+
|
|
+ def generate_sh(self):
|
|
+ newsh = re.sub("TEMPLATETYPE", self.name, script.compile)
|
|
+ newsh = re.sub("PACKAGEFILENAME", self.file_name, newsh)
|
|
+ if self.program != "":
|
|
+ newsh += re.sub("FILENAME", self.program, script.restorecon)
|
|
+ if self.initscript != "":
|
|
+ newsh += re.sub("FILENAME", self.initscript, script.restorecon)
|
|
+
|
|
+ for i in self.files.keys():
|
|
+ newsh += re.sub("FILENAME", i, script.restorecon)
|
|
+
|
|
+ for i in self.dirs.keys():
|
|
+ newsh += re.sub("FILENAME", i, script.restorecon)
|
|
+
|
|
+ for i in self.in_tcp[PORTS] + self.out_tcp[PORTS]:
|
|
+ if self.find_port(i) == None:
|
|
+ t1 = re.sub("PORTNUM", "%d" % i, script.tcp_ports)
|
|
+ newsh += re.sub("TEMPLATETYPE", self.name, t1)
|
|
+
|
|
+ for i in self.in_udp[PORTS] + self.out_udp[PORTS]:
|
|
+ if self.find_port(i) == None:
|
|
+ t1 = re.sub("PORTNUM", "%d" % i, script.udp_ports)
|
|
+ newsh += re.sub("TEMPLATETYPE", self.name, t1)
|
|
+
|
|
+ newsh += self.generate_user_sh()
|
|
+
|
|
+ return newsh
|
|
+
|
|
+ def write_te(self, out_dir):
|
|
+ tefile = "%s/%s.te" % (out_dir, self.file_name)
|
|
+ fd = open(tefile, "w")
|
|
+ fd.write(self.generate_te())
|
|
+ fd.close()
|
|
+ return tefile
|
|
+
|
|
+ def write_sh(self, out_dir):
|
|
+ shfile = "%s/%s.sh" % (out_dir, self.file_name)
|
|
+ fd = open(shfile, "w")
|
|
+ fd.write(self.generate_sh())
|
|
+ fd.close()
|
|
+ return shfile
|
|
+
|
|
+ def write_if(self, out_dir):
|
|
+ iffile = "%s/%s.if" % (out_dir, self.file_name)
|
|
+ fd = open(iffile, "w")
|
|
+ fd.write(self.generate_if())
|
|
+ fd.close()
|
|
+ return iffile
|
|
+
|
|
+ def write_fc(self,out_dir):
|
|
+ fcfile = "%s/%s.fc" % (out_dir, self.file_name)
|
|
+ if self.type in APPLICATIONS:
|
|
+ fd = open(fcfile, "w")
|
|
+ fd.write(self.generate_fc())
|
|
+ fd.close()
|
|
+ return fcfile
|
|
+
|
|
+ def generate(self, out_dir = "."):
|
|
+ out = "Created the following files:\n"
|
|
+ out += "%-25s %s\n" % (_("Type Enforcment file"), self.write_te(out_dir))
|
|
+ out += "%-25s %s\n" % (_("Interface file"), self.write_if(out_dir))
|
|
+ out += "%-25s %s\n" % (_("File Contexts file"), self.write_fc(out_dir))
|
|
+ out += "%-25s %s\n" % (_("Setup Script"),self.write_sh(out_dir))
|
|
+ return out
|
|
+
|
|
+def errorExit(error):
|
|
+ sys.stderr.write("%s: " % sys.argv[0])
|
|
+ sys.stderr.write("%s\n" % error)
|
|
+ sys.stderr.flush()
|
|
+ sys.exit(1)
|
|
+
|
|
+
|
|
+if __name__ == '__main__':
|
|
+ mypolicy = policy("mycgi", CGI)
|
|
+ mypolicy.set_program("/var/www/cgi-bin/cgi")
|
|
+ mypolicy.set_in_tcp(1, 0, 0, "512, 55000-55000")
|
|
+ mypolicy.set_in_udp(1, 0, 0, "1513")
|
|
+ mypolicy.set_use_uid(True)
|
|
+ mypolicy.set_use_tmp(False)
|
|
+ mypolicy.set_use_syslog(True)
|
|
+ mypolicy.set_use_pam(True)
|
|
+ mypolicy.set_out_tcp(0,"8000")
|
|
+ print mypolicy.generate("/var/tmp")
|
|
+
|
|
+ mypolicy = policy("myuser", USER)
|
|
+ mypolicy.set_program("/usr/bin/myuser")
|
|
+ mypolicy.set_in_tcp(1, 0, 0, "513")
|
|
+ mypolicy.set_in_udp(1, 0, 0, "1513")
|
|
+ mypolicy.set_use_uid(True)
|
|
+ mypolicy.set_use_tmp(True)
|
|
+ mypolicy.set_use_syslog(True)
|
|
+ mypolicy.set_use_pam(True)
|
|
+ mypolicy.add_file("/var/lib/myuser/myuser.sock")
|
|
+ mypolicy.set_out_tcp(0,"8000")
|
|
+ mypolicy.set_transition_users(["unconfined", "staff"])
|
|
+ print mypolicy.generate("/var/tmp")
|
|
+
|
|
+
|
|
+ mypolicy = policy("myrwho", DAEMON)
|
|
+ mypolicy.set_program("/usr/sbin/myrwhod")
|
|
+ mypolicy.set_init_script("/etc/init.d/myrwhod")
|
|
+ mypolicy.set_in_tcp(1, 0, 0, "513")
|
|
+ mypolicy.set_use_uid(True)
|
|
+ mypolicy.set_use_tmp(True)
|
|
+ mypolicy.set_use_syslog(True)
|
|
+ mypolicy.set_use_pam(True)
|
|
+ mypolicy.add_dir("/var/run/myrwho")
|
|
+ mypolicy.add_dir("/var/lib/myrwho")
|
|
+ print mypolicy.generate("/var/tmp")
|
|
+
|
|
+ mypolicy = policy("myinetd", INETD)
|
|
+ mypolicy.set_program("/usr/bin/mytest")
|
|
+ mypolicy.set_in_tcp(1, 0, 0, "513")
|
|
+ mypolicy.set_in_udp(1, 0, 0, "1513")
|
|
+ mypolicy.set_use_uid(True)
|
|
+ mypolicy.set_use_tmp(True)
|
|
+ mypolicy.set_use_syslog(True)
|
|
+ mypolicy.set_use_pam(True)
|
|
+ mypolicy.add_file("/var/lib/mysql/mysql.sock")
|
|
+ mypolicy.add_file("/var/run/rpcbind.sock")
|
|
+ mypolicy.add_file("/var/run/daemon.pub")
|
|
+ mypolicy.add_file("/var/log/daemon.log")
|
|
+ mypolicy.add_dir("/var/lib/daemon")
|
|
+ mypolicy.add_dir("/etc/daemon")
|
|
+ mypolicy.add_dir("/etc/daemon/special")
|
|
+ mypolicy.set_use_uid(True)
|
|
+ mypolicy.set_use_syslog(True)
|
|
+ mypolicy.set_use_pam(True)
|
|
+ mypolicy.set_use_audit(True)
|
|
+ mypolicy.set_use_dbus(True)
|
|
+ mypolicy.set_use_terminal(True)
|
|
+ mypolicy.set_use_mail(True)
|
|
+ mypolicy.set_out_tcp(0,"8000")
|
|
+ print mypolicy.generate("/var/tmp")
|
|
+
|
|
+ mypolicy = policy("mytuser", TUSER)
|
|
+ mypolicy.set_transition_domains(["sudo"])
|
|
+ mypolicy.set_admin_roles(["mydbadm"])
|
|
+ print mypolicy.generate("/var/tmp")
|
|
+
|
|
+ mypolicy = policy("myxuser", XUSER)
|
|
+ mypolicy.set_in_tcp(1, 1, 1, "28920")
|
|
+ mypolicy.set_in_udp(0, 0, 1, "1513")
|
|
+ mypolicy.set_transition_domains(["mozilla"])
|
|
+ print mypolicy.generate("/var/tmp")
|
|
+
|
|
+ mypolicy = policy("mydbadm", RUSER)
|
|
+ mypolicy.set_admin_domains(["postgresql", "mysql"])
|
|
+ print mypolicy.generate("/var/tmp")
|
|
+
|
|
+ sys.exit(0)
|
|
+
|
|
+
|
|
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/portsPage.py policycoreutils-2.0.27/gui/portsPage.py
|
|
--- nsapolicycoreutils/gui/portsPage.py 1969-12-31 19:00:00.000000000 -0500
|
|
+++ policycoreutils-2.0.27/gui/portsPage.py 2007-10-01 17:44:08.000000000 -0400
|
|
@@ -0,0 +1,251 @@
|
|
+## portsPage.py - show selinux mappings
|
|
+## Copyright (C) 2006 Red Hat, Inc.
|
|
+
|
|
+## This program is free software; you can redistribute it and/or modify
|
|
+## it under the terms of the GNU General Public License as published by
|
|
+## the Free Software Foundation; either version 2 of the License, or
|
|
+## (at your option) any later version.
|
|
+
|
|
+## This program is distributed in the hope that it will be useful,
|
|
+## but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
+## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
+## GNU General Public License for more details.
|
|
+
|
|
+## You should have received a copy of the GNU General Public License
|
|
+## along with this program; if not, write to the Free Software
|
|
+## Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
|
|
+
|
|
+## Author: Dan Walsh
|
|
+import string
|
|
+import gtk
|
|
+import gtk.glade
|
|
+import os
|
|
+import gobject
|
|
+import sys
|
|
+import seobject
|
|
+import commands
|
|
+from semanagePage import *;
|
|
+
|
|
+##
|
|
+## I18N
|
|
+##
|
|
+PROGNAME = "policycoreutils"
|
|
+import gettext
|
|
+gettext.bindtextdomain(PROGNAME, "/usr/share/locale")
|
|
+gettext.textdomain(PROGNAME)
|
|
+TYPE_COL = 0
|
|
+PROTOCOL_COL = 1
|
|
+MLS_COL = 2
|
|
+PORT_COL = 3
|
|
+try:
|
|
+ gettext.install(PROGNAME,
|
|
+ localedir="/usr/share/locale",
|
|
+ unicode=False,
|
|
+ codeset = 'utf-8')
|
|
+except IOError:
|
|
+ import __builtin__
|
|
+ __builtin__.__dict__['_'] = unicode
|
|
+
|
|
+class portsPage(semanagePage):
|
|
+ def __init__(self, xml):
|
|
+ semanagePage.__init__(self, xml, "ports", "Network Port")
|
|
+ xml.signal_connect("on_group_clicked", self.on_group_clicked)
|
|
+ self.group = False
|
|
+ self.ports_filter = xml.get_widget("portsFilterEntry")
|
|
+ self.ports_filter.connect("focus_out_event", self.filter_changed)
|
|
+ self.ports_filter.connect("activate", self.filter_changed)
|
|
+ self.ports_name_entry = xml.get_widget("portsNameEntry")
|
|
+ self.ports_protocol_combo = xml.get_widget("portsProtocolCombo")
|
|
+ self.ports_number_entry = xml.get_widget("portsNumberEntry")
|
|
+ self.ports_mls_entry = xml.get_widget("portsMLSEntry")
|
|
+ self.ports_add_button = xml.get_widget("portsAddButton")
|
|
+ self.ports_properties_button = xml.get_widget("portsPropertiesButton")
|
|
+ self.ports_delete_button = xml.get_widget("portsDeleteButton")
|
|
+ liststore = self.ports_protocol_combo.get_model()
|
|
+ iter = liststore.get_iter_first()
|
|
+ self.ports_protocol_combo.set_active_iter(iter)
|
|
+ self.init_store()
|
|
+ self.edit = True
|
|
+ self.load()
|
|
+
|
|
+ def filter_changed(self, *arg):
|
|
+ filter = arg[0].get_text()
|
|
+ if filter != self.filter:
|
|
+ if self.edit:
|
|
+ self.load(filter)
|
|
+ else:
|
|
+ self.group_load(filter)
|
|
+
|
|
+ def init_store(self):
|
|
+ self.store = gtk.ListStore(gobject.TYPE_STRING, gobject.TYPE_STRING, gobject.TYPE_STRING , gobject.TYPE_STRING)
|
|
+ self.view.set_model(self.store)
|
|
+ self.store.set_sort_column_id(0, gtk.SORT_ASCENDING)
|
|
+
|
|
+ col = gtk.TreeViewColumn(_("SELinux Port\nType"), gtk.CellRendererText(), text = TYPE_COL)
|
|
+ col.set_sort_column_id(TYPE_COL)
|
|
+ col.set_resizable(True)
|
|
+ self.view.append_column(col)
|
|
+ self.store.set_sort_column_id(TYPE_COL, gtk.SORT_ASCENDING)
|
|
+
|
|
+ col = gtk.TreeViewColumn(_("Protocol"), gtk.CellRendererText(), text = PROTOCOL_COL)
|
|
+ col.set_sort_column_id(PROTOCOL_COL)
|
|
+ col.set_resizable(True)
|
|
+ self.view.append_column(col)
|
|
+
|
|
+ self.mls_col = gtk.TreeViewColumn(_("MLS/MCS\nLevel"), gtk.CellRendererText(), text = MLS_COL)
|
|
+ self.mls_col.set_resizable(True)
|
|
+ self.mls_col.set_sort_column_id(MLS_COL)
|
|
+ self.view.append_column(self.mls_col)
|
|
+
|
|
+ col = gtk.TreeViewColumn(_("Port"), gtk.CellRendererText(), text = PORT_COL)
|
|
+ col.set_sort_column_id(PORT_COL)
|
|
+ col.set_resizable(True)
|
|
+ self.view.append_column(col)
|
|
+ self.store.set_sort_func(PORT_COL,self.sort_int, "")
|
|
+
|
|
+ def sort_int(self, treemodel, iter1, iter2, user_data):
|
|
+ try:
|
|
+ p1 = int(treemodel.get_value(iter1,2))
|
|
+ p2 = int(treemodel.get_value(iter2,2))
|
|
+ if p1 > p2:
|
|
+ return 1
|
|
+ if p1 == p2:
|
|
+ return 0
|
|
+ return -1
|
|
+ except:
|
|
+ return 0
|
|
+
|
|
+ def load(self,filter = ""):
|
|
+ self.filter=filter
|
|
+ self.port = seobject.portRecords()
|
|
+ dict = self.port.get_all(self.local)
|
|
+ keys = dict.keys()
|
|
+ keys.sort()
|
|
+ self.store.clear()
|
|
+ for k in keys:
|
|
+ if not (self.match(str(k[0]), filter) or self.match(dict[k][0], filter) or self.match(dict[k][1], filter) or self.match(dict[k][2], filter)):
|
|
+ continue
|
|
+ iter = self.store.append()
|
|
+ if k[0] == k[1]:
|
|
+ self.store.set_value(iter, PORT_COL, k[0])
|
|
+ else:
|
|
+ rec = "%s-%s" % k
|
|
+ self.store.set_value(iter, PORT_COL, rec)
|
|
+ self.store.set_value(iter, TYPE_COL, dict[k][0])
|
|
+ self.store.set_value(iter, PROTOCOL_COL, dict[k][1])
|
|
+ self.store.set_value(iter, MLS_COL, dict[k][2])
|
|
+ self.view.get_selection().select_path ((0,))
|
|
+
|
|
+ def group_load(self, filter = ""):
|
|
+ self.filter=filter
|
|
+ self.port = seobject.portRecords()
|
|
+ dict = self.port.get_all_by_type(self.local)
|
|
+ keys = dict.keys()
|
|
+ keys.sort()
|
|
+ self.store.clear()
|
|
+ for k in keys:
|
|
+ ports_string = ", ".join(dict[k])
|
|
+ if not (self.match(ports_string, filter) or self.match(k[0], filter) or self.match(k[1], filter) ):
|
|
+ continue
|
|
+ iter = self.store.append()
|
|
+ self.store.set_value(iter, TYPE_COL, k[0])
|
|
+ self.store.set_value(iter, PROTOCOL_COL, k[1])
|
|
+ self.store.set_value(iter, PORT_COL, ports_string)
|
|
+ self.store.set_value(iter, MLS_COL, "")
|
|
+ self.view.get_selection().select_path ((0,))
|
|
+
|
|
+ def propertiesDialog(self):
|
|
+ if self.edit:
|
|
+ semanagePage.propertiesDialog(self)
|
|
+
|
|
+ def dialogInit(self):
|
|
+ store, iter = self.view.get_selection().get_selected()
|
|
+ self.ports_number_entry.set_text(store.get_value(iter, PORT_COL))
|
|
+ self.ports_number_entry.set_sensitive(False)
|
|
+ self.ports_protocol_combo.set_sensitive(False)
|
|
+ self.ports_name_entry.set_text(store.get_value(iter, TYPE_COL))
|
|
+ self.ports_mls_entry.set_text(store.get_value(iter, MLS_COL))
|
|
+ protocol = store.get_value(iter, PROTOCOL_COL)
|
|
+ liststore = self.ports_protocol_combo.get_model()
|
|
+ iter = liststore.get_iter_first()
|
|
+ while iter != None and liststore.get_value(iter,0) != protocol:
|
|
+ iter = liststore.iter_next(iter)
|
|
+ if iter != None:
|
|
+ self.ports_protocol_combo.set_active_iter(iter)
|
|
+
|
|
+ def dialogClear(self):
|
|
+ self.ports_number_entry.set_text("")
|
|
+ self.ports_number_entry.set_sensitive(True)
|
|
+ self.ports_protocol_combo.set_sensitive(True)
|
|
+ self.ports_name_entry.set_text("")
|
|
+ self.ports_mls_entry.set_text("s0")
|
|
+
|
|
+ def delete(self):
|
|
+ store, iter = self.view.get_selection().get_selected()
|
|
+ port = store.get_value(iter, PORT_COL)
|
|
+ protocol = store.get_value(iter, 1)
|
|
+ try:
|
|
+ (rc, out) = commands.getstatusoutput("semanage port -d -p %s %s" % (protocol, port))
|
|
+ if rc != 0:
|
|
+ return self.error(out)
|
|
+ store.remove(iter)
|
|
+ self.view.get_selection().select_path ((0,))
|
|
+ except ValueError, e:
|
|
+ self.error(e.args[0])
|
|
+
|
|
+ def add(self):
|
|
+ target = self.ports_name_entry.get_text().strip()
|
|
+ mls = self.ports_mls_entry.get_text().strip()
|
|
+ port_number = self.ports_number_entry.get_text().strip()
|
|
+ if port_number == "":
|
|
+ port_number = "1"
|
|
+ if not port_number.isdigit():
|
|
+ self.error(_("Port number \"%s\" is not valid. 0 < PORT_NUMBER < 65536 ") % port_number )
|
|
+ return False
|
|
+ list_model = self.ports_protocol_combo.get_model()
|
|
+ iter = self.ports_protocol_combo.get_active_iter()
|
|
+ protocol = list_model.get_value(iter,0)
|
|
+ (rc, out) = commands.getstatusoutput("semanage port -a -p %s -r %s -t %s %s" % (protocol, mls, target, port_number))
|
|
+ if rc != 0:
|
|
+ self.error(out)
|
|
+ return False
|
|
+ iter = self.store.append()
|
|
+
|
|
+ self.store.set_value(iter, TYPE_COL, target)
|
|
+ self.store.set_value(iter, PORT_COL, port_number)
|
|
+ self.store.set_value(iter, PROTOCOL_COL, protocol)
|
|
+ self.store.set_value(iter, MLS_COL, mls)
|
|
+
|
|
+ def modify(self):
|
|
+ target = self.ports_name_entry.get_text().strip()
|
|
+ mls = self.ports_mls_entry.get_text().strip()
|
|
+ port_number = self.ports_number_entry.get_text().strip()
|
|
+ list_model = self.ports_protocol_combo.get_model()
|
|
+ iter = self.ports_protocol_combo.get_active_iter()
|
|
+ protocol = list_model.get_value(iter,0)
|
|
+ (rc, out) = commands.getstatusoutput("semanage port -m -p %s -r %s -t %s %s" % (protocol, mls, target, port_number))
|
|
+ if rc != 0:
|
|
+ self.error(out)
|
|
+ return False
|
|
+ store, iter = self.view.get_selection().get_selected()
|
|
+ self.store.set_value(iter, TYPE_COL, target)
|
|
+ self.store.set_value(iter, PORT_COL, port_number)
|
|
+ self.store.set_value(iter, PROTOCOL_COL, protocol)
|
|
+ self.store.set_value(iter, MLS_COL, mls)
|
|
+
|
|
+ def on_group_clicked(self, button):
|
|
+ self.ports_add_button.set_sensitive(self.group)
|
|
+ self.ports_properties_button.set_sensitive(self.group)
|
|
+ self.ports_delete_button.set_sensitive(self.group)
|
|
+ self.mls_col.set_visible(self.group)
|
|
+
|
|
+ self.group = not self.group
|
|
+ if self.group:
|
|
+ button.set_label(_("List View"))
|
|
+ self.group_load(self.filter)
|
|
+ else:
|
|
+ button.set_label(_("Group View"))
|
|
+ self.load(self.filter)
|
|
+
|
|
+ return True
|
|
+
|
|
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/selinux.tbl policycoreutils-2.0.27/gui/selinux.tbl
|
|
--- nsapolicycoreutils/gui/selinux.tbl 1969-12-31 19:00:00.000000000 -0500
|
|
+++ policycoreutils-2.0.27/gui/selinux.tbl 2007-09-27 11:20:32.000000000 -0400
|
|
@@ -0,0 +1,295 @@
|
|
+! allow_console_login _("Login") _("Allow direct login to the console device. Required for System 390")
|
|
+acct_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for acct daemon")
|
|
+allow_cvs_read_shadow _("CVS") _("Allow cvs daemon to read shadow")
|
|
+allow_daemons_dump_core _("Admin") _("Allow all daemons to write corefiles to /")
|
|
+allow_daemons_use_tty _("Admin") _("Allow all daemons the ability to use unallocated ttys")
|
|
+allow_execheap _("Memory Protection") _("Allow unconfined executables to make their heap memory executable. Doing this is a really bad idea. Probably indicates a badly coded executable, but could indicate an attack. This executable should be reported in bugzilla")
|
|
+allow_execmem _("Memory Protection") _("Allow unconfined executables to map a memory region as both executable and writable, this is dangerous and the executable should be reported in bugzilla")
|
|
+allow_execmod _("Memory Protection") _("Allow all unconfined executables to use libraries requiring text relocation that are not labeled textrel_shlib_t")
|
|
+allow_execstack _("Memory Protection") _("Allow unconfined executables to make their stack executable. This should never, ever be necessary. Probably indicates a badly coded executable, but could indicate an attack. This executable should be reported in bugzilla")
|
|
+allow_ftpd_full_access _("FTP") _("Allow ftpd to full access to the system")
|
|
+allow_ftpd_anon_write _("FTP") _("Allow ftpd to upload files to directories labeled public_content_rw_t")
|
|
+allow_ftpd_use_cifs _("FTP") _("Allow ftp servers to use cifs used for public file transfer services")
|
|
+allow_ftpd_use_nfs _("FTP") _("Allow ftp servers to use nfs used for public file transfer services")
|
|
+allow_gpg_execstack _("Memory Protection") _("Allow gpg executable stack")
|
|
+allow_gadmin_exec_content _("User Privs") _("Allow gadmin SELinux user accounts to execute files in his home directory or /tmp")
|
|
+allow_gssd_read_tmp _("NFS") _("Allow gssd to read temp directory")
|
|
+allow_guest_exec_content _("User Privs") _("Allow guest SELinux user accounts to execute files in his home directory or /tmp")
|
|
+allow_httpd_anon_write _("HTTPD Service") _("Allow httpd daemon to write files in directories labeled public_content_rw_t")
|
|
+allow_httpd_dbus_avahi _("HTTPD Service") _("Allow Apache to communicate with avahi service")
|
|
+allow_httpd_mod_auth_pam _("HTTPD Service") _("Allow Apache to use mod_auth_pam")
|
|
+allow_httpd_sys_script_anon_write _("HTTPD Service") _("Allow httpd scripts to write files in directories labeled public_content_rw_t")
|
|
+allow_java_execstack _("Memory Protection") _("Allow java executable stack")
|
|
+allow_kerberos _("Kerberos") _("Allow daemons to use kerberos files")
|
|
+allow_mount_anyfile _("Mount") _("Allow mount to mount any file")
|
|
+allow_mounton_anydir _("Mount") _("Allow mount to mount any directory")
|
|
+allow_mplayer_execstack _("Memory Protection") _("Allow mplayer executable stack")
|
|
+allow_nfsd_anon_write _("NFS") _("Allow nfs servers to modify public files used for public file transfer services")
|
|
+allow_polyinstantiation _("Polyinstantiation") _("Enable polyinstantiated directory support")
|
|
+allow_ptrace _("Compatibility") _("Allow sysadm_t to debug or ptrace applications")
|
|
+allow_rsync_anon_write _("rsync") _("Allow rsync to write files in directories labeled public_content_rw_t")
|
|
+allow_smbd_anon_write _("Samba") _("Allow Samba to write files in directories labeled public_content_rw_t")
|
|
+allow_ssh_keysign _("SSH") _("Allow ssh to run ssh-keysign")
|
|
+allow_staff_exec_content _("User Privs") _("Allow staff SELinux user accounts to execute files in his home directory or /tmp")
|
|
+allow_sysadm_exec_content _("User Privs") _("Allow sysadm SELinux user accounts to execute files in his home directory or /tmp")
|
|
+allow_unconfined_exec_content _("User Privs") _("Allow unconfined SELinux user accounts to execute files in his home directory or /tmp")
|
|
+allow_unlabeled_packets _("Network Configuration") _("Allow unlabeled packets to flow on the network")
|
|
+allow_user_exec_content _("User Privs") _("Allow user SELinux user accounts to execute files in his home directory or /tmp")
|
|
+allow_unconfined_execmem_dyntrans _("Memory Protection") _("Allow unconfined to dyntrans to unconfined_execmem")
|
|
+allow_user_mysql_connect _("Databases") _("Allow user to connect to mysql socket")
|
|
+allow_user_postgresql_connect _("Databases") _("Allow user to connect to postgres socket")
|
|
+allow_write_xshm _("XServer") _("Allow clients to write to X shared memory")
|
|
+allow_xguest_exec_content _("User Privs") _("Allow xguest SELinux user accounts to execute files in his home directory or /tmp")
|
|
+allow_ypbind _("NIS") _("Allow daemons to run with NIS")
|
|
+allow_zebra_write_config _("Zebra") _("Allow zebra daemon to write it configuration files")
|
|
+browser_confine_staff _("Web Applications") _("Transition staff SELinux user to Web Browser Domain")
|
|
+browser_confine_sysadm _("Web Applications") _("Transition sysadm SELinux user to Web Browser Domain")
|
|
+browser_confine_user _("Web Applications") _("Transition user SELinux user to Web Browser Domain")
|
|
+browser_confine_xguest _("Web Applications") _("Transition xguest SELinux user to Web Browser Domain")
|
|
+browser_write_staff_data _("Web Applications") _("Allow staff Web Browsers to write to home directories")
|
|
+browser_write_sysadm_data _("Web Applications") _("Allow staff Web Browsers to write to home directories")
|
|
+browser_write_user_data _("Web Applications") _("Allow staff Web Browsers to write to home directories")
|
|
+browser_write_xguest_data _("Web Applications") _("Allow staff Web Browsers to write to home directories")
|
|
+amanda_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for amanda")
|
|
+amavis_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for amavis")
|
|
+apmd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for apmd daemon")
|
|
+arpwatch_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for arpwatch daemon")
|
|
+auditd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for auditd daemon")
|
|
+automount_disable_trans _("Mount") _("Disable SELinux protection for automount daemon")
|
|
+avahi_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for avahi")
|
|
+bluetooth_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for bluetooth daemon")
|
|
+canna_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for canna daemon")
|
|
+cardmgr_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for cardmgr daemon")
|
|
+ccs_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for Cluster Server")
|
|
+cdrecord_read_content _("User Privs") _("Allow cdrecord to read various content. nfs, samba, removable devices, user temp and untrusted content files")
|
|
+ciped_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for ciped daemon")
|
|
+clamd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for clamd daemon")
|
|
+clamscan_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for clamscan")
|
|
+clvmd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for clvmd")
|
|
+comsat_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for comsat daemon")
|
|
+courier_authdaemon_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for courier daemon")
|
|
+courier_pcp_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for courier daemon")
|
|
+courier_pop_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for courier daemon")
|
|
+courier_sqwebmail_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for courier daemon")
|
|
+courier_tcpd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for courier daemon")
|
|
+cpucontrol_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for cpucontrol daemon")
|
|
+cpuspeed_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for cpuspeed daemon")
|
|
+cron_can_relabel _("Cron") _("Allow system cron jobs to relabel filesystem for restoring file contexts")
|
|
+crond_disable_trans _("Cron") _("Disable SELinux protection for crond daemon")
|
|
+cupsd_config_disable_trans _("Printing") _("Disable SELinux protection for cupsd back end server")
|
|
+cupsd_disable_trans _("Printing") _("Disable SELinux protection for cupsd daemon")
|
|
+cupsd_lpd_disable_trans _("Printing") _("Disable SELinux protection for cupsd_lpd")
|
|
+cvs_disable_trans _("CVS") _("Disable SELinux protection for cvs daemon")
|
|
+cyrus_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for cyrus daemon")
|
|
+dbskkd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for dbskkd daemon")
|
|
+dbusd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for dbusd daemon")
|
|
+dccd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for dccd")
|
|
+dccifd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for dccifd")
|
|
+dccm_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for dccm")
|
|
+ddt_client_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for ddt daemon")
|
|
+devfsd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for devfsd daemon")
|
|
+dhcpc_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for dhcpc daemon")
|
|
+dhcpd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for dhcpd daemon")
|
|
+dictd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for dictd daemon")
|
|
+direct_sysadm_daemon _("Admin") _("Allow sysadm_t to directly start daemons")
|
|
+disable_evolution_trans _("Web Applications") _("Disable SELinux protection for Evolution")
|
|
+disable_games_trans _("Games") _("Disable SELinux protection for games")
|
|
+disable_mozilla_trans _("Web Applications") _("Disable SELinux protection for the web browsers")
|
|
+disable_thunderbird_trans _("Web Applications") _("Disable SELinux protection for Thunderbird")
|
|
+distccd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for distccd daemon")
|
|
+dmesg_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for dmesg daemon")
|
|
+dnsmasq_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for dnsmasq daemon")
|
|
+dovecot_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for dovecot daemon")
|
|
+entropyd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for entropyd daemon")
|
|
+fcron_crond _("Cron") _("Enable extra rules in the cron domain to support fcron")
|
|
+fetchmail_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for fetchmail")
|
|
+fingerd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for fingerd daemon")
|
|
+freshclam_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for freshclam daemon")
|
|
+fsdaemon_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for fsdaemon daemon")
|
|
+ftpd_disable_trans _("FTP") _("Disable SELinux protection for ftpd daemon")
|
|
+ftpd_is_daemon _("FTP") _("Allow ftpd to run directly without inetd")
|
|
+ftp_home_dir _("FTP") _("Allow ftp to read/write files in the user home directories")
|
|
+global_ssp _("Admin") _("This should be enabled when all programs are compiled with ProPolice/SSP stack smashing protection. All domains will be allowed to read from /dev/urandom")
|
|
+gpm_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for gpm daemon")
|
|
+gssd_disable_trans _("NFS") _("Disable SELinux protection for gss daemon")
|
|
+hald_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for Hal daemon")
|
|
+hide_broken_symptoms _("Compatibility") _("Do not audit things that we know to be broken but which are not security risks")
|
|
+hostname_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for hostname daemon")
|
|
+hotplug_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for hotplug daemon")
|
|
+howl_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for howl daemon")
|
|
+hplip_disable_trans _("Printing") _("Disable SELinux protection for cups hplip daemon")
|
|
+httpd_builtin_scripting _("HTTPD Service") _("Allow HTTPD to support built-in scripting")
|
|
+httpd_can_sendmail _("HTTPD Service") _("Allow HTTPD to send mail")
|
|
+httpd_can_network_connect_db _("HTTPD Service") _("Allow HTTPD scripts and modules to network connect to databases")
|
|
+httpd_can_network_connect _("HTTPD Service") _("Allow HTTPD scripts and modules to connect to the network")
|
|
+httpd_can_network_relay _("HTTPD Service") _("Allow httpd to act as a relay")
|
|
+httpd_disable_trans _("HTTPD Service") _("Disable SELinux protection for httpd daemon")
|
|
+httpd_enable_cgi _("HTTPD Service") _("Allow HTTPD cgi support")
|
|
+httpd_enable_ftp_server _("HTTPD Service") _("Allow HTTPD to run as a ftp server")
|
|
+httpd_enable_homedirs _("HTTPD Service") _("Allow HTTPD to read home directories")
|
|
+httpd_rotatelogs_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for httpd rotatelogs")
|
|
+httpd_ssi_exec _("HTTPD Service") _("Allow HTTPD to run SSI executables in the same domain as system CGI scripts")
|
|
+httpd_suexec_disable_trans _("HTTPD Service") _("Disable SELinux protection for http suexec")
|
|
+httpd_tty_comm _("HTTPD Service") _("Unify HTTPD to communicate with the terminal. Needed for handling certificates")
|
|
+httpd_unified _("HTTPD Service") _("Unify HTTPD handling of all content files")
|
|
+hwclock_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for hwclock daemon")
|
|
+i18n_input_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for i18n daemon")
|
|
+imazesrv_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for imazesrv daemon")
|
|
+inetd_child_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for inetd child daemons")
|
|
+inetd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for inetd daemon")
|
|
+innd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for innd daemon")
|
|
+iptables_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for iptables daemon")
|
|
+ircd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for ircd daemon")
|
|
+irqbalance_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for irqbalance daemon")
|
|
+iscsid_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for iscsi daemon")
|
|
+jabberd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for jabberd daemon")
|
|
+kadmind_disable_trans _("Kerberos") _("Disable SELinux protection for kadmind daemon")
|
|
+klogd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for klogd daemon")
|
|
+krb5kdc_disable_trans _("Kerberos") _("Disable SELinux protection for krb5kdc daemon")
|
|
+ktalkd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for ktalk daemons")
|
|
+kudzu_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for kudzu daemon")
|
|
+locate_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for locate daemon")
|
|
+lpd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for lpd daemon")
|
|
+lrrd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for lrrd daemon")
|
|
+lvm_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for lvm daemon")
|
|
+mailman_mail_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for mailman")
|
|
+mail_read_content _("Web Applications") _("Allow evolution and thunderbird to read user files")
|
|
+mdadm_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for mdadm daemon")
|
|
+monopd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for monopd daemon")
|
|
+mozilla_read_content _("Web Applications") _("Allow the mozilla browser to read user files")
|
|
+mrtg_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for mrtg daemon")
|
|
+mysqld_disable_trans _("Databases") _("Disable SELinux protection for mysqld daemon")
|
|
+nagios_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for nagios daemon")
|
|
+named_disable_trans _("Name Service") _("Disable SELinux protection for named daemon")
|
|
+named_write_master_zones _("Name Service") _("Allow named to overwrite master zone files")
|
|
+nessusd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for nessusd daemon")
|
|
+NetworkManager_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for NetworkManager")
|
|
+nfsd_disable_trans _("NFS") _("Disable SELinux protection for nfsd daemon")
|
|
+nfs_export_all_ro _("NFS") _("Allow NFS to share any file/directory read only")
|
|
+nfs_export_all_rw _("NFS") _("Allow NFS to share any file/directory read/write")
|
|
+nmbd_disable_trans _("Samba") _("Disable SELinux protection for nmbd daemon")
|
|
+nrpe_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for nrpe daemon")
|
|
+nscd_disable_trans _("Name Service") _("Disable SELinux protection for nscd daemon")
|
|
+nsd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for nsd daemon")
|
|
+ntpd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for ntpd daemon")
|
|
+oddjob_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for oddjob")
|
|
+oddjob_mkhomedir_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for oddjob_mkhomedir")
|
|
+openvpn_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for openvpn daemon")
|
|
+pam_console_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for pam daemon")
|
|
+pegasus_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for pegasus")
|
|
+perdition_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for perdition daemon")
|
|
+portmap_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for portmap daemon")
|
|
+portslave_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for portslave daemon")
|
|
+postfix_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for postfix")
|
|
+postgresql_disable_trans _("Databases") _("Disable SELinux protection for postgresql daemon")
|
|
+openvpn_enable_homedirs _("Network Configuration") _("Allow openvpn service access to users home directories")
|
|
+pppd_can_insmod _("pppd") _("Allow pppd daemon to insert modules into the kernel")
|
|
+pppd_disable_trans _("pppd") _("Disable SELinux protection for pppd daemon")
|
|
+pppd_disable_trans _("pppd") _("Disable SELinux protection for the mozilla ppp daemon")
|
|
+pppd_for_user _("pppd") _("Allow pppd to be run for a regular user")
|
|
+pptp_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for pptp")
|
|
+prelink_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for prelink daemon")
|
|
+privoxy_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for privoxy daemon")
|
|
+ptal_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for ptal daemon")
|
|
+pxe_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for pxe daemon")
|
|
+pyzord_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for pyzord")
|
|
+quota_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for quota daemon")
|
|
+radiusd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for radiusd daemon")
|
|
+radvd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for radvd daemon")
|
|
+rdisc_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for rdisc")
|
|
+readahead_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for readahead")
|
|
+read_default_t _("Admin") _("Allow programs to read files in non-standard locations (default_t)")
|
|
+read_untrusted_content _("Web Applications") _("Allow programs to read untrusted content without relabel")
|
|
+restorecond_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for restorecond")
|
|
+rhgb_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for rhgb daemon")
|
|
+ricci_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for ricci")
|
|
+ricci_modclusterd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for ricci_modclusterd")
|
|
+rlogind_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for rlogind daemon")
|
|
+rpcd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for rpcd daemon")
|
|
+rshd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for rshd")
|
|
+rsync_disable_trans _("rsync") _("Disable SELinux protection for rsync daemon")
|
|
+run_ssh_inetd _("SSH") _("Allow ssh to run from inetd instead of as a daemon")
|
|
+samba_enable_home_dirs _("Samba") _("Allow Samba to share users home directories")
|
|
+samba_share_nfs _("Samba") _("Allow Samba to share nfs directories")
|
|
+allow_saslauthd_read_shadow _("SASL authentication server") _("Allow sasl authentication server to read /etc/shadow")
|
|
+allow_xserver_execmem _("XServer") _("Allow X-Windows server to map a memory region as both executable and writable")
|
|
+saslauthd_disable_trans _("SASL authentication server") _("Disable SELinux protection for saslauthd daemon")
|
|
+scannerdaemon_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for scannerdaemon daemon")
|
|
+secure_mode _("Admin") _("Do not allow transition to sysadm_t, sudo and su effected")
|
|
+secure_mode_insmod _("Admin") _("Do not allow any processes to load kernel modules")
|
|
+secure_mode_policyload _("Admin") _("Do not allow any processes to modify kernel SELinux policy")
|
|
+sendmail_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for sendmail daemon")
|
|
+setrans_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for setrans")
|
|
+setroubleshootd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for setroubleshoot daemon")
|
|
+slapd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for slapd daemon")
|
|
+slrnpull_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for slrnpull daemon")
|
|
+smbd_disable_trans _("Samba") _("Disable SELinux protection for smbd daemon")
|
|
+snmpd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for snmpd daemon")
|
|
+snort_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for snort daemon")
|
|
+soundd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for soundd daemon")
|
|
+sound_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for sound daemon")
|
|
+spamd_disable_trans _("Spam Protection") _("Disable SELinux protection for spamd daemon")
|
|
+spamd_enable_home_dirs _("Spam Protection") _("Allow spamd to access home directories")
|
|
+spamassassin_can_network _("Spam Protection") _("Allow Spam Assassin daemon network access")
|
|
+speedmgmt_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for speedmgmt daemon")
|
|
+squid_connect_any _("Squid") _("Allow squid daemon to connect to the network")
|
|
+squid_disable_trans _("Squid") _("Disable SELinux protection for squid daemon")
|
|
+ssh_keygen_disable_trans _("SSH") _("Disable SELinux protection for ssh daemon")
|
|
+ssh_sysadm_login _("SSH") _("Allow ssh logins as sysadm_r:sysadm_t")
|
|
+staff_read_sysadm_file _("Admin") _("Allow staff_r users to search the sysadm home dir and read files (such as ~/.bashrc)")
|
|
+stunnel_disable_trans _("Universal SSL tunnel") _("Disable SELinux protection for stunnel daemon")
|
|
+stunnel_is_daemon _("Universal SSL tunnel") _("Allow stunnel daemon to run as standalone, outside of xinetd")
|
|
+swat_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for swat daemon")
|
|
+sxid_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for sxid daemon")
|
|
+syslogd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for syslogd daemon")
|
|
+system_crond_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for system cron jobs")
|
|
+tcpd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for tcp daemon")
|
|
+telnetd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for telnet daemon")
|
|
+tftpd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for tftpd daemon")
|
|
+transproxy_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for transproxy daemon")
|
|
+udev_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for udev daemon")
|
|
+uml_switch_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for uml daemon")
|
|
+unlimitedInetd _("Admin") _("Allow xinetd to run unconfined, including any services it starts that do not have a domain transition explicitly defined")
|
|
+unlimitedRC _("Admin") _("Allow rc scripts to run unconfined, including any daemon started by an rc script that does not have a domain transition explicitly defined")
|
|
+unlimitedRPM _("Admin") _("Allow rpm to run unconfined")
|
|
+unlimitedUtils _("Admin") _("Allow privileged utilities like hotplug and insmod to run unconfined")
|
|
+updfstab_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for updfstab daemon")
|
|
+uptimed_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for uptimed daemon")
|
|
+use_lpd_server _("Printing") _("Use lpd server instead of cups")
|
|
+use_nfs_home_dirs _("NFS") _("Support NFS home directories")
|
|
+user_canbe_sysadm _("User Privs") _("Allow user_r to reach sysadm_r via su, sudo, or userhelper. Otherwise, only staff_r can do so")
|
|
+user_can_mount _("Mount") _("Allow users to execute the mount command")
|
|
+user_direct_mouse _("User Privs") _("Allow regular users direct mouse access (only allow the X server)")
|
|
+user_dmesg _("User Privs") _("Allow users to run the dmesg command")
|
|
+user_net_control _("User Privs") _("Allow users to control network interfaces (also needs USERCTL=true)")
|
|
+user_ping _("User Privs") _("Allow normal user to execute ping")
|
|
+user_rw_noexattrfile _("User Privs") _("Allow user to r/w noextattrfile (FAT, CDROM, FLOPPY)")
|
|
+user_rw_usb _("User Privs") _("Allow users to rw usb devices")
|
|
+user_tcp_server _("User Privs") _("Allow users to run TCP servers (bind to ports and accept connection from the same domain and outside users) disabling this forces FTP passive mode and may change other protocols")
|
|
+user_ttyfile_stat _("User Privs") _("Allow user to stat ttyfiles")
|
|
+use_samba_home_dirs _("Samba") _("Allow users to login with CIFS home directories")
|
|
+uucpd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for uucpd daemon")
|
|
+vmware_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for vmware daemon")
|
|
+watchdog_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for watchdog daemon")
|
|
+winbind_disable_trans _("Samba") _("Disable SELinux protection for winbind daemon")
|
|
+write_untrusted_content _("Web Applications") _("Allow web applications to write untrusted content to disk (implies read)")
|
|
+xdm_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for xdm daemon")
|
|
+xdm_sysadm_login _("XServer") _("Allow xdm logins as sysadm_r:sysadm_t")
|
|
+xend_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for xen daemon")
|
|
+xen_use_raw_disk _("XEN") _("Allow xen to read/write physical disk devices")
|
|
+xfs_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for xfs daemon")
|
|
+xm_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for xen control")
|
|
+ypbind_disable_trans _("NIS") _("Disable SELinux protection for ypbind daemon")
|
|
+yppasswdd_disable_trans _("NIS") _("Disable SELinux protection for NIS Password Daemon")
|
|
+ypserv_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for ypserv daemon")
|
|
+ypxfr_disable_trans _("NIS") _("Disable SELinux protection for NIS Transfer Daemon")
|
|
+zebra_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for zebra daemon")
|
|
+httpd_use_cifs _("HTTPD Service") _("Allow httpd to access samba/cifs file systems")
|
|
+httpd_use_nfs _("HTTPD Service") _("Allow httpd to access nfs file systems")
|
|
+samba_domain_controller _("Samba") _("Allow samba to act as the domain controller, add users, groups and change passwords")
|
|
+samba_export_all_ro _("Samba") _("Allow Samba to share any file/directory read only")
|
|
+samba_export_all_rw _("Samba") _("Allow Samba to share any file/directory read/write")
|
|
+samba_run_unconfined _("Samba") _("Allow Samba to run unconfined scripts in /var/lib/samba/scripts directory")
|
|
+webadm_manage_user_files _("HTTPD Service") _("Allow SELinux webadm user to manage unprivileged users home directories")
|
|
+webadm_read_user_files _("HTTPD Service") _("Allow SELinux webadm user to read unprivileged users home directories")
|
|
+
|
|
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/semanagePage.py policycoreutils-2.0.27/gui/semanagePage.py
|
|
--- nsapolicycoreutils/gui/semanagePage.py 1969-12-31 19:00:00.000000000 -0500
|
|
+++ policycoreutils-2.0.27/gui/semanagePage.py 2007-09-27 11:20:32.000000000 -0400
|
|
@@ -0,0 +1,147 @@
|
|
+## semanagePage.py - show selinux mappings
|
|
+## Copyright (C) 2006 Red Hat, Inc.
|
|
+
|
|
+## This program is free software; you can redistribute it and/or modify
|
|
+## it under the terms of the GNU General Public License as published by
|
|
+## the Free Software Foundation; either version 2 of the License, or
|
|
+## (at your option) any later version.
|
|
+
|
|
+## This program is distributed in the hope that it will be useful,
|
|
+## but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
+## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
+## GNU General Public License for more details.
|
|
+
|
|
+## You should have received a copy of the GNU General Public License
|
|
+## along with this program; if not, write to the Free Software
|
|
+## Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
|
|
+
|
|
+## Author: Dan Walsh
|
|
+import string
|
|
+import gtk
|
|
+import gtk.glade
|
|
+import os
|
|
+import gobject
|
|
+import sys
|
|
+import seobject
|
|
+
|
|
+##
|
|
+## I18N
|
|
+##
|
|
+PROGNAME="policycoreutils"
|
|
+import gettext
|
|
+gettext.bindtextdomain(PROGNAME, "/usr/share/locale")
|
|
+gettext.textdomain(PROGNAME)
|
|
+try:
|
|
+ gettext.install(PROGNAME,
|
|
+ localedir="/usr/share/locale",
|
|
+ unicode=False,
|
|
+ codeset = 'utf-8')
|
|
+except IOError:
|
|
+ import __builtin__
|
|
+ __builtin__.__dict__['_'] = unicode
|
|
+
|
|
+class semanagePage:
|
|
+ def __init__(self, xml, name, description):
|
|
+ self.xml = xml
|
|
+ self.local = False
|
|
+ self.view = xml.get_widget("%sView" % name)
|
|
+ self.dialog = xml.get_widget("%sDialog" % name)
|
|
+ self.filter_entry = xml.get_widget("%sFilterEntry" % name )
|
|
+ self.filter_entry.connect("focus_out_event", self.filter_changed)
|
|
+ self.filter_entry.connect("activate", self.filter_changed)
|
|
+
|
|
+ self.view.connect("row_activated", self.rowActivated)
|
|
+ self.view.get_selection().connect("changed", self.itemSelected)
|
|
+ self.description = description;
|
|
+
|
|
+ def get_description(self):
|
|
+ return self.description
|
|
+
|
|
+ def itemSelected(self, args):
|
|
+ return
|
|
+
|
|
+ def filter_changed(self, *arg):
|
|
+ filter = arg[0].get_text()
|
|
+ if filter != self.filter:
|
|
+ self.load(filter)
|
|
+
|
|
+ def match(self, target, filter):
|
|
+ try:
|
|
+ f=filter.lower()
|
|
+ t=target.lower()
|
|
+ if t.find(f) >= 0:
|
|
+ return True
|
|
+ except:
|
|
+ pass
|
|
+ return False
|
|
+
|
|
+ def rowActivated(self, view, row, Column):
|
|
+ self.propertiesDialog()
|
|
+
|
|
+ def verify(self, message, title="" ):
|
|
+ dlg = gtk.MessageDialog(None, 0, gtk.MESSAGE_INFO,
|
|
+ gtk.BUTTONS_YES_NO,
|
|
+ message)
|
|
+ dlg.set_title(title)
|
|
+ dlg.set_position(gtk.WIN_POS_MOUSE)
|
|
+ dlg.show_all()
|
|
+ rc = dlg.run()
|
|
+ dlg.destroy()
|
|
+ return rc
|
|
+
|
|
+ def error(self, message):
|
|
+ dlg = gtk.MessageDialog(None, 0, gtk.MESSAGE_ERROR,
|
|
+ gtk.BUTTONS_CLOSE,
|
|
+ message)
|
|
+ dlg.set_position(gtk.WIN_POS_MOUSE)
|
|
+ dlg.show_all()
|
|
+ dlg.run()
|
|
+ dlg.destroy()
|
|
+
|
|
+ def deleteDialog(self):
|
|
+ store, iter = self.view.get_selection().get_selected()
|
|
+ if self.verify(_("Are you sure you want to delete %s '%s'?" % (self.description, store.get_value(iter, 0))), _("Delete %s" % self.description)) == gtk.RESPONSE_YES:
|
|
+ self.delete()
|
|
+
|
|
+ def use_menus(self):
|
|
+ return True
|
|
+
|
|
+ def addDialog(self):
|
|
+ self.dialogClear()
|
|
+ self.dialog.set_title(_("Add %s" % self.description))
|
|
+ self.dialog.set_position(gtk.WIN_POS_MOUSE)
|
|
+
|
|
+ while self.dialog.run() == gtk.RESPONSE_OK:
|
|
+ try:
|
|
+ if self.add() == False:
|
|
+ continue
|
|
+ break;
|
|
+ except ValueError, e:
|
|
+ self.error(e.args[0])
|
|
+ print
|
|
+ self.dialog.hide()
|
|
+
|
|
+ def propertiesDialog(self):
|
|
+ self.dialogInit()
|
|
+ self.dialog.set_title(_("Modify %s" % self.description))
|
|
+ self.dialog.set_position(gtk.WIN_POS_MOUSE)
|
|
+ while self.dialog.run() == gtk.RESPONSE_OK:
|
|
+ try:
|
|
+ if self.modify() == False:
|
|
+ continue
|
|
+ break;
|
|
+ except ValueError, e:
|
|
+ self.error(e.args[0])
|
|
+ self.dialog.hide()
|
|
+
|
|
+
|
|
+ def on_local_clicked(self, button):
|
|
+ self.local = not self.local
|
|
+ if self.local:
|
|
+ button.set_label(_("all"))
|
|
+ else:
|
|
+ button.set_label(_("Customized"))
|
|
+
|
|
+ self.load(self.filter)
|
|
+ return True
|
|
+
|
|
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/statusPage.py policycoreutils-2.0.27/gui/statusPage.py
|
|
--- nsapolicycoreutils/gui/statusPage.py 1969-12-31 19:00:00.000000000 -0500
|
|
+++ policycoreutils-2.0.27/gui/statusPage.py 2007-09-27 11:20:32.000000000 -0400
|
|
@@ -0,0 +1,219 @@
|
|
+## statusPage.py - show selinux status
|
|
+## Copyright (C) 2006 Red Hat, Inc.
|
|
+
|
|
+## This program is free software; you can redistribute it and/or modify
|
|
+## it under the terms of the GNU General Public License as published by
|
|
+## the Free Software Foundation; either version 2 of the License, or
|
|
+## (at your option) any later version.
|
|
+
|
|
+## This program is distributed in the hope that it will be useful,
|
|
+## but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
+## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
+## GNU General Public License for more details.
|
|
+
|
|
+## You should have received a copy of the GNU General Public License
|
|
+## along with this program; if not, write to the Free Software
|
|
+## Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
|
|
+
|
|
+## Author: Dan Walsh
|
|
+import string
|
|
+import gtk
|
|
+import gtk.glade
|
|
+import os
|
|
+import gobject
|
|
+import sys
|
|
+import tempfile
|
|
+
|
|
+INSTALLPATH = '/usr/share/system-config-selinux'
|
|
+sys.path.append(INSTALLPATH)
|
|
+
|
|
+rhplPath = "/usr/lib/python%d.%d/site-packages/rhpl" % (sys.version_info[0], sys.version_info[1])
|
|
+if not rhplPath in sys.path:
|
|
+ sys.path.append(rhplPath)
|
|
+
|
|
+rhplPath = "/usr/lib64/python%d.%d/site-packages/rhpl" % (sys.version_info[0], sys.version_info[1])
|
|
+if not rhplPath in sys.path:
|
|
+ sys.path.append(rhplPath)
|
|
+
|
|
+from Conf import *
|
|
+import commands
|
|
+ENFORCING = 0
|
|
+PERMISSIVE = 1
|
|
+DISABLED = 2
|
|
+modearray = ( "enforcing", "permissive", "disabled" )
|
|
+
|
|
+SELINUXDIR = "/etc/selinux/"
|
|
+RELABELFILE = "/.autorelabel"
|
|
+
|
|
+##
|
|
+## I18N
|
|
+##
|
|
+PROGNAME="policycoreutils"
|
|
+import gettext
|
|
+gettext.bindtextdomain(PROGNAME, "/usr/share/locale")
|
|
+gettext.textdomain(PROGNAME)
|
|
+import selinux
|
|
+try:
|
|
+ gettext.install(PROGNAME, localedir="/usr/share/locale", unicode=1)
|
|
+except IOError:
|
|
+ import __builtin__
|
|
+ __builtin__.__dict__['_'] = unicode
|
|
+
|
|
+class statusPage:
|
|
+ def __init__(self, xml):
|
|
+ self.xml = xml
|
|
+ self.needRelabel = False
|
|
+
|
|
+ self.type = selinux.selinux_getpolicytype()
|
|
+ # Bring in widgets from glade file.
|
|
+ self.typeHBox = xml.get_widget("typeHBox")
|
|
+ self.selinuxTypeOptionMenu = xml.get_widget("selinuxTypeOptionMenu")
|
|
+ self.typeLabel = xml.get_widget("typeLabel")
|
|
+ self.enabledOptionMenu = xml.get_widget("enabledOptionMenu")
|
|
+ self.currentOptionMenu = xml.get_widget("currentOptionMenu")
|
|
+ self.relabel_checkbutton = xml.get_widget("relabelCheckbutton")
|
|
+ self.relabel_checkbutton.set_active(self.is_relabel())
|
|
+ self.relabel_checkbutton.connect("toggled", self.on_relabel_toggle)
|
|
+ if self.get_current_mode() == ENFORCING or self.get_current_mode() == PERMISSIVE:
|
|
+ self.currentOptionMenu.append_text(_("Enforcing"))
|
|
+ self.currentOptionMenu.append_text(_("Permissive"))
|
|
+ self.currentOptionMenu.set_active(self.get_current_mode())
|
|
+ self.currentOptionMenu.connect("changed", self.set_current_mode)
|
|
+ self.currentOptionMenu.set_sensitive(True)
|
|
+ else:
|
|
+ self.currentOptionMenu.append_text(_("Disabled"))
|
|
+ self.currentOptionMenu.set_active(0)
|
|
+ self.currentOptionMenu.set_sensitive(False)
|
|
+
|
|
+
|
|
+ if self.read_selinux_config() == None:
|
|
+ self.selinuxsupport = False
|
|
+ else:
|
|
+ self.enabledOptionMenu.connect("changed", self.enabled_changed)
|
|
+ #
|
|
+ # This line must come after read_selinux_config
|
|
+ #
|
|
+ self.selinuxTypeOptionMenu.connect("changed", self.typemenu_changed)
|
|
+
|
|
+ self.typeLabel.set_mnemonic_widget(self.selinuxTypeOptionMenu)
|
|
+
|
|
+ def use_menus(self):
|
|
+ return False
|
|
+
|
|
+ def get_description(self):
|
|
+ return _("Status")
|
|
+
|
|
+ def get_current_mode(self):
|
|
+ if selinux.is_selinux_enabled():
|
|
+ if selinux.security_getenforce() > 0:
|
|
+ return ENFORCING
|
|
+ else:
|
|
+ return PERMISSIVE
|
|
+ else:
|
|
+ return DISABLED
|
|
+
|
|
+ def set_current_mode(self,menu):
|
|
+ selinux.security_setenforce(menu.get_active() == 0)
|
|
+
|
|
+ def is_relabel(self):
|
|
+ return os.access(RELABELFILE, os.F_OK) != 0
|
|
+
|
|
+ def on_relabel_toggle(self,button):
|
|
+ if button.get_active():
|
|
+ fd = open(RELABELFILE,"w")
|
|
+ fd.close()
|
|
+ else:
|
|
+ if os.access(RELABELFILE, os.F_OK) != 0:
|
|
+ os.unlink(RELABELFILE)
|
|
+
|
|
+ def verify(self, message):
|
|
+ dlg = gtk.MessageDialog(None, 0, gtk.MESSAGE_INFO,
|
|
+ gtk.BUTTONS_YES_NO,
|
|
+ message)
|
|
+ dlg.set_position(gtk.WIN_POS_MOUSE)
|
|
+ dlg.show_all()
|
|
+ rc = dlg.run()
|
|
+ dlg.destroy()
|
|
+ return rc
|
|
+
|
|
+ def typemenu_changed(self, menu):
|
|
+ type = self.get_type()
|
|
+ enabled = self.enabledOptionMenu.get_active()
|
|
+ if self.initialtype != type:
|
|
+ if self.verify(_("Changing the policy type will cause a relabel of the entire file system on the next boot. Relabeling takes a long time depending on the size of the file system. Do you wish to continue?")) == gtk.RESPONSE_NO:
|
|
+ menu.set_active(self.typeHistory)
|
|
+ return None
|
|
+
|
|
+ self.relabel_checkbutton.set_active(True)
|
|
+ self.conf["SELINUX"] = modearray[enabled]
|
|
+ self.conf["SELINUXTYPE"]=type
|
|
+ self.conf.write()
|
|
+ self.typeHistory = menu.get_active()
|
|
+
|
|
+ def enabled_changed(self, combo):
|
|
+ enabled = combo.get_active()
|
|
+ type = self.get_type()
|
|
+
|
|
+ if self.initEnabled == DISABLED and enabled < 2:
|
|
+ if self.verify(_("Changing to SELinux enabled will cause a relabel of the entire file system on the next boot. Relabeling takes a long time depending on the size of the file system. Do you wish to continue?")) == gtk.RESPONSE_NO:
|
|
+ return None
|
|
+ self.relabel_checkbutton.set_active(True)
|
|
+
|
|
+ if self.initEnabled != DISABLED and enabled == DISABLED:
|
|
+ if self.verify(_("Changing to SELinux disabled requires a reboot. It is not recommended. If you later decide to turn SELinux back on, the system will be required to relabel. If you just want to see if SELinux is causing a problem on your system, you can go to permissive mode which will only log errors and not enforce SELinux policy. Permissive mode does not require a reboot Do you wish to continue?")) == gtk.RESPONSE_NO:
|
|
+ return None
|
|
+
|
|
+ self.conf["SELINUX"] = modearray[enabled]
|
|
+ self.conf["SELINUXTYPE"]=type
|
|
+ self.conf.write()
|
|
+
|
|
+ def read_selinux_config(self):
|
|
+ self.initialtype = "targeted"
|
|
+ self.initEnabled = DISABLED
|
|
+ self.types = []
|
|
+ if os.access(SELINUXDIR, os.F_OK) == 0:
|
|
+ #File doesn't exist. return
|
|
+ return None
|
|
+
|
|
+ self.conf = ConfShellVar(SELINUXDIR+"config")
|
|
+ self.conf.rcs = 1
|
|
+ if self.conf.has_key("SELINUX"):
|
|
+ value = self.conf.vars["SELINUX"].upper().strip()
|
|
+ else:
|
|
+ value = "ENFORCING"
|
|
+ self.conf.vars["SELINUX"] = value
|
|
+
|
|
+ if value == "ENFORCING":
|
|
+ self.initEnabled = ENFORCING
|
|
+ self.enabledOptionMenu.set_active(ENFORCING)
|
|
+ elif value == "PERMISSIVE":
|
|
+ self.initEnabled = PERMISSIVE
|
|
+ self.enabledOptionMenu.set_active(PERMISSIVE)
|
|
+ elif value == "DISABLED":
|
|
+ self.initEnabled = DISABLED
|
|
+ self.enabledOptionMenu.set_active(DISABLED)
|
|
+
|
|
+ if self.conf.has_key("SELINUXTYPE"):
|
|
+ self.initialtype = self.conf.vars["SELINUXTYPE"].strip()
|
|
+ else:
|
|
+ self.conf.vars["SELINUXTYPE"] = self.initialtype
|
|
+
|
|
+ n = 0
|
|
+ current = n
|
|
+
|
|
+ for i in os.listdir(SELINUXDIR):
|
|
+ if os.path.isdir(SELINUXDIR+i) and os.path.isdir(SELINUXDIR+i+"/policy"):
|
|
+ self.types.append(i)
|
|
+ self.selinuxTypeOptionMenu.append_text(i)
|
|
+ if i == self.initialtype:
|
|
+ current = n
|
|
+ n = n+1
|
|
+ self.selinuxTypeOptionMenu.set_active(current)
|
|
+ self.typeHistory = current
|
|
+
|
|
+ return 0
|
|
+
|
|
+ def get_type(self):
|
|
+ return self.types[self.selinuxTypeOptionMenu.get_active()]
|
|
+
|
|
+
|
|
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinux.glade policycoreutils-2.0.27/gui/system-config-selinux.glade
|
|
--- nsapolicycoreutils/gui/system-config-selinux.glade 1969-12-31 19:00:00.000000000 -0500
|
|
+++ policycoreutils-2.0.27/gui/system-config-selinux.glade 2007-10-01 17:44:01.000000000 -0400
|
|
@@ -0,0 +1,3339 @@
|
|
+<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*-->
|
|
+<!DOCTYPE glade-interface SYSTEM "http://glade.gnome.org/glade-2.0.dtd">
|
|
+
|
|
+<glade-interface>
|
|
+<requires lib="gnome"/>
|
|
+<requires lib="bonobo"/>
|
|
+
|
|
+<widget class="GtkAboutDialog" id="aboutWindow">
|
|
+ <property name="border_width">5</property>
|
|
+ <property name="destroy_with_parent">False</property>
|
|
+ <property name="name" translatable="yes">system-config-selinux</property>
|
|
+ <property name="copyright" translatable="yes">Copyright (c)2006 Red Hat, Inc.
|
|
+Copyright (c) 2006 Dan Walsh <dwalsh@redhat.com></property>
|
|
+ <property name="wrap_license">False</property>
|
|
+ <property name="authors">Daniel Walsh <dwalsh@redhat.com>
|
|
+</property>
|
|
+ <property name="translator_credits" translatable="yes" comments="TRANSLATORS: Replace this string with your names, one name per line.">translator-credits</property>
|
|
+ <property name="logo">system-config-selinux.png</property>
|
|
+</widget>
|
|
+
|
|
+<widget class="GtkDialog" id="loginsDialog">
|
|
+ <property name="title" translatable="yes">Add SELinux Login Mapping</property>
|
|
+ <property name="type">GTK_WINDOW_TOPLEVEL</property>
|
|
+ <property name="window_position">GTK_WIN_POS_NONE</property>
|
|
+ <property name="modal">False</property>
|
|
+ <property name="resizable">True</property>
|
|
+ <property name="destroy_with_parent">False</property>
|
|
+ <property name="decorated">True</property>
|
|
+ <property name="skip_taskbar_hint">False</property>
|
|
+ <property name="skip_pager_hint">False</property>
|
|
+ <property name="type_hint">GDK_WINDOW_TYPE_HINT_DIALOG</property>
|
|
+ <property name="gravity">GDK_GRAVITY_NORTH_WEST</property>
|
|
+ <property name="focus_on_map">True</property>
|
|
+ <property name="urgency_hint">False</property>
|
|
+ <property name="has_separator">True</property>
|
|
+
|
|
+ <child internal-child="vbox">
|
|
+ <widget class="GtkVBox" id="dialog-vbox1">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">0</property>
|
|
+
|
|
+ <child internal-child="action_area">
|
|
+ <widget class="GtkHButtonBox" id="dialog-action_area1">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="layout_style">GTK_BUTTONBOX_END</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkButton" id="cancelbutton1">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_default">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="label">gtk-cancel</property>
|
|
+ <property name="use_stock">True</property>
|
|
+ <property name="relief">GTK_RELIEF_NORMAL</property>
|
|
+ <property name="focus_on_click">True</property>
|
|
+ <property name="response_id">-6</property>
|
|
+ </widget>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkButton" id="okbutton1">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_default">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="label">gtk-ok</property>
|
|
+ <property name="use_stock">True</property>
|
|
+ <property name="relief">GTK_RELIEF_NORMAL</property>
|
|
+ <property name="focus_on_click">True</property>
|
|
+ <property name="response_id">-5</property>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">True</property>
|
|
+ <property name="pack_type">GTK_PACK_END</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkVBox" id="vbox2">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">0</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkTable" id="table1">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="n_rows">3</property>
|
|
+ <property name="n_columns">2</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="row_spacing">4</property>
|
|
+ <property name="column_spacing">6</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label15">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">Login Name</property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">0</property>
|
|
+ <property name="right_attach">1</property>
|
|
+ <property name="top_attach">0</property>
|
|
+ <property name="bottom_attach">1</property>
|
|
+ <property name="x_options">fill</property>
|
|
+ <property name="y_options"></property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label16">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">SELinux User</property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">0</property>
|
|
+ <property name="right_attach">1</property>
|
|
+ <property name="top_attach">1</property>
|
|
+ <property name="bottom_attach">2</property>
|
|
+ <property name="x_options">fill</property>
|
|
+ <property name="y_options"></property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label17">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">MLS/MCS Range</property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">0</property>
|
|
+ <property name="right_attach">1</property>
|
|
+ <property name="top_attach">2</property>
|
|
+ <property name="bottom_attach">3</property>
|
|
+ <property name="x_options">fill</property>
|
|
+ <property name="y_options"></property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkEntry" id="loginsNameEntry">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="editable">True</property>
|
|
+ <property name="visibility">True</property>
|
|
+ <property name="max_length">0</property>
|
|
+ <property name="text" translatable="yes"></property>
|
|
+ <property name="has_frame">True</property>
|
|
+ <property name="invisible_char">*</property>
|
|
+ <property name="activates_default">False</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">1</property>
|
|
+ <property name="right_attach">2</property>
|
|
+ <property name="top_attach">0</property>
|
|
+ <property name="bottom_attach">1</property>
|
|
+ <property name="y_options"></property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkComboBox" id="loginsSelinuxUserCombo">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="add_tearoffs">False</property>
|
|
+ <property name="focus_on_click">True</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">1</property>
|
|
+ <property name="right_attach">2</property>
|
|
+ <property name="top_attach">1</property>
|
|
+ <property name="bottom_attach">2</property>
|
|
+ <property name="x_options">fill</property>
|
|
+ <property name="y_options">fill</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkEntry" id="loginsMLSEntry">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="editable">True</property>
|
|
+ <property name="visibility">True</property>
|
|
+ <property name="max_length">0</property>
|
|
+ <property name="text" translatable="yes"></property>
|
|
+ <property name="has_frame">True</property>
|
|
+ <property name="invisible_char">*</property>
|
|
+ <property name="activates_default">False</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">1</property>
|
|
+ <property name="right_attach">2</property>
|
|
+ <property name="top_attach">2</property>
|
|
+ <property name="bottom_attach">3</property>
|
|
+ <property name="y_options"></property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">5</property>
|
|
+ <property name="expand">True</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">True</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+</widget>
|
|
+
|
|
+<widget class="GtkDialog" id="portsDialog">
|
|
+ <property name="title" translatable="yes">Add SELinux Network Ports</property>
|
|
+ <property name="type">GTK_WINDOW_TOPLEVEL</property>
|
|
+ <property name="window_position">GTK_WIN_POS_NONE</property>
|
|
+ <property name="modal">False</property>
|
|
+ <property name="resizable">True</property>
|
|
+ <property name="destroy_with_parent">False</property>
|
|
+ <property name="decorated">True</property>
|
|
+ <property name="skip_taskbar_hint">False</property>
|
|
+ <property name="skip_pager_hint">False</property>
|
|
+ <property name="type_hint">GDK_WINDOW_TYPE_HINT_DIALOG</property>
|
|
+ <property name="gravity">GDK_GRAVITY_NORTH_WEST</property>
|
|
+ <property name="focus_on_map">True</property>
|
|
+ <property name="urgency_hint">False</property>
|
|
+ <property name="has_separator">True</property>
|
|
+
|
|
+ <child internal-child="vbox">
|
|
+ <widget class="GtkVBox" id="vbox3">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">0</property>
|
|
+
|
|
+ <child internal-child="action_area">
|
|
+ <widget class="GtkHButtonBox" id="hbuttonbox1">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="layout_style">GTK_BUTTONBOX_END</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkButton" id="button1">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_default">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="label">gtk-cancel</property>
|
|
+ <property name="use_stock">True</property>
|
|
+ <property name="relief">GTK_RELIEF_NORMAL</property>
|
|
+ <property name="focus_on_click">True</property>
|
|
+ <property name="response_id">-6</property>
|
|
+ </widget>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkButton" id="button2">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_default">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="label">gtk-ok</property>
|
|
+ <property name="use_stock">True</property>
|
|
+ <property name="relief">GTK_RELIEF_NORMAL</property>
|
|
+ <property name="focus_on_click">True</property>
|
|
+ <property name="response_id">-5</property>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">True</property>
|
|
+ <property name="pack_type">GTK_PACK_END</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkVBox" id="vbox4">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">0</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkTable" id="table2">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="n_rows">4</property>
|
|
+ <property name="n_columns">2</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="row_spacing">4</property>
|
|
+ <property name="column_spacing">6</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label18">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">Port Number</property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">0</property>
|
|
+ <property name="right_attach">1</property>
|
|
+ <property name="top_attach">0</property>
|
|
+ <property name="bottom_attach">1</property>
|
|
+ <property name="x_options">fill</property>
|
|
+ <property name="y_options"></property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label19">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">Protocol</property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">0</property>
|
|
+ <property name="right_attach">1</property>
|
|
+ <property name="top_attach">1</property>
|
|
+ <property name="bottom_attach">2</property>
|
|
+ <property name="x_options">fill</property>
|
|
+ <property name="y_options"></property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label20">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">SELinux Type</property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">0</property>
|
|
+ <property name="right_attach">1</property>
|
|
+ <property name="top_attach">2</property>
|
|
+ <property name="bottom_attach">3</property>
|
|
+ <property name="x_options">fill</property>
|
|
+ <property name="y_options"></property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkEntry" id="portsNumberEntry">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="editable">True</property>
|
|
+ <property name="visibility">True</property>
|
|
+ <property name="max_length">0</property>
|
|
+ <property name="text" translatable="yes"></property>
|
|
+ <property name="has_frame">True</property>
|
|
+ <property name="invisible_char">*</property>
|
|
+ <property name="activates_default">False</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">1</property>
|
|
+ <property name="right_attach">2</property>
|
|
+ <property name="top_attach">0</property>
|
|
+ <property name="bottom_attach">1</property>
|
|
+ <property name="y_options"></property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkComboBox" id="portsProtocolCombo">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="items" translatable="yes">tcp
|
|
+udp</property>
|
|
+ <property name="add_tearoffs">False</property>
|
|
+ <property name="focus_on_click">True</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">1</property>
|
|
+ <property name="right_attach">2</property>
|
|
+ <property name="top_attach">1</property>
|
|
+ <property name="bottom_attach">2</property>
|
|
+ <property name="x_options">fill</property>
|
|
+ <property name="y_options">fill</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkEntry" id="portsNameEntry">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="editable">True</property>
|
|
+ <property name="visibility">True</property>
|
|
+ <property name="max_length">0</property>
|
|
+ <property name="text" translatable="yes"></property>
|
|
+ <property name="has_frame">True</property>
|
|
+ <property name="invisible_char">*</property>
|
|
+ <property name="activates_default">False</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">1</property>
|
|
+ <property name="right_attach">2</property>
|
|
+ <property name="top_attach">2</property>
|
|
+ <property name="bottom_attach">3</property>
|
|
+ <property name="y_options"></property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label21">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">MLS/MCS
|
|
+Level</property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">0</property>
|
|
+ <property name="right_attach">1</property>
|
|
+ <property name="top_attach">3</property>
|
|
+ <property name="bottom_attach">4</property>
|
|
+ <property name="x_options">fill</property>
|
|
+ <property name="y_options"></property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkEntry" id="portsMLSEntry">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="editable">True</property>
|
|
+ <property name="visibility">True</property>
|
|
+ <property name="max_length">0</property>
|
|
+ <property name="text" translatable="yes"></property>
|
|
+ <property name="has_frame">True</property>
|
|
+ <property name="invisible_char">*</property>
|
|
+ <property name="activates_default">False</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">1</property>
|
|
+ <property name="right_attach">2</property>
|
|
+ <property name="top_attach">3</property>
|
|
+ <property name="bottom_attach">4</property>
|
|
+ <property name="y_options"></property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">5</property>
|
|
+ <property name="expand">True</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">True</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+</widget>
|
|
+
|
|
+<widget class="GtkDialog" id="translationsDialog">
|
|
+ <property name="title" translatable="yes">Add SELinux Login Mapping</property>
|
|
+ <property name="type">GTK_WINDOW_TOPLEVEL</property>
|
|
+ <property name="window_position">GTK_WIN_POS_NONE</property>
|
|
+ <property name="modal">False</property>
|
|
+ <property name="resizable">True</property>
|
|
+ <property name="destroy_with_parent">False</property>
|
|
+ <property name="decorated">True</property>
|
|
+ <property name="skip_taskbar_hint">False</property>
|
|
+ <property name="skip_pager_hint">False</property>
|
|
+ <property name="type_hint">GDK_WINDOW_TYPE_HINT_DIALOG</property>
|
|
+ <property name="gravity">GDK_GRAVITY_NORTH_WEST</property>
|
|
+ <property name="focus_on_map">True</property>
|
|
+ <property name="urgency_hint">False</property>
|
|
+ <property name="has_separator">True</property>
|
|
+
|
|
+ <child internal-child="vbox">
|
|
+ <widget class="GtkVBox" id="vbox5">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">0</property>
|
|
+
|
|
+ <child internal-child="action_area">
|
|
+ <widget class="GtkHButtonBox" id="hbuttonbox2">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="layout_style">GTK_BUTTONBOX_END</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkButton" id="button3">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_default">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="label">gtk-cancel</property>
|
|
+ <property name="use_stock">True</property>
|
|
+ <property name="relief">GTK_RELIEF_NORMAL</property>
|
|
+ <property name="focus_on_click">True</property>
|
|
+ <property name="response_id">-6</property>
|
|
+ </widget>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkButton" id="button4">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_default">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="label">gtk-ok</property>
|
|
+ <property name="use_stock">True</property>
|
|
+ <property name="relief">GTK_RELIEF_NORMAL</property>
|
|
+ <property name="focus_on_click">True</property>
|
|
+ <property name="response_id">-5</property>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">True</property>
|
|
+ <property name="pack_type">GTK_PACK_END</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkVBox" id="vbox6">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">0</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkTable" id="table3">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="n_rows">2</property>
|
|
+ <property name="n_columns">2</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="row_spacing">4</property>
|
|
+ <property name="column_spacing">6</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label22">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">SELinux MLS/MCS
|
|
+Level</property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">0</property>
|
|
+ <property name="right_attach">1</property>
|
|
+ <property name="top_attach">0</property>
|
|
+ <property name="bottom_attach">1</property>
|
|
+ <property name="x_options">fill</property>
|
|
+ <property name="y_options"></property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label24">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">Translation</property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">0</property>
|
|
+ <property name="right_attach">1</property>
|
|
+ <property name="top_attach">1</property>
|
|
+ <property name="bottom_attach">2</property>
|
|
+ <property name="x_options">fill</property>
|
|
+ <property name="y_options"></property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkEntry" id="translationsLevelEntry">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="editable">True</property>
|
|
+ <property name="visibility">True</property>
|
|
+ <property name="max_length">0</property>
|
|
+ <property name="text" translatable="yes"></property>
|
|
+ <property name="has_frame">True</property>
|
|
+ <property name="invisible_char">*</property>
|
|
+ <property name="activates_default">False</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">1</property>
|
|
+ <property name="right_attach">2</property>
|
|
+ <property name="top_attach">0</property>
|
|
+ <property name="bottom_attach">1</property>
|
|
+ <property name="y_options"></property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkEntry" id="translationsEntry">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="editable">True</property>
|
|
+ <property name="visibility">True</property>
|
|
+ <property name="max_length">0</property>
|
|
+ <property name="text" translatable="yes"></property>
|
|
+ <property name="has_frame">True</property>
|
|
+ <property name="invisible_char">*</property>
|
|
+ <property name="activates_default">False</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">1</property>
|
|
+ <property name="right_attach">2</property>
|
|
+ <property name="top_attach">1</property>
|
|
+ <property name="bottom_attach">2</property>
|
|
+ <property name="y_options"></property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">5</property>
|
|
+ <property name="expand">True</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">True</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+</widget>
|
|
+
|
|
+<widget class="GtkDialog" id="fcontextDialog">
|
|
+ <property name="title" translatable="yes">Add SELinux Login Mapping</property>
|
|
+ <property name="type">GTK_WINDOW_TOPLEVEL</property>
|
|
+ <property name="window_position">GTK_WIN_POS_NONE</property>
|
|
+ <property name="modal">False</property>
|
|
+ <property name="resizable">True</property>
|
|
+ <property name="destroy_with_parent">False</property>
|
|
+ <property name="decorated">True</property>
|
|
+ <property name="skip_taskbar_hint">False</property>
|
|
+ <property name="skip_pager_hint">False</property>
|
|
+ <property name="type_hint">GDK_WINDOW_TYPE_HINT_DIALOG</property>
|
|
+ <property name="gravity">GDK_GRAVITY_NORTH_WEST</property>
|
|
+ <property name="focus_on_map">True</property>
|
|
+ <property name="urgency_hint">False</property>
|
|
+ <property name="has_separator">True</property>
|
|
+
|
|
+ <child internal-child="vbox">
|
|
+ <widget class="GtkVBox" id="vbox7">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">0</property>
|
|
+
|
|
+ <child internal-child="action_area">
|
|
+ <widget class="GtkHButtonBox" id="hbuttonbox3">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="layout_style">GTK_BUTTONBOX_END</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkButton" id="button5">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_default">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="label">gtk-cancel</property>
|
|
+ <property name="use_stock">True</property>
|
|
+ <property name="relief">GTK_RELIEF_NORMAL</property>
|
|
+ <property name="focus_on_click">True</property>
|
|
+ <property name="response_id">-6</property>
|
|
+ </widget>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkButton" id="button6">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_default">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="label">gtk-ok</property>
|
|
+ <property name="use_stock">True</property>
|
|
+ <property name="relief">GTK_RELIEF_NORMAL</property>
|
|
+ <property name="focus_on_click">True</property>
|
|
+ <property name="response_id">-5</property>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">True</property>
|
|
+ <property name="pack_type">GTK_PACK_END</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkVBox" id="vbox8">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">0</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkTable" id="table4">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="n_rows">4</property>
|
|
+ <property name="n_columns">2</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="row_spacing">4</property>
|
|
+ <property name="column_spacing">6</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label25">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">File Specification</property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">0</property>
|
|
+ <property name="right_attach">1</property>
|
|
+ <property name="top_attach">0</property>
|
|
+ <property name="bottom_attach">1</property>
|
|
+ <property name="x_options">fill</property>
|
|
+ <property name="y_options"></property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label26">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">File Type</property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">0</property>
|
|
+ <property name="right_attach">1</property>
|
|
+ <property name="top_attach">1</property>
|
|
+ <property name="bottom_attach">2</property>
|
|
+ <property name="x_options">fill</property>
|
|
+ <property name="y_options"></property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label27">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">SELinux Type</property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">0</property>
|
|
+ <property name="right_attach">1</property>
|
|
+ <property name="top_attach">2</property>
|
|
+ <property name="bottom_attach">3</property>
|
|
+ <property name="x_options">fill</property>
|
|
+ <property name="y_options"></property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkEntry" id="fcontextEntry">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="editable">True</property>
|
|
+ <property name="visibility">True</property>
|
|
+ <property name="max_length">0</property>
|
|
+ <property name="text" translatable="yes"></property>
|
|
+ <property name="has_frame">True</property>
|
|
+ <property name="invisible_char">*</property>
|
|
+ <property name="activates_default">False</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">1</property>
|
|
+ <property name="right_attach">2</property>
|
|
+ <property name="top_attach">0</property>
|
|
+ <property name="bottom_attach">1</property>
|
|
+ <property name="y_options"></property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkComboBox" id="fcontextFileTypeCombo">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="items" translatable="yes">all files
|
|
+regular file
|
|
+directory
|
|
+character device
|
|
+block device
|
|
+socket
|
|
+symbolic link
|
|
+named pipe
|
|
+</property>
|
|
+ <property name="add_tearoffs">False</property>
|
|
+ <property name="focus_on_click">True</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">1</property>
|
|
+ <property name="right_attach">2</property>
|
|
+ <property name="top_attach">1</property>
|
|
+ <property name="bottom_attach">2</property>
|
|
+ <property name="x_options">fill</property>
|
|
+ <property name="y_options">fill</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkEntry" id="fcontextTypeEntry">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="editable">True</property>
|
|
+ <property name="visibility">True</property>
|
|
+ <property name="max_length">0</property>
|
|
+ <property name="text" translatable="yes"></property>
|
|
+ <property name="has_frame">True</property>
|
|
+ <property name="invisible_char">*</property>
|
|
+ <property name="activates_default">False</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">1</property>
|
|
+ <property name="right_attach">2</property>
|
|
+ <property name="top_attach">2</property>
|
|
+ <property name="bottom_attach">3</property>
|
|
+ <property name="y_options"></property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label31">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">MLS</property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">0</property>
|
|
+ <property name="right_attach">1</property>
|
|
+ <property name="top_attach">3</property>
|
|
+ <property name="bottom_attach">4</property>
|
|
+ <property name="x_options">fill</property>
|
|
+ <property name="y_options"></property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkEntry" id="fcontextMLSEntry">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="editable">True</property>
|
|
+ <property name="visibility">True</property>
|
|
+ <property name="max_length">0</property>
|
|
+ <property name="text" translatable="yes"></property>
|
|
+ <property name="has_frame">True</property>
|
|
+ <property name="invisible_char">*</property>
|
|
+ <property name="activates_default">False</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">1</property>
|
|
+ <property name="right_attach">2</property>
|
|
+ <property name="top_attach">3</property>
|
|
+ <property name="bottom_attach">4</property>
|
|
+ <property name="y_options"></property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">5</property>
|
|
+ <property name="expand">True</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">True</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+</widget>
|
|
+
|
|
+<widget class="GtkDialog" id="usersDialog">
|
|
+ <property name="title" translatable="yes">Add SELinux User</property>
|
|
+ <property name="type">GTK_WINDOW_TOPLEVEL</property>
|
|
+ <property name="window_position">GTK_WIN_POS_NONE</property>
|
|
+ <property name="modal">False</property>
|
|
+ <property name="resizable">True</property>
|
|
+ <property name="destroy_with_parent">False</property>
|
|
+ <property name="decorated">True</property>
|
|
+ <property name="skip_taskbar_hint">False</property>
|
|
+ <property name="skip_pager_hint">False</property>
|
|
+ <property name="type_hint">GDK_WINDOW_TYPE_HINT_DIALOG</property>
|
|
+ <property name="gravity">GDK_GRAVITY_NORTH_WEST</property>
|
|
+ <property name="focus_on_map">True</property>
|
|
+ <property name="urgency_hint">False</property>
|
|
+ <property name="has_separator">True</property>
|
|
+
|
|
+ <child internal-child="vbox">
|
|
+ <widget class="GtkVBox" id="vbox9">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">0</property>
|
|
+
|
|
+ <child internal-child="action_area">
|
|
+ <widget class="GtkHButtonBox" id="hbuttonbox4">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="layout_style">GTK_BUTTONBOX_END</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkButton" id="button7">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_default">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="label">gtk-cancel</property>
|
|
+ <property name="use_stock">True</property>
|
|
+ <property name="relief">GTK_RELIEF_NORMAL</property>
|
|
+ <property name="focus_on_click">True</property>
|
|
+ <property name="response_id">-6</property>
|
|
+ </widget>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkButton" id="button8">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_default">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="label">gtk-ok</property>
|
|
+ <property name="use_stock">True</property>
|
|
+ <property name="relief">GTK_RELIEF_NORMAL</property>
|
|
+ <property name="focus_on_click">True</property>
|
|
+ <property name="response_id">-5</property>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">True</property>
|
|
+ <property name="pack_type">GTK_PACK_END</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkVBox" id="vbox10">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">0</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkTable" id="table5">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="n_rows">5</property>
|
|
+ <property name="n_columns">2</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="row_spacing">4</property>
|
|
+ <property name="column_spacing">6</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label32">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">SELinux User</property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">0</property>
|
|
+ <property name="right_attach">1</property>
|
|
+ <property name="top_attach">0</property>
|
|
+ <property name="bottom_attach">1</property>
|
|
+ <property name="x_options">fill</property>
|
|
+ <property name="y_options"></property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label33">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">Label Prefix</property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">0</property>
|
|
+ <property name="right_attach">1</property>
|
|
+ <property name="top_attach">1</property>
|
|
+ <property name="bottom_attach">2</property>
|
|
+ <property name="x_options">fill</property>
|
|
+ <property name="y_options"></property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label34">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">MLS/MCS Range</property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">0</property>
|
|
+ <property name="right_attach">1</property>
|
|
+ <property name="top_attach">3</property>
|
|
+ <property name="bottom_attach">4</property>
|
|
+ <property name="x_options">fill</property>
|
|
+ <property name="y_options"></property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkEntry" id="mlsRangeEntry">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="editable">True</property>
|
|
+ <property name="visibility">True</property>
|
|
+ <property name="max_length">0</property>
|
|
+ <property name="text" translatable="yes"></property>
|
|
+ <property name="has_frame">True</property>
|
|
+ <property name="invisible_char">*</property>
|
|
+ <property name="activates_default">False</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">1</property>
|
|
+ <property name="right_attach">2</property>
|
|
+ <property name="top_attach">3</property>
|
|
+ <property name="bottom_attach">4</property>
|
|
+ <property name="y_options"></property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label35">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">MLS/MCS Level</property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">0</property>
|
|
+ <property name="right_attach">1</property>
|
|
+ <property name="top_attach">2</property>
|
|
+ <property name="bottom_attach">3</property>
|
|
+ <property name="x_options">fill</property>
|
|
+ <property name="y_options"></property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkEntry" id="mlsLevelEntry">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="editable">True</property>
|
|
+ <property name="visibility">True</property>
|
|
+ <property name="max_length">0</property>
|
|
+ <property name="text" translatable="yes"></property>
|
|
+ <property name="has_frame">True</property>
|
|
+ <property name="invisible_char">*</property>
|
|
+ <property name="activates_default">False</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">1</property>
|
|
+ <property name="right_attach">2</property>
|
|
+ <property name="top_attach">2</property>
|
|
+ <property name="bottom_attach">3</property>
|
|
+ <property name="y_options"></property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label36">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">SELinux Roles</property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">0</property>
|
|
+ <property name="right_attach">1</property>
|
|
+ <property name="top_attach">4</property>
|
|
+ <property name="bottom_attach">5</property>
|
|
+ <property name="x_options">fill</property>
|
|
+ <property name="y_options"></property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkEntry" id="selinuxRolesEntry">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="editable">True</property>
|
|
+ <property name="visibility">True</property>
|
|
+ <property name="max_length">0</property>
|
|
+ <property name="text" translatable="yes"></property>
|
|
+ <property name="has_frame">True</property>
|
|
+ <property name="invisible_char">*</property>
|
|
+ <property name="activates_default">False</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">1</property>
|
|
+ <property name="right_attach">2</property>
|
|
+ <property name="top_attach">4</property>
|
|
+ <property name="bottom_attach">5</property>
|
|
+ <property name="y_options"></property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkEntry" id="selinuxUserEntry">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="editable">True</property>
|
|
+ <property name="visibility">True</property>
|
|
+ <property name="max_length">0</property>
|
|
+ <property name="text" translatable="yes"></property>
|
|
+ <property name="has_frame">True</property>
|
|
+ <property name="invisible_char">*</property>
|
|
+ <property name="activates_default">False</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">1</property>
|
|
+ <property name="right_attach">2</property>
|
|
+ <property name="top_attach">0</property>
|
|
+ <property name="bottom_attach">1</property>
|
|
+ <property name="y_options"></property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkEntry" id="labelPrefixEntry">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="editable">True</property>
|
|
+ <property name="visibility">True</property>
|
|
+ <property name="max_length">0</property>
|
|
+ <property name="text" translatable="yes"></property>
|
|
+ <property name="has_frame">True</property>
|
|
+ <property name="invisible_char">*</property>
|
|
+ <property name="activates_default">False</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">1</property>
|
|
+ <property name="right_attach">2</property>
|
|
+ <property name="top_attach">1</property>
|
|
+ <property name="bottom_attach">2</property>
|
|
+ <property name="y_options"></property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">5</property>
|
|
+ <property name="expand">True</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">True</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+</widget>
|
|
+
|
|
+<widget class="GnomeApp" id="mainWindow">
|
|
+ <property name="width_request">800</property>
|
|
+ <property name="height_request">500</property>
|
|
+ <property name="title" translatable="yes">SELinux Administration</property>
|
|
+ <property name="type">GTK_WINDOW_TOPLEVEL</property>
|
|
+ <property name="window_position">GTK_WIN_POS_NONE</property>
|
|
+ <property name="modal">False</property>
|
|
+ <property name="resizable">True</property>
|
|
+ <property name="destroy_with_parent">False</property>
|
|
+ <property name="icon">system-config-selinux.png</property>
|
|
+ <property name="decorated">True</property>
|
|
+ <property name="skip_taskbar_hint">False</property>
|
|
+ <property name="skip_pager_hint">False</property>
|
|
+ <property name="type_hint">GDK_WINDOW_TYPE_HINT_NORMAL</property>
|
|
+ <property name="gravity">GDK_GRAVITY_NORTH_WEST</property>
|
|
+ <property name="focus_on_map">True</property>
|
|
+ <property name="urgency_hint">False</property>
|
|
+ <property name="enable_layout_config">True</property>
|
|
+
|
|
+ <child internal-child="dock">
|
|
+ <widget class="BonoboDock" id="bonobodock2">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="allow_floating">True</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="BonoboDockItem" id="bonobodockitem3">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="shadow_type">GTK_SHADOW_NONE</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkMenuBar" id="menubar1">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="pack_direction">GTK_PACK_DIRECTION_LTR</property>
|
|
+ <property name="child_pack_direction">GTK_PACK_DIRECTION_LTR</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkMenuItem" id="file1">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="stock_item">GNOMEUIINFO_MENU_FILE_TREE</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkMenu" id="file1_menu">
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkImageMenuItem" id="add_menu_item">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">Add</property>
|
|
+ <property name="use_underline">True</property>
|
|
+ <signal name="activate" handler="on_add_clicked" last_modification_time="Sat, 17 Mar 2007 12:21:12 GMT"/>
|
|
+ <accelerator key="a" modifiers="GDK_CONTROL_MASK" signal="activate"/>
|
|
+
|
|
+ <child internal-child="image">
|
|
+ <widget class="GtkImage" id="image13">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="stock">gtk-add</property>
|
|
+ <property name="icon_size">1</property>
|
|
+ <property name="xalign">0.5</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkImageMenuItem" id="properties_menu_item">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">_Properties</property>
|
|
+ <property name="use_underline">True</property>
|
|
+ <signal name="activate" handler="on_properties_clicked" last_modification_time="Sat, 17 Mar 2007 12:21:12 GMT"/>
|
|
+ <accelerator key="p" modifiers="GDK_CONTROL_MASK" signal="activate"/>
|
|
+
|
|
+ <child internal-child="image">
|
|
+ <widget class="GtkImage" id="image14">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="stock">gtk-properties</property>
|
|
+ <property name="icon_size">1</property>
|
|
+ <property name="xalign">0.5</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkImageMenuItem" id="delete_menu_item">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">_Delete</property>
|
|
+ <property name="use_underline">True</property>
|
|
+ <signal name="activate" handler="on_delete_clicked" last_modification_time="Sat, 17 Mar 2007 12:21:12 GMT"/>
|
|
+ <accelerator key="Delete" modifiers="0" signal="activate"/>
|
|
+
|
|
+ <child internal-child="image">
|
|
+ <widget class="GtkImage" id="image15">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="stock">gtk-delete</property>
|
|
+ <property name="icon_size">1</property>
|
|
+ <property name="xalign">0.5</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkImageMenuItem" id="quit">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="stock_item">GNOMEUIINFO_MENU_EXIT_ITEM</property>
|
|
+ <signal name="activate" handler="on_quit_activate" last_modification_time="Fri, 06 Oct 2006 13:58:19 GMT"/>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkMenuItem" id="help1">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="stock_item">GNOMEUIINFO_MENU_HELP_TREE</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkMenu" id="help1_menu">
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkImageMenuItem" id="about">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="stock_item">GNOMEUIINFO_MENU_ABOUT_ITEM</property>
|
|
+ <signal name="activate" handler="on_about_activate" last_modification_time="Fri, 06 Oct 2006 13:58:02 GMT"/>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="placement">BONOBO_DOCK_TOP</property>
|
|
+ <property name="band">0</property>
|
|
+ <property name="position">0</property>
|
|
+ <property name="offset">0</property>
|
|
+ <property name="behavior">BONOBO_DOCK_ITEM_BEH_EXCLUSIVE|BONOBO_DOCK_ITEM_BEH_NEVER_VERTICAL|BONOBO_DOCK_ITEM_BEH_LOCKED</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkHPaned" id="hpaned1">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="position">0</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkFrame" id="frame1">
|
|
+ <property name="border_width">5</property>
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label_xalign">0</property>
|
|
+ <property name="label_yalign">0.5</property>
|
|
+ <property name="shadow_type">GTK_SHADOW_NONE</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkAlignment" id="alignment1">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="xalign">0.5</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xscale">1</property>
|
|
+ <property name="yscale">1</property>
|
|
+ <property name="top_padding">0</property>
|
|
+ <property name="bottom_padding">0</property>
|
|
+ <property name="left_padding">12</property>
|
|
+ <property name="right_padding">0</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkTreeView" id="selectView">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="tooltip" translatable="yes">Select Management Object</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="headers_visible">False</property>
|
|
+ <property name="rules_hint">False</property>
|
|
+ <property name="reorderable">False</property>
|
|
+ <property name="enable_search">True</property>
|
|
+ <property name="fixed_height_mode">False</property>
|
|
+ <property name="hover_selection">False</property>
|
|
+ <property name="hover_expand">False</property>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label45">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes"><b>Select:</b></property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">True</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0.5</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="type">label_item</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="shrink">False</property>
|
|
+ <property name="resize">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkNotebook" id="notebook">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="show_tabs">False</property>
|
|
+ <property name="show_border">True</property>
|
|
+ <property name="tab_pos">GTK_POS_TOP</property>
|
|
+ <property name="scrollable">False</property>
|
|
+ <property name="enable_popup">False</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkVBox" id="vbox1">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">0</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkTable" id="table6">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="n_rows">4</property>
|
|
+ <property name="n_columns">2</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="row_spacing">5</property>
|
|
+ <property name="column_spacing">5</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label29">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">System Default Enforcing Mode</property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0.5</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">0</property>
|
|
+ <property name="right_attach">1</property>
|
|
+ <property name="top_attach">0</property>
|
|
+ <property name="bottom_attach">1</property>
|
|
+ <property name="x_options">fill</property>
|
|
+ <property name="y_options"></property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkComboBox" id="enabledOptionMenu">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="items" translatable="yes">Enforcing
|
|
+Permissive
|
|
+Disabled
|
|
+</property>
|
|
+ <property name="add_tearoffs">False</property>
|
|
+ <property name="focus_on_click">True</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">1</property>
|
|
+ <property name="right_attach">2</property>
|
|
+ <property name="top_attach">0</property>
|
|
+ <property name="bottom_attach">1</property>
|
|
+ <property name="y_options">fill</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label48">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">Current Enforcing Mode</property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0.5</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">0</property>
|
|
+ <property name="right_attach">1</property>
|
|
+ <property name="top_attach">1</property>
|
|
+ <property name="bottom_attach">2</property>
|
|
+ <property name="x_options">fill</property>
|
|
+ <property name="y_options"></property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkComboBox" id="currentOptionMenu">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="items" translatable="yes"></property>
|
|
+ <property name="add_tearoffs">False</property>
|
|
+ <property name="focus_on_click">True</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">1</property>
|
|
+ <property name="right_attach">2</property>
|
|
+ <property name="top_attach">1</property>
|
|
+ <property name="bottom_attach">2</property>
|
|
+ <property name="x_options">fill</property>
|
|
+ <property name="y_options">fill</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="typeLabel">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">System Default Policy Type: </property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0.5</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">0</property>
|
|
+ <property name="right_attach">1</property>
|
|
+ <property name="top_attach">2</property>
|
|
+ <property name="bottom_attach">3</property>
|
|
+ <property name="x_options">fill</property>
|
|
+ <property name="y_options"></property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkComboBox" id="selinuxTypeOptionMenu">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="items" translatable="yes"></property>
|
|
+ <property name="add_tearoffs">False</property>
|
|
+ <property name="focus_on_click">True</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">1</property>
|
|
+ <property name="right_attach">2</property>
|
|
+ <property name="top_attach">2</property>
|
|
+ <property name="bottom_attach">3</property>
|
|
+ <property name="x_options">fill</property>
|
|
+ <property name="y_options">fill</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkCheckButton" id="relabelCheckbutton">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="tooltip" translatable="yes">Select if you wish to relabel then entire file system on next reboot. Relabeling can take a very long time, depending on the size of the system. If you are changing policy types or going from disabled to enforcing, a relabel is required.</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="relief">GTK_RELIEF_NORMAL</property>
|
|
+ <property name="focus_on_click">True</property>
|
|
+ <property name="active">False</property>
|
|
+ <property name="inconsistent">False</property>
|
|
+ <property name="draw_indicator">True</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkAlignment" id="alignment4">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="xalign">0.5</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xscale">0</property>
|
|
+ <property name="yscale">0</property>
|
|
+ <property name="top_padding">0</property>
|
|
+ <property name="bottom_padding">0</property>
|
|
+ <property name="left_padding">0</property>
|
|
+ <property name="right_padding">0</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkHBox" id="hbox6">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">2</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkImage" id="image2">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="stock">gtk-refresh</property>
|
|
+ <property name="icon_size">4</property>
|
|
+ <property name="xalign">0.5</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">False</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label49">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">Relabel on next reboot.</property>
|
|
+ <property name="use_underline">True</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0.5</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">False</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="left_attach">0</property>
|
|
+ <property name="right_attach">2</property>
|
|
+ <property name="top_attach">3</property>
|
|
+ <property name="bottom_attach">4</property>
|
|
+ <property name="x_options">fill</property>
|
|
+ <property name="y_options">fill</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">True</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="tab_expand">False</property>
|
|
+ <property name="tab_fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label37">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">label37</property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0.5</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="type">tab</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkVBox" id="vbox18">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">0</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkToolbar" id="toolbar9">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="orientation">GTK_ORIENTATION_HORIZONTAL</property>
|
|
+ <property name="toolbar_style">GTK_TOOLBAR_BOTH</property>
|
|
+ <property name="tooltips">True</property>
|
|
+ <property name="show_arrow">True</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkToolButton" id="booleanRevertButton">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="tooltip" translatable="yes">Revert boolean setting to system default</property>
|
|
+ <property name="stock_id">gtk-revert-to-saved</property>
|
|
+ <property name="visible_horizontal">True</property>
|
|
+ <property name="visible_vertical">True</property>
|
|
+ <property name="is_important">False</property>
|
|
+ <signal name="clicked" handler="on_delete_clicked" last_modification_time="Mon, 16 Jan 2006 18:26:29 GMT"/>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="homogeneous">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkToolButton" id="toolbutton34">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="tooltip" translatable="yes">Toggle between Customized and All Booleans</property>
|
|
+ <property name="label" translatable="yes">Customized</property>
|
|
+ <property name="use_underline">True</property>
|
|
+ <property name="stock_id">gtk-find</property>
|
|
+ <property name="visible_horizontal">True</property>
|
|
+ <property name="visible_vertical">True</property>
|
|
+ <property name="is_important">False</property>
|
|
+ <signal name="clicked" handler="on_local_clicked" last_modification_time="Wed, 19 Sep 2007 19:14:08 GMT"/>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="homogeneous">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">False</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkHBox" id="hbox7">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">0</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label51">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">Filter</property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0.5</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">10</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">False</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkEntry" id="booleansFilter">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="editable">True</property>
|
|
+ <property name="visibility">True</property>
|
|
+ <property name="max_length">0</property>
|
|
+ <property name="text" translatable="yes"></property>
|
|
+ <property name="has_frame">True</property>
|
|
+ <property name="invisible_char">•</property>
|
|
+ <property name="activates_default">False</property>
|
|
+ <signal name="changed" handler="on_booleansFilter_changed" last_modification_time="Fri, 06 Apr 2007 12:39:26 GMT"/>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">True</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">10</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkScrolledWindow" id="scrolledwindow18">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="hscrollbar_policy">GTK_POLICY_ALWAYS</property>
|
|
+ <property name="vscrollbar_policy">GTK_POLICY_ALWAYS</property>
|
|
+ <property name="shadow_type">GTK_SHADOW_NONE</property>
|
|
+ <property name="window_placement">GTK_CORNER_TOP_LEFT</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkTreeView" id="booleansView">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="headers_visible">False</property>
|
|
+ <property name="rules_hint">False</property>
|
|
+ <property name="reorderable">False</property>
|
|
+ <property name="enable_search">True</property>
|
|
+ <property name="fixed_height_mode">False</property>
|
|
+ <property name="hover_selection">False</property>
|
|
+ <property name="hover_expand">False</property>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">True</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="tab_expand">False</property>
|
|
+ <property name="tab_fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label50">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">label50</property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0.5</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="type">tab</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkVBox" id="vbox11">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">0</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkToolbar" id="toolbar2">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="orientation">GTK_ORIENTATION_HORIZONTAL</property>
|
|
+ <property name="toolbar_style">GTK_TOOLBAR_BOTH</property>
|
|
+ <property name="tooltips">True</property>
|
|
+ <property name="show_arrow">True</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkToolButton" id="toolbutton5">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="tooltip" translatable="yes">Add File Context</property>
|
|
+ <property name="stock_id">gtk-add</property>
|
|
+ <property name="visible_horizontal">True</property>
|
|
+ <property name="visible_vertical">True</property>
|
|
+ <property name="is_important">False</property>
|
|
+ <signal name="clicked" handler="on_add_clicked" last_modification_time="Mon, 16 Jan 2006 18:27:03 GMT"/>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="homogeneous">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkToolButton" id="toolbutton6">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="tooltip" translatable="yes">Modify File Context</property>
|
|
+ <property name="stock_id">gtk-properties</property>
|
|
+ <property name="visible_horizontal">True</property>
|
|
+ <property name="visible_vertical">True</property>
|
|
+ <property name="is_important">False</property>
|
|
+ <signal name="clicked" handler="on_properties_clicked" last_modification_time="Mon, 16 Jan 2006 18:26:51 GMT"/>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="homogeneous">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkToolButton" id="toolbutton7">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="tooltip" translatable="yes">Delete File Context</property>
|
|
+ <property name="stock_id">gtk-delete</property>
|
|
+ <property name="visible_horizontal">True</property>
|
|
+ <property name="visible_vertical">True</property>
|
|
+ <property name="is_important">False</property>
|
|
+ <signal name="clicked" handler="on_delete_clicked" last_modification_time="Mon, 16 Jan 2006 18:26:29 GMT"/>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="homogeneous">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkToolButton" id="customizedButton">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="tooltip" translatable="yes">Toggle between all and customized file context</property>
|
|
+ <property name="label" translatable="yes">Customized</property>
|
|
+ <property name="use_underline">True</property>
|
|
+ <property name="stock_id">gtk-find</property>
|
|
+ <property name="visible_horizontal">True</property>
|
|
+ <property name="visible_vertical">True</property>
|
|
+ <property name="is_important">False</property>
|
|
+ <signal name="clicked" handler="on_local_clicked" last_modification_time="Wed, 19 Sep 2007 19:14:08 GMT"/>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="homogeneous">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">False</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkScrolledWindow" id="scrolledwindow17">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="hscrollbar_policy">GTK_POLICY_ALWAYS</property>
|
|
+ <property name="vscrollbar_policy">GTK_POLICY_ALWAYS</property>
|
|
+ <property name="shadow_type">GTK_SHADOW_NONE</property>
|
|
+ <property name="window_placement">GTK_CORNER_TOP_LEFT</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkViewport" id="viewport1">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="shadow_type">GTK_SHADOW_IN</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkVBox" id="vbox19">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">0</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkHBox" id="hbox8">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">0</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label52">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">Filter</property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0.5</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">10</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">False</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkEntry" id="fcontextFilterEntry">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="editable">True</property>
|
|
+ <property name="visibility">True</property>
|
|
+ <property name="max_length">0</property>
|
|
+ <property name="text" translatable="yes"></property>
|
|
+ <property name="has_frame">True</property>
|
|
+ <property name="invisible_char">•</property>
|
|
+ <property name="activates_default">False</property>
|
|
+ <signal name="changed" handler="on_booleansFilter_changed" last_modification_time="Fri, 06 Apr 2007 12:39:26 GMT"/>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">True</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">5</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkTreeView" id="fcontextView">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="headers_visible">True</property>
|
|
+ <property name="rules_hint">False</property>
|
|
+ <property name="reorderable">False</property>
|
|
+ <property name="enable_search">True</property>
|
|
+ <property name="fixed_height_mode">False</property>
|
|
+ <property name="hover_selection">False</property>
|
|
+ <property name="hover_expand">False</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">True</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">True</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="tab_expand">False</property>
|
|
+ <property name="tab_fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label38">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">label38</property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0.5</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="type">tab</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkVBox" id="vbox12">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">0</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkToolbar" id="toolbar3">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="orientation">GTK_ORIENTATION_HORIZONTAL</property>
|
|
+ <property name="toolbar_style">GTK_TOOLBAR_BOTH</property>
|
|
+ <property name="tooltips">True</property>
|
|
+ <property name="show_arrow">True</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkToolButton" id="toolbutton8">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="tooltip" translatable="yes">Add SELinux User Mapping</property>
|
|
+ <property name="stock_id">gtk-add</property>
|
|
+ <property name="visible_horizontal">True</property>
|
|
+ <property name="visible_vertical">True</property>
|
|
+ <property name="is_important">False</property>
|
|
+ <signal name="clicked" handler="on_add_clicked" last_modification_time="Mon, 16 Jan 2006 18:27:03 GMT"/>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="homogeneous">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkToolButton" id="toolbutton29">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="tooltip" translatable="yes">Modify SELinux User Mapping</property>
|
|
+ <property name="stock_id">gtk-properties</property>
|
|
+ <property name="visible_horizontal">True</property>
|
|
+ <property name="visible_vertical">True</property>
|
|
+ <property name="is_important">False</property>
|
|
+ <signal name="clicked" handler="on_properties_clicked" last_modification_time="Wed, 15 Nov 2006 16:38:33 GMT"/>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="homogeneous">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkToolButton" id="toolbutton10">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="tooltip" translatable="yes">Delete SELinux User Mapping</property>
|
|
+ <property name="stock_id">gtk-delete</property>
|
|
+ <property name="visible_horizontal">True</property>
|
|
+ <property name="visible_vertical">True</property>
|
|
+ <property name="is_important">False</property>
|
|
+ <signal name="clicked" handler="on_delete_clicked" last_modification_time="Mon, 16 Jan 2006 18:26:29 GMT"/>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="homogeneous">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">False</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkHBox" id="hbox13">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">0</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label57">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">Filter</property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0.5</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">10</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">False</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkEntry" id="loginsFilterEntry">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="editable">True</property>
|
|
+ <property name="visibility">True</property>
|
|
+ <property name="max_length">0</property>
|
|
+ <property name="text" translatable="yes"></property>
|
|
+ <property name="has_frame">True</property>
|
|
+ <property name="invisible_char">•</property>
|
|
+ <property name="activates_default">False</property>
|
|
+ <signal name="changed" handler="on_booleansFilter_changed" last_modification_time="Fri, 06 Apr 2007 12:39:26 GMT"/>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">True</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">5</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkScrolledWindow" id="scrolledwindow16">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="hscrollbar_policy">GTK_POLICY_ALWAYS</property>
|
|
+ <property name="vscrollbar_policy">GTK_POLICY_ALWAYS</property>
|
|
+ <property name="shadow_type">GTK_SHADOW_NONE</property>
|
|
+ <property name="window_placement">GTK_CORNER_TOP_LEFT</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkTreeView" id="loginsView">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="headers_visible">True</property>
|
|
+ <property name="rules_hint">False</property>
|
|
+ <property name="reorderable">False</property>
|
|
+ <property name="enable_search">True</property>
|
|
+ <property name="fixed_height_mode">False</property>
|
|
+ <property name="hover_selection">False</property>
|
|
+ <property name="hover_expand">False</property>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">True</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="tab_expand">False</property>
|
|
+ <property name="tab_fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label39">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">label39</property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0.5</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="type">tab</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkVBox" id="vbox14">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">0</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkToolbar" id="toolbar5">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="orientation">GTK_ORIENTATION_HORIZONTAL</property>
|
|
+ <property name="toolbar_style">GTK_TOOLBAR_BOTH</property>
|
|
+ <property name="tooltips">True</property>
|
|
+ <property name="show_arrow">True</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkToolButton" id="toolbutton14">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="tooltip" translatable="yes">Add Translation</property>
|
|
+ <property name="stock_id">gtk-add</property>
|
|
+ <property name="visible_horizontal">True</property>
|
|
+ <property name="visible_vertical">True</property>
|
|
+ <property name="is_important">False</property>
|
|
+ <signal name="clicked" handler="on_add_clicked" last_modification_time="Mon, 16 Jan 2006 18:27:03 GMT"/>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="homogeneous">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkToolButton" id="toolbutton15">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="tooltip" translatable="yes">Modify Translation</property>
|
|
+ <property name="stock_id">gtk-properties</property>
|
|
+ <property name="visible_horizontal">True</property>
|
|
+ <property name="visible_vertical">True</property>
|
|
+ <property name="is_important">False</property>
|
|
+ <signal name="clicked" handler="on_properties_clicked" last_modification_time="Mon, 16 Jan 2006 18:26:51 GMT"/>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="homogeneous">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkToolButton" id="toolbutton16">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="tooltip" translatable="yes">Delete Translation</property>
|
|
+ <property name="stock_id">gtk-delete</property>
|
|
+ <property name="visible_horizontal">True</property>
|
|
+ <property name="visible_vertical">True</property>
|
|
+ <property name="is_important">False</property>
|
|
+ <signal name="clicked" handler="on_delete_clicked" last_modification_time="Mon, 16 Jan 2006 18:26:29 GMT"/>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="homogeneous">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">False</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkHBox" id="hbox12">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">0</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label56">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">Filter</property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0.5</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">10</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">False</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkEntry" id="usersFilterEntry">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="editable">True</property>
|
|
+ <property name="visibility">True</property>
|
|
+ <property name="max_length">0</property>
|
|
+ <property name="text" translatable="yes"></property>
|
|
+ <property name="has_frame">True</property>
|
|
+ <property name="invisible_char">•</property>
|
|
+ <property name="activates_default">False</property>
|
|
+ <signal name="changed" handler="on_booleansFilter_changed" last_modification_time="Fri, 06 Apr 2007 12:39:26 GMT"/>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">True</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">5</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkScrolledWindow" id="scrolledwindow11">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="hscrollbar_policy">GTK_POLICY_ALWAYS</property>
|
|
+ <property name="vscrollbar_policy">GTK_POLICY_ALWAYS</property>
|
|
+ <property name="shadow_type">GTK_SHADOW_NONE</property>
|
|
+ <property name="window_placement">GTK_CORNER_TOP_LEFT</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkTreeView" id="usersView">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="headers_visible">True</property>
|
|
+ <property name="rules_hint">False</property>
|
|
+ <property name="reorderable">False</property>
|
|
+ <property name="enable_search">True</property>
|
|
+ <property name="fixed_height_mode">False</property>
|
|
+ <property name="hover_selection">False</property>
|
|
+ <property name="hover_expand">False</property>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">True</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="tab_expand">False</property>
|
|
+ <property name="tab_fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label41">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">label41</property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0.5</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="type">tab</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkVBox" id="vbox13">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">0</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkToolbar" id="toolbar4">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="orientation">GTK_ORIENTATION_HORIZONTAL</property>
|
|
+ <property name="toolbar_style">GTK_TOOLBAR_BOTH</property>
|
|
+ <property name="tooltips">True</property>
|
|
+ <property name="show_arrow">True</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkToolButton" id="toolbutton11">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="tooltip" translatable="yes">Add SELinux User</property>
|
|
+ <property name="stock_id">gtk-add</property>
|
|
+ <property name="visible_horizontal">True</property>
|
|
+ <property name="visible_vertical">True</property>
|
|
+ <property name="is_important">False</property>
|
|
+ <signal name="clicked" handler="on_add_clicked" last_modification_time="Mon, 16 Jan 2006 18:27:03 GMT"/>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="homogeneous">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkToolButton" id="toolbutton12">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="tooltip" translatable="yes">Modify SELinux User</property>
|
|
+ <property name="stock_id">gtk-properties</property>
|
|
+ <property name="visible_horizontal">True</property>
|
|
+ <property name="visible_vertical">True</property>
|
|
+ <property name="is_important">False</property>
|
|
+ <signal name="clicked" handler="on_properties_clicked" last_modification_time="Mon, 16 Jan 2006 18:26:51 GMT"/>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="homogeneous">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkToolButton" id="toolbutton13">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="tooltip" translatable="yes">Add SELinux User</property>
|
|
+ <property name="stock_id">gtk-delete</property>
|
|
+ <property name="visible_horizontal">True</property>
|
|
+ <property name="visible_vertical">True</property>
|
|
+ <property name="is_important">False</property>
|
|
+ <signal name="clicked" handler="on_delete_clicked" last_modification_time="Mon, 16 Jan 2006 18:26:29 GMT"/>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="homogeneous">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">False</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkHBox" id="hbox10">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">0</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label54">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">Filter</property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0.5</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">10</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">False</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkEntry" id="translationsFilterEntry">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="editable">True</property>
|
|
+ <property name="visibility">True</property>
|
|
+ <property name="max_length">0</property>
|
|
+ <property name="text" translatable="yes"></property>
|
|
+ <property name="has_frame">True</property>
|
|
+ <property name="invisible_char">•</property>
|
|
+ <property name="activates_default">False</property>
|
|
+ <signal name="changed" handler="on_booleansFilter_changed" last_modification_time="Fri, 06 Apr 2007 12:39:26 GMT"/>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">True</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">5</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkScrolledWindow" id="scrolledwindow12">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="hscrollbar_policy">GTK_POLICY_ALWAYS</property>
|
|
+ <property name="vscrollbar_policy">GTK_POLICY_ALWAYS</property>
|
|
+ <property name="shadow_type">GTK_SHADOW_NONE</property>
|
|
+ <property name="window_placement">GTK_CORNER_TOP_LEFT</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkTreeView" id="translationsView">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="headers_visible">True</property>
|
|
+ <property name="rules_hint">False</property>
|
|
+ <property name="reorderable">False</property>
|
|
+ <property name="enable_search">True</property>
|
|
+ <property name="fixed_height_mode">False</property>
|
|
+ <property name="hover_selection">False</property>
|
|
+ <property name="hover_expand">False</property>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">True</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="tab_expand">False</property>
|
|
+ <property name="tab_fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label40">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">label40</property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0.5</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="type">tab</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkVBox" id="vbox15">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">0</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkToolbar" id="toolbar6">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="orientation">GTK_ORIENTATION_HORIZONTAL</property>
|
|
+ <property name="toolbar_style">GTK_TOOLBAR_BOTH</property>
|
|
+ <property name="tooltips">False</property>
|
|
+ <property name="show_arrow">True</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkToolButton" id="portsAddButton">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="tooltip" translatable="yes">Add Network Port</property>
|
|
+ <property name="stock_id">gtk-add</property>
|
|
+ <property name="visible_horizontal">True</property>
|
|
+ <property name="visible_vertical">True</property>
|
|
+ <property name="is_important">False</property>
|
|
+ <signal name="clicked" handler="on_add_clicked" last_modification_time="Mon, 16 Jan 2006 18:27:03 GMT"/>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="homogeneous">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkToolButton" id="portsPropertiesButton">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="tooltip" translatable="yes">Edit Network Port</property>
|
|
+ <property name="stock_id">gtk-properties</property>
|
|
+ <property name="visible_horizontal">True</property>
|
|
+ <property name="visible_vertical">True</property>
|
|
+ <property name="is_important">False</property>
|
|
+ <signal name="clicked" handler="on_properties_clicked" last_modification_time="Mon, 16 Jan 2006 18:26:51 GMT"/>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="homogeneous">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkToolButton" id="portsDeleteButton">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="tooltip" translatable="yes">Delete Network Port</property>
|
|
+ <property name="stock_id">gtk-delete</property>
|
|
+ <property name="visible_horizontal">True</property>
|
|
+ <property name="visible_vertical">True</property>
|
|
+ <property name="is_important">False</property>
|
|
+ <signal name="clicked" handler="on_delete_clicked" last_modification_time="Mon, 16 Jan 2006 18:26:29 GMT"/>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="homogeneous">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkToolItem" id="toolitem2">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="visible_horizontal">True</property>
|
|
+ <property name="visible_vertical">True</property>
|
|
+ <property name="is_important">False</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkVSeparator" id="vseparator1">
|
|
+ <property name="width_request">32</property>
|
|
+ <property name="visible">True</property>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkToolButton" id="listViewButton">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="tooltip" translatable="yes">Toggle between Customized and All Ports</property>
|
|
+ <property name="label" translatable="yes">Group View</property>
|
|
+ <property name="use_underline">True</property>
|
|
+ <property name="stock_id">gtk-indent</property>
|
|
+ <property name="visible_horizontal">True</property>
|
|
+ <property name="visible_vertical">True</property>
|
|
+ <property name="is_important">False</property>
|
|
+ <signal name="clicked" handler="on_group_clicked" last_modification_time="Mon, 01 Oct 2007 21:31:19 GMT"/>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="homogeneous">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkToolButton" id="toolbutton35">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="tooltip" translatable="yes">Toggle between Customized and All Ports</property>
|
|
+ <property name="label" translatable="yes">Customized</property>
|
|
+ <property name="use_underline">True</property>
|
|
+ <property name="stock_id">gtk-find</property>
|
|
+ <property name="visible_horizontal">True</property>
|
|
+ <property name="visible_vertical">True</property>
|
|
+ <property name="is_important">False</property>
|
|
+ <signal name="clicked" handler="on_local_clicked" last_modification_time="Wed, 19 Sep 2007 19:14:08 GMT"/>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="homogeneous">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">False</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkHBox" id="hbox9">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">0</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label53">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">Filter</property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0.5</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">10</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">False</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkEntry" id="portsFilterEntry">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="editable">True</property>
|
|
+ <property name="visibility">True</property>
|
|
+ <property name="max_length">0</property>
|
|
+ <property name="text" translatable="yes"></property>
|
|
+ <property name="has_frame">True</property>
|
|
+ <property name="invisible_char">•</property>
|
|
+ <property name="activates_default">False</property>
|
|
+ <signal name="changed" handler="on_booleansFilter_changed" last_modification_time="Fri, 06 Apr 2007 12:39:26 GMT"/>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">True</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">5</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkScrolledWindow" id="scrolledwindow13">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="hscrollbar_policy">GTK_POLICY_ALWAYS</property>
|
|
+ <property name="vscrollbar_policy">GTK_POLICY_ALWAYS</property>
|
|
+ <property name="shadow_type">GTK_SHADOW_NONE</property>
|
|
+ <property name="window_placement">GTK_CORNER_TOP_LEFT</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkTreeView" id="portsView">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="headers_visible">True</property>
|
|
+ <property name="rules_hint">False</property>
|
|
+ <property name="reorderable">False</property>
|
|
+ <property name="enable_search">True</property>
|
|
+ <property name="fixed_height_mode">False</property>
|
|
+ <property name="hover_selection">False</property>
|
|
+ <property name="hover_expand">False</property>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">True</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="tab_expand">False</property>
|
|
+ <property name="tab_fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label42">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">label42</property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0.5</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="type">tab</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkVBox" id="vbox17">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">0</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkToolbar" id="toolbar8">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="orientation">GTK_ORIENTATION_HORIZONTAL</property>
|
|
+ <property name="toolbar_style">GTK_TOOLBAR_BOTH</property>
|
|
+ <property name="tooltips">True</property>
|
|
+ <property name="show_arrow">True</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkToolButton" id="newModuleButton">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="tooltip" translatable="yes">Generate new policy module</property>
|
|
+ <property name="stock_id">gtk-new</property>
|
|
+ <property name="visible_horizontal">True</property>
|
|
+ <property name="visible_vertical">True</property>
|
|
+ <property name="is_important">False</property>
|
|
+ <signal name="clicked" handler="on_new_clicked" last_modification_time="Sat, 17 Mar 2007 15:53:29 GMT"/>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="homogeneous">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkToolButton" id="toolbutton23">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="tooltip" translatable="yes">Load policy module</property>
|
|
+ <property name="stock_id">gtk-add</property>
|
|
+ <property name="visible_horizontal">True</property>
|
|
+ <property name="visible_vertical">True</property>
|
|
+ <property name="is_important">False</property>
|
|
+ <signal name="clicked" handler="on_add_clicked" last_modification_time="Mon, 16 Jan 2006 18:27:03 GMT"/>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="homogeneous">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkToolButton" id="toolbutton25">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="tooltip" translatable="yes">Remove loadable policy module</property>
|
|
+ <property name="stock_id">gtk-remove</property>
|
|
+ <property name="visible_horizontal">True</property>
|
|
+ <property name="visible_vertical">True</property>
|
|
+ <property name="is_important">False</property>
|
|
+ <signal name="clicked" handler="on_delete_clicked" last_modification_time="Mon, 16 Jan 2006 18:26:29 GMT"/>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="homogeneous">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkToolItem" id="toolitem3">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="visible_horizontal">True</property>
|
|
+ <property name="visible_vertical">True</property>
|
|
+ <property name="is_important">False</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkVSeparator" id="vseparator2">
|
|
+ <property name="width_request">10</property>
|
|
+ <property name="visible">True</property>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkToolButton" id="enableAuditButton">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="tooltip" translatable="yes">Enable additional audit rules, that are normally not reported in the log files.</property>
|
|
+ <property name="label" translatable="yes">Enable Audit</property>
|
|
+ <property name="use_underline">True</property>
|
|
+ <property name="stock_id">gtk-zoom-in</property>
|
|
+ <property name="visible_horizontal">True</property>
|
|
+ <property name="visible_vertical">True</property>
|
|
+ <property name="is_important">False</property>
|
|
+ <signal name="clicked" handler="on_disable_audit_clicked" last_modification_time="Wed, 15 Nov 2006 16:29:34 GMT"/>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="homogeneous">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkToolButton" id="disableAuditButton">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="tooltip" translatable="yes">Disable additional audit rules, that are normally not reported in the log files.</property>
|
|
+ <property name="label" translatable="yes">Disable Audit</property>
|
|
+ <property name="use_underline">True</property>
|
|
+ <property name="stock_id">gtk-zoom-out</property>
|
|
+ <property name="visible_horizontal">True</property>
|
|
+ <property name="visible_vertical">True</property>
|
|
+ <property name="is_important">False</property>
|
|
+ <signal name="clicked" handler="on_disable_audit_clicked" last_modification_time="Wed, 15 Nov 2006 16:29:34 GMT"/>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="homogeneous">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">False</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkHBox" id="hbox11">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="homogeneous">False</property>
|
|
+ <property name="spacing">0</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label55">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">Filter</property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0.5</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">10</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">False</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkEntry" id="modulesFilterEntry">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="editable">True</property>
|
|
+ <property name="visibility">True</property>
|
|
+ <property name="max_length">0</property>
|
|
+ <property name="text" translatable="yes"></property>
|
|
+ <property name="has_frame">True</property>
|
|
+ <property name="invisible_char">•</property>
|
|
+ <property name="activates_default">False</property>
|
|
+ <signal name="changed" handler="on_booleansFilter_changed" last_modification_time="Fri, 06 Apr 2007 12:39:26 GMT"/>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">True</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">5</property>
|
|
+ <property name="expand">False</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkScrolledWindow" id="scrolledwindow15">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="hscrollbar_policy">GTK_POLICY_ALWAYS</property>
|
|
+ <property name="vscrollbar_policy">GTK_POLICY_ALWAYS</property>
|
|
+ <property name="shadow_type">GTK_SHADOW_NONE</property>
|
|
+ <property name="window_placement">GTK_CORNER_TOP_LEFT</property>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkTreeView" id="modulesView">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="can_focus">True</property>
|
|
+ <property name="headers_visible">True</property>
|
|
+ <property name="rules_hint">False</property>
|
|
+ <property name="reorderable">False</property>
|
|
+ <property name="enable_search">True</property>
|
|
+ <property name="fixed_height_mode">False</property>
|
|
+ <property name="hover_selection">False</property>
|
|
+ <property name="hover_expand">False</property>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">True</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="tab_expand">False</property>
|
|
+ <property name="tab_fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child>
|
|
+ <widget class="GtkLabel" id="label44">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="label" translatable="yes">label44</property>
|
|
+ <property name="use_underline">False</property>
|
|
+ <property name="use_markup">False</property>
|
|
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
|
|
+ <property name="wrap">False</property>
|
|
+ <property name="selectable">False</property>
|
|
+ <property name="xalign">0.5</property>
|
|
+ <property name="yalign">0.5</property>
|
|
+ <property name="xpad">0</property>
|
|
+ <property name="ypad">0</property>
|
|
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
|
|
+ <property name="width_chars">-1</property>
|
|
+ <property name="single_line_mode">False</property>
|
|
+ <property name="angle">0</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="type">tab</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="shrink">True</property>
|
|
+ <property name="resize">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+ </widget>
|
|
+ </child>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">True</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+
|
|
+ <child internal-child="appbar">
|
|
+ <widget class="GnomeAppBar" id="appbar2">
|
|
+ <property name="visible">True</property>
|
|
+ <property name="has_progress">True</property>
|
|
+ <property name="has_status">True</property>
|
|
+ </widget>
|
|
+ <packing>
|
|
+ <property name="padding">0</property>
|
|
+ <property name="expand">True</property>
|
|
+ <property name="fill">True</property>
|
|
+ </packing>
|
|
+ </child>
|
|
+</widget>
|
|
+
|
|
+</glade-interface>
|
|
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinux.py policycoreutils-2.0.27/gui/system-config-selinux.py
|
|
--- nsapolicycoreutils/gui/system-config-selinux.py 1969-12-31 19:00:00.000000000 -0500
|
|
+++ policycoreutils-2.0.27/gui/system-config-selinux.py 2007-09-27 11:20:32.000000000 -0400
|
|
@@ -0,0 +1,175 @@
|
|
+#!/usr/bin/python
|
|
+#
|
|
+# system-config-selinux.py - GUI for SELinux Config tool in system-config-selinux
|
|
+#
|
|
+# Dan Walsh <dwalsh@redhat.com>
|
|
+#
|
|
+# Copyright 2006 Red Hat, Inc.
|
|
+#
|
|
+# This program is free software; you can redistribute it and/or modify
|
|
+# it under the terms of the GNU General Public License as published by
|
|
+# the Free Software Foundation; either version 2 of the License, or
|
|
+# (at your option) any later version.
|
|
+#
|
|
+# This program is distributed in the hope that it will be useful,
|
|
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
+# GNU General Public License for more details.
|
|
+#
|
|
+# You should have received a copy of the GNU General Public License
|
|
+# along with this program; if not, write to the Free Software
|
|
+# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
|
|
+#
|
|
+import signal
|
|
+import string
|
|
+import gtk
|
|
+import gtk.glade
|
|
+import os
|
|
+import gobject
|
|
+import gnome
|
|
+import sys
|
|
+import statusPage
|
|
+import booleansPage
|
|
+import loginsPage
|
|
+import usersPage
|
|
+import portsPage
|
|
+import modulesPage
|
|
+import fcontextPage
|
|
+import translationsPage
|
|
+import selinux
|
|
+##
|
|
+## I18N
|
|
+##
|
|
+PROGNAME="system-config-selinux"
|
|
+
|
|
+import gettext
|
|
+gettext.bindtextdomain(PROGNAME, "/usr/share/locale")
|
|
+gettext.textdomain(PROGNAME)
|
|
+try:
|
|
+ gettext.install(PROGNAME,
|
|
+ localedir="/usr/share/locale",
|
|
+ unicode=False,
|
|
+ codeset = 'utf-8')
|
|
+except IOError:
|
|
+ import __builtin__
|
|
+ __builtin__.__dict__['_'] = unicode
|
|
+
|
|
+gnome.program_init("SELinux Management Tool", "5")
|
|
+
|
|
+version = "1.0"
|
|
+
|
|
+sys.path.append('/usr/share/system-config-selinux')
|
|
+
|
|
+
|
|
+
|
|
+##
|
|
+## Pull in the Glade file
|
|
+##
|
|
+if os.access("system-config-selinux.glade", os.F_OK):
|
|
+ xml = gtk.glade.XML ("system-config-selinux.glade", domain=PROGNAME)
|
|
+else:
|
|
+ xml = gtk.glade.XML ("/usr/share/system-config-selinux/system-config-selinux.glade", domain=PROGNAME)
|
|
+
|
|
+class childWindow:
|
|
+ def __init__(self):
|
|
+ self.tabs=[]
|
|
+ self.xml = xml
|
|
+ xml.signal_connect("on_quit_activate", self.destroy)
|
|
+ xml.signal_connect("on_delete_clicked", self.delete)
|
|
+ xml.signal_connect("on_add_clicked", self.add)
|
|
+ xml.signal_connect("on_properties_clicked", self.properties)
|
|
+ xml.signal_connect("on_local_clicked", self.on_local_clicked)
|
|
+ self.add_page(statusPage.statusPage(xml))
|
|
+ if selinux.is_selinux_enabled() > 0:
|
|
+ self.add_page(booleansPage.booleansPage(xml))
|
|
+ self.add_page(fcontextPage.fcontextPage(xml))
|
|
+ self.add_page(loginsPage.loginsPage(xml))
|
|
+ self.add_page(usersPage.usersPage(xml))
|
|
+ self.add_page(translationsPage.translationsPage(xml))
|
|
+ self.add_page(portsPage.portsPage(xml))
|
|
+ self.add_page(modulesPage.modulesPage(xml)) # modules
|
|
+
|
|
+ xml.signal_connect("on_quit_activate", self.destroy)
|
|
+ xml.signal_connect("on_policy_activate", self.policy)
|
|
+ xml.signal_connect("on_logging_activate", self.logging)
|
|
+ xml.signal_connect("on_about_activate", self.on_about_activate)
|
|
+
|
|
+ self.add_menu = xml.get_widget("add_menu_item")
|
|
+ self.properties_menu = xml.get_widget("properties_menu_item")
|
|
+ self.delete_menu = xml.get_widget("delete_menu_item")
|
|
+
|
|
+ def add_page(self, page):
|
|
+ self.tabs.append(page)
|
|
+
|
|
+ def policy(self, args):
|
|
+ os.spawnl(os.P_NOWAIT, "/usr/share/system-config-selinux/semanagegui.py")
|
|
+ def logging(self, args):
|
|
+ os.spawnl(os.P_NOWAIT, "/usr/bin/seaudit")
|
|
+
|
|
+ def delete(self, args):
|
|
+ self.tabs[self.notebook.get_current_page()].deleteDialog()
|
|
+
|
|
+ def add(self, args):
|
|
+ self.tabs[self.notebook.get_current_page()].addDialog()
|
|
+
|
|
+ def properties(self, args):
|
|
+ self.tabs[self.notebook.get_current_page()].propertiesDialog()
|
|
+
|
|
+ def on_local_clicked(self, button):
|
|
+ self.tabs[self.notebook.get_current_page()].on_local_clicked(button)
|
|
+
|
|
+ def on_about_activate(self, args):
|
|
+ dlg = xml.get_widget ("aboutWindow")
|
|
+ dlg.run ()
|
|
+ dlg.hide ()
|
|
+
|
|
+ def destroy(self, args):
|
|
+ gtk.main_quit()
|
|
+
|
|
+ def use_menus(self, use_menus):
|
|
+ self.add_menu.set_sensitive(use_menus)
|
|
+ self.properties_menu.set_sensitive(use_menus)
|
|
+ self.delete_menu.set_sensitive(use_menus)
|
|
+
|
|
+ def itemSelected(self, selection):
|
|
+ store, rows = selection.get_selected_rows()
|
|
+ if store != None and len(rows) > 0:
|
|
+ self.notebook.set_current_page(rows[0][0])
|
|
+ self.use_menus(self.tabs[rows[0][0]].use_menus())
|
|
+ else:
|
|
+ self.notebook.set_current_page(0)
|
|
+ self.use_menus(self.tabs[0].use_menus())
|
|
+
|
|
+
|
|
+ def setupScreen(self):
|
|
+ # Bring in widgets from glade file.
|
|
+ self.mainWindow = self.xml.get_widget("mainWindow")
|
|
+ self.notebook = self.xml.get_widget("notebook")
|
|
+ self.view = self.xml.get_widget("selectView")
|
|
+ self.view.get_selection().connect("changed", self.itemSelected)
|
|
+ self.store = gtk.ListStore(gobject.TYPE_STRING)
|
|
+ self.view.set_model(self.store)
|
|
+ col = gtk.TreeViewColumn("", gtk.CellRendererText(), text = 0)
|
|
+ col.set_resizable(True)
|
|
+ self.view.append_column(col)
|
|
+
|
|
+ for page in self.tabs:
|
|
+ iter = self.store.append()
|
|
+ self.store.set_value(iter, 0, page.get_description())
|
|
+ self.view.get_selection().select_path ((0,))
|
|
+
|
|
+ def stand_alone(self):
|
|
+ desktopName = _("Configue SELinux")
|
|
+
|
|
+ self.setupScreen()
|
|
+
|
|
+ self.mainWindow.connect("destroy", self.destroy)
|
|
+
|
|
+ self.mainWindow.show_all()
|
|
+ gtk.main()
|
|
+
|
|
+if __name__ == "__main__":
|
|
+ signal.signal (signal.SIGINT, signal.SIG_DFL)
|
|
+
|
|
+ app = childWindow()
|
|
+ app.stand_alone()
|
|
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/executable.py policycoreutils-2.0.27/gui/templates/executable.py
|
|
--- nsapolicycoreutils/gui/templates/executable.py 1969-12-31 19:00:00.000000000 -0500
|
|
+++ policycoreutils-2.0.27/gui/templates/executable.py 2007-10-02 16:16:31.000000000 -0400
|
|
@@ -0,0 +1,342 @@
|
|
+# Copyright (C) 2007 Red Hat
|
|
+# see file 'COPYING' for use and warranty information
|
|
+#
|
|
+# policygentool is a tool for the initial generation of SELinux policy
|
|
+#
|
|
+# This program is free software; you can redistribute it and/or
|
|
+# modify it under the terms of the GNU General Public License as
|
|
+# published by the Free Software Foundation; either version 2 of
|
|
+# the License, or (at your option) any later version.
|
|
+#
|
|
+# This program is distributed in the hope that it will be useful,
|
|
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
+# GNU General Public License for more details.
|
|
+#
|
|
+# You should have received a copy of the GNU General Public License
|
|
+# along with this program; if not, write to the Free Software
|
|
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
|
|
+# 02111-1307 USA
|
|
+#
|
|
+#
|
|
+########################### Type Enforcement File #############################
|
|
+te_daemon_types="""\
|
|
+policy_module(TEMPLATETYPE,1.0.0)
|
|
+
|
|
+########################################
|
|
+#
|
|
+# Declarations
|
|
+#
|
|
+
|
|
+type TEMPLATETYPE_t;
|
|
+type TEMPLATETYPE_exec_t;
|
|
+domain_type(TEMPLATETYPE_t)
|
|
+init_daemon_domain(TEMPLATETYPE_t, TEMPLATETYPE_exec_t)
|
|
+"""
|
|
+
|
|
+te_initscript_types="""
|
|
+type TEMPLATETYPE_script_exec_t;
|
|
+init_script_type(TEMPLATETYPE_script_exec_t)
|
|
+"""
|
|
+
|
|
+te_inetd_types="""\
|
|
+policy_module(TEMPLATETYPE,1.0.0)
|
|
+
|
|
+########################################
|
|
+#
|
|
+# Declarations
|
|
+#
|
|
+
|
|
+type TEMPLATETYPE_t;
|
|
+type TEMPLATETYPE_exec_t;
|
|
+inetd_service_domain(TEMPLATETYPE_t, TEMPLATETYPE_exec_t)
|
|
+"""
|
|
+
|
|
+te_userapp_types="""\
|
|
+policy_module(TEMPLATETYPE,1.0.0)
|
|
+
|
|
+########################################
|
|
+#
|
|
+# Declarations
|
|
+#
|
|
+
|
|
+type TEMPLATETYPE_t;
|
|
+type TEMPLATETYPE_exec_t;
|
|
+application_domain(TEMPLATETYPE_t, TEMPLATETYPE_exec_t)
|
|
+role system_r types TEMPLATETYPE_t;
|
|
+
|
|
+"""
|
|
+
|
|
+te_cgi_types="""\
|
|
+policy_module(TEMPLATETYPE,1.0.0)
|
|
+
|
|
+########################################
|
|
+#
|
|
+# Declarations
|
|
+#
|
|
+
|
|
+apache_content_template(TEMPLATETYPE)
|
|
+"""
|
|
+
|
|
+te_daemon_rules="""
|
|
+########################################
|
|
+#
|
|
+# TEMPLATETYPE local policy
|
|
+#
|
|
+
|
|
+# Init script handling
|
|
+domain_use_interactive_fds(TEMPLATETYPE_t)
|
|
+
|
|
+## internal communication is often done using fifo and unix sockets.
|
|
+allow TEMPLATETYPE_t self:fifo_file rw_file_perms;
|
|
+allow TEMPLATETYPE_t self:unix_stream_socket create_stream_socket_perms;
|
|
+
|
|
+files_read_etc_files(TEMPLATETYPE_t)
|
|
+
|
|
+libs_use_ld_so(TEMPLATETYPE_t)
|
|
+libs_use_shared_libs(TEMPLATETYPE_t)
|
|
+
|
|
+miscfiles_read_localization(TEMPLATETYPE_t)
|
|
+
|
|
+ifdef(`targeted_policy',`
|
|
+ term_dontaudit_use_unallocated_ttys(TEMPLATETYPE_t)
|
|
+ term_dontaudit_use_generic_ptys(TEMPLATETYPE_t)
|
|
+')
|
|
+
|
|
+"""
|
|
+
|
|
+te_inetd_rules="""
|
|
+"""
|
|
+
|
|
+te_userapp_rules="""
|
|
+########################################
|
|
+#
|
|
+# TEMPLATETYPE local policy
|
|
+#
|
|
+
|
|
+## internal communication is often done using fifo and unix sockets.
|
|
+allow TEMPLATETYPE_t self:fifo_file rw_file_perms;
|
|
+allow TEMPLATETYPE_t self:unix_stream_socket create_stream_socket_perms;
|
|
+
|
|
+files_read_etc_files(TEMPLATETYPE_t)
|
|
+
|
|
+libs_use_ld_so(TEMPLATETYPE_t)
|
|
+libs_use_shared_libs(TEMPLATETYPE_t)
|
|
+
|
|
+miscfiles_read_localization(TEMPLATETYPE_t)
|
|
+
|
|
+"""
|
|
+
|
|
+te_cgi_rules="""
|
|
+"""
|
|
+
|
|
+te_uid_rules="""
|
|
+auth_use_nsswitch(TEMPLATETYPE_t)
|
|
+"""
|
|
+
|
|
+te_syslog_rules="""
|
|
+logging_send_syslog_msg(TEMPLATETYPE_t)
|
|
+"""
|
|
+
|
|
+te_pam_rules="""
|
|
+auth_domtrans_chk_passwd(TEMPLATETYPE_t)
|
|
+"""
|
|
+
|
|
+te_mail_rules="""
|
|
+mta_send_mail(TEMPLATETYPE_t)
|
|
+"""
|
|
+
|
|
+te_dbus_rules="""
|
|
+optional_policy(`
|
|
+ allow TEMPLATETYPE_t self:dbus send_msg;
|
|
+ dbus_system_bus_client_template(TEMPLATETYPE,TEMPLATETYPE_t)
|
|
+ dbus_connect_system_bus(TEMPLATETYPE_t)
|
|
+ dbus_send_system_bus(TEMPLATETYPE_t)
|
|
+')
|
|
+"""
|
|
+
|
|
+te_audit_rules="""
|
|
+logging_send_audit_msgs(TEMPLATETYPE_t)
|
|
+"""
|
|
+
|
|
+te_userapp_trans_rules="""
|
|
+optional_policy(`
|
|
+ gen_require(`
|
|
+ type USER_t;
|
|
+ type USER_devpts_t;
|
|
+ type USER_tty_device_t;
|
|
+ role USER_r;
|
|
+ ')
|
|
+
|
|
+ TEMPLATETYPE_run(USER_t, USER_r, { USER_tty_device_t USER_devpts_t })
|
|
+')
|
|
+"""
|
|
+
|
|
+########################### Interface File #############################
|
|
+if_program_rules="""
|
|
+## <summary>policy for TEMPLATETYPE</summary>
|
|
+
|
|
+########################################
|
|
+## <summary>
|
|
+## Execute a domain transition to run TEMPLATETYPE.
|
|
+## </summary>
|
|
+## <param name=\"domain\">
|
|
+## <summary>
|
|
+## Domain allowed to transition.
|
|
+## </summary>
|
|
+## </param>
|
|
+#
|
|
+interface(`TEMPLATETYPE_domtrans',`
|
|
+ gen_require(`
|
|
+ type TEMPLATETYPE_t;
|
|
+ type TEMPLATETYPE_exec_t;
|
|
+ ')
|
|
+
|
|
+ domtrans_pattern($1,TEMPLATETYPE_exec_t,TEMPLATETYPE_t)
|
|
+')
|
|
+
|
|
+"""
|
|
+
|
|
+if_terminal_rules="""
|
|
+########################################
|
|
+## <summary>
|
|
+## Execute TEMPLATETYPE programs in the TEMPLATETYPE domain.
|
|
+## </summary>
|
|
+## <param name="domain">
|
|
+## <summary>
|
|
+## The type of the process performing this action.
|
|
+## </summary>
|
|
+## </param>
|
|
+## <param name="role">
|
|
+## <summary>
|
|
+## The role to allow the TEMPLATETYPE domain.
|
|
+## </summary>
|
|
+## </param>
|
|
+## <param name="terminal">
|
|
+## <summary>
|
|
+## The type of the terminal allow the TEMPLATETYPE domain to use.
|
|
+## </summary>
|
|
+## </param>
|
|
+## <rolecap/>
|
|
+#
|
|
+interface(`TEMPLATETYPE_run',`
|
|
+ gen_require(`
|
|
+ type TEMPLATETYPE_t;
|
|
+ ')
|
|
+
|
|
+ TEMPLATETYPE_domtrans($1)
|
|
+ role $2 types TEMPLATETYPE_t;
|
|
+ allow TEMPLATETYPE_t $3:chr_file rw_term_perms;
|
|
+')
|
|
+
|
|
+"""
|
|
+
|
|
+if_user_program_rules="""
|
|
+########################################
|
|
+## <summary>
|
|
+## Execute TEMPLATETYPE in the TEMPLATETYPE domain, and
|
|
+## allow the specified role the TEMPLATETYPE domain.
|
|
+## </summary>
|
|
+## <param name="domain">
|
|
+## <summary>
|
|
+## Domain allowed access
|
|
+## </summary>
|
|
+## </param>
|
|
+## <param name="role">
|
|
+## <summary>
|
|
+## The role to be allowed the TEMPLATETYPE domain.
|
|
+## </summary>
|
|
+## </param>
|
|
+## <param name="terminal">
|
|
+## <summary>
|
|
+## The type of the role's terminal.
|
|
+## </summary>
|
|
+## </param>
|
|
+#
|
|
+interface(`TEMPLATETYPE_run',`
|
|
+ gen_require(`
|
|
+ type TEMPLATETYPE_t;
|
|
+ ')
|
|
+
|
|
+ TEMPLATETYPE_domtrans($1)
|
|
+ role $2 types TEMPLATETYPE_t;
|
|
+ dontaudit TEMPLATETYPE_t $3:chr_file rw_term_perms;
|
|
+')
|
|
+
|
|
+"""
|
|
+
|
|
+if_initscript_rules="""
|
|
+########################################
|
|
+## <summary>
|
|
+## Execute TEMPLATETYPE server in the TEMPLATETYPE domain.
|
|
+## </summary>
|
|
+## <param name="domain">
|
|
+## <summary>
|
|
+## The type of the process performing this action.
|
|
+## </summary>
|
|
+## </param>
|
|
+#
|
|
+interface(`TEMPLATETYPE_script_domtrans',`
|
|
+ gen_require(`
|
|
+ type TEMPLATETYPE_script_exec_t;
|
|
+ ')
|
|
+
|
|
+ init_script_domtrans_spec($1,TEMPLATETYPE_script_exec_t)
|
|
+')
|
|
+"""
|
|
+
|
|
+if_begin_admin="""
|
|
+########################################
|
|
+## <summary>
|
|
+## All of the rules required to administrate an TEMPLATETYPE environment
|
|
+## </summary>
|
|
+## <param name="prefix">
|
|
+## <summary>
|
|
+## Prefix of the domain. Example, user would be
|
|
+## the prefix for the uder_t domain.
|
|
+## </summary>
|
|
+## </param>
|
|
+## <param name="domain">
|
|
+## <summary>
|
|
+## Domain allowed access.
|
|
+## </summary>
|
|
+## </param>
|
|
+## <param name="role">
|
|
+## <summary>
|
|
+## The role to be allowed to manage the TEMPLATETYPE domain.
|
|
+## </summary>
|
|
+## </param>
|
|
+## <rolecap/>
|
|
+#
|
|
+interface(`TEMPLATETYPE_admin',`
|
|
+ gen_require(`
|
|
+ type TEMPLATETYPE_t;
|
|
+ ')
|
|
+
|
|
+ allow $2 TEMPLATETYPE_t:process { ptrace signal_perms getattr };
|
|
+ read_files_pattern($2, TEMPLATETYPE_t, TEMPLATETYPE_t)
|
|
+
|
|
+"""
|
|
+
|
|
+if_initscript_admin="""
|
|
+ # Allow TEMPLATETYPE_t to restart the apache service
|
|
+ TEMPLATETYPE_script_domtrans($2)
|
|
+ domain_system_change_exemption($2)
|
|
+ role_transition $3 TEMPLATETYPE_script_exec_t system_r;
|
|
+ allow $3 system_r;
|
|
+"""
|
|
+
|
|
+if_end_admin="""
|
|
+')
|
|
+"""
|
|
+
|
|
+########################### File Context ##################################
|
|
+fc_program="""\
|
|
+
|
|
+EXECUTABLE -- gen_context(system_u:object_r:TEMPLATETYPE_exec_t,s0)
|
|
+"""
|
|
+fc_initscript="""\
|
|
+
|
|
+EXECUTABLE -- gen_context(system_u:object_r:TEMPLATETYPE_script_exec_t,s0)
|
|
+"""
|
|
+
|
|
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/__init__.py policycoreutils-2.0.27/gui/templates/__init__.py
|
|
--- nsapolicycoreutils/gui/templates/__init__.py 1969-12-31 19:00:00.000000000 -0500
|
|
+++ policycoreutils-2.0.27/gui/templates/__init__.py 2007-09-27 11:20:32.000000000 -0400
|
|
@@ -0,0 +1,18 @@
|
|
+#
|
|
+# Copyright (C) 2007 Red Hat, Inc.
|
|
+#
|
|
+# This program is free software; you can redistribute it and/or modify
|
|
+# it under the terms of the GNU General Public License as published by
|
|
+# the Free Software Foundation; either version 2 of the License, or
|
|
+# (at your option) any later version.
|
|
+#
|
|
+# This program is distributed in the hope that it will be useful,
|
|
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
+# GNU General Public License for more details.
|
|
+#
|
|
+# You should have received a copy of the GNU General Public License
|
|
+# along with this program; if not, write to the Free Software
|
|
+# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
|
|
+#
|
|
+
|
|
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/network.py policycoreutils-2.0.27/gui/templates/network.py
|
|
--- nsapolicycoreutils/gui/templates/network.py 1969-12-31 19:00:00.000000000 -0500
|
|
+++ policycoreutils-2.0.27/gui/templates/network.py 2007-09-27 11:20:32.000000000 -0400
|
|
@@ -0,0 +1,80 @@
|
|
+te_port_types="""
|
|
+type TEMPLATETYPE_port_t;
|
|
+corenet_port(TEMPLATETYPE_port_t)
|
|
+"""
|
|
+
|
|
+te_network="""\
|
|
+sysnet_dns_name_resolve(TEMPLATETYPE_t)
|
|
+corenet_all_recvfrom_unlabeled(TEMPLATETYPE_t)
|
|
+"""
|
|
+
|
|
+te_tcp="""\
|
|
+allow TEMPLATETYPE_t self:tcp_socket create_stream_socket_perms;
|
|
+corenet_tcp_sendrecv_all_if(TEMPLATETYPE_t)
|
|
+corenet_tcp_sendrecv_all_nodes(TEMPLATETYPE_t)
|
|
+corenet_tcp_sendrecv_all_ports(TEMPLATETYPE_t)
|
|
+"""
|
|
+
|
|
+te_in_tcp="""\
|
|
+corenet_tcp_bind_all_nodes(TEMPLATETYPE_t)
|
|
+"""
|
|
+
|
|
+te_in_need_port_tcp="""\
|
|
+allow TEMPLATETYPE_t TEMPLATETYPE_port_t:tcp_socket name_bind;
|
|
+"""
|
|
+
|
|
+te_out_need_port_tcp="""\
|
|
+allow TEMPLATETYPE_t TEMPLATETYPE_port_t:tcp_socket name_connect;
|
|
+"""
|
|
+
|
|
+te_udp="""\
|
|
+allow TEMPLATETYPE_t self:udp_socket { create_socket_perms listen };
|
|
+corenet_udp_sendrecv_all_if(TEMPLATETYPE_t)
|
|
+corenet_udp_sendrecv_all_nodes(TEMPLATETYPE_t)
|
|
+corenet_udp_sendrecv_all_ports(TEMPLATETYPE_t)
|
|
+"""
|
|
+
|
|
+te_in_udp="""\
|
|
+corenet_udp_bind_all_nodes(TEMPLATETYPE_t)
|
|
+"""
|
|
+
|
|
+te_in_need_port_udp="""\
|
|
+allow TEMPLATETYPE_t TEMPLATETYPE_port_t:udp_socket name_bind;
|
|
+"""
|
|
+
|
|
+te_out_all_ports_tcp="""\
|
|
+corenet_tcp_connect_all_ports(TEMPLATETYPE_t)
|
|
+"""
|
|
+
|
|
+te_out_reserved_ports_tcp="""\
|
|
+corenet_tcp_connect_all_rpc_ports(TEMPLATETYPE_t)
|
|
+"""
|
|
+
|
|
+te_out_unreserved_ports_tcp="""\
|
|
+corenet_tcp_connect_all_unreserved_ports(TEMPLATETYPE_t)
|
|
+"""
|
|
+
|
|
+te_in_all_ports_tcp="""\
|
|
+corenet_tcp_bind_all_ports(TEMPLATETYPE_t)
|
|
+"""
|
|
+
|
|
+te_in_reserved_ports_tcp="""\
|
|
+corenet_tcp_bind_all_rpc_ports(TEMPLATETYPE_t)
|
|
+"""
|
|
+
|
|
+te_in_unreserved_ports_tcp="""\
|
|
+corenet_tcp_bind_all_unreserved_ports(TEMPLATETYPE_t)
|
|
+"""
|
|
+
|
|
+te_in_all_ports_udp="""\
|
|
+corenet_udp_bind_all_ports(TEMPLATETYPE_t)
|
|
+"""
|
|
+
|
|
+te_in_reserved_ports_udp="""\
|
|
+corenet_udp_bind_all_rpc_ports(TEMPLATETYPE_t)
|
|
+"""
|
|
+
|
|
+te_in_unreserved_ports_udp="""\
|
|
+corenet_udp_bind_all_unreserved_ports(TEMPLATETYPE_t)
|
|
+"""
|
|
+
|
|
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/rw.py policycoreutils-2.0.27/gui/templates/rw.py
|
|
--- nsapolicycoreutils/gui/templates/rw.py 1969-12-31 19:00:00.000000000 -0500
|
|
+++ policycoreutils-2.0.27/gui/templates/rw.py 2007-09-27 11:20:32.000000000 -0400
|
|
@@ -0,0 +1,128 @@
|
|
+# Copyright (C) 2007 Red Hat
|
|
+# see file 'COPYING' for use and warranty information
|
|
+#
|
|
+# policygentool is a tool for the initial generation of SELinux policy
|
|
+#
|
|
+# This program is free software; you can redistribute it and/or
|
|
+# modify it under the terms of the GNU General Public License as
|
|
+# published by the Free Software Foundation; either version 2 of
|
|
+# the License, or (at your option) any later version.
|
|
+#
|
|
+# This program is distributed in the hope that it will be useful,
|
|
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
+# GNU General Public License for more details.
|
|
+#
|
|
+# You should have received a copy of the GNU General Public License
|
|
+# along with this program; if not, write to the Free Software
|
|
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
|
|
+# 02111-1307 USA
|
|
+#
|
|
+#
|
|
+
|
|
+########################### tmp Template File #############################
|
|
+te_types="""
|
|
+type TEMPLATETYPE_rw_t;
|
|
+files_type(TEMPLATETYPE_rw_t)
|
|
+"""
|
|
+
|
|
+te_rules="""
|
|
+allow TEMPLATETYPE_t TEMPLATETYPE_rw_t:file manage_file_perms;
|
|
+allow TEMPLATETYPE_t TEMPLATETYPE_rw_t:dir create_dir_perms;
|
|
+"""
|
|
+
|
|
+########################### Interface File #############################
|
|
+if_rules="""
|
|
+########################################
|
|
+## <summary>
|
|
+## Search TEMPLATETYPE rw directories.
|
|
+## </summary>
|
|
+## <param name="domain">
|
|
+## <summary>
|
|
+## Domain allowed access.
|
|
+## </summary>
|
|
+## </param>
|
|
+#
|
|
+interface(`TEMPLATETYPE_search_rw_dir',`
|
|
+ gen_require(`
|
|
+ type TEMPLATETYPE_rw_t;
|
|
+ ')
|
|
+
|
|
+ allow $1 TEMPLATETYPE_rw_t:dir search_dir_perms;
|
|
+ files_search_rw($1)
|
|
+')
|
|
+
|
|
+########################################
|
|
+## <summary>
|
|
+## Read TEMPLATETYPE rw files.
|
|
+## </summary>
|
|
+## <param name="domain">
|
|
+## <summary>
|
|
+## Domain allowed access.
|
|
+## </summary>
|
|
+## </param>
|
|
+#
|
|
+interface(`TEMPLATETYPE_read_rw_files',`
|
|
+ gen_require(`
|
|
+ type TEMPLATETYPE_rw_t;
|
|
+ ')
|
|
+
|
|
+ allow $1 TEMPLATETYPE_rw_t:file r_file_perms;
|
|
+ allow $1 TEMPLATETYPE_rw_t:dir list_dir_perms;
|
|
+ files_search_rw($1)
|
|
+')
|
|
+
|
|
+########################################
|
|
+## <summary>
|
|
+## Create, read, write, and delete
|
|
+## TEMPLATETYPE rw files.
|
|
+## </summary>
|
|
+## <param name="domain">
|
|
+## <summary>
|
|
+## Domain allowed access.
|
|
+## </summary>
|
|
+## </param>
|
|
+#
|
|
+interface(`TEMPLATETYPE_manage_rw_files',`
|
|
+ gen_require(`
|
|
+ type TEMPLATETYPE_rw_t;
|
|
+ ')
|
|
+
|
|
+ allow $1 TEMPLATETYPE_rw_t:file manage_file_perms;
|
|
+ allow $1 TEMPLATETYPE_rw_t:dir rw_dir_perms;
|
|
+')
|
|
+
|
|
+########################################
|
|
+## <summary>
|
|
+## Manage TEMPLATETYPE rw files.
|
|
+## </summary>
|
|
+## <param name="domain">
|
|
+## <summary>
|
|
+## Domain allowed access.
|
|
+## </summary>
|
|
+## </param>
|
|
+#
|
|
+interface(`TEMPLATETYPE_manage_rw',`
|
|
+ gen_require(`
|
|
+ type TEMPLATETYPE_rw_t;
|
|
+ ')
|
|
+
|
|
+ manage_dir_perms($1,TEMPLATETYPE_rw_t,TEMPLATETYPE_rw_t)
|
|
+ manage_file_perms($1,TEMPLATETYPE_rw_t,TEMPLATETYPE_rw_t)
|
|
+ manage_lnk_file_perms($1,TEMPLATETYPE_rw_t,TEMPLATETYPE_rw_t)
|
|
+')
|
|
+
|
|
+"""
|
|
+
|
|
+if_admin_rules="""
|
|
+ TEMPLATETYPE_manage_rw($2)
|
|
+"""
|
|
+
|
|
+########################### File Context ##################################
|
|
+fc_file="""
|
|
+FILENAME -- gen_context(system_u:object_r:TEMPLATETYPE_rw_t,s0)
|
|
+"""
|
|
+
|
|
+fc_dir="""
|
|
+FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_rw_t,s0)
|
|
+"""
|
|
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/script.py policycoreutils-2.0.27/gui/templates/script.py
|
|
--- nsapolicycoreutils/gui/templates/script.py 1969-12-31 19:00:00.000000000 -0500
|
|
+++ policycoreutils-2.0.27/gui/templates/script.py 2007-09-27 11:20:32.000000000 -0400
|
|
@@ -0,0 +1,50 @@
|
|
+# Copyright (C) 2007 Red Hat
|
|
+# see file 'COPYING' for use and warranty information
|
|
+#
|
|
+# policygentool is a tool for the initial generation of SELinux policy
|
|
+#
|
|
+# This program is free software; you can redistribute it and/or
|
|
+# modify it under the terms of the GNU General Public License as
|
|
+# published by the Free Software Foundation; either version 2 of
|
|
+# the License, or (at your option) any later version.
|
|
+#
|
|
+# This program is distributed in the hope that it will be useful,
|
|
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
+# GNU General Public License for more details.
|
|
+#
|
|
+# You should have received a copy of the GNU General Public License
|
|
+# along with this program; if not, write to the Free Software
|
|
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
|
|
+# 02111-1307 USA
|
|
+#
|
|
+#
|
|
+
|
|
+########################### tmp Template File #############################
|
|
+compile="""
|
|
+#!/bin/sh
|
|
+if [ ! -f /usr/share/selinux/devel/Makefile ]; then
|
|
+echo 'selinux-policy-devel not installed, package required for building policy'
|
|
+echo '# yum install selinux-policy-devel'
|
|
+exit 1
|
|
+fi
|
|
+make -f /usr/share/selinux/devel/Makefile
|
|
+/usr/sbin/semodule -i PACKAGEFILENAME.pp
|
|
+
|
|
+"""
|
|
+
|
|
+restorecon="""\
|
|
+/sbin/restorecon -F -R -v FILENAME
|
|
+"""
|
|
+
|
|
+tcp_ports="""\
|
|
+/usr/sbin/semanage port -a -t TEMPLATETYPE_port_t -p tcp PORTNUM
|
|
+"""
|
|
+
|
|
+udp_ports="""\
|
|
+/usr/sbin/semanage port -a -t TEMPLATETYPE_port_t -p udp PORTNUM
|
|
+"""
|
|
+
|
|
+users="""\
|
|
+/usr/sbin/semanage user -a -P TEMPLATETYPE -R "TEMPLATETYPE_rROLES" TEMPLATETYPE_u
|
|
+"""
|
|
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/semodule.py policycoreutils-2.0.27/gui/templates/semodule.py
|
|
--- nsapolicycoreutils/gui/templates/semodule.py 1969-12-31 19:00:00.000000000 -0500
|
|
+++ policycoreutils-2.0.27/gui/templates/semodule.py 2007-09-27 11:20:32.000000000 -0400
|
|
@@ -0,0 +1,41 @@
|
|
+# Copyright (C) 2007 Red Hat
|
|
+# see file 'COPYING' for use and warranty information
|
|
+#
|
|
+# policygentool is a tool for the initial generation of SELinux policy
|
|
+#
|
|
+# This program is free software; you can redistribute it and/or
|
|
+# modify it under the terms of the GNU General Public License as
|
|
+# published by the Free Software Foundation; either version 2 of
|
|
+# the License, or (at your option) any later version.
|
|
+#
|
|
+# This program is distributed in the hope that it will be useful,
|
|
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
+# GNU General Public License for more details.
|
|
+#
|
|
+# You should have received a copy of the GNU General Public License
|
|
+# along with this program; if not, write to the Free Software
|
|
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
|
|
+# 02111-1307 USA
|
|
+#
|
|
+#
|
|
+
|
|
+########################### tmp Template File #############################
|
|
+compile="""
|
|
+#!/bin/sh
|
|
+make -f /usr/share/selinux/devel/Makefile
|
|
+semodule -i TEMPLATETYPE.pp
|
|
+"""
|
|
+
|
|
+restorecon="""
|
|
+restorecon -R -v FILENAME
|
|
+"""
|
|
+
|
|
+tcp_ports="""
|
|
+semanage ports -a -t TEMPLATETYPE_port_t -p tcp PORTNUM
|
|
+"""
|
|
+
|
|
+udp_ports="""
|
|
+semanage ports -a -t TEMPLATETYPE_port_t -p udp PORTNUM
|
|
+"""
|
|
+
|
|
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/tmp.py policycoreutils-2.0.27/gui/templates/tmp.py
|
|
--- nsapolicycoreutils/gui/templates/tmp.py 1969-12-31 19:00:00.000000000 -0500
|
|
+++ policycoreutils-2.0.27/gui/templates/tmp.py 2007-09-27 11:20:32.000000000 -0400
|
|
@@ -0,0 +1,97 @@
|
|
+# Copyright (C) 2007 Red Hat
|
|
+# see file 'COPYING' for use and warranty information
|
|
+#
|
|
+# policygentool is a tool for the initial generation of SELinux policy
|
|
+#
|
|
+# This program is free software; you can redistribute it and/or
|
|
+# modify it under the terms of the GNU General Public License as
|
|
+# published by the Free Software Foundation; either version 2 of
|
|
+# the License, or (at your option) any later version.
|
|
+#
|
|
+# This program is distributed in the hope that it will be useful,
|
|
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
+# GNU General Public License for more details.
|
|
+#
|
|
+# You should have received a copy of the GNU General Public License
|
|
+# along with this program; if not, write to the Free Software
|
|
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
|
|
+# 02111-1307 USA
|
|
+#
|
|
+#
|
|
+########################### tmp Template File #############################
|
|
+
|
|
+te_types="""
|
|
+type TEMPLATETYPE_tmp_t;
|
|
+files_tmp_file(TEMPLATETYPE_tmp_t)
|
|
+"""
|
|
+
|
|
+te_rules="""
|
|
+allow TEMPLATETYPE_t TEMPLATETYPE_tmp_t:file manage_file_perms;
|
|
+allow TEMPLATETYPE_t TEMPLATETYPE_tmp_t:dir create_dir_perms;
|
|
+files_tmp_filetrans(TEMPLATETYPE_t,TEMPLATETYPE_tmp_t, { file dir })
|
|
+"""
|
|
+
|
|
+if_rules="""
|
|
+########################################
|
|
+## <summary>
|
|
+## Do not audit attempts to read,
|
|
+## TEMPLATETYPE tmp files
|
|
+## </summary>
|
|
+## <param name="domain">
|
|
+## <summary>
|
|
+## Domain to not audit.
|
|
+## </summary>
|
|
+## </param>
|
|
+#
|
|
+interface(`TEMPLATETYPE_dontaudit_read_tmp_files',`
|
|
+ gen_require(`
|
|
+ type TEMPLATETYPE_tmp_t;
|
|
+ ')
|
|
+
|
|
+ dontaudit $1 TEMPLATETYPE_tmp_t:file r_file_perms;
|
|
+')
|
|
+
|
|
+########################################
|
|
+## <summary>
|
|
+## Allow domain to read, TEMPLATETYPE tmp files
|
|
+## </summary>
|
|
+## <param name="domain">
|
|
+## <summary>
|
|
+## Domain to not audit.
|
|
+## </summary>
|
|
+## </param>
|
|
+#
|
|
+interface(`TEMPLATETYPE_read_tmp_files',`
|
|
+ gen_require(`
|
|
+ type TEMPLATETYPE_tmp_t;
|
|
+ ')
|
|
+
|
|
+ allow $1 TEMPLATETYPE_tmp_t:file r_file_perms;
|
|
+')
|
|
+
|
|
+########################################
|
|
+## <summary>
|
|
+## Allow domain to manage TEMPLATETYPE tmp files
|
|
+## </summary>
|
|
+## <param name="domain">
|
|
+## <summary>
|
|
+## Domain to not audit.
|
|
+## </summary>
|
|
+## </param>
|
|
+#
|
|
+interface(`TEMPLATETYPE_manage_tmp',`
|
|
+ gen_require(`
|
|
+ type TEMPLATETYPE_tmp_t;
|
|
+ ')
|
|
+
|
|
+ manage_dir_perms($1,TEMPLATETYPE_tmp_t,TEMPLATETYPE_tmp_t)
|
|
+ manage_file_perms($1,TEMPLATETYPE_tmp_t,TEMPLATETYPE_tmp_t)
|
|
+ manage_lnk_file_perms($1,TEMPLATETYPE_tmp_t,TEMPLATETYPE_tmp_t)
|
|
+')
|
|
+"""
|
|
+
|
|
+if_admin_rules="""
|
|
+ TEMPLATETYPE_manage_tmp($2)
|
|
+"""
|
|
+
|
|
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/user.py policycoreutils-2.0.27/gui/templates/user.py
|
|
--- nsapolicycoreutils/gui/templates/user.py 1969-12-31 19:00:00.000000000 -0500
|
|
+++ policycoreutils-2.0.27/gui/templates/user.py 2007-10-02 16:16:50.000000000 -0400
|
|
@@ -0,0 +1,137 @@
|
|
+# Copyright (C) 2007 Red Hat
|
|
+# see file 'COPYING' for use and warranty information
|
|
+#
|
|
+# policygentool is a tool for the initial generation of SELinux policy
|
|
+#
|
|
+# This program is free software; you can redistribute it and/or
|
|
+# modify it under the terms of the GNU General Public License as
|
|
+# published by the Free Software Foundation; either version 2 of
|
|
+# the License, or (at your option) any later version.
|
|
+#
|
|
+# This program is distributed in the hope that it will be useful,
|
|
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
+# GNU General Public License for more details.
|
|
+#
|
|
+# You should have received a copy of the GNU General Public License
|
|
+# along with this program; if not, write to the Free Software
|
|
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
|
|
+# 02111-1307 USA
|
|
+#
|
|
+#
|
|
+########################### Type Enforcement File #############################
|
|
+
|
|
+te_login_user_types="""\
|
|
+policy_module(TEMPLATETYPE,1.0.0)
|
|
+
|
|
+########################################
|
|
+#
|
|
+# Declarations
|
|
+#
|
|
+
|
|
+userdom_unpriv_login_user(TEMPLATETYPE)
|
|
+"""
|
|
+
|
|
+te_x_login_user_types="""\
|
|
+policy_module(TEMPLATETYPE,1.0.0)
|
|
+
|
|
+########################################
|
|
+#
|
|
+# Declarations
|
|
+#
|
|
+
|
|
+userdom_unpriv_xwindows_login_user(TEMPLATETYPE)
|
|
+"""
|
|
+
|
|
+te_root_user_types="""\
|
|
+
|
|
+policy_module(TEMPLATETYPE,1.0.0)
|
|
+
|
|
+########################################
|
|
+#
|
|
+# Declarations
|
|
+#
|
|
+
|
|
+userdom_base_user_template(TEMPLATETYPE)
|
|
+"""
|
|
+
|
|
+te_login_user_rules="""\
|
|
+
|
|
+########################################
|
|
+#
|
|
+# TEMPLATETYPE local policy
|
|
+#
|
|
+
|
|
+"""
|
|
+
|
|
+te_x_login_user_rules="""\
|
|
+
|
|
+########################################
|
|
+#
|
|
+# TEMPLATETYPE local policy
|
|
+#
|
|
+
|
|
+"""
|
|
+
|
|
+te_root_user_rules="""\
|
|
+
|
|
+########################################
|
|
+#
|
|
+# TEMPLATETYPE local policy
|
|
+#
|
|
+
|
|
+"""
|
|
+
|
|
+te_transition_rules="""
|
|
+optional_policy(`
|
|
+ APPLICATION_per_role_template(TEMPLATETYPE,TEMPLATETYPE_t,TEMPLATETYPE_r)
|
|
+')
|
|
+"""
|
|
+
|
|
+te_admin_rules="""
|
|
+allow TEMPLATETYPE_t self:capability { dac_override dac_read_search kill sys_ptrace sys_nice };
|
|
+files_dontaudit_search_all_dirs(TEMPLATETYPE_t)
|
|
+
|
|
+selinux_get_enforce_mode(TEMPLATETYPE_t)
|
|
+seutil_domtrans_setfiles(TEMPLATETYPE_t)
|
|
+seutil_search_default_contexts(TEMPLATETYPE_t)
|
|
+
|
|
+logging_send_syslog_msg(TEMPLATETYPE_t)
|
|
+
|
|
+kernel_read_system_state(TEMPLATETYPE_t)
|
|
+
|
|
+domain_dontaudit_search_all_domains_state(TEMPLATETYPE_t)
|
|
+domain_dontaudit_ptrace_all_domains(TEMPLATETYPE_t)
|
|
+
|
|
+userdom_dontaudit_search_sysadm_home_dirs(TEMPLATETYPE_t)
|
|
+userdom_dontaudit_search_generic_user_home_dirs(TEMPLATETYPE_t)
|
|
+
|
|
+bool TEMPLATETYPE_read_user_files false;
|
|
+bool TEMPLATETYPE_manage_user_files false;
|
|
+
|
|
+if (TEMPLATETYPE_read_user_files) {
|
|
+ userdom_read_unpriv_users_home_content_files(TEMPLATETYPE_t)
|
|
+ userdom_read_unpriv_users_tmp_files(TEMPLATETYPE_t)
|
|
+}
|
|
+
|
|
+if (TEMPLATETYPE_manage_user_files) {
|
|
+ userdom_manage_unpriv_users_home_content_dirs(TEMPLATETYPE_t)
|
|
+ userdom_read_unpriv_users_tmp_files(TEMPLATETYPE_t)
|
|
+ userdom_write_unpriv_users_tmp_files(TEMPLATETYPE_t)
|
|
+}
|
|
+
|
|
+"""
|
|
+
|
|
+te_admin_domain_rules="""
|
|
+optional_policy(`
|
|
+ APPLICATION_admin(TEMPLATETYPE,TEMPLATETYPE_t,TEMPLATETYPE_r)
|
|
+')
|
|
+"""
|
|
+
|
|
+te_roles_rules="""
|
|
+userdom_role_change_template(TEMPLATETYPE, ROLE)
|
|
+"""
|
|
+
|
|
+te_newrole_rules="""
|
|
+seutil_run_newrole(TEMPLATETYPE_t,TEMPLATETYPE_r,{ TEMPLATETYPE_devpts_t TEMPLATETYPE_tty_device_t })
|
|
+"""
|
|
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_lib.py policycoreutils-2.0.27/gui/templates/var_lib.py
|
|
--- nsapolicycoreutils/gui/templates/var_lib.py 1969-12-31 19:00:00.000000000 -0500
|
|
+++ policycoreutils-2.0.27/gui/templates/var_lib.py 2007-09-27 11:20:32.000000000 -0400
|
|
@@ -0,0 +1,162 @@
|
|
+# Copyright (C) 2007 Red Hat
|
|
+# see file 'COPYING' for use and warranty information
|
|
+#
|
|
+# policygentool is a tool for the initial generation of SELinux policy
|
|
+#
|
|
+# This program is free software; you can redistribute it and/or
|
|
+# modify it under the terms of the GNU General Public License as
|
|
+# published by the Free Software Foundation; either version 2 of
|
|
+# the License, or (at your option) any later version.
|
|
+#
|
|
+# This program is distributed in the hope that it will be useful,
|
|
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
+# GNU General Public License for more details.
|
|
+#
|
|
+# You should have received a copy of the GNU General Public License
|
|
+# along with this program; if not, write to the Free Software
|
|
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
|
|
+# 02111-1307 USA
|
|
+#
|
|
+#
|
|
+########################### var_lib Template File #############################
|
|
+
|
|
+########################### Type Enforcement File #############################
|
|
+te_types="""
|
|
+type TEMPLATETYPE_var_lib_t;
|
|
+files_type(TEMPLATETYPE_var_lib_t)
|
|
+"""
|
|
+te_rules="""
|
|
+allow TEMPLATETYPE_t TEMPLATETYPE_var_lib_t:file manage_file_perms;
|
|
+allow TEMPLATETYPE_t TEMPLATETYPE_var_lib_t:dir manage_dir_perms;
|
|
+files_var_lib_filetrans(TEMPLATETYPE_t,TEMPLATETYPE_var_lib_t, { file dir })
|
|
+"""
|
|
+
|
|
+te_stream_rules="""\
|
|
+allow TEMPLATETYPE_t TEMPLATETYPE_var_lib_t:sock_file manage_file_perms;
|
|
+files_var_lib_filetrans(TEMPLATETYPE_t,TEMPLATETYPE_var_lib_t, sock_file)
|
|
+"""
|
|
+
|
|
+
|
|
+########################### Interface File #############################
|
|
+if_rules="""
|
|
+########################################
|
|
+## <summary>
|
|
+## Search TEMPLATETYPE lib directories.
|
|
+## </summary>
|
|
+## <param name="domain">
|
|
+## <summary>
|
|
+## Domain allowed access.
|
|
+## </summary>
|
|
+## </param>
|
|
+#
|
|
+interface(`TEMPLATETYPE_search_lib',`
|
|
+ gen_require(`
|
|
+ type TEMPLATETYPE_var_lib_t;
|
|
+ ')
|
|
+
|
|
+ allow $1 TEMPLATETYPE_var_lib_t:dir search_dir_perms;
|
|
+ files_search_var_lib($1)
|
|
+')
|
|
+
|
|
+########################################
|
|
+## <summary>
|
|
+## Read TEMPLATETYPE lib files.
|
|
+## </summary>
|
|
+## <param name="domain">
|
|
+## <summary>
|
|
+## Domain allowed access.
|
|
+## </summary>
|
|
+## </param>
|
|
+#
|
|
+interface(`TEMPLATETYPE_read_lib_files',`
|
|
+ gen_require(`
|
|
+ type TEMPLATETYPE_var_lib_t;
|
|
+ ')
|
|
+
|
|
+ allow $1 TEMPLATETYPE_var_lib_t:file r_file_perms;
|
|
+ allow $1 TEMPLATETYPE_var_lib_t:dir list_dir_perms;
|
|
+ files_search_var_lib($1)
|
|
+')
|
|
+
|
|
+########################################
|
|
+## <summary>
|
|
+## Create, read, write, and delete
|
|
+## TEMPLATETYPE lib files.
|
|
+## </summary>
|
|
+## <param name="domain">
|
|
+## <summary>
|
|
+## Domain allowed access.
|
|
+## </summary>
|
|
+## </param>
|
|
+#
|
|
+interface(`TEMPLATETYPE_manage_lib_files',`
|
|
+ gen_require(`
|
|
+ type TEMPLATETYPE_var_lib_t;
|
|
+ ')
|
|
+
|
|
+ allow $1 TEMPLATETYPE_var_lib_t:file manage_file_perms;
|
|
+ allow $1 TEMPLATETYPE_var_lib_t:dir rw_dir_perms;
|
|
+ files_search_var_lib($1)
|
|
+')
|
|
+
|
|
+########################################
|
|
+## <summary>
|
|
+## Manage TEMPLATETYPE var_lib files.
|
|
+## </summary>
|
|
+## <param name="domain">
|
|
+## <summary>
|
|
+## Domain allowed access.
|
|
+## </summary>
|
|
+## </param>
|
|
+#
|
|
+interface(`TEMPLATETYPE_manage_var_lib',`
|
|
+ gen_require(`
|
|
+ type TEMPLATETYPE_var_lib_t;
|
|
+ ')
|
|
+
|
|
+ manage_dir_perms($1,TEMPLATETYPE_var_lib_t,TEMPLATETYPE_var_lib_t)
|
|
+ manage_file_perms($1,TEMPLATETYPE_var_lib_t,TEMPLATETYPE_var_lib_t)
|
|
+ manage_lnk_file_perms($1,TEMPLATETYPE_var_lib_t,TEMPLATETYPE_var_lib_t)
|
|
+')
|
|
+
|
|
+"""
|
|
+
|
|
+if_stream_rules="""
|
|
+########################################
|
|
+## <summary>
|
|
+## Connect to TEMPLATETYPE over an unix stream socket.
|
|
+## </summary>
|
|
+## <param name="domain">
|
|
+## <summary>
|
|
+## Domain allowed access.
|
|
+## </summary>
|
|
+## </param>
|
|
+#
|
|
+interface(`TEMPLATETYPE_stream_connect',`
|
|
+ gen_require(`
|
|
+ type TEMPLATETYPE_t, TEMPLATETYPE_var_lib_t;
|
|
+ ')
|
|
+
|
|
+ files_search_pids($1)
|
|
+ allow $1 TEMPLATETYPE_var_lib_t:sock_file write;
|
|
+ allow $1 TEMPLATETYPE_t:unix_stream_socket connectto;
|
|
+')
|
|
+"""
|
|
+
|
|
+if_admin_rules="""
|
|
+ TEMPLATETYPE_manage_var_lib($2)
|
|
+"""
|
|
+
|
|
+########################### File Context ##################################
|
|
+fc_file="""\
|
|
+FILENAME -- gen_context(system_u:object_r:TEMPLATETYPE_var_lib_t,s0)
|
|
+"""
|
|
+
|
|
+fc_sock_file="""\
|
|
+FILENAME -s gen_context(system_u:object_r:TEMPLATETYPE_var_lib_t,s0)
|
|
+"""
|
|
+
|
|
+fc_dir="""\
|
|
+FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_var_lib_t,s0)
|
|
+"""
|
|
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_log.py policycoreutils-2.0.27/gui/templates/var_log.py
|
|
--- nsapolicycoreutils/gui/templates/var_log.py 1969-12-31 19:00:00.000000000 -0500
|
|
+++ policycoreutils-2.0.27/gui/templates/var_log.py 2007-09-27 11:20:32.000000000 -0400
|
|
@@ -0,0 +1,112 @@
|
|
+# Copyright (C) 2007 Red Hat
|
|
+# see file 'COPYING' for use and warranty information
|
|
+#
|
|
+# policygentool is a tool for the initial generation of SELinux policy
|
|
+#
|
|
+# This program is free software; you can redistribute it and/or
|
|
+# modify it under the terms of the GNU General Public License as
|
|
+# published by the Free Software Foundation; either version 2 of
|
|
+# the License, or (at your option) any later version.
|
|
+#
|
|
+# This program is distributed in the hope that it will be useful,
|
|
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
+# GNU General Public License for more details.
|
|
+#
|
|
+# You should have received a copy of the GNU General Public License
|
|
+# along with this program; if not, write to the Free Software
|
|
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
|
|
+# 02111-1307 USA
|
|
+#
|
|
+#
|
|
+########################### var_log Template File #############################
|
|
+
|
|
+########################### Type Enforcement File #############################
|
|
+te_types="""
|
|
+type TEMPLATETYPE_log_t;
|
|
+logging_log_file(TEMPLATETYPE_log_t)
|
|
+"""
|
|
+
|
|
+te_rules="""
|
|
+allow TEMPLATETYPE_t TEMPLATETYPE_log_t:file manage_file_perms;
|
|
+allow TEMPLATETYPE_t TEMPLATETYPE_log_t:dir { rw_dir_perms setattr };
|
|
+logging_log_filetrans(TEMPLATETYPE_t,TEMPLATETYPE_log_t,{ file dir })
|
|
+"""
|
|
+
|
|
+########################### Interface File #############################
|
|
+if_rules="""
|
|
+########################################
|
|
+## <summary>
|
|
+## Allow the specified domain to read TEMPLATETYPE's log files.
|
|
+## </summary>
|
|
+## <param name="domain">
|
|
+## <summary>
|
|
+## Domain allowed access.
|
|
+## </summary>
|
|
+## </param>
|
|
+## <rolecap/>
|
|
+#
|
|
+interface(`TEMPLATETYPE_read_log',`
|
|
+ gen_require(`
|
|
+ type TEMPLATETYPE_log_t;
|
|
+ ')
|
|
+
|
|
+ logging_search_logs($1)
|
|
+ allow $1 TEMPLATETYPE_log_t:dir r_dir_perms;
|
|
+ allow $1 TEMPLATETYPE_log_t:file { read getattr lock };
|
|
+')
|
|
+
|
|
+########################################
|
|
+## <summary>
|
|
+## Allow the specified domain to append
|
|
+## TEMPLATETYPE log files.
|
|
+## </summary>
|
|
+## <param name="domain">
|
|
+## <summary>
|
|
+## Domain allowed to transition.
|
|
+## </summary>
|
|
+## </param>
|
|
+#
|
|
+interface(`TEMPLATETYPE_append_log',`
|
|
+ gen_require(`
|
|
+ type var_log_t, TEMPLATETYPE_log_t;
|
|
+ ')
|
|
+
|
|
+ logging_search_logs($1)
|
|
+ allow $1 TEMPLATETYPE_log_t:dir r_dir_perms;
|
|
+ allow $1 TEMPLATETYPE_log_t:file { getattr append };
|
|
+')
|
|
+
|
|
+########################################
|
|
+## <summary>
|
|
+## Allow domain to manage TEMPLATETYPE log files
|
|
+## </summary>
|
|
+## <param name="domain">
|
|
+## <summary>
|
|
+## Domain to not audit.
|
|
+## </summary>
|
|
+## </param>
|
|
+#
|
|
+interface(`TEMPLATETYPE_manage_log',`
|
|
+ gen_require(`
|
|
+ type TEMPLATETYPE_log_t;
|
|
+ ')
|
|
+
|
|
+ manage_dir_perms($1,TEMPLATETYPE_log_t,TEMPLATETYPE_log_t)
|
|
+ manage_file_perms($1,TEMPLATETYPE_log_t,TEMPLATETYPE_log_t)
|
|
+ manage_lnk_file_perms($1,TEMPLATETYPE_log_t,TEMPLATETYPE_log_t)
|
|
+')
|
|
+"""
|
|
+
|
|
+if_admin_rules="""
|
|
+ TEMPLATETYPE_manage_log($2)
|
|
+"""
|
|
+
|
|
+########################### File Context ##################################
|
|
+fc_file="""\
|
|
+FILENAME -- gen_context(system_u:object_r:TEMPLATETYPE_log_t,s0)
|
|
+"""
|
|
+
|
|
+fc_dir="""\
|
|
+FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_log_t,s0)
|
|
+"""
|
|
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_run.py policycoreutils-2.0.27/gui/templates/var_run.py
|
|
--- nsapolicycoreutils/gui/templates/var_run.py 1969-12-31 19:00:00.000000000 -0500
|
|
+++ policycoreutils-2.0.27/gui/templates/var_run.py 2007-09-27 11:20:32.000000000 -0400
|
|
@@ -0,0 +1,119 @@
|
|
+# Copyright (C) 2007 Red Hat
|
|
+# see file 'COPYING' for use and warranty information
|
|
+#
|
|
+# policygentool is a tool for the initial generation of SELinux policy
|
|
+#
|
|
+# This program is free software; you can redistribute it and/or
|
|
+# modify it under the terms of the GNU General Public License as
|
|
+# published by the Free Software Foundation; either version 2 of
|
|
+# the License, or (at your option) any later version.
|
|
+#
|
|
+# This program is distributed in the hope that it will be useful,
|
|
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
+# GNU General Public License for more details.
|
|
+#
|
|
+# You should have received a copy of the GNU General Public License
|
|
+# along with this program; if not, write to the Free Software
|
|
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
|
|
+# 02111-1307 USA
|
|
+#
|
|
+#
|
|
+########################### var_run Template File #############################
|
|
+
|
|
+te_types="""
|
|
+type TEMPLATETYPE_var_run_t;
|
|
+files_pid_file(TEMPLATETYPE_var_run_t)
|
|
+"""
|
|
+
|
|
+te_rules="""
|
|
+allow TEMPLATETYPE_t TEMPLATETYPE_var_run_t:file manage_file_perms;
|
|
+allow TEMPLATETYPE_t TEMPLATETYPE_var_run_t:dir manage_dir_perms;
|
|
+files_pid_filetrans(TEMPLATETYPE_t,TEMPLATETYPE_var_run_t, { file dir })
|
|
+"""
|
|
+
|
|
+te_stream_rules="""
|
|
+allow TEMPLATETYPE_t TEMPLATETYPE_var_run_t:sock_file manage_file_perms;
|
|
+files_pid_filetrans(TEMPLATETYPE_t,TEMPLATETYPE_var_run_t, sock_file)
|
|
+"""
|
|
+
|
|
+if_rules="""
|
|
+########################################
|
|
+## <summary>
|
|
+## Read TEMPLATETYPE PID files.
|
|
+## </summary>
|
|
+## <param name="domain">
|
|
+## <summary>
|
|
+## Domain allowed access.
|
|
+## </summary>
|
|
+## </param>
|
|
+#
|
|
+interface(`TEMPLATETYPE_read_pid_files',`
|
|
+ gen_require(`
|
|
+ type TEMPLATETYPE_var_run_t;
|
|
+ ')
|
|
+
|
|
+ files_search_pids($1)
|
|
+ allow $1 TEMPLATETYPE_var_run_t:file r_file_perms;
|
|
+')
|
|
+
|
|
+########################################
|
|
+## <summary>
|
|
+## Manage TEMPLATETYPE var_run files.
|
|
+## </summary>
|
|
+## <param name="domain">
|
|
+## <summary>
|
|
+## Domain allowed access.
|
|
+## </summary>
|
|
+## </param>
|
|
+#
|
|
+interface(`TEMPLATETYPE_manage_var_run',`
|
|
+ gen_require(`
|
|
+ type TEMPLATETYPE_var_run_t;
|
|
+ ')
|
|
+
|
|
+ manage_dir_perms($1,TEMPLATETYPE_var_run_t,TEMPLATETYPE_var_run_t)
|
|
+ manage_file_perms($1,TEMPLATETYPE_var_run_t,TEMPLATETYPE_var_run_t)
|
|
+ manage_lnk_file_perms($1,TEMPLATETYPE_var_run_t,TEMPLATETYPE_var_run_t)
|
|
+')
|
|
+
|
|
+"""
|
|
+
|
|
+if_stream_rules="""\
|
|
+########################################
|
|
+## <summary>
|
|
+## Connect to TEMPLATETYPE over an unix stream socket.
|
|
+## </summary>
|
|
+## <param name="domain">
|
|
+## <summary>
|
|
+## Domain allowed access.
|
|
+## </summary>
|
|
+## </param>
|
|
+#
|
|
+interface(`TEMPLATETYPE_stream_connect',`
|
|
+ gen_require(`
|
|
+ type TEMPLATETYPE_t, TEMPLATETYPE_var_run_t;
|
|
+ ')
|
|
+
|
|
+ files_search_pids($1)
|
|
+ allow $1 TEMPLATETYPE_var_run_t:sock_file write;
|
|
+ allow $1 TEMPLATETYPE_t:unix_stream_socket connectto;
|
|
+')
|
|
+"""
|
|
+
|
|
+if_admin_rules="""
|
|
+ TEMPLATETYPE_manage_var_run($2)
|
|
+"""
|
|
+
|
|
+fc_file="""\
|
|
+FILENAME -- gen_context(system_u:object_r:TEMPLATETYPE_var_run_t,s0)
|
|
+"""
|
|
+
|
|
+fc_sock_file="""\
|
|
+FILENAME -s gen_context(system_u:object_r:TEMPLATETYPE_var_run_t,s0)
|
|
+"""
|
|
+
|
|
+fc_dir="""\
|
|
+FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_var_run_t,s0)
|
|
+"""
|
|
+
|
|
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_spool.py policycoreutils-2.0.27/gui/templates/var_spool.py
|
|
--- nsapolicycoreutils/gui/templates/var_spool.py 1969-12-31 19:00:00.000000000 -0500
|
|
+++ policycoreutils-2.0.27/gui/templates/var_spool.py 2007-09-27 11:20:32.000000000 -0400
|
|
@@ -0,0 +1,131 @@
|
|
+# Copyright (C) 2007 Red Hat
|
|
+# see file 'COPYING' for use and warranty information
|
|
+#
|
|
+# policygentool is a tool for the initial generation of SELinux policy
|
|
+#
|
|
+# This program is free software; you can redistribute it and/or
|
|
+# modify it under the terms of the GNU General Public License as
|
|
+# published by the Free Software Foundation; either version 2 of
|
|
+# the License, or (at your option) any later version.
|
|
+#
|
|
+# This program is distributed in the hope that it will be useful,
|
|
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
+# GNU General Public License for more details.
|
|
+#
|
|
+# You should have received a copy of the GNU General Public License
|
|
+# along with this program; if not, write to the Free Software
|
|
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
|
|
+# 02111-1307 USA
|
|
+#
|
|
+#
|
|
+########################### var_spool Template File #############################
|
|
+
|
|
+########################### Type Enforcement File #############################
|
|
+te_types="""
|
|
+type TEMPLATETYPE_spool_t;
|
|
+files_type(TEMPLATETYPE_spool_t)
|
|
+"""
|
|
+te_rules="""
|
|
+allow TEMPLATETYPE_t TEMPLATETYPE_spool_t:dir manage_dir_perms;
|
|
+allow TEMPLATETYPE_t TEMPLATETYPE_spool_t:file manage_file_perms;
|
|
+allow TEMPLATETYPE_t TEMPLATETYPE_spool_t:sock_file create_file_perms;
|
|
+files_spool_filetrans(TEMPLATETYPE_t,TEMPLATETYPE_spool_t, { file dir sock_file })
|
|
+"""
|
|
+
|
|
+########################### Interface File #############################
|
|
+if_rules="""
|
|
+########################################
|
|
+## <summary>
|
|
+## Search TEMPLATETYPE spool directories.
|
|
+## </summary>
|
|
+## <param name="domain">
|
|
+## <summary>
|
|
+## Domain allowed access.
|
|
+## </summary>
|
|
+## </param>
|
|
+#
|
|
+interface(`TEMPLATETYPE_search_spool',`
|
|
+ gen_require(`
|
|
+ type TEMPLATETYPE_spool_t;
|
|
+ ')
|
|
+
|
|
+ allow $1 TEMPLATETYPE_spool_t:dir search_dir_perms;
|
|
+ files_search_spool($1)
|
|
+')
|
|
+
|
|
+########################################
|
|
+## <summary>
|
|
+## Read TEMPLATETYPE spool files.
|
|
+## </summary>
|
|
+## <param name="domain">
|
|
+## <summary>
|
|
+## Domain allowed access.
|
|
+## </summary>
|
|
+## </param>
|
|
+#
|
|
+interface(`TEMPLATETYPE_read_spool_files',`
|
|
+ gen_require(`
|
|
+ type TEMPLATETYPE_spool_t;
|
|
+ ')
|
|
+
|
|
+ allow $1 TEMPLATETYPE_spool_t:file r_file_perms;
|
|
+ allow $1 TEMPLATETYPE_spool_t:dir list_dir_perms;
|
|
+ files_search_spool($1)
|
|
+')
|
|
+
|
|
+########################################
|
|
+## <summary>
|
|
+## Create, read, write, and delete
|
|
+## TEMPLATETYPE spool files.
|
|
+## </summary>
|
|
+## <param name="domain">
|
|
+## <summary>
|
|
+## Domain allowed access.
|
|
+## </summary>
|
|
+## </param>
|
|
+#
|
|
+interface(`TEMPLATETYPE_manage_spool_files',`
|
|
+ gen_require(`
|
|
+ type TEMPLATETYPE_spool_t;
|
|
+ ')
|
|
+
|
|
+ allow $1 TEMPLATETYPE_spool_t:file manage_file_perms;
|
|
+ allow $1 TEMPLATETYPE_spool_t:dir rw_dir_perms;
|
|
+ files_search_spool($1)
|
|
+')
|
|
+
|
|
+########################################
|
|
+## <summary>
|
|
+## Allow domain to manage TEMPLATETYPE spool files
|
|
+## </summary>
|
|
+## <param name="domain">
|
|
+## <summary>
|
|
+## Domain to not audit.
|
|
+## </summary>
|
|
+## </param>
|
|
+#
|
|
+interface(`TEMPLATETYPE_manage_spool',`
|
|
+ gen_require(`
|
|
+ type TEMPLATETYPE_spool_t;
|
|
+ ')
|
|
+
|
|
+ manage_dir_perms($1,TEMPLATETYPE_spool_t,TEMPLATETYPE_spool_t)
|
|
+ manage_file_perms($1,TEMPLATETYPE_spool_t,TEMPLATETYPE_spool_t)
|
|
+ manage_lnk_file_perms($1,TEMPLATETYPE_spool_t,TEMPLATETYPE_spool_t)
|
|
+')
|
|
+
|
|
+"""
|
|
+
|
|
+if_admin_rules="""
|
|
+ TEMPLATETYPE_manage_spool($2)
|
|
+"""
|
|
+
|
|
+########################### File Context ##################################
|
|
+fc_file="""\
|
|
+FILENAME -- gen_context(system_u:object_r:TEMPLATETYPE_spool_t,s0)
|
|
+"""
|
|
+
|
|
+fc_dir="""\
|
|
+FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_spool_t,s0)
|
|
+"""
|
|
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/translationsPage.py policycoreutils-2.0.27/gui/translationsPage.py
|
|
--- nsapolicycoreutils/gui/translationsPage.py 1969-12-31 19:00:00.000000000 -0500
|
|
+++ policycoreutils-2.0.27/gui/translationsPage.py 2007-09-27 11:20:33.000000000 -0400
|
|
@@ -0,0 +1,118 @@
|
|
+## translationsPage.py - show selinux translations
|
|
+## Copyright (C) 2006 Red Hat, Inc.
|
|
+
|
|
+## This program is free software; you can redistribute it and/or modify
|
|
+## it under the terms of the GNU General Public License as published by
|
|
+## the Free Software Foundation; either version 2 of the License, or
|
|
+## (at your option) any later version.
|
|
+
|
|
+## This program is distributed in the hope that it will be useful,
|
|
+## but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
+## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
+## GNU General Public License for more details.
|
|
+
|
|
+## You should have received a copy of the GNU General Public License
|
|
+## along with this program; if not, write to the Free Software
|
|
+## Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
|
|
+
|
|
+## Author: Dan Walsh
|
|
+import string
|
|
+import gtk
|
|
+import gtk.glade
|
|
+import os
|
|
+import gobject
|
|
+import sys
|
|
+import seobject
|
|
+from semanagePage import *;
|
|
+
|
|
+##
|
|
+## I18N
|
|
+##
|
|
+PROGNAME="policycoreutils"
|
|
+import gettext
|
|
+gettext.bindtextdomain(PROGNAME, "/usr/share/locale")
|
|
+gettext.textdomain(PROGNAME)
|
|
+try:
|
|
+ gettext.install(PROGNAME, localedir="/usr/share/locale", unicode=1)
|
|
+except IOError:
|
|
+ import __builtin__
|
|
+ __builtin__.__dict__['_'] = unicode
|
|
+
|
|
+class translationsPage(semanagePage):
|
|
+ def __init__(self, xml):
|
|
+ semanagePage.__init__(self, xml, "translations", _("Translation"))
|
|
+ self.firstTime = False
|
|
+
|
|
+ self.translation_filter = xml.get_widget("translationsFilterEntry")
|
|
+ self.translation_filter.connect("focus_out_event", self.filter_changed)
|
|
+ self.translation_filter.connect("activate", self.filter_changed)
|
|
+
|
|
+ self.store = gtk.ListStore(gobject.TYPE_STRING, gobject.TYPE_STRING)
|
|
+ self.view.set_model(self.store)
|
|
+ self.store.set_sort_column_id(0, gtk.SORT_ASCENDING)
|
|
+ col = gtk.TreeViewColumn(_("Sensitvity Level"), gtk.CellRendererText(), text = 0)
|
|
+ col.set_sort_column_id(0)
|
|
+ col.set_sizing(gtk.TREE_VIEW_COLUMN_FIXED)
|
|
+ col.set_resizable(True)
|
|
+ col.set_fixed_width(250)
|
|
+ self.view.append_column(col)
|
|
+ col = gtk.TreeViewColumn(_("Translation"), gtk.CellRendererText(), text = 1)
|
|
+ col.set_sort_column_id(1)
|
|
+ col.set_resizable(True)
|
|
+ self.view.append_column(col)
|
|
+
|
|
+ self.load()
|
|
+ self.translationsLevelEntry = xml.get_widget("translationsLevelEntry")
|
|
+ self.translationsEntry = xml.get_widget("translationsEntry")
|
|
+
|
|
+ def load(self, filter = ""):
|
|
+ self.filter = filter
|
|
+ self.translation = seobject.setransRecords()
|
|
+ dict = self.translation.get_all()
|
|
+ keys = dict.keys()
|
|
+ keys.sort()
|
|
+ self.store.clear()
|
|
+ for k in keys:
|
|
+ if not (self.match(k, filter) or self.match(dict[k], filter)):
|
|
+ continue
|
|
+ iter = self.store.append()
|
|
+ self.store.set_value(iter, 0, k)
|
|
+ self.store.set_value(iter, 1, dict[k])
|
|
+ self.view.get_selection().select_path ((0,))
|
|
+
|
|
+ def dialogInit(self):
|
|
+ store, iter = self.view.get_selection().get_selected()
|
|
+ self.translationsLevelEntry.set_text(store.get_value(iter, 0))
|
|
+ self.translationsLevelEntry.set_sensitive(False)
|
|
+ self.translationsEntry.set_text(store.get_value(iter, 1))
|
|
+
|
|
+ def dialogClear(self):
|
|
+ self.translationsLevelEntry.set_text("")
|
|
+ self.translationsLevelEntry.set_sensitive(True)
|
|
+ self.translationsEntry.set_text("")
|
|
+
|
|
+ def delete(self):
|
|
+ store, iter = self.view.get_selection().get_selected()
|
|
+ try:
|
|
+ level = store.get_value(iter, 0)
|
|
+ self.translation.delete(level)
|
|
+ store.remove(iter)
|
|
+ self.view.get_selection().select_path ((0,))
|
|
+ except ValueError, e:
|
|
+ self.error(e.args[0])
|
|
+
|
|
+ def add(self):
|
|
+ level = self.translationsLevelEntry.get_text().strip()
|
|
+ translation = self.translationsEntry.get_text().strip()
|
|
+ self.translation.add(level, translation)
|
|
+ iter = self.store.append()
|
|
+ self.store.set_value(iter, 0, level)
|
|
+ self.store.set_value(iter, 1, translation)
|
|
+
|
|
+ def modify(self):
|
|
+ level = self.translationsLevelEntry.get_text().strip()
|
|
+ translation = self.translationsEntry.get_text().strip()
|
|
+ self.translation.modify(level, translation)
|
|
+ store, iter = self.view.get_selection().get_selected()
|
|
+ self.store.set_value(iter, 0, level)
|
|
+ self.store.set_value(iter, 1, translation)
|
|
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/usersPage.py policycoreutils-2.0.27/gui/usersPage.py
|
|
--- nsapolicycoreutils/gui/usersPage.py 1969-12-31 19:00:00.000000000 -0500
|
|
+++ policycoreutils-2.0.27/gui/usersPage.py 2007-09-27 11:20:33.000000000 -0400
|
|
@@ -0,0 +1,172 @@
|
|
+## usersPage.py - show selinux mappings
|
|
+## Copyright (C) 2006 Red Hat, Inc.
|
|
+
|
|
+## This program is free software; you can redistribute it and/or modify
|
|
+## it under the terms of the GNU General Public License as published by
|
|
+## the Free Software Foundation; either version 2 of the License, or
|
|
+## (at your option) any later version.
|
|
+
|
|
+## This program is distributed in the hope that it will be useful,
|
|
+## but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
+## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
+## GNU General Public License for more details.
|
|
+
|
|
+## You should have received a copy of the GNU General Public License
|
|
+## along with this program; if not, write to the Free Software
|
|
+## Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
|
|
+
|
|
+## Author: Dan Walsh
|
|
+import string
|
|
+import gtk
|
|
+import gtk.glade
|
|
+import os
|
|
+import gobject
|
|
+import sys
|
|
+import commands
|
|
+import seobject
|
|
+from semanagePage import *;
|
|
+
|
|
+##
|
|
+## I18N
|
|
+##
|
|
+PROGNAME="policycoreutils"
|
|
+import gettext
|
|
+gettext.bindtextdomain(PROGNAME, "/usr/share/locale")
|
|
+gettext.textdomain(PROGNAME)
|
|
+try:
|
|
+ gettext.install(PROGNAME, localedir="/usr/share/locale", unicode=1)
|
|
+except IOError:
|
|
+ import __builtin__
|
|
+ __builtin__.__dict__['_'] = unicode
|
|
+
|
|
+class usersPage(semanagePage):
|
|
+ def __init__(self, xml):
|
|
+ semanagePage.__init__(self, xml, "users", "SELinux User")
|
|
+
|
|
+ self.store = gtk.ListStore(gobject.TYPE_STRING, gobject.TYPE_STRING, gobject.TYPE_STRING, gobject.TYPE_STRING, gobject.TYPE_STRING)
|
|
+ self.view.set_model(self.store)
|
|
+ self.store.set_sort_column_id(0, gtk.SORT_ASCENDING)
|
|
+
|
|
+ col = gtk.TreeViewColumn(_("SELinux\nUser"), gtk.CellRendererText(), text = 0)
|
|
+ col.set_sort_column_id(0)
|
|
+ col.set_resizable(True)
|
|
+ self.view.append_column(col)
|
|
+
|
|
+ col = gtk.TreeViewColumn(_("Labeling\nPrefix"), gtk.CellRendererText(), text = 1)
|
|
+ col.set_resizable(True)
|
|
+ self.view.append_column(col)
|
|
+ col = gtk.TreeViewColumn(_("MLS/\nMCS Level"), gtk.CellRendererText(), text = 2)
|
|
+ col.set_resizable(True)
|
|
+ self.view.append_column(col)
|
|
+ col = gtk.TreeViewColumn(_("MLS/\nMCS Range"), gtk.CellRendererText(), text = 3)
|
|
+ col.set_resizable(True)
|
|
+ self.view.append_column(col)
|
|
+
|
|
+ col = gtk.TreeViewColumn(_("SELinux Roles"), gtk.CellRendererText(), text = 4)
|
|
+ col.set_resizable(True)
|
|
+ self.view.append_column(col)
|
|
+
|
|
+ self.load()
|
|
+ self.selinuxUserEntry = xml.get_widget("selinuxUserEntry")
|
|
+ self.labelPrefixEntry = xml.get_widget("labelPrefixEntry")
|
|
+ self.mlsLevelEntry = xml.get_widget("mlsLevelEntry")
|
|
+ self.mlsRangeEntry = xml.get_widget("mlsRangeEntry")
|
|
+ self.selinuxRolesEntry = xml.get_widget("selinuxRolesEntry")
|
|
+
|
|
+ def load(self, filter = ""):
|
|
+ self.filter=filter
|
|
+ self.user = seobject.seluserRecords()
|
|
+ dict = self.user.get_all()
|
|
+ keys = dict.keys()
|
|
+ keys.sort()
|
|
+ self.store.clear()
|
|
+ for k in keys:
|
|
+ level = seobject.translate(dict[k][1])
|
|
+ range = seobject.translate(dict[k][2])
|
|
+ if not (self.match(k, filter) or self.match(dict[k][0], filter) or self.match(level, filter) or self.match(range, filter) or self.match(dict[k][3], filter)):
|
|
+ continue
|
|
+
|
|
+ iter = self.store.append()
|
|
+ self.store.set_value(iter, 0, k)
|
|
+ self.store.set_value(iter, 1, dict[k][0])
|
|
+ self.store.set_value(iter, 2, level)
|
|
+ self.store.set_value(iter, 3, range)
|
|
+ self.store.set_value(iter, 4, dict[k][3])
|
|
+ self.view.get_selection().select_path ((0,))
|
|
+
|
|
+ def delete(self):
|
|
+ if semanagePage.delete(self) == gtk.RESPONSE_NO:
|
|
+ return None
|
|
+
|
|
+ def dialogInit(self):
|
|
+ store, iter = self.view.get_selection().get_selected()
|
|
+ self.selinuxUserEntry.set_text(store.get_value(iter, 0))
|
|
+ self.selinuxUserEntry.set_sensitive(False)
|
|
+ self.labelPrefixEntry.set_text(store.get_value(iter, 1))
|
|
+ self.mlsLevelEntry.set_text(store.get_value(iter, 2))
|
|
+ self.mlsRangeEntry.set_text(store.get_value(iter, 3))
|
|
+ self.selinuxRolesEntry.set_text(store.get_value(iter, 4))
|
|
+ protocol=store.get_value(iter, 2)
|
|
+
|
|
+ def dialogClear(self):
|
|
+ self.selinuxUserEntry.set_text("")
|
|
+ self.selinuxUserEntry.set_sensitive(True)
|
|
+ self.labelPrefixEntry.set_text("")
|
|
+ self.mlsLevelEntry.set_text("s0")
|
|
+ self.mlsRangeEntry.set_text("s0")
|
|
+ self.selinuxRolesEntry.set_text("")
|
|
+
|
|
+ def add(self):
|
|
+ user = self.selinuxUserEntry.get_text()
|
|
+ prefix = self.labelPrefixEntry.get_text()
|
|
+ level = self.mlsLevelEntry.get_text()
|
|
+ range = self.mlsRangeEntry.get_text()
|
|
+ roles = self.selinuxRolesEntry.get_text()
|
|
+
|
|
+ (rc, out) = commands.getstatusoutput("semanage user -a -R '%s' -r %s-%s -P %s %s" % (roles, level, range, prefix, user))
|
|
+ if rc != 0:
|
|
+ self.error(out)
|
|
+ return False
|
|
+ iter = self.store.append()
|
|
+ self.store.set_value(iter, 0, user)
|
|
+ self.store.set_value(iter, 1, prefix)
|
|
+ self.store.set_value(iter, 2, level)
|
|
+ self.store.set_value(iter, 3, range)
|
|
+ self.store.set_value(iter, 4, roles)
|
|
+
|
|
+ def modify(self):
|
|
+ user = self.selinuxUserEntry.get_text()
|
|
+ prefix = self.labelPrefixEntry.get_text()
|
|
+ level = self.mlsLevelEntry.get_text()
|
|
+ range = self.mlsRangeEntry.get_text()
|
|
+ roles = self.selinuxRolesEntry.get_text()
|
|
+
|
|
+ (rc, out) = commands.getstatusoutput("semanage user -m -R '%s' -r %s-%s -P %s %s" % (roles, level, range, prefix, user))
|
|
+
|
|
+ if rc != 0:
|
|
+ self.error(out)
|
|
+ return False
|
|
+ store, iter = self.view.get_selection().get_selected()
|
|
+ iter = self.store.append()
|
|
+ self.store.set_value(iter, 0, user)
|
|
+ self.store.set_value(iter, 1, prefix)
|
|
+ self.store.set_value(iter, 2, level)
|
|
+ self.store.set_value(iter, 3, range)
|
|
+ self.store.set_value(iter, 4, roles)
|
|
+
|
|
+ def delete(self):
|
|
+ store, iter = self.view.get_selection().get_selected()
|
|
+ try:
|
|
+ user=store.get_value(iter, 0)
|
|
+ if user == "root" or user == "user_u":
|
|
+ raise ValueError(_("SELinux user '%s' is required") % user)
|
|
+
|
|
+ (rc, out) = commands.getstatusoutput("semanage user -d %s" % user)
|
|
+ if rc != 0:
|
|
+ self.error(out)
|
|
+ return False
|
|
+ store.remove(iter)
|
|
+ self.view.get_selection().select_path ((0,))
|
|
+ except ValueError, e:
|
|
+ self.error(e.args[0])
|
|
+
|