aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorEugeni Dodonov <eugeni@mandriva.org>2009-10-02 14:43:46 +0000
committerEugeni Dodonov <eugeni@mandriva.org>2009-10-02 14:43:46 +0000
commit7f4bd986c2191a46407cfa77dd4908b4e62677af (patch)
treed8f6e397ef258e2b20d7a97a8d263ce5e69c3a21
parent571a81c265bc55943b5e70ceaf7f070fa3356c5d (diff)
downloadmsec-7f4bd986c2191a46407cfa77dd4908b4e62677af.tar
msec-7f4bd986c2191a46407cfa77dd4908b4e62677af.tar.gz
msec-7f4bd986c2191a46407cfa77dd4908b4e62677af.tar.bz2
msec-7f4bd986c2191a46407cfa77dd4908b4e62677af.tar.xz
msec-7f4bd986c2191a46407cfa77dd4908b4e62677af.zip
support saving current settings as a new security level
-rwxr-xr-xsrc/msec/msec.py17
-rwxr-xr-xsrc/msec/msecperms.py15
2 files changed, 30 insertions, 2 deletions
diff --git a/src/msec/msec.py b/src/msec/msec.py
index 17cd4f1..0bb43a6 100755
--- a/src/msec/msec.py
+++ b/src/msec/msec.py
@@ -53,6 +53,7 @@ Arguments to msec:
will perform.
-r, --root <path> path to use as root
-q, --quiet run quietly
+ -s, --save <level> save current configuration as a new security level
""" % version
# }}}
@@ -63,10 +64,11 @@ if __name__ == "__main__":
commit = True
root = ''
quiet = False
+ save = False
# parse command line
try:
- opt, args = getopt.getopt(sys.argv[1:], 'hl:f:dpr:q', ['help', 'list=', 'force=', 'debug', 'pretend', 'root=', 'quiet'])
+ opt, args = getopt.getopt(sys.argv[1:], 'hl:f:dpr:qs:', ['help', 'list=', 'force=', 'debug', 'pretend', 'root=', 'quiet', 'save='])
except getopt.error:
usage()
sys.exit(1)
@@ -91,6 +93,10 @@ if __name__ == "__main__":
elif o[0] == '-f' or o[0] == '--force':
level = o[1]
force_level = True
+ # save as new security level
+ elif o[0] == '-s' or o[0] == '--save':
+ level = o[1]
+ save = True
# custom root
elif o[0] == '-r' or o[0] == '--root':
root = o[1]
@@ -138,6 +144,15 @@ if __name__ == "__main__":
else:
msec_config.load()
+ # saving current setting as new level
+ if save:
+ newlevel = config.MsecConfig(log, config=config.SECURITY_LEVEL % (root, level))
+ newlevel.merge(msec_config)
+ # update new level name
+ newlevel.set("BASE_LEVEL", level)
+ newlevel.save()
+ sys.exit(0)
+
# load the msec library
msec = MSEC(log, root=root)
diff --git a/src/msec/msecperms.py b/src/msec/msecperms.py
index 1c639f4..cdb9b0e 100755
--- a/src/msec/msecperms.py
+++ b/src/msec/msecperms.py
@@ -65,6 +65,7 @@ Available parameters:
will perform.
-r, --root <path> path to use as root
-q, --quiet run quietly
+ -s, --save <level> save current configuration as a new security level
""" % (version, config.PERMCONF, config.PERMCONF)
# }}}
@@ -76,10 +77,11 @@ if __name__ == "__main__":
enforce = False
quiet = False
root = ''
+ save = False
# parse command line
try:
- opt, args = getopt.getopt(sys.argv[1:], 'hel:f:dpr:q', ['help', 'enforce', 'list=', 'force=', 'debug', 'pretend', 'root=', 'quiet'])
+ opt, args = getopt.getopt(sys.argv[1:], 'hel:f:dpr:qs:', ['help', 'enforce', 'list=', 'force=', 'debug', 'pretend', 'root=', 'quiet', 'save='])
except getopt.error:
usage()
sys.exit(1)
@@ -107,6 +109,10 @@ if __name__ == "__main__":
elif o[0] == '-f' or o[0] == '--force':
level = o[1]
force_level = True
+ # save as new security level
+ elif o[0] == '-s' or o[0] == '--save':
+ level = o[1]
+ save = True
# debugging
elif o[0] == '-d' or o[0] == '--debug':
log_level = logging.DEBUG
@@ -156,6 +162,13 @@ if __name__ == "__main__":
else:
permconf.load()
+ # saving current setting as new level
+ if save:
+ newlevel = config.MsecConfig(log, config=config.SECURITY_LEVEL % (root, level))
+ newlevel.merge(permconf)
+ newlevel.save()
+ sys.exit(0)
+
# load the main permission class
perm = PERMS(log, root=root)