a ¾Ãye– ã@s ddlZe dd¡ddlmZddlmZddlmZddlmZddlZddl Z ddl Z ddl mZmZm Z ddlZ ddlZ ddlZddlZddlZddlZd ZzFddlZiZejd krÄded<ejefd die¤ddi¤ŽZejZWnJzddlZeejd<Wn&ey.ddlZe ejd<Yn0Yn0iZ!e j"D]Z#e#e!e j"e#<q@edƒedƒgZ$edƒedƒgZ%dd„Z&ddl'Z'edƒedƒfZ(edƒedƒfZ)dZ*dZ+dZ,dZ-dZ.dZ/dZ0dZ1dZ2dZ3dZ4dZ5dZ6dZ7d Z8d!Z9d"Z:d#Z;gd$¢Ze?d(kre>ƒZ@dS))éNÚGtkz3.0)r)ÚGdk)ÚGLib)ÚSELinuxDBus)ÚDISABLEDÚ PERMISSIVEÚ ENFORCINGzselinux-python)éTÚunicodeÚ localedirz/usr/share/localeÚfallbackÚ_ZNoZYesZDisableZEnablecCs<|dur|durdS|dur dS|dur,dS||k||kS)Nréÿÿÿÿé©)ÚaÚbrrú0/usr/lib/python3.9/site-packages/sepolicy/gui.pyÚcmpGsrzAdvanced >>zAdvanced <>zAdvanced Search < To change from Disabled to Enforcing mode - Change the system mode from Disabled to Permissive - Reboot, so that the system can relabel - Once the system is working as planned * Change the system mode to Enforcing c@sÔeZdZd#dd„Zdd„Zdd„Zd d „Zdd„Zd d„Zdd„Z dd„Z dd„Zdd„Zdd„Z dd„Zdd„Zdd„Zdd „Zd!d"„Zd#d$„Zd%d&„Zd'd(„Zd)d*„Zd+d,„Zd-d.„Zd/d0„Zd1d2„Zd3d4„Zd5d6„Zd7d8„Zd9d:„Zd;d<„Zd=d>„Z d?d@„Z!dAdB„Z"dCdD„Z#dEdF„Z$dGdH„Z%dIdJ„Z&dKdL„Z'dMdN„Z(dOdP„Z)dQdR„Z*dSdT„Z+dUdV„Z,dWdX„Z-dYdZ„Z.d[d\„Z/d]d^„Z0d_d`„Z1dadb„Z2dcdd„Z3dedf„Z4dgdh„Z5didj„Z6dkdl„Z7dmdn„Z8dodp„Z9dqdr„Z:dsdt„Z;dudv„Zd{d|„Z?d}d~„Z@dd€„ZAdd‚„ZBdƒd„„ZCd…d†„ZDd‡dˆ„ZEd‰dŠ„ZFd‹dŒ„ZGddŽ„ZHdd„ZId‘d’„ZJd“d”„ZKd•d–„ZLd—d˜„ZMd™dš„ZNd›dœ„ZOddž„ZPdŸd „ZQd¡d¢„ZRd£d¤„ZSd¥d¦„ZTd§d¨„ZUd©dª„ZVd«d¬„ZWdd®„ZXd¯d°„ZYd±d²„ZZd³d´„Z[dµd¶„Z\d·d¸„Z]d¹dº„Z^d»d¼„Z_d½d¾„Z`d$dÀdÁ„ZadÂdÃ„ZbdÄdÅ„ZcdÆdÇ„ZddÈdÉ„ZedÊdË„ZfdÌdÍ„ZgdÎdÏ„ZhdÐdÑ„ZidÒdÓ„ZjdÔdÕ„ZkdÖd×„ZldØdÙ„ZmdÚdÛ„ZndÜdÝ„ZodÞdß„Zpdàdá„Zqdâdã„Zrdädå„Zsdædç„Ztdèdé„Zudêdë„Zvdìdí„Zwdîdï„Zxdðdñ„Zydòdó„Zzdôdõ„Z{död÷„Z|dødù„Z}dúdû„Z~düdý„Zdþdÿ„Z€dd„Zdd„Z‚dd„Zƒdd„Z„dd „Z…d d„Z†dd „Z‡dd„Zˆdd„Z‰d%dd„ZŠdd„Z‹dd„ZŒdd„Zdd„ZŽdd„Zdd „Zd!d"„Z‘dS(&Ú SELinuxGuiNFcBCsòd|_d|_t|_tƒ|_z|j ¡}Wn8tjjy`}zt |ƒ| ¡WYd}~n d}~00| ¡||_d|_ t ¡}tjdddidd|_|jd }| |¡| d ¡|_| d¡|_| d¡|_| d ¡|_| d¡|_| d¡|_t tjj¡|_t tjj ¡|_!t" #¡d|_$d|_%d|_&d|_'d|_(d|_)d|_*g|_+g|_,i|_-| d¡|_.| d¡|_/| d¡|_0d|_1| d¡|_2| d¡|_3|j3 4|j5¡| d¡|_6| d¡|_7| d¡|_8d|_9| d¡|_:| d¡|_;| d¡|_<| d¡|_=| d¡|_>| d¡|_?| d¡|_@| d ¡|_A| d!¡|_B|jB Cd"tjDjE¡| d#¡|_F|jF 4|j5¡| d$¡|_G| d%¡|_H| d&¡|_I| d'¡|_J| d(¡|_K| d)¡|_L|jL Cd"tjDjE¡| d*¡|_M|jM 4|j5¡| d+¡|_N| d,¡|_O| d-¡|_P| d.¡|_Q| d/¡|_R| d0¡|_S| d1¡|_T| d2¡|_U| d3¡|_V| d4¡|_W| d5¡|_X| d6¡|_Y| d7¡|_Z| d8¡|_[| d9¡|_\| d:¡|_]| d;¡|_^|j^ Cd"tjDjE¡| d<¡|__| d=¡|_`|j` 4|j5¡| d>¡|_a| d?¡|_b| d@¡|_c| dA¡|_d| dB¡|_e| dC¡|_f| dD¡|_g| dE¡|_h| dF¡|_i| dG¡|_j| dH¡|_k| dI¡|_l| dJ¡|_m| dK¡|_n| dL¡|_o| dM¡|_p| dN¡|_q| dO¡|_rg|_s| t¡dPkrð|ji ud¡|jk ud¡|jr ud¡| dQ¡|_v| dR¡|_w| dS¡|_x| y¡| dT¡|_z| dU¡|_{| dV¡|_|| dW¡|_}| dX¡|_~| dY¡|_| dZ¡|_€| d[¡|_| d\¡|_‚| d]¡|_ƒ| d^¡|_„| d_¡|_…| d`¡|_†| da¡|_‡| db¡|_ˆ| dc¡|_‰| dd¡|_Š| de¡|_‹| df¡|_Œ| dg¡|_| dh¡|_Ž| di¡|_| dj¡|_| dk¡|_‘| dl¡|_’| dm¡|_“| dn¡|_”| do¡|_•| dp¡|_–| dq¡|_—| dr¡|_˜| ds¡|_™| dt¡|_š| du¡|_›| dv¡|_œ| dw¡|_| dx¡|_ž| dy¡|_Ÿ| dz¡|_ | d{¡|_¡| d|¡|_¢| d}¡|_£| d~¡|_¤| d¡|_¥| d€¡|_¦| d¡|_§|j§ ¨d¡| d‚¡|_©| dƒ¡|_ª| d„¡|_«| d…¡|_¬| d†¡|_| d‡¡|_®| dˆ¡|_¯| d‰¡|_°| dŠ¡|_±| d‹¡|_²| dŒ¡|_³| d¡|_´|j´ 4|j5¡| dŽ¡|_µ|jµ ¶¡|_·| d¡|_¸|j¸ Cd"tjDjE¡| d¡|_¹|j¹ ¶¡|_º| d‘¡|_»| d’¡|_¼|j¼ Cd"tjDjE¡| d“¡|_½|j½ 4|j5¡| d”¡|_¾|j¾ ¶¡|_¿| d•¡|_À| d–¡|_Á|jÁ 4|j5¡| d—¡|_Â|j¾ ¶¡|_Ã| d˜¡|_Ä|jÄ Cd"tjDjE¡| d—¡|_Â|jÂ ¶¡|_Ã| d™¡|_Å|jÅ ¶¡|_Æ| dš¡|_Ç| d›¡|_È|jÈ Cd"tjDjE¡| dœ¡|_É|jÉ 4|j5¡| d¡|_Ê|jÊ ¶¡|_Ë| dž¡|_Ì| dŸ¡|_Í|jÍ Cd"tjDjE¡| d ¡|_Î|jÎ 4|j5¡| d¡¡|_Ï|jÏ ¶¡|_Ð| d¢¡|_Ñ| d£¡|_Ò|jÒ CdPtjDjE¡| d¤¡|_Ó|jÓ 4|j5¡| d¥¡|_Ô| d¦¡|_Õ| d§¡|_Ö| d¨¡|_×|j×|_Ø|j× ¶¡|_Ù| d©¡|_Ú| dª¡|_Û|jÛ CdtjDjE¡| d«¡|_Ü|jÜ 4|j5¡| d¬¡|_Ý|jÝ ¶¡|_Þ| d¡|_ß|jß ¶¡|_à| d®¡|_á| d¯¡|_â|jâ CdPtjDjE¡| d°¡|_ã|jã 4|j5¡| d±¡|_ä|jä ¶¡|_å| d²¡|_æ| d³¡|_ç|jç Cd"tjDjE¡| d´¡|_è|jè 4|j5¡| dµ¡|_é|jä ¶¡|_ê| d¶¡|_ë| d·¡|_ì| d¸¡|_í| d¹¡|_î|jî ïd"¡|jî ðd"¡|jî ñ|jòd¡|jí ó|jî¡|jí ôd"tjõ¡| dº¡|_ö| d»¡|_÷| d¼¡|_ø| d½¡|_ù| d¾¡|_ú|jú ûd¿¡|_ü| dÀ¡|_ý| dÁ¡|_þ| dÂ¡|_ÿ| dÃ¡|_| dÄ¡|_|j dÅ|j|j®¡| dÆ¡|_|j dÅ|j|ja¡| dÇ¡|_|j dÅ|j|jW¡| dÈ¡|_|j dÅ|j|jH¡| dÉ¡|_|j dÅ|j|j±¡| dÊ¡|_| d ¡|_| dË¡|_ | dÌ¡|_ | dÍ¡|_| dÎ¡}|j dÅ|j|jˆ¡g|_|j dÅ|j |jÒ¡d|_d}|rdÏdÐg|_+|r ||j+vr |j+ |¡nt ¡|_+|j+jtjdÑ|rf||j+vrf| tdÒƒ|¡| ¡| ¡t|j+ƒ} t ¡} |j+D]¼}| ||¡tt|jƒt| ƒƒ|_|j² |j¡|j² |j¡| ¡| |g¡D]6}t !|¡}|rþ| ||¡|j, |¡qþ|jd7_qŽ| "¡|jî #|jì¡|j8 #|j6¡|j$|j%|j&|j'|j(|j)|j*|j+|j,|j-|j.|j/|j0|j1|j2|j3|j4|j5|j6|j7|j8|j9|j:|j;|j<|j=|j>|j?|j@|jA|jB|j.|jC|jD|jE|jF|jG|jG|jH|jI|jJ|jK|jL|jM|jN|jO|jP|jQ|jR|jS|jE|jT|jU|jV|jW|jX|jY|jY|jY|jZ|j[|j\|j5|j]|j^dÓœA} | _|¡| `| ¡|j ¡ta bdÔ|jc¡| c¡d|_d|jÿ "¡|jþ "¡|jetfkr~| g¡nV|jr¼|j h|j¡|jí i|j¡| j¡| ]¡n| k¡|j lt¡| m¡d|_t n¡dS)ÕNFTÚZpurelibÚbasez/usr)Úvarsz /sepolicy/zsepolicy.gladeÚouter_notebookZSELinux_windowZMain_selection_menuÚmain_advanced_labelÚapplications_selection_buttonZ Revert_buttonrZadd_path_dialogÚerror_check_windowÚerror_check_labelÚadvanced_search_windowZadvanced_filterZ advanced_sortÚadvanced_filter_entryÚadvanced_search_treeviewZLogin_labelÚlogin_seuser_comboboxZlogin_seuser_liststoreÚlogin_name_entryÚlogin_mls_labelÚlogin_mls_entryZLogin_buttonÚlogin_treeviewÚlogin_liststorerÚlogin_filterÚlogin_popup_windowÚlogin_delete_liststoreÚlogin_delete_windowÚuser_popup_windowZUser_buttonÚuser_liststoreÚuser_filterÚ user_treeviewÚuser_roles_comboboxZuser_roles_liststoreZ User_labelÚuser_name_entryÚuser_mls_labelÚuser_mls_level_entryÚuser_mls_entryZselinux_user_comboboxÚuser_delete_liststoreÚuser_delete_windowÚfile_equiv_labelÚfile_equiv_source_entryÚfile_equiv_dest_entryZfile_equiv_buttonÚfile_equiv_treeviewÚfile_equiv_liststoreÚfile_equiv_popup_windowZfile_equiv_filterÚfile_equiv_delete_liststoreÚfile_equiv_delete_windowÚapp_system_buttonZ System_buttonZLockdown_buttonZSystems_boxZRelabel_buttonZRelabel_button_noÚadvanced_systemÚouter_notebook_frameZsystem_policy_type_labelÚselect_button_browseÚcancel_button_browseÚmoreTypes_window_filesZmore_types_file_liststoreZmoreTypes_treeview_filesÚsystem_policy_type_liststoreÚsystem_policy_type_comboboxrZEnforcing_button_defaultZPermissive_button_defaultZDisabled_button_defaultZenable_unconfinedZdisable_unconfinedZenable_permissiveZdisable_permissiveZ enable_ptraceZdisable_ptraceÚhelp_windowZ help_textvÚ info_textÚ help_imageÚforward_buttonÚback_buttonÚ update_windowÚupdate_treeviewZUpdate_treestoreÚapply_buttonZ Update_buttonZ Add_buttonZ Delete_buttonÚfiles_path_entryÚnetwork_ports_entryÚfiles_popup_windowÚnetwork_popup_windowZ Network_labelZfiles_labelZmake_path_recursiveZfiles_type_combo_storeZfiles_class_combo_storeÚfiles_type_comboboxÚfiles_class_comboboxÚfiles_mls_labelÚfiles_mls_entryZAdvanced_text_filesZcancel_delete_filesZ tcp_buttonZ udp_buttonZnetwork_type_combo_storeZnetwork_type_comboboxÚnetwork_mls_labelÚnetwork_mls_entryZAdvanced_text_networkZcancel_network_deleteZShow_mislabeled_filesÚmislabeled_files_labelÚ warning_filesZ Modify_buttonÚfix_label_windowÚfixlabel_labelÚfix_label_cancelÚfiles_delete_windowÚfiles_delete_treeviewÚfiles_delete_liststoreÚnetwork_delete_windowÚnetwork_delete_treeviewÚnetwork_delete_liststoreÚprogress_barZExecutable_files_treeviewÚexecutable_files_filterZExecutable_files_tabZexecutable_files_treestoreZfiles_buttonZWritable_files_treeviewZwritable_files_treestoreÚwritable_files_filterZWritable_files_tabZApplication_files_treeviewÚapplication_files_filterZApplication_files_tabZapplication_files_treestoreZnetwork_buttonZoutbound_treeviewÚnetwork_out_liststoreÚnetwork_out_filterÚnetwork_out_tabZinbound_treeviewÚnetwork_in_liststoreÚnetwork_in_filterÚnetwork_in_tabZBoolean_treeviewÚboolean_liststoreÚboolean_filterZbooleans_more_detail_windowZbooleans_more_detail_treeviewZbooleans_more_detail_liststoreZBooleans_buttonÚtransitions_into_treeviewÚtransitions_into_liststoreÚtransitions_into_filterZTransitions_into_tabZTransitions_buttonÚtransitions_from_treeviewÚtransitions_from_treestoreÚtransitions_from_filterZTransitions_from_tabZfile_transitions_treeviewZfile_transitions_liststoreZfile_transitions_filterZfile_transitionsZcombobox_orgÚapplication_liststoreÚcompletion_entryÚentrycompletion_objZShow_modified_only_toggleZEnforcing_labelZEnforcing_buttonZPermissive_buttonÚ status_barzSELinux statusÚfilter_entryÚ filter_boxÚadd_modify_delete_boxZactivateZfiles_toggle_deleteZtoggledZfile_equiv_toggle_delete1Zuser_toggle_deleteZlogin_toggle_deleteZnetwork_toggle_deleteZ toggle_updateZfiles_inner_notebookZnetwork_inner_notebookZtransitions_inner_notebookÚloading_guiZhttpd_tZabrt_t)Úkeyz%s is not a valid domain)AZon_combo_button_clickedZon_disable_ptrace_toggledZ%on_entrycompletion_obj_match_selectedZon_filter_changedZ"on_save_changes_file_equiv_clickedZon_save_changes_login_clickedZon_save_changes_user_clickedZon_save_changes_files_clickedZon_save_changes_network_clickedZ)on_Advanced_text_files_button_press_eventZitem_in_tree_selectedZ2on_Application_file_types_treeview_configure_eventÚon_save_delete_clickedZ)on_moreTypes_treeview_files_row_activatedZon_retry_button_files_clickedZon_make_path_recursive_toggledZ&on_files_path_entry_button_press_eventZon_files_path_entry_changedZon_select_type_files_clickedZon_choose_fileZon_Enforcing_button_toggledZon_confirmation_closeZon_column_clickedZ on_tab_switchZon_file_equiv_button_clickedzon_app/system_button_clickedzon_app/users_button_clickedÚon_show_advanced_search_windowZ on_Show_mislabeled_files_toggledZon_Browse_button_files_clickedZon_cancel_popup_clickedZon_treeview_cursor_changedZ on_login_seuser_combobox_changedZon_user_roles_combobox_changedZon_cancel_button_browse_clickedZon_apply_button_clickedZon_Revert_button_clickedZon_Update_button_clickedZ on_advanced_filter_entry_changedZ)on_advanced_search_treeview_row_activatedZ!on_Select_advanced_search_clickedZ!on_info_button_button_press_eventZon_back_button_clickedZon_forward_button_clickedZ#on_Boolean_treeview_columns_changedZon_completion_entry_changedZon_Add_button_clickedZon_Delete_button_clickedZon_Modify_button_clickedZon_Show_modified_only_toggledZon_cancel_button_config_clickedZon_Import_button_clickedZon_Export_button_clickedZon_enable_unconfined_toggledZon_enable_permissive_toggledZ&on_system_policy_type_combobox_changedZ#on_Enforcing_button_default_toggledZ$on_Permissive_button_default_toggledZ"on_Disabled_button_default_toggledZon_Relabel_button_toggled_cbZ%on_advanced_system_button_press_eventZon_files_type_combobox_changedZon_filter_row_changedZon_button_toggledZ gtk_main_quitr(oÚfinish_initZ advanced_initÚ START_PAGEÚopagerÚdbusÚ customizedÚ exceptionsÚ DBusExceptionÚprintÚquitÚinit_curÚapplicationÚ filter_txtrZBuilderÚ sysconfigZget_pathÚ code_pathZ add_from_fileZ get_objectr)ÚwindowÚmain_selection_popoverr*r+Ú revert_buttonrZCursorZ CursorTypeZWATCHÚbusy_cursorZLEFT_PTRÚready_cursorÚselinuxÚselinux_getpolicytypeÚinitialtypeÚ current_popupÚ import_exportÚclear_entryÚ files_addÚnetwork_addÚmislabeled_filesZall_domainsZinstalled_listZpreviously_modifiedÚfile_dialogr,r-Z invalid_entryr.Úadvanced_search_filterZset_visible_funcÚfilter_the_dataZadvanced_search_sortr/r0Zadvanced_searchÚlogin_labelr1Úlogin_seuser_combolistr2r3r4Úlogin_radio_buttonr5r6Zset_sort_column_idZSortTypeZ ASCENDINGr7r8r9r:r;Úuser_radio_buttonr<r=r>r?Úuser_roles_combolistÚ user_labelr@rArBrCZ user_comboboxrDrErFrGrHÚfile_equiv_radio_buttonrIrJrKZfile_equiv_treefilterrLrMrNÚsystem_radio_buttonÚlockdown_radio_buttonZsystems_boxÚrelabel_buttonÚrelabel_button_norOrPÚsystem_policy_labelrQrRrSÚmore_types_files_liststoreÚmoreTypes_treeviewrTrUZpolicy_listÚpopulate_system_policyÚset_visibleÚenforcing_button_defaultÚpermissive_button_defaultÚdisabled_button_defaultÚinitialize_system_default_modeÚenable_unconfined_buttonÚdisable_unconfined_buttonÚenable_permissive_buttonÚdisable_permissive_buttonZenable_ptrace_buttonÚdisable_ptrace_buttonrVÚ help_textrWrXrYrZr[r\Úupdate_treestorer]Ú update_buttonÚ add_buttonÚ delete_buttonr^r_r`raÚpopup_network_labelÚpopup_files_labelÚrecursive_path_toggleÚfiles_type_combolistÚfiles_class_combolistrbrcrdreÚadvanced_text_filesZfiles_cancel_buttonÚnetwork_tcp_buttonÚnetwork_udp_buttonÚnetwork_port_type_combolistÚnetwork_port_type_comboboxrfrgÚadvanced_text_networkZnetwork_cancel_buttonÚshow_mislabeled_files_onlyrhriÚ modify_buttonÚ set_sensitiverjrkrlrmrnrorprqrrrsÚexecutable_files_treeviewrtÚexecutable_files_tabZget_tooltip_textZ executable_files_tab_tooltip_txtÚexecutable_files_liststoreÚfiles_radio_buttonZfiles_button_tooltip_txtÚwritable_files_treeviewÚwritable_files_liststoreruÚwritable_files_tabZwritable_files_tab_tooltip_txtÚapplication_files_treeviewrvÚapplication_files_tabZ!application_files_tab_tooltip_txtÚapplication_files_liststoreÚnetwork_radio_buttonZnetwork_button_tooltip_txtÚnetwork_out_treeviewrwrxryZnetwork_out_tab_tooltip_txtÚnetwork_in_treeviewrzr{r|Znetwork_in_tab_tooltip_txtÚboolean_treeviewr}r~Úboolean_more_detail_windowZboolean_more_detail_treeviewÚ!boolean_more_detail_tree_data_setÚboolean_radio_buttonÚ active_buttonZboolean_button_tooltip_txtrr€rÚtransitions_into_tabZ transitions_into_tab_tooltip_txtÚtransitions_radio_buttonZtransitions_button_tooltip_txtr‚rƒr„Útransitions_from_tabZ transitions_from_tab_tooltip_txtÚtransitions_file_treeviewÚtransitions_file_liststoreZtransitions_file_filterÚtransitions_file_tabZ transitions_file_tab_tooltip_txtZ combobox_menur…r†r‡Zset_minimum_key_lengthZset_text_columnZset_match_funcÚ match_funcZset_completionZset_icon_from_stockZ STOCK_FINDÚshow_modified_onlyÚcurrent_status_labelÚcurrent_status_enforcingÚcurrent_status_permissiverˆZget_context_idÚ context_idr‰rŠr‹ÚcellZdel_cell_filesÚconnectÚon_toggle_updateZdel_cell_files_equivZ del_cell_userZdel_cell_loginZdel_cell_networkZupdate_cellÚinner_notebook_filesÚinner_notebook_networkÚinner_notebook_transitionsZall_entriesÚ on_toggleZloadingÚappendÚsepolicyZget_all_domainsÚsortÚstrÚlowerÚerrorr ÚshowÚlenZget_init_entrypoints_strÚ combo_box_addÚfloatZ percentageZset_fractionZset_pulse_stepÚ idle_funcÚgetZfind_entrypoint_pathÚhideZ set_modelÚopen_combo_menuÚon_disable_ptraceÚset_application_labelÚget_filter_dataÚupdate_to_file_equivÚupdate_to_loginÚupdate_to_userÚupdate_to_filesÚupdate_to_networkÚreveal_advancedÚcursor_changedÚresize_wraprŽÚpopulate_type_comboÚinvalid_entry_retryÚrecursive_pathÚhighlight_entry_textÚautofill_add_files_entryÚselect_type_moreÚon_browse_selectÚset_enforceÚconfirmation_closeÚcolumn_clickedÚ clear_filtersÚshow_file_equiv_pageÚsystem_interfaceÚusers_interfacerÚshow_mislabeled_filesÚbrowse_for_filesÚclose_popupÚlogin_seuser_combobox_changeÚuser_roles_combobox_changeÚclose_config_windowÚapply_changes_button_pressÚupdate_or_revert_changesÚget_advanced_filter_dataÚadvanced_item_selectedÚadvanced_item_button_pushÚon_help_buttonÚon_help_back_clickedÚon_help_forward_clickedÚresize_columnsÚapplication_selectedÚadd_button_clickedÚdelete_button_clickedÚmodify_button_clickedÚon_show_modified_onlyÚimport_config_showÚexport_config_showÚunconfined_toggleÚpermissive_toggleÚchange_default_policyÚchange_default_modeÚrelabel_on_rebootÚreveal_advanced_systemÚshow_more_typesÚ tab_changeÚclosewindowÚpreviously_modified_initializeZconnect_signalsrZtimeout_add_secondsÚselinux_statusÚlockdown_initedÚstatusrÚshow_system_pageÚ set_labelÚset_textÚshow_applications_pageÚclearbuttonsÚset_current_pageÚreinitÚmain)ÚselfÚappÚtestr”ÚeZbuilderZ glade_filerŒÚpathÚlengthZentrypoint_dictÚdomainZ entrypointÚdicrrrÚ__init__vs " »H zSELinuxGui.__init__cCsi|_tD]}i|j|<q dS©N)Úcur_dictÚkeys)rRÚkrrrr™rszSELinuxGui.init_curcCsHd}|jD]8}|j|D](}||kr8|j||=dS|d7}qq dS©Nrr)r\)rRÚctrÚir^ÚjrrrÚ remove_curws zSELinuxGui.remove_curcCszt ¡|_Wnty&t|_Yn0|jtkr„|j d¡|j d¡|j d¡|j d¡|j |jt dƒ¡|j t¡n| |j¡tj d¡rª|j d¡n|j d¡t ¡d}t ¡d}|tkrâ|j d¡|tkrö|j d¡|tkr|j d¡dS)NFzSystem Status: Disabledú /.autorelabelTr)r£Zsecurity_getenforcerIÚOSErrorrrõrÚrör÷r¿rˆÚpushrør rWrKÚ DISABLED_TEXTÚset_enforce_textÚosrVÚexistsr¸Ú set_activer¹r¤Úselinux_getenforcemoderrrÀrÁ)rRZ policytypeÚmoderrrrG€s0 zSELinuxGui.selinux_statuscCs¸|jr dS| ¡d|_|j t d¡¡i|_|j ¡ d¡D]:}| ¡}t |ƒdkrZq@|dt |ƒdkdœ|j|d<q@|j |jdd ¡|j |jd d ¡| ¡dS)NTZdeny_ptraceÚ r r)ÚpriorityÚDisabledrÚ unconfinedrpÚpermissivedomains)rHÚ wait_mouserÇrkr£Zsecurity_get_boolean_activeZmodule_dictr“Z semodule_listÚsplitrrÃrÅÚready_mouse)rRÚmÚmodrrrÚ lockdown_initŸs"zSELinuxGui.lockdown_initcGs¦| ¡}|sdS|jtkr4| ¡dkr4| |j|¡|jtkrp|j |d¡}| ¡dkrp|rp| |j |d¡¡|jt kr¢|j |d¡}|r¢|j ¡|j |¡dS)NZmore_detail_colr Zrestorecon_colrr)Úget_selected_iterr’Ú BOOLEANS_PAGEZget_nameÚdisplay_more_detailržÚ FILES_PAGEÚ liststoreÚ get_valueÚfix_mislabeledÚTRANSITIONS_PAGErëZclickedr‰rL)rRÚtreeviewZtreepathZtreecolÚargsÚiterZvisibleZ bool_namerrrr"°s zSELinuxGui.column_clickedcCst ¡rt ¡qdSr[)rZevents_pendingZmain_iteration©rRrrrr ÅszSELinuxGui.idle_funccCs<z$|j |d¡ |¡dkr WdSWdSty6Yn0dS)NrrTF)r…r~ÚfindÚAttributeError)rRZ completionZ key_stringrƒZ func_datarrrróÉszSELinuxGui.match_funccCsÎ|j |jdk¡|j |jt|jƒdk¡z0td|j|j|jfdƒ}| ¡}| ¡Wnt ytd}Yn0|j ¡}| |d|ji¡|j |¡|j d|j|j|jf¡| |j¡dS)Nrrz %shelp/%s.txtÚrr&ÚAPPz %shelp/%s.png)rZrÚÚ help_pagerYrÚ help_listÚopenrÚreadÚcloseÚIOErrorrÈZ get_bufferrLršZ set_bufferrXZ set_from_fileÚ show_popuprV)rRÚfdÚbufrÈrrrÚhelp_show_pageÑs zSELinuxGui.help_show_pagecGs|jd8_| ¡dS©Nr©r‰r’©rRr‚rrrr3àszSELinuxGui.on_help_back_clickedcGs|jd7_| ¡dSr“r”r•rrrr4äsz"SELinuxGui.on_help_forward_clickedcGs^d|_g|_|jtkr.|j tdƒ¡dg|_|jtkrR|j tdƒ¡gd¢|_|jtkrÆ|j ¡}|tkr†|j tdƒ¡dg|_|tkr¦|j tdƒ¡d g|_|t krÆ|j td ƒ¡dg|_|jtkr|j ¡}|tkrü|j tdƒ¡d g|_|tkr|j tdƒ¡dg|_|jtkrœ|j ¡}|tkrX|j tdƒ¡gd¢|_|tkrz|j tdƒ¡dg|_|tkrœ|j tdƒ¡dg|_|jtkrÂ|j tdƒ¡gd¢|_|jtkrè|j tdƒ¡gd¢|_|jtkr|j tdƒ¡ddg|_|jtkr2|j tdƒ¡dg|_|jtkrV|j tdƒ¡d g|_| ¡S)!NrzHelp: Start PageÚstartzHelp: Booleans Page)ZbooleansZbooleans_toggledZ booleans_moreZbooleans_more_showzHelp: Executable Files PageZ files_execzHelp: Writable Files PageZfiles_writezHelp: Application Types PageZ files_appz'Help: Outbound Network Connections PageZports_outboundz&Help: Inbound Network Connections PageZ ports_inboundz&Help: Transition from application Page)Ztransition_fromZtransition_from_booleanZtransition_from_boolean_1Ztransition_from_boolean_2z&Help: Transition into application PageZ transition_toz&Help: Transition application file PageZtransition_filezHelp: Systems Page)ÚsystemZsystem_boot_modeZsystem_current_modeZ system_exportZsystem_policy_typeZsystem_relabelzHelp: Lockdown Page)ZlockdownZlockdown_unconfinedZlockdown_permissiveZlockdown_ptracezHelp: Login Pager Z login_defaultzHelp: SELinux User PageÚuserszHelp: File Equivalence PageZ file_equiv)r‰rŠr’r‘rVÚ set_titler rzr|rüÚget_current_pageÚEXE_PAGEÚ WRITABLE_PAGEÚAPP_PAGEÚNETWORK_PAGErýÚ OUTBOUND_PAGEÚINBOUND_PAGEr€rþÚTRANSITIONS_FROM_PAGEÚTRANSITIONS_TO_PAGEÚTRANSITIONS_FILE_PAGEÚSYSTEM_PAGEÚ LOCKDOWN_PAGEÚ LOGIN_PAGEÚ USER_PAGEÚFILE_EQUIV_PAGEr’©rRr‚Úipagerrrr2èsl zSELinuxGui.on_help_buttoncGs|j |j¡|j ¡dSr[)rŸZset_relative_tor+Zpopupr•rrrr (szSELinuxGui.open_combo_menucGs d|_dS©NT)rr•rrrr,sz SELinuxGui.set_application_labelcGst|ƒdSr[©r—r•rrrr/szSELinuxGui.resize_wrapcCsHt ¡d|_|jtkr |j|_|jtkr2|j|_|jtkrD|j |_dSr“) r£rlÚenforce_moderr¿Úenforce_buttonrrÀrrÁr„rrrrÂ2s z)SELinuxGui.initialize_system_default_modecCsrttjt ¡ddƒd}| ¡d}|D]B}|j ¡}|j |d|¡||j krd|j |¡||_|d7}q*|S)NT)Útopdownrr) ÚnextriÚwalkr£Zselinux_pathrrTrÚ set_valuer¥rUrkÚtypeHistory)rRÚtypesr`Úitemrƒrrrr½;s z!SELinuxGui.populate_system_policyc Gsª|jdkrdSzŠtd| ¡ƒD]v}zZ| ||¡}|dusH|dusH|durLWq| |j¡dksp| ¡ |j¡dkrzWWdSWqttfy’Yq0qWnYn0dS)Nr&TrFr)r›ÚrangeÚ get_n_columnsr~r…rr†Ú TypeError)rRÚlistrƒr‚ÚxÚvalrrrr®Hs $zSELinuxGui.filter_the_datac Cs†| ¡D]x}||D]j\}}d |¡|f} | |jdvrh|jd| ddkrPq||jd| dkrhq| |d |¡||¡qqdS)Nú,rÚactionú-dÚtypeú, )r]Újoinr\Únetwork_initial_data_insert) rRrSÚnetdÚprotocolÚ directionÚmodelr^ÚtÚportsZpkeyrrrÚ net_update[szSELinuxGui.net_updatecCs¬| ¡t ¡}|j ¡|D]€}|j ¡}||drV| |¡}| ||d¡}n|}||d}|j |d|¡|j |d|¡|j |d||d¡q| ¡dS)NÚmodifyÚequivrrr) rsrZget_file_equivrJÚclearrÚmarkupr²ru)rRZedictÚfrƒÚnamerËrrrÚfile_equiv_initializefs z SELinuxGui.file_equiv_initializec Cs¾| ¡|j ¡t ¡D]–}|j ¡}|j |dt|dƒ¡|d}d|vrZ| d¡|j |dd |¡¡|j |d| dd ¡¡|j |d | dd ¡¡|j |dd ¡q| ¡dS)NrrÏÚrolesZobject_rrrÀrÚlevelr&r r¶rT)rsr<rÌrÚget_selinux_usersrr²rÚremoverÁrru)rRÚurƒrÑrrrÚuser_initializexs zSELinuxGui.user_initializecCs‚| ¡|j ¡t ¡D]Z}|j ¡}|j |d|d¡|j |d|d¡|j |d|d¡|j |dd¡q| ¡dS) NrrÏrÚseuserrÚmlsr T)rsr6rÌrZget_login_mappingsrr²ru)rRrÕrƒrrrÚlogin_initialize‡s zSELinuxGui.login_initializecCs|tjj|dddd}| ||dt|j¡tjj|dddd}| ||dt|j¡tjj|dddd}| ||dt|j¡dS)NÚtcpÚname_connectT©Zcheck_boolsÚ name_bindÚudp)rÚnetworkÚget_network_connectrÉrŸrwr rz)rRrSrÃrrrÚnetwork_initialize’szSELinuxGui.network_initializecCsD| ¡}| |d|¡| |d|¡| |d|¡| |dd¡dS)NrrrrT©rr²)rRrÆrÈZportTyperÄrƒrrrrÂšs z&SELinuxGui.network_initial_data_insertcCs”d}| ¡}|D](}|d|kr0| |¡dS|d7}q| |d¡}| |d¡tdƒkrp| |¡}|d}n| ¡}| |d|¡| |¡dS)NrrúMore...)Ú get_modelrkÚget_iterr~r Z insert_beforerr²)rRÚcomboboxr»r`r}raÚniterrƒrrrÚcombo_set_active_text¡s z SELinuxGui.combo_set_active_textcCs2| ¡}| ¡}|dkrdS| |¡}| |d¡S©Nr)räÚ get_activerår~)rRrær}ÚindexrƒrrrÚcombo_get_active_text³s z SELinuxGui.combo_get_active_textcCs:|durdS|j ¡}|j |d|¡|j |d|¡dSr_)r…rr²)rRr»Úval1rƒrrrr»s zSELinuxGui.combo_box_addcGsN|j ¡}| ¡d}|dur"dS|j |d¡}| |j|¡| |j¡dS©Nrr) r¼Ú get_selectionÚget_selectedr»r~rèrbrErS)rRr‚rSrƒrrrrÂs zSELinuxGui.select_type_morecGsx|j ¡}| ¡\}}| |¡}|j |¡}|j |d¡}|durFdS|j d¡|j ¡| |j¡|j |¡dS©Nrr&)r0rïrðÚconvert_iter_to_child_iterrr…r~r/rLr.rrr*r†)rRr‚ÚrowrÆrƒrSrrrr1Ës z$SELinuxGui.advanced_item_button_pushcGs`|j |¡}|j |¡}|j |d¡}|j d¡|j ¡| |j ¡|j |¡| ¡dSrñ) rråròr…r~r/rLr.rrr*r†r6)rRrrVr‚rƒrSrrrr0Øs z!SELinuxGui.advanced_item_selectedcCs2|r.t|ƒdkr.|jD]}||dkrdSqdS©NrTF)rr…)rRrSÚitemsrrrÚfind_applicationâs zSELinuxGui.find_applicationcGsÂ|j d¡|j d¡|j d¡|j d¡|j ¡}| |¡sHdS| ¡|j d¡|j d¡|j ¡|j ¡|j ¡|j ¡|j ¡|j ¡|j ¡|j ¡|j ¡z*|ddkrêt |¡}|säWdS||_WntyþYn0| ¡| |j ¡¡| ¡| |¡d|_!| "|¡| #|¡| $|¡| %|¡| &|¡| '|¡| (|¡|j) *t+dƒ|¡|j, *t+dƒ|¡|j- *t+dƒ|¡|j. *t+d ƒ|¡|j/ *t+d ƒ|¡|j0 *t+dƒ|¡|j1 *t+dƒ|¡|j2 *t+d ƒ|¡|j3 4t+dƒ|¡|j5 4t+dƒ|¡|j6 4t+dƒ|¡|j3 *t+dƒ|¡|j5 *t+dƒ|¡|j6 *t+dƒ|¡|j7 *t+dƒ|¡||_|j8 4|j¡| 9¡dS)NFr&Trú/z(File path used to enter the '%s' domain.z)Files to which the '%s' domain can write.z6Network Ports to which the '%s' is allowed to connect.z5Network Ports to which the '%s' is allowed to listen.z File Types defined for the '%s'.zODisplay boolean information that can be used to modify the policy for the '%s'.z;Display file type information that can be used by the '%s'.zADisplay network ports to which the '%s' can connect or listen to.z!Application Transitions Into '%s'z!Application Transitions From '%s'zFile Transitions From '%s'zVExecutables which will transition to '%s', when executing selected domains entrypoint.zQExecutables which will transition to a different domain, when '%s' executes them.z4Files by '%s' with transitions to a different label.zADisplay applications that can transition into or out of the '%s'.):rØr¾rhrir‰rLr†Úget_textrörMrËrÚrÌrÝrÌrzrwr}r€rƒräràrñrZget_init_transtyperšÚ IndexErrorrsrFr“r”rPÚboolean_initializer«Úexecutable_files_initializeráÚwritable_files_initializeÚtransitions_into_initializeÚtransitions_from_initializeÚapplication_files_initializeÚtransitions_files_initializerÜÚset_tooltip_textr ráryr|rãrërÞrårírKrïròrîr+ru)rRr‚rSrrrr6ésr zSELinuxGui.application_selectedcCs t ¡t ¡|_t ¡|_dSr[)rrPZ get_fcdictÚfcdictZget_local_file_pathsÚlocal_file_pathsr„rrrrP+s zSELinuxGui.reinitcCs†i|_| d¡D]î}| ¡}t|ƒdkr,q|ddkr:q|d|jvrVi|j|d<|ddkr€d|ddki|jd|d <|dd kr¬|d|dd œ|jd |d <|ddkrÒd|di|jd|d <|ddkrd|d|ddœ|jd|d <|ddkr2d|di|jd|d |df<|ddkrf|d|d|ddœ|jd|d <|ddkrÖ|ddkr´d|jvr˜i|jd<d|di|jd|d <n"d|di|jd|d |df<|ddkrd|ddki|jd|d <qd|jvrdSd|jfd |jffD]2\}}||jdvr&| |jd|d¡q&tD]"}||jvr^|j |ii¡q^dS)!Nrnrrz-DrÚactiverz-1rr r r)r×r¶r$r¿r!Ús0)rÒr¶Úroleréþÿÿÿr#r)ÚmaskrÄr¿rz-errËr"Úenabledr¾rqrr)Ú cust_dictrtrrÄrÆrkr]Úupdate)rRr‘raZrecZsemoduleÚbuttonrrrrF0sJ ""& " z)SELinuxGui.previously_modified_initializecCs²t |¡|_|j ¡D]–}t|j|ƒdkr.q|j|d}|j|dD]`}||f|jdvr˜|jd||fddkr|qJ||jd||fdkr˜qJ| |j|||¡qJqdS)Nrrrr½r¾r¿)rZget_entrypointsÚentrypointsr]rr\Úfiles_initial_data_insertrÝ)rRršÚexeÚ file_classrVrrrrûZsz&SELinuxGui.executable_files_initializecCsBz(t |d¡d}t |¡d}||kWSty<YdS0dS)NrrF)r£ÚmatchpathconÚ getfileconre)rRrVÚconÚcurrrrÚ mislabeledhs zSELinuxGui.mislabeledcCs| |¡sdSt |d¡d}t |¡d}d|_| |dd¡| |dd¡| |dd¡| |d| d¡d¡| |d | d¡d¡dS) NrrTr rrú:rr)rr£rrr«r²rt)rRÚtreerVrƒrçrrrrrÚset_mislabeledps zSELinuxGui.set_mislabeledcCsÈt |¡|_|j ¡D]¬}t|j|ƒdkrD| |jd|tdƒ¡q|j|d}|j|dD]`}||f|jdvr®|jd||fddkr’q`||jd||fdkr®q`| |j|||¡q`qdS) Nrz all filesrrrr½r¾r¿) rZget_writable_filesÚwritable_filesr]rrràr r\)rRršÚwriterrVrrrrü~sz$SELinuxGui.writable_files_initializec CsÄ| d¡}|dur tdƒ}d}nh||f|jv}t |¡D],}| |¡}| |d|¡| ||||¡q8|rˆ| |¡}| |¡}| |¡}| |d|¡| |d|¡| |d|¡| |d|¡dS)NzMISSING FILE PATHFrrrr)rr rrZ find_filer²rrÍ) rRr}rVZ selinux_labelrrƒrÊÚprçrrrrŽs" z$SELinuxGui.files_initial_data_insertcCsd|S)Nz %sr©rRrÎrrrrÍ¢szSELinuxGui.markupc Cs |rt ddt dd|¡¡SdS)Nz$r&z^)ÚreÚsubrrrrÚunmarkup¥szSELinuxGui.unmarkupcCsÂt |¡|_|j ¡D]¦}t|j|ƒdkr.q|j|d}|j|dD]p}tj||jd}||f|jdvr¨|jd||fddkrŒqJ||jd||fdkr¨qJ| |j |||¡qJqdS)Nrr)rÍrr½r¾r¿) rZget_file_typesÚ file_typesr]rZget_descriptionrÍr\rrä)rRršrSrrVÚdescrrrrÿªsz'SELinuxGui.application_files_initializecCs,d}|jD]}t|j|ƒdkr dSq dSrô)r\r)rRrar^rrrÚmodified¹s zSELinuxGui.modifiedcCsZt |¡D]J}|D]@\}}||jdvr:|jd|d}t |¡}| |||¡qq dS)Nrr)rZ get_boolsr\Úboolean_descÚboolean_initial_data_insert)rRršÚblistrrr!rrrrúÀs zSELinuxGui.boolean_initializecCsR|j ¡}|j |d|¡|j |d|¡|j |d|¡|j |dtdƒ¡dS)Nrrrr rã)r}rr²r )rRr»r!rrƒrrrr$Ès z&SELinuxGui.boolean_initial_data_insertcCs^t |¡D]N}d}d}d}d|vr*|d}d|vr:|d}d|vrJ|d}| |||¡q dS)NrÚtargetÚsource)rZget_transitions_intoÚ$transitions_into_initial_data_insert)rRršrºrÚ executabler'rrrrýÐsz&SELinuxGui.transitions_into_initializecCsd|j ¡}|dkr0|j |dt|dd¡n|j |dd¡|j |d|¡|j |d|¡dS)NrrÚDefaultr)r€rr²r )rRrr)r'rƒrrrr(Ýs z/SELinuxGui.transitions_into_initial_data_insertc Cs˜t |¡D]ˆ}d}d}d}d|vr*|d}d|vr:|d}d|vrJ|d}| |||¡z&|j|dD]}| |||¡qhWq tyYq 0q dS)Nrr&Ú transtypeZregex)rZget_transitionsÚ$transitions_from_initial_data_insertrÚKeyError)rRršrºrr)r+Zexecutable_typerrrrþçs z&SELinuxGui.transitions_from_initializecCsì|j d¡}|dkr6|j |dd¡|j |dd¡n’|j |¡}|j |dt|dd¡d}|ddrˆ|j |dtdƒ|¡n|j |dtd ƒ|¡|j |d|dd¡|j |dd ¡|j |d|¡|j |d|¡dS)Nrr*rFr)zzrz:To disable this transition, go to the %sBoolean section%s.z9To enable this transition, go to the %sBoolean section%s.Tr )rƒrr²r r )rRrr)r+rƒrçrÍrrrr,ùsz/SELinuxGui.transitions_from_initial_data_insertcCsFt |¡D]6}d|vr |d}nd}| |d|d|d|¡q dS)NÚfilenamer&Úclassr+)rZget_file_transitionsÚ%transitions_files_initial_data_insert)rRršrar.rrrrs z'SELinuxGui.transitions_files_initializecCsZ|j ¡}|j |d|¡|j |d|¡|j |d|¡|dkrFd}|j |d|¡dS)NrrrÚ*r )rñrr²)rRrVÚtclassÚdestrÏrƒrrrr0s z0SELinuxGui.transitions_files_initial_data_insertcGs4| ¡d|_d|_d|_d|_|j d¡|j ¡|j d¡|j d¡|j d¡|j d¡|j ¡r|j t¡|j|_|j d¡|j ¡r´| |j¡|j d¡|j |j¡|j |j¡|j |j¡|j t¡|d|jkr|d}n |j ¡}|tkr*|j|_tdƒ}n6|tkrF|j|_tdƒ}n|tkr`|j |_tdƒ}|j! "tdƒ||j#d œ¡|j$ "td ƒ||j#d œ¡|j "tdƒ||j#d œ¡|j% ¡rŽ|j &¡|j d¡|j t'¡|d|j(krü|d}n |j( ¡}|t)kr |j*|_tdƒ}|t+kr:|j,|_td ƒ}|j! "tdƒ|j#|dœ¡|j$ "tdƒ|j#|dœ¡|j "tdƒ|j#|dœ¡|j- ¡r|j t.¡|d|j/krÀ|d}n |j/ ¡}|t0krÜ|j1|_|t2krî|j3|_|t4kr|j5|_|j6 ¡r"|j t7¡|j8 ¡|j9 ¡rL| :¡|j t;¡|j8 ¡|j< ¡r²|j t=¡|j &¡|j d¡|j>|_|j! "tdƒ¡|j$ "tdƒ¡|j "tdƒ¡|j? ¡r|j t@¡|j &¡|j d¡|jA|_|j! "tdƒ¡|j$ "tdƒ¡|j "tdƒ¡|jB ¡r~|j tC¡|j &¡|j d¡|jD|_|j! "tdƒ¡|j$ "tdƒ¡|j "tdƒ¡|j ¡|_E|jr$|j8 &¡|j F¡|_|j F¡|_|j F¡|_tGd|j H¡ƒD]D}|j I|¡}|rÐ| J¡d}tK|tLjMƒrÐ|j N||jOd¡qÐ|j P¡ Q¡|j d¡dS)NFTrrr)Úwritableršz4Add new %(TYPE)s file path for '%(DOMAIN)s' domains.)ZTYPEZDOMAINz3Delete %(TYPE)s file paths for '%(DOMAIN)s' domain.zModify %(TYPE)s file path for '%(DOMAIN)s' domain. Only bolded items in the list can be selected, this indicates they were modified previously.rúzlisten for inbound connectionszMAdd new port definition to which the '%(APP)s' domain is allowed to %(PERM)s.)rˆZPERMzVDelete modified port definitions to which the '%(APP)s' domain is allowed to %(PERM)s.zMModify port definitions to which the '%(APP)s' domain is allowed to %(PERM)s.z%Add new SELinux User/Role definition.z.Delete modified SELinux User/Role definitions.z7Modify selected modified SELinux User/Role definitions.z!Add new Login Mapping definition.z*Delete modified Login Mapping definitions.z3Modify selected modified Login Mapping definitions.z$Add new File Equivalence definition.z-Delete modified File Equivalence definitions.z“Modify selected modified File Equivalence definitions. Only bolded items in the list can be selected, this indicates they were modified previously.)Rr#rÚtreesortÚ treefilterr}rÙrÚr‹rrôr¾rØrhrirërêr)rOrzrèrÞrr«r|rüršr›rÛr rœrßrrârËrršrÌrårržrýrŸrær rçrîr€rþr¡r‚r¢rr£rðr¶r¤rŠr·rxr¥r²r§r>r±r¦r5rµr¨rIr’rär¶r·Z get_columnZ get_cellsÚ isinstancerZCellRendererTextZ set_sort_funcÚ stripsortrïZunselect_all)rRr‚rªÚcategoryrºÚcolrùrrrrD sÚ zSELinuxGui.tab_changec Cs:| ¡\}}| | ||¡¡}| | ||¡¡}t||ƒSr[)Zget_sort_column_idrr~r) rRrÆZrow1Zrow2Z user_dataZsort_columnr ríZval2rrrr8szSELinuxGui.stripsortcCs’|j |¡}|j |¡}|j ¡|j tdƒ|j |d¡¡t |j|j |d¡¡}|D]$}| |d|d|d|d¡q\| |j¡dS)NzBoolean %s Allow Rulesrr'r&r/Zpermlist)r~råròrêrÌrér™r r}r~rZget_boolean_rulesršÚdisplay_more_detail_initr)rRÚwindowsrVÚitr%rrrrr{£s "zSELinuxGui.display_more_detailcCs0|j ¡}|j |dd|||d |¡f¡dS)Nrzallow %s %s:%s { %s };ú )rêrr²rÁ)rRr'r&Z class_typeZ permissionrƒrrrr;®s z#SELinuxGui.display_more_detail_initcGs”d|_|jtkrJ|j tdƒ|j¡|j tdƒ|j¡| |¡dS|jt kr¼|j tdƒ|j¡|j tdƒ|j¡| |¡|j ¡}|tkrª|j d¡n|j d¡d|_|jtkrö|j td ƒ¡|j td ƒ¡| |¡d|_|jtkr2|j tdƒ¡|j tdƒ¡| |¡d|_|jtkrˆ|j d ¡|j d ¡|j tdƒ¡|j tdƒ¡d|_| |j¡| !¡dS)NFzGAdd Network Port for %s. Ports will be created when update is applied.zAdd Network Port for %szMAdd File Labeling for %s. File labels will be created when update is applied.úAdd File Labeling for %szex: /usr/sbin/Foobarzex: /var/lib/FoobarTzGAdd Login Mapping. User Mapping will be created when Update is applied.zAdd Login MappingzQAdd SELinux User Role. SELinux user roles will be created when update is applied.zAdd SELinux Usersr&zMAdd File Equivalency Mapping. Mapping will be created when update is applied.zAdd SELinux File Equivalency)"rÊr’ržrÍrLr ršrar™Úinit_network_dialogr|rÎr`Úinit_files_dialogrüršr›r^r¨r¦r¯r8Úlogin_init_dialogr§r´r;Úuser_init_dialogr¨rGrHrFrKrÚnew_updatesr©rrrr7²sB zSELinuxGui.add_button_clickedcCs||_| ¡dSr[)r¦r)rRržrrrrÛszSELinuxGui.show_popupcGs|j ¡|j d¡dSr«)r¦rržrÚr•rrrr)ßs zSELinuxGui.close_popupcGsöd}|jr&| ¡}|s&|j d¡dSd|_|jtkr@| |¡|jtkrZ|j tdƒ|j¡|j tdƒ|j¡d|_| |¡d|_d}d}|j ¡}|tkr |j |¡}||_|j |d¡}|j |¡|j |d¡}|dkrú| |j|¡|j |d¡}|dkr | |j|¡|tkr¢|j |¡}||_|j |d¡}|j |¡|j |d¡} | dkr|| |j| ¡|j |d¡}|dkr¢| |j|¡|tkrZ|j |¡}||_|j! |d¡}|j |¡z&|j! |d¡} | "d ¡d "d ¡} Wnt#yYn0|j! |d¡} | dkr:| |j| ¡| d}|dkrZ| |j|¡|jt$krö| %|¡|j& |j' |d¡¡|j( |j' |d¡¡|j) |j' |d¡¡| |j*|j' |d¡¡|j+ tdƒ¡|j, td ƒ¡| -|j,¡|jt.kr|| /|¡|j0 |j1 |d¡¡|j2 |j1 |d¡¡| |j3|j1 |d¡¡|j4 tdƒ¡|j5 tdƒ¡| -|j5¡|jt6krò|j7 | 8|j9 |d¡¡¡|j: | 8|j9 |d¡¡¡|j; tdƒ¡|j< tdƒ¡d|_=| -|j<¡dS)NFTzPModify File Labeling for %s. File labels will be created when update is applied.r?ÚModifyrrrzzr zUModify SELinux User Role. SELinux user roles will be modified when update is applied.zModify SELinux UserszLModify Login Mapping. Login Mapping will be modified when Update is applied.zModify Login MappingzPModify File Equivalency Mapping. Mapping will be created when update is applied.zModify SELinux File Equivalency)>rryrÙrÚrÊr’ržÚmodify_button_network_clickedr|rÎrLr ršr`r™Údelete_old_itemrArüršr›rtròrÝr~r^rèrbrcrœruràrrvrärtr†r§rCr@r<rBrCr?r´r;rr¦rBr2r6r4r1r¯r8r¨rGrrJrHrFrKr¨)rRr‚rƒÚ operationrØrªrVÚftyper2r¿Zget_typerrrr9äs z SELinuxGui.modify_button_clickedcGsB|j |¡}|j |d¡}| |j|¡| |j¡|j ¡dSré) r»rår~rèrbrr`rSr)rRrÚlocr‚rƒrIrrrr=s zSELinuxGui.populate_type_combocCs.|dkrdS| d¡rd}nd}| |¡dS)NZ _script_tZ_tr)Úendswithrt)rRrXZ split_charrrrÚstrip_domainDs zSELinuxGui.strip_domaincCs|D]}| |¡rdSqdS)NTF)Ú startswith)rRr¿Úexclude_listrUrrrÚexclude_typeMs zSELinuxGui.exclude_typecGsÂg}|j d¡| |j¡|j ¡}|j ¡|j ¡| |j ¡}|jD]B}|d |¡rL|d|j krL|d d¡sL| | |d¡¡qL|j ¡zÎtjD]$}|j ¡}|j |dtj|¡q¤|tkrL|jdkrL|j ¡D]D}| |¡r|j ¡}|j |d|¡|j ¡}|j |d|¡qê|j d¡|j d¡n|tkrÜ|jdkrÜ|j ¡D]`} | |¡r°| | |¡s°| |jvr°|j ¡}|j |d| ¡|j ¡}|j |d| ¡ql|j d¡nŒ|tkrh|jdkrht ¡D]`} | |¡rú| |¡r>| | |¡s>|j ¡}|j |d| ¡|j ¡}|j |d| ¡qú|j d¡Wnty†tdƒYn0|j d¡|j d¡|j ¡}|j |dt!dƒ¡dS) NTrZ httpd_sysrFrrrã)"rcrÚrr`rüršrÐrÌrÑrLršr…rMrr»rÚ file_type_strr²r›r r]rkrœrrOr rZget_all_file_typesr†r—rbrerLr )rRr‚rNrªZcompareÚdÚfilesrƒrrrSrrrrASs` * & zSELinuxGui.init_files_dialogcGsî| ¡}|s|j d¡dS|j tdƒ|j¡|j tdƒ|j¡d|_ | |¡d}d}d|_| ¡}|j |d¡}|j |¡|j |d¡}|dkr¬|j d¡n|d krÀ|j d¡|j |d ¡}|dkrä| |j|¡||_ dS)NFzJModify Network Port for %s. Ports will be created when update is applied.zModify Network Port for %srErTrrÚrÞr)ryrÙrÚrÍrLr ršrar™rGr@rÊr}r~r_rÓrkrÔrèrÖ)rRr‚rƒrHrØrrÄr¿rrrrFˆs. z(SELinuxGui.modify_button_network_clickedcGsŒ| |j¡|j ¡}|j ¡|j d¡z,|tkrPt j j|jdddd}n8|t krˆt j j|jdddd}|t j j|jdddd7}g}| ¡D]<}||D].\}}||dd gvr | d ¡rÄq | |¡q q”| ¡| |j¡}|ddkrþ|dd…}|d }d} d} |D]8}| |¡r&| } |j ¡}|j |d|¡| d7} q|j | ¡WntynYn0|j d¡|j d¡dS)Nr&rÚrÛTrÜrÝrÞZport_tZunreserved_port_tZ_typerrQr rrr)rrarýršrÕrÌr_rLrŸrrßràršr r]rKrrrLrMr²rÖrkr†rÓrg)rRr‚rªrÃZ port_typesr^rÇrÈZshort_domainr`Úfoundrƒrrrr@¢sF zSELinuxGui.init_network_dialogcGsJ| |¡}|j ¡dkrFt ¡D]$}||dkr |j | dd¡¡q dS©Nr&rÏr¶)rìr4rørrÓrLr)rRÚcombor‚r×rÕrrrr*Ís z'SELinuxGui.login_seuser_combobox_changecGsJ| |¡}|j ¡dkrFt ¡D]$}||dkr |j | dd¡¡q dSrT)rìrCrørÚ get_all_rolesrLr)rRrUr‚ZserolerÕrrrr+Ôs z%SELinuxGui.user_roles_combobox_changecCsNd}|jsdS|j ¡}|s dS| ¡\}}|rJ| |¡}|rJ|j |¡}|Sr[)rrïrðròr6)rRrƒrór5rrrryÛs zSELinuxGui.get_selected_itercGsb|j d¡| ¡}|dkr,|j d¡dS|j|rD|j|dsHdS|j |j|d¡dS)NFr)rÙrÚryr})rRr‚rƒrrrrészSELinuxGui.cursor_changedcGsj| |j¡|j ¡t ¡}| ¡|D]"}|j ¡}|j |dt |ƒ¡q*|j d¡|j d¡dS©Nrr&) rr8r°rÌrZ get_all_usersrrr²rr2rLr4)rRr‚r˜rÕrƒrrrrBós zSELinuxGui.login_init_dialogcGsj| |j¡|j ¡t ¡}| ¡|D]"}|j ¡}|j |dt |ƒ¡q*|j d¡|j d¡dSrW) rr;r³rÌrrVrrr²rr@rLrC)rRr‚rÑr‡rƒrrrrCþs zSELinuxGui.user_init_dialogc Csj|jrfd| ¡}| ¡z|j |¡Wn2tjjy\}z| |¡WYd}~n d}~00| ¡dS)Nzboolean -m -%d deny_ptrace) rrêrsr“Úsemanager•r–rru)rRÚcheckbuttonÚ update_bufferrUrrrr s zSELinuxGui.on_disable_ptracecs‚|j ¡‰‡fdd„}g}|jtkrd| ¡s8| |j¡S|jD]$}|d|jdvr>| ||ƒ¡q>|jt krì|j ¡}| ¡s¼|tkr”| |j¡S|tkr¨| |j¡S|tkr¼| |j¡S|jD](}|d|df|jdvrÂ| |¡qÂ|jtkrF| ¡s| |j¡S|jD]0}|d|df|jdvr| ||ƒ¡q|jtkr˜| ¡d ksh| ¡S|jD](}|d|jd vrn| ||ƒ¡qn|jtkræ| ¡s¶| ¡S|jD](}|d|jdvr¼| ||ƒ¡q¼|jtkr8| ¡d ks| ¡S|jD](}|d|jdvr| ||ƒ¡q|j ¡|D]6}|j ¡}tdˆƒD]}|j ||||¡q^qFdS) Ncs&g}tdˆƒD]}| ||¡q|Sré)r¶r)róÚlra©rWrrÚdup_rowsz1SELinuxGui.on_show_modified_only..dup_rowrrrrrrTrr!r )r}r·r’rzrêrúršr rr|rüršr›rûrœrürrÿržrár¨rÐr§rÖr¦rÙrÌr¶r²)rRrYr]Zappend_listrórªrƒrarr\rr:sd z SELinuxGui.on_show_modified_onlyc Cs8| d¡}| |d|¡| |d|¡| |d|¡dS©Nrrrrâ) rRrrSrªrHrVZfclassrIrƒrrrÚinit_modified_files_liststoreWs z(SELinuxGui.init_modified_files_liststorecGstdƒdS)Nzrestore to default clicked...r¬r•rrrÚrestore_to_default]szSELinuxGui.restore_to_defaultcGs(| |j¡|j d¡|j d¡dSr«)rEr,r`rÚrar•rrrr`szSELinuxGui.invalid_entry_retrycCsVt|ƒdks|ddkrR|j ¡|j d¡|j d¡|j tdƒ|¡dSdS)Nrr÷FzAThe entry '%s' is not a valid path. Paths must begin with a '/'.T) rr,rr`rÚrar-rLr )rRZ insert_txtrrrÚerror_check_fileses zSELinuxGui.error_check_filescCslz t|ƒ}|dks|dkrt‚WnFtyf|j ¡|j d¡|j d¡|j t dƒ¡YdS0dS)NriFz'Port number must be between 1 and 65536T) ÚintÚ ValueErrorr,rr`rÚrar-rLr )rRrZpnumrrrÚerror_check_networkns zSELinuxGui.error_check_networkcGs2|jr.| |j¡tdƒkr.|j ¡|j ¡dS)Nrã)rrìrbr r`rrSrr•rrrrC{s zSELinuxGui.show_more_typesc Gs| ¡| |j¡}|j ¡}|j ¡}|jr®| ¡}|j |d¡}|j |d¡}|j |d¡}|j |d|¡|j |d|¡|j |d|¡d|||||dœ|jd|<n"|j d¡}d||dœ|jd|<|j |d|¡|j |d|¡|j |d|¡| ¡dS) Nrrrú-m)r½r¶r×ÚoldrangeÚ oldseuserÚoldnamer ú-a)r½r¶r×)r)rìr1r4rør2rÊryr6r~r}r²r\rrD) rRr‚r×Ú mls_rangerÏrƒrhrgrfrrrrs& zSELinuxGui.update_to_loginc Gsj| ¡| |j¡}|j ¡}|j ¡}|j ¡}|jrÚ| ¡}|j |d¡}|j |d¡}|j |d¡} |j |d¡} |j |d|¡|j |d|¡|j |d| ¡|j |d| ¡d|||| | ||dœ|j d|<nD|j d¡}|sð|r d|||d œ|j d|<nd|d œ|j d|<|j |d|¡|j |d|¡|j |d|¡|j |d|¡| ¡dS)Nrrr rre)r½r¶rÒrrfÚoldlevelÚoldrolesrhr!ri)r½r¶rÒr)r½r)r)rìr?rBrørCr@rÊryr<r~r}r²r\rrD)rRr‚rÑrÒrjrÏrƒrhrlrkrfrrrr™s2 " zSELinuxGui.update_to_usercGs¼| ¡|j ¡}|j ¡}|jrl| ¡}| |j |d¡¡}| |j |d¡¡}d|||dœ|j d|<n |j d¡}d|dœ|j d|<|j |d| |¡¡|j |d| |¡¡dS)Nrrre)r½ÚsrcÚoldsrcÚolddestrri©r½rm)r)rHrørGrÊryrr}r²r\rrÍ)rRr‚r3rmrƒrornrrrr¸s zSELinuxGui.update_to_file_equivc Gs0| ¡d|_|j ¡}| |¡r&dS| |j¡}|j ¡}| |j¡}|j r¬| ¡}| |j |d¡¡}| |j |d¡¡}|j |d¡} d|||| dœ|jd||f<n$|j d¡}d|d œ|jd||f<|j |d| |¡¡|j |d| |¡¡|j |d| |¡¡d |_|j d ¡| ¡dS)NTrrrre)r½r¿ÚoldtypeÚoldpathZoldclassrri©r½r¿F)r)r©r^rørarìrbrercrÊryÚunmarkr}r~r²r\rrÍrÏrkrD) rRr‚rVÚsetyperØr2rƒrrÚ oldsetypeZ oldtclassrrrrÇs, zSELinuxGui.update_to_filesc Gs2d|_|j ¡}| |¡rdS|j ¡r.d}nd}| |j¡}|j ¡}|j r´| ¡}| |j |d¡¡}| |j |d¡¡}| |j |d¡¡} d||| ||dœ|jd ||f<n&|j d¡}d ||dœ|jd ||f<|j |d|¡|j |d|¡|j |d|¡d|_|j ¡|j d¡| ¡dS) NTrÚrÞrrrre)r½r¿rØrqÚoldprotocolÚoldportsrri)r½r¿rØF)rªr_rørdrÓrêrìrÖrgrÊryrtr}r~r²r\rrarržrÚrD) rRr‚rÈrÄrurØrƒrxrwrvrrrräs0 " zSELinuxGui.update_to_networkc Gsèd}|j d¡|jtkr–|j ¡|jd}|D]R\}}|||fd}|j ¡}|j |d|¡|j |d|¡|j |d|¡q2| |j ¡dS|jtkr$|j ¡|jd}|D]X\} } || | fd}|j ¡}|j |d| ¡|j |d|¡|j |dt j| ¡qº| |j¡dS|jtkrÖ|j ¡|jd }|D]|}||d } || dd¡}|| d d¡}|j ¡}|j |d|¡|j |d| ¡|j |d|¡|j |d|¡qH| |j¡dS|jtkrh|j ¡|jd}|D]\}||d}|| dd¡}|j ¡}|j |d|¡|j |d|¡|j |d|¡qú| |j¡dS|jtkrä|j ¡|jD]N}|dr„|j ¡}|j |d| |d¡¡|j |d| |d¡¡q„| |j¡dSdS)NZAddFrr¿rrr rr!rr¶r&rÒrr r×r)ržrÚr’ržrrrÌr rr²rrpr|rorrPrmr§rDrrEr¦r9r:r¨rLrJrrM)rRr‚rHZ port_dictrÈrÄrurƒZ fcontext_dictrVr2Z user_dictr!rÑrØrÒZ login_dictr r×rõrrrr8sv z SELinuxGui.delete_button_clickedcGsd| ¡|jtkrJ|jD]0}|drd|ddœ|jd|d|df<q|jtkr|jD]4}|drZd|ddœ|jd|dt|df<qZ|jtkrÐ|j D].}|dr d|d|d d œ|jd|d<q |jt kr|jD]4}|drâd|d|d|ddœ|jd |d<qâ|jtkrX|j D],}|dr*d|ddœ|jd|d<q*| ¡dS)Nrr¾r rsrrrrr)r½rr¶r!)r½r r×r¶r rpr)r)r’ržrrr\r|roÚreverse_file_type_strr§rDr¦r9r¨rLrD©rRr‚ÚdeleterrrrŽDs, & * $ * z!SELinuxGui.on_save_delete_clickedcGs(|jD]}t|d|d|dƒqdSr^)ror—rzrrrÚ!on_save_delete_file_equiv_clicked\s z,SELinuxGui.on_save_delete_file_equiv_clickedcCs||d||d<dSrér)rRrùrVrÆrrrrû`szSELinuxGui.on_toggle_updatecCsTd}|D]F}|d|dkrF|d|dkrF| |¡}| |¡dS|d7}qdS)Nrrr)rårÔ)rRr}rr`rõrƒrrrÚipage_deletecs zSELinuxGui.ipage_deletecCsŠ|sdS|j |¡}|j |¡}| |d¡}| |d| |d¡¡| |d¡}||jdvrl|jd|=nd|i|jd|<| ¡dS)Nrrrr)r~råròr~r²r\rD)rRrùrVrÆrƒrÏrrrrrÿlszSELinuxGui.on_togglecGs| ¡|_|j ¡dSr[)rør›rÚrefilter)rRÚentryr‚rrrr/zs z#SELinuxGui.get_advanced_filter_datacGs| ¡|_|j ¡dSr[)rør›r6r~)rRr<r‚rrrr~s zSELinuxGui.get_filter_datacGs$d|_|j ¡|jdD]®}|jd|d}|j d¡}|j |dd¡|j |dt |¡¡|j |dt|jd|d¡|j |dd¡|j |¡}|j |dt d ƒ|¡|j |dd ¡q|jdD]~\}}|jd||fd}|jd||fd}|j d¡}|j |dd¡|j |d|¡|j |dd¡|d krj|j |dt dƒ|j ¡|dkrŽ|j |dt dƒ|j ¡|dkr²|j |dt dƒ|j ¡|j |¡}|j |dd ¡|j |dt dƒ|¡|j |¡}|j |dd ¡|j |dt dƒtj|¡|j |¡}|j |dd ¡|j |dt dƒ|¡qÔ|jdD]z\} } |jd| | fd}|j d¡}|j |dd¡|j |d|¡|j |dd¡|d krà|j |dt dƒ|j ¡|dkr|j |dt dƒ|j ¡|dkr(|j |dt dƒ|j ¡|j |¡}|j |dt dƒ| ¡|j |dd ¡|j |¡}|j |dt dƒ| ¡|j |dd ¡|jd| | fd}|j |¡}|j |dd ¡|j |dt dƒ|¡q`|jdD]r}|jd|d}|j d¡}|j |dd¡|j |d|¡|j |dd¡|d krZ|j |dt dƒ¡|dkrx|j |dt dƒ¡|dkr–|j |dt dƒ¡|j |¡}|j |dt d ƒ|¡|j |dd ¡|j |¡}|j |dd ¡|jd|d!}|j |dt d"ƒ|¡|jd| d#d$¡} |j |¡}|j |dd ¡|j |dt d%ƒ| ¡qè|jd&D]r}|jd&|d}|j d¡}|j |dd¡|j |d|¡|j |dd¡|d krÚ|j |dt d'ƒ¡|dkrø|j |dt d(ƒ¡|dkr|j |dt d)ƒ¡|j |¡}|j |dd ¡|j |dt d*ƒ|¡|j |¡}|j |dd ¡|jd&|d+}|j |dt d,ƒ|¡|jd&| d#d$¡} |j |¡}|j |dd ¡|j |dt d%ƒ| ¡qh|jd-D](}|jd-|d}|j d¡}|j |dd¡|j |d|¡|j |dd¡|d krZ|j |dt d.ƒ¡|dkrx|j |dt d/ƒ¡|dkr–|j |dt d0ƒ¡|j |¡}|j |dd ¡|j |dt d1ƒ|¡|j |¡}|j |dd ¡|jd-|d2}|j |dt d3ƒ|¡qè| |j¡dS)4NTrr½rrrrr zSELinux name: %sFrr¿rizAdd file labeling for %sr¾zDelete file labeling for %srezModify file labeling for %sz File path: %szFile class: %szSELinux file type: %srzAdd ports for %szDelete ports for %szModify ports for %szNetwork ports: %szNetwork protocol: %sr!zAdd userzDelete userzModify userzSELinux User : %srz Roles: %sr¶r&zMLS/MCS Range: %sr zAdd login mappingzDelete login mappingzModify login mappingzLogin Name : %sr×zSELinux User: %srzAdd file equiv labeling.zDelete file equiv labeling.zModify file equiv labeling.zFile path : %srmzEquivalence: %s)rrÉrÌr\rr²rr#r½r ršrPrrr[)rRr‚ZboolsrHrƒrçrVr2rurrÄr!rÑrØr r×rmrrrÚ update_gui„sô " zSELinuxGui.update_guicCsL|j ¡r|j|_|j ¡r$|j|_|j ¡r6|j|_|j ¡rH|j|_dSr[)rërêrìrÞrîrår„rrrÚset_active_application_button s z(SELinuxGui.set_active_application_buttonTcCs~|j ¡|j d¡|j d¡|j d¡|j d¡|j d¡|j d¡|j d¡|j d¡|rz|j d¡dS)NFr&) rŸrrër¾rÞrårîr¶r·r²r±r†rL)rRrÌrrrrN s zSELinuxGui.clearbuttonscCsP| ¡|j d¡|j d¡|j tdƒ¡|j d¡| ¡| ¡dS)NTZSystem) rNr¶r¾r·r+rKr rkrDr r„rrrrJ" szSELinuxGui.show_system_pagecGsX| ¡| ¡|j d¡|j tdƒ¡| ¡| ¡|j d¡|j d¡dS)NTzFile Equivalence)rNrÐrµrkr+rKr rDr rËrÚrÌr•rrrr$+ szSELinuxGui.show_file_equiv_pagecCsx| ¡|j d¡|j d¡|j tdƒ¡|j d¡| ¡| ¡| ¡| ¡|j d¡|j d¡dS)NTZUsers)rNr±r¾r²r+rKr rkrDrÖrÙr rËrÚrÌr„rrrÚshow_users_page5 szSELinuxGui.show_users_pagecCsZ| d¡|j d¡|j d¡|j d¡|j d¡|j d¡| ¡| ¡dS©NFT) rNrër¾rÞrårîrkrDr r„rrrrMB s z!SELinuxGui.show_applications_pagecGs| ¡dSr[)rJr•rrrr%L szSELinuxGui.system_interfacecGs| ¡dSr[)r‚r•rrrr&O szSELinuxGui.users_interfacec Gsêg}d}|j ¡}| ¡dkr’|jD]T}|j |¡}|j |¡}|j |¡}|dkr$|j |d¡dkrp| |¡|d7}q$|D]}|j |¡q~nT|jdkræ|j ¡|t kr¼| |j¡n*|tkrÒ| |j¡n|tkræ| |j¡dS)NrTrFr)rüršrêr}r5råròr6r~rrÔršrÌr›rûrœrürrÿ) rRrYr‚Ziterlistr`rªrõrƒZitersrrrr'R s, z SELinuxGui.show_mislabeled_filescCspt |¡d d¡d}t |d¡d d¡d}|jtdƒ|||dœddtjjkrl|j |¡| ¡dS) NrrrrzbRun restorecon on %(PATH)s to change its type from %(CUR_CONTEXT)s to the default %(DEF_CONTEXT)s?)ÚPATHZCUR_CONTEXTZDEF_CONTEXTzrestorecon dialog)Útitle)r£rrtrÚverifyr rÚResponseTypeZYESr“Z restoreconr6)rRrVrrrrrrk s &zSELinuxGui.fix_mislabeledcGs$|j | ¡¡|j | ¡¡dSr[)rÊrÚr"r r•rrrrDr szSELinuxGui.new_updatescGsF| ¡| ¡tdƒk|_|jr2|j tdƒ¡n|j tdƒ¡dS)NZUpdatezUpdate ChangeszRevert Changes)r€Ú get_labelr rr[r™©rRrr‚rrrr.v s z#SELinuxGui.update_or_revert_changescGsb| ¡|jr| ¡n| ¡d|_| |j ¡¡d|_| ¡| ¡| ¡|j ¡dSrƒ) r)rÚupdate_the_systemÚrevert_datarrFr“r”r#r6rDrÉrÌr•rrrr-~ s z%SELinuxGui.apply_changes_button_pressc Gsn| ¡| ¡}| ¡z|j |¡Wn0tjjyX}zt|ƒWYd}~n d}~00| ¡| ¡dSr[) r)Ú format_updatersr“rXr•r–r—rur™)rRr‚rZrUrrrrŠŒ szSELinuxGui.update_the_systemcCs2ddddddœ}|D]}||kr||SqdS)Nrrr)zExecutable FileszWritable FileszApplication File TypeZInboundZOutboundZBooleansr)rRÚlookupZipage_valuesÚvaluerrrÚipage_value_lookup— s zSELinuxGui.ipage_value_lookupcCs4| d¡d}| d¡d}|dkr,||_n|SdS)Nz: rrzSELinux name)rtZbool_revert)rRZ attributeZbool_idrrrÚget_attributes_updatež s z SELinuxGui.get_attributes_updatec Csf| ¡d}|jD]L}|dvrN|j|D]"}|d|j||d|f7}q*|dvr|j|D]¨}|j||ddkrŠ|d|7}qbd |j||vrÜ|d |j||d|j||d|j||d |f7}qb|d|j||d|j||d|f7}qb|d vrô|j|D]Ò}|j||ddkrJ|d|7}n¦d|j||vrÂd |j||vrÂ|d|j||d|j||d|j||d |j||d|f7}n.|d|j||d|j||d|f7}q |dvrd|j|D]Z}|j||ddkr2|d|7}n.|d|j||d|j||d|f7}q|dvrä|j|D]j}|j||ddkr¢|d|7}n>|d|j||d|j||d|j||d|f7}qx|dvr|j|D]h\}}|j|||fddkr,|d||f7}n0|d|j||d|j||d||f7}qöq|S)Nr&rzboolean -m -%d %s rr r½r¾zlogin -d %s r¶zlogin %s -s %s -r %s %s r×zlogin %s -s %s %s r!zuser -d %s rÒzuser %s -L %s -r %s -R %s %s rzuser %s -R %s %s rzfcontext -d %s zfcontext %s -e %s %s rmrzfcontext %s -t %s -f %s %s r¿r/rzport -d -p %s %s zport %s -t %s -p %s %s )r‹r\) rRrZr^rr[rÕrÎrrÄrrrrŒ¦ sH @0 (P2 2 B6zSELinuxGui.format_updatecCsXd}g}d}|jD]$}|j|ds.| |¡|d7}q| ¡|D]}| |¡qDdS)Nrr&r)rÉrÚreverserc)rRr`Zremove_listrZrõrrrr‹Õ s zSELinuxGui.revert_datacGsN| ¡tdk}|r$| td¡n| td¡|j |¡|j |¡dSr_)røÚADVANCED_LABELrLrºr¾rU©rRÚlabelr‚ZadvancedrrrrBá sz!SELinuxGui.reveal_advanced_systemcGsf| ¡tdk}|r$| td¡n| td¡|j |¡|j |¡|j |¡|j |¡dSr_)rør’rLrdr¾rerfrgr“rrrrê szSELinuxGui.reveal_advancedcGsF| ¡tdkr(| td¡| ¡n| td¡| |j¡dSrî)røÚADVANCED_SEARCH_LABELrLr)rr.)rRr”r‚rrrrõ s z)SELinuxGui.on_show_advanced_search_windowcCsJ|r&|j |jtdƒ¡|j d¡n |j |jtdƒ¡|j d¡dS)NzSystem Status: EnforcingTzSystem Status: Permissive)rˆrfrør rörkr÷)rRrŽrrrrhý s zSELinuxGui.set_enforce_textcCs,|js dS|j | ¡¡| | ¡¡dSr[)rr“Z setenforcerêrh©rRrrrrr szSELinuxGui.set_enforcecGs`|j ¡}|dkrdSd|_|j ¡|j |¡|jdkrH| |¡n|jdkr\| |¡dS)NFÚImportÚExport) r¬Úget_filenamer¨rr^rLr§Ú import_configÚ export_config)rRr‚r.rrrr s zSELinuxGui.on_browse_selectcGsX|j ¡}|j ¡r0| d¡sT|j |d¡n$| d¡rT| d¡d}|j |¡dS)Nú(/.*)?r)r^rørÏrêrKrLrt)rRr‚rVrrrr s zSELinuxGui.recursive_pathcGs"| ¡}|jr| d¡d|_dS©Nr&F)rør¨rL)rRZ entry_objr‚Ztxtrrrr! s zSELinuxGui.highlight_entry_textcCsv| ¡}|dkrdS| d¡r*|j d¡tjD]@}| |¡r0|jD]*}|d tj|¡rD| |j |d¡qDq0dS)Nr&rœTr) rørKrÏrkrZDEFAULT_DIRSrMrÐrèrb)rRrÚtextrQrÇrrrr' s z#SELinuxGui.autofill_add_files_entrycGs&|j d¡|_|j ¡}|j ¡}dSr“)rèZget_colZboolean_column_1Z get_widthZget_cell_renderers)rRr‚ÚwidthZrendererrrrr53 s zSELinuxGui.resize_columnscGs|j ¡dSr[)r¬rr•rrrr(8 szSELinuxGui.browse_for_filescGs|j ¡dSr[)r¬rr•rrrr,; szSELinuxGui.close_config_windowcGsl|j|j ¡krdS| tdƒ¡tjjkr<|j |j¡dS|j | |j¡¡|j d¡|j ¡|_dS)NzºChanging the policy type will cause a relabel of the entire file system on the next boot. Relabeling takes a long time depending on the size of the file system. Do you wish to continue?T) r³rUrêr†r rr‡ÚNOrkr“r?rìÚrelabel_on_bootr•rrrr?> sz SELinuxGui.change_default_policycCs4|js dS| |¡| ¡r0|j | ¡ ¡¡dSr[)rÚenabled_changedrêr“r@rˆrr–rrrr@J s zSELinuxGui.change_default_modecGs0|j tjj¡|j d¡|j ¡d|_dS)NzImport Configurationr—)r¬Ú set_actionrÚFileChooserActionZOPENr™rr§r•rrrr;Q s zSELinuxGui.import_config_showcGs0|j tjj¡|j d¡|j ¡d|_dS)NzExport Configurationr˜)r¬r£rr¤ZSAVEr™rr§r•rrrr<X s zSELinuxGui.export_config_showcCs:| ¡|j ¡}t|dƒ}| |¡| ¡| ¡dS)NÚw)rsr“r”r‹rrru)rRr.r‘rrrrr›^ s zSELinuxGui.export_configcCsRt|dƒ}| ¡}| ¡| ¡z|j |¡WntyDYn0| ¡dS)Nr‡)r‹rŒrrsr“rXreru)rRr.rr‘rrrršf s zSELinuxGui.import_configcCsV|||f|vri||||f<||f||||fvrR||| | dœ||||f||f<dS)N)r¿rØÚchangedÚoldr)rRrYrSrªrHrÚqrIrØr¦r§rrrÚinit_dictionaryq szSELinuxGui.init_dictionarycCs*| d¡d}|dkrdS|dkr&dSdS)Nú-rÚ0FÚ1T)rt)rRrrrrÚtranslate_boolw s zSELinuxGui.translate_boolc Gsv|j ¡}tj d¡}|r"|r"dS|s.|s.dSz|j |¡Wn2tjjyp}z| |¡WYd}~n d}~00dS)Nrd) r¸rêrirVrjr“r¡r•r–r)rRr‚rrjrUrrrrA~ s zSELinuxGui.relabel_on_rebootcGs | ¡|j d¡|j d¡|j|krV| |j¡| |j ¡t dƒkrV|j d¡|j|kr†|jrt| |j¡n|j r†| |j¡|j ¡sš|j ¡râ|j d¡|j d¡|j d¡|j d¡|j d¡|j d¡|j ¡tdkr|j td¡dS)NFTrãrr)rrÏrkržrÚrSrr`rìrbr r,r©rªrardZget_visiblerfrÒr¾rer×rgr*rør•rL)rRržr‚rrrrE‹ s, zSELinuxGui.closewindowcCs|j ¡ |j¡| ¡dSr[)ržÚ get_windowÚ set_cursorr¡r r„rrrrs£ szSELinuxGui.wait_mousecCs|j ¡ |j¡| ¡dSr[)ržr®r¯r¢r r„rrrru§ szSELinuxGui.ready_mouser&cCsNt ddtjjtjj|¡}| |¡| tjj ¡| ¡| ¡}| ¡|Sré) rÚ MessageDialogÚMessageTypeÚINFOÚButtonsTypeZYES_NOr™Úset_positionÚWindowPositionÚMOUSEÚshow_allÚrunÚdestroy)rRÚmessager…ÚdlgÚrcrrrr†« sþ zSELinuxGui.verifycCsDt ddtjjtjj|¡}| tjj¡| ¡| ¡| ¡dSré)rr°r±ZERRORr³ZCLOSEr´rµr¶r·r¸r¹)rRrºr»rrrr¶ sþzSELinuxGui.errorcCs†| ¡sdS| ¡}|dkrH|jtkrH| tdƒ¡tjjkrH|j d¡|dkr||jtkr|| tdƒ¡tjjkr||j d¡||_ dS)Nrpa…Changing to SELinux disabled requires a reboot. It is not recommended. If you later decide to turn SELinux back on, the system will be required to relabel. If you just want to see if SELinux is causing a problem on your system, you can go to permissive mode which will only log errors and not enforce SELinux policy. Permissive mode does not require a reboot. Do you wish to continue?Tz½Changing to SELinux enabled will cause a relabel of the entire file system on the next boot. Relabeling takes a long time depending on the size of the file system. Do you wish to continue?)rêrˆrrr†r rr‡r r®rk)rRZradior”rrrr¢¿ szSELinuxGui.enabled_changedcGs|j d¡|j d¡dSr)r‰rLrôrkr•rrrr#Ì szSELinuxGui.clear_filterscGsB|js dS| ¡|j ¡r*|j d¡n|j d¡| ¡dS)Nzmodule -e unconfinedzmodule -d unconfined)rrsrÃrêr“rXrur•rrrr=Ð s zSELinuxGui.unconfined_togglecGsB|js dS| ¡|j ¡r*|j d¡n|j d¡| ¡dS)Nzmodule -e permissivedomainszmodule -d permissivedomains)rrsrÅrêr“rXrur•rrrr>Ú s zSELinuxGui.permissive_togglecGs:t|jƒdkr.| tdƒtdƒ¡tjjkr.dS| ¡dS)Nra0You are attempting to close the application without applying your changes. * To apply changes you have made during this session, click No and click Update. * To leave the application without applying your changes, click Yes. All changes that you have made during this session will be lost.zLoss of data DialogT)rrÉr†r rr‡r r˜r‰rrrr!ä szSELinuxGui.confirmation_closecGst d¡dSré)ÚsysÚexitr•rrrr˜ê szSELinuxGui.quit)NF)T)r&)’Ú__name__Ú __module__Ú__qualname__rZr™rcrGrxr"r rór’r3r4r2r rrrÂr½r®rÉrÐrÖrÙrárÂrèrìrrr1r0rör6rPrFrûrrrürrÍrrÿr"rúr$rýr(rþr,rr0rDr8r{r;r7rr)r9rrLrOrArFr@r*r+ryrrBrCrr:r_r`rrardrCrrrrrr8rŽr|rûr}rÿr/rr€rrNrJr$r‚rMr%r&r'rrDr.r-rŠrrrŒr‹rBrrrhr rrrrr5r(r,r?r@r;r<r›ršr©rrArErsrur†rr¢r#r=r>r!r˜rrrrr%ts( @ B* })Y 5+ D A / r%Ú__main__)AZgiZrequire_versionZ gi.repositoryrrrZsepolicy.sedbusrr½rr£rrrZsepolicy.networkZsepolicy.manpager“rirÚunicodedataZPROGNAMEÚgettextÚkwargsÚversion_infoÚtranslationrÇr ÚbuiltinsrÚ__dict__ÚImportErrorZ__builtin__r ryrPrÎr r½rrœr’r•rŸr r¡r¢r£r›rœrrzr|ržr€r¦r§r¥r¤r¨r‘r]rgr%r¿r–rrrrÚs² ÿþý