• R/O
  • HTTP
  • SSH
  • HTTPS

origin: Commit

gpet(Gui Policy Editor for TOMOYO Linux) repository


Commit MetaInfo

Revisioncede13ae87d425a15cf76fc4a748928097443fc4 (tree)
Zeit2011-09-22 23:07:52
Autoryocto <yocto@user...>
Commiteryocto

Log Message

Automatic registration of manager policy.

/proc/ccs/manager に未登録の場合、ダイアログを表示し
/proc/ccs/manager と /etc/ccs/manager.conf に登録する機能を追加

Ändern Zusammenfassung

Diff

--- a/po/ja.po
+++ b/po/ja.po
@@ -8,8 +8,8 @@ msgid ""
88 msgstr ""
99 "Project-Id-Version: 0.1\n"
1010 "Report-Msgid-Bugs-To: \n"
11-"POT-Creation-Date: 2011-09-09 20:43+0900\n"
12-"PO-Revision-Date: 2011-09-09 20:43+0900\n"
11+"POT-Creation-Date: 2011-09-17 13:09+0900\n"
12+"PO-Revision-Date: 2011-09-17 13:09+0900\n"
1313 "Last-Translator: Yoshihiro Kusuno <yocto@users.sourceforge.jp>\n"
1414 "Language-Team: Japanese < >\n"
1515 "Language: \n"
@@ -41,20 +41,20 @@ msgstr "マネージャ 一覧"
4141 msgid "Domain Policy Editor"
4242 msgstr "ドメインポリシーエディタ"
4343
44-#: ../src/gpet.c:1494 ../src/gpet.c:1519
44+#: ../src/gpet.c:1497 ../src/gpet.c:1522
4545 msgid "gpet"
4646 msgstr "gpet"
4747
4848 #. create tab
49-#: ../src/gpet.c:1644 ../src/menu.c:473
49+#: ../src/gpet.c:1647 ../src/menu.c:473
5050 msgid "Domain Transition"
5151 msgstr "ドメイン遷移 一覧"
5252
53-#: ../src/gpet.c:1645
53+#: ../src/gpet.c:1648
5454 msgid "Exception Policy"
5555 msgstr "例外ポリシー 一覧"
5656
57-#: ../src/gpet.c:1646
57+#: ../src/gpet.c:1649
5858 msgid "Profile"
5959 msgstr "プロファイル 一覧"
6060
@@ -292,33 +292,54 @@ msgstr "クスノ"
292292 msgid "Edit the selected line"
293293 msgstr "選択した行を修正します。"
294294
295-#: ../src/other.c:228
295+#: ../src/other.c:238
296296 msgid "File Selection Dialog"
297297 msgstr "ファイルの選択"
298298
299-#: ../src/other.c:278
299+#: ../src/other.c:288
300300 msgid "Manager Add"
301301 msgstr "マネージャを追加します。"
302302
303-#: ../src/other.c:358
303+#: ../src/other.c:368
304304 #, c-format
305305 msgid "Delete the %d selected managers?"
306306 msgstr "選択した %d行のマネージャ登録を削除します。"
307307
308-#: ../src/other.c:359
308+#: ../src/other.c:369
309309 #, c-format
310310 msgid "Delete the selected manager?"
311311 msgstr "選択したマネージャ登録を削除します。"
312312
313-#: ../src/other.c:598
313+#: ../src/other.c:457
314+msgid "<b>Add manager policy</b>"
315+msgstr "<b>マネージャポリシーに追加</b>"
316+
317+#: ../src/other.c:476
318+#, c-format
319+msgid ""
320+"<span foreground='red' size='x-large'>Not yet registered</span>\n"
321+"\n"
322+"<b> Add %s to %s ? </b>\n"
323+msgstr ""
324+"<span foreground='red' size='x-large'>マネージャポリシーに登録されていません"
325+"</span>\n"
326+"\n"
327+"<b> %s を %s に追加しますか? </b>\n"
328+
329+#: ../src/other.c:482
330+#, c-format
331+msgid " Add %s%s "
332+msgstr " %s%s にも追加 "
333+
334+#: ../src/other.c:725
314335 msgid " "
315336 msgstr " "
316337
317-#: ../src/other.c:605
338+#: ../src/other.c:732
318339 msgid "Now (bytes)"
319340 msgstr "使用量(バイト)"
320341
321-#: ../src/other.c:615
342+#: ../src/other.c:742
322343 msgid "Quota (bytes)"
323344 msgstr "最大 (バイト)"
324345
--- a/src/gpet.c
+++ b/src/gpet.c
@@ -1466,7 +1466,7 @@ static void cb_show_acl(GtkWidget *view, transition_t *tran)
14661466 DEBUG_PRINT("Show ACL!!(%p)==(%p)\n", tran->acl.listview, view);
14671467 }
14681468 /*---------------------------------------------------------------------------*/
1469-int gpet_main(void)
1469+int gpet_main(char *path)
14701470 {
14711471 GtkWidget *window;
14721472 GtkWidget *menubar, *toolbar = NULL;
@@ -1484,6 +1484,9 @@ int gpet_main(void)
14841484 struct ccs_domain_policy3 dp = { NULL, 0, NULL };
14851485 transition_t transition;
14861486
1487+ if (check_manager_policy(path))
1488+ return 1;
1489+
14871490 transition.task_flag = 0;
14881491 if (get_domain_policy(&dp, &(transition.domain_count)))
14891492 return 1;
--- a/src/gpet.h
+++ b/src/gpet.h
@@ -84,6 +84,7 @@ typedef struct _transition_t {
8484 #endif
8585
8686
87+#define CCS_DISK_DIR is_ccs() ? "/etc/ccs/" : "/etc/tomoyo/"
8788 #define CCS_DISK_POLICY_DIR "/policy/current/"
8889 #define CCS_DISK_POLICY_DOMAIN_POLICY "domain_policy.conf"
8990 #define CCS_DISK_POLICY_EXCEPTION_POLICY "exception_policy.conf"
@@ -161,7 +162,7 @@ gint delete_acl(transition_t *transition,
161162 gint delete_exp(transition_t *transition,
162163 GtkTreeSelection *selection, gint count);
163164 gchar *disp_window_title(enum ccs_screen_type current_page);
164-int gpet_main(void);
165+int gpet_main(char *argv);
165166
166167 // menu.c
167168 GtkWidget *create_menu(GtkWidget *parent, transition_t *transition,
@@ -181,6 +182,7 @@ void write_config(transition_t *tran);
181182 // other.c
182183 gboolean namespace_main(transition_t *transition);
183184 void manager_main(transition_t *transition);
185+gboolean check_manager_policy(char *real_path);
184186 void memory_main(transition_t *transition);
185187
186188 // process.c
--- a/src/interface.inc
+++ b/src/interface.inc
@@ -607,8 +607,7 @@ void put_ns_name(const char *namespace)
607607 static _Bool gpet_is_ccs_flag;
608608 static void set_ccs_flag(void)
609609 {
610-// if (!is_offline() && !is_network())
611- gpet_is_ccs_flag = chdir(TOMOYO_PROC_POLICY_DIR) ? true : false;
610+ gpet_is_ccs_flag = chdir(TOMOYO_PROC_POLICY_DIR) ? true : false;
612611 }
613612
614613 _Bool is_ccs(void)
--- a/src/other.c
+++ b/src/other.c
@@ -34,7 +34,7 @@
3434
3535 typedef struct _other_t {
3636 GtkWidget *dialog;
37- GtkActionGroup *actions;
37+ GtkActionGroup *actions;
3838 GtkWidget *popup;
3939 generic_list_t manager;
4040 generic_list_t memory;
@@ -70,10 +70,20 @@ static const gchar *ui_info =
7070 " </popup>"
7171 "</ui>";
7272
73+
74+static void clear_generic_list(generic_list_t *gen)
75+{
76+ gint i;
77+ for(i = 0; i < gen->count; i++){
78+ free((void *)gen->list[i].operand);
79+ }
80+ gen->count = 0;
81+}
82+
7383 static GtkWidget *create_dialog_menu(GtkWidget *parent, other_t *data)
7484 {
7585 GtkUIManager *ui;
76- GtkActionGroup *actions;
86+ GtkActionGroup *actions;
7787 GtkWidget *toolbar;
7888 GError *error = NULL;
7989
@@ -118,7 +128,7 @@ static GtkWidget *create_list_manager(void)
118128 {
119129 GtkWidget *treeview;
120130 GtkListStore *liststore;
121- GtkCellRenderer *renderer;
131+ GtkCellRenderer *renderer;
122132 GtkTreeViewColumn *column;
123133
124134 liststore = gtk_list_store_new(N_COLUMNS_LIST,
@@ -426,12 +436,165 @@ void manager_main(transition_t *transition)
426436 DEBUG_PRINT("Another response was recieved.\n");
427437 }
428438 gtk_widget_destroy(dialog);
439+ clear_generic_list(&(data.manager));
429440
430441 if (transition->acl_detached &&
431442 transition->current_page == CCS_SCREEN_ACL_LIST)
432443 transition->current_page = CCS_SCREEN_DOMAIN_LIST;
433444 }
434445 /*-------+---------+---------+---------+---------+---------+---------+--------*/
446+static void cb_toggled_conf_file(GtkToggleButton *widget, gboolean *conf_file)
447+{
448+ *conf_file = gtk_toggle_button_get_active(widget);
449+}
450+static gint warning_dialog(char *real_path, gboolean *conf_file)
451+{
452+ GtkWidget *dialog;
453+ GtkWidget *vbox;
454+ GtkWidget *label;
455+ GtkWidget *conf;
456+ gchar *markup, *str;
457+ gchar *message = _("<b>Add manager policy</b>");
458+ gint result;
459+
460+ dialog = gtk_dialog_new_with_buttons("Warning",
461+ NULL,
462+ GTK_DIALOG_MODAL,
463+ GTK_STOCK_QUIT, GTK_RESPONSE_REJECT,
464+ GTK_STOCK_CANCEL, GTK_RESPONSE_CANCEL,
465+ GTK_STOCK_APPLY, GTK_RESPONSE_APPLY,
466+ NULL);
467+
468+ vbox = gtk_vbox_new(FALSE, 5);
469+ gtk_container_add(
470+ GTK_CONTAINER(GTK_DIALOG(dialog)->vbox), vbox);
471+
472+ label = gtk_label_new(message);
473+ gtk_box_pack_start(GTK_BOX(vbox), label, TRUE, TRUE, 0);
474+
475+ markup = g_markup_printf_escaped(
476+ _("<span foreground='red' size='x-large'>Not yet registered</span>\n\n"
477+ "<b> Add %s to %s ? </b>\n"),
478+ real_path, CCS_PROC_POLICY_MANAGER);
479+ gtk_label_set_markup(GTK_LABEL(label), markup);
480+ g_free(markup);
481+
482+ str = g_strdup_printf(_(" Add %s%s "),
483+ CCS_DISK_DIR, CCS_DISK_POLICY_MANAGER);
484+ conf = gtk_check_button_new_with_mnemonic(str);
485+ g_free(str);
486+ gtk_box_pack_start(GTK_BOX(vbox), conf, FALSE, FALSE, 1);
487+ gtk_toggle_button_set_active(GTK_TOGGLE_BUTTON(conf), *conf_file);
488+ g_signal_connect(G_OBJECT(conf), "toggled",
489+ G_CALLBACK(cb_toggled_conf_file), conf_file);
490+
491+ gtk_container_set_border_width(GTK_CONTAINER(dialog), 5);
492+// gtk_dialog_set_default_response(GTK_DIALOG(dialog), GTK_RESPONSE_APPLY);
493+ gtk_widget_show_all(dialog);
494+ result = gtk_dialog_run(GTK_DIALOG(dialog));
495+ gtk_widget_destroy(dialog);
496+
497+ return result;
498+}
499+
500+static void put_manager_conf(char *real_path)
501+{
502+ gchar *conf_file;
503+ gboolean ret = TRUE;
504+ FILE *fp;
505+ char *line = NULL;
506+ size_t len = 0;
507+ size_t real_len = strlen(real_path);
508+
509+ conf_file = g_strdup_printf("%s%s",
510+ CCS_DISK_DIR, CCS_DISK_POLICY_MANAGER);
511+
512+ if ((fp = fopen(conf_file, "r+")) != NULL) {
513+ while (getline(&line, &len, fp) != -1) {
514+ DEBUG_PRINT("[%s]\n", line);
515+ if (strncmp(real_path, line, real_len) == 0) {
516+ ret = FALSE;
517+ break;
518+ }
519+ }
520+ free(line);
521+ if (ret) {
522+ DEBUG_PRINT("fputs[%s]\n", conf_file);
523+ fprintf(fp, "%s\n", real_path);
524+ }
525+ fclose(fp);
526+ } else {
527+ g_error("%s\n", strerror(errno));
528+ }
529+ g_free(conf_file);
530+}
531+
532+static gboolean put_manager_policy(char *real_path)
533+{
534+ gboolean ret = FALSE, conf_file = TRUE;
535+ gchar *cmd;
536+ gint result;
537+
538+ switch (warning_dialog(real_path, &conf_file)) {
539+ case GTK_RESPONSE_REJECT :
540+ ret = TRUE;
541+ break;
542+ case GTK_RESPONSE_CANCEL :
543+ break;
544+ case GTK_RESPONSE_APPLY :
545+ cmd = g_strdup_printf(
546+ "echo '%s' | /usr/sbin/%s-loadpolicy -m",
547+ real_path, is_ccs() ? "ccs" : "tomoyo");
548+ result = system(cmd);
549+ if (result) {
550+ g_error("system %d\n", result);
551+ }
552+ g_free(cmd);
553+
554+ if (conf_file) {
555+ put_manager_conf(real_path);
556+ }
557+ break;
558+ }
559+
560+ return ret;
561+}
562+
563+gboolean check_manager_policy(char *real_path)
564+{
565+ generic_list_t manager;
566+ gint i;
567+ gboolean ret = TRUE;
568+
569+ if (is_offline() || is_network())
570+ return FALSE;
571+
572+ DEBUG_PRINT("path[%s]\n", real_path);
573+ if (!real_path)
574+ return ret;
575+
576+ manager.count = 0;
577+ manager.list = NULL;
578+ get_manager(&(manager.list), &(manager.count));
579+ DEBUG_PRINT("manager.count[%d]\n", manager.count);
580+ // search own
581+ for(i = 0; i < manager.count; i++){
582+ if (strcmp(real_path, manager.list[i].operand) == 0) {
583+ ret = FALSE;
584+ break;
585+ }
586+ }
587+
588+ if (ret) {
589+ ret = put_manager_policy(real_path);
590+ }
591+
592+ free(real_path);
593+ clear_generic_list(&manager);
594+ return ret;
595+}
596+
597+/*-------+---------+---------+---------+---------+---------+---------+--------*/
435598 static void cnv_local_time(gchar *date, gchar *time)
436599 {
437600 struct tm t, *lt;
@@ -717,6 +880,7 @@ retry_memory:
717880 DEBUG_PRINT("Another response was recieved.\n");
718881 }
719882 gtk_widget_destroy(dialog);
883+ clear_generic_list(&(data.memory));
720884
721885 if (transition->acl_detached &&
722886 transition->current_page == CCS_SCREEN_ACL_LIST)
--- a/src/usr_sbin/editpolicy.c
+++ b/src/usr_sbin/editpolicy.c
@@ -3564,12 +3564,16 @@ static void ccs_save_offline(void)
35643564
35653565 #ifdef __GPET /* gpet */
35663566 static void set_ccs_flag(void);
3567-int gpet_main(void);
3567+int gpet_main(char *argv);
35683568 int ccs_main(int argc, char *argv[])
3569+{
3570+ char *real_path = realpath(argv[0], NULL);
3571+ if (!real_path)
3572+ fprintf(stderr, "[%s]: %s\n", argv[0], strerror(errno));
35693573 #else
35703574 int main(int argc, char *argv[])
3571-#endif /* gpet */
35723575 {
3576+#endif /* gpet */
35733577 ccs_parse_args(argc, argv);
35743578 #ifdef __GPET /* gpet */
35753579 set_ccs_flag();
@@ -3588,7 +3592,7 @@ int main(int argc, char *argv[])
35883592 ccs_load_readwrite();
35893593 start:
35903594 #ifdef __GPET
3591- if (gpet_main())
3595+ if (gpet_main(real_path))
35923596 return 1;
35933597 #else
35943598 initscr();
Show on old repository browser