summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorEugeni Dodonov <eugeni@mandriva.org>2010-05-25 12:20:14 +0000
committerEugeni Dodonov <eugeni@mandriva.org>2010-05-25 12:20:14 +0000
commit1b5f9e9c6a91578f675754aca0379cc30e5e7854 (patch)
tree2ed4c3d2212fb1c20de56e53a7cc46126973c6ba
parentb2e1f686a08bb9e4a89546a5217c3be7f6f11a0b (diff)
downloaddrakguard-1b5f9e9c6a91578f675754aca0379cc30e5e7854.tar
drakguard-1b5f9e9c6a91578f675754aca0379cc30e5e7854.tar.gz
drakguard-1b5f9e9c6a91578f675754aca0379cc30e5e7854.tar.bz2
drakguard-1b5f9e9c6a91578f675754aca0379cc30e5e7854.tar.xz
drakguard-1b5f9e9c6a91578f675754aca0379cc30e5e7854.zip
Properly check if ACL support is enabled.
-rwxr-xr-xbin/drakguard34
1 files changed, 30 insertions, 4 deletions
diff --git a/bin/drakguard b/bin/drakguard
index 7874d87..8d987a8 100755
--- a/bin/drakguard
+++ b/bin/drakguard
@@ -24,6 +24,7 @@ my $dansguardian_exceptionsitelist = "/etc/dansguardian/lists/exceptionsitelist"
my $dansguardian_protected_program_list = "/etc/dansguardian/lists/blacklists/drakguard/protected_list";
my $msec_conf = "/etc/security/msec/perms.conf";
my $perms_orig = "/etc/security/msec/perms.orig";
+my $fstab_file = "/etc/fstab";
my %dansguardian_levels = (
160 => N_("Low"),
100 => N_("Normal"),
@@ -61,7 +62,8 @@ my %dansguardian_langs = (
my $blacklist_url_file = "/etc/dansguardian/lists/blacklists/drakguard/urls";
my $whitelist_url_file = "/etc/dansguardian/lists/whitelists/drakguard/urls";
-my ($enable, $level, $time_control, $time_start_h, $time_start_m, $time_stop_h, $time_stop_m, $allow_time_change, $net_control, $not_net_control, $program_control, $net_control_state, $program_control_state);
+my ($enable, $level, $time_control, $time_start_h, $time_start_m, $time_stop_h, $time_stop_m, $allow_time_change, $net_control, $not_net_control, $program_control, $net_control_state, $program_control_state, $acl_state);
+my ($acl_active);
my $shorewall = network::shorewall::read();
my $proxy_port = 3128;
my $proxy_user = 'squid';
@@ -120,6 +122,7 @@ sub update_time_change() {
gtkval_modify(\$net_control_state, $enable && $net_control);
gtkval_modify(\$not_net_control, $enable && !$net_control);
gtkval_modify(\$program_control_state, $enable && $program_control);
+ gtkval_modify(\$acl_state, $enable && $acl_active);
}
sub update_network_change() {
@@ -213,17 +216,17 @@ gtkadd($w->{window},
(
gtknew('Label', if_($url_list->{tab_title} eq N("Whitelist"), sensitive_ref => \$net_control_state),
if_($url_list->{tab_title} eq N("Blacklist"), sensitive_ref => \$not_net_control),
- if_($url_list->{tab_title} eq N("Block programs"), sensitive_ref => \$enable), text => $url_list->{tab_title}),
+ if_($url_list->{tab_title} eq N("Block programs"), sensitive_ref => \$acl_state), text => $url_list->{tab_title}),
gtknew('VBox', if_($url_list->{tab_title} eq N("Whitelist"), sensitive_ref => \$net_control_state),
if_($url_list->{tab_title} eq N("Blacklist"), sensitive_ref => \$not_net_control), spacing => 5, children => [
0, gtknew('HBox', children_tight => [
if_($url_list->{tab_title} eq N("Block programs"),gtknew('CheckButton', text => N("Block defined applications"),
- sensitive_ref => \$enable, active_ref => \$program_control, toggled => \&update_program_state)),
+ sensitive_ref => \$acl_state, active_ref => \$program_control, toggled => \&update_program_state)),
]),
0, gtknew('HBox', if_($url_list->{tab_title} eq N("Block programs"), sensitive_ref => \$program_control_state), border_width => 5, spacing => 5, children_loose => [
$entry = gtknew('Entry'),
if_($url_list->{tab_title} eq N("Block programs"), gtknew('Button', text => N("..."), clicked => sub {
- $entry->set_text($in->ask_file(N("Please select the program you want to control"), "/var/lib/caixamagica/programas"));
+ $entry->set_text($in->ask_file(N("Please select the program you want to control"), "/usr/bin"));
})),
0, gtknew('Button', text => N("Add"), clicked => sub {
my $text = $entry->get_text;
@@ -291,6 +294,29 @@ gtkadd($w->{window},
);
$w->show;
+if ( (grep {$_ && !/acl/} chomp_(cat_($fstab_file)) && grep {$_ && m/ext/} chomp_(cat_($fstab_file)))) {
+ $acl_active = 1;
+ $in->ask_yesorno(N("Warning"), N("The support for Access Control Lists must be enabled in order to use the Block programs feature.\nDo you want to enable it now?", $acl_active = 1)) or $acl_active = 0;
+ if ($acl_active) {
+ my @ext_lines = grep {$_ && m/ext/} chomp_(cat_($fstab_file));
+ foreach my $line (@ext_lines){
+ my ($id, $directory, $flag, $number) = $line=~ /^(.+)\s(.+)\s(ext(\w)\s(\w*))\s(.*)/ or next;
+ $line =~ s/ext(\w)\s(\w*)\s/$flag,acl /g;
+ subst_config_line($fstab_file,"$line\n"); #adds ,acl in the fstab file in the first run
+ # remount filesystem with acl parameter
+ }
+ $acl_active = 0;
+ $in->ask_warn(N("Warning"), N("The support for Access Control Lists was enabled.") . N("It is necessary to restart your computer to activate it."));
+ }
+}
+else {
+ my @mount = `mount`;
+ if (grep (/,acl/, @mount)) {
+ $acl_active = 1;
+ } else {
+ $in->ask_warn(N("Warning"), N("The support for Access Control Lists, required by the Block programs feature, is enabled, but not yet activated.") . N("It is necessary to restart your computer to activate it."), $acl_active = 0);}
+}
+update_time_change;
Gtk2->main;
$w->exit(0);