diff options
| -rw-r--r-- | Makefile | 2 | ||||
| -rw-r--r-- | NEWS | 13 | ||||
| -rwxr-xr-x | cron-sh/functions.sh | 47 | ||||
| -rwxr-xr-x | src/msec/config.py | 46 | ||||
| -rwxr-xr-x | src/msec/libmsec.py | 17 | ||||
| -rwxr-xr-x | src/msec/msecgui.py | 213 | ||||
| -rwxr-xr-x | src/msec/msecperms.py | 2 |
7 files changed, 222 insertions, 118 deletions
@@ -1,5 +1,5 @@ PACKAGE = msec -VERSION = 2.14 +VERSION = 2.16 all: version promisc_check msec_find python manpages make -C cron-sh @@ -1,3 +1,16 @@ +Version 2.16 - March 29, 2026 Aurelian R + +- Add a workaround for "s2u" failure to send messages to Wayland desktops +- Synchronize with s2u's "org.mageia.user" dbus interface (mga#35261) +- Fix permission reading/applying (mga#35275, mga#20847) +- Fix some more deprecated warnings and a dialog assertion failure + +Version 2.15 - March 23, 2026 Aurelian R + +- Clear various deprected warnings +- Fix "Gtk.Aligment.new" argument error +- Fix "dialog.add_button" arguments error (mga#35249) + Version 2.14 - May 9, 2024 David Geiger - March 21th 2026 - Papoteur - First systemd unit file to switch to systemd unit from initscripts - Replace temporary dir from /var/run -> /run diff --git a/cron-sh/functions.sh b/cron-sh/functions.sh index 90b15be..5bd6ade 100755 --- a/cron-sh/functions.sh +++ b/cron-sh/functions.sh @@ -192,14 +192,49 @@ EOF } Notifylog() { - if [[ ${NOTIFY_WARN} == yes ]]; then - message=${1} - DBUS_SEND=`which dbus-send 2>/dev/null` - if [ -x "$DBUS_SEND" ]; then - $DBUS_SEND --system --type=signal /com/mandriva/user com.mandriva.user.security_notification string:"$message" + if [[ ${NOTIFY_WARN} == yes ]]; then + message=${1} + + SUDO=$(which sudo 2>/dev/null) + NOTIFY_SEND=$(which notify-send 2>/dev/null) + GDBUS=$(which gdbus 2>/dev/null) + USE_DBUS_SEND=YES + DBUS_SEND=$(which dbus-send 2>/dev/null) + + if [ -x "$SUDO" ]; then + # Send messages to X11/Wayland using either gdbus or notify-send + for user in $(who | awk '{print $1}' | sort -u ); do + uid=$(id -u "${user}") + if [ -n "${uid}" ]; then + if [ -x "$GDBUS" ]; then + sudo -u "${user}" DBUS_SESSION_BUS_ADDRESS="unix:path=/run/user/${uid}/bus" \ + $GDBUS call --session --dest=org.freedesktop.Notifications \ + --object-path=/org/freedesktop/Notifications \ + --method=org.freedesktop.Notifications.Notify \ + " MSEC" 0 "security-medium" "Security Alert" "${message}" \ + '[]' '{"urgency": <2>}' 3500 2>/dev/null + USE_DBUS_SEND=NO + elif [ -x "$NOTIFY_SEND" ]; then + sudo -u "${user}" DBUS_SESSION_BUS_ADDRESS="unix:path=/run/user/${uid}/bus" \ + $NOTIFY_SEND " MSEC" "${message}" 2>/dev/null + USE_DBUS_SEND=NO + ##elif [ -x "$DBUS_SEND" ]; then + ## sudo -u "$user" DBUS_SESSION_BUS_ADDRESS="unix:path=/run/user/${uid}/bus" \ + ## $DBUS_SEND --session --dest=org.freedesktop.Notifications /org/freedesktop/Notifications \ + ## org.freedesktop.Notifications.Notify \ + ## string:" MSEC" uint32:0 string:"security-medium" string:"Security Alert" \ + ## string:"$message" array:string: array:dict:string,variant: \ + ## dict:string,variant:"urgency",variant:uint32:2 uint32:3500 2>/dev/null + fi fi + done fi -} + # Use s2u notification as backup + if [ -x "$DBUS_SEND" ] && [ "$USE_DBUS_SEND" = "YES" ]; then + $DBUS_SEND --system --type=signal /org/mageia/user org.mageia.user.security_notification string:"$message" + fi + fi +} ################## diff --git a/src/msec/config.py b/src/msec/config.py index ef2946c..e77e9fd 100755 --- a/src/msec/config.py +++ b/src/msec/config.py @@ -172,12 +172,10 @@ def merge_with_baselevel(log, config, base_level, load_func, root=''): def to_utf8(s): - """ Returs string after decoding if needed """ - try: - s.decode() - return s - except: - return str(s).decode("utf-8") + """ Returns string, decodes bytes if necessary """ + if isinstance(s, bytes): + return s.decode('utf-8') + return str(s) # {{{ MsecConfig class MsecConfig: @@ -406,7 +404,7 @@ class PermConfig(MsecConfig): self.options_order = [] self.comments = [] self.log = log - self.regexp = re.compile(r"^([^\s]*)\s*([a-z]*)\.([a-z]*)\s*([\d]?\d\d\d|current)\s*(force)?\s?([^\s]*)$") + self.regexp = re.compile(r"^([^\s]*)\s*([a-z]*)\.([a-z]*)\s*(\d{3,4}|current)\s*(force)?\s?([^\s]*)$") def merge(self, newconfig, overwrite=False): """Merges parameters from newconfig to current config""" @@ -435,6 +433,8 @@ class PermConfig(MsecConfig): except: self.log.error(_("Unable to load configuration file %s: %s") % (self.config, sys.exc_info()[1])) return False + # Look up for pattern: user1:acl,user2:acl + acl_re = re.compile(r'^([A-Za-z][A-Za-z0-9._-]+:[^:,]+)(,([A-Za-z][A-Za-z0-9._-]*)+:[^:,]+)*$') for line in fd.readlines(): line = line.strip() if not line: @@ -448,8 +448,27 @@ class PermConfig(MsecConfig): if res: if len(res[0]) == 6: file, user, group, perm, force, acl = res[0] - self.options[file] = (user, group, perm, force, acl) - self.options_order.append(file) + + # validate force field + if force not in ('force', ''): + self.log.warn(_("Invalid force value '%s' for '%s', ignoring") % (force, file)) + force = '' + # validate acl field + if acl and not acl_re.match(acl): + self.log.warn(_("Invalid acl value '%s' for '%s', ignoring") % (acl, file)) + acl = '' + # discard fully no-op entries: all current/empty and no force/acl + user_noop = user in ('current', '') + group_noop = group in ('current', '') + perm_noop = perm in ('current', '') + if user_noop and group_noop and perm_noop and not acl: + self.log.debug(_("Skipping no-op entry for '%s'") % file) + continue + + self.options[file] = (user, group, perm, force, acl) + self.options_order.append(file) + else: + self.log.warn(_("Unexpected format in line: %s") % line) except: traceback.print_exc() self.log.warn(_("Bad config option: %s") % line) @@ -462,10 +481,15 @@ class PermConfig(MsecConfig): return self.options_order def get(self, option, default=None): - """Gets a configuration option, or defines it if not defined""" + """Gets a configuration option, or defines it if not defined. + Always returns a 5-tuple (user, group, perm, force, acl) or the default.""" if option not in self.options: self.set(option, default) - return self.options[option] + value = self.options[option] + # guard against None or removed entries — return a safe no-op tuple + if value is None: + return ('current', 'current', 'current', '', '') + return value def set(self, option, value): """Sets a configuration option""" diff --git a/src/msec/libmsec.py b/src/msec/libmsec.py index d4fa75b..a683558 100755 --- a/src/msec/libmsec.py +++ b/src/msec/libmsec.py @@ -708,8 +708,7 @@ class MSEC: if plugin_ in self.plugins: plugin = self.plugins[plugin_] else: - self.log.info(_("Plugin %s not found") % to_utf8(plugin_)) - return self.log.info + self.log.info(_("Plugin %s not found") % plugin_) return None try: func = getattr(plugin, callback) @@ -923,7 +922,19 @@ class PERMS: If files_to_check is specified, only the specified files are checked.''' for file in perms.list_options(): - user_s, group_s, perm_s, force, acl = perms.get(file) + entry = perms.get(file) + if not entry or len(entry) != 5: + self.log.warn(_("Skipping malformed entry for '%s'") % file) + continue + user_s, group_s, perm_s, force, acl = entry + + # skip entries where nothing would actually change + user_noop = user_s in ('current', '') + group_noop = group_s in ('current', '') + perm_noop = perm_s in ('current', '') + if user_noop and group_noop and perm_noop and not acl: + self.log.debug("Skipping no-op entry for '%s'" % file) + continue # permission if perm_s == 'current': diff --git a/src/msec/msecgui.py b/src/msec/msecgui.py index cfdde40..eeadabb 100755 --- a/src/msec/msecgui.py +++ b/src/msec/msecgui.py @@ -107,10 +107,27 @@ changing them to the specified values when a change is detected. """) SAVE_SETTINGS_TEXT=_("""Save and apply new configuration?""") +#TODO: Prepare for translating the deprecated Gtk.STOCK_OK/CANCEL macros +#TEXT_OK = _("OK") +#TEXT_CANCEL = _("Cancel") +TEXT_OK = Gtk.STOCK_OK +TEXT_CANCEL = Gtk.STOCK_CANCEL + # gui-related settings DEFAULT_SPACING=5 BANNER="msec.png" +# Box helpers to replace deprecated Gtk.VBox / Gtk.HBox +def VBox(spacing=0, homogeneous=False, **kwargs): + box = Gtk.Box(orientation=Gtk.Orientation.VERTICAL, spacing=spacing, **kwargs) + box.set_homogeneous(homogeneous) + return box + +def HBox(spacing=0, homogeneous=False, **kwargs): + box = Gtk.Box(orientation=Gtk.Orientation.HORIZONTAL, spacing=spacing, **kwargs) + box.set_homogeneous(homogeneous) + return box + class BackgroundRunner(Thread): # background task runner def __init__(self, finish, program): @@ -187,7 +204,7 @@ class MsecGui(Gtk.Window): self.enforced_level = None self.enforcing_level = False - main_vbox = Gtk.VBox(homogeneous=False, spacing=5) + main_vbox = VBox(spacing=5) self.window.add(main_vbox) # menu @@ -227,7 +244,7 @@ class MsecGui(Gtk.Window): menu.add(menuitem) # show logo - banner = Gtk.HBox(homogeneous=False, spacing=10) + banner = HBox(spacing=10) try: # logo image = Gtk.Image() @@ -340,10 +357,10 @@ class MsecGui(Gtk.Window): # creating preview window dialog = Gtk.Dialog(title=_('Saving changes...'), transient_for=self.window, modal=True) - dialog.add_action_widget(Gtk.Button(label=_('Cancel')), Gtk.ResponseType.CANCEL) + dialog.add_button(TEXT_CANCEL, Gtk.ResponseType.CANCEL) if ask_ignore: - dialog.add_action_widget(Gtk.Button(label=_("Ignore and quit")), Gtk.ResponseType.REJECT) - dialog.add_action_widget(Gtk.Button(label=_('OK')), Gtk.ResponseType.OK) + dialog.add_button(_('Ignore and quit'), Gtk.ResponseType.REJECT) + dialog.add_button(TEXT_OK, Gtk.ResponseType.OK) dialog.set_default_size(640, 300) dialog.set_default_response(Gtk.ResponseType.OK) @@ -354,7 +371,7 @@ class MsecGui(Gtk.Window): dialog.set_resizable(False) # detailed information - exp_vbox = Gtk.VBox() + exp_vbox = VBox() # scrolledwindow sw = Gtk.ScrolledWindow() @@ -363,7 +380,7 @@ class MsecGui(Gtk.Window): exp_vbox.pack_start(sw, True, True, DEFAULT_SPACING) - vbox = Gtk.VBox() + vbox = VBox() exp_vbox.set_size_request(640, 280) sw.add(vbox) @@ -388,7 +405,7 @@ class MsecGui(Gtk.Window): # adding specific messages advanced = Gtk.Expander(label=_("Details")) - vbox_advanced = Gtk.VBox() + vbox_advanced = VBox() advanced.add(vbox_advanced) vbox.pack_start(advanced, False, False, padding=DEFAULT_SPACING) for cat in ['info', 'critical', 'error', 'warn', 'debug']: @@ -429,7 +446,9 @@ class MsecGui(Gtk.Window): self.msec.commit(True) # saving permissions + self.perms.check_perms(self.permconfig) self.permconfig.save(standard_permconf) + self.perms.commit(really_commit=True, enforce=False) self.reload_config() @@ -445,6 +464,12 @@ class MsecGui(Gtk.Window): self.permconfig.reset() self.permconfig.load() config.merge_with_baselevel(log, self.permconfig, self.msecconfig.get_base_level(), config.load_default_perms, root='') + # merge legacy perm.local if present + perm_local_path = os.path.join(config.MSEC_DIR, "perm.local") + if os.access(perm_local_path, os.R_OK): + perm_local = config.PermConfig(self.log, config=perm_local_path) + perm_local.load() + self.permconfig.merge(perm_local, overwrite=True) # exceptions self.exceptions.reset() self.exceptions.load() @@ -559,62 +584,57 @@ class MsecGui(Gtk.Window): def create_summary_ui(self): """Builds the security summary UI""" - vbox = Gtk.VBox(homogeneous=False, spacing=20) + vbox = VBox(spacing=20) + + grid = Gtk.Grid() + grid.set_column_spacing(10) + grid.set_row_spacing(6) - table = Gtk.Table(n_rows=4, n_columns=4, homogeneous=False) + def make_status_label(text): + label = Gtk.Label(label=text) + label.set_property("xalign", 0.0) + label.set_property("yalign", 0.5) + label.set_hexpand(True) + label.set_halign(Gtk.Align.FILL) + return label - def create_security_item(table, row, text, icon=None): + def create_security_item(grid, row, text, icon=None): # show logo - banner = Gtk.HBox(homogeneous=False, spacing=10) if icon: try: # logo image = Gtk.Image() pixbuf = GdkPixbuf.Pixbuf.new_from_file(icon) image.set_from_pixbuf(pixbuf) - banner.pack_start(image, False, False, 0) - table.attach(banner, 0, 1, row, row+1, Gtk.AttachOptions.EXPAND | Gtk.AttachOptions.FILL, 0, 0, 0) + image.set_hexpand(False) + grid.attach(image, 0, row, 1, 1) except: print("Unable to load icon %s: %s" % (icon, sys.exc_info()[1])) - label = Gtk.Label(label=text) - label.set_property("xalign", 0.0) - #label.modify_font(Pango.FontDescription("12")) - label.set_property("xalign", 0.0) - label.set_property("yalign", 0.5) - table.attach(label, 1, 2, row, row + 1, Gtk.AttachOptions.EXPAND | Gtk.AttachOptions.FILL, 0, 0, 0) + grid.attach(make_status_label(text), 1, row, 1, 1) row = 0 # firewall - create_security_item(table, row, _("Firewall"), "/usr/share/mcc/themes/default/firewall-mdk.png") - firewall_status = tools.find_firewall_info(log) - label = Gtk.Label(label=firewall_status) - label.set_property("xalign", 0.0) - label.set_property("yalign", 0.5) - table.attach(label, 2, 3, row, row + 1, Gtk.AttachOptions.EXPAND | Gtk.AttachOptions.FILL, 0, 0, 0) + create_security_item(grid, row, _("Firewall"), "/usr/share/mcc/themes/default/firewall-mdk.png") + grid.attach(make_status_label(tools.find_firewall_info(log)), 2, row, 1, 1) button = Gtk.Button(label=_("Configure")) button.connect('clicked', self.run_configure_app, tools.FIREWALL_CMD) - table.attach(button, 3, 4, row, row + 1, Gtk.AttachOptions.EXPAND | Gtk.AttachOptions.FILL, 0, 0, 0) - vbox.pack_start(table, False, False, 0) + grid.attach(button, 3, row, 1, 1) row += 1 # updates - create_security_item(table, row, _("Updates"), "/usr/share/mcc/themes/default/MageiaUpdate.png") - updates = tools.get_updates_status(log) - label = Gtk.Label(label=updates) - label.set_property("xalign", 0.0) - label.set_property("yalign", 0.5) - table.attach(label, 2, 3, row, row + 1, Gtk.AttachOptions.EXPAND | Gtk.AttachOptions.FILL, 0, 0, 0) + create_security_item(grid, row, _("Updates"), "/usr/share/mcc/themes/default/MageiaUpdate.png") + grid.attach(make_status_label(tools.get_updates_status(log)), 2, row, 1, 1) button = Gtk.Button(label=_("Update now")) button.connect('clicked', self.run_configure_app, tools.UPDATE_CMD) - table.attach(button, 3, 4, row, row + 1, Gtk.AttachOptions.EXPAND | Gtk.AttachOptions.FILL, 0, 0, 0) + grid.attach(button, 3, row, 1, 1) row += 1 # security - create_security_item(table, row, _("Security"), "/usr/share/mcc/themes/default/security-mdk.png") + create_security_item(grid, row, _("Security"), "/usr/share/mcc/themes/default/security-mdk.png") baselevel = self.msecconfig.get("BASE_LEVEL") if baselevel == config.NONE_LEVEL: msec_status = [_("Msec is disabled")] @@ -630,14 +650,11 @@ class MsecGui(Gtk.Window): custom_count += 1 if custom_count > 0: msec_status.append(_("Custom settings: %d") % custom_count) - label = Gtk.Label(label="\n".join(msec_status)) - label.set_property("xalign", 0.0) - label.set_property("yalign", 0.5) - table.attach(label, 2, 3, row, row + 1, Gtk.AttachOptions.EXPAND | Gtk.AttachOptions.FILL, 0, 0, 0) + grid.attach(make_status_label("\n".join(msec_status)), 2, row, 1, 1) button = Gtk.Button(label=_("Configure")) button.connect('clicked', lambda x: self.main_notebook.set_current_page(1)) - table.attach(button, 3, 4, row, row + 1, Gtk.AttachOptions.EXPAND | Gtk.AttachOptions.FILL, 0, 0, 0) + grid.attach(button, 3, row, 1, 1) row += 1 @@ -645,29 +662,33 @@ class MsecGui(Gtk.Window): label = Gtk.Label(label=_("Periodic checks")) label.set_property("xalign", 0.0) label.set_property("yalign", 0.5) - # label.modify_font(Pango.FontDescription("11")) - table.attach(label, 1, 2, row, row + 1, Gtk.AttachOptions.EXPAND | Gtk.AttachOptions.FILL, 0, 0, 0) + grid.attach(label, 1, row, 1, 1) + row += 1 + for check, logfile, updated_n, updated in tools.periodic_check_status(log): if not updated: updated = _("Never") label = Gtk.Label(label=_("Check: %s. Last run: %s") % (check, updated)) label.set_property("xalign", 0.0) - table.attach(label, 2, 3, row, row + 1, Gtk.AttachOptions.EXPAND | Gtk.AttachOptions.FILL, 0, 0, 0) + label.set_hexpand(True) + label.set_halign(Gtk.Align.FILL) + grid.attach(label, 2, row, 1, 1) - h = Gtk.HBox() - button = Gtk.Button(label=_("Show results")) + h = HBox(spacing=6) + button_show = Gtk.Button(label=_("Show results")) if updated_n: - button.connect('clicked', self.show_test_results, logfile) + button_show.connect('clicked', self.show_test_results, logfile) else: - button.set_sensitive(False) - h.pack_start(button, False, False, 0) - button = Gtk.Button(label=_("Run now")) - button.connect('clicked', self.run_periodic_check, check) - h.pack_start(button, False, False, 0) - table.attach(h, 3, 4, row, row + 1, Gtk.AttachOptions.EXPAND | Gtk.AttachOptions.FILL, 0, 0, 0) + button_show.set_sensitive(False) + h.pack_start(button_show, False, False, 0) + button_run = Gtk.Button(label=_("Run now")) + button_run.connect('clicked', self.run_periodic_check, check) + h.pack_start(button_run, False, False, 0) + grid.attach(h, 3, row, 1, 1) row += 1 + vbox.pack_start(grid, False, False, 0) return vbox def process_events(self): @@ -684,28 +705,29 @@ class MsecGui(Gtk.Window): data = fd.readlines() except: data = [_("Unable to read log file: %s") % sys.exc_info()[1]] - dialog = Gtk.Dialog(_("Periodic check results"), transient_for=self.window, flags=0) - dialog.add_button(Gtk.STOCK_OK, Gtk.ResponseType.OK) + + dialog = Gtk.Dialog(title=_("Periodic check results"), + transient_for=self.window, modal=True) + dialog.add_button(TEXT_OK, Gtk.ResponseType.OK) dialog.set_size_request(640, 280) - view = Gtk.TextView() - buffer = view.get_buffer() - buffer.create_tag("monospace", family="monospace", editable=False) - iter = buffer.get_iter_at_offset(0) + + text_buffer = Gtk.TextBuffer() + text_buffer.create_tag("monospace", family="monospace", editable=False) + text_iter = text_buffer.get_iter_at_offset(0) for l in data: - buffer.insert_with_tags_by_name(iter, l, "monospace") + text_buffer.insert_with_tags_by_name(text_iter, l, "monospace") + view = Gtk.TextView.new_with_buffer(text_buffer) + view.set_editable(False) + sw = Gtk.ScrolledWindow() sw.set_shadow_type(Gtk.ShadowType.ETCHED_IN) sw.set_policy(Gtk.PolicyType.AUTOMATIC, Gtk.PolicyType.AUTOMATIC) sw.add(view) dialog.vbox.pack_start(sw, True, True, 0) - dialog.show_all() - ret = dialog.run() + dialog.run() dialog.destroy() - if ret != Gtk.ResponseType.YES: - return - pass def run_periodic_check(self, widget, check): """Shows results for the test""" @@ -727,7 +749,7 @@ class MsecGui(Gtk.Window): progress.set_modal(True) progress.connect('delete-event', lambda *w: None) - vbox = Gtk.VBox(spacing=10) + vbox = VBox(spacing=10) progress.add(vbox) progressbar = Gtk.ProgressBar() progressbar.set_text(_("Please wait, running checks...")) @@ -790,7 +812,7 @@ class MsecGui(Gtk.Window): def level_security_page(self, id): """Builds the basic security page""" - vbox = Gtk.VBox(homogeneous=False) + vbox = VBox() entry = Gtk.Label(label=LEVEL_SECURITY_TEXT) entry.set_use_markup(True) @@ -805,7 +827,7 @@ class MsecGui(Gtk.Window): # security levels self.levels_frame = Gtk.Frame.new(_("Select the base security level")) - levels_vbox = Gtk.VBox(homogeneous=False) + levels_vbox = VBox() self.levels_frame.add(levels_vbox) # create the security level selection screen sw = Gtk.ScrolledWindow() @@ -882,7 +904,7 @@ class MsecGui(Gtk.Window): # putting levels to vbox # notifications by email - hbox = Gtk.HBox() + hbox = HBox() self.notify_mail = Gtk.CheckButton(label=_("Send security alerts by email to:")) if self.msecconfig.get("MAIL_WARN") == "yes": self.notify_mail.set_active(True) @@ -1051,7 +1073,7 @@ class MsecGui(Gtk.Window): def system_security_page(self, id): """Builds the system security page""" - vbox = Gtk.VBox(homogeneous=False) + vbox = VBox() entry = Gtk.Label(label=SYSTEM_SECURITY_TEXT) entry.set_use_markup(True) @@ -1066,7 +1088,7 @@ class MsecGui(Gtk.Window): def network_security_page(self, id): """Builds the network security page""" - vbox = Gtk.VBox(homogeneous=False) + vbox = VBox() entry = Gtk.Label(label=NETWORK_SECURITY_TEXT) entry.set_use_markup(True) @@ -1081,7 +1103,7 @@ class MsecGui(Gtk.Window): def periodic_security_page(self, id): """Builds the periodic security page""" - vbox = Gtk.VBox(homogeneous=False) + vbox = VBox() entry = Gtk.Label(label=PERIODIC_SECURITY_TEXT) entry.set_use_markup(True) @@ -1124,7 +1146,7 @@ class MsecGui(Gtk.Window): def exceptions_page(self, id): """Builds the exceptions page""" - vbox = Gtk.VBox(homogeneous=False) + vbox = VBox() entry = Gtk.Label(label=EXCEPTIONS_TEXT) entry.set_use_markup(True) @@ -1174,7 +1196,7 @@ class MsecGui(Gtk.Window): self.current_options_view[id] = (lstore, self.exceptions) # buttons hbox - hbox = Gtk.HBox(homogeneous=True, spacing=10) + hbox = HBox(homogeneous=True, spacing=10) # add button = Gtk.Button(label=_("Add a rule")) @@ -1192,7 +1214,7 @@ class MsecGui(Gtk.Window): def permissions_security_page(self, id): """Builds the permissions security page""" - vbox = Gtk.VBox(homogeneous=False) + vbox = VBox() entry = Gtk.Label(label=PERMISSIONS_SECURITY_TEXT) entry.set_use_markup(True) @@ -1285,7 +1307,7 @@ class MsecGui(Gtk.Window): self.current_options_view[id] = (lstore, self.permconfig) # buttons hbox - hbox = Gtk.HBox(homogeneous=True, spacing=10) + hbox = HBox(homogeneous=True, spacing=10) # # up # button = Gtk.Button(_("Up")) @@ -1416,16 +1438,16 @@ class MsecGui(Gtk.Window): title = _("Adding new exception") # asks for new parameter value - dialog = Gtk.Dialog(title=title, transient_for=self.window, flags=0) - dialog.add_button(Gtk.STOCK_OK, Gtk.ResponseType.OK) - dialog.add_button(Gtk.STOCK_CANCEL, Gtk.ResponseType.CANCEL) + dialog = Gtk.Dialog(title=title, transient_for=self.window, modal=True) + dialog.add_button(TEXT_OK, Gtk.ResponseType.OK) + dialog.add_button(TEXT_CANCEL, Gtk.ResponseType.CANCEL) label = Gtk.Label(label=_("Editing exception. Please select the correspondent msec check and exception value\n")) label.set_line_wrap(True) label.set_use_markup(True) dialog.vbox.pack_start(label, False, False, 0) # module - hbox = Gtk.HBox() + hbox = HBox() hbox.pack_start(Gtk.Label(label=_("Check: ")), True, True, 0) entry_module = Gtk.ComboBoxText() pos = 0 @@ -1440,7 +1462,7 @@ class MsecGui(Gtk.Window): dialog.vbox.pack_start(hbox, False, False, 0) # exception - hbox = Gtk.HBox() + hbox = HBox() hbox.pack_start(Gtk.Label(label=_("Exception: ")), True, True, 0) entry_exception = Gtk.Entry() entry_exception.set_text(exception) @@ -1493,9 +1515,9 @@ class MsecGui(Gtk.Window): force = "force" # asks for new parameter value - dialog = Gtk.Dialog(title=title, transient_for=self.window, flags=0) - dialog.add_button(Gtk.STOCK_OK, Gtk.ResponseType.OK) - dialog.add_button(Gtk.STOCK_CANCEL, Gtk.ResponseType.CANCEL) + dialog = Gtk.Dialog(title=title, transient_for=self.window, modal=True) + dialog.add_button(TEXT_OK, Gtk.ResponseType.OK) + dialog.add_button(TEXT_CANCEL, Gtk.ResponseType.CANCEL) label = Gtk.Label(label=_("Changing permissions on <b>%s</b>") % (file or _("new file"))) label.set_line_wrap(True) label.set_use_markup(True) @@ -1507,7 +1529,7 @@ class MsecGui(Gtk.Window): if not path: # file - hbox = Gtk.HBox() + hbox = HBox() label = Gtk.Label(label=_("File: ")) hbox.pack_start(label, True, True, 0) entry_file = Gtk.Entry() @@ -1523,7 +1545,7 @@ class MsecGui(Gtk.Window): dialog.vbox.pack_start(label, False, False, padding=5) # user - hbox = Gtk.HBox() + hbox = HBox() label = Gtk.Label(label=_("User: ")) hbox.pack_start(label, True, True, 0) entry_user = Gtk.Entry() @@ -1534,7 +1556,7 @@ class MsecGui(Gtk.Window): dialog.vbox.pack_start(hbox, False, False, 0) # group - hbox = Gtk.HBox() + hbox = HBox() label = Gtk.Label(label=_("Group: ")) hbox.pack_start(label, True, True, 0) entry_group = Gtk.Entry() @@ -1545,7 +1567,7 @@ class MsecGui(Gtk.Window): dialog.vbox.pack_start(hbox, False, False, 0) # perm - hbox = Gtk.HBox() + hbox = HBox() label = Gtk.Label(label=_("Permissions: ")) hbox.pack_start(label, True, True, 0) entry_perm = Gtk.Entry() @@ -1561,7 +1583,7 @@ class MsecGui(Gtk.Window): dialog.vbox.pack_start(label, False, False, padding=5) # acl - hbox = Gtk.HBox() + hbox = HBox() label = Gtk.Label(label=_("ACL: ")) hbox.pack_start(label, True, True, 0) entry_acl = Gtk.Entry() @@ -1630,24 +1652,23 @@ class MsecGui(Gtk.Window): # asks for new parameter value dialog = Gtk.Dialog(title=_("Select new value for %s") % (param), - transient_for=self.window, flags=0) - dialog.add_button(Gtk.STOCK_OK, Gtk.ResponseType.OK) - dialog.add_button(Gtk.STOCK_CANCEL, Gtk.ResponseType.CANCEL) + transient_for=self.window, modal=True) + dialog.add_button(TEXT_OK, Gtk.ResponseType.OK) + dialog.add_button(TEXT_CANCEL, Gtk.ResponseType.CANCEL) # option title label = Gtk.Label(label="<b>%s</b>\n" % param) label.set_use_markup(True) # description dialog.vbox.pack_start(label, True, True, 0) label = Gtk.Label(label=_("<i>%s</i>\n\n\tCurrent value:\t\t\t<i>%s</i>\n\t%sDefault level value:\t<i>%s</i>%s\n") % - (descr, value, - def_start, val_def, def_end,)) + (descr, value, def_start, val_def, def_end,)) label.set_line_wrap(True) label.set_use_markup(True) dialog.vbox.pack_start(label, True, True, 0) - dialog.vbox.pack_start(Gtk.HSeparator(), True, True, 0) + dialog.vbox.pack_start(Gtk.Separator(orientation=Gtk.Orientation.HORIZONTAL), True, True, 0) # new value - hbox = Gtk.HBox() + hbox = HBox() label = Gtk.Label(label=_("New value:")) label.set_halign(Gtk.Align.CENTER) label.set_valign(Gtk.Align.CENTER) diff --git a/src/msec/msecperms.py b/src/msec/msecperms.py index 2d0887a..a22cb88 100755 --- a/src/msec/msecperms.py +++ b/src/msec/msecperms.py @@ -96,7 +96,7 @@ if __name__ == "__main__": print(_("Invalid security level '%s'.") % level, file=sys.stderr) sys.exit(1) for file in params: - user, group, perm, force = permconf.get(file) + user, group, perm, force, acl = permconf.get(file) if force: print("!! forcing permissions on %s" % file) print("%s: %s.%s perm %s" % (file, user, group, perm)) |