xref: /aosp_15_r20/external/selinux/gui/usersPage.py (revision 2d543d20722ada2425b5bdab9d0d1d29470e7bba) 
1## usersPage.py - show selinux mappings
2## Copyright (C) 2006,2007,2008 Red Hat, Inc.
3
4## This program is free software; you can redistribute it and/or modify
5## it under the terms of the GNU General Public License as published by
6## the Free Software Foundation; either version 2 of the License, or
7## (at your option) any later version.
8
9## This program is distributed in the hope that it will be useful,
10## but WITHOUT ANY WARRANTY; without even the implied warranty of
11## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
12## GNU General Public License for more details.
13
14## You should have received a copy of the GNU General Public License
15## along with this program; if not, write to the Free Software
16## Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
17
18## Author: Dan Walsh
19import sys
20try:
21    from subprocess import getstatusoutput
22except ImportError:
23    from commands import getstatusoutput
24
25from gi.repository import GObject, Gtk
26import seobject
27from semanagePage import *
28
29##
30## I18N
31##
32PROGNAME = "selinux-gui"
33try:
34    import gettext
35    kwargs = {}
36    if sys.version_info < (3,):
37        kwargs['unicode'] = True
38    t = gettext.translation(PROGNAME,
39                    localedir="/usr/share/locale",
40                    **kwargs,
41                    fallback=True)
42    _ = t.gettext
43except:
44    try:
45        import builtins
46        builtins.__dict__['_'] = str
47    except ImportError:
48        import __builtin__
49        __builtin__.__dict__['_'] = unicode
50
51
52class usersPage(semanagePage):
53
54    def __init__(self, xml):
55        semanagePage.__init__(self, xml, "users", _("SELinux User"))
56
57        self.store = Gtk.ListStore(GObject.TYPE_STRING, GObject.TYPE_STRING, GObject.TYPE_STRING, GObject.TYPE_STRING, GObject.TYPE_STRING)
58        self.view.set_model(self.store)
59        self.store.set_sort_column_id(0, Gtk.SortType.ASCENDING)
60
61        col = Gtk.TreeViewColumn(_("SELinux\nUser"), Gtk.CellRendererText(), text=0)
62        col.set_sort_column_id(0)
63        col.set_resizable(True)
64        self.view.append_column(col)
65
66        col = Gtk.TreeViewColumn(_("MLS/\nMCS Range"), Gtk.CellRendererText(), text=1)
67        col.set_resizable(True)
68        self.view.append_column(col)
69
70        col = Gtk.TreeViewColumn(_("SELinux Roles"), Gtk.CellRendererText(), text=2)
71        col.set_resizable(True)
72        self.view.append_column(col)
73
74        self.load()
75        self.selinuxUserEntry = xml.get_object("selinuxUserEntry")
76        self.mlsRangeEntry = xml.get_object("mlsRangeEntry")
77        self.selinuxRolesEntry = xml.get_object("selinuxRolesEntry")
78
79    def load(self, filter=""):
80        self.filter = filter
81        self.user = seobject.seluserRecords()
82        dict = self.user.get_all()
83        self.store.clear()
84        for k in sorted(dict.keys()):
85            range = seobject.translate(dict[k][2])
86            if not (self.match(k, filter) or self.match(dict[k][0], filter) or self.match(range, filter) or self.match(dict[k][3], filter)):
87                continue
88
89            iter = self.store.append()
90            self.store.set_value(iter, 0, k)
91            self.store.set_value(iter, 1, range)
92            self.store.set_value(iter, 2, dict[k][3])
93        self.view.get_selection().select_path((0,))
94
95    def dialogInit(self):
96        store, iter = self.view.get_selection().get_selected()
97        self.selinuxUserEntry.set_text(store.get_value(iter, 0))
98        self.selinuxUserEntry.set_sensitive(False)
99        self.mlsRangeEntry.set_text(store.get_value(iter, 1))
100        self.selinuxRolesEntry.set_text(store.get_value(iter, 2))
101
102    def dialogClear(self):
103        self.selinuxUserEntry.set_text("")
104        self.selinuxUserEntry.set_sensitive(True)
105        self.mlsRangeEntry.set_text("s0")
106        self.selinuxRolesEntry.set_text("")
107
108    def add(self):
109        user = self.selinuxUserEntry.get_text()
110        range = self.mlsRangeEntry.get_text()
111        roles = self.selinuxRolesEntry.get_text()
112
113        self.wait()
114        (rc, out) = getstatusoutput("semanage user -a -R '%s' -r %s %s" % (roles, range, user))
115        self.ready()
116        if rc != 0:
117            self.error(out)
118            return False
119        iter = self.store.append()
120        self.store.set_value(iter, 0, user)
121        self.store.set_value(iter, 1, range)
122        self.store.set_value(iter, 2, roles)
123
124    def modify(self):
125        user = self.selinuxUserEntry.get_text()
126        range = self.mlsRangeEntry.get_text()
127        roles = self.selinuxRolesEntry.get_text()
128
129        self.wait()
130        (rc, out) = getstatusoutput("semanage user -m -R '%s' -r %s %s" % (roles, range, user))
131        self.ready()
132
133        if rc != 0:
134            self.error(out)
135            return False
136        self.load(self.filter)
137
138    def delete(self):
139        store, iter = self.view.get_selection().get_selected()
140        try:
141            user = store.get_value(iter, 0)
142            if user == "root" or user == "user_u":
143                raise ValueError(_("SELinux user '%s' is required") % user)
144
145            self.wait()
146            (rc, out) = getstatusoutput("semanage user -d %s" % user)
147            self.ready()
148            if rc != 0:
149                self.error(out)
150                return False
151            store.remove(iter)
152            self.view.get_selection().select_path((0,))
153        except ValueError as e:
154            self.error(e.args[0])
155