def _validate_get_failure(self):
if (audit.AUDIT_ARCH not in self.excluded_fields and
self.rule_arch_present.get_active()):
try:
util.parse_elf(self.rule_arch.child.get_text())
except util.ParsingError, e:
return (str(e), 0, self.rule_arch)
def __rule_arch_changed(self):
'''Recompute self.machine_id and self.syscall_name_store.
Raise ParsingError if the self.rule_arch.child is invalid.
'''
if not self.rule_arch_present.get_active():
machine = util.audit_machine_id
self.last_arch_name = None
else:
name = self.rule_arch.child.get_text()
if self.last_arch_name is not None and name == self.last_arch_name:
return
machine = util.parse_elf(name) # May raise ParsingError
if self.machine_id == machine:
return
self.machine_id = machine
self.syscall_name_store.clear()
def sc_to_name(sc):
return audit.audit_syscall_to_name(sc, machine)
names = lists.ids_to_names(lists.syscalls, sc_to_name)
names.sort()
# As an UGLY special case, some system calls never exit. Exclude them
# from exit filters == filters where the exit value is available.
keep_non_exit = audit.AUDIT_EXIT in self.excluded_fields
for name in names:
if (keep_non_exit or
self.__non_exit_syscall_re.search(name) is None):
self.syscall_name_store.append((name,))
def parse_value(string, op, rule):
if rule.syscalls:
raise ParsingError(_('Architecture can not be changed after system '
'calls are selected'))
if op not in (Field.OP_EQ, Field.OP_NE):
raise ParsingError(_('The only valid operators for "%s" are "=" '
'and "!="') %
audit.audit_field_to_name(audit.AUDIT_ARCH))
rule.machine = util.parse_elf(string)
return string
def _save_rule(self, rule):
'''Modify rule to reflect dialog state.'''
rule.action = self._radio_get(self.__action_map)
del rule.fields[:]
if (audit.AUDIT_FILTERKEY not in self.excluded_fields and
self.rule_keys_present.get_active()):
for key in self.keys:
f = Field()
f.var = audit.AUDIT_FILTERKEY
f.op = Field.OP_EQ
f.value = key
rule.fields.append(f)
if audit.AUDIT_ARCH not in self.excluded_fields:
if self.rule_arch_present.get_active():
f = Field()
f.var = audit.AUDIT_ARCH
f.op = Field.OP_EQ
f.value = self.rule_arch.child.get_text()
try:
rule.machine = util.parse_elf(f.value)
except util.ParsingError:
assert False, 'Should have been validated'
rule.fields.append(f)
else:
rule.machine = util.audit_machine_id
it = self.fields_store.get_iter_first()
while it is not None:
rule.fields.append(self.fields_store.get_value(it, 0))
it = self.fields_store.iter_next(it)
if audit.AUDIT_ARCH not in self.excluded_fields:
del rule.syscalls[:]
if self.rule_syscalls_not_all.get_active():
it = self.syscall_store.get_iter_first()
while it is not None:
name = self.syscall_store.get_value(it, 0)
try:
sc = util.parse_syscall(name, self.machine_id)
except util.ParsingError:
assert False, 'Should have been validated'
rule.syscalls.append(sc)
it = self.syscall_store.iter_next(it)
assert len(rule.syscalls) > 0
else:
rule.syscalls.append(Rule.SYSCALLS_ALL)
def _load_rule(self, rule):
'''Modify dialog controls to reflect rule.'''
self._radio_set(rule.action, self.__action_map)
if audit.AUDIT_FILTERKEY not in self.excluded_fields:
self.keys = [f.value for f in rule.fields
if f.var == audit.AUDIT_FILTERKEY]
self.rule_keys_present.set_active(len(self.keys) != 0)
self.__update_rule_keys()
if audit.AUDIT_ARCH not in self.excluded_fields:
for f in rule.fields:
if f.var == audit.AUDIT_ARCH:
self.rule_arch_present.set_active(True)
try:
m = util.parse_elf(f.value)
except util.ParsingError:
assert False, 'Rule should not have been created'
util.set_combo_entry_text(self.rule_arch, f.value)
break
else:
self.rule_arch_present.set_active(False)
self.rule_arch.set_active(-1)
self.rule_arch.child.set_text('')
m = util.audit_machine_id
assert rule.machine == m
self.__rule_arch_changed()
if audit.AUDIT_ARCH not in self.excluded_fields:
self.syscall_store.clear()
if Rule.SYSCALLS_ALL in rule.syscalls:
self.rule_syscalls_not_all.set_active(False)
else:
self.rule_syscalls_not_all.set_active(True)
for sc in rule.syscalls:
name = util.syscall_string(sc, self.machine_id)
self.syscall_store.append((name,))
self.fields_store.clear()
for field in rule.fields:
if field.var not in (audit.AUDIT_ARCH, audit.AUDIT_FILTERKEY):
it = self.fields_store.append()
self.fields_store.set_value(it, 0, field)
self.__update_fields_store_row(it)
