Modified level enforcing. Now overwriting the correspondent security

files with default settings, therefore allowing more complete level
configuration.

3 files changed, 11 insertions, 8 deletions

diff --git a/src/msec/config.py b/src/msec/config.py
index a35bf92..3498a12 100644
--- a/src/msec/config.py
+++ b/src/msec/config.py
@@ -46,7 +46,8 @@ MODIFICATIONS_NOT_FOUND = _('No changes in system files')
 
 # msec callbacks and valid values
 #               OPTION                           callback                            valid values
-SETTINGS =    {'CHECK_SECURITY' :               ("check_security",                  ['yes', 'no']),
+SETTINGS =    {'BASE_LEVEL':                    ("base_level",                      ['*']),
+               'CHECK_SECURITY' :               ("check_security",                  ['yes', 'no']),
                'CHECK_PERMS' :                  ("check_perms",                     ['yes', 'no']),
                'CHECK_USER_FILES' :             ("check_user_files",                ['yes', 'no']),
                'CHECK_SUID_ROOT' :              ("check_suid_root",                 ['yes', 'no']),
@@ -270,7 +271,7 @@ class PermConfig(MsecConfig):
         self.options_order = []
         self.comments = []
         self.log = log
-        self.regexp = re.compile("^([^\s]*)\s*([a-z]*)\.([a-z]*)\s*([\d]?\d\d\d)\s*(force)?$")
+        self.regexp = re.compile("^([^\s]*)\s*([a-z]*)\.([a-z]*)\s*([\d]?\d\d\d|current)\s*(force)?$")
 
     def load(self):
         """Loads and parses configuration file"""
diff --git a/src/msec/msec.py b/src/msec/msec.py
index 9a6bfc4..f86152b 100755
--- a/src/msec/msec.py
+++ b/src/msec/msec.py
@@ -114,8 +114,6 @@ if __name__ == "__main__":
 
     # loading initial config
     msec_config = config.MsecConfig(log, config=config.SECURITYCONF)
-    if not msec_config.load() and not force_level:
-        log.error(_("Level configuration not found, please run '%s -f <level>' to initialize.") % sys.argv[0])
 
     # forcing new level
     if force_level:
@@ -123,10 +121,13 @@ if __name__ == "__main__":
         levelconf = config.load_defaults(log, level)
         params = levelconf.list_options()
         if not params:
-            log.error(_("Default configuration for level '%s' not found, aborting.") % level)
+            log.error(_("Level '%s' not found, aborting.") % level)
             sys.exit(1)
+        log.info(_("Switching to '%s' level.") % level)
         for opt in params:
             msec_config.set(opt, levelconf.get(opt))
+    else:
+        msec_config.load()
 
     # load the msec library
     msec = MSEC(log)
diff --git a/src/msec/msecperms.py b/src/msec/msecperms.py
index 22fda80..cbcc58f 100755
--- a/src/msec/msecperms.py
+++ b/src/msec/msecperms.py
@@ -124,8 +124,6 @@ if __name__ == "__main__":
 
     # loading permissions
     permconf = config.PermConfig(log, config=config.PERMCONF)
-    if not permconf.load() and not force_level:
-        log.error(_("Permissions configuration not found, please run '%s -f <level>' to initialize.") % sys.argv[0])
 
     # forcing new level
     if force_level:
@@ -133,10 +131,13 @@ if __name__ == "__main__":
         default_permconf = config.load_default_perms(log, level)
         params = default_permconf.list_options()
         if not params:
-            log.error(_("Default configuration for level '%s' not found, aborting.") % level)
+            log.error(_("Level '%s' not found, aborting.") % level)
             sys.exit(1)
+        log.info(_("Switching to '%s' level.") % level)
         for opt in params:
             permconf.set(opt, default_permconf.get(opt))
+    else:
+        permconf.load()
 
     # load the main permission class
     perm = PERMS(log)