404

[ Avaa Bypassed ]

Upload:

Command:

elspacio@18.225.98.190: ~ $ 
3

El�f�@s(ddlZejdd�ddlmZddlmZddlmZddlmZddlZddl	Z	ddl
Z
ddl
mZmZm
Z
ddlZ	ddlZ	ddlZddlZddlZddlZd	Zy:ddlZiZejd0kr�ded<ejefd
dd�e��WnLyddlZeejd<Wn(ek
�r$ddlZeejd<YnXYnXiZxe	j D]Z!e!ee	j e!<�q8We"d�e"d�gZ#e"d�e"d�gZ$dd�Z%ddl&Z'e"d�e"d�fZ(e"d�e"d�fZ)dZ*dZ+dZ,dZ-dZ.dZ/dZ0dZ1dZ2dZ3dZ4d
Z5dZ6dZ7dZ8d Z9d!Z:d"Z;d#d$d%d&d'd(d)d*d+g	Z<e"d,�Z=Gd-d.�d.�Z>e?d/k�r$e>�Z@dS)1�N�Gtkz3.0)r)�Gdk)�GLib)�SELinuxDBus)�DISABLED�
PERMISSIVE�	ENFORCINGzselinux-python�T�unicodez/usr/share/localezutf-8)Z	localedirZcodeset�_ZNoZYesZDisableZEnablecCs<|dkr|dkrdS|dkr dS|dkr,dS||k||kS)Nr�����)�a�brr�/usr/lib/python3.6/gui.py�cmpFsrzAdvanced >>zAdvanced <<zAdvanced Search >>zAdvanced Search <<r�������	�boolean�fcontextzfcontext-equiv�port�login�user�module�node�	interfacez�<small>
To change from Disabled to Enforcing mode
- Change the system mode from Disabled to Permissive
- Reboot, so that the system can relabel
- Once the system is working as planned
  * Change the system mode to Enforcing</small>
c@s�eZdZ�d%dd�Zdd�Zdd�Zd	d
�Zdd�Zd
d�Zdd�Z	dd�Z
dd�Zdd�Zdd�Z
dd�Zdd�Zdd�Zdd �Zd!d"�Zd#d$�Zd%d&�Zd'd(�Zd)d*�Zd+d,�Zd-d.�Zd/d0�Zd1d2�Zd3d4�Zd5d6�Zd7d8�Zd9d:�Zd;d<�Zd=d>�Z d?d@�Z!dAdB�Z"dCdD�Z#dEdF�Z$dGdH�Z%dIdJ�Z&dKdL�Z'dMdN�Z(dOdP�Z)dQdR�Z*dSdT�Z+dUdV�Z,dWdX�Z-dYdZ�Z.d[d\�Z/d]d^�Z0d_d`�Z1dadb�Z2dcdd�Z3dedf�Z4dgdh�Z5didj�Z6dkdl�Z7dmdn�Z8dodp�Z9dqdr�Z:dsdt�Z;dudv�Z<dwdx�Z=dydz�Z>d{d|�Z?d}d~�Z@dd��ZAd�d��ZBd�d��ZCd�d��ZDd�d��ZEd�d��ZFd�d��ZGd�d��ZHd�d��ZId�d��ZJd�d��ZKd�d��ZLd�d��ZMd�d��ZNd�d��ZOd�d��ZPd�d��ZQd�d��ZRd�d��ZSd�d��ZTd�d��ZUd�d��ZVd�d��ZWd�d��ZXd�d��ZYd�d��ZZd�d��Z[d�d��Z\d�d��Z]d�d��Z^d�d��Z_d�d��Z`d�d��Za�d&d�dÄZbd�dńZcd�dDŽZdd�dɄZed�d˄Zfd�d̈́Zgd�dτZhd�dфZid�dӄZjd�dՄZkd�dׄZld�dلZmd�dۄZnd�d݄Zod�d߄Zpd�d�Zqd�d�Zrd�d�Zsd�d�Ztd�d�Zud�d�Zvd�d�Zwd�d�Zxd�d�Zyd�d�Zzd�d��Z{d�d��Z|d�d��Z}d�d��Z~d�d��Zd�d��Z��d�d�Z��d�d�Z��d�d�Z��d�d�Z��d�d	�Z��d
�d�Z��d�d
�Z��d�d�Z��d�d�Z��d�d�Z��d'�d�d�Z��d�d�Z��d�d�Z��d�d�Z��d�d�Z��d�d �Z��d!�d"�Z��d#�d$�Z�dS((�
SELinuxGuiNFcQCsd|_d|_t|_t�|_y|jj�}Wn6tjjk
r^}zt	|�|j
�WYdd}~XnX|j�||_d|_
tj�}tjjdd�d|_|jd}|j|�|jd�|_|jd�|_|jd	�|_|jd
�|_d|_|jd�|_|jd
�|_tjtjj �|_!tjtjj"�|_#t$j%�d|_&d|_'d|_(d|_)d|_*d|_+d|_,g|_-g|_.i|_/|jd�|_0|jd�|_1|jd�|_2d|_3|jd�|_4|jd�|_5|j5j6|j7�|jd�|_8|jd�|_9|jd�|_:d|_;|jd�|_<|jd�|_=|jd�|_>|jd�|_?|jd�|_@|jd�|_A|jd�|_B|jd�|_C|jd�|_D|jDjEdtjFjG�|jd �|_H|jHj6|j7�|jd!�|_I|jd"�|_J|jd#�|_K|jd$�|_L|jd%�|_M|jd&�|_N|jNjEdtjFjG�|jd'�|_O|jOj6|j7�|jd(�|_P|jd)�|_Q|jd*�|_R|jd+�|_S|jd,�|_T|jd-�|_U|jd.�|_V|jd/�|_W|jd0�|_X|jd1�|_Y|jd2�|_Z|jd3�|_[|jd4�|_\|jd5�|_]|jd6�|_^|jd7�|__|jd8�|_`|j`jEdtjFjG�|jd9�|_a|jd:�|_b|jbj6|j7�|jd;�|_c|jd<�|_d|jd=�|_e|jd>�|_f|jd?�|_g|jd@�|_h|jdA�|_i|jdB�|_j|jdC�|_k|jdD�|_l|jdE�|_m|jdF�|_n|jdG�|_o|jdH�|_p|jdI�|_q|jdJ�|_r|jdK�|_s|jdL�|_tg|_u|jv�dMk�r�|jkjwd�|jmjwd�|jtjwd�|jdN�|_x|jdO�|_y|jdP�|_z|j{�|jdQ�|_||jdR�|_}|jdS�|_~|jdT�|_|jdU�|_�|jdV�|_�|jdW�|_�|jdX�|_�|jdY�|_�|jdZ�|_�|jd[�|_�|jd\�|_�|jd]�|_�|jd^�|_�|jd_�|_�|jd`�|_�|jda�|_�|jdb�|_�|jdc�|_�|jdd�|_�|jde�|_�|jdf�|_�|jdg�|_�|jdh�|_�|jdi�|_�|jdj�|_�|jdk�|_�|jdl�|_�|jdm�|_�|jdn�|_�|jdo�|_�|jdp�|_�|jdq�|_�|jdr�|_�|jds�|_�|jdt�|_�|jdu�|_�|jdv�|_�|jdw�|_�|jdx�|_�|jdy�|_�|jdz�|_�|jd{�|_�|jd|�|_�|jd}�|_�|jd~�|_�|j�j�d�|jd�|_�|jd��|_�|jd��|_�|jd��|_�|jd��|_�|jd��|_�|jd��|_�|jd��|_�|jd��|_�|jd��|_�|jd��|_�|jd��|_�|j�j6|j7�|jd��|_�|j�j��|_�|jd��|_�|j�jEdtjFjG�|jd��|_�|j�j��|_�|jd��|_�|jd��|_�|j�jEdtjFjG�|jd��|_�|j�j6|j7�|jd��|_�|j�j��|_�|jd��|_�|jd��|_�|j�j6|j7�|jd��|_�|j�j��|_�|jd��|_�|j�jEdtjFjG�|jd��|_�|j�j��|_�|jd��|_�|j�j��|_�|jd��|_�|jd��|_�|j�jEdtjFjG�|jd��|_�|j�j6|j7�|jd��|_�|j�j��|_�|jd��|_�|jd��|_�|j�jEdtjFjG�|jd��|_�|j�j6|j7�|jd��|_�|j�j��|_�|jd��|_�|jd��|_�|j�jEdMtjFjG�|jd��|_�|j�j6|j7�|jd��|_�|jd��|_�|jd��|_�|jd��|_�|j�|_�|j�j��|_�|jd��|_�|jd��|_�|j�jEdtjFjG�|jd��|_�|j�j6|j7�|jd��|_�|j�j��|_�|jd��|_�|j�j��|_�|jd��|_�|jd��|_�|j�jEdMtjFjG�|jd��|_�|j�j6|j7�|jd��|_�|j�j��|_�|jd��|_�|jd��|_�|j�jEdtjFjG�|jd��|_�|j�j6|j7�|jd��|_�|j�j��|_�|jd��|_�|jd��|_�|jd��|_�|jd��|_�|j�j�d�|j�j�d�|j�j�|j�d�|j�j�|j�|j�j�dtj��|jd��|_�|jd��|_�|jd��|_�|jd��|_�|jd��|_�|j�j�d��|_�|jd��|_�|jd��|�_|jd��|�_|jd��|�_|jd��|�_|�j�jd�|�j|j��|jdÃ|�_|�j�jd�|�j|jc�|jdă|�_|�j�jd�|�j|jY�|jdŃ|�_|�j�jd�|�j|jJ�|jdƃ|�_	|�j	�jd�|�j|j��|jdǃ|�_
|jd�|_|jdȃ|�_|jdɃ|�_|jdʃ|�_
|jd˃}|�j
�jd�|�j|j��g|�_|�j�jd�|�j|jԃd|�_d}|�rd�d�g|_-|�r$||j-k�r$|j-�j|�n�t�j�|_-|j-�j�t�jd΍|�rj||j-k�rj|�j�tdσ|�|j
�|�j��t|j-�}	�t�j�}
x�|j-D]�}|�j||��t�t|�j��t|	��|�_|j��j|�j�|j��j |�j�|�j!�xH|
�j"|g�D]6}�t�j#|�}|�r|�j||�|j.�j|��qW|�jd7�_�q�W|�j$�|j�j%|j�|j:�j%|j8�|�j&|�j'|�j(|�j)|�j*|�j+|�j,|�j-|�j.|�j/|�j0|�j1|�j2|�j3|�j4|�j5|�j6|�j7|�j8|�j9|�j:|�j;|�j<|�j=|�j>|�j?|�j@|�jA|�jB|�jC|�jD|�jE|�j1|�jF|�jG|�jH|�jI|�jJ|�jJ|�jK|�jL|�jM|�jN|�jO|�jP|�jQ|�jR|�jS|�jT|�jU|�jV|�jH|�jW|�jX|�jY|�jZ|�j[|�j\|�j\|�j\|�j]|�j^|�j_|j7|�j`|�jadМB}
|�jb|�|�jc|
�|j�j��td�jed�|�jf�|�jf�d|�_g|�j�j$�|�j�j$�|�jh�tik�r�|�jj�nV|j�r�|j�jk|j�|j�jl|j�|�jm�|�j`�n|�jn�|j�jot�|�jp�d|_t�jq�dS)�NFT�)Z
plat_specificz
/sepolicy/zsepolicy.glade�outer_notebookZSELinux_windowZMain_selection_menu�main_advanced_labelr�applications_selection_buttonZ
Revert_buttonrZadd_path_dialog�error_check_window�error_check_label�advanced_search_windowZadvanced_filterZ
advanced_sort�advanced_filter_entry�advanced_search_treeviewZLogin_label�login_seuser_comboboxZlogin_seuser_liststore�login_name_entry�login_mls_label�login_mls_entryZLogin_button�login_treeview�login_liststore�login_filter�login_popup_window�login_delete_liststore�login_delete_window�user_popup_windowZUser_button�user_liststore�user_filter�
user_treeview�user_roles_comboboxZuser_roles_liststoreZ
User_label�user_name_entry�user_mls_label�user_mls_level_entry�user_mls_entryZselinux_user_combobox�user_delete_liststore�user_delete_window�file_equiv_label�file_equiv_source_entry�file_equiv_dest_entryZfile_equiv_button�file_equiv_treeview�file_equiv_liststore�file_equiv_popup_windowZfile_equiv_filter�file_equiv_delete_liststore�file_equiv_delete_window�app_system_buttonZ
System_buttonZLockdown_buttonZSystems_boxZRelabel_buttonZRelabel_button_no�advanced_system�outer_notebook_frameZsystem_policy_type_label�select_button_browse�cancel_button_browse�moreTypes_window_filesZmore_types_file_liststoreZmoreTypes_treeview_files�system_policy_type_liststore�system_policy_type_comboboxrZEnforcing_button_defaultZPermissive_button_defaultZDisabled_button_defaultZenable_unconfinedZdisable_unconfinedZenable_permissiveZdisable_permissiveZ
enable_ptraceZdisable_ptrace�help_windowZ
help_textv�	info_text�
help_image�forward_button�back_button�
update_window�update_treeviewZUpdate_treestore�apply_buttonZ
Update_buttonZ
Add_buttonZ
Delete_button�files_path_entry�network_ports_entry�files_popup_window�network_popup_windowZ
Network_labelZfiles_labelZmake_path_recursiveZfiles_type_combo_storeZfiles_class_combo_store�files_type_combobox�files_class_combobox�files_mls_label�files_mls_entryZAdvanced_text_filesZcancel_delete_filesZ
tcp_buttonZ
udp_buttonZnetwork_type_combo_storeZnetwork_type_combobox�network_mls_label�network_mls_entryZAdvanced_text_networkZcancel_network_deleteZShow_mislabeled_files�mislabeled_files_label�
warning_filesZ
Modify_button�fix_label_window�fixlabel_label�fix_label_cancel�files_delete_window�files_delete_treeview�files_delete_liststore�network_delete_window�network_delete_treeview�network_delete_liststore�progress_barZExecutable_files_treeview�executable_files_filterZExecutable_files_tabZexecutable_files_treestoreZfiles_buttonZWritable_files_treeviewZwritable_files_treestore�writable_files_filterZWritable_files_tabZApplication_files_treeview�application_files_filterZApplication_files_tabZapplication_files_treestoreZnetwork_buttonZoutbound_treeview�network_out_liststore�network_out_filter�network_out_tabZinbound_treeview�network_in_liststore�network_in_filter�network_in_tabZBoolean_treeview�boolean_liststore�boolean_filterZbooleans_more_detail_windowZbooleans_more_detail_treeviewZbooleans_more_detail_liststoreZBooleans_button�transitions_into_treeview�transitions_into_liststore�transitions_into_filterZTransitions_into_tabZTransitions_button�transitions_from_treeview�transitions_from_treestore�transitions_from_filterZTransitions_from_tabZfile_transitions_treeviewZfile_transitions_liststoreZfile_transitions_filterZfile_transitionsZcombobox_org�application_liststore�completion_entry�entrycompletion_objZShow_modified_only_toggleZEnforcing_labelZEnforcing_buttonZPermissive_button�
status_barzSELinux status�filter_entry�
filter_box�add_modify_delete_boxZactivateZfiles_toggle_deleteZtoggledZfile_equiv_toggle_delete1Zuser_toggle_deleteZlogin_toggle_deleteZnetwork_toggle_deleteZ
toggle_updateZfiles_inner_notebookZnetwork_inner_notebookZtransitions_inner_notebook�loading_guiZhttpd_tZabrt_t)�keyz%s is not a valid domain)BZon_combo_button_clickedZon_disable_ptrace_toggledZ!on_SELinux_window_configure_eventZ%on_entrycompletion_obj_match_selectedZon_filter_changedZ"on_save_changes_file_equiv_clickedZon_save_changes_login_clickedZon_save_changes_user_clickedZon_save_changes_files_clickedZon_save_changes_network_clickedZ)on_Advanced_text_files_button_press_eventZitem_in_tree_selectedZ2on_Application_file_types_treeview_configure_event�on_save_delete_clickedZ)on_moreTypes_treeview_files_row_activatedZon_retry_button_files_clickedZon_make_path_recursive_toggledZ&on_files_path_entry_button_press_eventZon_files_path_entry_changedZon_select_type_files_clickedZon_choose_fileZon_Enforcing_button_toggledZon_confirmation_closeZon_column_clickedZ
on_tab_switchZon_file_equiv_button_clickedzon_app/system_button_clickedzon_app/users_button_clicked�on_show_advanced_search_windowZ on_Show_mislabeled_files_toggledZon_Browse_button_files_clickedZon_cancel_popup_clickedZon_treeview_cursor_changedZ on_login_seuser_combobox_changedZon_user_roles_combobox_changedZon_cancel_button_browse_clickedZon_apply_button_clickedZon_Revert_button_clickedZon_Update_button_clickedZ on_advanced_filter_entry_changedZ)on_advanced_search_treeview_row_activatedZ!on_Select_advanced_search_clickedZ!on_info_button_button_press_eventZon_back_button_clickedZon_forward_button_clickedZ#on_Boolean_treeview_columns_changedZon_completion_entry_changedZon_Add_button_clickedZon_Delete_button_clickedZon_Modify_button_clickedZon_Show_modified_only_toggledZon_cancel_button_config_clickedZon_Import_button_clickedZon_Export_button_clickedZon_enable_unconfined_toggledZon_enable_permissive_toggledZ&on_system_policy_type_combobox_changedZ#on_Enforcing_button_default_toggledZ$on_Permissive_button_default_toggledZ"on_Disabled_button_default_toggledZon_Relabel_button_toggled_cbZ%on_advanced_system_button_press_eventZon_files_type_combobox_changedZon_filter_row_changedZon_button_toggledZ
gtk_main_quitr(r�finish_initZ
advanced_init�
START_PAGE�opager�dbus�
customized�
exceptions�
DBusException�print�quit�init_cur�application�
filter_txtrZBuilder�	distutils�	sysconfigZget_python_lib�	code_pathZ
add_from_fileZ
get_objectr$�window�main_selection_windowr%�popupr&�
revert_buttonrZCursorZ
CursorTypeZWATCH�busy_cursorZLEFT_PTR�ready_cursor�selinux�selinux_getpolicytype�initialtype�
current_popup�
import_export�clear_entry�	files_add�network_add�mislabeled_filesZall_domainsZinstalled_listZpreviously_modified�file_dialogr'r(Z
invalid_entryr)�advanced_search_filterZset_visible_func�filter_the_dataZadvanced_search_sortr*r+Zadvanced_search�login_labelr,�login_seuser_combolistr-r.r/�login_radio_buttonr0r1Zset_sort_column_idZSortTypeZ	ASCENDINGr2r3r4r5r6�user_radio_buttonr7r8r9r:�user_roles_combolist�
user_labelr;r<r=r>Z
user_comboboxr?r@rArBrC�file_equiv_radio_buttonrDrErFZfile_equiv_treefilterrGrHrI�system_radio_button�lockdown_radio_buttonZsystems_box�relabel_button�relabel_button_norJrK�system_policy_labelrLrMrN�more_types_files_liststore�moreTypes_treeviewrOrPZpolicy_list�populate_system_policy�set_visible�enforcing_button_default�permissive_button_default�disabled_button_default�initialize_system_default_mode�enable_unconfined_button�disable_unconfined_button�enable_permissive_button�disable_permissive_buttonZenable_ptrace_button�disable_ptrace_buttonrQ�	help_textrRrSrTrUrVrW�update_treestorerX�
update_button�
add_button�
delete_buttonrYrZr[r\�popup_network_label�popup_files_label�recursive_path_toggle�files_type_combolist�files_class_combolistr]r^r_r`�advanced_text_filesZfiles_cancel_button�network_tcp_button�network_udp_button�network_port_type_combolist�network_port_type_comboboxrarb�advanced_text_networkZnetwork_cancel_button�show_mislabeled_files_onlyrcrd�
modify_button�
set_sensitivererfrgrhrirjrkrlrmrn�executable_files_treeviewro�executable_files_tabZget_tooltip_textZ executable_files_tab_tooltip_txt�executable_files_liststore�files_radio_buttonZfiles_button_tooltip_txt�writable_files_treeview�writable_files_liststorerp�writable_files_tabZwritable_files_tab_tooltip_txt�application_files_treeviewrq�application_files_tabZ!application_files_tab_tooltip_txt�application_files_liststore�network_radio_buttonZnetwork_button_tooltip_txt�network_out_treeviewrrrsrtZnetwork_out_tab_tooltip_txt�network_in_treeviewrurvrwZnetwork_in_tab_tooltip_txt�boolean_treeviewrxry�boolean_more_detail_windowZboolean_more_detail_treeview�!boolean_more_detail_tree_data_set�boolean_radio_button�
active_buttonZboolean_button_tooltip_txtrzr{r|�transitions_into_tabZ transitions_into_tab_tooltip_txt�transitions_radio_buttonZtransitions_button_tooltip_txtr}r~r�transitions_from_tabZ transitions_from_tab_tooltip_txt�transitions_file_treeview�transitions_file_liststoreZtransitions_file_filter�transitions_file_tabZ transitions_file_tab_tooltip_txtZ
combobox_menur�r�r�Zset_minimum_key_lengthZset_text_columnZset_match_func�
match_funcZset_completionZset_icon_from_stockZ
STOCK_FIND�show_modified_only�current_status_label�current_status_enforcing�current_status_permissiver�Zget_context_id�
context_idr�r�r��cellZdel_cell_files�connect�on_toggle_updateZdel_cell_files_equivZ
del_cell_userZdel_cell_loginZdel_cell_networkZupdate_cell�inner_notebook_files�inner_notebook_network�inner_notebook_transitionsZall_entries�	on_toggleZloading�append�sepolicyZget_all_domains�sort�str�lower�errorr�show�lenZget_init_entrypoints_str�
combo_box_add�floatZ
percentageZset_fractionZset_pulse_step�	idle_func�getZfind_entrypoint_path�hideZ	set_model�open_combo_menu�on_disable_ptrace�hide_combo_menu�set_application_label�get_filter_data�update_to_file_equiv�update_to_login�update_to_user�update_to_files�update_to_network�reveal_advanced�cursor_changed�resize_wrapr��populate_type_combo�invalid_entry_retry�recursive_path�highlight_entry_text�autofill_add_files_entry�select_type_more�on_browse_select�set_enforce�confirmation_close�column_clicked�
clear_filters�show_file_equiv_page�system_interface�users_interfacer��show_mislabeled_files�browse_for_files�close_popup�login_seuser_combobox_change�user_roles_combobox_change�close_config_window�apply_changes_button_press�update_or_revert_changes�get_advanced_filter_data�advanced_item_selected�advanced_item_button_push�on_help_button�on_help_back_clicked�on_help_forward_clicked�resize_columns�application_selected�add_button_clicked�delete_button_clicked�modify_button_clicked�on_show_modified_only�import_config_show�export_config_show�unconfined_toggle�permissive_toggle�change_default_policy�change_default_mode�relabel_on_reboot�reveal_advanced_system�show_more_types�
tab_change�closewindow�previously_modified_initializeZconnect_signalsrZtimeout_add_seconds�selinux_status�lockdown_inited�statusr�show_system_page�	set_label�set_text�show_applications_page�clearbuttons�set_current_page�reinit�main)�self�appZtestr��eZbuilderZ
glade_filer��path�lengthZentrypoint_dict�domainZ
entrypoint�dicrrr�__init__us 




"





zSELinuxGui.__init__cCs"i|_xtD]}i|j|<qWdS)N)�cur_dict�keys)rP�krrrr�ss
zSELinuxGui.init_curcCsLd}xB|jD]8}x2|j|D]$}||kr8|j||=dS|d7}qWqWdS)Nrr)rX)rP�ctr�irZ�jrrr�
remove_curxszSELinuxGui.remove_curcCsytj�|_Wntk
r(t|_YnX|jtkr�|jjd�|jjd�|jjd�|j	jd�|j
j|jt
d��|jjt�n|j|j�tjjd�r�|jjd�n|jjd�tj�d}tj�d}|tkr�|j	jd�|tkr�|jjd�|tk�r|jjd�dS)NFzSystem Status: Disabledz
/.autorelabelTr)r�Zsecurity_getenforcerG�OSErrorrr�r�r�r�r�r��pushr�rrRrI�
DISABLED_TEXT�set_enforce_text�osrS�existsr��
set_activer�r��selinux_getenforcemoderrr�r�)rPZ
policytype�moderrrrE�s0

zSELinuxGui.selinux_statuscCs�|jr
dS|j�d|_|jjtjd��i|_xN|jj�j	d�D]:}|j	�}t
|�dkr\qB|dt
|�dkd�|j|d<qBW|jj|jdd	�|jj|jd
d	�|j
�dS)NTZdeny_ptrace�
r	r)Zpriority�Disabledr�
unconfinedri�permissivedomains)rF�
wait_mouser�rer�Zsecurity_get_boolean_activeZmodule_dictr�Z
semodule_list�splitrr�r��ready_mouse)rP�m�modrrr�
lockdown_init�s$zSELinuxGui.lockdown_initcGs�|j�}|sdS|jtkr4|j�dkr4|j|j|�|jtkrp|jj|d�}|j�dkrp|rp|j	|jj|d��|jt
kr�|jj|d�}|r�|jj�|j
j|�dS)NZmore_detail_colr	Zrestorecon_colrr)�get_selected_iterr��
BOOLEANS_PAGEZget_name�display_more_detailr��
FILES_PAGE�	liststore�	get_value�fix_mislabeled�TRANSITIONS_PAGEr�Zclickedr�rJ)rP�treeviewZtreepathZtreecol�args�iterZvisibleZ	bool_namerrrr �s



zSELinuxGui.column_clickedcCsxtj�rtj�qWdS)N)rZevents_pendingZmain_iteration)rPrrrr�s
zSELinuxGui.idle_funccCs:y |jj|d�j|�dkrdSdStk
r4YnXdS)NrrTFr
)r�rw�find�AttributeError)rPZ
completionZ
key_stringr|Z	func_datarrrr��szSELinuxGui.match_funcc
Cs�|jj|jdk�|jj|jt|j�dk�y0td|j|j|jfd�}|j�}|j	�Wnt
k
rvd}YnX|jj�}|j
|d|ji�|jj|�|jjd|j|j|jf�|j|j�dS)Nrrz
%shelp/%s.txt�rr#�APPz
%shelp/%s.png)rUr��	help_pagerTr�	help_list�openr��read�close�IOErrorr�Z
get_bufferrJr�Z
set_bufferrSZ
set_from_file�
show_popuprQ)rP�fd�bufr�rrr�help_show_page�s

zSELinuxGui.help_show_pagecGs|jd8_|j�dS)Nr)r�r�)rPr{rrrr1�szSELinuxGui.on_help_back_clickedcGs|jd7_|j�dS)Nr)r�r�)rPr{rrrr2�sz"SELinuxGui.on_help_forward_clickedcGstd|_g|_|jtkr.|jjtd��dg|_|jtkrV|jjtd��ddddg|_|jtkr�|j	j
�}|tkr�|jjtd	��d
g|_|tkr�|jjtd��dg|_|t
kr�|jjtd
��dg|_|jtk�r$|jj
�}|tk�r|jjtd��dg|_|tk�r$|jjtd��dg|_|jtk�r�|jj
�}|tk�rb|jjtd��ddddg|_|tk�r�|jjtd��dg|_|tk�r�|jjtd��dg|_|jtk�r�|jjtd��dddd d!d"g|_|jtk�r�|jjtd#��d$d%d&d'g|_|jtk�r$|jjtd(��d)d*g|_|jtk�rH|jjtd+��d,g|_|jtk�rl|jjtd-��d.g|_|j�S)/NrzHelp: Start Page�startzHelp: Booleans PageZbooleansZbooleans_toggledZ
booleans_moreZbooleans_more_showzHelp: Executable Files PageZ
files_execzHelp: Writable Files PageZfiles_writezHelp: Application Types PageZ	files_appz'Help: Outbound Network Connections PageZports_outboundz&Help: Inbound Network Connections PageZ
ports_inboundz&Help: Transition from application PageZtransition_fromZtransition_from_booleanZtransition_from_boolean_1Ztransition_from_boolean_2z&Help: Transition into application PageZ
transition_toz&Help: Transition application file PageZtransition_filezHelp: Systems Page�systemZsystem_boot_modeZsystem_current_modeZ
system_exportZsystem_policy_typeZsystem_relabelzHelp: Lockdown PageZlockdownZlockdown_unconfinedZlockdown_permissiveZlockdown_ptracezHelp: Login PagerZ
login_defaultzHelp: SELinux User Page�userszHelp: File Equivalence PageZ
file_equiv)r�r�r�r�rQ�	set_titlerrsrur��get_current_page�EXE_PAGE�
WRITABLE_PAGE�APP_PAGE�NETWORK_PAGEr��
OUTBOUND_PAGE�INBOUND_PAGEryr��TRANSITIONS_FROM_PAGE�TRANSITIONS_TO_PAGE�TRANSITIONS_FILE_PAGE�SYSTEM_PAGE�
LOCKDOWN_PAGE�
LOGIN_PAGE�	USER_PAGE�FILE_EQUIV_PAGEr�)rPr{�ipagerrrr0�sl











zSELinuxGui.on_help_buttoncGsX|jdkrDd|_|jj�}|jj|dd|dd�|jj�n|jj�d|_dS)Nrrr�A)r�r�Zget_positionr�Zmoverr	)rPr{�locationrrrr
)s


zSELinuxGui.open_combo_menucGs|jj�d|_dS)Nr)r�r	r�)rPr{rrrr3s
zSELinuxGui.hide_combo_menucGs
d|_dS)NT)r
)rPr{rrrr
7sz SELinuxGui.set_application_labelcGst|�dS)N)r�)rPr{rrrr:szSELinuxGui.resize_wrapcCsHtj�d|_|jtkr |j|_|jtkr2|j|_|jtkrD|j	|_dS)Nr)
r�rf�enforce_moderr��enforce_buttonrr�rr�)rPrrrr�=s


z)SELinuxGui.initialize_system_default_modecCsvttjtj�dd��d}|j�d}xJ|D]B}|jj�}|jj|d|�||j	krf|j
j|�||_|d7}q,W|S)NT)�topdownrr)
�nextrc�walkr�Zselinux_pathr�rOr��	set_valuer�rPre�typeHistory)rP�typesr[�itemr|rrrr�Fs


z!SELinuxGui.populate_system_policycGs�|jdkrdSy�x�td|j��D]p}yR|j||�}|dksJ|dksJ|dkrLw |j|j�dksp|j�j|j�dkrtdSWq ttfk
r�Yq Xq WWnYnXdS)Nr#TrFrr
r
)r��range�
get_n_columnsrwr}rr~�	TypeError)rP�listr|r{�x�valrrrr�Ss
$zSELinuxGui.filter_the_datac
Cs�x�|j�D]|}xv||D]j\}}dj|�|f}	|	|jdkrl|jd|	ddkrTq||jd|	dkrlq|j|dj|�||�qWq
WdS)N�,r�actionz-d�typez, )rY�joinrX�network_initial_data_insert)
rPrQ�netd�protocol�	direction�modelrZ�t�portsZpkeyrrr�
net_updatefszSELinuxGui.net_updatecCs�|j�tj�}|jj�x�|D]�}|jj�}||drX|j|�}|j||d�}n|}||d}|jj|d|�|jj|d|�|jj|d||d�q W|j�dS)N�modify�equivrrr)	rlr�Zget_file_equivrE�clearr��markupr�rn)rPZedict�fr|�namer�rrr�file_equiv_initializeqs



z SELinuxGui.file_equiv_initializecCs�|j�|jj�x�tj�D]�}|jj�}|jj|dt|d��|d}d|kr\|jd�|jj|ddj	|��|jj|d|j
dd	��|jj|d
|j
dd	��|jj|dd
�qW|j�dS)Nrr��rolesZobject_rrz, r�levelr#r	r�rT)rlr7r�r��get_selinux_usersr�r�r�remover�rrn)rP�ur|r�rrr�user_initialize�s


zSELinuxGui.user_initializecCs�|j�|jj�xftj�D]Z}|jj�}|jj|d|d�|jj|d|d�|jj|d|d�|jj|dd�qW|j�dS)	Nrr�r�seuserr�mlsr	T)rlr1r�r�Zget_login_mappingsr�r�rn)rPr�r|rrr�login_initialize�s

zSELinuxGui.login_initializecCs|tjj|dddd�}|j||dt|j�tjj|dddd�}|j||dt|j�tjj|dddd�}|j||dt|j�dS)N�tcp�name_connectT)�check_bools�	name_bind�udp)r��network�get_network_connectr�r�rrr�ru)rPrQr�rrr�network_initialize�szSELinuxGui.network_initializecCsD|j�}|j|d|�|j|d|�|j|d|�|j|dd�dS)NrrrrT)r�r�)rPr�r�ZportTyper�r|rrrr��s
z&SELinuxGui.network_initial_data_insertcCs�d}|j�}x.|D]&}|d|kr0|j|�dS|d7}qW|j|d�}|j|d�td�krr|j|�}|d}n|j�}|j|d|�|j|�dS)NrrzMore...)�	get_modelre�get_iterrwrZ
insert_beforer�r�)rP�comboboxr�r[rvr\�niterr|rrr�combo_set_active_text�s



z SELinuxGui.combo_set_active_textcCs2|j�}|j�}|dkrdS|j|�}|j|d�S)Nr)r��
get_activer�rw)rPr�rv�indexr|rrr�combo_get_active_text�s
z SELinuxGui.combo_get_active_textcCs:|dkrdS|jj�}|jj|d|�|jj|d|�dS)Nrr)r�r�r�)rPr��val1r|rrrr�s

zSELinuxGui.combo_box_addcGsN|jj�}|j�d}|dkr"dS|jj|d�}|j|j|�|j|j�dS)Nrr)	r��
get_selection�get_selectedr�rwr�r]rCrN)rPr{rQr|rrrr�s
zSELinuxGui.select_type_morecGsx|jj�}|j�\}}|j|�}|jj|�}|jj|d�}|dkrFdS|jjd�|j	j
�|j|j�|j
j|�dS)Nrr#)r+r�r��convert_iter_to_child_iterr�r�rwr*rJr)r	rr%r�)rPr{�rowr�r|rQrrrr/�s


z$SELinuxGui.advanced_item_button_pushcGs`|jj|�}|jj|�}|jj|d�}|jjd�|jj�|j	|j
�|jj|�|j�dS)Nrr#)
r�r�r�r�rwr*rJr)r	rr%r�r4)rPrzrSr{r|rQrrrr.�s
z!SELinuxGui.advanced_item_selectedcCs4|r0t|�dkr0x|jD]}||dkrdSqWdS)NrTF)rr�)rPrQ�itemsrrr�find_application�s
zSELinuxGui.find_applicationcGs�|jjd�|jjd�|jjd�|jjd�|jj�}|j|�sHdS|j	�|j
jd�|jjd�|j
j�|jj�|jj�|jj�|jj�|jj�|jj�|jj�|jj�y(|ddkr�tj|�}|s�dS||_Wntk
�rYnX|j�|j|jj��|j�|j |�d|_!|j"|�|j#|�|j$|�|j%|�|j&|�|j'|�|j(|�|j)j*t+d�|�|j,j*t+d�|�|j-j*t+d�|�|j.j*t+d	�|�|j/j*t+d
�|�|j0j*t+d�|�|j1j*t+d�|�|j2j*t+d
�|�|j3j4t+d�|�|j5j4t+d�|�|j6j4t+d�|�|j3j*t+d�|�|j5j*t+d�|�|j6j*t+d�|�|j7j*t+d�|�||_|j8j4|j�|j9�dS)NFr#Tr�/z(File path used to enter the '%s' domain.z)Files to which the '%s' domain can write.z6Network Ports to which the '%s' is allowed to connect.z5Network Ports to which the '%s' is allowed to listen.z File Types defined for the '%s'.zODisplay boolean information that can be used to modify the policy for the '%s'.z;Display file type information that can be used by the '%s'.zADisplay network ports to which the '%s' can connect or listen to.z!Application Transitions Into '%s'z!Application Transitions From '%s'zFile Transitions From '%s'zVExecutables which will transition to '%s', when executing selected domains entrypoint.zQExecutables which will transition to a different domain, when '%s' executes them.z4Files by '%s' with transitions to a different label.zADisplay applications that can transition into or out of the '%s'.):r�r�rcrdr�rJr��get_textr�rKr�r�r�r�r�rurrrxr{r~r�r�r�r�Zget_init_transtyper��
IndexErrorrlrDr�r�rN�boolean_initializer��executable_files_initializer��writable_files_initialize�transitions_into_initialize�transitions_from_initialize�application_files_initialize�transitions_files_initializer��set_tooltip_textrr�rtrwr�r�r�r�r�rIr�r�r�r&rn)rPr{rQrrrr4�sr




















zSELinuxGui.application_selectedcCs tj�tj�|_tj�|_dS)N)r�rNZ
get_fcdict�fcdictZget_local_file_paths�local_file_paths)rPrrrrN6s
zSELinuxGui.reinitcCs�i|_�x�|jd�D�]�}|j�}t|�dkr0q|ddkr>q|d|jkrZi|j|d<|ddkr�d|ddki|jd|d<|dd	kr�|d
|dd�|jd	|d <|dd
kr�d|d
i|jd
|d!<|ddk�rd|d
|dd�|jd|d"<|ddk�r6d|d
i|jd|d#|d$f<|ddk�rj|d
|d|dd�|jd|d%<|ddk�r�|ddk�r�d|jk�r�i|jd<d|d
i|jd|d&<n"d|di|jd|d'|d
f<|ddkrd|ddki|jd|d(<qWd|jk�rdSxJd|jfd|jfgD]2\}}||jdk�r.|j|jd|d��q.Wx*tD]"}||jk�rj|jj|ii��qjWdS))Nrhrrz-Dr�activerz-1rr	r)r�r�r!r�r�s0)r�r��rolerr r)�maskr�r�rz-ezfcontext-equivr�r�enabledz-drjrkr
r
r
r
r
���r
r
r
r
)�	cust_dictrmrr�r�rerY�update)rPr�r\ZrecZsemodule�buttonrrrrD;sJ ""&
""
z)SELinuxGui.previously_modified_initializecCs�tj|�|_x�|jj�D]�}t|j|�dkr0q|j|d}xr|j|dD]`}||f|jdkr�|jd||fddkr�qN||jd||fdkr�qN|j|j|||�qNWqWdS)Nrrrr�z-dr�)r�Zget_entrypoints�entrypointsrYrrX�files_initial_data_insertr�)rPr��exe�
file_classrSrrrr�esz&SELinuxGui.executable_files_initializecCs@y&tj|d�d}tj|�d}||kStk
r:dSXdS)NrrF)r��matchpathcon�
getfileconr_)rPrS�con�currrr�
mislabeledsszSELinuxGui.mislabeledcCs�|j|�sdStj|d�d}tj|�d}d|_|j|dd�|j|dd�|j|dd�|j|d|jd�d�|j|d	|jd�d�dS)
NrrTr	rr�:rr)rr�r�r�r�r�rm)rP�treerSr|r�r�rrrr�set_mislabeled{s
zSELinuxGui.set_mislabeledcCs�tj|�|_x�|jj�D]�}t|j|�dkrF|j|jd|td��q|j|d}xr|j|dD]`}||f|jdkr�|jd||fddkr�qd||jd||fdkr�qd|j|j|||�qdWqWdS)	Nrz	all filesrrrr�z-dr�)	r�Zget_writable_files�writable_filesrYrr�r�rrX)rPr��writer�rSrrrr��sz$SELinuxGui.writable_files_initializec	Cs�|jd�}|dkr td�}d}nl||f|jk}x:tj|�D],}|j|�}|j|d|�|j||||�q:W|r�|j|�}|j|�}|j|�}|j|d|�|j|d|�|j|d|�|j|d|�dS)NzMISSING FILE PATHFrrrr)r�rr�r�Z	find_filer�rr�)	rPrvrSZ
selinux_labelr�r|r��pr�rrrr��s"




z$SELinuxGui.files_initial_data_insertcCsd|S)Nz	<b>%s</b>r)rPr�rrrr��szSELinuxGui.markupcCs |rtjddtjdd|��SdS)Nz</b>$r#z^<b>)�re�sub)rPr�rrr�unmarkup�szSELinuxGui.unmarkupcCs�tj|�|_x�|jj�D]�}t|j|�dkr0q|j|d}x�|j|dD]p}tj||jd�}||f|jdkr�|jd||fddkr�qN||jd||fdkr�qN|j|j	|||�qNWqWdS)Nrr)r�rr�z-dr�)
r�Zget_file_types�
file_typesrYrZget_descriptionr�rXr�r�)rPr�rQr�rS�descrrrr��sz'SELinuxGui.application_files_initializecCs.d}x$|jD]}t|j|�dkrdSqWdS)NrTF)rXr)rPr\rZrrr�modified�s
zSELinuxGui.modifiedcCsbx\tj|�D]N}xH|D]@\}}||jdkr>|jd|d}tj|�}|j|||�qWqWdS)Nrr�)r�Z	get_boolsrX�boolean_desc�boolean_initial_data_insert)rPr��blistrr�rrrrr��s
zSELinuxGui.boolean_initializecCsR|jj�}|jj|d|�|jj|d|�|jj|d|�|jj|dtd��dS)Nrrrr	zMore...)rxr�r�r)rPr�rr�r|rrrr�s

z&SELinuxGui.boolean_initial_data_insertcCsbx\tj|�D]N}d}d}d}d|kr,|d}d|kr<|d}d|krL|d}|j|||�qWdS)Nr�target�source)r�Zget_transitions_into�$transitions_into_initial_data_insert)rPr�r�r��
executablerrrrr��sz&SELinuxGui.transitions_into_initializecCsd|jj�}|dkr0|jj|dt|dd�n|jj|dd�|jj|d|�|jj|d|�dS)Nrr�Defaultr)r{r�r�r�)rPr�rrr|rrrr�s
z/SELinuxGui.transitions_into_initial_data_insertcCs�x�tj|�D]�}d}d}d}d|kr,|d}d|kr<|d}d|krL|d}|j|||�y*x$|j|dD]}|j|||�qlWWqtk
r�YqXqWdS)Nrr�	transtypeZregex)r�Zget_transitions�$transitions_from_initial_data_insertr��KeyError)rPr�r�r�rrZexecutable_typerrrr��s z&SELinuxGui.transitions_from_initializecCs�|jjd�}|dkr6|jj|dd�|jj|dd�n�|jj|�}|jj|dt|dd�d
}|ddr�|jj|dtd	�|�n|jj|dtd
�|�|jj|d|dd�|jj|dd�|jj|d|�|jj|d|�dS)NrrrFr�<span foreground="blue"><u>�</u></span>rz:To disable this transition, go to the %sBoolean section%s.z9To enable this transition, go to the %sBoolean section%s.Tr	)rr)r~r�r�r�r)rPr�rrr|r�r�rrrrsz/SELinuxGui.transitions_from_initial_data_insertcCsJxDtj|�D]6}d|kr"|d}nd}|j|d|d|d|�qWdS)N�filenamer�classr)r�Zget_file_transitions�$transitions_files_inital_data_insert)rPr�r\rrrrr�s

z'SELinuxGui.transitions_files_initializecCsZ|jj�}|jj|d|�|jj|d|�|jj|d|�|dkrFd}|jj|d|�dS)Nrrr�*r	)r�r�r�)rPrS�tclass�destr�r|rrrr"s
z/SELinuxGui.transitions_files_inital_data_insertcGs8|j�d|_d|_d|_d|_|jjd�|jj�|j	j
d�|jj
d�|jj
d�|j
j
d�|jj�r�|jjt�|j|_|j	j
d�|jj��r�|j|j�|j	j
d�|jj
|j�|jj
|j�|j
j
|j�|jjt�|d|jk�r|d}n
|jj�}|tk�r*|j|_td�}n6|tk�rF|j|_td�}n|tk�r`|j |_td�}|j!j"td�||j#d	��|j$j"td
�||j#d	��|jj"td�||j#d	��|j%j��r�|jj&�|j	j
d�|jjt'�|d|j(k�r�|d}n
|j(j�}|t)k�r |j*|_td�}|t+k�r:|j,|_td
�}|j!j"td�|j#|d��|j$j"td�|j#|d��|jj"td�|j#|d��|j-j��r|jjt.�|d|j/k�r�|d}n
|j/j�}|t0k�r�|j1|_|t2k�r�|j3|_|t4k�r|j5|_|j6j��r"|jjt7�|j8j�|j9j��rL|j:�|jjt;�|j8j�|j<j��r�|jjt=�|jj&�|j	j
d�|j>|_|j!j"td��|j$j"td��|jj"td��|j?j��r|jjt@�|jj&�|j	j
d�|jA|_|j!j"td��|j$j"td��|jj"td��|jBj��r~|jjtC�|jj&�|j	j
d�|jD|_|j!j"td��|j$j"td��|jj"td��|jj�|_E|j�r(|j8j&�|jjF�|_|jjF�|_|jjF�|_xXtGd|jjH��D]D}|jjI|�}|�r�|jJ�d}tK|tLjM��r�|jjN||jOd��q�W|jjP�jQ�|jjd�dS)NFTrrr�writabler�z4Add new %(TYPE)s file path for '%(DOMAIN)s' domains.)ZTYPEZDOMAINz3Delete %(TYPE)s file paths for '%(DOMAIN)s' domain.z�Modify %(TYPE)s file path for '%(DOMAIN)s' domain. Only bolded items in the list can be selected, this indicates they were modified previously.r�zlisten for inbound connectionszMAdd new port definition to which the '%(APP)s' domain is allowed to %(PERM)s.)r�ZPERMzVDelete modified port definitions to which the '%(APP)s' domain is allowed to %(PERM)s.zMModify port definitions to which the '%(APP)s' domain is allowed to %(PERM)s.z%Add new SELinux User/Role definition.z.Delete modified SELinux User/Role definitions.z7Modify selected modified SELinux User/Role definitions.z!Add new Login Mapping definition.z*Delete modified Login Mapping definitions.z3Modify selected modified Login Mapping definitions.z$Add new File Equivalence definition.z-Delete modified File Equivalence definitions.z�Modify selected modified File Equivalence definitions. Only bolded items in the list can be selected, this indicates they were modified previously.)Rr!rz�treesort�
treefilterrvr�r�r�r	r�r�r�rcrdr�r�r$rMrsr�r�r�r�rur�r�r�r�rr�r�r�r�r�r�r�r�r�rr�r�r�r�r�r�r�ryr�r�r}r�rzr�r�r�r�r�r�rqr�r�r�r9r�r�r0r�r�rDr�r�r�r�Z
get_columnZ	get_cells�
isinstancerZCellRendererTextZ
set_sort_func�	stripsortr�Zunselect_all)rPr{r��categoryr��colr�rrrrB+s�
























zSELinuxGui.tab_changec	Cs:|j�\}}|j|j||��}|j|j||��}t||�S)N)Zget_sort_column_idr
rwr)	rPr�Zrow1Zrow2Z	user_dataZsort_columnrr�Zval2rrrr%�szSELinuxGui.stripsortcCs�|jj|�}|jj|�}|jj�|jjtd�|jj	|d��t
j|j|jj	|d��}x,|D]$}|j
|d|d|d|d�q^W|j|j�dS)NzBoolean %s Allow RulesrrrrZpermlist)ryr�r�r�r�r�r�rrxrwr�Zget_boolean_rulesr��display_more_detail_initr�)rP�windowsrS�itrrrrrrt�s

$zSELinuxGui.display_more_detailc	Cs0|jj�}|jj|dd|||dj|�f�dS)Nrzallow %s %s:%s { %s };� )r�r�r�r�)rPrrZ
class_typeZ
permissionr|rrrr(�s
z#SELinuxGui.display_more_detail_initcGs�d|_|jtkrJ|jjtd�|j�|jjtd�|j�|j	|�dS|jt
kr�|jjtd�|j�|jjtd�|j�|j
|�|jj�}|tkr�|jjd�n|jjd�d|_|jtkr�|jjtd	��|jjtd
��|j|�d|_|jtk�r2|jjtd��|jjtd��|j|�d|_|jtk�r�|jjd
�|jjd
�|jjtd��|jjtd��d|_|j |j�|j!�dS)NFzGAdd Network Port for %s.  Ports will be created when update is applied.zAdd Network Port for %szMAdd File Labeling for %s. File labels will be created when update is applied.zAdd File Labeling for %szex: /usr/sbin/Foobarzex: /var/lib/FoobarTzGAdd Login Mapping. User Mapping will be created when Update is applied.zAdd Login MappingzQAdd SELinux User Role. SELinux user roles will be created when update is applied.zAdd SELinux Usersr#zMAdd File Equivalency Mapping. Mapping will be created when update is applied.zAdd SELinux File Equivalency)"r�r�r�r�rJrr�r\r��init_network_dialogrur�r[�init_files_dialogr�r�r�rYr�r�r�r3�login_init_dialogr�r�r6�user_init_dialogr�rBrCrArFr��new_updates)rPr{r�rrrr5�sB







zSELinuxGui.add_button_clickedcCs||_|j�dS)N)r�r)rPr�rrrr��szSELinuxGui.show_popupcGs|jj�|jjd�dS)NT)r�r	r�r�)rPr{rrrr'�s
zSELinuxGui.close_popupc
Gs�d}|jr&|j�}|s&|jjd�dSd|_|jtkr@|j|�|jtk�r\|j	j
td�|j�|j
jtd�|j�d|_|j|�d|_d}d}|jj�}|tk�r |jj|�}||_|jj|d�}|jj
|�|jj|d�}|dkr�|j|j|�|jj|d�}|dk�r |j|j|�|tk�r�|jj|�}||_|jj|d�}|jj
|�|jj|d�}	|	dk�r||j|j|	�|jj|d�}|dk�r�|j|j|�|tk�r\|j j|�}||_|j!j|d�}|jj
|�y&|j!j|d�}
|
j"d	�dj"d
�}
Wnt#k
�rYnX|j!j|d�}	|	dk�r<|j|j|	�|
d}|dk�r\|j|j|�|jt$k�r�|j%|�|j&j
|j'j|d��|j(j
|j'j|d��|j)j
|j'j|d��|j|j*|j'j|d��|j+j
td��|j,jtd
��|j-|j,�|jt.k�r~|j/|�|j0j
|j1j|d��|j2j
|j1j|d��|j|j3|j1j|d��|j4j
td��|j5jtd��|j-|j5�|jt6k�r�|j7j
|j8|j9j|d���|j:j
|j8|j9j|d���|j;j
td��|j<jtd��d|_=|j-|j<�dS)NFTzPModify File Labeling for %s. File labels will be created when update is applied.zAdd File Labeling for %s�Modifyrrrz<b>z</b>r	zUModify SELinux User Role. SELinux user roles will be modified when update is applied.zModify SELinux UserszLModify Login Mapping. Login Mapping will be modified when Update is applied.zModify Login MappingzPModify File Equivalency Mapping. Mapping will be created when update is applied.zModify SELinux File Equivalency)>rzrrr�r�r�r�r��modify_button_network_clickedrur�rJrr�r[r��delete_old_itemr-r�r�r�ror�r�rwrYr�r]r^r�rpr�r�rqr�rmr~r�r/r;r7r=r>r:r�r6r�r�r.r-r1r/r,r�r3r�rBr
rErCrArFr�)rPr{r|�	operationr�r�rS�ftyperr�Zget_typerrrr7�s�













z SELinuxGui.modify_button_clickedcGsB|jj|�}|jj|d�}|j|j|�|j|j�|jj�dS)Nr)	r�r�rwr�r]r�r[rNr	)rPr�locr{r|r5rrrrHs
zSELinuxGui.populate_type_combocCs.|dkrdS|jd�rd}nd}|j|�dS)NZ	_script_tZ_tr)�endswithrm)rPrUZ
split_charrrr�strip_domainOs
zSELinuxGui.strip_domaincCs x|D]}|j|�rdSqWdS)NTF)�
startswith)rPr��exclude_listrRrrr�exclude_typeXs

zSELinuxGui.exclude_typec
Gs�g}|jjd�|j|j�|jj�}|jj�|jj�|j	|j
�}xN|jD]D}|dj|�rN|d|j
krN|djd�rN|j
|j	|d��qNW|jj��y�x.tjD]$}|jj
�}|jj|dtj|�q�W|tko�|jdk�rXxR|jj�D]D}|j|��r|jj
�}|jj|d|�|jj
�}|jj|d|�q�W|jjd�|jjd��n(|tk�r�|jdk�r�xp|jj�D]b}	|	j|��r�|j|	|��r�|	|jk�r�|jj
�}|jj|d|	�|jj
�}|jj|d|	��qzW|jjd�n�|tk�r�|jdk�r�xntj�D]b}
|
j|��r|
j|��rT|j|
|��rT|jj
�}|jj|d|
�|jj
�}|jj|d|
��qW|jjd�Wntk
�r�td�YnX|jjd�|jj d�|jj
�}|jj|dt!d��dS)	NTrZ	httpd_sysrFrr�zMore...)"r^r�r�r[r�r�r�r�r�r8r�r�r9r�r�r��
file_type_strr�r�r�rYrer�rr;rr�Zget_all_file_typesr~r�r]r`rJr)rPr{r:r�Zcompare�d�filesr|r�rrQrrrr-^s`


,



(




zSELinuxGui.init_files_dialogcGs�|j�}|s|jjd�dS|jjtd�|j�|jjtd�|j�d|_	|j
|�d}d}d|_|j�}|jj
|d�}|jj|�|jj
|d�}|dkr�|jjd�n|d	kr�|jjd�|jj
|d
�}|dkr�|j|j|�||_	dS)NFzJModify Network Port for %s.  Ports will be created when update is applied.zModify Network Port for %sr1rTrr�r�r)rrr�r�r�rJrr�r\r�r3r,r�rvrwrZr�rer�r�r�)rPr{r|r4r�rr�r�rrrr2�s.
z(SELinuxGui.modify_button_network_clickedc
Gs�|j|j�|jj�}|jj�|jjd��y:|tkrPt	j
j|jdddd�}n8|t
kr�t	j
j|jdddd�}|t	j
j|jdddd�7}g}xL|j�D]@}x:||D].\}}||dd	gkr�|jd
�r�q�|j|�q�Wq�W|j�|j|j�}|ddk�r|dd�}|d
}d}	d}
x@|D]8}|j|��r2|	}
|jj�}|jj|d|�|	d7}	�qW|jj|
�Wntk
�r~YnX|jjd�|jjd�dS)Nr#r�r�T)r�r�r�Zport_tZunreserved_port_tZ_typerr=rrr�r
r
)r�r\r�r�r�r�rZrJr�r�r�r�r�r�rYr7r�r�r8r9r�r�rer~r�rb)rPr{r�r�Z
port_typesrZr�r�Zshort_domainr[�foundr|rrrr,�sF




zSELinuxGui.init_network_dialogcGsN|j|�}|jj�dkrJx0tj�D]$}||dkr"|jj|jdd��q"WdS)Nr#r�r�)r�r/r�r�r�rJr)rP�combor{r�r�rrrr(�s

z'SELinuxGui.login_seuser_combobox_changecGsN|j|�}|jj�dkrJx0tj�D]$}||dkr"|jj|jdd��q"WdS)Nr#r�r�)r�r>r�r��
get_all_rolesrJr)rPr@r{Zseroler�rrrr)�s

z%SELinuxGui.user_roles_combobox_changecCsNd}|jsdS|jj�}|s dS|j�\}}|rJ|j|�}|rJ|jj|�}|S)N)rzr�r�r�r#)rPr|r�r"rrrrr�s

zSELinuxGui.get_selected_itercGsf|jjd�|j�}|dkr,|jjd�dS|j|sH|j|drLdS|jj|j|d�dS)NFrr
r
)r�r�rrrv)rPr{r|rrrr�szSELinuxGui.cursor_changedcGsn|j|j�|jj�tj�}|j�x*|D]"}|jj�}|jj|dt	|��q,W|j
jd�|jjd�dS)Nrr#)
r�r3r�r�r�Z
get_all_usersr�r�r�rr-rJr/)rPr{r�r�r|rrrr.�s


zSELinuxGui.login_init_dialogcGsn|j|j�|jj�tj�}|j�x*|D]"}|jj�}|jj|dt	|��q,W|j
jd�|jjd�dS)Nrr#)
r�r6r�r�r�rAr�r�r�rr;rJr>)rPr{r�rr|rrrr/	s


zSELinuxGui.user_init_dialogcCsh|jrdd|j�}|j�y|jj|�Wn0tjjk
rZ}z|j|�WYdd}~XnX|j�dS)Nzboolean -m -%d deny_ptrace)	r�r�rlr��semanager�r�rrn)rP�checkbutton�
update_bufferrRrrrrszSELinuxGui.on_disable_ptracecs�|jj���fdd�}g}|jtkrh|j�s8|j|j�Sx.|jD]$}|d|jdkr@|j||��q@W|jt	kr�|j
j�}|j�s�|tkr�|j
|j�S|tkr�|j|j�S|tkr�|j|j�Sx2|jD](}|d|df|jdkr�|j|�q�W|jtk�rR|j��s|j|j�Sx:|jD]0}|d|df|jdk�r|j||���qW|jtk�r�|j�d	k�st|j�Sx2|jD](}|d|jd
k�r||j||���q|W|jtk�r�|j��s�|j�Sx2|jD](}|d|jdk�r�|j||���q�W|jtk�rP|j�d	k�s|j�Sx2|jD](}|d|jdk�r$|j||���q$W|jj�xB|D]:}|jj�}x(td��D]}|jj||||��qzW�q`WdS)
Ncs*g}x td��D]}|j||�qW|S)Nr)r�r�)r��lr\)rTrr�dup_row!sz1SELinuxGui.on_show_modified_only.<locals>.dup_rowrrrrrrTzfcontext-equivrr)rvr�r�rsr�r�r�r�r�rur�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�)rPrCrFZappend_listr�r�r|r\r)rTrr8sd








z SELinuxGui.on_show_modified_onlyc	Cs8|jd�}|j|d|�|j|d|�|j|d|�dS)Nrrr)r�r�)	rPrrQr�r4rSZfclassr5r|rrr�init_modified_files_liststorebs
z(SELinuxGui.init_modified_files_liststorecGstd�dS)Nzrestore to defualt clicked...)r�)rPr{rrr�restore_to_defaulthszSELinuxGui.restore_to_defaultcGs(|j|j�|jjd�|jjd�dS)NT)rCr'r[r�r\)rPr{rrrrkszSELinuxGui.invalid_entry_retrycCsVt|�dks|ddkrR|jj�|jjd�|jjd�|jjtd�|�dSdS)Nrr�FzAThe entry '%s' is not a valid path.  Paths must begin with a '/'.T)	rr'rr[r�r\r(rJr)rPZ
insert_txtrrr�error_check_filesps
zSELinuxGui.error_check_filescCsly t|�}|dks|dkrt�WnFtk
rf|jj�|jjd�|jjd�|jjt	d��dSXdS)NriFz'Port number must be between 1 and 65536T)
�int�
ValueErrorr'rr[r�r\r(rJr)rPrZpnumrrr�error_check_networkys
zSELinuxGui.error_check_networkcGs2|jr.|j|j�td�kr.|jj�|jj�dS)NzMore...)r�r�r]rr[r	rNr)rPr{rrrrA�s
zSELinuxGui.show_more_typesc	Gs|j�|j|j�}|jj�}|jj�}|jr�|j�}|jj	|d�}|jj	|d�}|jj	|d�}|j
j|d|�|j
j|d|�|j
j|d|�d|||||d�|jd|<n"|j
j
d�}d||d�|jd|<|j
j|d|�|j
j|d|�|j
j|d|�|j�dS)	Nrrrz-m)r�r�r��oldrange�	oldseuser�oldnamerz-a)r�r�r�)r'r�r,r/r�r-r�rrr1rwrvr�rXr�r0)	rPr{r��	mls_ranger�r|rOrNrMrrrr�s&

zSELinuxGui.update_to_loginc	Gsj|j�|j|j�}|jj�}|jj�}|jj�}|jr�|j�}|j	j
|d�}|j	j
|d�}|j	j
|d�}	|j	j
|d�}
|jj|d|�|jj|d|�|jj|d|	�|jj|d|
�d||||
|	||d�|j
d|<nD|jjd�}|s�|�r
d|||d	�|j
d|<nd|d
�|j
d|<|jj|d|�|jj|d|�|jj|d|�|jj|d|�|j�dS)Nrrr	rz-m)r�r�r�r�rM�oldlevel�oldrolesrOrz-a)r�r�r�r�)r�r�)r'r�r:r=r�r>r;r�rrr7rwrvr�rXr�r0)rPr{r�r�rPr�r|rOrRrQrMrrrr�s2


"
zSELinuxGui.update_to_usercGs�|j�|jj�}|jj�}|jrl|j�}|j|jj|d��}|j|jj|d��}d|||d�|j	d|<n |jj
d�}d|d�|j	d|<|jj|d|j|��|jj|d|j|��dS)Nrrz-m)r��src�oldsrc�olddestzfcontext-equivz-a)r�rS)r'rCr�rBr�rrr
rvr�rXr�r�)rPr{r rSr|rUrTrrrr�s

zSELinuxGui.update_to_file_equivc
Gs0|j�d|_|jj�}|j|�r&dS|j|j�}|jj�}|j|j�}|j	r�|j
�}|j|jj
|d��}|j|jj|d��}|jj
|d�}	d||||	d�|jd||f<n$|jjd�}d|d	�|jd||f<|jj|d|j|��|jj|d|j|��|jj|d|j|��d
|_|jjd
�|j�dS)NTrrrz-m)r�r��oldtype�oldpathZoldclassrz-a)r�r�F)r'r�rYr�rIr�r]r`r^r�rr�unmarkrvrwr�rXr�r�r�rer0)
rPr{rS�setyper�rr|rW�	oldsetypeZ	oldtclassrrrr�s,


 zSELinuxGui.update_to_filesc
Gs2d|_|jj�}|j|�rdS|jj�r.d}nd}|j|j�}|jj�}|j	r�|j
�}|j|jj
|d��}|j|jj
|d��}|j|jj|d��}	d|||	||d�|jd	||f<n&|jjd�}d
||d�|jd	||f<|jj|d|�|jj|d|�|jj|d|�d|_|jj�|jjd�|j�dS)
NTr�r�rrrz-m)r�r�r�rV�oldprotocol�oldportsrz-a)r�r�r�F)r�rZr�rLr�r�r�r�rbr�rrrXrvrwr�rXr�r\r	r�r�r0)
rPr{r�r�rYr�r|r\r[rZrrrr�s0



"
zSELinuxGui.update_to_networkcGs�d}|jjd�|jtkr�|jj�|jd}xZ|D]R\}}|||fd}|jj�}|jj|d|�|jj|d|�|jj|d|�q4W|j	|j
�dS|jtk�r,|jj�|jd}x`|D]X\}	}
||	|
fd}|jj�}|jj|d|	�|jj|d|�|jj|dt
j|
�q�W|j	|j�dS|jtk�r�|jj�|jd	}x�|D]|}||d
}
||jdd�}||jd
d�}|jj�}|jj|d|�|jj|d|
�|jj|d|�|jj|d|��qRW|j	|j�dS|jtk�rx|jj�|jd}xd|D]\}||d}||jdd�}|jj�}|jj|d|�|jj|d|�|jj|d|��qW|j	|j�dS|jtk�r�|jj�xX|jD]N}|d�r�|jj�}|jj|d|j|d��|jj|d|j|d���q�W|j	|j�dSdS)NZAddFrr�rrr	rrr�r�r#r�rrr�r)r�r�r�r�rmr�r�r�r�r�rkrurjr�r<rhr�r?rr@r�r4r5r�rGrEr
rH)rPr{r4Z	port_dictr�r�rYr|Z
fcontext_dictrSrZ	user_dictrr�r�r�Z
login_dictrr�r�rrrr6sv

















 z SELinuxGui.delete_button_clickedcGsx|j�|jtkrNx:|jD]0}|drd|dd�|jd|d|df<qW|jtkr�x>|jD]4}|dr`d|dd�|jd|dt|df<q`W|jtkr�x8|j	D].}|dr�d|d|d	d
�|jd|d<q�W|jt
k�r(x>|jD]4}|dr�d|d|d|dd�|jd
|d<q�W|jtk�rlx6|j
D],}|d�r<d|dd�|jd|d<�q<W|j�dS)Nrz-dr	)r�r�rrrrr)r�r�r�r)r�rr�r�r)r�rSzfcontext-equiv)r'r�r�rmrXrurj�reverse_file_type_strr�r?r�r4r�rGr0)rPr{�deleterrrr�Os,
(
,
&,
"z!SELinuxGui.on_save_delete_clickedcGs,x&|jD]}t|d|d|d�qWdS)Nrrr)rjr�)rPr{r^rrr�!on_save_delete_file_equiv_clickedgsz,SELinuxGui.on_save_delete_file_equiv_clickedcCs||d||d<dS)Nrr)rPr�rSr�rrrr�kszSELinuxGui.on_toggle_updatecCsVd}xL|D]D}|d|dkrF|d|dkrF|j|�}|j|�dS|d7}q
WdS)Nrrr)r�r�)rPrvr�r[r�r|rrr�ipage_deletens
 

zSELinuxGui.ipage_deletecCs�|sdS|jj|�}|jj|�}|j|d�}|j|d|j|d��|j|d�}||jdkrl|jd|=nd|i|jd|<|j�dS)Nrrrr�)ryr�r�rwr�rXr0)rPr�rSr�r|r�r�rrrr�wszSELinuxGui.on_togglecGs|j�|_|jj�dS)N)r�r�r��refilter)rP�entryr{rrrr-�s
z#SELinuxGui.get_advanced_filter_datacGs|j�|_|jj�dS)N)r�r�r#ra)rPr)r{rrrr�s
zSELinuxGui.get_filter_datacGsFd|_|jj�x�|jdD]�}|jd|d}|jjd�}|jj|dd�|jj|dtj|��|jj|dt|jd|d�|jj|dd�|jj|�}|jj|dt	d	�|�|jj|dd
�qW�x�|jdD�]~\}}|jd||fd}|jd||fd}|jjd�}|jj|dd�|jj|d|�|jj|dd�|d
k�rr|jj|dt	d�|j
�|dk�r�|jj|dt	d�|j
�|dk�r�|jj|dt	d�|j
�|jj|�}|jj|dd
�|jj|dt	d�|�|jj|�}|jj|dd
�|jj|dt	d�tj|�|jj|�}|jj|dd
�|jj|dt	d�|�q�W�x�|jdD�]z\}	}
|jd|	|
fd}|jjd�}|jj|dd�|jj|d|�|jj|dd�|d
k�r�|jj|dt	d�|j
�|dk�r|jj|dt	d�|j
�|dk�r6|jj|dt	d�|j
�|jj|�}|jj|dt	d�|	�|jj|dd
�|jj|�}|jj|dt	d�|
�|jj|dd
�|jd|	|
fd}|jj|�}|jj|dd
�|jj|dt	d�|��qnW�x�|jdD�]r}|jd|d}|jjd�}|jj|dd�|jj|d|�|jj|dd�|d
k�rn|jj|dt	d��|dk�r�|jj|dt	d��|dk�r�|jj|dt	d��|jj|�}|jj|dt	d �|�|jj|dd
�|jj|�}|jj|dd
�|jd|d!}|jj|dt	d"�|�|jd|jd#d$�}
|jj|�}|jj|dd
�|jj|dt	d%�|
��q�W�x�|jd&D�]r}|jd&|d}|jjd�}|jj|dd�|jj|d|�|jj|dd�|d
k�r�|jj|dt	d'��|dk�r|jj|dt	d(��|dk�r0|jj|dt	d)��|jj|�}|jj|dd
�|jj|dt	d*�|�|jj|�}|jj|dd
�|jd&|d+}|jj|dt	d,�|�|jd&|jd#d$�}
|jj|�}|jj|dd
�|jj|dt	d%�|
��q�W�x8|jd-D�](}|jd-|d}|jjd�}|jj|dd�|jj|d|�|jj|dd�|d
k�rz|jj|dt	d.��|dk�r�|jj|dt	d/��|dk�r�|jj|dt	d0��|jj|�}|jj|dd
�|jj|dt	d1�|�|jj|�}|jj|dd
�|jd-|d2}|jj|dt	d3�|��qW|j
|j�dS)4NTrr�rrrr�r	zSELinux name: %sFrr�z-azAdd file labeling for %sz-dzDelete file labeling for %sz-mzModify file labeling for %sz
File path: %szFile class: %szSELinux file type: %srzAdd ports for %szDelete ports for %szModify ports for %szNetwork ports: %szNetwork protocol: %srzAdd userzDelete userzModify userzSELinux User : %sr�z	Roles: %sr�r#zMLS/MCS Range: %srzAdd login mappingzDelete login mappingzModify login mappingzLogin Name : %sr�zSELinux User: %szfcontext-equivzAdd file equiv labeling.zDelete file equiv labeling.zModify file equiv labeling.zFile path : %srSzEquivalence: %s)r�r�r�rXr�r�r�rr�rr�r<rr�rV)rPr{Zboolsr4r|r�rSrrYrr�rr�r�rr�rSrrr�
update_gui�s�
"














zSELinuxGui.update_guicCsL|jj�r|j|_|jj�r$|j|_|jj�r6|j|_|jj�rH|j|_dS)N)r�r�r�r�r�r�)rPrrr�set_active_application_button	s



z(SELinuxGui.set_active_application_buttonTcCs~|jj�|jjd�|jjd�|jjd�|jjd�|jjd�|jjd�|j	jd�|j
jd�|rz|jjd�dS)NFr#)
r�r	r�r�r�r�r�r�r�r�r�r�rJ)rPr�rrrrL 	s
zSELinuxGui.clearbuttonscCsP|j�|jjd�|jjd�|jjtd��|jjd�|j�|j	�dS)NTZSystem)
rLr�r�r�r&rIrrerBr)rPrrrrH-	szSELinuxGui.show_system_pagecGsX|j�|j�|jjd�|jjtd��|j�|j�|j	j
d�|jj
d�dS)NTzFile Equivalence)rLr�r�rer&rIrrBrr�r�r�)rPr{rrrr"6	szSELinuxGui.show_file_equiv_pagecCsx|j�|jjd�|jjd�|jjtd��|jjd�|j�|j	�|j
�|j�|jj
d�|jj
d�dS)NTZUsers)rLr�r�r�r&rIrrerBr�r�rr�r�r�)rPrrr�show_users_page@	szSELinuxGui.show_users_pagecCsZ|jd�|jjd�|jjd�|jjd�|jjd�|jjd�|j�|j�dS)NFT)	rLr�r�r�r�r�rerBr)rPrrrrKM	s
z!SELinuxGui.show_applications_pagecGs|j�dS)N)rH)rPr{rrrr#W	szSELinuxGui.system_interfacecGs|j�dS)N)re)rPr{rrrr$Z	szSELinuxGui.users_interfacec	Gs�g}d}|jj�}|j�dkr�x^|jD]T}|jj|�}|jj|�}|jj|�}|dkr&|jj|d�dkrr|j	|�|d7}q&Wxn|D]}|jj
|�q�WnT|jdkr�|jj�|t
kr�|j|j�n*|tkr�|j|j�n|tkr�|j|j�dS)NrTrFr)r�r�r�rvr"r�r�r#rwr�r�r�r�r�r�r�r�r�r�)	rPrCr{Ziterlistr[r�r�r|Zitersrrrr%]	s,




z SELinuxGui.show_mislabeled_filescCsptj|�djd�d}tj|d�djd�d}|jtd�|||d�dd�tjjkrl|j	j
|�|j�dS)	NrrrrzbRun restorecon on %(PATH)s to change its type from %(CUR_CONTEXT)s to the default %(DEF_CONTEXT)s?)�PATHZCUR_CONTEXTZDEF_CONTEXTzrestorecon dialog)�title)r�r�rmr��verifyrr�ResponseTypeZYESr�Z
restoreconr4)rPrSrr�rrrrxv	s
&zSELinuxGui.fix_mislabeledcGs$|jj|j��|jj|j��dS)N)r�r�r
r�)rPr{rrrr0}	szSELinuxGui.new_updatescGsF|j�|j�td�k|_|jr2|jjtd��n|jjtd��dS)NZUpdatezUpdate ChangeszRevert Changes)rc�	get_labelrr�rVr�)rPr�r{rrrr,�	s
z#SELinuxGui.update_or_revert_changescGsb|j�|jr|j�n|j�d|_|j|jj��d|_|j�|j	�|j
�|jj�dS)NFT)
r'r��update_the_system�revert_datar�rDr�r�r!r4r0r�r�)rPr{rrrr+�	s
z%SELinuxGui.apply_changes_button_presscGsl|j�|j�}|j�y|jj|�Wn.tjjk
rV}zt|�WYdd}~XnX|j�|j	�dS)N)
r'�
format_updaterlr�rBr�r�r�rnr�)rPr{rDrRrrrrk�	szSELinuxGui.update_the_systemcCs2dddddd�}x|D]}||kr||SqWdS)Nrrr)zExecutable FileszWritable FileszApplication File TypeZInboundZOutboundZBooleansr)rP�lookupZipage_values�valuerrr�ipage_value_lookup�	s

zSELinuxGui.ipage_value_lookupcCs4|jd�d}|jd�d}|dkr,||_n|SdS)Nz: rrzSELinux name)rmZbool_revert)rPZ	attributeZbool_idrrr�get_attributes_update�	s
z SELinuxGui.get_attributes_updatec		Cs�|j�d}�xp|jD�]d}|dkrVx0|j|D]"}|d|j||d|f7}q0W|dk�rx�|j|D]�}|j||ddkr�|d|7}qld	|j||kr�|d
|j||d|j||d|j||d	|f7}ql|d|j||d|j||d|f7}qlW|d
k�rx�|j|D]�}|j||ddk�rX|d|7}n�d|j||k�r�d	|j||k�r�|d|j||d|j||d|j||d	|j||d|f7}n.|d|j||d|j||d|f7}�q.W|dk�rxxh|j|D]Z}|j||ddk�rD|d|7}n.|d|j||d|j||d|f7}�qW|dk�r�xx|j|D]j}|j||ddk�r�|d|7}n>|d|j||d|j||d|j||d|f7}�q�W|dkrxv|j|D]h\}}|j|||fddk�rF|d||f7}n0|d|j||d|j||d||f7}�qWqW|S)Nr#rzboolean -m -%d %s
r�rr�z-dzlogin -d %s
r�zlogin %s -s %s -r %s %s
r�zlogin %s -s %s %s
rzuser -d %s
r�zuser %s -L %s -r %s -R %s %s
r�zuser %s -R %s %s
zfcontext-equivzfcontext -d %s
zfcontext %s -e %s %s
rSrzfcontext %s -t %s -f %s %s
r�rrzport -d -p %s %s
zport %s -t %s -p %s %s
)rlrX)	rPrDrZrrEr�r�rr�rrrrm�	sH"
@2
(P4
4
D:zSELinuxGui.format_updatecCs`d}g}d}x.|jD]$}|j|ds0|j|�|d7}qW|j�x|D]}|j|�qJWdS)Nrr#r)r�r��reverser^)rPr[Zremove_listrDr�rrrrl�	s

zSELinuxGui.revert_datacGsN|j�tdk}|r$|jtd�n|jtd�|jj|�|jj|�dS)Nrr)r��ADVANCED_LABELrJr�r�rP)rP�labelr{�advancedrrrr@�	sz!SELinuxGui.reveal_advanced_systemcGsf|j�tdk}|r$|jtd�n|jtd�|jj|�|jj|�|jj|�|jj|�dS)Nrr)r�rsrJr_r�r`rarb)rPrtr{rurrrr�	szSELinuxGui.reveal_advancedcGsF|j�tdkr(|jtd�|j�n|jtd�|j|j�dS)Nrr)r��ADVANCED_SEARCH_LABELrJr'r�r))rPrtr{rrrr�
s

z)SELinuxGui.on_show_advanced_search_windowcCsJ|r&|jj|jtd��|jjd�n |jj|jtd��|jjd�dS)NzSystem Status: EnforcingTzSystem Status: Permissive)r�r`r�rr�rer�)rProrrrrb
s
zSELinuxGui.set_enforce_textcCs,|js
dS|jj|j��|j|j��dS)N)r�r�Z
setenforcer�rb)rPr�rrrr
szSELinuxGui.set_enforcecGs`|jj�}|dkrdSd|_|jj�|jj|�|jdkrH|j|�n|jdkr\|j|�dS)NF�Import�Export)	r��get_filenamer�r	rYrJr��
import_config�
export_config)rPr{rrrrr
s



zSELinuxGui.on_browse_selectcGsX|jj�}|jj�r0|jd�sT|jj|d�n$|jd�rT|jd�d}|jj|�dS)Nz(/.*)?r)rYr�r�r�r7rJrm)rPr{rSrrrr#
s



zSELinuxGui.recursive_pathcGs"|j�}|jr|jd�d|_dS)Nr#F)r�r�rJ)rPZ	entry_objr{Ztxtrrrr,
s
zSELinuxGui.highlight_entry_textcCs~|j�}|dkrdS|jd�r*|jjd�xNtjD]D}|j|�r2x4|jD]*}|djtj|�rH|j|j	|d�qHWq2WdS)Nr#z(/.*)?Tr)
r�r7r�rer�ZDEFAULT_DIRSr9r�r�r])rPrb�textr=r�rrrr2
s

z#SELinuxGui.autofill_add_files_entrycGs&|jjd�|_|jj�}|jj�}dS)Nr)r�Zget_colZboolean_column_1Z	get_widthZget_cell_renderers)rPr{�widthZrendererrrrr3>
s
zSELinuxGui.resize_columnscGs|jj�dS)N)r�r)rPr{rrrr&C
szSELinuxGui.browse_for_filescGs|jj�dS)N)r�r	)rPr{rrrr*F
szSELinuxGui.close_config_windowcGsl|j|jj�krdS|jtd��tjjkr<|jj|j�dS|j	j
|j|j��|j	jd�|jj�|_dS)Nz�Changing the policy type will cause a relabel of the entire file system on the next boot. Relabeling takes a long time depending on the size of the file system.  Do you wish to continue?T)
r�rPr�rhrrri�NOrer�r=r��relabel_on_boot)rPr{rrrr=I
sz SELinuxGui.change_default_policycCs4|js
dS|j|�|j�r0|jj|j�j��dS)N)r��enabled_changedr�r�r>rjr)rPr�rrrr>U
s

zSELinuxGui.change_default_modecGs0|jjtjj�|jjd�|jj�d|_dS)NzImport Configurationrw)r��
set_actionr�FileChooserActionZOPENr�rr�)rPr{rrrr9\
s
zSELinuxGui.import_config_showcGs0|jjtjj�|jjd�|jj�d|_dS)NzExport Configurationrx)r�r�rr�ZSAVEr�rr�)rPr{rrrr:c
s
zSELinuxGui.export_config_showcCs:|j�|jj�}t|d�}|j|�|j�|j�dS)N�w)rlr�r�r�rr�rn)rPrr�r�rrrr{i
s


zSELinuxGui.export_configcCsTt|d�}|j�}|j�|j�y|jj|�Wntk
rFYnX|j�dS)Nr)r�r�r�rlr�rBr_rn)rPrr�r�rrrrzq
s
zSELinuxGui.import_configcCsV|||f|kri||||f<||f||||fkrR|||	|
d�||||f||f<dS)N)r�r��changed�oldr)rPrVrQr�r4r�qr5r�r�r�rrr�init_dictionary|
szSELinuxGui.init_dictionarycCs*|jd�d}|dkrdS|dkr&dSdS)N�-r�0F�1T)rm)rPrrrr�translate_bool�
s
zSELinuxGui.translate_boolcGsx|jj�}tjjd�}|r"|r"dS|r2|r2dSy|jj|�Wn0tjjk
rr}z|j	|�WYdd}~XnXdS)Nz
/.autorelabel)
r�r�rcrSrdr�rr�r�r)rPr{r�rdrRrrrr?�
s
zSELinuxGui.relabel_on_rebootcGs
|j�|jjd�|jjd�|j|krV|j|j�|j|j	�t
d�krV|j	jd�|j|kr�|jrt|j|j�n|j
r�|j|j�|jj�s�|jj�r�|jjd�|jjd�|jjd�|jjd�|jjd�|jjd�|jj�tdk�r|jjtd�dS)NFTzMore...rr)r	r�rer�r�rNr�r[r�r]rr'r�r�r\r_Zget_visiblerar�r�r`r�rbr%r�rvrJ)rPr�r{rrrrC�
s,

zSELinuxGui.closewindowcCs|jj�j|j�|j�dS)N)r��
get_window�
set_cursorr�r)rPrrrrl�
szSELinuxGui.wait_mousecCs|jj�j|j�|j�dS)N)r�r�r�r�r)rPrrrrn�
szSELinuxGui.ready_mouser#cCsNtjddtjjtjj|�}|j|�|jtjj	�|j
�|j�}|j�|S)Nr)
r�
MessageDialog�MessageType�INFO�ButtonsTypeZYES_NOr��set_position�WindowPosition�MOUSE�show_all�run�destroy)rP�messagerg�dlgZrcrrrrh�
s
zSELinuxGui.verifycCsDtjddtjjtjj|�}|jtjj�|j	�|j
�|j�dS)Nr)rr�r�ZERRORr�ZCLOSEr�r�r�r�r�r�)rPr�r�rrrr�
szSELinuxGui.errorcCs�|j�sdS|j�}|dkrH|jtkrH|jtd��tjjkrH|j	j
d�|dkr||jtkr||jtd��tjjkr||j	j
d�||_	dS)Nria�Changing to SELinux disabled requires a reboot.  It is not recommended.  If you later decide to turn SELinux back on, the system will be required to relabel.  If you just want to see if SELinux is causing a problem on your system, you can go to permissive mode which will only log errors and not enforce SELinux policy.  Permissive mode does not require a reboot.  Do you wish to continue?Tz�Changing to SELinux enabled will cause a relabel of the entire file system on the next boot. Relabeling takes a long time depending on the size of the file system.  Do you wish to continue?)r�rjr�rrhrrrir~r�re)rPZradiortrrrr��
szSELinuxGui.enabled_changedcGs|jjd�|jjd�dS)Nr#F)r�rJr�re)rPr{rrrr!�
szSELinuxGui.clear_filterscGsB|js
dS|j�|jj�r*|jjd�n|jjd�|j�dS)Nzmodule -e unconfinedzmodule -d unconfined)r�rlr�r�r�rBrn)rPr{rrrr;�
s
zSELinuxGui.unconfined_togglecGsB|js
dS|j�|jj�r*|jjd�n|jjd�|j�dS)Nzmodule -e permissivedomainszmodule -d permissivedomains)r�rlr�r�r�rBrn)rPr{rrrr<�
s
zSELinuxGui.permissive_togglecGs:t|j�dkr.|jtd�td��tjjkr.dS|j�dS)Nra0You are attempting to close the application without applying your changes.
    *    To apply changes you have made during this session, click No and click Update.
    *    To leave the application without applying your changes, click Yes.  All changes that you have made during this session will be lost.zLoss of data DialogT)rr�rhrrrir~r�)rPr�r{rrrr�
szSELinuxGui.confirmation_closecGstjd�dS)Nr)�sys�exit)rPr{rrrr��
szSELinuxGui.quit)NF)T)r#)��__name__�
__module__�__qualname__rWr�r^rErqr rr�r�r1r2r0r
rr
rr�r�r�r�r�r�r�r�r�r�r�rrr/r.r�r4rNrDr�rrr�r�r�r
r�r
r�rr�rr�rr�rrBr%rtr(r5r�r'r7rr8r;r-r2r,r(r)rrrr.r/rr8rGrHrrIrLrArrrrrr6r�r_r�r`r�r-rrcrdrLrHr"rerKr#r$r%rxr0r,r+rkrprqrmrlr@rr�rbrrrrrr3r&r*r=r>r9r:r{rzr�r�r?rCrlrnrhrr�r!r;r<rr�rrrrr"ss*	@
	
	

B*

	})Y	5+

D	
A	

	


/		
	


r"�__main__)r	)AZgiZrequire_versionZ
gi.repositoryrrrZsepolicy.sedbusrr�r�r�rrrZsepolicy.networkZsepolicy.manpager�rcrZunicodedataZPROGNAME�gettext�kwargs�version_infoZinstall�builtinsr�__dict__�ImportErrorZ__builtin__r
r]r<r�rr�r�rZdistutils.sysconfigr�rsrvr�r�r�r�r�r�r�r�rsrur�ryr�r�r�r�r�r�rYrar"r�r�rrrr�<module>s�
	


Filemanager

DIR : / usr/ lib/ python3.6/ site-packages/ sepolicy/ __pycache__/
Name Type Size Permission Actions
__init__.cpython-36.opt-1.pyc File 30.88 KB 0644
__init__.cpython-36.pyc File 30.88 KB 0644
booleans.cpython-36.opt-1.pyc File 962 B 0644
booleans.cpython-36.pyc File 962 B 0644
communicate.cpython-36.opt-1.pyc File 1.17 KB 0644
communicate.cpython-36.pyc File 1.17 KB 0644
generate.cpython-36.opt-1.pyc File 42.62 KB 0644
generate.cpython-36.pyc File 42.62 KB 0644
gui.cpython-36.opt-1.pyc File 82.08 KB 0644
gui.cpython-36.pyc File 82.08 KB 0644
interface.cpython-36.opt-1.pyc File 5.77 KB 0644
interface.cpython-36.pyc File 5.77 KB 0644
manpage.cpython-36.opt-1.pyc File 34.85 KB 0644
manpage.cpython-36.pyc File 34.85 KB 0644
network.cpython-36.opt-1.pyc File 1.6 KB 0644
network.cpython-36.pyc File 1.6 KB 0644
sedbus.cpython-36.opt-1.pyc File 2.29 KB 0644
sedbus.cpython-36.pyc File 2.29 KB 0644
transition.cpython-36.opt-1.pyc File 2.9 KB 0644
transition.cpython-36.pyc File 2.9 KB 0644