diff options
-rwxr-xr-x | src/msec/msec.py | 24 | ||||
-rwxr-xr-x | src/msec/msecperms.py | 25 |
2 files changed, 22 insertions, 27 deletions
diff --git a/src/msec/msec.py b/src/msec/msec.py index 8a87c64..3f3d489 100755 --- a/src/msec/msec.py +++ b/src/msec/msec.py @@ -128,6 +128,10 @@ if __name__ == "__main__": # loading initial config msec_config = config.MsecConfig(log, config="%s%s" % (root, config.SECURITYCONF)) + permconf = None + # loading permissions + permconf = config.PermConfig(log, config="%s%s" % (root, config.PERMCONF)) + permconf.load() # forcing new level if force_level: @@ -140,11 +144,21 @@ if __name__ == "__main__": log.info(_("Switching to '%s' level.") % level) msec_config.reset() msec_config.merge(levelconf, overwrite=True) + # now saving new permissions + standard_permconf = config.load_default_perms(log, level, root=root) + params = standard_permconf.list_options() + if not params: + log.error(_("No custom file permissions for level '%s'.") % level) + log.info(_("Saving file permissions to '%s' level.") % level) + # updating base level + permconf.reset() + permconf.merge(standard_permconf, overwrite=True) else: msec_config.load() - # load variables from base level + # load variables from base levels config.merge_with_baselevel(log, msec_config, msec_config.get_base_level(), config.load_defaults, root='') + config.merge_with_baselevel(log, permconf, msec_config.get_base_level(), config.load_default_perms, root='') # saving current setting as new level if save: @@ -152,7 +166,11 @@ if __name__ == "__main__": newlevel.merge(msec_config, overwrite=True) # update new level name newlevel.set("BASE_LEVEL", level) - newlevel.save(levelconf) + newlevel.save() + # saving new file permissions, if any + newpermlevel = config.PermConfig(log, config=config.PERMISSIONS_LEVEL % (root, level)) + newpermlevel.merge(permconf, overwrite=True) + newpermlevel.save() sys.exit(0) # load the msec library @@ -166,4 +184,6 @@ if __name__ == "__main__": if force_level and commit: if not msec_config.save(levelconf): log.error(_("Unable to save config!")) + if not permconf.save(standard_permconf): + log.error(_("Unable to save file system permissions!")) sys.exit(0) diff --git a/src/msec/msecperms.py b/src/msec/msecperms.py index ba50181..ec50dca 100755 --- a/src/msec/msecperms.py +++ b/src/msec/msecperms.py @@ -141,37 +141,12 @@ if __name__ == "__main__": permconf = config.PermConfig(log, config="%s%s" % (root, config.PERMCONF)) permconf.load() - # TODO: move to main msec - ## forcing new level - #if force_level: - # # first load the default configuration for level - # standard_permconf = config.load_default_perms(log, level, root=root) - # params = standard_permconf.list_options() - # if not params: - # log.error(_("Level '%s' not found, aborting.") % level) - # sys.exit(1) - # log.info(_("Switching to '%s' level.") % level) - # # updating base level - # base_level = msec_config.get_base_level(level) - # permconf.reset() - # permconf.merge(standard_permconf, overwrite=True) - #else: - # permconf.load() - # load variables from base level config.merge_with_baselevel(log, permconf, base_level, config.load_default_perms, root='') # reloading levelconf for base level levelconf = config.load_default_perms(log, base_level, root=root) - # TODO: move to main msec - ## saving current setting as new level - #if save: - # newlevel = config.PermConfig(log, config=config.PERMISSIONS_LEVEL % (root, level)) - # newlevel.merge(permconf, overwrite=True) - # newlevel.save(levelconf) - # sys.exit(0) - # load the main permission class perm = PERMS(log, root=root) # check permissions |