Mailinglist Archive: yast-commit (725 mails)
| < Previous | Next > |
[yast-commit] r58289 - in /trunk/bootloader: ./ package/ src/clients/ src/modules/ src/routines/
- From: juhliarik@xxxxxxxxxxxxxxxx
- Date: Thu, 06 Aug 2009 11:50:13 -0000
- Message-id: <E1MZ1U5-0003jd-Fy@xxxxxxxxxxxxxxxx>
Author: juhliarik
Date: Thu Aug 6 13:50:12 2009
New Revision: 58289
URL: http://svn.opensuse.org/viewcvs/yast?rev=58289&view=rev
Log:
added support for SELinux
Modified:
trunk/bootloader/VERSION
trunk/bootloader/package/yast2-bootloader.changes
trunk/bootloader/src/clients/bootloader.ycp
trunk/bootloader/src/modules/BootCommon.ycp
trunk/bootloader/src/modules/Bootloader.ycp
trunk/bootloader/src/routines/dialogs.ycp
trunk/bootloader/src/routines/section_helps.ycp
trunk/bootloader/src/routines/section_widgets.ycp
Modified: trunk/bootloader/VERSION
URL:
http://svn.opensuse.org/viewcvs/yast/trunk/bootloader/VERSION?rev=58289&r1=58288&r2=58289&view=diff
==============================================================================
--- trunk/bootloader/VERSION (original)
+++ trunk/bootloader/VERSION Thu Aug 6 13:50:12 2009
@@ -1 +1 @@
-2.18.13
+2.18.14
Modified: trunk/bootloader/package/yast2-bootloader.changes
URL:
http://svn.opensuse.org/viewcvs/yast/trunk/bootloader/package/yast2-bootloader.changes?rev=58289&r1=58288&r2=58289&view=diff
==============================================================================
--- trunk/bootloader/package/yast2-bootloader.changes (original)
+++ trunk/bootloader/package/yast2-bootloader.changes Thu Aug 6 13:50:12 2009
@@ -1,4 +1,10 @@
-------------------------------------------------------------------
+Thu Aug 6 10:31:03 CEST 2009 - juhliarik@xxxxxxx
+
+- added support for enable SELinux (fate#305557)
+- 2.18.14
+
+-------------------------------------------------------------------
Tue Aug 4 16:52:57 CEST 2009 - juhliarik@xxxxxxx
- added support for redundancy md array (fate#305008)
Modified: trunk/bootloader/src/clients/bootloader.ycp
URL:
http://svn.opensuse.org/viewcvs/yast/trunk/bootloader/src/clients/bootloader.ycp?rev=58289&r1=58288&r2=58289&view=diff
==============================================================================
--- trunk/bootloader/src/clients/bootloader.ycp (original)
+++ trunk/bootloader/src/clients/bootloader.ycp Thu Aug 6 13:50:12 2009
@@ -16,6 +16,7 @@
*/
{
textdomain "bootloader";
+
import "BootCommon";
import "Bootloader";
import "CommandLine";
@@ -268,6 +269,7 @@
any ret = CommandLine::Run (cmdline);
// boolean ret = GuiHandler ();
+
y2milestone ("Finishing bootloader configuration module");
return ret;
}
Modified: trunk/bootloader/src/modules/BootCommon.ycp
URL:
http://svn.opensuse.org/viewcvs/yast/trunk/bootloader/src/modules/BootCommon.ycp?rev=58289&r1=58288&r2=58289&view=diff
==============================================================================
--- trunk/bootloader/src/modules/BootCommon.ycp (original)
+++ trunk/bootloader/src/modules/BootCommon.ycp Thu Aug 6 13:50:12 2009
@@ -302,6 +302,11 @@
*/
global boolean enable_md_array_redundancy = nil;
+/** FATE#305557: Enable SELinux for 11.2
+ * if true create /selinux directory
+ */
+global boolean enable_selinux = false;
+
global define string getLoaderType (boolean recheck);
global define list<string> getBootloaders ();
Modified: trunk/bootloader/src/modules/Bootloader.ycp
URL:
http://svn.opensuse.org/viewcvs/yast/trunk/bootloader/src/modules/Bootloader.ycp?rev=58289&r1=58288&r2=58289&view=diff
==============================================================================
--- trunk/bootloader/src/modules/Bootloader.ycp (original)
+++ trunk/bootloader/src/modules/Bootloader.ycp Thu Aug 6 13:50:12 2009
@@ -62,7 +62,7 @@
global define boolean UpdateGfxMenu ();
global define void DelDuplicatedSections();
global define void ResolveSymlinksInSections();
-
+ void createSELinuxDir ();
/**
* Write is repeating again
* Because of progress bar during inst_finish
@@ -572,9 +572,10 @@
// call bootloader executable
y2milestone ("Calling bootloader executable");
ret = ret && blWrite ();
-
- if (! ret)
- {
+ // FATE#305557: Enable SELinux for 11.2
+ createSELinuxDir ();
+ if (! ret)
+ {
y2error ("Installing bootloader failed");
if (writeErrorPopup ())
{
@@ -586,19 +587,17 @@
return Write ();
}
}
- }
- else
- {
- if (BootCommon::InstallingToFloppy ())
- {
- BootCommon::updateTimeoutPopupForFloppy
- (BootCommon::getLoaderName (getLoaderType (), `summary));
}
+ else
+ {
+ if (BootCommon::InstallingToFloppy ())
+ {
+ BootCommon::updateTimeoutPopupForFloppy
+ (BootCommon::getLoaderName (getLoaderType (), `summary));
+ }
+ }
-
- }
-
- return ret;
+ return ret;
}
@@ -707,7 +706,8 @@
// call bootloader executable
y2milestone ("Calling bootloader executable");
ret = ret && blWrite ();
-
+ // FATE#305557: Enable SELinux for 11.2
+ createSELinuxDir ();
if (! ret)
{
y2error ("Installing bootloader failed");
@@ -1545,4 +1545,32 @@
return true;
}
+
+/** Fate #305557: Enable SELinux for 11.2
+ * Function cerate /selinux directory
+ * if SELinux is enabled
+ */
+
+void createSELinuxDir ()
+{
+ string path_file = "/selinux";
+ string cmd = "ls -d /selinux 2>/dev/null";
+ if (BootCommon::enable_selinux)
+ {
+ if (Mode::normal() || Mode::installation())
+ {
+ map out = (map)SCR::Execute(.target.bash_output, cmd);
+ y2milestone("runnning command: \"%1\" and return: %2", cmd, out);
+ if (out["stdout"]:"" != "/selinux\n")
+ SCR::Execute(.target.mkdir, path_file);
+ else
+ y2milestone("Directory /selinux already exist");
+ } else {
+ y2milestone("Skip creating /selinux directory -> wrong mode");
+ }
+ } else {
+ y2milestone("Skip creating /selinux directory");
+ }
+}
+
}
Modified: trunk/bootloader/src/routines/dialogs.ycp
URL:
http://svn.opensuse.org/viewcvs/yast/trunk/bootloader/src/routines/dialogs.ycp?rev=58289&r1=58288&r2=58289&view=diff
==============================================================================
--- trunk/bootloader/src/routines/dialogs.ycp (original)
+++ trunk/bootloader/src/routines/dialogs.ycp Thu Aug 6 13:50:12 2009
@@ -164,7 +164,12 @@
// frame
`Frame (_("Section Settings"), `HBox (`HSpacing (2), `VBox (
`VSpacing (1),
- `Left("noverifyroot"),
+ `HBox
+ (
+ `Left("noverifyroot"),
+ `HSpacing(2),
+ `Left("enable_selinux")
+ ),
"image",
"initrd",
`HBox (
@@ -178,7 +183,7 @@
), `HSpacing (2));
list<string> widget_names = ["name", "image", "initrd", "root", "vgamode",
"append"
- ,"noverifyroot"];
+ ,"noverifyroot", "enable_selinux"];
map<string,map<string,any> > widget_descr = $[];
if (lt != "grub")
@@ -217,7 +222,12 @@
// frame
`Frame (_("Section Settings"), `HBox (`HSpacing (2), `VBox (
`VSpacing (1),
- `Left("optional"),
+ `HBox
+ (
+ `Left("optional"),
+ `HSpacing(2),
+ `Left("enable_selinux")
+ ),
"image",
"initrd",
"root",
@@ -229,7 +239,7 @@
), `HSpacing (2));
list<string> widget_names = ["name", "image", "initrd", "root", "optional",
- "append", "copy"];
+ "append", "copy", "enable_selinux"];
map<string,map<string,any> > widget_descr = $[];
widget_descr = (map<string,map<string,any> >) union (CommonGlobalWidgets
(), CommonSectionWidgets ());
@@ -264,7 +274,12 @@
// frame
`Frame (_("Section Settings"), `HBox (`HSpacing (2), `VBox (
`VSpacing (1),
- `Left("optional"),
+ `HBox
+ (
+ `Left("optional"),
+ `HSpacing(2),
+ `Left("enable_selinux")
+ ),
"image",
"initrd",
"root",
@@ -275,7 +290,7 @@
), `HSpacing (2));
list<string> widget_names = ["name", "image", "initrd", "root", "optional",
- "append"];
+ "append", "enable_selinux"];
map<string,map<string,any> > widget_descr = $[];
widget_descr = (map<string,map<string,any> >) union (CommonGlobalWidgets
(), CommonSectionWidgets ());
@@ -308,6 +323,7 @@
// frame
`Frame (_("Section Settings"), `HBox (`HSpacing (2), `VBox (
`VSpacing (1),
+ `Left("enable_selinux"),
"target",
"image",
"initrd",
@@ -320,7 +336,7 @@
), `HSpacing (2));
list<string> widget_names = ["name", "image", "initrd", "root", "append"
- ,"parmfile","target"];
+ ,"parmfile","target", "enable_selinux"];
map<string,map<string,any> > widget_descr = $[];
widget_descr = (map<string,map<string,any> >) union (CommonGlobalWidgets
(), CommonSectionWidgets ());
Modified: trunk/bootloader/src/routines/section_helps.ycp
URL:
http://svn.opensuse.org/viewcvs/yast/trunk/bootloader/src/routines/section_helps.ycp?rev=58289&r1=58288&r2=58289&view=diff
==============================================================================
--- trunk/bootloader/src/routines/section_helps.ycp (original)
+++ trunk/bootloader/src/routines/section_helps.ycp Thu Aug 6 13:50:12 2009
@@ -79,6 +79,9 @@
_("<p>Select <b>Menu Section</b> to add a new menu to the configuration.
Menu sections represent a list of tasks which are grouped together.</p>
"),
+ "enable_selinux":
+ _("<p>Select <b>Enable SELinux</b> to add the needed kernel boot
parameters to enable the SELinux security framework.
+Please note that this will also disable AppArmor.</p>")
];
Modified: trunk/bootloader/src/routines/section_widgets.ycp
URL:
http://svn.opensuse.org/viewcvs/yast/trunk/bootloader/src/routines/section_widgets.ycp?rev=58289&r1=58288&r2=58289&view=diff
==============================================================================
--- trunk/bootloader/src/routines/section_widgets.ycp (original)
+++ trunk/bootloader/src/routines/section_widgets.ycp Thu Aug 6 13:50:12 2009
@@ -122,6 +122,92 @@
];
}
+
+void InitEnableSelinux (string widget)
+{
+ string append = BootCommon::current_section["append"]:"";
+ if ((append != "") && (BootCommon::current_section["type"]:"" == "image"))
+ {
+ if ((search(append, "security=selinux") !=nil) && (search(append,
"selinux=1") != nil)
+ && (search(append, "enforcing=0") != nil))
+ UI::ChangeWidget (`id (widget), `Value, true);
+ else
+ UI::ChangeWidget (`id (widget), `Value, false);
+ } else {
+ UI::ChangeWidget (`id (widget), `Value, false);
+ }
+
+ if ((BootCommon::current_section["type"]:"" != "image") ||
+ (BootCommon::current_section["original_name"]:"" == "failsafe"))
+ UI::ChangeWidget (`id (widget), `Enabled, false);
+}
+
+string add_selinux_append (string append)
+{
+ string ret = append;
+ if ((search(append, "security=selinux") ==nil))
+ ret = ret + " security=selinux";
+ if ((search(append, "selinux=1") ==nil))
+ ret = ret + " selinux=1";
+ if ((search(append, "enforcing=0") ==nil))
+ ret = ret + " enforcing=0";
+ return ret;
+}
+
+string delete_selinux_append (string append)
+{
+ string ret = append;
+ list <string> l_append = splitstring(append, " ");
+ l_append = filter(string v, l_append,
+ {
+ if ((v != "") && (tolower(v)!="security=selinux")
+ &&(tolower(v)!="selinux=1") && (tolower(v)!="enforcing=0"))
+ return true;
+ });
+ ret = mergestring(l_append, " ");
+ return ret;
+}
+
+void StoreEnableSelinux(string widget, map event)
+{
+ string append = BootCommon::current_section["append"]:"";
+ boolean value = (boolean)UI::QueryWidget (`id (widget), `Value);
+ if (value)
+ {
+ append = add_selinux_append(append);
+ BootCommon::enable_selinux = true;
+ } else {
+ append = delete_selinux_append(append);
+ BootCommon::enable_selinux = false;
+ }
+ BootCommon::current_section["append"] = append;
+}
+
+symbol HandleEnableSelinux (string widget, map event)
+{
+ boolean value = (boolean)UI::QueryWidget (`id (widget), `Value);
+ string append = BootCommon::current_section["append"]:"";
+ if (value)
+ {
+ UI::ChangeWidget (`id ("append"), `Value, add_selinux_append(append));
+ } else {
+ UI::ChangeWidget (`id ("append"), `Value,
delete_selinux_append(append));
+ }
+ return nil;
+}
+map <string,any> EnableSelinux(){
+ return $[
+ "label" : _("Enable &SELinux"),
+ "widget" : `checkbox,
+ "help" : section_help_messages["enable_selinux"]:"",
+ "init" : InitEnableSelinux,
+ "handle": HandleEnableSelinux,
+ "opt" : [`notify],
+ "store" : StoreEnableSelinux,
+ ];
+}
+
+
map<string,any> SectionTextFieldWidget( string name){
map<string,any> ret = $[
"label" : section_descriptions[name]:name,
@@ -268,7 +354,7 @@
if ((Mode::normal()) && (bl == "grub"))
{
string filtered_new =
- filterchars (new,
"abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890 _.-");
+ filterchars (new,
"abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890 _.-()");
if (filtered_new != new)
{
@@ -540,6 +626,7 @@
"noverifyroot" : SectionCheckBoxWidget("noverifyroot"),
"remap" : SectionCheckBoxWidget("remap"),
"relocatable" : SectionCheckBoxWidget("relocatable"),
+ "enable_selinux" : EnableSelinux(),
"prompt" : SectionCheckBoxWidget("prompt"),
"blockoffset" : SectionIntFieldWidget(
"blockoffset",0,nil),
--
To unsubscribe, e-mail: yast-commit+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: yast-commit+help@xxxxxxxxxxxx
Date: Thu Aug 6 13:50:12 2009
New Revision: 58289
URL: http://svn.opensuse.org/viewcvs/yast?rev=58289&view=rev
Log:
added support for SELinux
Modified:
trunk/bootloader/VERSION
trunk/bootloader/package/yast2-bootloader.changes
trunk/bootloader/src/clients/bootloader.ycp
trunk/bootloader/src/modules/BootCommon.ycp
trunk/bootloader/src/modules/Bootloader.ycp
trunk/bootloader/src/routines/dialogs.ycp
trunk/bootloader/src/routines/section_helps.ycp
trunk/bootloader/src/routines/section_widgets.ycp
Modified: trunk/bootloader/VERSION
URL:
http://svn.opensuse.org/viewcvs/yast/trunk/bootloader/VERSION?rev=58289&r1=58288&r2=58289&view=diff
==============================================================================
--- trunk/bootloader/VERSION (original)
+++ trunk/bootloader/VERSION Thu Aug 6 13:50:12 2009
@@ -1 +1 @@
-2.18.13
+2.18.14
Modified: trunk/bootloader/package/yast2-bootloader.changes
URL:
http://svn.opensuse.org/viewcvs/yast/trunk/bootloader/package/yast2-bootloader.changes?rev=58289&r1=58288&r2=58289&view=diff
==============================================================================
--- trunk/bootloader/package/yast2-bootloader.changes (original)
+++ trunk/bootloader/package/yast2-bootloader.changes Thu Aug 6 13:50:12 2009
@@ -1,4 +1,10 @@
-------------------------------------------------------------------
+Thu Aug 6 10:31:03 CEST 2009 - juhliarik@xxxxxxx
+
+- added support for enable SELinux (fate#305557)
+- 2.18.14
+
+-------------------------------------------------------------------
Tue Aug 4 16:52:57 CEST 2009 - juhliarik@xxxxxxx
- added support for redundancy md array (fate#305008)
Modified: trunk/bootloader/src/clients/bootloader.ycp
URL:
http://svn.opensuse.org/viewcvs/yast/trunk/bootloader/src/clients/bootloader.ycp?rev=58289&r1=58288&r2=58289&view=diff
==============================================================================
--- trunk/bootloader/src/clients/bootloader.ycp (original)
+++ trunk/bootloader/src/clients/bootloader.ycp Thu Aug 6 13:50:12 2009
@@ -16,6 +16,7 @@
*/
{
textdomain "bootloader";
+
import "BootCommon";
import "Bootloader";
import "CommandLine";
@@ -268,6 +269,7 @@
any ret = CommandLine::Run (cmdline);
// boolean ret = GuiHandler ();
+
y2milestone ("Finishing bootloader configuration module");
return ret;
}
Modified: trunk/bootloader/src/modules/BootCommon.ycp
URL:
http://svn.opensuse.org/viewcvs/yast/trunk/bootloader/src/modules/BootCommon.ycp?rev=58289&r1=58288&r2=58289&view=diff
==============================================================================
--- trunk/bootloader/src/modules/BootCommon.ycp (original)
+++ trunk/bootloader/src/modules/BootCommon.ycp Thu Aug 6 13:50:12 2009
@@ -302,6 +302,11 @@
*/
global boolean enable_md_array_redundancy = nil;
+/** FATE#305557: Enable SELinux for 11.2
+ * if true create /selinux directory
+ */
+global boolean enable_selinux = false;
+
global define string getLoaderType (boolean recheck);
global define list<string> getBootloaders ();
Modified: trunk/bootloader/src/modules/Bootloader.ycp
URL:
http://svn.opensuse.org/viewcvs/yast/trunk/bootloader/src/modules/Bootloader.ycp?rev=58289&r1=58288&r2=58289&view=diff
==============================================================================
--- trunk/bootloader/src/modules/Bootloader.ycp (original)
+++ trunk/bootloader/src/modules/Bootloader.ycp Thu Aug 6 13:50:12 2009
@@ -62,7 +62,7 @@
global define boolean UpdateGfxMenu ();
global define void DelDuplicatedSections();
global define void ResolveSymlinksInSections();
-
+ void createSELinuxDir ();
/**
* Write is repeating again
* Because of progress bar during inst_finish
@@ -572,9 +572,10 @@
// call bootloader executable
y2milestone ("Calling bootloader executable");
ret = ret && blWrite ();
-
- if (! ret)
- {
+ // FATE#305557: Enable SELinux for 11.2
+ createSELinuxDir ();
+ if (! ret)
+ {
y2error ("Installing bootloader failed");
if (writeErrorPopup ())
{
@@ -586,19 +587,17 @@
return Write ();
}
}
- }
- else
- {
- if (BootCommon::InstallingToFloppy ())
- {
- BootCommon::updateTimeoutPopupForFloppy
- (BootCommon::getLoaderName (getLoaderType (), `summary));
}
+ else
+ {
+ if (BootCommon::InstallingToFloppy ())
+ {
+ BootCommon::updateTimeoutPopupForFloppy
+ (BootCommon::getLoaderName (getLoaderType (), `summary));
+ }
+ }
-
- }
-
- return ret;
+ return ret;
}
@@ -707,7 +706,8 @@
// call bootloader executable
y2milestone ("Calling bootloader executable");
ret = ret && blWrite ();
-
+ // FATE#305557: Enable SELinux for 11.2
+ createSELinuxDir ();
if (! ret)
{
y2error ("Installing bootloader failed");
@@ -1545,4 +1545,32 @@
return true;
}
+
+/** Fate #305557: Enable SELinux for 11.2
+ * Function cerate /selinux directory
+ * if SELinux is enabled
+ */
+
+void createSELinuxDir ()
+{
+ string path_file = "/selinux";
+ string cmd = "ls -d /selinux 2>/dev/null";
+ if (BootCommon::enable_selinux)
+ {
+ if (Mode::normal() || Mode::installation())
+ {
+ map out = (map)SCR::Execute(.target.bash_output, cmd);
+ y2milestone("runnning command: \"%1\" and return: %2", cmd, out);
+ if (out["stdout"]:"" != "/selinux\n")
+ SCR::Execute(.target.mkdir, path_file);
+ else
+ y2milestone("Directory /selinux already exist");
+ } else {
+ y2milestone("Skip creating /selinux directory -> wrong mode");
+ }
+ } else {
+ y2milestone("Skip creating /selinux directory");
+ }
+}
+
}
Modified: trunk/bootloader/src/routines/dialogs.ycp
URL:
http://svn.opensuse.org/viewcvs/yast/trunk/bootloader/src/routines/dialogs.ycp?rev=58289&r1=58288&r2=58289&view=diff
==============================================================================
--- trunk/bootloader/src/routines/dialogs.ycp (original)
+++ trunk/bootloader/src/routines/dialogs.ycp Thu Aug 6 13:50:12 2009
@@ -164,7 +164,12 @@
// frame
`Frame (_("Section Settings"), `HBox (`HSpacing (2), `VBox (
`VSpacing (1),
- `Left("noverifyroot"),
+ `HBox
+ (
+ `Left("noverifyroot"),
+ `HSpacing(2),
+ `Left("enable_selinux")
+ ),
"image",
"initrd",
`HBox (
@@ -178,7 +183,7 @@
), `HSpacing (2));
list<string> widget_names = ["name", "image", "initrd", "root", "vgamode",
"append"
- ,"noverifyroot"];
+ ,"noverifyroot", "enable_selinux"];
map<string,map<string,any> > widget_descr = $[];
if (lt != "grub")
@@ -217,7 +222,12 @@
// frame
`Frame (_("Section Settings"), `HBox (`HSpacing (2), `VBox (
`VSpacing (1),
- `Left("optional"),
+ `HBox
+ (
+ `Left("optional"),
+ `HSpacing(2),
+ `Left("enable_selinux")
+ ),
"image",
"initrd",
"root",
@@ -229,7 +239,7 @@
), `HSpacing (2));
list<string> widget_names = ["name", "image", "initrd", "root", "optional",
- "append", "copy"];
+ "append", "copy", "enable_selinux"];
map<string,map<string,any> > widget_descr = $[];
widget_descr = (map<string,map<string,any> >) union (CommonGlobalWidgets
(), CommonSectionWidgets ());
@@ -264,7 +274,12 @@
// frame
`Frame (_("Section Settings"), `HBox (`HSpacing (2), `VBox (
`VSpacing (1),
- `Left("optional"),
+ `HBox
+ (
+ `Left("optional"),
+ `HSpacing(2),
+ `Left("enable_selinux")
+ ),
"image",
"initrd",
"root",
@@ -275,7 +290,7 @@
), `HSpacing (2));
list<string> widget_names = ["name", "image", "initrd", "root", "optional",
- "append"];
+ "append", "enable_selinux"];
map<string,map<string,any> > widget_descr = $[];
widget_descr = (map<string,map<string,any> >) union (CommonGlobalWidgets
(), CommonSectionWidgets ());
@@ -308,6 +323,7 @@
// frame
`Frame (_("Section Settings"), `HBox (`HSpacing (2), `VBox (
`VSpacing (1),
+ `Left("enable_selinux"),
"target",
"image",
"initrd",
@@ -320,7 +336,7 @@
), `HSpacing (2));
list<string> widget_names = ["name", "image", "initrd", "root", "append"
- ,"parmfile","target"];
+ ,"parmfile","target", "enable_selinux"];
map<string,map<string,any> > widget_descr = $[];
widget_descr = (map<string,map<string,any> >) union (CommonGlobalWidgets
(), CommonSectionWidgets ());
Modified: trunk/bootloader/src/routines/section_helps.ycp
URL:
http://svn.opensuse.org/viewcvs/yast/trunk/bootloader/src/routines/section_helps.ycp?rev=58289&r1=58288&r2=58289&view=diff
==============================================================================
--- trunk/bootloader/src/routines/section_helps.ycp (original)
+++ trunk/bootloader/src/routines/section_helps.ycp Thu Aug 6 13:50:12 2009
@@ -79,6 +79,9 @@
_("<p>Select <b>Menu Section</b> to add a new menu to the configuration.
Menu sections represent a list of tasks which are grouped together.</p>
"),
+ "enable_selinux":
+ _("<p>Select <b>Enable SELinux</b> to add the needed kernel boot
parameters to enable the SELinux security framework.
+Please note that this will also disable AppArmor.</p>")
];
Modified: trunk/bootloader/src/routines/section_widgets.ycp
URL:
http://svn.opensuse.org/viewcvs/yast/trunk/bootloader/src/routines/section_widgets.ycp?rev=58289&r1=58288&r2=58289&view=diff
==============================================================================
--- trunk/bootloader/src/routines/section_widgets.ycp (original)
+++ trunk/bootloader/src/routines/section_widgets.ycp Thu Aug 6 13:50:12 2009
@@ -122,6 +122,92 @@
];
}
+
+void InitEnableSelinux (string widget)
+{
+ string append = BootCommon::current_section["append"]:"";
+ if ((append != "") && (BootCommon::current_section["type"]:"" == "image"))
+ {
+ if ((search(append, "security=selinux") !=nil) && (search(append,
"selinux=1") != nil)
+ && (search(append, "enforcing=0") != nil))
+ UI::ChangeWidget (`id (widget), `Value, true);
+ else
+ UI::ChangeWidget (`id (widget), `Value, false);
+ } else {
+ UI::ChangeWidget (`id (widget), `Value, false);
+ }
+
+ if ((BootCommon::current_section["type"]:"" != "image") ||
+ (BootCommon::current_section["original_name"]:"" == "failsafe"))
+ UI::ChangeWidget (`id (widget), `Enabled, false);
+}
+
+string add_selinux_append (string append)
+{
+ string ret = append;
+ if ((search(append, "security=selinux") ==nil))
+ ret = ret + " security=selinux";
+ if ((search(append, "selinux=1") ==nil))
+ ret = ret + " selinux=1";
+ if ((search(append, "enforcing=0") ==nil))
+ ret = ret + " enforcing=0";
+ return ret;
+}
+
+string delete_selinux_append (string append)
+{
+ string ret = append;
+ list <string> l_append = splitstring(append, " ");
+ l_append = filter(string v, l_append,
+ {
+ if ((v != "") && (tolower(v)!="security=selinux")
+ &&(tolower(v)!="selinux=1") && (tolower(v)!="enforcing=0"))
+ return true;
+ });
+ ret = mergestring(l_append, " ");
+ return ret;
+}
+
+void StoreEnableSelinux(string widget, map event)
+{
+ string append = BootCommon::current_section["append"]:"";
+ boolean value = (boolean)UI::QueryWidget (`id (widget), `Value);
+ if (value)
+ {
+ append = add_selinux_append(append);
+ BootCommon::enable_selinux = true;
+ } else {
+ append = delete_selinux_append(append);
+ BootCommon::enable_selinux = false;
+ }
+ BootCommon::current_section["append"] = append;
+}
+
+symbol HandleEnableSelinux (string widget, map event)
+{
+ boolean value = (boolean)UI::QueryWidget (`id (widget), `Value);
+ string append = BootCommon::current_section["append"]:"";
+ if (value)
+ {
+ UI::ChangeWidget (`id ("append"), `Value, add_selinux_append(append));
+ } else {
+ UI::ChangeWidget (`id ("append"), `Value,
delete_selinux_append(append));
+ }
+ return nil;
+}
+map <string,any> EnableSelinux(){
+ return $[
+ "label" : _("Enable &SELinux"),
+ "widget" : `checkbox,
+ "help" : section_help_messages["enable_selinux"]:"",
+ "init" : InitEnableSelinux,
+ "handle": HandleEnableSelinux,
+ "opt" : [`notify],
+ "store" : StoreEnableSelinux,
+ ];
+}
+
+
map<string,any> SectionTextFieldWidget( string name){
map<string,any> ret = $[
"label" : section_descriptions[name]:name,
@@ -268,7 +354,7 @@
if ((Mode::normal()) && (bl == "grub"))
{
string filtered_new =
- filterchars (new,
"abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890 _.-");
+ filterchars (new,
"abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890 _.-()");
if (filtered_new != new)
{
@@ -540,6 +626,7 @@
"noverifyroot" : SectionCheckBoxWidget("noverifyroot"),
"remap" : SectionCheckBoxWidget("remap"),
"relocatable" : SectionCheckBoxWidget("relocatable"),
+ "enable_selinux" : EnableSelinux(),
"prompt" : SectionCheckBoxWidget("prompt"),
"blockoffset" : SectionIntFieldWidget(
"blockoffset",0,nil),
--
To unsubscribe, e-mail: yast-commit+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: yast-commit+help@xxxxxxxxxxxx
| < Previous | Next > |