| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- fix "check states were not saved if their value did not change (thus
reverting it to default on disk)"
- fix emebedding (no transcience when embedded)
- fix "value get chop()-ed until it disapear and is reset to default"
- log which security level is set and not only the switch
killing latest remanent parts of christian "yeah baby, i'm piggy"
work:
- functions and checks listing :
o rename get_functions() as list_functions() and
get_default_checks() as list_checks(); this is both
more homogenous and enable one to separate them from the
get_(check|function)_(value|default) function group
o regroup them
o over simplify list_functions(): leave functions listing to msec
(aka /usr/share/msec/level.<LEVEL>, assuming share/msec.py is
always up to date, just don't care reparsing python code (this is
plain stupid); if we cannot rely on msec, on who could we :-) ?
o this allow to simplify msec gui so that we do not exclude stuff
already excluded
- remove config_check(), config_funtion(): replace them by:
o set_check() and set_function() to store new values in data
structure
o apply_checks() and apply_functions() to save these new values,
thus writing config files once and not twice the functions &
checks count
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- remove unused variables
- rename get_(default|value as load_(default|value)s and alter them so
that config file are read only one time instead of one per option;
data is stocked in package variable
- thus get_default_checks() is quite a lot faster
- alter get_(check|function)_(value|default) to use new data structure
- fix check default reading
- group default values reading and current values reading
what's left: do the same thing for writing tomorow
|
|
|
|
|
| |
- use formatAlaTeX() to have nicer tooltips
|
|
|
|
|
|
|
| |
msec to here so that draksec help'll get translated
all changes must be done in soft/msec/share/libmsec.py !!!
|
| |
|
| |
|
| |
|
|
|
|
|
|
| |
- move any::config_security_user() to security::various::config_security_user()
- move any::config_libsafe() and security::libsafe::config_libsafe() to security::various::config_libsafe()
|
|
|
|
|
|
| |
nobody will uses it so it's useless to load drakx with it.
also use common cli options managment
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
| |
- no need to maintain dummy documentation about something which is
called only in one place
- simplify
|
| |
|
| |
|
| |
|
|
|
|
|
| |
- perl_checker fixes
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
merge any::get_secure_level() with
secure::msec::get_secure_level()
- move security level functions from secure::msec
to secure::level
- uses secure::level in install_steps
- fix duplication of security level labels
- draksec: use same strings in drakx, got nice
translations
- get_default_checks(): make it more readable
|
|
|
|
|
| |
put one that really works
|
| |
|
|
|
|
|
|
|
|
|
|
| |
- kill useless show_msec_help()
- kill commented remanant code of help buttons
- add tooltip with default values on combos & entries
- log about security administrator changes only when we do some
- factorize some code into new_editable_combo() and
set_default_tip()
|
|
|
|
|
| |
- perl_checker fixes
|
|
|
|
|
|
| |
- clean code
- simplify config_function()
|
| |
|
| |
|
|
|
|
|
| |
- remove unneeded parentheses for things like ... if (...)
|
| |
|
|
|
|
|
| |
- use "for" instead of "foreach" when used a la C
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
rationale:
- currently, we use _("xxx") as a shorthand for gettext("xxx"). It
also used to call xgettext with --keyword=_
- alas, function &_ is global and not by package (notice esp. that _
is not exported in common.pm)
- this lead to big ugly pb with packages defining their own &_,
overriding common.pm's &_
- a fix is to set @::textdomains to add a new domain (the default
being "libDrakX")
but relying on the global "_" is still dangerous!
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
| |
anyway nobody uses that one
|
|
|
|
|
|
|
|
| |
get_seclevel_list()
- use them in get_default()
- get_value() : don't assume a space between "function_name" and
"(parameters)"
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- security::msec :
o consolidate get_function_value() and get_value into get_value()
o really apply changes, aka save them :
* config_check() : use substInFile and setVarsInSh
* config_function() : use substInFile and append_to_file
* kill stupid and bogus config_option()
o don't overwrite previous changes, aka reread them :
* fix checks and functions current value loading
* fix checks and functions default loading
- security::main :
o simplify ui creation, make it more readable
o kill offuscating basic_secadmin_check(), basic_secadmin_entry(),
network_generate_page(), system_generate_page() and checks_generate_page()
o increase default height because of stupid "add_with_viewport" in
ugtk::createScrolledWindow
o consolidate network and system functions managment, they're all the same for
msec, splitting is only a draksec "feature"; all go in %options_values
- draksec :
o let standalone module configure standalone mode
o security::main already take care of initializing gtk
o security::main already take care of exiting
o don't play with embedded mode special variables
it overall looks better but big cleanups're still possible for mdk9.1
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
o config_check: use MDK::Common to set option rather
than overwriting config file
o remove all stupid prefix that just ofuscate code
whereas it's always set to '',
$::prefix will be a lot better
o s/shift @_/shift/
o kill config_option()
o simplify get_default()
o get_secure_level() : replace if cascade by an array
o set_secure_level() :
* replace if cascade by an hash
* default to runlevel 3 if undefined
o get_functions() : simplify by merging code paths
- security::main :
o security::libsafe is unneeded
o don't pass useless prefix
o begin to read default values
|
|
|
|
|
|
|
|
| |
than overwriting config file
- remove all stupid prefix that just ofuscate code
whereas it's always set to '',
$::prefix will be a lot better
|
|
|
|
|
|
|
|
|
|
| |
- no ignore choice for periodic checks
- save functions in /etc/security/msec/level.local
and not security.conf
- "from mseclib import" is useless
- fix functions saving (an object method invocation
takes class name as argument)
|
| |
|
| |
|