diff --git policycoreutils-2.5/ChangeLog policycoreutils-2.5/ChangeLog index d8fb067..22ad542 100644 --- policycoreutils-2.5/ChangeLog +++ policycoreutils-2.5/ChangeLog @@ -1,3 +1,6 @@ + * Fix multiple spelling errors, from Laurent Bigonville. + * hll/pp: Warn if module name different than output filename, from James Carter + 2.5 2016-02-23 * sepolicy: Do not overwrite CFLAGS, from Nicolas Iooss. * sepolicy: Rename policy global variable conflict, from Nicolas Iooss. diff --git policycoreutils-2.5/Makefile policycoreutils-2.5/Makefile index 962ac12..6a9c40c 100644 --- policycoreutils-2.5/Makefile +++ policycoreutils-2.5/Makefile @@ -1,4 +1,4 @@ -SUBDIRS = sepolicy setfiles semanage load_policy newrole run_init sandbox secon audit2allow sestatus semodule_package semodule semodule_link semodule_expand semodule_deps sepolgen-ifgen setsebool scripts po man gui hll +SUBDIRS = sepolicy setfiles semanage load_policy newrole run_init sandbox secon audit2allow sestatus semodule_package semodule semodule_link semodule_expand semodule_deps sepolgen-ifgen setsebool scripts po man gui hll semanage/default_encoding INOTIFYH = $(shell ls /usr/include/sys/inotify.h 2>/dev/null) diff --git policycoreutils-2.5/audit2allow/audit2allow policycoreutils-2.5/audit2allow/audit2allow index e23e418..77cba09 100644 --- policycoreutils-2.5/audit2allow/audit2allow +++ policycoreutils-2.5/audit2allow/audit2allow @@ -1,4 +1,4 @@ -#! /usr/bin/python -Es +#! /usr/bin/python3 -Es # Authors: Karl MacMillan # Authors: Dan Walsh # diff --git policycoreutils-2.5/audit2allow/audit2why policycoreutils-2.5/audit2allow/audit2why index b1489ed..6e8ce2e 100644 --- policycoreutils-2.5/audit2allow/audit2why +++ policycoreutils-2.5/audit2allow/audit2why @@ -1,4 +1,4 @@ -#! /usr/bin/python -Es +#! /usr/bin/python3 -Es # Authors: Karl MacMillan # Authors: Dan Walsh # diff --git policycoreutils-2.5/audit2allow/sepolgen-ifgen policycoreutils-2.5/audit2allow/sepolgen-ifgen index acf9638..4c8dd5b 100644 --- policycoreutils-2.5/audit2allow/sepolgen-ifgen +++ policycoreutils-2.5/audit2allow/sepolgen-ifgen @@ -1,4 +1,4 @@ -#! /usr/bin/python -Es +#! /usr/bin/python3 -Es # # Authors: Karl MacMillan # diff --git policycoreutils-2.5/gui/Makefile policycoreutils-2.5/gui/Makefile index 9d9f820..0c2b390 100644 --- policycoreutils-2.5/gui/Makefile +++ policycoreutils-2.5/gui/Makefile @@ -12,7 +12,6 @@ domainsPage.py \ fcontextPage.py \ html_util.py \ loginsPage.py \ -mappingsPage.py \ modulesPage.py \ polgen.glade \ portsPage.py \ diff --git policycoreutils-2.5/gui/booleansPage.py policycoreutils-2.5/gui/booleansPage.py index 507a79d..7fbd50c 100644 --- policycoreutils-2.5/gui/booleansPage.py +++ policycoreutils-2.5/gui/booleansPage.py @@ -18,23 +18,20 @@ # You should have received a copy of the GNU General Public License # Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. # -import string import gtk import gtk.glade -import os import gobject import sys -import tempfile import seobject import semanagePage INSTALLPATH = '/usr/share/system-config-selinux' sys.path.append(INSTALLPATH) -import commands -ENFORCING = 0 -PERMISSIVE = 1 -DISABLED = 2 +import subprocess +ENFORCING=0 +PERMISSIVE=1 +DISABLED=2 ## ## I18N @@ -50,10 +47,8 @@ try: unicode=False, codeset='utf-8') except IOError: - import __builtin__ - __builtin__.__dict__['_'] = unicode - -from glob import fnmatch + import builtins + builtins.__dict__['_'] = str class Modifier: @@ -109,8 +104,6 @@ class booleansPage: self.revertButton = xml.get_widget("booleanRevertButton") self.revertButton.set_sensitive(self.local) self.revertButton.connect("clicked", self.on_revert_clicked) - listStore = gtk.ListStore(gobject.TYPE_STRING) - cell = gtk.CellRendererText() self.store = gtk.ListStore(gobject.TYPE_BOOLEAN, gobject.TYPE_STRING, gobject.TYPE_STRING, gobject.TYPE_STRING) self.store.set_sort_column_id(1, gtk.SORT_ASCENDING) @@ -176,16 +169,15 @@ class booleansPage: # change cursor if boolean == None: return + self.wait() try: - self.wait() - (rc, out) = commands.getstatusoutput("semanage boolean -d %s" % boolean) - - self.ready() - if rc != 0: - return self.error(out) + subprocess.check_output("semanage boolean -d %s" % boolean, + stderr=subprocess.STDOUT, + shell=True) self.load(self.filter) - except ValueError, e: - self.error(e.args[0]) + except subprocess.CalledProcessError as e: + self.error(e.output) + self.ready() def filter_changed(self, *arg): filter = arg[0].get_text() @@ -228,18 +220,26 @@ class booleansPage: key = self.store.get_value(iter, BOOLEAN) self.store.set_value(iter, ACTIVE, not val) self.wait() - setsebool = "/usr/sbin/setsebool -P %s %d" % (key, not val) - rc, out = commands.getstatusoutput(setsebool) - if rc != 0: - self.error(out) - self.load(self.filter) + setsebool="/usr/sbin/setsebool -P %s %d" % (key, not val) + try: + subprocess.check_output(setsebool, + stderr=subprocess.STDOUT, + shell=True) + self.load(self.filter) + except subprocess.CalledProcessError as e: + self.error(e.output) self.ready() def on_revert_clicked(self, button): self.wait() - setsebool = "semanage boolean --deleteall" - commands.getstatusoutput(setsebool) - self.load(self.filter) + setsebool="semanage boolean --deleteall" + try: + subprocess.check_output(setsebool, + stderr=subprocess.STDOUT, + shell=True) + self.load(self.filter) + except subprocess.CalledProcessError as e: + self.error(e.output) self.ready() def on_local_clicked(self, button): diff --git policycoreutils-2.5/gui/domainsPage.py policycoreutils-2.5/gui/domainsPage.py index 56c66fe..f4a281f 100644 --- policycoreutils-2.5/gui/domainsPage.py +++ policycoreutils-2.5/gui/domainsPage.py @@ -20,7 +20,7 @@ import string import gtk import gtk.glade import os -import commands +import subprocess import gobject import sys import seobject @@ -41,8 +41,8 @@ try: unicode=False, codeset='utf-8') except IOError: - import __builtin__ - __builtin__.__dict__['_'] = unicode + import builtins + builtins.__dict__['_'] = str class domainsPage(semanagePage): @@ -117,18 +117,17 @@ class domainsPage(semanagePage): selection = self.view.get_selection() store, iter = selection.get_selected() domain = store.get_value(iter, 0) + self.wait() + cmd = "semanage permissive -d %s_t" % domain try: - self.wait() - status, output = commands.getstatusoutput("semanage permissive -d %s_t" % domain) - self.ready() - if status != 0: - self.error(output) - else: - domain = store.set_value(iter, 1, "") - self.itemSelected(selection) - - except ValueError, e: - self.error(e.args[0]) + subprocess.check_output(cmd, + stderr=subprocess.STDOUT, + shell=True) + domain = store.set_value(iter, 1, "") + self.itemSelected(selection) + except subprocess.CalledProcessError as e: + self.error(e.output) + self.ready() def propertiesDialog(self): # Do nothing @@ -142,15 +141,14 @@ class domainsPage(semanagePage): selection = self.view.get_selection() store, iter = selection.get_selected() domain = store.get_value(iter, 0) + self.wait() + cmd = "semanage permissive -a %s_t" % domain try: - self.wait() - status, output = commands.getstatusoutput("semanage permissive -a %s_t" % domain) - self.ready() - if status != 0: - self.error(output) - else: - domain = store.set_value(iter, 1, _("Permissive")) - self.itemSelected(selection) - - except ValueError, e: - self.error(e.args[0]) + subprocess.check_output(cmd, + stderr=subprocess.STDOUT, + shell=True) + domain = store.set_value(iter, 1, _("Permissive")) + self.itemSelected(selection) + except subprocess.CalledProcessError as e: + self.error(e.output) + self.ready() diff --git policycoreutils-2.5/gui/fcontextPage.py policycoreutils-2.5/gui/fcontextPage.py index c8d6ba8..154e8e2 100644 --- policycoreutils-2.5/gui/fcontextPage.py +++ policycoreutils-2.5/gui/fcontextPage.py @@ -18,10 +18,9 @@ ## Author: Dan Walsh import gtk import gtk.glade -import os import gobject import seobject -import commands +import subprocess from semanagePage import * SPEC_COL = 0 @@ -57,8 +56,8 @@ try: unicode=False, codeset='utf-8') except IOError: - import __builtin__ - __builtin__.__dict__['_'] = unicode + import builtins + builtins.__dict__['_'] = str class fcontextPage(semanagePage): @@ -99,17 +98,17 @@ class fcontextPage(semanagePage): self.fcontextFileTypeCombo = xml.get_widget("fcontextFileTypeCombo") liststore = self.fcontextFileTypeCombo.get_model() for k in seobject.file_types: - if len(k) > 0 and k[0] != '-': - iter = liststore.append() - liststore.set_value(iter, 0, k) - iter = liststore.get_iter_first() - self.fcontextFileTypeCombo.set_active_iter(iter) + if len(k) > 0 and k[0] != '-': + it=liststore.append() + liststore.set_value(it, 0, k) + it = liststore.get_iter_first() + self.fcontextFileTypeCombo.set_active_iter(it) self.fcontextTypeEntry = xml.get_widget("fcontextTypeEntry") self.fcontextMLSEntry = xml.get_widget("fcontextMLSEntry") - def match(self, fcon_dict, k, filter): + def match(self, fcon_dict, k, filt): try: - f = filter.lower() + f=filt.lower() for con in k: k = con.lower() if k.find(f) >= 0: @@ -122,46 +121,46 @@ class fcontextPage(semanagePage): pass return False - def load(self, filter=""): - self.filter = filter - self.fcontext = seobject.fcontextRecords() + def load(self, filt=""): + self.filter=filt + self.fcontext=seobject.fcontextRecords() self.store.clear() - fcon_dict = self.fcontext.get_all(self.local) - keys = fcon_dict.keys() + fcon_dict=self.fcontext.get_all(self.local) + keys = list(fcon_dict.keys()) keys.sort() for k in keys: - if not self.match(fcon_dict, k, filter): + if not self.match(fcon_dict, k, filt): continue - iter = self.store.append() - self.store.set_value(iter, SPEC_COL, k[0]) - self.store.set_value(iter, FTYPE_COL, k[1]) + it=self.store.append() + self.store.set_value(it, SPEC_COL, k[0]) + self.store.set_value(it, FTYPE_COL, k[1]) if fcon_dict[k]: rec = "%s:%s" % (fcon_dict[k][2], seobject.translate(fcon_dict[k][3], False)) else: - rec = "<>" - self.store.set_value(iter, TYPE_COL, rec) - self.view.get_selection().select_path((0,)) + rec="<>" + self.store.set_value(it, TYPE_COL, rec) + self.view.get_selection().select_path ((0,)) def filter_changed(self, *arg): - filter = arg[0].get_text() - if filter != self.filter: - self.load(filter) + filt = arg[0].get_text() + if filt != self.filter: + self.load(filt) def dialogInit(self): - store, iter = self.view.get_selection().get_selected() - self.fcontextEntry.set_text(store.get_value(iter, SPEC_COL)) + store, it = self.view.get_selection().get_selected() + self.fcontextEntry.set_text(store.get_value(it, SPEC_COL)) self.fcontextEntry.set_sensitive(False) - scontext = store.get_value(iter, TYPE_COL) - scon = context(scontext) + scontext = store.get_value(it, TYPE_COL) + scon=context(scontext) self.fcontextTypeEntry.set_text(scon.type) self.fcontextMLSEntry.set_text(scon.mls) - type = store.get_value(iter, FTYPE_COL) - liststore = self.fcontextFileTypeCombo.get_model() - iter = liststore.get_iter_first() - while iter != None and liststore.get_value(iter, 0) != type: - iter = liststore.iter_next(iter) - if iter != None: - self.fcontextFileTypeCombo.set_active_iter(iter) + setype=store.get_value(it, FTYPE_COL) + liststore=self.fcontextFileTypeCombo.get_model() + it = liststore.get_iter_first() + while it != None and liststore.get_value(it,0) != setype: + it = liststore.iter_next(it) + if it != None: + self.fcontextFileTypeCombo.set_active_iter(it) self.fcontextFileTypeCombo.set_sensitive(False) def dialogClear(self): @@ -172,55 +171,60 @@ class fcontextPage(semanagePage): self.fcontextMLSEntry.set_text("s0") def delete(self): - store, iter = self.view.get_selection().get_selected() + store, it = self.view.get_selection().get_selected() + fspec=store.get_value(it, SPEC_COL) + ftype=store.get_value(it, FTYPE_COL) + self.wait() try: - fspec = store.get_value(iter, SPEC_COL) - ftype = store.get_value(iter, FTYPE_COL) - self.wait() - (rc, out) = commands.getstatusoutput("semanage fcontext -d -f '%s' '%s'" % (ftype, fspec)) - self.ready() - - if rc != 0: - return self.error(out) - store.remove(iter) - self.view.get_selection().select_path((0,)) - except ValueError, e: - self.error(e.args[0]) + subprocess.check_output("semanage fcontext -d -f '%s' '%s'" % (ftype, fspec), + stderr=subprocess.STDOUT, + shell=True) + store.remove(it) + self.view.get_selection().select_path ((0,)) + except subprocess.CalledProcessError as e: + self.error(e.output) + self.ready() def add(self): - ftype = ["", "--", "-d", "-c", "-b", "-s", "-l", "-p"] - fspec = self.fcontextEntry.get_text().strip() - type = self.fcontextTypeEntry.get_text().strip() - mls = self.fcontextMLSEntry.get_text().strip() - list_model = self.fcontextFileTypeCombo.get_model() + ftype=["", "--", "-d", "-c", "-b", "-s", "-l", "-p" ] + fspec=self.fcontextEntry.get_text().strip() + setype=self.fcontextTypeEntry.get_text().strip() + mls=self.fcontextMLSEntry.get_text().strip() + list_model=self.fcontextFileTypeCombo.get_model() active = self.fcontextFileTypeCombo.get_active() self.wait() - (rc, out) = commands.getstatusoutput("semanage fcontext -a -t %s -r %s -f '%s' '%s'" % (type, mls, ftype[active], fspec)) - self.ready() - if rc != 0: - self.error(out) + try: + subprocess.check_output("semanage fcontext -a -t %s -r %s -f '%s' '%s'" % (setype, mls, ftype[active], fspec), + stderr=subprocess.STDOUT, + shell=True) + self.ready() + it=self.store.append() + self.store.set_value(it, SPEC_COL, fspec) + self.store.set_value(it, FTYPE_COL, ftype) + self.store.set_value(it, TYPE_COL, "%s:%s" % (setype, mls)) + except subprocess.CalledProcessError as e: + self.error(e.output) + self.ready() return False - iter = self.store.append() - self.store.set_value(iter, SPEC_COL, fspec) - self.store.set_value(iter, FTYPE_COL, ftype) - self.store.set_value(iter, TYPE_COL, "%s:%s" % (type, mls)) - def modify(self): - fspec = self.fcontextEntry.get_text().strip() - type = self.fcontextTypeEntry.get_text().strip() - mls = self.fcontextMLSEntry.get_text().strip() - list_model = self.fcontextFileTypeCombo.get_model() - iter = self.fcontextFileTypeCombo.get_active_iter() - ftype = list_model.get_value(iter, 0) + fspec=self.fcontextEntry.get_text().strip() + setype=self.fcontextTypeEntry.get_text().strip() + mls=self.fcontextMLSEntry.get_text().strip() + list_model=self.fcontextFileTypeCombo.get_model() + it = self.fcontextFileTypeCombo.get_active_iter() + ftype=list_model.get_value(it,0) self.wait() - (rc, out) = commands.getstatusoutput("semanage fcontext -m -t %s -r %s -f '%s' '%s'" % (type, mls, ftype, fspec)) - self.ready() - if rc != 0: - self.error(out) + try: + subprocess.check_output("semanage fcontext -m -t %s -r %s -f '%s' '%s'" % (setype, mls, ftype, fspec), + stderr=subprocess.STDOUT, + shell=True) + self.ready() + store, it = self.view.get_selection().get_selected() + self.store.set_value(it, SPEC_COL, fspec) + self.store.set_value(it, FTYPE_COL, ftype) + self.store.set_value(it, TYPE_COL, "%s:%s" % (setype, mls)) + except subprocess.CalledProcessError as e: + self.error(e.output) + self.ready() return False - - store, iter = self.view.get_selection().get_selected() - self.store.set_value(iter, SPEC_COL, fspec) - self.store.set_value(iter, FTYPE_COL, ftype) - self.store.set_value(iter, TYPE_COL, "%s:%s" % (type, mls)) diff --git policycoreutils-2.5/gui/html_util.py policycoreutils-2.5/gui/html_util.py index 5a596bc..ad6c534 100644 --- policycoreutils-2.5/gui/html_util.py +++ policycoreutils-2.5/gui/html_util.py @@ -30,7 +30,8 @@ import htmllib import formatter as Formatter import string from types import * -import StringIO +import io +import collections #------------------------------------------------------------------------------ @@ -127,7 +128,7 @@ def unescape_html(s): def html_to_text(html, maxcol=80): try: - buffer = StringIO.StringIO() + buffer = io.StringIO() formatter = Formatter.AbstractFormatter(TextWriter(buffer, maxcol)) parser = HTMLParserAnchor(formatter) parser.feed(html) @@ -135,7 +136,7 @@ def html_to_text(html, maxcol=80): text = buffer.getvalue() buffer.close() return text - except Exception, e: + except Exception as e: log_program.error('cannot convert html to text: %s' % e) return None @@ -158,7 +159,7 @@ def html_document(*body_components): elif type(body_component) in [TupleType, ListType]: for item in body_component: doc += item - elif callable(body_component): + elif isinstance(body_component, collections.Callable): result = body_component() if type(result) in [TupleType, ListType]: for item in result: diff --git policycoreutils-2.5/gui/loginsPage.py policycoreutils-2.5/gui/loginsPage.py index 982e252..fbc26e0 100644 --- policycoreutils-2.5/gui/loginsPage.py +++ policycoreutils-2.5/gui/loginsPage.py @@ -16,13 +16,10 @@ ## Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. ## Author: Dan Walsh -import string import gtk import gtk.glade -import os import gobject -import sys -import commands +import subprocess import seobject from semanagePage import * @@ -39,8 +36,8 @@ try: unicode=False, codeset='utf-8') except IOError: - import __builtin__ - __builtin__.__dict__['_'] = unicode + import builtins + builtins.__dict__['_'] = str class loginsPage(semanagePage): @@ -70,21 +67,21 @@ class loginsPage(semanagePage): self.filter = filter self.login = seobject.loginRecords() dict = self.login.get_all(0) - keys = dict.keys() + keys = list(dict.keys()) keys.sort() self.store.clear() for k in keys: range = seobject.translate(dict[k][1]) if not (self.match(k, filter) or self.match(dict[k][0], filter) or self.match(range, filter)): continue - iter = self.store.append() - self.store.set_value(iter, 0, k) - self.store.set_value(iter, 1, dict[k][0]) - self.store.set_value(iter, 2, range) - self.view.get_selection().select_path((0,)) + it = self.store.append() + self.store.set_value(it, 0, k) + self.store.set_value(it, 1, dict[k][0]) + self.store.set_value(it, 2, range) + self.view.get_selection().select_path ((0,)) def __dialogSetup(self): - if self.firstTime == True: + if self.firstTime: return self.firstTime = True liststore = gtk.ListStore(gobject.TYPE_STRING) @@ -94,31 +91,31 @@ class loginsPage(semanagePage): self.loginsSelinuxUserCombo.add_attribute(cell, 'text', 0) selusers = seobject.seluserRecords().get_all(0) - keys = selusers.keys() + keys = list(selusers.keys()) keys.sort() for k in keys: if k != "system_u": self.loginsSelinuxUserCombo.append_text(k) - iter = liststore.get_iter_first() - while liststore.get_value(iter, 0) != "user_u": - iter = liststore.iter_next(iter) - self.loginsSelinuxUserCombo.set_active_iter(iter) + it = liststore.get_iter_first() + while liststore.get_value(it,0) != "user_u": + it = liststore.iter_next(it) + self.loginsSelinuxUserCombo.set_active_iter(it) def dialogInit(self): self.__dialogSetup() - store, iter = self.view.get_selection().get_selected() - self.loginsNameEntry.set_text(store.get_value(iter, 0)) + store, it = self.view.get_selection().get_selected() + self.loginsNameEntry.set_text(store.get_value(it, 0)) self.loginsNameEntry.set_sensitive(False) - self.loginsMLSEntry.set_text(store.get_value(iter, 2)) - seuser = store.get_value(iter, 1) + self.loginsMLSEntry.set_text(store.get_value(it, 2)) + seuser = store.get_value(it, 1) liststore = self.loginsSelinuxUserCombo.get_model() - iter = liststore.get_iter_first() - while iter != None and liststore.get_value(iter, 0) != seuser: - iter = liststore.iter_next(iter) - if iter != None: - self.loginsSelinuxUserCombo.set_active_iter(iter) + it = liststore.get_iter_first() + while it != None and liststore.get_value(it,0) != seuser: + it = liststore.iter_next(it) + if it != None: + self.loginsSelinuxUserCombo.set_active_iter(it) def dialogClear(self): self.__dialogSetup() @@ -127,59 +124,69 @@ class loginsPage(semanagePage): self.loginsMLSEntry.set_text("s0") def delete(self): - store, iter = self.view.get_selection().get_selected() + store, it = self.view.get_selection().get_selected() try: - login = store.get_value(iter, 0) + login=store.get_value(it, 0) if login == "root" or login == "__default__": raise ValueError(_("Login '%s' is required") % login) self.wait() - (rc, out) = commands.getstatusoutput("semanage login -d %s" % login) - self.ready() - if rc != 0: - self.error(out) + try: + subprocess.check_output("semanage login -d %s" % login, + stderr=subprocess.STDOUT, + shell=True) + self.ready() + store.remove(it) + self.view.get_selection().select_path ((0,)) + except subprocess.CalledProcessError as e: + self.ready() + self.error(e.output) return False - store.remove(iter) - self.view.get_selection().select_path((0,)) - except ValueError, e: + except ValueError as e: self.error(e.args[0]) def add(self): target = self.loginsNameEntry.get_text().strip() serange = self.loginsMLSEntry.get_text().strip() if serange == "": - serange = "s0" - list_model = self.loginsSelinuxUserCombo.get_model() - iter = self.loginsSelinuxUserCombo.get_active_iter() - seuser = list_model.get_value(iter, 0) + serange="s0" + list_model=self.loginsSelinuxUserCombo.get_model() + it = self.loginsSelinuxUserCombo.get_active_iter() + seuser = list_model.get_value(it,0) self.wait() - (rc, out) = commands.getstatusoutput("semanage login -a -s %s -r %s %s" % (seuser, serange, target)) - self.ready() - if rc != 0: - self.error(out) + try: + subprocess.check_output("semanage login -a -s %s -r %s %s" % (seuser, serange, target), + stderr=subprocess.STDOUT, + shell=True) + self.ready() + it = self.store.append() + self.store.set_value(it, 0, target) + self.store.set_value(it, 1, seuser) + self.store.set_value(it, 2, seobject.translate(serange)) + except subprocess.CalledProcessError as e: + self.error(e.output) + self.ready() return False - iter = self.store.append() - self.store.set_value(iter, 0, target) - self.store.set_value(iter, 1, seuser) - self.store.set_value(iter, 2, seobject.translate(serange)) - def modify(self): target = self.loginsNameEntry.get_text().strip() serange = self.loginsMLSEntry.get_text().strip() if serange == "": serange = "s0" list_model = self.loginsSelinuxUserCombo.get_model() - iter = self.loginsSelinuxUserCombo.get_active_iter() - seuser = list_model.get_value(iter, 0) + it = self.loginsSelinuxUserCombo.get_active_iter() + seuser=list_model.get_value(it,0) self.wait() - (rc, out) = commands.getstatusoutput("semanage login -m -s %s -r %s %s" % (seuser, serange, target)) - self.ready() - if rc != 0: - self.error(out) + try: + subprocess.check_output("semanage login -m -s %s -r %s %s" % (seuser, serange, target), + stderr=subprocess.STDOUT, + shell=True) + self.ready() + store, it = self.view.get_selection().get_selected() + self.store.set_value(it, 0, target) + self.store.set_value(it, 1, seuser) + self.store.set_value(it, 2, seobject.translate(serange)) + except subprocess.CalledProcessError as e: + self.error(e.output) + self.ready() return False - - store, iter = self.view.get_selection().get_selected() - self.store.set_value(iter, 0, target) - self.store.set_value(iter, 1, seuser) - self.store.set_value(iter, 2, seobject.translate(serange)) diff --git policycoreutils-2.5/gui/modulesPage.py policycoreutils-2.5/gui/modulesPage.py index 3b83e45..3feb2ba 100644 --- policycoreutils-2.5/gui/modulesPage.py +++ policycoreutils-2.5/gui/modulesPage.py @@ -20,7 +20,7 @@ import string import gtk import gtk.glade import os -import commands +import subprocess import gobject import sys import seobject @@ -41,8 +41,8 @@ try: unicode=False, codeset='utf-8') except IOError: - import __builtin__ - __builtin__.__dict__['_'] = unicode + import builtins + builtins.__dict__['_'] = str class modulesPage(semanagePage): @@ -87,8 +87,8 @@ class modulesPage(semanagePage): except: return 0 - def load(self, filter=""): - self.filter = filter + def load(self, filt=""): + self.filter=filt self.store.clear() try: fd = Popen("semodule -l", shell=True, stdout=PIPE).stdout @@ -96,11 +96,11 @@ class modulesPage(semanagePage): fd.close() for i in l: module, ver, newline = i.split('\t') - if not (self.match(module, filter) or self.match(ver, filter)): + if not (self.match(module, filt) or self.match(ver, filt)): continue - iter = self.store.append() - self.store.set_value(iter, 0, module.strip()) - self.store.set_value(iter, 1, ver.strip()) + it = self.store.append() + self.store.set_value(it, 0, module.strip()) + self.store.set_value(it, 1, ver.strip()) except: pass self.view.get_selection().select_path((0,)) @@ -108,53 +108,51 @@ class modulesPage(semanagePage): def new_module(self, args): try: Popen(["/usr/share/system-config-selinux/polgengui.py"]) - except ValueError, e: + except ValueError as e: self.error(e.args[0]) def delete(self): - store, iter = self.view.get_selection().get_selected() - module = store.get_value(iter, 0) + store, it = self.view.get_selection().get_selected() + module = store.get_value(it, 0) + self.wait() try: - self.wait() - status, output = commands.getstatusoutput("semodule -r %s" % module) - self.ready() - if status != 0: - self.error(output) - else: - store.remove(iter) - self.view.get_selection().select_path((0,)) - - except ValueError, e: - self.error(e.args[0]) + subprocess.check_output("semodule -r %s" % module, + stderr=subprocess.STDOUT, + shell=True) + store.remove(it) + self.view.get_selection().select_path ((0,)) + except subprocess.CalledProcessError as e: + self.error(e.output) + self.ready() def enable_audit(self, button): self.audit_enabled = not self.audit_enabled + if self.audit_enabled: + cmd = "semodule -DB" + label = _("Disable Audit") + else: + cmd = "semodule -B" + label = _("Enable Audit") + self.wait() try: - self.wait() - if self.audit_enabled: - status, output = commands.getstatusoutput("semodule -DB") - button.set_label(_("Disable Audit")) - else: - status, output = commands.getstatusoutput("semodule -B") - button.set_label(_("Enable Audit")) - self.ready() - - if status != 0: - self.error(output) - - except ValueError, e: - self.error(e.args[0]) + subprocess.check_output(cmd, + stderr=subprocess.STDOUT, + shell=True) + button.set_label(label) + except subprocess.CalledProcessError as e: + self.error(e.output) + self.ready() def disable_audit(self, button): + self.wait() + cmd = "semodule -B" try: - self.wait() - status, output = commands.getstatusoutput("semodule -B") - self.ready() - if status != 0: - self.error(output) - - except ValueError, e: - self.error(e.args[0]) + subprocess.check_output(cmd, + stderr=subprocess.STDOUT, + shell=True) + except subprocess.CalledProcessError as e: + self.error(e.output) + self.ready() def propertiesDialog(self): # Do nothing @@ -168,10 +166,10 @@ class modulesPage(semanagePage): gtk.STOCK_OPEN, gtk.RESPONSE_OK)) dialog.set_default_response(gtk.RESPONSE_OK) - filter = gtk.FileFilter() - filter.set_name("Policy Files") - filter.add_pattern("*.pp") - dialog.add_filter(filter) + filt = gtk.FileFilter() + filt.set_name("Policy Files") + filt.add_pattern("*.pp") + dialog.add_filter(filt) response = dialog.run() if response == gtk.RESPONSE_OK: @@ -179,14 +177,14 @@ class modulesPage(semanagePage): dialog.destroy() def add(self, file): + self.wait() + cmd = "semodule -i %s" % file try: - self.wait() - status, output = commands.getstatusoutput("semodule -i %s" % file) - self.ready() - if status != 0: - self.error(output) - else: - self.load() - - except ValueError, e: - self.error(e.args[0]) + subprocess.check_output(cmd, + stderr=subprocess.STDOUT, + shell=True) + self.load() + except subprocess.CalledProcessError as e: + self.error(e.output) + self.ready() + diff --git policycoreutils-2.5/gui/polgen.glade policycoreutils-2.5/gui/polgen.glade index 37c1472..9854fb2 100644 --- policycoreutils-2.5/gui/polgen.glade +++ policycoreutils-2.5/gui/polgen.glade @@ -758,7 +758,7 @@ True False True - + 2 @@ -840,7 +840,7 @@ True False True - + 2 @@ -1983,7 +1983,7 @@ Tab True True False - + True @@ -2036,7 +2036,7 @@ Tab True True False - + True @@ -2091,7 +2091,7 @@ Tab True False True - + @@ -2188,7 +2188,7 @@ Tab True True False - + True @@ -2243,7 +2243,7 @@ Tab True False True - + @@ -2414,7 +2414,7 @@ Tab True False True - + False @@ -2430,7 +2430,7 @@ Tab True False True - + False @@ -2446,7 +2446,7 @@ Tab True False True - + False diff --git policycoreutils-2.5/gui/polgengui.py policycoreutils-2.5/gui/polgengui.py index 0a153c6..f6511db 100644 --- policycoreutils-2.5/gui/polgengui.py +++ policycoreutils-2.5/gui/polgengui.py @@ -30,30 +30,15 @@ import gnome import sys try: from sepolicy import generate -except ValueError, e: +except ValueError as e: sys.stderr.write("%s: %s\n" % (e.__class__.__name__, str(e))) sys.exit(1) - + import sepolicy.interface -import commands +import subprocess import re - -def get_all_modules(): - try: - all_modules = [] - rc, output = commands.getstatusoutput("semodule -l 2>/dev/null") - if rc == 0: - l = output.split("\n") - for i in l: - all_modules.append(i.split()[0]) - except: - pass - - return all_modules - - ## ## I18N ## @@ -68,8 +53,8 @@ try: unicode=False, codeset='utf-8') except IOError: - import __builtin__ - __builtin__.__dict__['_'] = unicode + import builtins + builtins.__dict__['_'] = str gnome.program_init("SELinux Policy Generation Tool", "5") @@ -195,10 +180,10 @@ class childWindow: try: self.all_types = generate.get_all_types() - self.all_modules = get_all_modules() + self.all_modules = sepolicy.get_all_modules() self.all_roles = generate.get_all_roles() self.all_users = generate.get_all_users() - except RuntimeError, e: + except RuntimeError as e: self.all_types = [] self.all_modules = [] self.all_roles = [] @@ -265,8 +250,8 @@ class childWindow: self.out_udp_entry = self.xml.get_widget("out_udp_entry") self.network_buttons[self.out_udp_all_checkbutton] = [self.out_udp_entry] - for b in self.network_buttons.keys(): - b.connect("clicked", self.network_all_clicked) + for b in list(self.network_buttons.keys()): + b.connect("clicked",self.network_all_clicked) self.boolean_treeview = self.xml.get_widget("boolean_treeview") self.boolean_store = gtk.ListStore(gobject.TYPE_STRING, gobject.TYPE_STRING) @@ -336,7 +321,7 @@ class childWindow: for a in sepolicy.interface.get_admin(): iter = self.admin_store.append() self.admin_store.set_value(iter, 0, a) - except ValueError, e: + except ValueError as e: self.error(e.message) def confine_application(self): @@ -522,7 +507,7 @@ class childWindow: self.info(my_policy.generate(outputdir)) return False - except ValueError, e: + except ValueError as e: self.error(e.message) def delete(self, args): @@ -671,7 +656,7 @@ class childWindow: entry.set_text("") return False if name in self.all_modules: - if self.verify(_("Module %s.pp already loaded in current policy.\nDo you want to continue?") % name, _("Verify Name")) == gtk.RESPONSE_NO: + if self.verify(_("Module %s already loaded in current policy.\nDo you want to continue?") % name, _("Verify Name")) == gtk.RESPONSE_NO: entry.set_text("") return False @@ -690,7 +675,7 @@ class childWindow: try: generate.verify_ports(self.in_tcp_entry.get_text()) generate.verify_ports(self.in_udp_entry.get_text()) - except ValueError, e: + except ValueError as e: self.error(e.message) return True @@ -698,7 +683,7 @@ class childWindow: try: generate.verify_ports(self.out_tcp_entry.get_text()) generate.verify_ports(self.out_udp_entry.get_text()) - except ValueError, e: + except ValueError as e: self.error(e.message) return True @@ -737,12 +722,12 @@ class childWindow: policy.set_program(exe) policy.gen_writeable() policy.gen_symbols() - for f in policy.files.keys(): + for f in list(policy.files.keys()): iter = self.store.append() self.store.set_value(iter, 0, f) self.store.set_value(iter, 1, FILE) - for f in policy.dirs.keys(): + for f in list(policy.dirs.keys()): iter = self.store.append() self.store.set_value(iter, 0, f) self.store.set_value(iter, 1, DIR) diff --git policycoreutils-2.5/gui/portsPage.py policycoreutils-2.5/gui/portsPage.py index 8e74ac0..e8737b0 100644 --- policycoreutils-2.5/gui/portsPage.py +++ policycoreutils-2.5/gui/portsPage.py @@ -16,14 +16,11 @@ ## Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. ## Author: Dan Walsh -import string import gtk import gtk.glade -import os import gobject -import sys import seobject -import commands +import subprocess from semanagePage import * ## @@ -43,8 +40,8 @@ try: unicode=False, codeset='utf-8') except IOError: - import __builtin__ - __builtin__.__dict__['_'] = unicode + import builtins + builtins.__dict__['_'] = str class portsPage(semanagePage): @@ -64,19 +61,19 @@ class portsPage(semanagePage): self.ports_properties_button = xml.get_widget("portsPropertiesButton") self.ports_delete_button = xml.get_widget("portsDeleteButton") liststore = self.ports_protocol_combo.get_model() - iter = liststore.get_iter_first() - self.ports_protocol_combo.set_active_iter(iter) + it = liststore.get_iter_first() + self.ports_protocol_combo.set_active_iter(it) self.init_store() self.edit = True self.load() def filter_changed(self, *arg): - filter = arg[0].get_text() - if filter != self.filter: + filt = arg[0].get_text() + if filt != self.filter: if self.edit: - self.load(filter) + self.load(filt) else: - self.group_load(filter) + self.group_load(filt) def init_store(self): self.store = gtk.ListStore(gobject.TYPE_STRING, gobject.TYPE_STRING, gobject.TYPE_STRING, gobject.TYPE_STRING) @@ -118,63 +115,63 @@ class portsPage(semanagePage): except: return 0 - def load(self, filter=""): - self.filter = filter + def load(self,filt = ""): + self.filter=filt self.port = seobject.portRecords() - dict = self.port.get_all(self.local) - keys = dict.keys() + pdict = self.port.get_all(self.local) + keys = list(pdict.keys()) keys.sort() self.store.clear() for k in keys: - if not (self.match(str(k[0]), filter) or self.match(dict[k][0], filter) or self.match(k[2], filter) or self.match(dict[k][1], filter) or self.match(dict[k][1], filter)): + if not (self.match(str(k[0]), filt) or self.match(pdict[k][0], filt) or self.match(k[2], filt) or self.match(pdict[k][1], filt) or self.match(pdict[k][1], filt)): continue - iter = self.store.append() + it = self.store.append() if k[0] == k[1]: - self.store.set_value(iter, PORT_COL, k[0]) + self.store.set_value(it, PORT_COL, k[0]) else: rec = "%s-%s" % k[:2] - self.store.set_value(iter, PORT_COL, rec) - self.store.set_value(iter, TYPE_COL, dict[k][0]) - self.store.set_value(iter, PROTOCOL_COL, k[2]) - self.store.set_value(iter, MLS_COL, dict[k][1]) - self.view.get_selection().select_path((0,)) + self.store.set_value(it, PORT_COL, rec) + self.store.set_value(it, TYPE_COL, pdict[k][0]) + self.store.set_value(it, PROTOCOL_COL, k[2]) + self.store.set_value(it, MLS_COL, pdict[k][1]) + self.view.get_selection().select_path ((0,)) - def group_load(self, filter=""): - self.filter = filter + def group_load(self, filt = ""): + self.filter=filt self.port = seobject.portRecords() - dict = self.port.get_all_by_type(self.local) - keys = dict.keys() + pdict = self.port.get_all_by_type(self.local) + keys = list(pdict.keys()) keys.sort() self.store.clear() for k in keys: - ports_string = ", ".join(dict[k]) - if not (self.match(ports_string, filter) or self.match(k[0], filter) or self.match(k[1], filter)): + ports_string = ", ".join(pdict[k]) + if not (self.match(ports_string, filt) or self.match(k[0], filt) or self.match(k[1], filt) ): continue - iter = self.store.append() - self.store.set_value(iter, TYPE_COL, k[0]) - self.store.set_value(iter, PROTOCOL_COL, k[1]) - self.store.set_value(iter, PORT_COL, ports_string) - self.store.set_value(iter, MLS_COL, "") - self.view.get_selection().select_path((0,)) + it = self.store.append() + self.store.set_value(it, TYPE_COL, k[0]) + self.store.set_value(it, PROTOCOL_COL, k[1]) + self.store.set_value(it, PORT_COL, ports_string) + self.store.set_value(it, MLS_COL, "") + self.view.get_selection().select_path ((0,)) def propertiesDialog(self): if self.edit: semanagePage.propertiesDialog(self) def dialogInit(self): - store, iter = self.view.get_selection().get_selected() - self.ports_number_entry.set_text(store.get_value(iter, PORT_COL)) + store, it = self.view.get_selection().get_selected() + self.ports_number_entry.set_text(store.get_value(it, PORT_COL)) self.ports_number_entry.set_sensitive(False) self.ports_protocol_combo.set_sensitive(False) - self.ports_name_entry.set_text(store.get_value(iter, TYPE_COL)) - self.ports_mls_entry.set_text(store.get_value(iter, MLS_COL)) - protocol = store.get_value(iter, PROTOCOL_COL) + self.ports_name_entry.set_text(store.get_value(it, TYPE_COL)) + self.ports_mls_entry.set_text(store.get_value(it, MLS_COL)) + protocol = store.get_value(it, PROTOCOL_COL) liststore = self.ports_protocol_combo.get_model() - iter = liststore.get_iter_first() - while iter != None and liststore.get_value(iter, 0) != protocol: - iter = liststore.iter_next(iter) - if iter != None: - self.ports_protocol_combo.set_active_iter(iter) + it = liststore.get_iter_first() + while it != None and liststore.get_value(it,0) != protocol: + it = liststore.iter_next(it) + if it != None: + self.ports_protocol_combo.set_active_iter(it) def dialogClear(self): self.ports_number_entry.set_text("") @@ -184,19 +181,20 @@ class portsPage(semanagePage): self.ports_mls_entry.set_text("s0") def delete(self): - store, iter = self.view.get_selection().get_selected() - port = store.get_value(iter, PORT_COL) - protocol = store.get_value(iter, 1) + store, it = self.view.get_selection().get_selected() + port = store.get_value(it, PORT_COL) + protocol = store.get_value(it, 1) + self.wait() + cmd = "semanage port -d -p %s %s" % (protocol, port) try: - self.wait() - (rc, out) = commands.getstatusoutput("semanage port -d -p %s %s" % (protocol, port)) - self.ready() - if rc != 0: - return self.error(out) - store.remove(iter) - self.view.get_selection().select_path((0,)) - except ValueError, e: - self.error(e.args[0]) + subprocess.check_output(cmd, + stderr=subprocess.STDOUT, + shell=True) + store.remove(it) + self.view.get_selection().select_path ((0,)) + except subprocess.CalledProcessError as e: + self.error(e.output) + self.ready() def add(self): target = self.ports_name_entry.get_text().strip() @@ -209,39 +207,47 @@ class portsPage(semanagePage): self.error(_("Port number \"%s\" is not valid. 0 < PORT_NUMBER < 65536 ") % port_number) return False list_model = self.ports_protocol_combo.get_model() - iter = self.ports_protocol_combo.get_active_iter() - protocol = list_model.get_value(iter, 0) + it = self.ports_protocol_combo.get_active_iter() + protocol = list_model.get_value(it,0) self.wait() - (rc, out) = commands.getstatusoutput("semanage port -a -p %s -r %s -t %s %s" % (protocol, mls, target, port_number)) + cmd = "semanage port -a -p %s -r %s -t %s %s" % (protocol, mls, target, port_number) + try: + subprocess.check_output(cmd, + stderr=subprocess.STDOUT, + shell=True) + it = self.store.append() + self.store.set_value(it, TYPE_COL, target) + self.store.set_value(it, PORT_COL, port_number) + self.store.set_value(it, PROTOCOL_COL, protocol) + self.store.set_value(it, MLS_COL, mls) + except subprocess.CalledProcessError as e: + self.error(e.output) self.ready() - if rc != 0: - self.error(out) - return False - iter = self.store.append() - - self.store.set_value(iter, TYPE_COL, target) - self.store.set_value(iter, PORT_COL, port_number) - self.store.set_value(iter, PROTOCOL_COL, protocol) - self.store.set_value(iter, MLS_COL, mls) def modify(self): target = self.ports_name_entry.get_text().strip() mls = self.ports_mls_entry.get_text().strip() port_number = self.ports_number_entry.get_text().strip() list_model = self.ports_protocol_combo.get_model() - iter = self.ports_protocol_combo.get_active_iter() - protocol = list_model.get_value(iter, 0) + it = self.ports_protocol_combo.get_active_iter() + protocol = list_model.get_value(it,0) self.wait() - (rc, out) = commands.getstatusoutput("semanage port -m -p %s -r %s -t %s %s" % (protocol, mls, target, port_number)) - self.ready() - if rc != 0: - self.error(out) + cmd = "semanage port -m -p %s -r %s -t %s %s" % (protocol, mls, target, port_number) + try: + subprocess.check_output(cmd, + stderr=subprocess.STDOUT, + shell=True) + store, it = self.view.get_selection().get_selected() + self.store.set_value(it, TYPE_COL, target) + self.store.set_value(it, PORT_COL, port_number) + self.store.set_value(it, PROTOCOL_COL, protocol) + self.store.set_value(it, MLS_COL, mls) + self.ready() + return True + except subprocess.CalledProcessError as e: + self.error(e.output) + self.ready() return False - store, iter = self.view.get_selection().get_selected() - self.store.set_value(iter, TYPE_COL, target) - self.store.set_value(iter, PORT_COL, port_number) - self.store.set_value(iter, PROTOCOL_COL, protocol) - self.store.set_value(iter, MLS_COL, mls) def on_group_clicked(self, button): self.ports_add_button.set_sensitive(self.group) diff --git policycoreutils-2.5/gui/semanagePage.py policycoreutils-2.5/gui/semanagePage.py index 5d7f2cf..1c5b095 100644 --- policycoreutils-2.5/gui/semanagePage.py +++ policycoreutils-2.5/gui/semanagePage.py @@ -37,8 +37,8 @@ try: unicode=False, codeset='utf-8') except IOError: - import __builtin__ - __builtin__.__dict__['_'] = unicode + import builtins + builtins.__dict__['_'] = str def idle_func(): @@ -80,9 +80,9 @@ class semanagePage: return def filter_changed(self, *arg): - filter = arg[0].get_text() - if filter != self.filter: - self.load(filter) + filt = arg[0].get_text() + if filt != self.filter: + self.load(filt) def search(self, model, col, key, i): sort_col = self.store.get_sort_column_id()[0] @@ -125,13 +125,37 @@ class semanagePage: dlg.destroy() def deleteDialog(self): - store, iter = self.view.get_selection().get_selected() - if self.verify(_("Are you sure you want to delete %s '%s'?" % (self.description, store.get_value(iter, 0))), _("Delete %s" % self.description)) == gtk.RESPONSE_YES: + store, it = self.view.get_selection().get_selected() + if self.verify(_("Are you sure you want to delete %s '%s'?" % (self.description, store.get_value(it, 0))), _("Delete %s" % self.description)) == gtk.RESPONSE_YES: self.delete() def use_menus(self): return True + def load(self, filt): + raise RuntimeError("load method not implemented in parent class"); + + def filter(self): + raise RuntimeError("filter method not implemented in parent class"); + + def store(self): + raise RuntimeError("store method not implemented in parent class"); + + def add(self): + raise RuntimeError("add method not implemented"); + + def modify(self): + raise RuntimeError("modify method not implemented"); + + def delete(self): + raise RuntimeError("delete method not implemented"); + + def dialogInit(self): + raise RuntimeError("dialogInit method not implemented"); + + def dialogClear(self): + raise RuntimeError("dialogClear method not implemented"); + def addDialog(self): self.dialogClear() self.dialog.set_title(_("Add %s" % self.description)) @@ -139,10 +163,10 @@ class semanagePage: while self.dialog.run() == gtk.RESPONSE_OK: try: - if self.add() == False: + if not self.add(): continue - break - except ValueError, e: + break; + except ValueError as e: self.error(e.args[0]) self.dialog.hide() @@ -152,10 +176,10 @@ class semanagePage: self.dialog.set_position(gtk.WIN_POS_MOUSE) while self.dialog.run() == gtk.RESPONSE_OK: try: - if self.modify() == False: + if not self.modify(): continue - break - except ValueError, e: + break; + except ValueError as e: self.error(e.args[0]) self.dialog.hide() diff --git policycoreutils-2.5/gui/statusPage.py policycoreutils-2.5/gui/statusPage.py index 991d8f3..782d186 100644 --- policycoreutils-2.5/gui/statusPage.py +++ policycoreutils-2.5/gui/statusPage.py @@ -16,18 +16,14 @@ ## Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. ## Author: Dan Walsh -import string import gtk import gtk.glade import os -import gobject import sys -import tempfile INSTALLPATH = '/usr/share/system-config-selinux' sys.path.append(INSTALLPATH) -import commands ENFORCING = 1 PERMISSIVE = 0 DISABLED = -1 @@ -47,8 +43,8 @@ import selinux try: gettext.install(PROGNAME, localedir="/usr/share/locale", unicode=1) except IOError: - import __builtin__ - __builtin__.__dict__['_'] = unicode + import builtins + builtins.__dict__['_'] = unicode class statusPage: @@ -129,21 +125,21 @@ class statusPage: return rc def typemenu_changed(self, menu): - type = self.get_type() + setype = self.get_type() enabled = self.enabledOptionMenu.get_active() - if self.initialtype != type: + if self.initialtype != setype: if self.verify(_("Changing the policy type will cause a relabel of the entire file system on the next boot. Relabeling takes a long time depending on the size of the file system. Do you wish to continue?")) == gtk.RESPONSE_NO: menu.set_active(self.typeHistory) return None self.relabel_checkbutton.set_active(True) - self.write_selinux_config(modearray[enabled], type) + self.write_selinux_config(modearray[enabled], setype ) self.typeHistory = menu.get_active() def enabled_changed(self, combo): enabled = combo.get_active() - type = self.get_type() + setype = self.get_type() if self.initEnabled != DISABLED and enabled == DISABLED: if self.verify(_("Changing to SELinux disabled requires a reboot. It is not recommended. If you later decide to turn SELinux back on, the system will be required to relabel. If you just want to see if SELinux is causing a problem on your system, you can go to permissive mode which will only log errors and not enforce SELinux policy. Permissive mode does not require a reboot Do you wish to continue?")) == gtk.RESPONSE_NO: @@ -156,10 +152,10 @@ class statusPage: return None self.relabel_checkbutton.set_active(True) - self.write_selinux_config(modearray[enabled], type) + self.write_selinux_config(modearray[enabled], setype ) self.enabled = enabled - def write_selinux_config(self, enforcing, type): + def write_selinux_config(self, enforcing, setype): path = selinux.selinux_path() + "config" backup_path = path + ".bck" fd = open(path) @@ -171,7 +167,7 @@ class statusPage: fd.write("SELINUX=%s\n" % enforcing) continue if l.startswith("SELINUXTYPE="): - fd.write("SELINUXTYPE=%s\n" % type) + fd.write("SELINUXTYPE=%s\n" % setype) continue fd.write(l) fd.close() diff --git policycoreutils-2.5/gui/system-config-selinux.py policycoreutils-2.5/gui/system-config-selinux.py index 7d342d0..563bb49 100644 --- policycoreutils-2.5/gui/system-config-selinux.py +++ policycoreutils-2.5/gui/system-config-selinux.py @@ -25,10 +25,10 @@ import string import sys try: import gtk -except RuntimeError, e: - print "system-config-selinux:", e - print "This is a graphical application and requires DISPLAY to be set." - sys.exit(1) +except RuntimeError as e: + print("system-config-selinux:", e) + print("This is a graphical application and requires DISPLAY to be set.") + sys.exit (1) import gtk.glade import os @@ -57,8 +57,8 @@ try: unicode=False, codeset='utf-8') except IOError: - import __builtin__ - __builtin__.__dict__['_'] = unicode + import builtins + builtins.__dict__['_'] = str gnome.program_init("SELinux Management Tool", "5") @@ -94,9 +94,9 @@ class childWindow: self.add_page(loginsPage.loginsPage(xml)) self.add_page(usersPage.usersPage(xml)) self.add_page(portsPage.portsPage(xml)) - self.add_page(modulesPage.modulesPage(xml)) # modules - self.add_page(domainsPage.domainsPage(xml)) # domains - except ValueError, e: + self.add_page(modulesPage.modulesPage(xml)) # modules + self.add_page(domainsPage.domainsPage(xml)) # domains + except ValueError as e: self.error(e.message) xml.signal_connect("on_quit_activate", self.destroy) diff --git policycoreutils-2.5/gui/usersPage.py policycoreutils-2.5/gui/usersPage.py index abf8d3b..f50fcb2 100644 --- policycoreutils-2.5/gui/usersPage.py +++ policycoreutils-2.5/gui/usersPage.py @@ -16,13 +16,10 @@ ## Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. ## Author: Dan Walsh -import string import gtk import gtk.glade -import os import gobject -import sys -import commands +import subprocess import seobject from semanagePage import * @@ -36,8 +33,8 @@ gettext.textdomain(PROGNAME) try: gettext.install(PROGNAME, localedir="/usr/share/locale", unicode=1) except IOError: - import __builtin__ - __builtin__.__dict__['_'] = unicode + import builtins + builtins.__dict__['_'] = unicode class usersPage(semanagePage): @@ -67,34 +64,30 @@ class usersPage(semanagePage): self.mlsRangeEntry = xml.get_widget("mlsRangeEntry") self.selinuxRolesEntry = xml.get_widget("selinuxRolesEntry") - def load(self, filter=""): - self.filter = filter + def load(self, filt = ""): + self.filter=filt self.user = seobject.seluserRecords() - dict = self.user.get_all() - keys = dict.keys() + udict = self.user.get_all() + keys = list(udict.keys()) keys.sort() self.store.clear() for k in keys: - range = seobject.translate(dict[k][2]) - if not (self.match(k, filter) or self.match(dict[k][0], filter) or self.match(range, filter) or self.match(dict[k][3], filter)): + serange = seobject.translate(udict[k][2]) + if not (self.match(k, filt) or self.match(udict[k][0], filter) or self.match(serange, filt) or self.match(udict[k][3], filt)): continue - iter = self.store.append() - self.store.set_value(iter, 0, k) - self.store.set_value(iter, 1, range) - self.store.set_value(iter, 2, dict[k][3]) - self.view.get_selection().select_path((0,)) - - def delete(self): - if semanagePage.delete(self) == gtk.RESPONSE_NO: - return None + it = self.store.append() + self.store.set_value(it, 0, k) + self.store.set_value(it, 1, serange) + self.store.set_value(it, 2, udict[k][3]) + self.view.get_selection().select_path ((0,)) def dialogInit(self): - store, iter = self.view.get_selection().get_selected() - self.selinuxUserEntry.set_text(store.get_value(iter, 0)) + store, it = self.view.get_selection().get_selected() + self.selinuxUserEntry.set_text(store.get_value(it, 0)) self.selinuxUserEntry.set_sensitive(False) - self.mlsRangeEntry.set_text(store.get_value(iter, 1)) - self.selinuxRolesEntry.set_text(store.get_value(iter, 2)) + self.mlsRangeEntry.set_text(store.get_value(it, 1)) + self.selinuxRolesEntry.set_text(store.get_value(it, 2)) def dialogClear(self): self.selinuxUserEntry.set_text("") @@ -104,48 +97,62 @@ class usersPage(semanagePage): def add(self): user = self.selinuxUserEntry.get_text() - range = self.mlsRangeEntry.get_text() + serange = self.mlsRangeEntry.get_text() roles = self.selinuxRolesEntry.get_text() self.wait() - (rc, out) = commands.getstatusoutput("semanage user -a -R '%s' -r %s %s" % (roles, range, user)) - self.ready() - if rc != 0: - self.error(out) + try: + subprocess.check_output("semanage user -a -R '%s' -r %s %s" % (roles, serange, user), + stderr=subprocess.STDOUT, + shell=True) + self.ready() + it = self.store.append() + self.store.set_value(it, 0, user) + self.store.set_value(it, 1, serange) + self.store.set_value(it, 2, roles) + except subprocess.CalledProcessError as e: + self.error(e.output) + self.ready() return False - iter = self.store.append() - self.store.set_value(iter, 0, user) - self.store.set_value(iter, 1, range) - self.store.set_value(iter, 2, roles) def modify(self): user = self.selinuxUserEntry.get_text() - range = self.mlsRangeEntry.get_text() + serange = self.mlsRangeEntry.get_text() roles = self.selinuxRolesEntry.get_text() self.wait() - (rc, out) = commands.getstatusoutput("semanage user -m -R '%s' -r %s %s" % (roles, range, user)) - self.ready() - - if rc != 0: - self.error(out) + cmd = "semanage user -m -R '%s' -r %s %s" % (roles, serange, user) + try: + subprocess.check_output(cmd, + stderr=subprocess.STDOUT, + shell=True) + self.ready() + self.load(self.filter) + except subprocess.CalledProcessError as e: + self.error(e.output) + self.ready() return False - self.load(self.filter) + return True def delete(self): - store, iter = self.view.get_selection().get_selected() + store, it = self.view.get_selection().get_selected() try: - user = store.get_value(iter, 0) + user=store.get_value(it, 0) if user == "root" or user == "user_u": raise ValueError(_("SELinux user '%s' is required") % user) self.wait() - (rc, out) = commands.getstatusoutput("semanage user -d %s" % user) - self.ready() - if rc != 0: - self.error(out) + cmd = "semanage user -d %s" % user + try: + subprocess.check_output(cmd, + stderr=subprocess.STDOUT, + shell=True) + self.ready() + store.remove(it) + self.view.get_selection().select_path ((0,)) + except subprocess.CalledProcessError as e: + self.error(e.output) + self.ready() return False - store.remove(iter) - self.view.get_selection().select_path((0,)) - except ValueError, e: + except ValueError as e: self.error(e.args[0]) diff --git policycoreutils-2.5/hll/pp/pp.c policycoreutils-2.5/hll/pp/pp.c index 866734f..9245975 100644 --- policycoreutils-2.5/hll/pp/pp.c +++ policycoreutils-2.5/hll/pp/pp.c @@ -28,6 +28,7 @@ #include #include +#include char *progname; @@ -68,6 +69,8 @@ int main(int argc, char **argv) { NULL, 0, NULL, 0 } }; struct sepol_module_package *mod_pkg = NULL; + char *ifile = NULL; + char *ofile = NULL; FILE *in = NULL; FILE *out = NULL; int outfd = -1; @@ -89,20 +92,23 @@ int main(int argc, char **argv) } if (argc >= optind + 1 && strcmp(argv[1], "-") != 0) { - in = fopen(argv[1], "rb"); + ifile = argv[1]; + in = fopen(ifile, "rb"); if (in == NULL) { - log_err("Failed to open %s: %s", argv[1], strerror(errno)); + log_err("Failed to open %s: %s", ifile, strerror(errno)); rc = -1; goto exit; } } else { + ifile = "stdin"; in = stdin; } if (argc >= optind + 2 && strcmp(argv[2], "-") != 0) { - out = fopen(argv[2], "w"); + ofile = argv[2]; + out = fopen(ofile, "w"); if (out == NULL) { - log_err("Failed to open %s: %s", argv[2], strerror(errno)); + log_err("Failed to open %s: %s", ofile, strerror(errno)); rc = -1; goto exit; } @@ -122,6 +128,25 @@ int main(int argc, char **argv) fclose(in); in = NULL; + if (ofile) { + char *mod_name = mod_pkg->policy->p.name; + char *cil_path = strdup(ofile); + if (cil_path == NULL) { + log_err("No memory available for strdup\n"); + rc = -1; + goto exit; + } + char *cil_name = basename(cil_path); + char *separator = strrchr(cil_name, '.'); + if (separator) { + *separator = '\0'; + } + if (strcmp(mod_name, cil_name) != 0) { + fprintf(stderr, "Warning: SELinux userspace will refer to the module from %s as %s rather than %s\n", ifile, cil_name, mod_name); + } + free(cil_path); + } + rc = sepol_module_package_to_cil(out, mod_pkg); if (rc != 0) { goto exit; diff --git policycoreutils-2.5/po/Makefile policycoreutils-2.5/po/Makefile index a693823..555f381 100644 --- policycoreutils-2.5/po/Makefile +++ policycoreutils-2.5/po/Makefile @@ -28,7 +28,7 @@ POTFILES = \ ../run_init/run_init.c \ ../semodule_link/semodule_link.c \ ../audit2allow/audit2allow \ - ../semanage/seobject.py \ + ../semanage/seobject/__init__.py \ ../setsebool/setsebool.c \ ../newrole/newrole.c \ ../load_policy/load_policy.c \ @@ -49,7 +49,6 @@ POTFILES = \ ../gui/booleansPage.py \ ../gui/fcontextPage.py \ ../gui/loginsPage.py \ - ../gui/mappingsPage.py \ ../gui/modulesPage.py \ ../gui/polgen.glade \ ../gui/polgengui.py \ @@ -61,6 +60,36 @@ POTFILES = \ ../gui/usersPage.py \ ../secon/secon.c \ booleans.py \ + ../sepolicy/sepolicy/help/booleans_more_show.txt \ + ../sepolicy/sepolicy/help/booleans_more.txt \ + ../sepolicy/sepolicy/help/booleans_toggled.txt \ + ../sepolicy/sepolicy/help/booleans.txt \ + ../sepolicy/sepolicy/help/file_equiv.txt \ + ../sepolicy/sepolicy/help/files_apps.txt \ + ../sepolicy/sepolicy/help/files_exec.txt \ + ../sepolicy/sepolicy/help/files_write.txt \ + ../sepolicy/sepolicy/help/lockdown_permissive.txt \ + ../sepolicy/sepolicy/help/lockdown_ptrace.txt \ + ../sepolicy/sepolicy/help/lockdown.txt \ + ../sepolicy/sepolicy/help/lockdown_unconfined.txt \ + ../sepolicy/sepolicy/help/login_default.txt \ + ../sepolicy/sepolicy/help/login.txt \ + ../sepolicy/sepolicy/help/ports_inbound.txt \ + ../sepolicy/sepolicy/help/ports_outbound.txt \ + ../sepolicy/sepolicy/help/start.txt \ + ../sepolicy/sepolicy/help/system_boot_mode.txt \ + ../sepolicy/sepolicy/help/system_current_mode.txt \ + ../sepolicy/sepolicy/help/system_export.txt \ + ../sepolicy/sepolicy/help/system_policy_type.txt \ + ../sepolicy/sepolicy/help/system_relabel.txt \ + ../sepolicy/sepolicy/help/system.txt \ + ../sepolicy/sepolicy/help/transition_file.txt \ + ../sepolicy/sepolicy/help/transition_from_boolean_1.txt \ + ../sepolicy/sepolicy/help/transition_from_boolean_2.txt \ + ../sepolicy/sepolicy/help/transition_from_boolean.txt \ + ../sepolicy/sepolicy/help/transition_from.txt \ + ../sepolicy/sepolicy/help/transition_to.txt \ + ../sepolicy/sepolicy/help/users.txt \ ../sepolicy/info.c \ ../sepolicy/search.c \ ../sepolicy/sepolicy.py \ diff --git policycoreutils-2.5/po/POTFILES policycoreutils-2.5/po/POTFILES index bcb9e99..ae25133 100644 --- policycoreutils-2.5/po/POTFILES +++ policycoreutils-2.5/po/POTFILES @@ -2,7 +2,7 @@ ../run_init/run_init.c ../semodule_link/semodule_link.c ../audit2allow/audit2allow - ../semanage/seobject.py + ../semanage/seobject/__init__.py ../setsebool/setsebool.c ../newrole/newrole.c ../load_policy/load_policy.c @@ -23,7 +23,6 @@ ../gui/booleansPage.py ../gui/fcontextPage.py ../gui/loginsPage.py - ../gui/mappingsPage.py ../gui/modulesPage.py ../gui/polgen.glade ../gui/polgengui.py @@ -47,6 +46,36 @@ ../gui/templates/var_log.py ../gui/templates/var_run.py ../gui/templates/var_spool.py + ../sepolicy/sepolicy/help/booleans_more_show.txt + ../sepolicy/sepolicy/help/booleans_more.txt + ../sepolicy/sepolicy/help/booleans_toggled.txt + ../sepolicy/sepolicy/help/booleans.txt + ../sepolicy/sepolicy/help/file_equiv.txt + ../sepolicy/sepolicy/help/files_apps.txt + ../sepolicy/sepolicy/help/files_exec.txt + ../sepolicy/sepolicy/help/files_write.txt + ../sepolicy/sepolicy/help/lockdown_permissive.txt + ../sepolicy/sepolicy/help/lockdown_ptrace.txt + ../sepolicy/sepolicy/help/lockdown.txt + ../sepolicy/sepolicy/help/lockdown_unconfined.txt + ../sepolicy/sepolicy/help/login_default.txt + ../sepolicy/sepolicy/help/login.txt + ../sepolicy/sepolicy/help/ports_inbound.txt + ../sepolicy/sepolicy/help/ports_outbound.txt + ../sepolicy/sepolicy/help/start.txt + ../sepolicy/sepolicy/help/system_boot_mode.txt + ../sepolicy/sepolicy/help/system_current_mode.txt + ../sepolicy/sepolicy/help/system_export.txt + ../sepolicy/sepolicy/help/system_policy_type.txt + ../sepolicy/sepolicy/help/system_relabel.txt + ../sepolicy/sepolicy/help/system.txt + ../sepolicy/sepolicy/help/transition_file.txt + ../sepolicy/sepolicy/help/transition_from_boolean_1.txt + ../sepolicy/sepolicy/help/transition_from_boolean_2.txt + ../sepolicy/sepolicy/help/transition_from_boolean.txt + ../sepolicy/sepolicy/help/transition_from.txt + ../sepolicy/sepolicy/help/transition_to.txt + ../sepolicy/sepolicy/help/users.txt ../sepolicy/info.c ../sepolicy/search.c ../sepolicy/sepolicy.py diff --git policycoreutils-2.5/po/POTFILES.in policycoreutils-2.5/po/POTFILES.in index aca0474..0ccb542 100644 --- policycoreutils-2.5/po/POTFILES.in +++ policycoreutils-2.5/po/POTFILES.in @@ -2,7 +2,7 @@ run_init/open_init_pty.c run_init/run_init.c semodule_link/semodule_link.c audit2allow/audit2allow -semanage/seobject.py +semanage/seobject/__init__.py setsebool/setsebool.c newrole/newrole.c load_policy/load_policy.c @@ -23,7 +23,6 @@ restorecond/utmpwatcher.c gui/booleansPage.py gui/fcontextPage.py gui/loginsPage.py -gui/mappingsPage.py gui/modulesPage.py gui/polgen.glade gui/polgengui.py @@ -45,6 +44,36 @@ sepolicy/sepolicy/generate.py sepolicy/sepolicy/sepolicy.glade sepolicy/sepolicy/gui.py sepolicy/sepolicy/manpage.py +sepolicy/sepolicy/help/booleans_more_show.txt +sepolicy/sepolicy/help/booleans_more.txt +sepolicy/sepolicy/help/booleans_toggled.txt +sepolicy/sepolicy/help/booleans.txt +sepolicy/sepolicy/help/file_equiv.txt +sepolicy/sepolicy/help/files_apps.txt +sepolicy/sepolicy/help/files_exec.txt +sepolicy/sepolicy/help/files_write.txt +sepolicy/sepolicy/help/lockdown_permissive.txt +sepolicy/sepolicy/help/lockdown_ptrace.txt +sepolicy/sepolicy/help/lockdown.txt +sepolicy/sepolicy/help/lockdown_unconfined.txt +sepolicy/sepolicy/help/login_default.txt +sepolicy/sepolicy/help/login.txt +sepolicy/sepolicy/help/ports_inbound.txt +sepolicy/sepolicy/help/ports_outbound.txt +sepolicy/sepolicy/help/start.txt +sepolicy/sepolicy/help/system_boot_mode.txt +sepolicy/sepolicy/help/system_current_mode.txt +sepolicy/sepolicy/help/system_export.txt +sepolicy/sepolicy/help/system_policy_type.txt +sepolicy/sepolicy/help/system_relabel.txt +sepolicy/sepolicy/help/system.txt +sepolicy/sepolicy/help/transition_file.txt +sepolicy/sepolicy/help/transition_from_boolean_1.txt +sepolicy/sepolicy/help/transition_from_boolean_2.txt +sepolicy/sepolicy/help/transition_from_boolean.txt +sepolicy/sepolicy/help/transition_from.txt +sepolicy/sepolicy/help/transition_to.txt +sepolicy/sepolicy/help/users.txt sepolicy/sepolicy/transition.py sepolicy/sepolicy/templates/executable.py sepolicy/sepolicy/templates/__init__.py diff --git policycoreutils-2.5/po/ach.po policycoreutils-2.5/po/ach.po new file mode 100644 index 0000000..0d84e13 --- /dev/null +++ policycoreutils-2.5/po/ach.po @@ -0,0 +1,5198 @@ +# SOME DESCRIPTIVE TITLE. +# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER +# This file is distributed under the same license as the PACKAGE package. +# +# Translators: +msgid "" +msgstr "" +"Project-Id-Version: Policycoreutils\n" +"Report-Msgid-Bugs-To: \n" +"POT-Creation-Date: 2014-01-03 16:04-0500\n" +"PO-Revision-Date: 2014-03-24 16:46+0000\n" +"Last-Translator: jsmith \n" +"Language-Team: Acoli (http://www.transifex.com/projects/p/fedora/language/ach/)\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" +"Language: ach\n" +"Plural-Forms: nplurals=2; plural=(n > 1);\n" + +#: ../run_init/run_init.c:67 +msgid "" +"USAGE: run_init