def _row_set_syscalls(self, it, column, rule): '''Set column column in it to the syscalls of rule.''' if Rule.SYSCALLS_ALL in rule.syscalls: text = _('Any') else: text = ', '.join((util.syscall_string(sc, rule.machine) for sc in rule.syscalls)) self.store.set_value(it, column, text)
def _load_rule(self, rule): '''Modify dialog controls to reflect rule.''' self._radio_set(rule.action, self.__action_map) if audit.AUDIT_FILTERKEY not in self.excluded_fields: self.keys = [f.value for f in rule.fields if f.var == audit.AUDIT_FILTERKEY] self.rule_keys_present.set_active(len(self.keys) != 0) self.__update_rule_keys() if audit.AUDIT_ARCH not in self.excluded_fields: for f in rule.fields: if f.var == audit.AUDIT_ARCH: self.rule_arch_present.set_active(True) try: m = util.parse_elf(f.value) except util.ParsingError: assert False, 'Rule should not have been created' util.set_combo_entry_text(self.rule_arch, f.value) break else: self.rule_arch_present.set_active(False) self.rule_arch.set_active(-1) self.rule_arch.child.set_text('') m = util.audit_machine_id assert rule.machine == m self.__rule_arch_changed() if audit.AUDIT_ARCH not in self.excluded_fields: self.syscall_store.clear() if Rule.SYSCALLS_ALL in rule.syscalls: self.rule_syscalls_not_all.set_active(False) else: self.rule_syscalls_not_all.set_active(True) for sc in rule.syscalls: name = util.syscall_string(sc, self.machine_id) self.syscall_store.append((name,)) self.fields_store.clear() for field in rule.fields: if field.var not in (audit.AUDIT_ARCH, audit.AUDIT_FILTERKEY): it = self.fields_store.append() self.fields_store.set_value(it, 0, field) self.__update_fields_store_row(it)
def command_text(self, rules, list, list_name): '''Represent self as a string within a list with list_name in rules.''' o = [] used_fields = set(field.var for field in self.fields) watches = [field for field in self.fields if field.var in (audit.AUDIT_DIR, audit.AUDIT_WATCH)] if (list is rules.exit_rules and self.syscalls == [self.SYSCALLS_ALL] and used_fields.issubset(set((audit.AUDIT_DIR, audit.AUDIT_FILTERKEY, audit.AUDIT_PERM, audit.AUDIT_WATCH))) and len(watches) == 1 and watches[0].op == Field.OP_EQ): o.append('-w %s' % watches[0].value) watch_used = True else: o.append('-a %s,%s' % (list_name, self.action)) watch_used = False # Add fields before syscalls because -F arch=... may change the meaning # of syscall names. But add AUDIT_FILTERKEY only after -S, auditctl # stubbornly insists on that order. for f in self.fields: if (f.var != audit.AUDIT_FILTERKEY and (f.var not in (audit.AUDIT_DIR, audit.AUDIT_WATCH) or not watch_used)): o.append(f.option_text(self)) # exclude_rules and user_rules are not syscall related. -w implies # -S all. if (list is not rules.exclude_rules and list is not rules.user_rules and not watch_used): for s in self.syscalls: if s == self.SYSCALLS_ALL: o.append('-S all') else: o.append('-S %s' % util.syscall_string(s, self.machine)) for f in self.fields: if f.var == audit.AUDIT_FILTERKEY: o.append(f.option_text(self)) return ' '.join(o)