diff options
author | Thierry Vignaud <tvignaud@mandriva.org> | 2002-12-13 11:24:37 +0000 |
---|---|---|
committer | Thierry Vignaud <tvignaud@mandriva.org> | 2002-12-13 11:24:37 +0000 |
commit | dd93296dc89b6c86f8da2aaa4faf5e7a2e152749 (patch) | |
tree | 022d62016bf81accfcace7894b0a9f79a58b3f86 /perl-install/standalone/draksec | |
parent | 965508792300527e469c3fe141593696f3efde4d (diff) | |
download | drakx-backup-do-not-use-dd93296dc89b6c86f8da2aaa4faf5e7a2e152749.tar drakx-backup-do-not-use-dd93296dc89b6c86f8da2aaa4faf5e7a2e152749.tar.gz drakx-backup-do-not-use-dd93296dc89b6c86f8da2aaa4faf5e7a2e152749.tar.bz2 drakx-backup-do-not-use-dd93296dc89b6c86f8da2aaa4faf5e7a2e152749.tar.xz drakx-backup-do-not-use-dd93296dc89b6c86f8da2aaa4faf5e7a2e152749.zip |
move draksec's gui into the standalone program,
nobody will uses it so it's useless to load drakx with it.
also use common cli options managment
Diffstat (limited to 'perl-install/standalone/draksec')
-rwxr-xr-x | perl-install/standalone/draksec | 243 |
1 files changed, 232 insertions, 11 deletions
diff --git a/perl-install/standalone/draksec b/perl-install/standalone/draksec index 3e98a56a3..ed5b2508e 100755 --- a/perl-install/standalone/draksec +++ b/perl-install/standalone/draksec @@ -18,19 +18,15 @@ # #***************************************************************************** -"@ARGV" =~ /-h/ and do { - printf STDERR "Usage: draksec [OPTION]... - --debug print debugging information -"; - exit 0; - }; - +use strict; use lib qw(/usr/lib/libDrakX); +use common; use standalone; -use strict; use vars qw($MODE %options); - -use security::main; +use ugtk2 qw(:helpers :wrappers :ask :create); +use run_program; +use security::level; +use security::msec; $MODE = 'basic'; $0 =~ /draksec-firewall$/ and $MODE = 'firewall'; @@ -38,4 +34,229 @@ $0 =~ /draksec-perms$/ and $MODE = 'perms'; /^-?-(\S+)$/ and $options{$1} = 1 foreach @ARGV; -security::main::draksec_main(); + +my $w; + +# factorize this with rpmdrake and harddrake2 +sub wait_msg { + my $mainw = ugtk2->new('wait', ( modal => 1, transient => $w->{rwindow})); + my $label = new Gtk2::Label($_[0]); + $mainw->{window}->add($label); + $mainw->{window}->show_all; + $mainw->{window}->realize; + $label->signal_connect(expose_event => sub { $mainw->{displayed} = 1 }); + $mainw->sync until $mainw->{displayed}; + $mainw->show; + gtkset_mousecursor_wait($mainw->{rwindow}->window); + $mainw->flush; + $mainw; +} + +sub remove_wait_msg { $_[0]->destroy } + +sub basic_seclevel_explanations { + my $text = new Gtk2::TextView; + $text->set_editable(0); + gtktext_insert($text, + formatAlaTeX(N("Standard: This is the standard security recommended for a computer that will be used to connect + to the Internet as a client. + +High: There are already some restrictions, and more automatic checks are run every night. + +Higher: The security is now high enough to use the system as a server which can accept + connections from many clients. If your machine is only a client on the Internet, you + should choose a lower level. + +Paranoid: This is similar to the previous level, but the system is entirely closed and security + features are at their maximum + +Security Administrator: + If the 'Security Alerts' option is set, security alerts will be sent to this user (username or + email)"))); + + gtkpack_(gtkshow(new Gtk2::HBox(0, 0)), 1, $text); +} + +sub basic_seclevel_option { + my ($seclevel_entry, $_msec) = @_; + my @sec_levels = security::level::get_common_list(); + my $current_level = security::level::get_string(); + + push(@sec_levels, $current_level) unless member($current_level, @sec_levels); + + $$seclevel_entry->entry->set_editable(0); + $$seclevel_entry->set_popdown_strings(@sec_levels); + $$seclevel_entry->entry->set_text($current_level); + + new Gtk2::Label(N("Security Level:")), $$seclevel_entry; +} + +sub new_editable_combo { + my $w = new Gtk2::Combo(); + $w->entry->set_editable(0); + $w; +} + +sub set_default_tip { + my ($entry, $default) = @_; + gtkset_tip(new Gtk2::Tooltips, $entry, N(" (default value: %s)", $default)); +} + +my $msec = new security::msec; +$w = ugtk2->new('draksec'); +my $window = $w->{window}; + +############################ MAIN WINDOW ################################### +# Set different options to Gtk2::Window +unless ($::isEmbedded) { +# $w->{rwindow}->set_policy(1, 1, 1); + $w->{rwindow}->set_position('center'); + $w->{rwindow}->set_title("DrakSec"); + $window->set_size_request(598, 590); +} + +# Connect the signals +$window->signal_connect('delete_event', sub { $window->destroy() }); +$window->signal_connect('destroy', sub { ugtk2->exit() }); + +$window->add(my $vbox = gtkshow(new Gtk2::VBox(0, 0))); + +# Create the notebook (for bookmarks at the top) +my $notebook = create_notebook(); +$notebook->set_tab_pos('top'); + +my $common_opts = { col_spacings => 10, row_spacings => 5 }; + +######################## BASIC OPTIONS PAGE ################################ +my $seclevel_entry = new Gtk2::Combo(); + +$notebook->append_page(gtkpack(new Gtk2::VBox(0, 0), + basic_seclevel_explanations($msec), + create_packtable($common_opts, + [ basic_seclevel_option(\$seclevel_entry, $msec) ], + [ new Gtk2::Label(N("Security Alerts:")), + my $secadmin_check = new Gtk2::CheckButton ], + [ new Gtk2::Label(N("Security Administrator:")), + my $secadmin_entry = new Gtk2::Entry ])), + new Gtk2::Label(N("Basic"))); + +$secadmin_entry->set_text($msec->get_check_value("MAIL_USER")); +$secadmin_check->set_active(1) if $msec->get_check_value("MAIL_WARN") eq "yes"; + +######################### NETWORK & SYSTEM OPTIONS ######################### +my @yesno_choices = qw(yes no default ignore); +my @alllocal_choices = qw(ALL LOCAL NONE default); +my @all_choices = (@yesno_choices, @alllocal_choices); +my %options_values; + +foreach ([ 'network', N("Network Options") ], [ 'system', N("System Options") ]) { + my ($domain, $label) = @$_; + my %values; + $notebook->append_page(gtkshow(create_scrolled_window(gtkpack(new Gtk2::VBox(0, 0), + new Gtk2::Label(N("The following options can be set to customize your\nsystem security. If you need explanations, click on Help.\n")), + create_packtable($common_opts, + map { + my $i = $_; + + my $entry; + my $default = $msec->get_function_default($i); + if (member($default, @all_choices)) { + $values{$i} = new_editable_combo(); + $entry = $values{$i}->entry; + if (member($default, @yesno_choices)) { + $values{$i}->set_popdown_strings(@yesno_choices); + } elsif (member($default, @alllocal_choices)) { + $values{$i}->set_popdown_strings(@alllocal_choices); + } + } else { + $values{$i} = new Gtk2::Entry(); + $entry = $values{$i}; + } + $entry->set_text($msec->get_function_value($i)); + set_default_tip($entry, $default); + [ new Gtk2::Label($i), $values{$i} ]; + } $msec->get_functions($domain))))), + new Gtk2::Label($label)); + $options_values{$domain} = \%values; +} + +######################## PERIODIC CHECKS ################################### +my %security_checks_value; + +$notebook->append_page(gtkshow(create_scrolled_window(gtkpack(new Gtk2::VBox(0, 0), + new Gtk2::Label(N("The following options can be set to customize your\nsystem security. If you need explanations, click on Help.\n")), + create_packtable($common_opts, + map { + unless (member(qw(MAIL_WARN MAIL_USER), $_)) { + my $i = $_; + $security_checks_value{$i} = new_editable_combo(); + my $entry = $security_checks_value{$i}->entry; + set_default_tip($entry, $msec->get_check_default); + $security_checks_value{$i}->set_popdown_strings(qw(yes no default)); + $entry->set_text($msec->get_check_value($i)); + [ gtkshow(new Gtk2::Label(translate($i))), $security_checks_value{$i} ]; + } else { undef } + } ($msec->get_default_checks))))), + new Gtk2::Label(N("Periodic Checks"))); + + +####################### OK CANCEL BUTTONS ################################## +my $bok = gtksignal_connect(new Gtk2::Button(N("Ok")), + 'clicked' => sub { + my $seclevel_value = $seclevel_entry->entry->get_text(); + my $secadmin_check_value = $secadmin_check->get_active(); + my $secadmin_value = $secadmin_entry->get_text(); + my $w; + + standalone::explanations("Configuring msec"); + + if ($seclevel_value ne security::level::get_string()) { + $w = wait_msg(N("Please wait, setting security level...")); + standalone::explanations("Setting security level"); + security::level::set($seclevel_value); + remove_wait_msg($w); + } + + $w = wait_msg(N("Please wait, setting security options...")); + standalone::explanations("Setting security administrator option"); + $msec->config_check('MAIL_WARN', $secadmin_check_value == 1 ? 'yes' : 'no'); + + if ($secadmin_value ne $msec->get_check_value('MAIL_USER') && $secadmin_check_value) { + standalone::explanations("Setting security administrator contact"); + $msec->config_check('MAIL_USER', $secadmin_value); + } + + standalone::explanations("Setting security periodic checks"); + foreach my $key (keys %security_checks_value) { + if ($security_checks_value{$key}->entry->get_text() ne $msec->get_check_value($key)) { + $msec->config_check($key, $security_checks_value{$key}->entry->get_text()); + } + } + + foreach my $domain (keys %options_values) { + standalone::explanations("Setting msec functions related to $domain"); + foreach my $key (keys %{$options_values{$domain}}) { + my $opt = $options_values{$domain}{$key}; + $msec->config_function($key, $opt =~ /Combo/ ? $opt->entry->get_text() : $opt->get_text()); + } + } + standalone::explanations("Applying msec changes"); + run_program::rooted($::prefix, "/usr/sbin/msec"); + + remove_wait_msg($w); + + ugtk2->exit(0); + }); + +my $bcancel = gtksignal_connect(new Gtk2::Button(N("Cancel")), + 'clicked' => sub { ugtk2->exit(0) }); +gtkpack_($vbox, + 1, gtkshow($notebook), + 0, gtkadd(gtkadd(gtkshow(new Gtk2::HBox(0, 0)), + $bok), + $bcancel)); +$bcancel->can_default(1); +$bcancel->grab_default(); + +$w->main; +ugtk2->exit(0); |