From 7f4bd986c2191a46407cfa77dd4908b4e62677af Mon Sep 17 00:00:00 2001 From: Eugeni Dodonov Date: Fri, 2 Oct 2009 14:43:46 +0000 Subject: support saving current settings as a new security level --- src/msec/msec.py | 17 ++++++++++++++++- src/msec/msecperms.py | 15 ++++++++++++++- 2 files changed, 30 insertions(+), 2 deletions(-) diff --git a/src/msec/msec.py b/src/msec/msec.py index 17cd4f1..0bb43a6 100755 --- a/src/msec/msec.py +++ b/src/msec/msec.py @@ -53,6 +53,7 @@ Arguments to msec: will perform. -r, --root path to use as root -q, --quiet run quietly + -s, --save save current configuration as a new security level """ % version # }}} @@ -63,10 +64,11 @@ if __name__ == "__main__": commit = True root = '' quiet = False + save = False # parse command line try: - opt, args = getopt.getopt(sys.argv[1:], 'hl:f:dpr:q', ['help', 'list=', 'force=', 'debug', 'pretend', 'root=', 'quiet']) + opt, args = getopt.getopt(sys.argv[1:], 'hl:f:dpr:qs:', ['help', 'list=', 'force=', 'debug', 'pretend', 'root=', 'quiet', 'save=']) except getopt.error: usage() sys.exit(1) @@ -91,6 +93,10 @@ if __name__ == "__main__": elif o[0] == '-f' or o[0] == '--force': level = o[1] force_level = True + # save as new security level + elif o[0] == '-s' or o[0] == '--save': + level = o[1] + save = True # custom root elif o[0] == '-r' or o[0] == '--root': root = o[1] @@ -138,6 +144,15 @@ if __name__ == "__main__": else: msec_config.load() + # saving current setting as new level + if save: + newlevel = config.MsecConfig(log, config=config.SECURITY_LEVEL % (root, level)) + newlevel.merge(msec_config) + # update new level name + newlevel.set("BASE_LEVEL", level) + newlevel.save() + sys.exit(0) + # load the msec library msec = MSEC(log, root=root) diff --git a/src/msec/msecperms.py b/src/msec/msecperms.py index 1c639f4..cdb9b0e 100755 --- a/src/msec/msecperms.py +++ b/src/msec/msecperms.py @@ -65,6 +65,7 @@ Available parameters: will perform. -r, --root path to use as root -q, --quiet run quietly + -s, --save save current configuration as a new security level """ % (version, config.PERMCONF, config.PERMCONF) # }}} @@ -76,10 +77,11 @@ if __name__ == "__main__": enforce = False quiet = False root = '' + save = False # parse command line try: - opt, args = getopt.getopt(sys.argv[1:], 'hel:f:dpr:q', ['help', 'enforce', 'list=', 'force=', 'debug', 'pretend', 'root=', 'quiet']) + opt, args = getopt.getopt(sys.argv[1:], 'hel:f:dpr:qs:', ['help', 'enforce', 'list=', 'force=', 'debug', 'pretend', 'root=', 'quiet', 'save=']) except getopt.error: usage() sys.exit(1) @@ -107,6 +109,10 @@ if __name__ == "__main__": elif o[0] == '-f' or o[0] == '--force': level = o[1] force_level = True + # save as new security level + elif o[0] == '-s' or o[0] == '--save': + level = o[1] + save = True # debugging elif o[0] == '-d' or o[0] == '--debug': log_level = logging.DEBUG @@ -156,6 +162,13 @@ if __name__ == "__main__": else: permconf.load() + # saving current setting as new level + if save: + newlevel = config.MsecConfig(log, config=config.SECURITY_LEVEL % (root, level)) + newlevel.merge(permconf) + newlevel.save() + sys.exit(0) + # load the main permission class perm = PERMS(log, root=root) -- cgit v1.2.1