mirrors/apparmor
1
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor.git synced 2025-03-04 08:24:42 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

move yastui to deprecated as the YaST ui is now being maintained and developed in the YaST svn

Browse source
This commit is contained in:
John Johansen 2008-05-19 22:46:34 +00:00
parent ddf2704a42
commit 4c3f1268aa
108 changed files with 0 additions and 29658 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

504
management/yastui/COPYING.LGPL
View file

@ -1,504 +0,0 @@
GNU LESSER GENERAL PUBLIC LICENSE
Version 2.1, February 1999
Copyright (C) 1991, 1999 Free Software Foundation, Inc.
51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
Everyone is permitted to copy and distribute verbatim copies
of this license document, but changing it is not allowed.
[This is the first released version of the Lesser GPL. It also counts
as the successor of the GNU Library Public License, version 2, hence
the version number 2.1.]
Preamble
The licenses for most software are designed to take away your
freedom to share and change it. By contrast, the GNU General Public
Licenses are intended to guarantee your freedom to share and change
free software--to make sure the software is free for all its users.
This license, the Lesser General Public License, applies to some
specially designated software packages--typically libraries--of the
Free Software Foundation and other authors who decide to use it. You
can use it too, but we suggest you first think carefully about whether
this license or the ordinary General Public License is the better
strategy to use in any particular case, based on the explanations below.
When we speak of free software, we are referring to freedom of use,
not price. Our General Public Licenses are designed to make sure that
you have the freedom to distribute copies of free software (and charge
for this service if you wish); that you receive source code or can get
it if you want it; that you can change the software and use pieces of
it in new free programs; and that you are informed that you can do
these things.
To protect your rights, we need to make restrictions that forbid
distributors to deny you these rights or to ask you to surrender these
rights. These restrictions translate to certain responsibilities for
you if you distribute copies of the library or if you modify it.
For example, if you distribute copies of the library, whether gratis
or for a fee, you must give the recipients all the rights that we gave
you. You must make sure that they, too, receive or can get the source
code. If you link other code with the library, you must provide
complete object files to the recipients, so that they can relink them
with the library after making changes to the library and recompiling
it. And you must show them these terms so they know their rights.
We protect your rights with a two-step method: (1) we copyright the
library, and (2) we offer you this license, which gives you legal
permission to copy, distribute and/or modify the library.
To protect each distributor, we want to make it very clear that
there is no warranty for the free library. Also, if the library is
modified by someone else and passed on, the recipients should know
that what they have is not the original version, so that the original
author's reputation will not be affected by problems that might be
introduced by others.
Finally, software patents pose a constant threat to the existence of
any free program. We wish to make sure that a company cannot
effectively restrict the users of a free program by obtaining a
restrictive license from a patent holder. Therefore, we insist that
any patent license obtained for a version of the library must be
consistent with the full freedom of use specified in this license.
Most GNU software, including some libraries, is covered by the
ordinary GNU General Public License. This license, the GNU Lesser
General Public License, applies to certain designated libraries, and
is quite different from the ordinary General Public License. We use
this license for certain libraries in order to permit linking those
libraries into non-free programs.
When a program is linked with a library, whether statically or using
a shared library, the combination of the two is legally speaking a
combined work, a derivative of the original library. The ordinary
General Public License therefore permits such linking only if the
entire combination fits its criteria of freedom. The Lesser General
Public License permits more lax criteria for linking other code with
the library.
We call this license the "Lesser" General Public License because it
does Less to protect the user's freedom than the ordinary General
Public License. It also provides other free software developers Less
of an advantage over competing non-free programs. These disadvantages
are the reason we use the ordinary General Public License for many
libraries. However, the Lesser license provides advantages in certain
special circumstances.
For example, on rare occasions, there may be a special need to
encourage the widest possible use of a certain library, so that it becomes
a de-facto standard. To achieve this, non-free programs must be
allowed to use the library. A more frequent case is that a free
library does the same job as widely used non-free libraries. In this
case, there is little to gain by limiting the free library to free
software only, so we use the Lesser General Public License.
In other cases, permission to use a particular library in non-free
programs enables a greater number of people to use a large body of
free software. For example, permission to use the GNU C Library in
non-free programs enables many more people to use the whole GNU
operating system, as well as its variant, the GNU/Linux operating
system.
Although the Lesser General Public License is Less protective of the
users' freedom, it does ensure that the user of a program that is
linked with the Library has the freedom and the wherewithal to run
that program using a modified version of the Library.
The precise terms and conditions for copying, distribution and
modification follow. Pay close attention to the difference between a
"work based on the library" and a "work that uses the library". The
former contains code derived from the library, whereas the latter must
be combined with the library in order to run.
GNU LESSER GENERAL PUBLIC LICENSE
TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
0. This License Agreement applies to any software library or other
program which contains a notice placed by the copyright holder or
other authorized party saying it may be distributed under the terms of
this Lesser General Public License (also called "this License").
Each licensee is addressed as "you".
A "library" means a collection of software functions and/or data
prepared so as to be conveniently linked with application programs
(which use some of those functions and data) to form executables.
The "Library", below, refers to any such software library or work
which has been distributed under these terms. A "work based on the
Library" means either the Library or any derivative work under
copyright law: that is to say, a work containing the Library or a
portion of it, either verbatim or with modifications and/or translated
straightforwardly into another language. (Hereinafter, translation is
included without limitation in the term "modification".)
"Source code" for a work means the preferred form of the work for
making modifications to it. For a library, complete source code means
all the source code for all modules it contains, plus any associated
interface definition files, plus the scripts used to control compilation
and installation of the library.
Activities other than copying, distribution and modification are not
covered by this License; they are outside its scope. The act of
running a program using the Library is not restricted, and output from
such a program is covered only if its contents constitute a work based
on the Library (independent of the use of the Library in a tool for
writing it). Whether that is true depends on what the Library does
and what the program that uses the Library does.
1. You may copy and distribute verbatim copies of the Library's
complete source code as you receive it, in any medium, provided that
you conspicuously and appropriately publish on each copy an
appropriate copyright notice and disclaimer of warranty; keep intact
all the notices that refer to this License and to the absence of any
warranty; and distribute a copy of this License along with the
Library.
You may charge a fee for the physical act of transferring a copy,
and you may at your option offer warranty protection in exchange for a
fee.
2. You may modify your copy or copies of the Library or any portion
of it, thus forming a work based on the Library, and copy and
distribute such modifications or work under the terms of Section 1
above, provided that you also meet all of these conditions:
a) The modified work must itself be a software library.
b) You must cause the files modified to carry prominent notices
stating that you changed the files and the date of any change.
c) You must cause the whole of the work to be licensed at no
charge to all third parties under the terms of this License.
d) If a facility in the modified Library refers to a function or a
table of data to be supplied by an application program that uses
the facility, other than as an argument passed when the facility
is invoked, then you must make a good faith effort to ensure that,
in the event an application does not supply such function or
table, the facility still operates, and performs whatever part of
its purpose remains meaningful.
(For example, a function in a library to compute square roots has
a purpose that is entirely well-defined independent of the
application. Therefore, Subsection 2d requires that any
application-supplied function or table used by this function must
be optional: if the application does not supply it, the square
root function must still compute square roots.)
These requirements apply to the modified work as a whole. If
identifiable sections of that work are not derived from the Library,
and can be reasonably considered independent and separate works in
themselves, then this License, and its terms, do not apply to those
sections when you distribute them as separate works. But when you
distribute the same sections as part of a whole which is a work based
on the Library, the distribution of the whole must be on the terms of
this License, whose permissions for other licensees extend to the
entire whole, and thus to each and every part regardless of who wrote
it.
Thus, it is not the intent of this section to claim rights or contest
your rights to work written entirely by you; rather, the intent is to
exercise the right to control the distribution of derivative or
collective works based on the Library.
In addition, mere aggregation of another work not based on the Library
with the Library (or with a work based on the Library) on a volume of
a storage or distribution medium does not bring the other work under
the scope of this License.
3. You may opt to apply the terms of the ordinary GNU General Public
License instead of this License to a given copy of the Library. To do
this, you must alter all the notices that refer to this License, so
that they refer to the ordinary GNU General Public License, version 2,
instead of to this License. (If a newer version than version 2 of the
ordinary GNU General Public License has appeared, then you can specify
that version instead if you wish.) Do not make any other change in
these notices.
Once this change is made in a given copy, it is irreversible for
that copy, so the ordinary GNU General Public License applies to all
subsequent copies and derivative works made from that copy.
This option is useful when you wish to copy part of the code of
the Library into a program that is not a library.
4. You may copy and distribute the Library (or a portion or
derivative of it, under Section 2) in object code or executable form
under the terms of Sections 1 and 2 above provided that you accompany
it with the complete corresponding machine-readable source code, which
must be distributed under the terms of Sections 1 and 2 above on a
medium customarily used for software interchange.
If distribution of object code is made by offering access to copy
from a designated place, then offering equivalent access to copy the
source code from the same place satisfies the requirement to
distribute the source code, even though third parties are not
compelled to copy the source along with the object code.
5. A program that contains no derivative of any portion of the
Library, but is designed to work with the Library by being compiled or
linked with it, is called a "work that uses the Library". Such a
work, in isolation, is not a derivative work of the Library, and
therefore falls outside the scope of this License.
However, linking a "work that uses the Library" with the Library
creates an executable that is a derivative of the Library (because it
contains portions of the Library), rather than a "work that uses the
library". The executable is therefore covered by this License.
Section 6 states terms for distribution of such executables.
When a "work that uses the Library" uses material from a header file
that is part of the Library, the object code for the work may be a
derivative work of the Library even though the source code is not.
Whether this is true is especially significant if the work can be
linked without the Library, or if the work is itself a library. The
threshold for this to be true is not precisely defined by law.
If such an object file uses only numerical parameters, data
structure layouts and accessors, and small macros and small inline
functions (ten lines or less in length), then the use of the object
file is unrestricted, regardless of whether it is legally a derivative
work. (Executables containing this object code plus portions of the
Library will still fall under Section 6.)
Otherwise, if the work is a derivative of the Library, you may
distribute the object code for the work under the terms of Section 6.
Any executables containing that work also fall under Section 6,
whether or not they are linked directly with the Library itself.
6. As an exception to the Sections above, you may also combine or
link a "work that uses the Library" with the Library to produce a
work containing portions of the Library, and distribute that work
under terms of your choice, provided that the terms permit
modification of the work for the customer's own use and reverse
engineering for debugging such modifications.
You must give prominent notice with each copy of the work that the
Library is used in it and that the Library and its use are covered by
this License. You must supply a copy of this License. If the work
during execution displays copyright notices, you must include the
copyright notice for the Library among them, as well as a reference
directing the user to the copy of this License. Also, you must do one
of these things:
a) Accompany the work with the complete corresponding
machine-readable source code for the Library including whatever
changes were used in the work (which must be distributed under
Sections 1 and 2 above); and, if the work is an executable linked
with the Library, with the complete machine-readable "work that
uses the Library", as object code and/or source code, so that the
user can modify the Library and then relink to produce a modified
executable containing the modified Library. (It is understood
that the user who changes the contents of definitions files in the
Library will not necessarily be able to recompile the application
to use the modified definitions.)
b) Use a suitable shared library mechanism for linking with the
Library. A suitable mechanism is one that (1) uses at run time a
copy of the library already present on the user's computer system,
rather than copying library functions into the executable, and (2)
will operate properly with a modified version of the library, if
the user installs one, as long as the modified version is
interface-compatible with the version that the work was made with.
c) Accompany the work with a written offer, valid for at
least three years, to give the same user the materials
specified in Subsection 6a, above, for a charge no more
than the cost of performing this distribution.
d) If distribution of the work is made by offering access to copy
from a designated place, offer equivalent access to copy the above
specified materials from the same place.
e) Verify that the user has already received a copy of these
materials or that you have already sent this user a copy.
For an executable, the required form of the "work that uses the
Library" must include any data and utility programs needed for
reproducing the executable from it. However, as a special exception,
the materials to be distributed need not include anything that is
normally distributed (in either source or binary form) with the major
components (compiler, kernel, and so on) of the operating system on
which the executable runs, unless that component itself accompanies
the executable.
It may happen that this requirement contradicts the license
restrictions of other proprietary libraries that do not normally
accompany the operating system. Such a contradiction means you cannot
use both them and the Library together in an executable that you
distribute.
7. You may place library facilities that are a work based on the
Library side-by-side in a single library together with other library
facilities not covered by this License, and distribute such a combined
library, provided that the separate distribution of the work based on
the Library and of the other library facilities is otherwise
permitted, and provided that you do these two things:
a) Accompany the combined library with a copy of the same work
based on the Library, uncombined with any other library
facilities. This must be distributed under the terms of the
Sections above.
b) Give prominent notice with the combined library of the fact
that part of it is a work based on the Library, and explaining
where to find the accompanying uncombined form of the same work.
8. You may not copy, modify, sublicense, link with, or distribute
the Library except as expressly provided under this License. Any
attempt otherwise to copy, modify, sublicense, link with, or
distribute the Library is void, and will automatically terminate your
rights under this License. However, parties who have received copies,
or rights, from you under this License will not have their licenses
terminated so long as such parties remain in full compliance.
9. You are not required to accept this License, since you have not
signed it. However, nothing else grants you permission to modify or
distribute the Library or its derivative works. These actions are
prohibited by law if you do not accept this License. Therefore, by
modifying or distributing the Library (or any work based on the
Library), you indicate your acceptance of this License to do so, and
all its terms and conditions for copying, distributing or modifying
the Library or works based on it.
10. Each time you redistribute the Library (or any work based on the
Library), the recipient automatically receives a license from the
original licensor to copy, distribute, link with or modify the Library
subject to these terms and conditions. You may not impose any further
restrictions on the recipients' exercise of the rights granted herein.
You are not responsible for enforcing compliance by third parties with
this License.
11. If, as a consequence of a court judgment or allegation of patent
infringement or for any other reason (not limited to patent issues),
conditions are imposed on you (whether by court order, agreement or
otherwise) that contradict the conditions of this License, they do not
excuse you from the conditions of this License. If you cannot
distribute so as to satisfy simultaneously your obligations under this
License and any other pertinent obligations, then as a consequence you
may not distribute the Library at all. For example, if a patent
license would not permit royalty-free redistribution of the Library by
all those who receive copies directly or indirectly through you, then
the only way you could satisfy both it and this License would be to
refrain entirely from distribution of the Library.
If any portion of this section is held invalid or unenforceable under any
particular circumstance, the balance of the section is intended to apply,
and the section as a whole is intended to apply in other circumstances.
It is not the purpose of this section to induce you to infringe any
patents or other property right claims or to contest validity of any
such claims; this section has the sole purpose of protecting the
integrity of the free software distribution system which is
implemented by public license practices. Many people have made
generous contributions to the wide range of software distributed
through that system in reliance on consistent application of that
system; it is up to the author/donor to decide if he or she is willing
to distribute software through any other system and a licensee cannot
impose that choice.
This section is intended to make thoroughly clear what is believed to
be a consequence of the rest of this License.
12. If the distribution and/or use of the Library is restricted in
certain countries either by patents or by copyrighted interfaces, the
original copyright holder who places the Library under this License may add
an explicit geographical distribution limitation excluding those countries,
so that distribution is permitted only in or among countries not thus
excluded. In such case, this License incorporates the limitation as if
written in the body of this License.
13. The Free Software Foundation may publish revised and/or new
versions of the Lesser General Public License from time to time.
Such new versions will be similar in spirit to the present version,
but may differ in detail to address new problems or concerns.
Each version is given a distinguishing version number. If the Library
specifies a version number of this License which applies to it and
"any later version", you have the option of following the terms and
conditions either of that version or of any later version published by
the Free Software Foundation. If the Library does not specify a
license version number, you may choose any version ever published by
the Free Software Foundation.
14. If you wish to incorporate parts of the Library into other free
programs whose distribution conditions are incompatible with these,
write to the author to ask for permission. For software which is
copyrighted by the Free Software Foundation, write to the Free
Software Foundation; we sometimes make exceptions for this. Our
decision will be guided by the two goals of preserving the free status
of all derivatives of our free software and of promoting the sharing
and reuse of software generally.
NO WARRANTY
15. BECAUSE THE LIBRARY IS LICENSED FREE OF CHARGE, THERE IS NO
WARRANTY FOR THE LIBRARY, TO THE EXTENT PERMITTED BY APPLICABLE LAW.
EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR
OTHER PARTIES PROVIDE THE LIBRARY "AS IS" WITHOUT WARRANTY OF ANY
KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE
LIBRARY IS WITH YOU. SHOULD THE LIBRARY PROVE DEFECTIVE, YOU ASSUME
THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
16. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN
WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY
AND/OR REDISTRIBUTE THE LIBRARY AS PERMITTED ABOVE, BE LIABLE TO YOU
FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR
CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE
LIBRARY (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING
RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A
FAILURE OF THE LIBRARY TO OPERATE WITH ANY OTHER SOFTWARE), EVEN IF
SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH
DAMAGES.
END OF TERMS AND CONDITIONS
How to Apply These Terms to Your New Libraries
If you develop a new library, and you want it to be of the greatest
possible use to the public, we recommend making it free software that
everyone can redistribute and change. You can do so by permitting
redistribution under these terms (or, alternatively, under the terms of the
ordinary General Public License).
To apply these terms, attach the following notices to the library. It is
safest to attach them to the start of each source file to most effectively
convey the exclusion of warranty; and each file should have at least the
"copyright" line and a pointer to where the full notice is found.
<one line to give the library's name and a brief idea of what it does.>
Copyright (C) <year> <name of author>
This library is free software; you can redistribute it and/or
modify it under the terms of the GNU Lesser General Public
License as published by the Free Software Foundation; either
version 2.1 of the License, or (at your option) any later version.
This library is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
Lesser General Public License for more details.
You should have received a copy of the GNU Lesser General Public
License along with this library; if not, write to the Free Software
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
Also add information on how to contact you by electronic and paper mail.
You should also get your employer (if you work as a programmer) or your
school, if any, to sign a "copyright disclaimer" for the library, if
necessary. Here is a sample; alter the names:
Yoyodyne, Inc., hereby disclaims all copyright interest in the
library `Frob' (a library for tweaking knobs) written by James Random Hacker.
<signature of Ty Coon>, 1 April 1990
Ty Coon, President of Vice
That's all there is to it!

68
management/yastui/Makefile
View file

@ -1,68 +0,0 @@
# ------------------------------------------------------------------
#
# Copyright (C) 2002-2005 Novell/SUSE
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of version 2 of the GNU General Public
# License published by the Free Software Foundation.
#
# ------------------------------------------------------------------
#
# Makefile for YaST2 Plugins for SD
#
NAME=yast2-apparmor
all:
COMMONDIR=../../common/
THEMEDIR=
MODULES= src/modules/AppArmorDialogs.ybc
include common/Make.rules
COMMONDIR_EXISTS=$(strip $(shell [ -d ${COMMONDIR} ] && echo true))
ifeq ($(COMMONDIR_EXISTS), true)
common/Make.rules: $(COMMONDIR)/Make.rules
ln -sf $(COMMONDIR) .
endif
SUBDIRS = clients include scrconf desktop agents perl icons bin modules
.PHONY: install
install: $(MODULES)
mkdir -p ${DESTDIR}/usr/share/YaST2/clients
mkdir -p ${DESTDIR}/usr/share/YaST2/include/subdomain
mkdir -p ${DESTDIR}/usr/share/YaST2/scrconf
mkdir -p ${DESTDIR}/usr/share/YaST2/modules
mkdir -p ${DESTDIR}/usr/share/applications/YaST2
mkdir -p ${DESTDIR}/usr/share/applications/YaST2/groups
mkdir -p ${DESTDIR}/usr/lib/YaST2/servers_non_y2
mkdir -p ${DESTDIR}/usr/lib/perl5/vendor_perl/Immunix
mkdir -p ${DESTDIR}/${THEMEDIR}/icons/48x48/apps
mkdir -p ${DESTDIR}/${THEMEDIR}/icons/32x32/apps
mkdir -p ${DESTDIR}/${THEMEDIR}/icons/22x22/apps
mkdir -p ${DESTDIR}/usr/bin
mkdir -p ${DESTDIR}/etc/apparmor
cp -a src/modules/* ${DESTDIR}/usr/share/YaST2/modules/
cp -a src/clients/* ${DESTDIR}/usr/share/YaST2/clients/
cp -a src/include/* ${DESTDIR}/usr/share/YaST2/include/
cp -a src/scrconf/* ${DESTDIR}/usr/share/YaST2/scrconf/
cp -a src/desktop/* ${DESTDIR}/usr/share/applications/YaST2/
cp -a src/desktop/groups/* ${DESTDIR}/usr/share/applications/YaST2/groups/
cp -a src/perl/* ${DESTDIR}/usr/lib/perl5/vendor_perl/Immunix
cp -a src/icons/48x48/* ${DESTDIR}/${THEMEDIR}/icons/48x48/apps
cp -a src/icons/32x32/* ${DESTDIR}/${THEMEDIR}/icons/32x32/apps
cp -a src/icons/22x22/* ${DESTDIR}/${THEMEDIR}/icons/22x22/apps
cp -a src/bin/* ${DESTDIR}/usr/bin
cp -a src/apparmor/* ${DESTDIR}/etc/apparmor
install -m 755 src/agents/* ${DESTDIR}/usr/lib/YaST2/servers_non_y2/
all: $(MODULES)
src/modules/AppArmorDialogs.ybc: src/modules/AppArmorDialogs.ycp
ycpc -c src/modules/AppArmorDialogs.ycp
src/modules/AppArmorReports.ybc: src/modules/AppArmorReports.ycp
ycpc -c src/modules/AppArmorReports.ycp
.PHONY: clean
clean:
rm -f $(TARBALL) ${NAME}-${VERSION}-*.tar.gz Make.rules

340
management/yastui/src/agents/ag_complain
View file

@ -1,340 +0,0 @@
#!/usr/bin/perl
# ------------------------------------------------------------------
#
# Copyright (C) 2002-2005 Novell/SUSE
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of version 2 of the GNU General Public
# License published by the Free Software Foundation.
#
# ------------------------------------------------------------------
################################################################################
# ag_complain
#
# - Generates list of profiles with complain/enforce info
# - Toggles profiles between complain/enforce modes
#
# Requires:
# - /usr/lib/perl5/vendor_perl/Immunix/SubDomain.pm
#
# Input (Optional):
# - param 'showall' == 1 to change modes for profiles without associated
# binaries (i.e. 'inactive' profiles), 'showall' effects all of the
# parameters listed below
# - param 'all' to change modes for all active profiles
# - profile names to change, for single profiles
# - nothing if listing just active profiles
#
# - may allow multiple profiles in the future
#
################################################################################
use strict;
use Locale::gettext;
use POSIX;
use ycp;
use Immunix::SubDomain;
setlocale(LC_MESSAGES, "");
textdomain("yast2-apparmor");
our $UI_Mode = "yast-agent";
sub getProfPath ($) {
my $profName = shift;
my $profPath = undef;
if ( ! -f "$profiledir/$profName" ) {
ycp::y2milestone("Couldn't find file $profiledir/$profName.");
} elsif (open PROF, "<$profiledir/$profName") {
while(<PROF>) {
if (/^\/\w+/) {
$profPath = (split(/\s+[\{||flag]/, $_))[0];
last;
}
}
close PROF;
} else {
ycp::y2milestone("Couldn't open $profiledir/$profName for reading.");
}
return $profPath;
}
# checks for reasonable filename characteristics
sub badFileName {
my $profName = shift;
my $profPath = undef;
my $allProfs = shift || 0;
my $badFileName = 1;
if ( $profName !~ /^\// ) {
$profPath = getProfPath($profName);
} else {
$profPath = $profName;
}
# Only allow profiles with installed binaries unless specified with $allProfs
if ( $allProfs != 1 && ! -f $profPath ) {
return $badFileName;
}
if ( $profPath ) {
if ( ($profPath !~ /^\./) &&
($profPath !~ /.save$|.new$/) &&
($profPath !~ /\s/) &&
($profPath !~ /([!#-\@\w])\.$/) &&
(length($profPath) <= 128) ) {
$badFileName = 0;
}
}
return $badFileName
}
# returns dot-format profile filenames
sub getProfList {
my $args = shift;
my $allProfs = $args->{'showall'} || 0;
my @rawList = ();
my @profList = ();
my $error = undef;
if ( opendir (MDIR, $profiledir) ) {
@rawList = grep { ! /^\./ && ! /^lib(\d*)[\.|\/]ld/ && -f "$profiledir/$_"
&& ! /\.rpm(new|save)$/
} readdir(MDIR);
close MDIR;
} else {
$error = "Couldn't open directory $profiledir. Exiting.";
ycp::y2error("$error");
exit 1;
}
# Remove profiles without installed binaries by default
if ( $allProfs ne '1' ) {
for my $prof (@rawList) {
if (! badFileName($prof,$allProfs)) {
push (@profList, $prof);
}
}
} else {
@profList = @rawList;
}
return \@profList;
}
# returns both the dot-format and pathnames for profiles
sub getProfHash {
my $args = shift;
my $profList = getProfList($args);
my @rawHash = ();
my @profHash = ();
for my $dotProf (@$profList) {
if (open PROF, "<$profiledir/$dotProf") {
while(<PROF>) {
if (/^\/\w+/) {
my $prof = undef;
$prof->{'dot'} = $dotProf;
$prof->{'path'} = (split(/\s+[\{||flag]/, $_))[0];
push(@rawHash, $prof);
last;
}
}
close PROF;
# Remove profiles without installed binaries by default
if ( $args->{'showall'} ne '1' ) {
for my $prof (@rawHash) {
if (! badFileName($prof->{'path'}, $args->{'showall'})) {
push (@profHash, $prof);
}
}
} else {
@profHash = @rawHash;
}
} else {
ycp::y2error("Couldn't open $profiledir/$dotProf");
exit 1;
}
}
return \@profHash;
}
sub getProfModes {
my $profList = shift;
my @profModeList = ();
for my $profName (@$profList) {
my $flag = undef;
next if (-d $profName);
next if ($profName =~ /^\./);
next if ($profName =~ /.save$|.new$/);
if ( open(PROFILE, "$profiledir/$profName")) {
while(<PROFILE>) {
if (m/^\s*\/\S+\s+(flags=\(.+\)\s+)*{\s*$/) {
$flag = $1;
}
if ($flag) {
$flag =~ s/flags=\((.+)\)/$1/;
$flag =~ s/\s//g;
last; # only one profile except in /lib*/ld* which is a special case
}
}
close(PROFILE);
} else {
ycp::y2milestone( "Couldn't open profile $profName for reading.");
}
if (! $flag) { $flag = 'enforce'};
my $prof = {
'name' => $profName,
'mode' => $flag
};
# Don't add profile entries if the file doesn't exist
if ( $prof->{'name'} ) {
push(@profModeList, $prof);
}
}
return \@profModeList;
}
sub getProfStatus {
my $args = shift;
my $profList = getProfList($args);
my $profModeList = getProfModes($profList);
return $profModeList;
}
sub setProfMode {
my $args = shift;
my $ret = undef;
my $profMode = undef;
if ( $args->{'mode'} eq 'complain' ) {
$profMode = 'complain';
} else {
$profMode = '';
}
# Change just the profile listed, if an associated binary exists
if ( $args->{'profile'} ) {
my $profName = getProfPath("$args->{'profile'}");
if ( badFileName($args->{'profile'}, $args->{'showall'} )) {
ycp::y2milestone("Bad profile: $profName. Skipping.");
} elsif ( $args->{'showall'} && $args->{'showall'} == 1 ) {
setprofileflags("$profiledir/$args->{'profile'}", "$profMode");
} else {
if ($profMode eq 'complain') {
Immunix::SubDomain::complain("$profName");
} else {
Immunix::SubDomain::enforce("$profName");
}
}
# Change all profiles, regardless of whether the associated binary exists
} elsif ( $args->{'showall'} && $args->{'showall'} == 1 ) {
my $profHash = getProfHash($args);
for my $prof (@$profHash) {
setprofileflags("$profiledir/$prof->{'dot'}", "$profMode");
}
# Change all profiles with associated existing binaries
} elsif ( $args->{'all'} == 1 ) {
my $profHash = getProfHash($args);
for my $prof (@$profHash) {
if ( badFileName($prof->{'path'}), $args->{'showall'} ) {
ycp::y2milestone("Bad profile: $prof->{'path'}. Skipping.");
} elsif ($profMode eq 'complain') {
Immunix::SubDomain::complain("$prof->{'path'}");
} else {
Immunix::SubDomain::enforce("$prof->{'path'}");
}
}
} else {
my $error = "ag_complain: Profile name needed for changing complain mode is missing. Exiting.";
ycp::y2milestone("$error");
exit 1;
}
return;
}
# Main
################################################################################
while ( <STDIN> ) {
my ($command, $path, $args) = ycp::ParseCommand ($_);
if ($command && $path && $args) {
my $db = undef;
if ($args->{'mode'} && $args->{'mode'} =~ m/^(complain|enforce)$/ ) {
setProfMode($args);
} else {
$db = getProfStatus($args);
}
if ( defined($db) ) {
ycp::Return( $db );
} else {
ycp::Return("1");
}
} else {
my $error = "ag_complain: Unknown instruction or argument";
ycp::y2milestone("$error");
ycp::Return($error);
exit 1;
}
}
exit 0;

244
management/yastui/src/agents/ag_genprof
View file

@ -1,244 +0,0 @@
#!/usr/bin/perl
# ------------------------------------------------------------------
#
# Copyright (C) 2002-2005 Novell/SUSE
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of version 2 of the GNU General Public
# License published by the Free Software Foundation.
#
# ------------------------------------------------------------------
use warnings;
use strict;
use Data::Dumper;
use Getopt::Long;
use Locale::gettext;
use POSIX;
use Immunix::SubDomain;
# initialize the local poo
setlocale(LC_MESSAGES, "");
textdomain("yast2-apparmor");
setup_yast();
$running_under_genprof = 1;
# options variables
my $help = '';
GetOptions(
'file|f=s' => \$filename,
'dir|d=s' => \$profiledir,
'help|h' => \$help,
);
# tell 'em how to use it...
&usage && exit if $help;
my $sd_mountpoint = check_for_subdomain();
unless($sd_mountpoint) {
fatal_error(gettext("SubDomain does not appear to be started. Please enable SubDomain and try again."));
}
# let's convert it to full path...
$profiledir = get_full_path($profiledir);
unless(-d $profiledir) {
fatal_error(sprintf(gettext("Can't find subdomain profiles in %s."), $profiledir));
}
# what are we profiling?
my $profiling;
my $fqdbin;
do {
my $f = {
description =>
gettext("This wizard will help you create a new AppArmor security
profile for an application, or you can use it to enhance
an existing profile by allowing AppArmor to learn new
application behavior.
Please enter the application name for which you would like
to create a profile, or selecte Browse to find the
application on your system."),
file_label => gettext("&Application to Profile"),
okay_label => gettext("&Create"),
cancel_label => gettext("&Abort"),
browse_desc => gettext("Select Program to Profile"),
};
my $profiling = UI_GetFile( $f );
if(not defined $profiling) {
# they hit cancel
shutdown_yast();
exit 0;
} elsif($profiling) {
# they selected something, see if it exists or we can find it in $PATH
$fqdbin = "";
if(-f $profiling) {
$fqdbin = get_full_path($profiling);
chomp($fqdbin);
unless(-x $fqdbin) {
UI_Important(gettext("The specified file is not executable.
Please enter an application name to
continue generating a profile or press
Abort to cancel this wizard."));
}
} elsif(-d $profiling) {
UI_Important(gettext("The specified pathname is a directory.
Please enter an application name to
continue generating a profile or press
Abort to cancel this wizard."));
} else {
if($profiling !~ /\//) {
my $which = which($profiling);
if($which) {
$fqdbin = get_full_path($which);
}
}
unless(-f $fqdbin) {
UI_Important(gettext("The specified file does not exist.
Please enter an application name to
continue generating a profile or press
Abort to cancel this wizard."));
}
}
} else {
# they hit okay without entering anything
UI_Important(gettext("You have not entered or selected an
application to profile.
Please enter an application name to
continue generating a profile or press
Abort to cancel this wizard."));
}
} until($fqdbin && -x $fqdbin);
# make sure that the app they're requesting to profile is not marked as
# not allowed to have it's own profile
check_qualifiers($fqdbin);
# load all the include files
loadincludes();
my $profilefilename = getprofilefilename($fqdbin);
if(-e $profilefilename) {
$helpers{$fqdbin} = getprofileflags($profilefilename) || "enforce";
} else {
autodep($fqdbin);
$helpers{$fqdbin} = "enforce";
}
if($helpers{$fqdbin} eq "enforce") {
complain($fqdbin);
reload($fqdbin);
}
my $done_profiling = 0;
my $syslog = 1;
$syslog = 0 if ( -e "/var/log/audit/audit.log" );
while(not $done_profiling) {
my $logmark = "";
if ( $syslog ) {
$logmark = `date | md5sum`;
chomp $logmark;
$logmark = $1 if $logmark =~ /^([0-9a-f]+)/;
system("logger -p kern.warn 'GenProf: $logmark'");
} else {
$logmark = last_audit_entry_time();
}
my $q = { };
$q->{headers} = [ gettext("Profiling"), $fqdbin ];
$q->{explanation} = gettext("Please start the application to be profiled in
another window and exercise its functionality now.
Once completed, select the 'Scan' option below in
order to scan the system logs for AppArmor events.
For each AppArmor event, you will be given the
opportunity to choose whether the access should be
allowed or denied.");
$q->{functions} = [ "CMD_SCAN", "CMD_FINISHED" ];
$q->{default} = "CMD_SCAN";
eval {
my ($ans, $arg) = UI_PromptUser($q);
if($ans eq "CMD_SCAN") {
my $lp_ret = do_logprof_pass($logmark);
$done_profiling = 1 if $lp_ret eq "FINISHED";
} else {
# make them confirm the exit command
my $ans = UI_YesNo(gettext("Are you sure you want to exit?"), "n");
if($ans eq "y") {
$done_profiling = 1;
}
}
};
if ($@) {
if ($@ =~ /FINISHING/) {
$done_profiling = 1;
} else {
die $@;
}
}
}
for my $p (sort keys %helpers) {
if($helpers{$p} eq "enforce") {
enforce($p);
reload($p);
}
}
UI_Info(gettext("Reloaded SubDomain profiles in enforce mode."));
UI_Info(sprintf(gettext('Finished generating profile for %s.'), $fqdbin));
shutdown_yast();
exit 0;
sub usage {
UI_Info("usage: $0 [ -d /path/to/profiles ] [ -f /path/to/logfile ] [ program to profile ]");
exit 0;
}
sub last_audit_entry_time {
local $_ = `tail -1 /var/log/audit/audit.log`;
my $logmark;
if ( /^.*msg\=audit\((\d+\.\d+\:\d+).*\).*$/ ) {
$logmark = $1;
} else {
$logmark = "";
}
return $logmark;
}

391
management/yastui/src/agents/ag_logparse
View file

@ -1,391 +0,0 @@
#!/usr/bin/perl
# ------------------------------------------------------------------
#
# Copyright (C) 2002-2005 Novell/SUSE
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of version 2 of the GNU General Public
# License published by the Free Software Foundation.
#
# ------------------------------------------------------------------
################################################################################
# ag_logparse
#
# - Generates report of SubDomain events
#
# Requires:
# - /usr/lib/immunix/SubDomain/perl/Immunix::Reports.pm
# - /usr/lib/immunix/SubDomain/perl/Events.pm
#
# Input (Optional):
# -Start Date|End Date (Month, Day, Year, Time)
# -Program Name
# -Profile Name
# -PID
# -Severity Level
# -Denied Resources
# -Mode
# -SDMode
#
################################################################################
my $Version='1.03';
use strict;
use Locale::gettext;
use POSIX;
use ycp;
use Immunix::Reports;
setlocale(LC_MESSAGES, "");
textdomain("yast2-apparmor");
use constant DEBUGGING => 0;
my $numEvents = 1000;
# Should be deprecated
sub saveQuery {
my $query = shift;
my $qLog = '/var/log/apparmor/reports/reporting-query.tmp';
if ( open(QLOG, ">$qLog") ) {
print QLOG "$query";
close QLOG;
} else {
my $error = gettext("Unable to open") . " $qLog " . gettext("Couldn't save query.");
ycp::y2error($error);
}
}
sub getSavedQuery {
my $page = shift;
my $query = undef;
my $qLog = '/var/log/apparmor/reports/reporting-query.tmp';
if ( open(QLOG, "<$qLog") ) {
$query = <QLOG>;
chomp($query);
close QLOG;
} else {
my $error = gettext("Unable to open") . " $qLog " . gettext("Couldn't retrieve query.");
ycp::y2error("Unable to open $qLog. Couldn't retrieve query.");
}
# rewrite query for current page
my $limStart = (( $page * $numEvents ) - $numEvents);
my ($q1) = (split(/LIMIT/, $query))[0];
my $q2 = " LIMIT $limStart,$numEvents";
$query = $q1 . $q2;
return $query;
}
sub getReportName {
my $dir = shift;
my @dirList = ();
my $newName = undef;
my $plainName = "Security.Incident.Report";
# Append date info to help id reports
my ($sec,$min,$hour,$mday,$month,$year,@junk) = localtime;
$year += 1900;
$month += 1;
$month = sprintf("%02d", $month);
$mday = sprintf("%02d", $mday);
$hour = sprintf("%02d", $hour);
$min = sprintf("%02d", $min);
$sec = sprintf("%02d", $sec);
$mday = sprintf("%02d", $mday);
my $suffix = "-$year-$month-$mday\_$hour.$min.$sec";
$plainName = $plainName . $suffix;
if (opendir (DIR, $dir)) {
@dirList = grep(/\"$plainName\"/, readdir(DIR) );
close DIR;
}
my $numReps = scalar(@dirList) + 1;
$numReps = sprintf("%03d", $numReps);
$newName = "$dir/$plainName.$numReps";
return $newName;
}
sub getHeader {
my ($args,$filts) = @_;
my $date = localtime;
my $start = "Jan 1, 2005";
my $header = undef;
my $count = 0;
if ( $filts ) {
# We don't want startdate/enddate to be listed as filters
$count = keys(%$filts);
if ($filts->{'startdate'}) {
$filts->{'startdate'} = localtime($filts->{'startdate'});
$start = $filts->{'startdate'};
$count--;
}
if ($filts->{'enddate'}) {
$filts->{'enddate'} = localtime($filts->{'enddate'});
$count--;
}
}
# Write SIR Header in csv format
$header->{'csv'} = gettext("# Security Incident Report - Generated by AppArmor\n");
$header->{'csv'} .= sprintf(gettext("# Period: %s - %s\n"), $start, $date);
if ( $count > 0 ) {
$header->{'csv'} .= gettext("# The following filters were used for report generation:\n");
for (sort keys(%$filts)) {
unless ( $filts->{'startdate'} || $filts->{'enddate'} ) {
$header->{'csv'} .= sprintf(gettext("# Filter: %s, Value: %s\n\n"), $_, $filts->{$_});
}
}
} else {
$header->{'csv'} .= gettext("# No filters were used for report generation:\n\n\n");
}
# Write SIR Header in html format
$header->{'html'} = gettext("<h3>Security Incident Report - Generated by AppArmor</h3>\n");
$header->{'html'} .= sprintf(gettext("<h4>Period: %s - %s</h4>\n"), $start, $date);
return $header;
}
sub exportReports {
my ($args,$db,$filts) = @_;
# Export results to file if requested
if ( $args->{'exporttext'} || $args->{'exporthtml'} ) {
my $expLog = undef;
my $rawLog = undef;
my $expDir = '/var/log/apparmor/reports-exported/';
if ( $args->{'exportPath'} && -e $args->{'exportPath'} ) {
$expDir = $args->{'exportPath'};
}
my $repName = getReportName($expDir);
my $header = getHeader($args,$filts);
if ( $args->{'exporttext'} && $args->{'exporttext'} eq '1') {
$expLog = "$repName.csv";
Immunix::Reports::exportLog($expLog,$db,$header->{'csv'});
}
if ( $args->{'exporthtml'} && $args->{'exporthtml'} eq '1') {
$expLog = "$repName.html";
Immunix::Reports::exportLog($expLog,$db,$header->{'html'});
}
}
return 0;
}
# Main
################################################################################
while ( <STDIN> ) {
my ($command, $path, $args) = ycp::ParseCommand ($_);
my $db = undef;
my $error = undef;
my $page = 1;
my $numEvents = '1000'; # Number of event records to return
if ( $command && $path && $args ) {
# Arbitrary workaround until all the new code becomes active
if ( $args->{'mode'} ) {
$args->{'mode_req'} = $args->{'mode'};
delete($args->{'mode'});
}
# yast slows down horribly when passing large number of records
if ( $args->{'numEvents'} && $args->{'numEvents'} > 0 && $args->{'numEvents'} < 10001 ) {
$numEvents = $args->{'numEvents'};
}
if ($args->{'starttime'}) {
my ($hrs,$mins) = split(/\:/, $args->{'starttime'});
$hrs = sprintf("%02d", $hrs);
$mins = sprintf("%02d", $mins);
$args->{'starttime'} = "$hrs:$mins";
}
if ($args->{'endtime'}) {
my ($hrs,$mins) = split(/\:/, $args->{'endtime'});
$hrs = sprintf("%02d", $hrs);
$mins = sprintf("%02d", $mins);
$args->{'endtime'} = "$hrs:$mins";
}
if ( $args->{'startmonth'} && $args->{'startday'} ) {
$args->{'startdate'} = "$args->{'startmonth'} $args->{'startday'} $args->{'starttime'} $args->{'startyear'}";
}
if ( $args->{'endmonth'} && $args->{'endday'} ) {
$args->{'enddate'} = "$args->{'endmonth'} $args->{'endday'} $args->{'endtime'} $args->{'endyear'}";
}
my $archRep = 0;
my $onDemand = 0;
my $turnPage = 0;
if ( $args->{'turnPage'} && ($args->{'turnPage'} == 1) ) {
$turnPage = $args->{'turnPage'};
}
if ( $args->{'type'} ) {
if ( $args->{'type'} eq "onDemand" ) {
$onDemand = 1;
$args->{'logFile'} = '/var/log/apparmor/reports/events.rpt';
} elsif ( $args->{'type'} eq "archRep" ) {
$archRep = 1;
unless ($args->{'logFile'}) {
$args->{'logFile'} = '/var/log/apparmor/reports/all-reports.rpt';
}
}
}
# Parse sdmode & mode labels
if ( $args->{'sdmode'} ) {
if ($args->{'sdmode'} eq "All") {
$args->{'sdmode'} = "-"; # Translate from GUI
} else {
$args->{'sdmode'} =~ s/\&//g;
$args->{'sdmode'} =~ s/\://g;
$args->{'sdmode'} =~ s/\s//g;
$args->{'sdmode'} =~ s/AccessType//g;
}
}
# Only mode_req is used now
for ('mode_req', 'mode_deny' ) {
if ( $args->{$_} && $args->{$_} eq "All" ) {
$args->{$_} = "-";
} else {
$args->{$_} =~ s/\&//g;
$args->{$_} =~ s/Mode\://g;
$args->{$_} =~ s/\s//g;
}
}
if ( $args->{'page'} && $args->{'page'} =~ /\d+/ && $args->{'page'} > 0 ) {
$page = $args->{'page'};
}
my $sortKey = 'time';
if ( $args->{'sortKey'} ) { $sortKey = $args->{'sortKey'}; }
if ( $args->{'sort'} && $args->{'sort'} == 1 ) {
my $filts = Immunix::Reports::setFormFilters($args);
$filts = Immunix::Reports::rewriteFilters($filts);
my $query = Immunix::Reports::getQuery($filts,$page,$sortKey,$numEvents);
$db = Immunix::Reports::getEvents($query);
} elsif ( $turnPage == 1 ) {
if ( $args->{'turnArch'} && $args->{'turnArch'} == 1 ) {
$db = Immunix::Reports::getArchReport($args);
$turnPage = 1;
} else {
my $filts = Immunix::Reports::setFormFilters($args);
$filts = Immunix::Reports::rewriteFilters($filts);
my $query = Immunix::Reports::getQuery($filts,$page,$sortKey,$numEvents);
$db = Immunix::Reports::getEvents($query);
}
} elsif ( $archRep == 1 ) {
# Parse Logs (Probably Archived Immunix::Reports)
##################################################
if ($args->{'single'} && $args->{'single'} eq "1" ) {
$error = Immunix::Reports::prepSingleLog($args);
$args->{'logFile'} = '/var/log/apparmor/reports/all-reports.rpt';
} else {
$error = Immunix::Reports::prepArchivedLogs($args);
}
if ( ! $error || ($error && ($error eq '0')) ) {
$error = Immunix::Reports::parseLog($args);
delete($args->{'logFile'});
} else {
ycp::y2error("ag_logparse - Unable to run archived reports: $error");
}
} elsif ($onDemand == 1) {
# Parse Events (On-Demand report from events db)
##################################################
my $filts = Immunix::Reports::setFormFilters($args);
$filts = Immunix::Reports::rewriteFilters($filts);
my $query = Immunix::Reports::getQuery($filts,$page,$sortKey,$numEvents);
$db = Immunix::Reports::getEvents($query);
exportReports($args,$db,$filts);
} elsif ($args->{'getSirFilters'} && $args->{'getSirFilters'} == 1) {
if ( ref($args) && $args->{'name'} ) {
$db = Immunix::Reports::getSirFilters($args);
} else {
$db = Immunix::Reports::getSirFilters();
}
}
if ( ! $error || ($error eq "0") ) {
ycp::Return( $db );
} elsif ( $error ne "0" ) {
ycp::y2error("ag_logparse: $error");
ycp::Return( $error );
exit 1;
} else {
ycp::Return( $error );
}
} else {
my $error = "ag_logparse: Missing instruction or argument!";
ycp::y2error($error);
ycp::Return($error);
exit 1;
}
}
exit 0;

61
management/yastui/src/agents/ag_logprof
View file

@ -1,61 +0,0 @@
#!/usr/bin/perl
#
# $Id: ag_logprof 5900 2005-12-08 19:12:56Z steve $
#
# ------------------------------------------------------------------
#
# Copyright (C) 2002-2005 Novell/SUSE
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of version 2 of the GNU General Public
# License published by the Free Software Foundation.
#
# ------------------------------------------------------------------
use strict;
use Data::Dumper;
use Getopt::Long;
use Locale::gettext;
use POSIX;
use Immunix::SubDomain;
sub usage {
UI_Info("usage: $0 [ -d /path/to/profiles ] [ -f /path/to/logfile ] [ -m \"mark in log to start processing after\"");
exit 0;
}
# initialize the local poo
setlocale(LC_MESSAGES, "");
textdomain("yast2-apparmor");
setup_yast();
# options variables
my $help = '';
my $logmark;
GetOptions(
'file|f=s' => \$filename,
'dir|d=s' => \$profiledir,
'logmark|m=s' => \$logmark,
'help|h' => \$help,
);
# tell 'em how to use it...
&usage && exit if $help;
# let's convert it to full path...
$profiledir = get_full_path($profiledir);
unless(-d $profiledir) {
fatal_error "Can't find subdomain profiles in $profiledir.";
}
# load all the include files
loadincludes();
do_logprof_pass($logmark);
shutdown_yast();
exit 0;

314
management/yastui/src/agents/ag_reports_confined
View file

@ -1,314 +0,0 @@
#!/usr/bin/perl
# ------------------------------------------------------------------
#
# Copyright (C) 2002-2005 Novell/SUSE
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of version 2 of the GNU General Public
# License published by the Free Software Foundation.
#
# ------------------------------------------------------------------
use strict;
use Locale::gettext;
use POSIX;
use ycp;
setlocale(LC_MESSAGES, "");
textdomain("yast2-apparmor");
# Routines
################################################################################
sub debug {
my $db = shift;
if ((@$db) > 1) {
for ( @$db ) {
print "Prog: $_->{'prog'}, Prof: $_->{'prof'}, PID: $_->{'pid'}, ";
print "State: $_->{'state'}, Type: $_->{'type'}\n";
}
print "\n";
} else {
print "$db\n";
exit 1;
}
return 0; # Shouldn't get here
}
sub test_getCfInfo {
my $cfTest = shift;
my @cfDb = ();
my $host = `hostname`;
chomp($host);
my $date = localtime;
for (@$cfTest) {
my $ref = ();
my $all = undef;
chomp;
$ref->{'host'} = $host;
$ref->{'date'} = $date;
($ref->{'pid'}, $ref->{'prog'}, $all) = split(/\s+/, $_, 3);
$all = /\s*((not)*\s*confined\s*(by)*)/;
$ref->{'state'} = $1;
$ref->{'state'} =~ s/\s*by//g;
$ref->{'state'} =~ s/not\s+/not-/g;
($ref->{'prof'}, $ref->{'type'}) = split(/\s+/, $_);
push (@cfDb, $ref);
}
if ( scalar(@cfDb) < 1 ) {
return "Error: parsing all messed up!!\n";
}
return (\@cfDb);
}
# Writes out file to allow for multiple pages in YaST form
# -For large number of entries in the array
sub writePagingFile {
my $db = shift;
my $pagingFile = "/var/log/apparmor/reports/events.rpt";
if ( open(PF, ">$pagingFile") ) {
my $i = 1;
my $page = 1;
my $skip = 0;
print PF "Page $page\n";
$page++;
for (@$db) {
# Order (for YaST): "host", "date", "prog", "prof", "pid", "state", "type"
print PF "$_->{'host'},$_->{'date'},$_->{'prog'},$_->{'prof'},$_->{'pid'},$_->{'state'},$_->{'type'}\n";
if ( ($i % 100) == 0 && $skip == 0) {
print PF "Page $page\n";
$page++;
$skip = 1;
} else {
$i++;
$skip = 0;
}
}
close PF;
} else {
ycp::y2error(sprintf(gettext("ag_reports_confined: Couldn't open %s for writing."), $pagingFile));
}
return;
}
sub readMultiAudLog {
my $args = shift;
my @audDb = ();
my @rawDb = ();
my @repList = ();
my $dir = '/var/log/apparmor/reports-archived';
my $logFile = undef;
my $error = undef;
my @errors = undef;
if ( $args->{'repPath'} ) { $dir = $args->{'repPath'}; }
# Get list of files in archived report directory
if ( opendir (RDIR, $dir) ) {
@repList = grep(/Applications.Audit/, readdir(RDIR));
close RDIR;
} else {
$error = sprintf(gettext("Failure in readMultiAudLog() - couldn't open %s."), $dir);
return($error); # debug - exit instead?
}
for (@repList) {
my $file = $_;
next if $file =~ /$\.html/;
# Cycle through each $file in $dir
if (open (RPT, "<$dir/$file") ) {
push(@rawDb, <RPT>);
close RPT;
} else {
$error = sprintf(gettext("Problem in readMultiAudLog\(\) - couldn't open %s\/%s."), $dir, $file);
#$error = "Problem in readMultiAudLog() - couldn't open $dir/$file.";
push(@errors, $error);
}
}
for (@rawDb) {
next if /^#/;
chomp;
next if (! $_ || $_ eq "");
my $rec = undef;
( $rec->{'host'}, $rec->{'date'}, $rec->{'prog'}, $rec->{'prof'}, $rec->{'pid'},
$rec->{'state'}, $rec->{'type'} ) = split(/\,/, $_);
push(@audDb, $rec);
}
return (\@audDb);
}
sub readAudLog {
my $args = shift;
my @audDb = ();
my $dir = '/var/log/apparmor/reports-archived';
my $logFile = undef;
my $error = undef;
if ($args->{'file'}) {
$logFile = $args->{'file'};
} else {
$error = gettext("readAudLog() wasn't passed an input file.");
ycp::y2error($error);
exit 1;
}
if ( open(AUD, "<$dir/$logFile") ) {
while (<AUD>) {
next if /^#/;
chomp;
next unless ($_);
my $rec = undef;
( $rec->{'host'}, $rec->{'date'}, $rec->{'prog'}, $rec->{'prof'}, $rec->{'pid'},
$rec->{'state'}, $rec->{'type'} ) = split(/\,/, $_);
push(@audDb, $rec);
}
close AUD;
} else {
$error = sprintf(gettext("readAudLog\(\) couldn't open %s."), $logFile);
ycp::y2error($error);
exit 1;
}
return (\@audDb);
}
sub getCfInfo {
my $ref = ();
my @cfDb = ();
my $cfApp = '/usr/sbin/unconfined';
if ( open (CF, "$cfApp |") ) {
my $host = `hostname`;
chomp($host);
my $date = localtime;
while(<CF>) {
my $ref = ();
my $all = undef;
my $info = undef;
$ref->{'host'} = $host;
$ref->{'date'} = $date;
chomp;
($ref->{'pid'}, $ref->{'prog'}, $all) = split(/\s+/, $_, 3);
$info = $all;
$all = /\s*((not)*\s*confined\s*(by)*)/;
$ref->{'state'} = $1;
$ref->{'state'} =~ s/\s*by//g;
$ref->{'state'} =~ s/not\s+/not-/g;
if ($ref->{'state'} =~ /not-confined/ ) {
$ref->{'prof'} = "-";
$ref->{'type'} = "-";
} else {
($info) = (split(/\'/, $info, 2))[1];
($ref->{'prof'}, $ref->{'type'}) = split(/\s+/, $info);
$ref->{'type'} =~ s/\(|\)|\'//g;
}
if ( $ref->{'prog'} eq "") { $ref->{'prog'} = "-"; }
if ( $ref->{'prof'} eq "") { $ref->{'prof'} = "-"; }
if ( $ref->{'pid'} eq "") { $ref->{'pid'} = "-"; }
if ( $ref->{'state'} eq "") { $ref->{'state'} = "-"; }
if ( $ref->{'type'} eq "") { $ref->{'type'} = "-"; }
push (@cfDb, $ref);
}
close CF;
} else {
my $error = sprintf(gettext("Can't run %s. Exiting."), $cfApp);
ycp::y2error($error);
return $error;
}
return (\@cfDb);
}
# Main
################################################################################
while ( <STDIN> ) {
my ($command, $path, $args) = ycp::ParseCommand ($_);
if ( $command && $path && $args ) {
my $db = undef;
if ($args->{'audArch'} && $args->{'audArch'} == 1) {
if (! $args->{'single'} || $args->{'single'} != 1 ) {
$db = readMultiAudLog($args);
} else {
$db = readAudLog($args);
}
} else {
$db = getCfInfo();
}
writePagingFile($db);
ycp::Return( $db );
} else {
my $error = gettext("ag_reports_confined: Missing instruction or argument!");
ycp::y2error($error);
ycp::Return($error);
exit 1;
}
}
exit 0;

171
management/yastui/src/agents/ag_reports_ess
View file

@ -1,171 +0,0 @@
#!/usr/bin/perl
# ------------------------------------------------------------------
#
# Copyright (C) 2002-2005 Novell/SUSE
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of version 2 of the GNU General Public
# License published by the Free Software Foundation.
#
# ------------------------------------------------------------------
################################################################################
# ag_reports_ess
#
# - Generates Report of SubDomain Executive Security Summary
#
# Requires:
# - /usr/lib/immunix/SubDomain/perl/Immunix/Events.pm
# - /usr/lib/immunix/SubDomain/perl/Immunix/Reports.pm
#
# Input (Optional):
#
################################################################################
use strict;
use Locale::gettext;
use POSIX;
use ycp;
use Immunix::Reports;
setlocale(LC_MESSAGES, "");
textdomain("yast2-apparmor");
sub readMultiEssLog {
my $args = shift;
my @essDb = ();
my @rawDb = ();
my @repList = ();
my $dir = '/var/log/apparmor/reports-archived';
my $logFile = undef;
my $error = undef;
my @errors = undef;
if ( $args->{'repPath'} ) { $dir = $args->{'repPath'}; }
# Get list of files in archived report directory
if ( opendir (RDIR, $dir) ) {
@repList = grep(/Executive.Security.Summary/, readdir(RDIR));
close RDIR;
} else {
$error = gettext("Failure in readMultiEssLog() - couldn't open") . " $dir.";
return($error); # debug - exit instead?
}
for (@repList) {
my $file = $_;
# Cycle through each $file in $dir
if (open (RPT, "<$dir/$file") ) {
push(@rawDb, <RPT>);
close RPT;
} else {
$error = gettext("Problem in readMultiEssLog() - couldn't open") . " $dir/$file.";
push(@errors, $error);
}
}
for (@rawDb) {
next if /^#/;
chomp;
next if (! $_ || $_ eq "");
my $rec = undef;
( $rec->{'host'}, $rec->{'startdate'}, $rec->{'enddate'}, $rec->{'sevHi'},
$rec->{'sevMean'}, $rec->{'numRejects'},$rec->{'numEvents'} ) = split(/\,/, $_);
push(@essDb, $rec);
}
return (\@essDb);
}
sub readEssLog {
my $args = shift;
my @essDb = ();
my $dir = '/var/log/apparmor/reports-archived';
my $logFile = undef;
my $error = undef;
if ($args->{'file'}) {
$logFile = $args->{'file'};
} else {
$error = gettext("readEssLog() wasn't passed an input file.");
ycp::y2error($error);
exit 1;
}
if ( open(ESS, "<$dir/$logFile") ) {
while (<ESS>) {
next if /^#/;
chomp;
next unless ($_);
my $rec = undef;
( $rec->{'host'}, $rec->{'startdate'}, $rec->{'enddate'}, $rec->{'sevHi'},
$rec->{'sevMean'}, $rec->{'numRejects'},$rec->{'numEvents'} ) = split(/\,/, $_);
push(@essDb, $rec);
}
close ESS;
} else {
$error = sprintf(gettext("readEssLog() couldn't open %s"), $logFile);
ycp::y2error($error);
exit 1;
}
return (\@essDb);
}
# Main
################################################################################
while ( <STDIN> ) {
my ($command, $path, $args) = ycp::ParseCommand ($_);
if ($command && $path && $args) {
my $db = undef;
if ($args->{'essArch'} && $args->{'essArch'} == 1) {
if (! $args->{'single'} || $args->{'single'} != 1 ) {
$db = readMultiEssLog($args);
} else {
$db = readEssLog($args);
}
} else {
$db = Immunix::Reports::getEssStats($args);
}
ycp::Return( $db );
} else {
my $error = sprintf( gettext("ag_logparse: Unknown instruction %s or argument: %s"), ycpGetCommand, ycpGetArgType);
ycp::y2error("$error");
ycp::Return($error);
exit 1;
}
}
exit 0;

202
management/yastui/src/agents/ag_reports_parse
View file

@ -1,202 +0,0 @@
#!/usr/bin/perl
# ------------------------------------------------------------------
#
# Copyright (C) 2002-2005 Novell/SUSE
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of version 2 of the GNU General Public
# License published by the Free Software Foundation.
#
# ------------------------------------------------------------------
################################################################################
# ag_reports_parse
#
# - Generates list of archived reports
# The 3 types of possible reports are:
# 1) Security Incidents
# 2) Applications Audits
# 3) Executive Security Summaries
#
# Requires:
#
# Input (Required):
# Parameter 'type' as in $args->{'type'}
# of one of the following: 'archRep', 'audRep', 'essRep'
#
################################################################################
my $Version='0.61';
use strict;
use Locale::gettext;
use POSIX;
use ycp;
use Immunix::Reports;
setlocale(LC_MESSAGES, "");
textdomain("yast2-apparmor");
# Writes out file to allow for multiple pages in YaST form
# -For large number of entries in the array
sub writePagingFile {
my $db = shift;
my $pagingFile = "/var/log/apparmor/reports/events.rpt";
if ( open(PF, ">$pagingFile") ) {
my $i = 1;
my $page = 1;
my $skip = 0;
print PF "Page $page\n";
$page++;
for (@$db) {
# Order (for YaST): "host", "startdate", "enddate", "numRejects", "numEvents", "sevMean", "sevHi"
print PF "$_->{'host'},$_->{'startdate'},$_->{'enddate'},$_->{'numRejects'},$_->{'numEvents'},$_->{'sevMean'},$_->{'sevHi'}\n";
if ( ($i % 100) == 0 && $skip == 0) {
print PF "Page $page\n";
$page++;
$skip = 1;
} else {
$i++;
$skip = 0;
}
}
close PF;
} else {
ycp::y2error(sprintf(gettext("ag_reports_parse: Couldn't open %s for writing."), $pagingFile));
}
return;
}
sub getFileList {
my $args = shift;
my $logDir = '/var/log/apparmor/reports-archived';
if ( $args->{'repPath'} && -d $args->{'repPath'} ) {
$logDir = $args->{'repPath'};
}
my @rawList = ();
my @presortList = ();
my @dirList = ();
my $error = undef;
# Create list of subdomain activation prospects from Old logfiles
if ( opendir(LDIR, $logDir) ) {
if ( $args->{'type'} eq "sirRep" || $args->{'type'} eq "archRep" ) {
#@rawList = grep { /Security.Incident/ && -f "$logDir/$_" } readdir(LDIR);
while ( my $file = readdir(LDIR) ) {
if ( $file !~ /^\.|\.$/ && $file !~ /Applications.Audit/ && $file !~ /Executive.Security/) {
push(@rawList, $file);
}
}
} elsif ( $args->{'type'} eq "audRep" ) {
#@rawList = grep { /.aud.csv/ && -f "$logDir/$_" } readdir(LDIR);
@rawList = grep { /Applications.Audit/ && -f "$logDir/$_" } readdir(LDIR);
} elsif ( $args->{'type'} eq "essRep" ) {
#@rawList = grep { /.ess.csv/ && -f "$logDir/$_" } readdir(LDIR);
@rawList = grep { /Executive.Security/ && -f "$logDir/$_" } readdir(LDIR);
}
closedir LDIR;
# remove non csv file types
@rawList = grep(/csv$/, @rawList);
for (@rawList) {
my $ref = undef;
$ref->{'name'} = "$_";
#$ref->{'time'} = (stat("$logDir/$_"))[10];
my $file = "$_";
$file =~ s/\.\d+\.\w+$//;
my ($junk, $date) = split(/\-/, $file, 2);
$date =~ s/\./\:/g;
$ref->{'time'} = $date;
push(@presortList, $ref);
}
@dirList = sort { $a->{'time'} cmp $b->{'time'} } (@presortList);
my $numels = scalar(@dirList);
if (@dirList > 0) {
#writePagingFile(\@dirList);
return \@dirList;
} else {
ycp::y2error(gettext("ag_reports_parse: No archived reports found."));
return $error;
}
} else {
$error = sprintf(gettext("ag_reports_parse: Can't open directory %s: %s"), $logDir, $!);
ycp::y2error($error);
return $error;
}
}
# Main
################################################################################
while ( <STDIN> ) {
my ($command, $path, $args) = ycp::ParseCommand ($_);
if ( $command && $path && $args ) {
if ( $args->{'mode'} ) {
$args->{'mode_req'} = $args->{'mode'};
delete($args->{'mode'});
}
my $error = undef;
if ( $args->{'checkDb'} && $args->{'checkDb'} == 1 ) {
my $check = Immunix::Reports::checkEventDb();
ycp::Return( $check );
} elsif ( $args->{'getLastPage'} && $args->{'getLastPage'} == 1 ) {
my $ref = undef;
$ref->{'numPages'} = Immunix::Reports::getNumPages($args);
ycp::Return( $ref );
} elsif ( $args->{'checkFile'} && $args->{'checkFile'} == 1 ) {
my $fileCheck = Immunix::Reports::checkFileExists("$args->{'file'}");
ycp::Return( $fileCheck );
} else {
my $dirList = getFileList($args);
ycp::Return( $dirList );
}
} else {
my $error = sprintf( gettext("ag_reports_parse: Unknown instruction %s or argument: %s"), ycpGetCommand, ycpGetArgType);
ycp::y2error("$error");
ycp::Return($error);
exit 1;
}
}
exit 0;

695
management/yastui/src/agents/ag_reports_sched
View file

@ -1,695 +0,0 @@
#!/usr/bin/perl
# ------------------------------------------------------------------
#
# Copyright (C) 2002-2005 Novell/SUSE
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of version 2 of the GNU General Public
# License published by the Free Software Foundation.
#
# ------------------------------------------------------------------
################################################################################
# ag_reports_sched
#
# - Adds/Deletes/Edits Scheduled Subdomain Event Reports (cron)
#
# Requires:
# - /usr/lib/immunix/SubDomain/perl/Immunix/Events.pm
# - /usr/lib/immunix/SubDomain/perl/Immunix/Reports.pm
#
# Uses:
# -/etc/apparmor/reports.crontab
# -/etc/apparmor/reports.conf
#
# Input (Conditional/Optional):
# -Report Name
# -Start Date|End Date (Year, Month, Day, Time)
# -Program Name
# -Profile Name
# -PID
# -Severity Level
# -Denied Resources
# -SD Mode
# -Mode
#
################################################################################
use strict;
use Locale::gettext;
use POSIX;
use ycp;
use Immunix::Reports;
setlocale(LC_MESSAGES, "");
textdomain("yast2-apparmor");
sub debug {
my $db = shift;
for (@$db) {
my $rec = $_;
for (sort keys(%$rec) ) {
print "$_ is $rec->{$_} ";
}
}
print "\n";
return 0;
}
# Activate the cron jobs
sub setCronTab {
my $cronFile = '/etc/apparmor/reports.crontab';
if ( -e $cronFile ) {
#system('/usr/bin/crontab', '-u root', "$cronFile");
system("/usr/bin/crontab -u root $cronFile");
} else {
ycp::y2error(sprintf(gettext("Couldn't find %s. Unable to create crontab. Exiting."), $cronFile));
exit 1;
}
return 0;
}
# returns ref to active filters for the specific SIR report
# This is the same routine as in /usr/bin/reportgen.pl -- should move both to Reports.pm
sub getFilters {
my $repName = shift;
my $filts = undef;
my $schedConf = '/etc/apparmor/reports.conf';
my $regExp = '(prog|profile|pid|resource|severity|sdmode|mode)';
my $allConf = Immunix::Reports::getXmlReport($repName);
# Create filters reference
for my $ref ( keys(%$allConf) ) {
if ( $ref =~ /$regExp/ ) {
$filts->{$ref} = $allConf->{$ref};
delete($allConf->{$ref});
}
}
# Clean hash of useless refs
for (sort keys(%$filts) ) {
if ($filts->{$_} eq "-") {
delete($filts->{$_});
}
}
return $filts;
}
# checks crontab file for matching report name
sub findDupeReportName {
my $name = shift;
my $dupe = '0';
my @db = ();
my $schedCron = '/etc/apparmor/reports.crontab';
if ( open (CRON, "<$schedCron") ) {
while(<CRON>) {
chomp;
my ($repname) = (split(/reportgen\.pl\s+/, $_))[1];
push(@db, $repname);
}
close CRON;
} else {
ycp::y2error(sprintf(gettext("Couldn't open %s."), $schedCron));
exit 1;
}
for (@db) {
if ( $name eq "$_" || "\"$name\"" eq "$_" ) {
$dupe = 1;
}
}
return $dupe;
}
sub addCron {
my $args = shift;
#my $schedCron = '/etc/cron.d/reportsched';
my $schedCron = '/etc/apparmor/reports.crontab';
my $repScript = "/usr/bin/reportgen.pl";
if ( open (CRON, ">>$schedCron") ) {
my $mon = '*';
# crontab key
############################################################
# minute 0-59
# hour 0-23
# day of month 1-31
# month 1-12 (or names, see below)
# day of week 0-7 (0 or 7 is Sun, or use names)
############################################################
my $sched = "$args->{'mins'} $args->{'hour'} $args->{'monthdate'} $mon $args->{'weekday'}";
#print CRON "$sched root $repScript $args->{'name'}\n";
print CRON "$sched $repScript \"$args->{'name'}\"\n";
close CRON;
} else {
ycp::y2error(sprintf(gettext("Couldn't open %s."), $schedCron));
return 1;
}
return 0;
}
sub addConf {
my $args = shift;
my $schedConf = '/etc/apparmor/reports.conf';
my $newSchedConf = '/var/log/apparmor/reports/reports.conf';
if ( ! $args->{'csv'} ) { $args->{'csv'} = '0'; }
if ( ! $args->{'html'} ) { $args->{'html'} = '0'; }
if ( open (OCF, "<$schedConf") ) {
if ( open (NCF, ">$newSchedConf") ) {
# pre-process filters for GUI - UGLY
for ($args->{'prog'},$args->{'prof'},$args->{'pid'},$args->{'sev'},
$args->{'res'},$args->{'sdmode'},$args->{'mode'}) {
$_ =~ s/\s+//g;
if ( ! $_ || $_ eq "NA" || $_ eq "" || $_ eq "All" ) {
$_ = "-";
}
}
if ( ! $_ || $_ eq "NA" || $_ eq "" || $_ eq "All" ) {
$_ = "-";
}
# pre-write the longer entries
my $expPath = $args->{'expPath'} || '/var/log/apparmor/reports-archived';
$expPath = "<exportpath>$expPath<\/exportpath>";
my $expType = "<exporttype csv=\"$args->{'csv'}\" html=\"$args->{'html'}\" \/>";
my $email = "<email addr1=\"$args->{'email1'}\" addr2=\"$args->{'email2'}\" " .
"addr3=\"$args->{'email3'}\" \/>";
# copy the old stuff over
while (<OCF>) {
unless ( $_ =~ /\<\/apparmor\>/ || $_ eq "\n" ) {
print NCF "$_";
}
}
# add the new
print NCF "\t<report>\n";
print NCF "\t\t<name>$args->{'name'}</name>\n";
print NCF "\t\t<prog>$args->{'prog'}</prog>\n";
print NCF "\t\t<profile>$args->{'prof'}</profile>\n";
print NCF "\t\t<pid>$args->{'pid'}</pid>\n";
print NCF "\t\t<severity>$args->{'sev'}</severity>\n";
print NCF "\t\t<resource>$args->{'res'}</resource>\n";
print NCF "\t\t<sdmode>$args->{'sdmode'}</sdmode>\n";
print NCF "\t\t<mode>$args->{'mode'}</mode>\n";
print NCF "\t\t$expPath\n";
print NCF "\t\t$expType\n";
print NCF "\t\t$email\n";
print NCF "\t\t<time>1104566401</time>\n"; # '1104566401' is default last run time
print NCF "\t</report>\n";
print NCF "</apparmor>\n";
close NCF;
} else {
my $error = sprintf(gettext("Couldn't open %s. Unable to add report: %s"), $newSchedConf, $args->{'name'});
ycp::y2error($error);
return 1;
}
close OCF;
} else {
ycp::y2error(sprintf(gettext("Couldn't open %s."), $schedConf));
return 1;
}
Immunix::Reports::updateFiles($schedConf,$newSchedConf);
return 0;
}
sub addReport {
my $args = shift;
my $dupe = findDupeReportName("$args->{'name'}");
if ($dupe == 1) {
my $error = sprintf(gettext("Duplicate report name not allowed. Didn't schedule new report: %s"), $args->{'name'});
ycp::y2error("$error");
return 1;
}
# Translate filters to cronspeak
if ( ! $args->{'hour'} || $args->{'hour'} eq "-" || $args->{'hour'} eq '*' ) { $args->{'hour'} = "0"; }
if ( ! $args->{'mins'} || $args->{'mins'} eq "-" || $args->{'mins'} eq '*' ) { $args->{'mins'} = "0"; }
if ( ! $args->{'weekday'} || $args->{'weekday'} eq "-" ) { $args->{'weekday'} = "*"; }
if ( ! $args->{'monthdate'} || $args->{'monthdate'} eq "-" ) { $args->{'monthdate'} = "*"; }
my $error = addCron($args);
setCronTab();
if ($error == 0) {
$error = addConf($args);
if ($error != 0) { ycp::y2error($error); }
} else {
ycp::y2error($error);
exit 1;
}
return 0;
}
# removes cron job related to report
sub delCron {
my $name = shift;
#my $schedCron = '/etc/cron.d/reportsched';
my $schedCron = '/etc/apparmor/reports.crontab';
my $newSchedCron = '/var/log/apparmor/reports/reportsched';
if ( open(OCRON, "<$schedCron") ) {
if ( open(NCRON, ">$newSchedCron") ) {
while (<OCRON>) {
chomp;
my ($repname) = (split(/reportgen\.pl\s+/, $_))[1];
next if ($repname eq "\"$name\"");
print NCRON "$_\n";
}
close NCRON;
} else {
ycp::y2error(sprintf(gettext("Couldn't open %s."), $newSchedCron));
return 1;
}
close OCRON;
} else {
ycp::y2error(sprintf(gettext("Couldn't open %s."), $schedCron));
return 1;
}
Immunix::Reports::updateFiles($schedCron,$newSchedCron);
return 0;
}
# deletes a report entry from reports.conf
sub delConf {
my $repName = shift;
my $schedConf = '/etc/apparmor/reports.conf';
my $newSchedConf = '/var/log/apparmor/reports/reports.conf';
my @repList = ();
my @thisRep = ();
my $writeFlag = 1;
if ( open(OCF, "<$schedConf") ) {
if ( open(NCF, ">$newSchedConf") ) {
while (<OCF>) {
my $line = $_;
# Start array storage
if ( $line =~ m/\<report\>/ ) {
@thisRep = ();
}
push(@thisRep, $line);
chomp($line);
# End array storage
if ( $line =~ m/\<\/report\>/ ) {
if ( $writeFlag == 1 ) {
push (@repList, @thisRep);
}
$writeFlag = 1; # reset flag -- we want to write by default
}
# Match names to determine flag state
if ( $line =~ m/\<name\>/ ) {
my $curName = $line;
$curName =~ s/(^\s*|\s*$)//g;
$curName =~ s/((\<|\<\/)name\>)//g; #/<name>(\w+)</name>/;
if ( $curName eq $repName ) { $writeFlag = 0; }
}
}
if ( scalar(@repList) > 0 ) {
print NCF "<apparmor>\n";
print NCF "@repList";
print NCF "</apparmor>\n";
}
close NCF;
} else {
ycp::y2error(sprintf(gettext("Couldn't open %s."), $newSchedConf));
return 1;
}
close OCF;
} else {
ycp::y2error(sprintf(gettext("Couldn't open %s."), $schedConf));
return 1;
}
Immunix::Reports::updateFiles($schedConf,$newSchedConf);
return 0;
}
sub delReport {
my $args = shift;
my $name = $args->{'name'};
my $error = delCron($name);
if ($error == 0) {
$error = delConf($name);
if ($error != 0) { ycp::y2error($error); }
} else {
ycp::y2error($error);
exit 1;
}
setCronTab();
return 0;
}
# returns list of report cron jobs
sub parseCron {
my $args = shift;
my $error = undef;
my @db = ();
#my $schedCron = '/etc/cron.d/reportsched';
my $schedCron = '/etc/apparmor/reports.crontab';
if ( open (CRON, "<$schedCron") ) {
my $junkMon = undef;
#my $junkRt = undef;
my $junkScript = undef;
while (<CRON>) {
#next if /^#\s*\w*/;
chomp;
my $rec = undef;
my @name = undef;
# Day of Month, Day of Week, Hour, Minute : report-to-execute
# * * * * root /usr/bin/reportgen.pl <sir|aud|name-of-sir>
# crontab key
############################################################
# minute 0-59
# hour 0-23
# day of month 1-31
# month 1-12 (or names, see below)
# day of week 0-7 (0 or 7 is Sun, or use names)
############################################################
#($rec->{'mins'}, $rec->{'hour'}, $rec->{'mday'}, $junkMon, $rec->{'wday'}, $junkRt, $junkScript, $rec->{'name'}) = split (/\s+/, $_);
($rec->{'mins'}, $rec->{'hour'}, $rec->{'mday'}, $junkMon, $rec->{'wday'},
$junkScript, @name) = split (/\s+/, $_);
#$junkRt, $junkScript, @name) = split (/\s+/, $_);
if ($rec->{'mins'} eq "*") { $rec->{'mins'} = "-"; }
if ($rec->{'hour'} eq "*") { $rec->{'hour'} = "-"; }
if ($rec->{'mday'} eq "*") { $rec->{'mday'} = "-"; }
if ($rec->{'wday'} eq "*") { $rec->{'wday'} = "-"; }
$rec->{'name'} = join( " ", @name);
if ($rec->{'name'} =~ /\"/) { $rec->{'name'} =~ s/\"//g; }
push(@db, $rec);
}
close CRON;
} else {
ycp::y2error(sprintf(gettext("Couldn't open %s."), $schedCron));
return 1;
}
return \@db;
}
# returns hash refs of a single (line) report
sub getCron {
my $args = shift;
my $error = undef;
my @db = ();
my $rep = undef;
#my $schedCron = '/etc/cron.d/reportsched';
my $schedCron = '/etc/apparmor/reports.crontab';
if ( open (CRON, "<$schedCron") ) {
my $junkMon = undef;
#my $junkRt = undef;
my $junkScript = undef;
#if ($args->{'name'} && $args->{'name'} =~ m/\s+/) { $args->{'name'} = "\"$args->{'name'}\""; }
while (<CRON>) {
#next if /^#\s*\w*/;
chomp;
my $rec = undef;
my @name = ();
# Day of Month, Day of Week, Hour, Minute : report-to-execute
# * * * * root /usr/bin/reportgen.pl <sir|aud|name-of-sir>
# * * * * /usr/bin/reportgen.pl <sir|aud|name-of-sir>
# crontab key
############################################################
# minute 0-59
# hour 0-23
# day of month 1-31
# month 1-12 (or names, see below)
# day of week 0-7 (0 or 7 is Sun, or use names)
############################################################
($rec->{'mins'}, $rec->{'hour'}, $rec->{'mday'}, $junkMon,
#$rec->{'wday'}, $junkRt, $junkScript, @name ) = split (/\s+/, $_);
$rec->{'wday'}, $junkScript, @name ) = split (/\s+/, $_);
if ($rec->{'mins'} eq "*") { $rec->{'mins'} = "-"; }
if ($rec->{'hour'} eq "*") { $rec->{'hour'} = "-"; }
if ($rec->{'mday'} eq "*") { $rec->{'mday'} = "-"; }
if ($rec->{'wday'} eq "*") { $rec->{'wday'} = "-"; }
$rec->{'name'} = join( " ", @name);
if ($rec->{'name'} eq "\"$args->{'name'}\"" ) {
$rec->{'name'} =~ s/\"//g;
$rep = $rec;
}
}
close CRON;
} else {
ycp::y2error(sprintf(gettext("Couldn't open %s."), $schedCron));
return 1;
}
return $rep;
}
sub editCron {
my $args = shift;
#my $schedCron = '/etc/cron.d/reportsched';
my $schedCron = '/etc/apparmor/reports.crontab';
my $newCron = '/var/log/apparmor/reports/reportsched';
my $repScript = "/usr/bin/reportgen.pl";
if ( open(CRON, "<$schedCron") ) {
if ( open (NCRON, ">$newCron") ) {
my $mon = '*';
if ( ! $args->{'hour'} || $args->{'hour'} eq "-" || $args->{'hour'} eq '*') { $args->{'hour'} = '0'; }
if ( ! $args->{'mins'} || $args->{'mins'} eq "-" || $args->{'mins'} eq '*' ) { $args->{'mins'} = '0'; }
if ( ! $args->{'monthdate'} || $args->{'monthdate'} eq "-" ) { $args->{'monthdate'} = '*'; }
if ( ! $args->{'weekday'} || $args->{'weekday'} eq "-" ) { $args->{'weekday'} = '*'; }
while (<CRON>) {
chomp;
my ($repname) = (split(/reportgen\.pl\s+/, $_))[1];
$repname =~ s/^\s+//;
$repname =~ s/\s+$//;
if ($repname eq "\"$args->{'name'}\"") {
my $sched = "$args->{'mins'} $args->{'hour'} $args->{'monthdate'} $mon $args->{'weekday'}";
$_ = "$sched $repScript \"$args->{'name'}\"";
}
print NCRON "$_\n";
}
close NCRON;
} else {
ycp::y2error(sprintf(gettext("Couldn't open %s. No changes performed."), $newCron));
return 1;
}
close CRON;
} else {
ycp::y2error(sprintf(gettext("Couldn't open %s. No changes performed."), $schedCron));
return 1;
}
my $error = Immunix::Reports::updateFiles($schedCron,$newCron);
if ($error == 1) {
exit 1;
} else {
return 0;
}
}
# sloppy -- should redo
sub editConf {
my $args = shift;
if ( ! $args->{'csv'} ) { $args->{'csv'} = '0'; }
if ( ! $args->{'html'} ) { $args->{'html'} = '0'; }
delConf($args->{'name'});
addConf($args);
return 0;
}
sub editSched {
my $args = shift;
editCron($args);
setCronTab();
editConf($args);
return 0;
}
# Main
################################################################################
while ( <STDIN> ) {
my ($command, $path, $args) = ycp::ParseCommand ($_);
if ( $command && $path && $args ) {
my $db = undef;
if ( $args->{'name'} =~ /Edit\s+(\w.+)\s+Sched/ ) {
$args->{'name'} = $1;
}
# Check that we have a report name
if ( $args->{'setconf'} || $args->{'add'} || $args->{'del'} ) {
unless ( $args->{'name'} ) {
ycp::y2milestone("Error: no report name given. Skipping update.");
$args = undef;
}
}
# Parse sdmode & mode labels
if ( $args->{'sdmode'} ) {
$args->{'sdmode'} =~ s/\&//g;
$args->{'sdmode'} =~ s/\://g;
$args->{'sdmode'} =~ s/\s//g;
$args->{'sdmode'} =~ s/AccessType//g;
}
if ( $args->{'mode'} ) {
$args->{'mode'} =~ s/\&//g;
$args->{'mode'} =~ s/Mode\://g;
$args->{'mode'} =~ s/\s//g;
}
if ( $args->{'getdupe'} && $args->{'getdupe'} == 1) {
$db = findDupeReportName("$args->{'name'}");
}
if ($args->{'getcron'} && $args->{'getcron'} == 1) {
$db = parseCron($args); # Return list of all scheduled report crons
} elsif ( $args->{'getrep'} && $args->{'getrep'} ==1 ) {
$db = getCron($args);
} elsif ( $args->{'getconf'} && $args->{'getconf'} ==1 ) {
$db = Immunix::Reports::getXmlReport($args->{'name'});
} elsif ( $args->{'setconf'} && $args->{'setconf'} ==1 ) {
editSched($args);
} elsif ( $args->{'add'} && $args->{'add'} == 1) {
addReport($args);
} elsif ( $args->{'del'} && $args->{'del'} == 1) {
delReport($args);
} elsif ( $args->{'getfilters'} && $args->{'getfilters'} == 1) {
$db = getFilters($args);
}
if ( defined($db) ) {
ycp::Return( $db );
} else {
ycp::Return( "true" );
}
} else {
my $error = sprintf( gettext("ag_reports_sched: Unknown instruction %s or arg: %s"), ycpGetCommand, ycpGetArgType);
ycp::Return($error);
}
}
exit 0;

153
management/yastui/src/agents/ag_sd_config
View file

@ -1,153 +0,0 @@
#!/usr/bin/perl
# ------------------------------------------------------------------
#
# Copyright (C) 2002-2005 Novell/SUSE
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of version 2 of the GNU General Public
# License published by the Free Software Foundation.
#
# ------------------------------------------------------------------
################################################################################
# ag_sd_config
################################################################################
use strict;
use ycp;
use Data::Dumper;
use Locale::gettext;
use POSIX;
use Immunix::Notify;
use Immunix::Reports;
setlocale(LC_MESSAGES, "");
textdomain("yast2-apparmor");
# Subroutines
################################################################################
sub setSubdomain {
my $action = shift;
my $errmsg = "";
my $lines = 0;
if ($action eq "enable") {
if (-e "/sbin/rcapparmor") {
open(RUN, "/sbin/rcapparmor start 2>&1 |");
} else {
open(RUN, "/sbin/rcsubdomain start 2>&1 |");
}
while (<RUN>) {
if (/FATAL:(.*)/) {
$errmsg = $1;
}
}
close(RUN);
if (-f "/etc/init.d/boot.apparmor") {
system("/sbin/insserv boot.apparmor");
} else {
system("/sbin/insserv boot.subdomain");
}
if (-f "/etc/init.d/aaeventd") {
system("/sbin/rcaaeventd start");
system("/sbin/insserv aaeventd");
}
} else {
if (-e "/sbin/rcapparmor") {
open(RUN, "/sbin/rcapparmor stop 2>&1 |");
} else {
open(RUN, "/sbin/rcsubdomain stop 2>&1 |");
}
while (<RUN>) {
if (/FATAL:(.*)/) {
$errmsg = $1;
}
}
close(RUN);
if (-f "/etc/init.d/boot.apparmor") {
system("/sbin/insserv -r boot.apparmor");
} else {
system("/sbin/insserv -r boot.subdomain");
}
if (-f "/etc/init.d/aaeventd") {
system("/sbin/rcaaeventd stop");
system("/sbin/insserv -r aaeventd");
}
}
return $errmsg;
}
sub setNotify {
my $action = shift;
return 0;
}
sub setLearningMode {
my $action = shift;
my $rcscript = -f "/sbin/rcapparmor" ? "/sbin/rcapparmor"
: "/sbin/rcsubdomain";
if ($action eq "enable") {
system("$rcscript", "stop");
system("$rcscript", "complain");
} else {
system("$rcscript". "stop");
system("$rcscript", "start");
}
return 0;
}
# Main
################################################################################
while ( <STDIN> ) {
my ($command, $path, $argument) = ycp::ParseCommand ($_);
my $result = undef;
my $action = undef;
if ( $command && $path && $argument ) {
if (ref($argument) eq "HASH" && $argument->{"set_notify"}) {
my ($ntSettings, $result) = Immunix::Notify::sanitize($argument);
if ($result ne "success") {
ycp::Return($result);
next;
} else {
$result = Immunix::Notify::setNotifySettings($ntSettings);
ycp::Return($result);
next;
}
}
($action) = (split(/:/, $argument))[1];
if ( $argument =~ /subdomain/ ) {
$result = setSubdomain($action);
} elsif ( $argument =~ /learning/ ) {
setLearningMode($action);
} elsif ( $argument eq 'sd-notify') {
setNotify($action);
}
if ( $result ) {
ycp::Return( $result );
} else {
ycp::Return("true");
}
}
}
exit 0;

111
management/yastui/src/agents/ag_subdomain
View file

@ -1,111 +0,0 @@
#!/usr/bin/perl
# ------------------------------------------------------------------
#
# Copyright (C) 2002-2005 Novell/SUSE
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of version 2 of the GNU General Public
# License published by the Free Software Foundation.
#
# ------------------------------------------------------------------
################################################################################
# ag_subdomain
#
# Version 0.61
################################################################################
use strict;
use ycp;
use Data::Dumper;
use Locale::gettext;
use POSIX;
use Immunix::Notify;
use Immunix::SubDomain;
setlocale(LC_MESSAGES, "");
textdomain("yast2-apparmor");
# Subroutines
################################################################################
sub getSubdomainStatus {
my $sdStatus = "disabled";
# Ok check that there are profiles loaded to
# determine status
my $mountpoint = Immunix::SubDomain::check_for_subdomain();
if ( $mountpoint ) {
open( PROFILES, "cat $mountpoint/profiles|" );
while (<PROFILES>) {
# Ensure we have loaded profiles
# not just a loaded module
if ( /\// ) {
$sdStatus = "enabled";
last;
}
}
close PROFILES;
}
return $sdStatus;
}
sub profileSyntaxCheck {
my $errlist = [];
Immunix::SubDomain::checkIncludeSyntax($errlist);
Immunix::SubDomain::checkProfileSyntax($errlist);
my @errlist = Immunix::SubDomain::uniq(@$errlist);
return \@errlist;
}
# Main
################################################################################
while ( <STDIN> ) {
my ($command, $path, $argument) = ycp::ParseCommand($_);
my $result = undef;
my $donereturn = 0;
if ( $command && $path && $argument ) {
if ( $argument eq 'sd-all') {
my %hResult = ''; # hashed result, duh
$hResult{'sd-status'} = getSubdomainStatus();
$hResult{'sd-notify'} = Immunix::Notify::getNotifyStatus();
#ycp::ycpReturnHashAsMap( %hResult );
ycp::Return( %hResult );
$donereturn = 1;
} elsif ( $argument eq 'sd-status') {
$result = getSubdomainStatus();
} elsif ( $argument eq 'sd-notify') {
$result = Immunix::Notify::getNotifyStatus();
} elsif ( $command eq "Read" and $argument eq 'custom-includes') {
my $cfg = Immunix::SubDomain::read_config("logprof.conf");
ycp::ycpReturn(\@$cfg->{settings}{custom_includes});
$donereturn = 1;
} elsif ( $command eq "Execute" and $argument eq 'profile-syntax-check') {
$result = profileSyntaxCheck();
ycp::ycpReturn($result);
$donereturn = 1;
} elsif ( $argument eq 'sd-notify-settings') {
$result = Immunix::Notify::getNotifySettings();
ycp::Return($result);
$donereturn = 1;
}
ycp::ycpReturnSkalarAsString( $result ) if ( ! $donereturn );
} else {
my $ycpCmd = ycpGetCommand() || "";
my $ycpArg = ycpGetArgType() || "";
$result = "Unknown instruction $ycpCmd or argument: $ycpArg\n";
ycp::ycpReturnSkalarAsString( $result );
}
print "\n";
}
exit 0;

142
management/yastui/src/agents/ag_subdomain_profiles
View file

@ -1,142 +0,0 @@
#!/usr/bin/perl
# ------------------------------------------------------------------
#
# Copyright (C) 2002-2005 Novell/SUSE
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of version 2 of the GNU General Public
# License published by the Free Software Foundation.
#
# ------------------------------------------------------------------
#####################################################################
#
# ag_subdomain_profiles - Immunix SCR agent for the
# management of SubDomain profiles
#
#
#####################################################################
use strict;
use ycp;
use Immunix::SubDomain;
################
# Subroutines
################
{
sub newprofile {
my $filename = shift;
system("/usr/sbin/autodep $filename > /dev/null 2>&1");
system("/usr/sbin/enforce $filename > /dev/null 2>&1");
return;
}
# ###############################################################################
#
# YCP <-> SCR Commands:
#
# Command Path Argument Returns
# ------- ---- -------- --------
#
# Read all hash containing all profiles
#
# Read .new pathtoprogram true/false (creates new profile)
#
# Write hash { true/false
# PROFILE_NAME =>
# pathtoprogram,
# PROFILE_HASH =>
# <hash containing the
# profile defs>
# }
#
# Write .delete pathtoprogram true/fale (deletes profile)
#
# Write .reload - true (reloads profiles)
#
#
################################################################################
while ( <STDIN> ) {
my ($command, $path, $argument) = ycp::ParseCommand ($_);
$argument = "NONE" if ( ! $argument );
ycp::y2milestone ("DOM command: $command, path: $path, argument: $argument");
my $result = undef;
if ( $command && $path && $argument ) {
if ( $command eq "Read" and $argument eq "all") {
$UI_Mode = "yast";
Immunix::SubDomain::readprofiles();
ycp::Return( \%sd );
} elsif ( $command eq "Read" and $path eq ".new" ) {
my $pfname = getprofilefilename($argument);
if ( -e $pfname ) {
ycp::Return("false");
} else {
newprofile( $argument );
ycp::Return( "true" );
}
} elsif ( $command eq "Read" ) {
my $pfname = getprofilefilename($argument);
if ( -e $pfname ) {
$UI_Mode = "yast";
Immunix::SubDomain::readprofiles();
ycp::Return( $sd{$argument} );
} else {
ycp::Return( "false" );
}
} elsif ( $command eq "Read") {
$UI_Mode = "yast";
Immunix::SubDomain::readprofile("$profiledir/$argument",
\&$Immunix::SubDomain::fatal_error, 1);
ycp::Return( \%sd );
} elsif ( $command eq "Write" and $path eq ".delete") {
if ( $argument ne "" ) {
my $profilefile = getprofilefilename( $argument );
if ( -e $profilefile ) {
unlink( $profilefile );
}
ycp::Return( "true" );
} else {
ycp::Return( "false" );
}
} elsif ( $command eq "Write" and $path eq ".reload") {
$result = system("/sbin/rcsubdomain reload > /dev/null 2>&1");
ycp::Return( "true" );
} elsif ( $command eq "Write") {
if ( (ref($argument) eq "HASH") ) {
my $profilename = "";
$profilename = $$argument{"PROFILE_NAME"};
my $ref = $$argument{"PROFILE_HASH"};
my %profiles = ();
$profiles{$profilename} = $ref;
if ( (ref($ref) eq "HASH") ) {
%sd = %profiles;
$UI_Mode = "yast";
$result = Immunix::SubDomain::writeprofile($profilename);
} else {
ycp::Return( "false" );
}
ycp::Return( "true" );
}
}
} else {
my $ycpCmd = ycpGetCommand() || "";
my $ycpArg = ycpGetArgType() || "";
$result = "Unknown instruction $ycpCmd or argument: $ycpArg\n";
ycp::Return( $result );
}
}
}
exit 0;

31
management/yastui/src/apparmor/reports.conf
View file

@ -1,31 +0,0 @@
<apparmor>
<report>
<name>Executive.Security.Summary</name>
<exportpath>/var/log/apparmor/reports-archived</exportpath>
<exporttype csv="0" html="0" />
<email addr1="" addr2="" addr3="" />
<time>1104566401</time>
</report>
<report>
<name>Applications.Audit</name>
<exportpath>/var/log/apparmor/reports-archived</exportpath>
<exporttype csv="0" html="0"/>
<email addr1="" addr2="" addr3="" />
<time>1104566401</time>
</report>
<report>
<name>Security.Incident.Report</name>
<exportpath>/var/log/apparmor/reports-archived</exportpath>
<exporttype csv="0" html="0" />
<prog></prog>
<profile></profile>
<pid></pid>
<resource></resource>
<severity></severity>
<sdmode>R</sdmode>
<mode></mode>
<email addr1="" addr2="" addr3="" />
<time>1104566401</time>
</report>
</apparmor>

3
management/yastui/src/apparmor/reports.crontab
View file

@ -1,3 +0,0 @@
59 23 * * * /usr/bin/reportgen.pl "Executive.Security.Summary"
59 23 * * * /usr/bin/reportgen.pl "Applications.Audit"
59 23 * * * /usr/bin/reportgen.pl "Security.Incident.Report"

595
management/yastui/src/bin/reportgen.pl
View file

@ -1,595 +0,0 @@
#!/usr/bin/perl
# ------------------------------------------------------------------
#
# Copyright (C) 2002-2005 Novell/SUSE
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of version 2 of the GNU General Public
# License published by the Free Software Foundation.
#
# ------------------------------------------------------------------
################################################################################
# /usr/bin/reportgen.pl
#
# - Calls Immunix::Reports.pm to write AppArmor events to a specified logfile
# - Expected to be executed by a cron job.
#
# Requires:
# /usr/lib/perl5/site_perl/Immunix::Reports.pm
#
# Input (Optional):
# -Report Name
# -Program Name 'progName'
# -Profile Name 'profile'
# -PID 'pid'
# -Severity 'sevLevel'
# -Denied Resources 'resource'
# -SD Mode 'sdmode'
# -Mode 'mode'
#
################################################################################
use strict;
use Immunix::Reports;
#use POSIX; # causes locale error w/ Exporter
use Locale::gettext;
#setlocale(LC_MESSAGES, ""); # causes locale error w/ Exporter
textdomain("yast2-apparmor");
# Sloppy Global
my $headerFile = "/var/log/apparmor/reports/reportgen.header";
# Routines
################################################################################
sub logMessage {
my ($msg,$date) = @_;
if (! $date) {
$date = localtime;
}
my $msgLog = '/var/log/apparmor/cron-reports.log';
if (open (MLOG, ">>$msgLog") ) {
print MLOG "$date - reportgen.pl: $msg\n";
close MLOG;
}
return 0;
}
sub makeHeader {
my ($repType,$repConf,$filts) = @_; # Filters & Time are only for SIR
my $header = undef;
my $date = localtime;
my $start = localtime($repConf->{'startTime'});
if ( $repType eq 'ess' ) {
# Write ESS Header in csv format
$header->{'csv'} = gettext("# Executive Security Summary - Generated by AppArmor\n");
$header->{'csv'} .= sprintf(gettext("# Period: %s to %s\n\n"), $start,$date);
# Write ESS Header in html format
$header->{'html'} = "<table border='1' cellpadding='2'>\n";
$header->{'html'} .= gettext("<tr><th colspan='7'>Executive Security
Summary - Generated by AppArmor</th></tr>");
$header->{'html'} .= sprintf(gettext("<tr><th colspan='7'>Period: %s to
%s</th></tr>\n"), $start, $date);
} elsif ( $repType eq 'aud' ) {
# Write AUD Header in csv format
$header->{'csv'} = gettext("# Application Audit Report - Generated
by AppArmor\n");
$header->{'csv'} .= sprintf(gettext("# Date Run: %s\n\n"), $date);
# Write AUD Header in html format
$header->{'html'} = gettext("<table border='1' cellpadding='2'><tr><th
colspan='7'>Applications Audit Report - Generated by AppArmor</th></tr>\n");
} else {
# Write SIR Header in csv format
$header->{'csv'} = gettext("# Security Incident Report - Generated by AppArmor\n");
$header->{'csv'} .= sprintf(gettext("# Period: %s - %s\n"), $start, $date);
my $count = 0;
if ( $filts ) {
# We don't want startdate/enddate to be listed as filters
$count = keys(%$filts);
if ($filts->{'startdate'}) {
$filts->{'startdate'} = localtime($filts->{'startdate'});
$count--;
}
if ($filts->{'enddate'}) {
$filts->{'enddate'} = localtime($filts->{'enddate'});
$count--;
}
}
if ( $count > 0 ) {
$header->{'csv'} .= gettext("# The following filters were used for report generation:\n");
for (sort keys(%$filts)) {
unless ( $filts->{'startdate'} || $filts->{'enddate'} ) {
$header->{'csv'} .= sprintf(gettext("# Filter: %s, Value: %s\n\n"), $_, $filts->{$_});
}
}
} else {
$header->{'csv'} .= gettext("# No filters were used for report generation:\n\n\n");
}
# Write SIR Header in html format
$header->{'html'} = gettext("<h3>Security Incident Report - Generated by AppArmor</h3>\n");
$header->{'html'} .= sprintf(gettext("<h4>Period: %s - %s</h4>\n"), $start, $date);
if ( $count > 0 ) {
$header->{'html'} .= gettext("<h4>The following filters were used for report generation:</h4>");
for (sort keys(%$filts)) {
$header->{'html'} .= sprintf(gettext("<p>Filter: %s, Value: %s</p>"), $_, $filts->{$_});
}
} else {
$header->{'html'} .= gettext("<h4>No filters were used for report generation.</h4>");
}
$header->{'html'} .= "<hr>\n";
}
my $mailHeader = $header->{'csv'};
$mailHeader =~ s/^#\s*//;
if ( open (HDR, ">$headerFile") ) {
print HDR "$mailHeader";
close HDR;
}
return $header;
}
# Sets name of new report file to generate
sub getRepFileName {
my ($hashName,$dir,$repConf) = @_;
my @dirList = ();
my $plainName = $hashName->{'base'};
# Append date info to help id reports
my ($sec,$min,$hour,$mday,$month,$year,@junk) = localtime;
$year += 1900;
$month += 1;
$month = sprintf("%02d", $month);
$mday = sprintf("%02d", $mday);
$hour = sprintf("%02d", $hour);
$min = sprintf("%02d", $min);
$sec = sprintf("%02d", $sec);
$mday = sprintf("%02d", $mday);
my $suffix = "-$year-$month-$mday\_$hour.$min.$sec";
$plainName = $plainName . $suffix;
my $qtName = "\"$plainName\"";
if (opendir (DIR, $dir)) {
@dirList = grep(/$qtName/, readdir(DIR) );
close DIR;
}
my $numReps = scalar(@dirList) + 1;
$numReps = sprintf("%03d", $numReps);
my $newName = undef;
# Prefix all names w/ .csv -- we'll change to .html later if required
$newName = "$dir/$plainName.$numReps.csv";
return $newName;
}
sub getRepConf {
my $repName = shift;
my $repConf = '/etc/apparmor/reports.conf';
my $tmpConf = '/var/log/apparmor/reports/reports.conf';
my $config = undef;
my @mailList = ();
my %filts = (); # Report 'record' filters
my $rep = Immunix::Reports::getXmlReport($repName);
if ( scalar(keys(%$rep)) < 2 ) {
logMessage(sprintf(gettext("Fatal Error: Couldn't get report configuration information %s. Exiting."), $repConf));
exit 1;
}
# Clear unnecessary filters
for my $filt (keys %$rep) {
#$rep->{$filt} =~ s/\s+//g; # repname won't be in here, so no spaces
if ( $rep->{$filt} eq "-" || $rep->{$filt} eq 'All' ||
$rep->{$filt} eq '*' )
{
delete($rep->{$filt});
}
}
#mark
my $filts = Immunix::Reports::getFilterList($rep);
# Mail Type - csv, html, or both
if ( $rep->{'csv'} eq '1' && $rep->{'html'} eq '1' ) {
$rep->{'mailType'} = 'both';
} elsif ( $rep->{'csv'} eq '1' && $rep->{'html'} eq '0' ) {
$rep->{'mailType'} = 'csv';
} elsif ( $rep->{'csv'} eq '0' && $rep->{'html'} eq '1' ) {
$rep->{'mailType'} = 'html';
} else {
$rep->{'mailType'} = 'none';
}
# Mail Address List
if ( $rep->{'addr1'} ) { push(@mailList,$rep->{'addr1'}); }
if ( $rep->{'addr2'} ) { push(@mailList,$rep->{'addr2'}); }
if ( $rep->{'addr3'} ) { push(@mailList,$rep->{'addr3'}); }
$rep->{'startTime'} = $rep->{'time'};
$rep->{'endTime'} = time;
$rep->{'filters'} = %$filts; # mark ($filts needs to be hash, not hash ref
$rep->{'mailList'} = \@mailList;
return $rep;
}
# Updates last-run time sig. in reports.conf
sub updateConf {
my ($repName, $repConf) = @_;
my $time = $repConf->{'endTime'};
if (! $time) { $time = time; }
#if ( ref($repName) ) { $repName = $repName->{'base'}; }
my $repCfFile = '/etc/apparmor/reports.conf';
my $tmpConf = '/var/log/apparmor/reports/reports.conf';
if ( open(OCF, "<$repCfFile") ) {
if ( open(TCF, ">$tmpConf") ) {
my $nameFlag = 0;
while(<OCF>) {
chomp;
if ( /\<name\>/ ) {
#my $name = (split(/\"/, $_))[1];
/\<name\>(.+)\<\/name\>/;
my $name = $1;
if ( $name eq $repName->{'base'} ) {
$nameFlag = 1;
}
} elsif ( $nameFlag == 1 ) {
if ( /\<time\>/ ) {
$_ = "\t<time>$time</time>";
$nameFlag = 0;
}
}
print TCF "$_\n";
}
close TCF;
} else {
#logMessage("Error: Couldn't open (tmp) $tmpConf. ESS report execution not tracked.");
logMessage(sprintf(gettext("Error: Couldn't open (tmp) %s. ESS report execution not tracked."), $tmpConf));
}
close OCF;
} else {
logMessage(sprintf(gettext("Error: Couldn't open %s. ESS report execution not tracked."), $repCfFile));
}
if ( -e $repCfFile && -e $tmpConf ) {
Immunix::Reports::updateFiles($repCfFile,$tmpConf);
}
return 0;
}
sub sendMail {
my ($repName,$repFile,$repConf) = @_;
my $repCfFile = '/etc/apparmor/reports.conf';
if (! $repName || ! $repFile) {
logMessage(gettext("Error: Necessary input missing. Unable to generate report and send mail."));
return 1;
}
my $baseName = $repName->{'base'};
my $host = `hostname -f`;
chomp($host);
my $toMail = $repConf->{'mailList'};
my $rec = undef;
if ( @$toMail > 0 ) {
for (@$toMail) {
if ( $repConf->{'mailType'} ) {
if ( $repConf->{'mailType'} eq 'csv' ) {
#`/usr/bin/mail $_ -s $baseName -r "AppArmor_Reporting\@$host" -a $repFile < /dev/null`;
`/usr/bin/mail $_ -s $baseName -r "AppArmor_Reporting\@$host" -a $repFile < $headerFile`;
} elsif ( $repConf->{'mailType'} eq 'html' ) {
$repFile =~ s/csv/html/;
#`/usr/bin/mail $_ -s $baseName -r "AppArmor_Reporting\@$host" -a $repFile < /dev/null`;
`/usr/bin/mail $_ -s $baseName -r "AppArmor_Reporting\@$host" -a $repFile < $headerFile`;
} elsif ( $repConf->{'mailType'} eq 'both' ) {
my $rep2 = $repFile;
$rep2 =~ s/csv/html/;
#`/usr/bin/mail $_ -s $baseName -r "AppArmor_Reporting\@$host" -a $repFile -a $rep2 < /dev/null`;
`/usr/bin/mail $_ -s $baseName -r "AppArmor_Reporting\@$host" -a $repFile -a $rep2 < $headerFile`;
}
} else {
`/usr/bin/mail $_ -s $repName -r "AppArmor_Reporting\@$host" -a $repFile < $headerFile`;
}
}
}
return 0;
}
sub runEss {
my ($repName,$repConf) = @_;
#my ($repName,$date,$lastRun) = @_;
my $ref = ();
# getSevStats from ag_reports_ess
my $db = Immunix::Reports::getEssStats($ref);
my $header = makeHeader('ess',$repConf);
if ( $repConf->{'startTime'} && $repConf->{'startTime'} > 0 ) {
$ref->{'startdate'} = $repConf->{'startTime'};
} else {
$ref->{'startdate'} = 1104566401;
}
# CSV
if ( $repConf->{'mailType'} eq 'csv' || $repConf->{'mailType'} eq 'both' ) {
if ( open(ESS, ">$repName") ) {
print ESS "$header->{'csv'}";
for (@$db) {
$_->{'startdate'} = Immunix::Reports::getDate("$repConf->{'startTime'}");
$_->{'enddate'} = Immunix::Reports::getDate("$repConf->{'endTime'}");
print ESS "$_->{'host'},$_->{'startdate'},$_->{'enddate'},";
print ESS "$_->{'sevHi'},$_->{'sevMean'},$_->{'numRejects'},$_->{'numEvents'}\n";
}
close ESS;
} else {
logMessage(sprintf(gettext("Error: Couldn't open %s. No ESS csv report generated."), $repName));
}
}
# HTML
if ( $repConf->{'mailType'} eq 'html' || $repConf->{'mailType'} eq 'both' ) {
$repName =~ s/csv/html/;
if ( open(ESS, ">$repName") ) {
print ESS "<html><body bgcolor='fffeec'><font face='Helvetica,Arial,Sans-Serif'>\n";
print ESS "$header->{'html'}";
print ESS gettext("<tr bgcolor='edefff'><td>Hostname</td><td>Start Date</td><td>End Date</td>");
print ESS gettext("<td>Highest Severity</td><td>Mean Severity</td><td>Number of REJECTs</td>");
print ESS gettext("<td>Number of Events</td></tr>\n");
for (@$db) {
$_->{'startdate'} = Immunix::Reports::getDate("$repConf->{'startTime'}");
$_->{'enddate'} = Immunix::Reports::getDate("$repConf->{'endTime'}");
print ESS "<tr><td>$_->{'host'}</td><td>$_->{'startdate'}</td><td>$_->{'enddate'}</td>";
print ESS "<td>$_->{'sevHi'}</td><td>$_->{'sevMean'}</td><td>$_->{'numRejects'}</td>";
print ESS "<td>$_->{'numEvents'}</td></tr>\n";
}
print ESS "</table><br></body></html>";
close ESS;
} else {
logMessage(sprintf(gettext("Error: Couldn't open %s. No ESS html report generated."), $repName));
}
}
return 0;
}
sub runAud {
my ($repName,$repConf) = @_;
my $header = makeHeader('aud',$repConf);
# CSV
if ( $repConf->{'mailType'} eq 'csv' || $repConf->{'mailType'} eq 'both' ) {
if ( open(AUD, ">$repName") ) {
my $db = Immunix::Reports::getCfInfo();
print AUD "$header->{'csv'}";
for (@$db) {
print AUD "$_->{'host'},$_->{'date'},$_->{'prog'}, $_->{'prof'}, $_->{'pid'},";
if ( $_->{'state'} eq 'confined' ) {
print AUD "$_->{'state'},$_->{'type'}\n";
} else {
print AUD "$_->{'state'}, - \n";
}
}
close AUD;
} else {
logMessage(sprintf(gettext("Error: Couldn't open %s. No AUD report generated."), $repName));
}
}
# HTML
if ( $repConf->{'mailType'} eq 'html' || $repConf->{'mailType'} eq 'both' ) {
$repName =~ s/csv/html/;
if ( open(AUD, ">>$repName") ) {
my $db = Immunix::Reports::getCfInfo();
print AUD "<html><body bgcolor='fffeec'><font face='Helvetica,Arial,Sans-Serif'>\n";
print AUD gettext("<h3>Applications Audit Report - Generated by AppArmor</h3>\n");
print AUD "$header->{'html'}";
print AUD gettext("<tr bgcolor='edefff'><td>Hostname</td><td>Date</td><td>Application</td>");
print AUD gettext("<td>Profile</td><td>PID</td><td>State</td><td>AppArmor Profile</td></tr>\n");
for (@$db) {
print AUD "<tr><td>$_->{'host'}</td><td>$_->{'date'}</td><td>$_->{'prog'}</td><td>$_->{'prof'}</td>";
if ( $_->{'state'} eq 'confined' ) {
print AUD "<td>$_->{'pid'}</td><td>$_->{'state'}</td><td>$_->{'type'}</td></tr>\n";
} else {
print AUD "<td>$_->{'pid'}</td><td>$_->{'state'}</td><td align='center'>&nbsp;-&nbsp;</td></tr>\n";
}
}
print AUD "<br></table></body></html>\n";
close AUD;
} else {
logMessage(sprintf(gettext("Error: Couldn't open %s. No AUD report generated."), $repName));
}
}
return 0;
}
sub runSir {
my ($repName,$repFile,$repConf) = @_;
my $filts = Immunix::Reports::setFormFilters($repConf);
$filts = Immunix::Reports::rewriteFilters($filts);
my $start = '1104566401'; # default start, Jan 1, 2005
if ( $repConf->{'startTime'} && $repConf->{'startTime'} > 0 ) {
$start = $repConf->{'startTime'};
}
my $db = Immunix::Reports::grabEvents($filts,$start);
if ($repConf->{'start'} && $repConf->{'start'} > $start ) {
$start = localtime($repConf->{'startTime'});
}
my $end = localtime($repConf->{'endTime'});
my $header = makeHeader('sir',$repConf,$filts);
# CSV
if ( $repConf->{'mailType'} =~ /csv/ || $repConf->{'mailType'} =~ /both/ ) {
if ( open(SIR, ">$repFile") ) {
#my $ref = getSirFilters($repName);
# Write Header
print SIR "$header->{'csv'}";
#Immunix::Reports::exportFormattedText($repName,$repFile,$db); # Replaced stuff below
for (@$db) {
print SIR "$_->{'host'},$_->{'time'},$_->{'prog'},$_->{'profile'},";
print SIR "$_->{'pid'},$_->{'severity'},$_->{'mode_deny'},$_->{'mode_req'},";
print SIR "$_->{'resource'},$_->{'sdmode'},$_->{'op'},$_->{'attr'},";
print SIR "$_->{'name_alt'},$_->{'parent'},$_->{'active_hat'},";
print SIR "$_->{'net_family'},$_->{'net_proto'},$_->{'net_socktype'}\n";
# old aa-eventd
#print SIR "$_->{'host'},$_->{'date'},$_->{'prog'},$_->{'profile'},$_->{'pid'},";
#print SIR "$_->{'severity'},$_->{'mode'},$_->{'resource'},$_->{'sdmode'}\n";
}
close SIR;
} else {
logMessage(sprintf(gettext("Error: Couldn't open %s. No SIR report generated."), $repFile));
}
}
# HTML
if ( $repConf->{'mailType'} =~ /html/ || $repConf->{'mailType'} =~ /both/ ) {
#my $repName = $repConf->{'name'};
#$repName =~ s/csv/html/;
$repFile =~ s/csv/html/;
#Immunix::Reports::exportLog($repName,$repFile,$db);
Immunix::Reports::exportLog($repFile,$db,$header->{'html'});
}
return 0;
}
# Main
################################################################################
if (! $ARGV[0]) {
logMessage(gettext("Error: No arguments passed--Unable to execute reports. Exiting."));
exit 1;
}
my $args = undef;
my @dirList = ();
#my $date = localtime;
my $dir = '/var/log/apparmor/reports-archived';
my $repName = undef;
$repName->{'base'} = $ARGV[0]; # Report Name
$repName->{'quoted'} = "\"$repName->{'base'}\""; # Quoted Report Name
logMessage(sprintf(gettext("Executing Scheduled Report: %s"), $repName->{'base'}));
my $repConf = getRepConf($repName);
if ( $repConf->{'exportpath'} && -d $repConf->{'exportpath'} ) {
$dir = $repConf->{'exportpath'};
}
my $repFile = getRepFileName($repName,$dir,$repConf);
if ($repName->{'base'} =~ /Executive.Security.Summary/) {
runEss($repFile,$repConf);
} elsif ($repName->{'base'} =~ /Applications.Audit/) {
runAud($repFile,$repConf);
} else {
# Security Incident Report
runSir($repName,$repFile,$repConf);
}
if ( ! -e $headerFile ) { $headerFile = '/dev/null'; }
sendMail($repName,$repFile,$repConf);
updateConf($repName,$repConf);
exit 0;

486
management/yastui/src/clients/GenProf.ycp
View file

@ -1,486 +0,0 @@
/* ------------------------------------------------------------------
*
* Copyright (C) 2002-2006 Novell/SUSE
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of version 2 of the GNU General Public
* License published by the Free Software Foundation.
*
------------------------------------------------------------------*/
{
import "Label";
import "Wizard";
import "Popup";
import "Sequencer";
include "subdomain/apparmor_profile_check.ycp";
include "subdomain/apparmor_packages.ycp";
include "subdomain/apparmor_ycp_utils.ycp";
textdomain "yast2-apparmor";
boolean done = false;
string type = "";
string status = "";
if (!installAppArmorPackages()) {
return;
}
if (!checkProfileSyntax()) {
return;
}
// initiate the handshake with the backend agent
map agent_data = (map) SCR::Read(.genprof);
// is the backend just starting up?
type = (string) agent_data["type"]:"handshake_error";
status = (string) agent_data["status"]:"handshake_error";
if((type != "initial_handshake") || (status != "backend_starting")) {
Popup::Error(_("Synchronization error between frontend and backend."));
done = true;
return;
}
// tell the backend tht we're just starting also...
agent_data["status"] = "frontend_starting";
SCR::Write(.genprof, agent_data);
// open up the initial form window...
Wizard::CreateDialog();
// start our main event
repeat {
agent_data = (map) SCR::Read(.genprof);
string type = (string) agent_data["type"]:"error";
if(type == "initial_handshake") {
Popup::Error(_("Synchronization error between frontend and backend."));
done = true;
return;
}
if(type == "wizard") {
string command = "CMD_ABORT";
string title = agent_data["title"]:_("AppArmor Profile Wizard");
string helptext = agent_data["helptext"]:_(" <b>AppArmor Profiling Wizard</b><br>
This wizard presents entries generated by the AppArmor access control module. You can generate highly optimized and robust security profiles by using the suggestions made by AppArmor. AppArmor suggests that you allow or deny access to specific resources or define execute permission for entries. These questions that display were logged during the normal application execution test previously performed. <br>
The following help text describes the detail of the security profile syntax used by AppArmor. <br><br>At any stage, you may customize the profile entry by changing the suggested response. This overview will assist you in your options. Refer to the Admin Guide for step-by-step instructions.
<br><br>
<b>Access Modes</b><br>
File permission access modes consists of combinations of
the following six modes:
<ul> <li>r - read</li>
<li>w - write</li>
<li>m - mmap PROT_EXEC</li>
<li>px - discrete profile execute</li>
<li>ux - unconfined execute</li>
<li>ix - inherit execute</li>
<li>l - link</li>
</ul>
<p>
<br> <b>Details for Access Modes</b>
<br><br>
<b>Read mode</b><br>
Allows the program to have read access to the
resource. Read access is required for shell scripts
and other interpreted content, and determines if an
executing process can core dump or be attached to with
ptrace(2). (ptrace(2) is used by utilities such as
strace(1), ltrace(1), and gdb(1).)
<br>
<br>
<b>Write mode</b><br>
Allows the program to have write access to the
resource. Files must have this permission if they are
to be unlinked (removed.)
<br>
<br>
<b>Mmap PROT_EXEC mode</b><br>
Allows the program to call mmap with PROT_EXEC on the
resource.
<br>
<br>
<b>Unconfined execute mode</b><br>
Allows the program to execute the resource without any
AppArmor profile being applied to the executed
resource. Requires listing execute mode as well.
Incompatible with Inherit and Discrete Profile execute
entries.
<br><br>
This mode is useful when a confined program needs to
be able to perform a privileged operation, such as
rebooting the machine. By placing the privileged section
in another executable and granting unconfined
execution rights, it is possible to bypass the mandatory
constraints imposed on all confined processes.
For more information on what is constrained, see the
subdomain(7) man page.
<br><br> <b>Discrete Profile execute mode</b><br>
This mode requires that a discrete security profile is
defined for a resource executed at a AppArmor domain
transition. If there is no profile defined then the
access will be denied. Incompatible with Inherit and
Unconstrained execute entries.
<br>
<br>
<b>Link mode</b><br>
Allows the program to be able to create and remove a
link with this name (including symlinks). When a link
is created, the file that is being linked to MUST have
the same access permissions as the link being created
(with the exception that the destination does not have
to have link access.) Link access is required for
unlinking a file.
<br>
<br>
<b>Globbing</b>
<br>
<br>
File resources may be specified with a globbing syntax
similar to that used by popular shells, such as csh(1),
bash(1), zsh(1).
<br>
<ul>
<li><b>*</b> can substitute for any number of characters, excepting
'/'<li>
<li><b>**</b> can substitute for any number of characters, including '/'</li>
<li><b>?</b> can substitute for any single character excepting '/'</li>
<li><b>[abc]</b> will substitute for the single character a, b, or c</li>
<li><b>[a-c]</b> will substitute for the single character a, b, or c</li>
<li><b>{ab,cd}</b> will expand to one rule to match ab, one rule to match
cd</li>\n
</ul>
<br>
<br>
<b>Clean Exec - for sanitized execution</b>
<br>
<br>
The Clean Exec option for the discrete profile and unconstrained
execute permissions provide added security by stripping the
enviroment that is inherited by the child program of specific
variables. You will be prompted to choose whether you want to sanitize the
enviroment if you choose 'p' or 'u' during the profiling process.
The variables are:
<ul>
<li>GCONV_PATH</li>
<li>GETCONF_DIR</li>
<li>HOSTALIASES</li>
<li>LD_AUDIT</li>
<li>LD_DEBUG</li>
<li>LD_DEBUG_OUTPUT</li>
<li>LD_DYNAMIC_WEAK</li>
<li>LD_LIBRARY_PATH</li>
<li>LD_ORIGIN_PATH</li>
<li>LD_PRELOAD</li>
<li>LD_PROFILE</li>
<li>LD_SHOW_AUXV</li>
<li>LD_USE_LOAD_BIAS</li>
<li>LOCALDOMAIN</li>
<li>LOCPATH</li>
<li>MALLOC_TRACE</li>
<li>NLSPATH</li>
<li>RESOLV_HOST_CONF</li>
<li>RES_OPTION</li>
<li>TMPDIR</li>
<li>TZDIR</li> </ul>
");
list<string> headers = agent_data["headers"]:[];
list<string> options = agent_data["options"]:[];
list<string> functions = agent_data["functions"]:["CMD_ABORT"];
string explanation = agent_data["explanation"]:"";
string default_button = agent_data["default"]:"NO_DEFAULT";
integer selected = agent_data["selected"]:0;
integer idx = 0;
// build up the list of headers
term ui_headers = `VBox(`VSpacing(0.5));
while(idx < size(headers)) {
string field = headers[idx]:"MISSING FIELD";
string value = (string) tostring(headers[idx+1]:"MISSING VALUE");
ui_headers = add(ui_headers, `Left(`HBox(`Heading(field), `HSpacing(0.5), `HWeight(75, `Label(value)))));
idx = idx + 2;
}
ui_headers = add(ui_headers, `VSpacing(0.5));
// build up the option list if we have one
idx = 0;
term ui_options = `VBox(`VSpacing(0.5));
foreach (string option, options, ``{
ui_options = add(ui_options, `Left(`RadioButton(`id(idx), option)));
idx = idx + 1;
});
ui_options = add(ui_options, `VSpacing(0.5));
// build up the set of buttons for the different actions we support
term ui_functions = `HBox( `HSpacing(`opt(`hstretch), 0.1) );
foreach (string function, functions, ``{
if((function != "CMD_ABORT") && (function != "CMD_FINISHED")) {
string buttontext = CMDS[function]:"MISSING BUTTON TEXT";
ui_functions = add(ui_functions, `HCenter(`PushButton(`id(function), buttontext)));
}
});
ui_functions = add(ui_functions, `HSpacing(`opt(`hstretch), 0.1));
// throw it all together
term contents = `VBox(
`Top(
`VBox(
ui_headers,
`Label(explanation),
`RadioButtonGroup(ui_options),
`VSpacing(`opt(`vstretch), 1),
ui_functions
)
)
);
// update the ui to reflect our new form state...
Wizard::SetContents(title, contents, helptext, false, true);
// fix up the label on the next/finish button
Wizard::SetNextButton(`next, Label::FinishButton() );
// select and enable to correct buttons
idx = 0;
foreach (string option, options, ``{
UI::ChangeWidget (`id(idx), `Value, selected == idx);
idx = idx + 1;
});
// set the focus to be the default action, if we have one
if(default_button != "NO_DEFAULT") {
UI::SetFocus(`id (default_button));
}
// wait for user input
any ret = Wizard::UserInput();
map answers = $[ ];
// figure out which button they pressed
if (ret == `abort) {
answers["selection"] = "CMD_ABORT";
} else if (ret == `next) {
answers["selection"] = "CMD_FINISHED";
} else {
foreach (string function, functions, ``{
if(ret == function) {
answers["selection"] = function;
}
});
}
// figure out which option was selected
idx = 0;
foreach (string option, options, ``{
if(UI::QueryWidget(`id(idx), `Value) == true) {
answers["selected"] = idx;
}
idx = idx + 1;
});
// tell the backend what they did
SCR::Write(.genprof, answers);
} else if (type == "dialog-repo-sign-in") {
map<string,string> answers = UI_RepositorySignInDialog( agent_data );
SCR::Write(.genprof, answers);
} else if (type == "dialog-view-profile") {
map<string,string> answers = $[ ];
UI_RepositoryViewProfile( agent_data );
answers["answer"] = "okay";
SCR::Write(.genprof, answers);
} else if (type == "dialog-select-profiles") {
map<any,any> answers = UI_MultiProfileSelectionDialog( agent_data );
SCR::Write(.genprof, answers);
} else if (type == "dialog-busy-start") {
map<string,string> answers = $[ ];
UI_BusyFeedbackStart( agent_data );
answers["answer"] = "okay";
SCR::Write(.genprof, answers);
} else if (type == "dialog-busy-stop") {
map<string,string> answers = $[ ];
UI_BusyFeedbackStop( );
answers["answer"] = "okay";
SCR::Write(.genprof, answers);
} else if (type == "long-dialog-message") {
map<string,string> answers = $[ ];
UI_LongMessage( agent_data );
answers["answer"] = "okay";
SCR::Write(.genprof, answers);
} else if (type == "short-dialog-message") {
map<string,string> answers = $[ ];
UI_ShortMessage( agent_data );
answers["answer"] = "okay";
SCR::Write(.genprof, answers);
} else if (type == "dialog-yesno") {
string question = agent_data["question"]:"MISSING QUESTION";
string default_ans = agent_data["default"]:"n";
symbol focus = `focus_no;
if(default_ans == "y") {
focus = `focus_yes;
}
map answers = $[ ];
if(Popup::AnyQuestion(Popup::NoHeadline(), question, _("&Yes"), _("&No"), focus)) {
answers["answer"] = "y";
} else {
answers["answer"] = "n";
}
# write the answers for the last dialog
boolean written = SCR::Write(.genprof, answers);
} else if (type == "dialog-getstring") {
string label = agent_data["label"]:"MISSING LABEL";
string default_value = agent_data["default"]:"MISSING DEFAULT";
term dialog = `VBox(
`TextEntry(`id (`stringfield), label, default_value),
`HBox(
`HWeight(1, `PushButton(`id(`okay), `opt(`default, `key_F10), _("&Okay"))),
`HSpacing(2),
`HWeight(1, `PushButton(`id(`cancel), `opt(`key_F9), _("&Cancel")))
)
);
UI::OpenDialog(dialog);
UI::SetFocus(`id(`stringfield));
any poo = UI::UserInput();
map answers = $[ ];
if(poo == `okay) {
answers["string"] = (string) UI::QueryWidget(`id(`stringfield), `Value);
} else {
answers["string"] = "";
}
UI::CloseDialog();
# write the answers for the last dialog
boolean written = SCR::Write(.genprof, answers);
} else if (type == "dialog-getfile") {
string description = agent_data["description"]:"GETFILE: MISSING DESCRIPTION";
string file_label = agent_data["file_label"]:"GETFILE: MISSING FILE:LABEL";
string okay_label = agent_data["okay_label"]:"GETFILE: MISSING OKAY_LABEL";
string cancel_label = agent_data["cancel_label"]:"GETFILE: MISSING CANCEL_LABEL";
string browse_desc = agent_data["browse_desc"]:"GETFILE: MISSING BROWSE_DESC";
term dialog = `VBox(
`Top(
`VBox(
`VSpacing(1),
`Left(`Label(description)),
`VSpacing(0.5),
`Left(`TextEntry(`id(`filename), file_label, "")),
`VSpacing(`opt(`vstretch), 0.25)
)
),
`HBox( `HCenter(`PushButton(`id(`browse), _("&Browse")))),
`HBox(
`HSpacing(`opt(`hstretch), 0.1),
`HCenter(`PushButton(`id(`okay), `opt(`default), okay_label)),
`HCenter(`PushButton(`id(`cancel), cancel_label)),
`HSpacing(`opt(`hstretch), 0.1),
`VSpacing(1)
)
);
UI::OpenDialog(dialog);
map<string,string> answers = $[ ];
any poo = false;
repeat {
UI::SetFocus(`id(`filename));
poo = UI::UserInput();
if(poo == `okay) {
answers["answer"] = "okay";
answers["filename"] = (string) UI::QueryWidget(`id(`filename), `Value);
} else if(poo == `cancel) {
answers["answer"] = "cancel";
} else if ( poo == `browse ) {
string selectfilename = UI::AskForExistingFile( "/", "", browse_desc);
UI::ChangeWidget(`id(`filename), `Value, selectfilename);
}
} until ((poo == `okay) || (poo == `cancel));
UI::CloseDialog();
// tell the backend what they picked
boolean written = SCR::Write(.genprof, answers);
} else if (type == "dialog-error") {
string message = agent_data["message"]:"MISSING QUESTION";
Popup::Error(message);
map answers = $[ ];
answers["answer"] = "okay";
// tell the backend that the user has acknowledged the error
boolean written = SCR::Write(.genprof, answers);
} else if (type == "final_shutdown") {
done = true;
map answers = $[ ];
answers["type"] = "shutdown_acknowledge";
answers["status"] = "shutting_down";
// tell the backend that we're shutting down also
boolean written = SCR::Write(.genprof, answers);
} else {
string errortext = "Email support@novell.com: " + type;
Popup::Error(errortext);
done = true;
}
} until ( done == true);
Wizard::CloseDialog();
}

482
management/yastui/src/clients/LogProf.ycp
View file

@ -1,482 +0,0 @@
/* ------------------------------------------------------------------
*
* Copyright (C) 2002-2006 Novell/SUSE
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of version 2 of the GNU General Public
* License published by the Free Software Foundation.
*
------------------------------------------------------------------*/
{
import "Label";
import "Wizard";
import "Popup";
import "Sequencer";
include "subdomain/apparmor_packages.ycp";
include "subdomain/apparmor_profile_check.ycp";
include "subdomain/apparmor_ycp_utils.ycp";
textdomain "yast2-apparmor";
boolean done = false;
string type = "";
string status = "";
if (!installAppArmorPackages()) {
return;
}
if (!checkProfileSyntax()) {
return;
}
// initiate the handshake with the backend agent
map agent_data = (map) SCR::Read(.logprof);
// is the backend just starting up?
type = (string) agent_data["type"]:"handshake_error";
status = (string) agent_data["status"]:"handshake_error";
if((type != "initial_handshake") || (status != "backend_starting")) {
Popup::Error(_("Synchronization error between frontend and backend."));
done = true;
return;
}
// tell the backend tht we're just starting also...
agent_data["status"] = "frontend_starting";
SCR::Write(.logprof, agent_data);
// open up the initial form window...
Wizard::CreateDialog();
// start our main event
repeat {
agent_data = (map) SCR::Read(.logprof);
string type = (string) agent_data["type"]:"error";
if(type == "initial_handshake") {
Popup::Error(_("Synchronization error between frontend and backend."));
done = true;
return;
}
if(type == "wizard") {
string command = "CMD_ABORT";
string title = agent_data["title"]:_("AppArmor Profile Wizard");
string helptext = agent_data["helptext"]:_(" <b>AppArmor Profiling Wizard</b><br>
This wizard presents entries generated by the AppArmor access control module. You can generate highly optimized and robust security profiles by using the suggestions made by AppArmor. AppArmor suggests that you allow or deny access to specific resources or define execute permission for entries. These questions that display were logged during the normal application execution test previously performed. <br>
The following help text describes the detail of the security profile syntax used by AppArmor. <br><br>At any stage, you may customize the profile entry by overriding the suggestion. This overview will assist you in your options. Refer to the Admin Guide for step-by-step instructions.
<br><br>
<b>Access Modes</b><br>
File permission access modes consists of combinations of
the following six modes:
<ul> <li>r - read</li>
<li>w - write</li>
<li>m - mmap PROT_EXEC</li>
<li>px - discrete profile execute</li>
<li>ux - unconfined execute</li>
<li>ix - inherit execute</li>
<li>l - link</li>
</ul>
<p><br>
<b>Details for Access Modes</b>
<br><br>
<b>Read mode</b><br>
Allows the program to have read access to the
resource. Read access is required for shell scripts
and other interpreted content, and determines if an
executing process can core dump or be attached to with
ptrace(2). (ptrace(2) is used by utilities such as
strace(1), ltrace(1), and gdb(1).)
<br>
<br>
<b>Write mode</b><br>
Allows the program to have write access to the
resource. Files must have this permission if they are
to be unlinked (removed.)
<br>
<br>
<b>Mmap PROT_EXEC mode</b><br>
Allows the program to call mmap with PROT_EXEC on the
resource.
<br>
<br>
<b>Unconfined execute mode</b><br>
Allows the program to execute the resource without any
AppArmor profile being applied to the executed
resource. Requires listing execute mode as well.
Incompatible with Inherit and Discrete Profile execute
entries.
<br><br>
This mode is useful when a confined program needs to
be able to perform a privileged operation, such as
rebooting the machine. By placing the privileged section
in another executable and granting unconfined execution rights,
it is possible to bypass the mandatory
constraints imposed on all confined processes.
For more information on what is constrained, see the
subdomain(7) man page.
<br><br> <b>Discrete Profile execute mode</b><br>
This mode requires that a discrete security profile is
defined for a resource executed at a AppArmor domain
transition. If there is no profile defined then the
access will be denied. Incompatible with Inherit and
Unconstrained execute entries.
<br>
<br>
<b>Link mode</b><br>
Allows the program to be able to create and remove a
link with this name (including symlinks). When a link
is created, the file that is being linked to MUST have
the same access permissions as the link being created
(with the exception that the destination does not have
to have link access.) Link access is required for
unlinking a file.
<br>
<br>
<b>Globbing</b>
<br>
<br>
File resources may be specified with a globbing syntax
similar to that used by popular shells, such as csh(1),
bash(1), zsh(1).
<br>
<ul>
<li><b>*</b> can substitute for any number of characters, excepting
'/'<li>
<li><b>**</b> can substitute for any number of characters, including '/'</li>
<li><b>?</b> can substitute for any single character excepting '/'</li>
<li><b>[abc]</b> will substitute for the single character a, b, or c</li>
<li><b>[a-c]</b> will substitute for the single character a, b, or c</li>
<li><b>{ab,cd}</b> will expand to one rule to match ab, one rule to match cd</li>\n
</ul>
<br>
<br>
<b>Clean Exec - for sanitized execution</b>
<br>
<br>
The Clean Exec option for the discrete profile and unconstrained
execute permissions provide added security by stripping the
enviroment that is inherited by the child program of specific
variables. You will be prompted to choose whether you want to sanitize the
enviroment if you choose 'p' or 'u' during the profiling process.
The variables are:
<ul>
<li>GCONV_PATH</li>
<li>GETCONF_DIR</li>
<li>HOSTALIASES</li>
<li>LD_AUDIT</li>
<li>LD_DEBUG</li>
<li>LD_DEBUG_OUTPUT</li>
<li>LD_DYNAMIC_WEAK</li>
<li>LD_LIBRARY_PATH</li>
<li>LD_ORIGIN_PATH</li>
<li>LD_PRELOAD</li>
<li>LD_PROFILE</li>
<li>LD_SHOW_AUXV</li>
<li>LD_USE_LOAD_BIAS</li>
<li>LOCALDOMAIN</li>
<li>LOCPATH</li>
<li>MALLOC_TRACE</li>
<li>NLSPATH</li>
<li>RESOLV_HOST_CONF</li>
<li>RES_OPTION</li>
<li>TMPDIR</li>
<li>TZDIR</li> </ul>
");
list<string> headers = agent_data["headers"]:[];
list<string> options = agent_data["options"]:[];
list<string> functions = agent_data["functions"]:["CMD_ABORT"];
string explanation = agent_data["explanation"]:"";
string default_button = agent_data["default"]:"NO_DEFAULT";
integer selected = agent_data["selected"]:0;
integer idx = 0;
// build up the list of headers
term ui_headers = `VBox(`VSpacing(0.5));
while(idx < size(headers)) {
string field = headers[idx]:"MISSING FIELD";
string value = (string) tostring(headers[idx+1]:"MISSING VALUE");
ui_headers = add(ui_headers, `Left(`HBox(`Heading(field), `HSpacing(0.5), `HWeight(75, `Label(value)))));
idx = idx + 2;
}
ui_headers = add(ui_headers, `VSpacing(0.5));
// build up the option list if we have one
idx = 0;
term ui_options = `VBox(`VSpacing(0.5));
foreach (string option, options, ``{
ui_options = add(ui_options, `Left(`RadioButton(`id(idx), option)));
idx = idx + 1;
});
ui_options = add(ui_options, `VSpacing(0.5));
// build up the set of buttons for the different actions we support
term ui_functions = `HBox( `HSpacing(`opt(`hstretch), 0.1) );
foreach (string function, functions, ``{
if((function != "CMD_ABORT") && (function != "CMD_FINISHED")) {
string buttontext = CMDS[function]:"MISSING BUTTON TEXT";
ui_functions = add(ui_functions, `HCenter(`PushButton(`id(function), buttontext)));
}
});
ui_functions = add(ui_functions, `HSpacing(`opt(`hstretch), 0.1));
// throw it all together
term contents = `VBox(
`Top(
`VBox(
ui_headers,
`Label(explanation),
`RadioButtonGroup(ui_options),
`VSpacing(`opt(`vstretch), 1),
ui_functions
)
)
);
// update the ui to reflect our new form state...
Wizard::SetContents(title, contents, helptext, false, true);
// fix up the label on the next/finish button
Wizard::SetNextButton(`next, Label::FinishButton() );
// select and enable to correct buttons
idx = 0;
foreach (string option, options, ``{
UI::ChangeWidget (`id(idx), `Value, selected == idx);
idx = idx + 1;
});
// set the focus to be the default action, if we have one
if(default_button != "NO_DEFAULT") {
UI::SetFocus(`id (default_button));
}
// wait for user input
any ret = Wizard::UserInput();
map answers = $[ ];
// figure out which button they pressed
if (ret == `abort) {
answers["selection"] = "CMD_ABORT";
} else if (ret == `next) {
answers["selection"] = "CMD_FINISHED";
} else {
foreach (string function, functions, ``{
if(ret == function) {
answers["selection"] = function;
}
});
}
// figure out which option was selected
idx = 0;
foreach (string option, options, ``{
if(UI::QueryWidget(`id(idx), `Value) == true) {
answers["selected"] = idx;
}
idx = idx + 1;
});
// tell the backend what they did
SCR::Write(.logprof, answers);
} else if (type == "dialog-repo-sign-in") {
map<string,string> answers = UI_RepositorySignInDialog( agent_data );
SCR::Write(.logprof, answers);
} else if (type == "dialog-view-profile") {
map<string,string> answers = $[ ];
UI_RepositoryViewProfile( agent_data );
answers["answer"] = "okay";
SCR::Write(.logprof, answers);
} else if (type == "dialog-select-profiles") {
map<any,any> answers = UI_MultiProfileSelectionDialog( agent_data );
SCR::Write(.logprof, answers);
} else if (type == "dialog-busy-start") {
map<string,string> answers = $[ ];
UI_BusyFeedbackStart( agent_data );
answers["answer"] = "okay";
SCR::Write(.logprof, answers);
} else if (type == "dialog-busy-stop") {
map<string,string> answers = $[ ];
UI_BusyFeedbackStop( );
answers["answer"] = "okay";
SCR::Write(.logprof, answers);
} else if (type == "long-dialog-message") {
map<string,string> answers = $[ ];
UI_LongMessage( agent_data );
answers["answer"] = "okay"; SCR::Write(.logprof, answers);
} else if (type == "short-dialog-message") {
map<string,string> answers = $[ ];
UI_ShortMessage( agent_data );
answers["answer"] = "okay";
SCR::Write(.logprof, answers);
} else if (type == "dialog-yesno") {
string question = agent_data["question"]:"MISSING QUESTION";
string default_ans = agent_data["default"]:"n";
symbol focus = `focus_no;
if(default_ans == "y") {
focus = `focus_yes;
}
map answers = $[ ];
if(Popup::AnyQuestion(Popup::NoHeadline(), question, _("&Yes"), _("&No"), focus)) {
answers["answer"] = "y";
} else {
answers["answer"] = "n";
}
# write the answers for the last dialog
boolean written = SCR::Write(.logprof, answers);
} else if (type == "dialog-getstring") {
string label = agent_data["label"]:"MISSING LABEL";
string default_value = agent_data["default"]:"MISSING DEFAULT";
term dialog = `VBox(
`TextEntry(`id (`stringfield), label, default_value),
`HBox(
`HWeight(1, `PushButton(`id(`okay), `opt(`default, `key_F10), _("&Okay"))),
`HSpacing(2),
`HWeight(1, `PushButton(`id(`cancel), `opt(`key_F9), _("&Cancel")))
)
);
UI::OpenDialog(dialog);
UI::SetFocus(`id(`stringfield));
any poo = UI::UserInput();
map answers = $[ ];
if(poo == `okay) {
answers["string"] = (string) UI::QueryWidget(`id(`stringfield), `Value);
} else {
answers["string"] = "";
}
UI::CloseDialog();
# write the answers for the last dialog
boolean written = SCR::Write(.logprof, answers);
} else if (type == "dialog-getfile") {
string description = agent_data["description"]:"GETFILE: MISSING DESCRIPTION";
string file_label = agent_data["file_label"]:"GETFILE: MISSING FILE:LABEL";
string okay_label = agent_data["okay_label"]:"GETFILE: MISSING OKAY_LABEL";
string cancel_label = agent_data["cancel_label"]:"GETFILE: MISSING CANCEL_LABEL";
string browse_desc = agent_data["browse_desc"]:"GETFILE: MISSING BROWSE_DESC";
term dialog = `VBox(
`Top(
`VBox(
`VSpacing(1),
`Left(`Label(description)),
`VSpacing(0.5),
`Left(`TextEntry(`id(`filename), file_label, "")),
`VSpacing(`opt(`vstretch), 0.25)
)
),
`HBox( `HCenter(`PushButton(`id(`browse), _("&Browse")))),
`HBox(
`HSpacing(`opt(`hstretch), 0.1),
`HCenter(`PushButton(`id(`okay), `opt(`default), okay_label)),
`HCenter(`PushButton(`id(`cancel), cancel_label)),
`HSpacing(`opt(`hstretch), 0.1),
`VSpacing(1)
)
);
UI::OpenDialog(dialog);
map<string,string> answers = $[ ];
any poo = false;
repeat {
UI::SetFocus(`id(`filename));
poo = UI::UserInput();
if(poo == `okay) {
answers["answer"] = "okay";
answers["filename"] = (string) UI::QueryWidget(`id(`filename), `Value);
} else if(poo == `cancel) {
answers["answer"] = "cancel";
} else if ( poo == `browse ) {
string selectfilename = UI::AskForExistingFile( "/", "", browse_desc);
UI::ChangeWidget(`id(`filename), `Value, selectfilename);
}
} until ((poo == `okay) || (poo == `cancel));
UI::CloseDialog();
// tell the backend what they picked
boolean written = SCR::Write(.logprof, answers);
} else if (type == "dialog-error") {
string message = agent_data["message"]:"MISSING QUESTION";
Popup::Error(message);
map answers = $[ ];
answers["answer"] = "okay";
// tell the backend that the user has acknowledged the error
boolean written = SCR::Write(.logprof, answers);
} else if (type == "final_shutdown") {
done = true;
map answers = $[ ];
answers["type"] = "shutdown_acknowledge";
answers["status"] = "shutting_down";
// tell the backend that we're shutting down also
boolean written = SCR::Write(.logprof, answers);
} else {
string errortext = "Email support@novell.com: " + type;
Popup::Error(errortext);
done = true;
}
} until ( done == true);
Wizard::CloseDialog();
}

96
management/yastui/src/clients/SD_AddProfile.ycp
View file

@ -1,96 +0,0 @@
/* ------------------------------------------------------------------
*
* Copyright (C) 2002-2006 Novell/SUSE
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of version 2 of the GNU General Public
* License published by the Free Software Foundation.
*
------------------------------------------------------------------*/
{
import "Wizard";
import "Popup";
import "Sequencer";
include "subdomain/apparmor_packages.ycp";
include "subdomain/apparmor_profile_check.ycp";
include "subdomain/profile_dialogs.ycp";
textdomain "yast2-apparmor";
// Globalz
define boolean CreateNewProfile() {
string selectfilename = "";
while ( true ) {
selectfilename = UI::AskForExistingFile( "/", "", _("Select File To Generate A Profile for") );
// Check for cancel in the file choose dialog
if ( selectfilename == nil ) {
return false;
}
Settings["CURRENT_PROFILE"] = selectfilename;
boolean profile = (boolean) SCR::Read (.subdomain_profiles.new, selectfilename);
if ( profile == false && Popup::YesNoHeadline( _("Profile for ") + selectfilename + _(" already exists."), _("Would you like to open this profile in editing mode?") ) ) {
return true;
}
Settings["NEW_PROFILE"] = selectfilename;
return true;
}
}
//
// Setup and run the Wizard
//
define any MainSequence() ``{
map profiles = nil;
map aliases = $[
"showprofile" : ``(DisplayProfileForm(Settings["CURRENT_PROFILE"]:"", false))
];
map sequence = $[
"ws_start" : "showprofile",
"showprofile" : $[
`abort : `abort,
`next : `finish,
`finish : `finish,
],
];
boolean created_new_profile = CreateNewProfile();
if ( created_new_profile == false ) {
remove( Settings, "NEW_PROFILE");
remove( Settings, "CURRENT_PROFILE");
return (any) `abort;
}
map new_profile = (map) SCR::Read (.subdomain_profiles, Settings["CURRENT_PROFILE"]:"" );
Settings["PROFILE_MAP"] = new_profile;
Wizard::CreateDialog();
Wizard::SetTitleIcon("apparmor_add_profile");
any ret = Sequencer::Run(aliases, sequence);
Wizard::CloseDialog();
if ( ret == `abort ) {
string profile_name = Settings["NEW_PROFILE"]:"";
any result = SCR::Write(.subdomain_profiles.delete, profile_name);
}
Settings = remove( Settings, "NEW_PROFILE");
Settings = remove( Settings, "CURRENT_PROFILE");
return ret;
}
//
// YEAH BABY RUN BABY RUN
//
any ret = nil;
if (!installAppArmorPackages()) {
return ret;
}
if (!checkProfileSyntax()) {
return ret;
}
ret = MainSequence();
return ret;
}

81
management/yastui/src/clients/SD_DeleteProfile.ycp
View file

@ -1,81 +0,0 @@
/* ------------------------------------------------------------------
*
* Copyright (C) 2002-2006 Novell/SUSE
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of version 2 of the GNU General Public
* License published by the Free Software Foundation.
*
------------------------------------------------------------------*/
{
import "Wizard";
import "Popup";
import "Sequencer";
include "subdomain/apparmor_packages.ycp";
include "subdomain/apparmor_profile_check.ycp";
include "subdomain/profile_dialogs.ycp";
textdomain "yast2-apparmor";
// Globalz
define any DeleteProfileConfirmation() {
string profilename = Settings["CURRENT_PROFILE"]:"";
if (Popup::YesNoHeadline( _("Delete profile confirmation"),
_("Are you sure you want to delete the profile ") + profilename +
_(" ?\nAfter this operation the AppArmor module will reload the profile set.") ) ) {
y2milestone("Deleted " + profilename );
boolean result = SCR::Write(.subdomain_profiles.delete, profilename);
any result2 = SCR::Write(.subdomain_profiles.reload, "-");
}
return `finish;
}
define any MainSequence() ``{
//
// Read the profiles from the SCR agent
map profiles = (map) SCR::Read (.subdomain_profiles, "all");
map aliases = $[
"chooseprofile" : ``(SelectProfileForm(profiles, _("Please make a
selection from the listed profiles and press Next to delete the profile.<p>"),
_("Delete Profile - Choose profile to delete"), "subdomain/delete_profile")),
"deleteprofile" : ``(DeleteProfileConfirmation()),
];
map sequence = $[
"ws_start" : "chooseprofile",
"chooseprofile" : $[
`abort : `abort,
`next : "deleteprofile",
`finish : `next,
],
];
Wizard::CreateDialog();
Wizard::SetTitleIcon("apparmor_delete_profile");
any ret = Sequencer::Run(aliases, sequence);
Wizard::CloseDialog();
Settings = remove( Settings, "CURRENT_PROFILE");
Settings = remove( Settings, "PROFILE_MAP");
return ret;
}
//
// YEAH BABY RUN BABY RUN
//
any ret = nil;
if (!installAppArmorPackages()) {
return ret;
}
if (!checkProfileSyntax()) {
return true;
}
ret = MainSequence();
return ret;
}

84
management/yastui/src/clients/SD_EditProfile.ycp
View file

@ -1,84 +0,0 @@
/* ------------------------------------------------------------------
*
* Copyright (C) 2002-2006 Novell/SUSE
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of version 2 of the GNU General Public
* License published by the Free Software Foundation.
*
------------------------------------------------------------------*/
{
import "Wizard";
import "Popup";
import "Sequencer";
include "subdomain/apparmor_packages.ycp";
include "subdomain/apparmor_profile_check.ycp";
include "subdomain/profile_dialogs.ycp";
textdomain "yast2-apparmor";
// Globalz
define any MainSequence() ``{
//
// Read the profiles from the SCR agent
map profiles = (map) SCR::Read (.subdomain_profiles, "all");
map aliases = $[
"showProfile" : ``(DisplayProfileForm(Settings["CURRENT_PROFILE"]:"", false)),
"showHat" : ``(DisplayProfileForm(Settings["CURRENT_HAT"]:"", true)),
"chooseProfile" : ``(SelectProfileForm(profiles, _("Please make a selection from the listed profiles and press Next to edit the profile."), _("Edit Profile - Choose profile to edit"), "apparmor_edit_profile" )),
];
map sequence = $[
"ws_start" : "chooseProfile",
"chooseProfile" : $[
`abort : `abort,
`next : "showProfile",
`finish : `next,
],
"showProfile" : $[
`abort : `abort,
`next : `ws_finish,
`showhat : "showHat",
`finish : `next,
],
"showHat" : $[
`abort : `abort,
`next : "showProfile",
`finish : `next,
],
];
Wizard::CreateDialog();
Wizard::SetTitleIcon("apparmor_edit_profile");
any ret = Sequencer::Run(aliases, sequence);
Wizard::CloseDialog();
Settings = remove( Settings, "CURRENT_PROFILE");
Settings = remove( Settings, "PROFILE_MAP");
return ret;
}
//
// YEAH BABY RUN BABY RUN
//
any ret = nil;
if (!installAppArmorPackages()) {
return ret;
}
if (!checkProfileSyntax()) {
return ret;
}
ret = MainSequence();
return ret;
}

98
management/yastui/src/clients/SD_Report.ycp
View file

@ -1,98 +0,0 @@
/* ------------------------------------------------------------------
*
* Copyright (C) 2002-2006 Novell/SUSE
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of version 2 of the GNU General Public
* License published by the Free Software Foundation.
*
------------------------------------------------------------------*/
{
import "Wizard";
import "Popup";
import "Sequencer";
include "subdomain/apparmor_packages.ycp";
include "subdomain/apparmor_profile_check.ycp";
include "subdomain/reporting_dialogues.ycp";
include "subdomain/report_helptext.ycp";
textdomain "yast2-apparmor";
// Globalz
define any mainSequence() ``{
// Read the profiles from the SCR agent
map aliases = $[
"mainreport" : ``(mainReportForm()),
"configreport" : ``(reportConfigForm()),
"reportview" : ``(mainArchivedReportForm()),
"schedReport" : ``(displaySchedForm()),
"viewreport" : ``(displayArchForm()),
"runReport" : ``(displayRunForm())
];
map sequence = $[
"ws_start" : "schedReport",
"mainreport" : $[
`back : `back,
`abort : `abort,
`next : `finish,
`schedrep: "schedReport",
`finish : `ws_finish
],
"schedReport": $[
`back : `ws_start,
`abort : `abort,
`viewrep : "viewreport",
`runrep : "runReport",
`next : "runReport",
`finish : `ws_finish
],
"viewreport" : $[
`back : "mainreport",
`abort : `abort,
`next : "mainreport",
`finish : `ws_finish
],
"runReport": $[
`back : `back,
`abort : `abort,
`next : `finish,
`finish : `ws_finish
],
"configreport" : $[
`back : `back,
`abort : `abort,
`next : "reportview",
`finish : `ws_finish
],
"reportview" : $[
`back : `back,
`abort : `abort,
`next : `finish,
`finish : `ws_finish
],
];
Wizard::CreateDialog();
Wizard::SetTitleIcon("apparmor_view_profile");
any ret = Sequencer::Run(aliases, sequence);
Wizard::CloseDialog();
return ret;
}
any ret = nil;
if (!installAppArmorPackages()) {
return ret;
}
checkProfileSyntax();
ret = mainSequence();
return ret;
}

64
management/yastui/src/clients/subdomain.ycp
View file

@ -1,64 +0,0 @@
/* ------------------------------------------------------------------
*
* Copyright (C) 2002-2006 Novell/SUSE
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of version 2 of the GNU General Public
* License published by the Free Software Foundation.
*
------------------------------------------------------------------*/
{
textdomain "yast2-apparmor";
/* The main () */
y2milestone("----------------------------------------");
y2milestone("Subdomain module started");
import "Label";
import "Popup";
import "Wizard";
include "subdomain/apparmor_packages.ycp";
include "subdomain/sd-config.ycp";
if (!installAppArmorPackages()) {
return;
}
list<map> config_steps =
[
$[ "id": "subdomain", "label": _("Enable AppArmor Functions") ],
];
list<map> steps = flatten( [ config_steps ] );
define symbol displayPage( integer no ) ``{
string current_id = lookup( steps[ no ]:nil, "id", "");
symbol button = nil;
UI::WizardCommand(`SetCurrentStep( current_id ) );
if ( current_id == "subdomain") {
//button = displaySubdomainConfig();
button = displayAppArmorConfig();
}
return button;
}
integer current_step = 0;
symbol button = displayPage( current_step );
/* Finish */
y2milestone("AppArmor module finished");
y2milestone("----------------------------------------");
/* EOF */
}

20
management/yastui/src/clients/subdomain_no_impl.ycp
View file

@ -1,20 +0,0 @@
/* ------------------------------------------------------------------
*
* Copyright (C) 2002-2005 Novell/SUSE
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of version 2 of the GNU General Public
* License published by the Free Software Foundation.
*
------------------------------------------------------------------*/
{
import "Popup";
import "Wizard";
//include "subdomain/prof-config.ycp";
/* BEGIN - This is just temporary filler */
Popup::Message("This function is not implemented at this time");
symbol button = (`ok);
return button;
}

23
management/yastui/src/desktop/SD_Reports.desktop
View file

@ -1,23 +0,0 @@
[Desktop Entry]
Type=Application
Categories=Qt;X-SuSE-YaST;X-SuSE-YaST-AppArmor;
X-KDE-ModuleType=Library
X-KDE-RootOnly=true
X-KDE-HasReadOnlyMode=true
X-KDE-Library=yast2
X-SuSE-YaST-Call=SD_Report
X-SuSE-YaST-Group=AppArmor
X-SuSE-YaST-Argument=
X-SuSE-YaST-RootOnly=true
X-SuSE-YaST-AutoInst=none
X-SuSE-YaST-Geometry=
X-SuSE-YaST-SortKey=
X-SuSE-YaST-AutoInstClonable=false
Icon=apparmor_view_profile
Exec=/sbin/yast2 SD_Report
Name=AppArmor Reports
GenericName=AppArmor Configuration

23
management/yastui/src/desktop/SD_add_profile.desktop
View file

@ -1,23 +0,0 @@
[Desktop Entry]
Type=Application
Categories=Qt;X-SuSE-YaST;X-SuSE-YaST-AppArmor;
X-KDE-ModuleType=Library
X-KDE-RootOnly=true
X-KDE-HasReadOnlyMode=true
X-KDE-Library=yast2
X-SuSE-YaST-Call=SD_AddProfile
X-SuSE-YaST-Group=AppArmor
X-SuSE-YaST-Argument=
X-SuSE-YaST-RootOnly=true
X-SuSE-YaST-AutoInst=none
X-SuSE-YaST-Geometry=
X-SuSE-YaST-SortKey=
X-SuSE-YaST-AutoInstClonable=false
Icon=apparmor_add_profile
Exec=/sbin/yast2 SD_AddProfile
Name=Manually Add Profile
GenericName=AppArmor Configuration

23
management/yastui/src/desktop/SD_control_panel.desktop
View file

@ -1,23 +0,0 @@
[Desktop Entry]
Type=Application
Categories=Qt;X-SuSE-YaST;X-SuSE-YaST-AppArmor;
X-KDE-ModuleType=Library
X-KDE-RootOnly=true
X-KDE-HasReadOnlyMode=true
X-KDE-Library=yast2
X-SuSE-YaST-Call=subdomain
X-SuSE-YaST-Group=AppArmor
X-SuSE-YaST-Argument=
X-SuSE-YaST-RootOnly=true
X-SuSE-YaST-AutoInst=none
X-SuSE-YaST-Geometry=
X-SuSE-YaST-SortKey=
X-SuSE-YaST-AutoInstClonable=false
Icon=apparmor_control_panel
Exec=/sbin/yast2 subdomain
Name=AppArmor Control Panel
GenericName=AppArmor Control Panel

23
management/yastui/src/desktop/SD_delete_profile.desktop
View file

@ -1,23 +0,0 @@
[Desktop Entry]
Type=Application
Categories=Qt;X-SuSE-YaST;X-SuSE-YaST-AppArmor;
X-KDE-ModuleType=Library
X-KDE-RootOnly=true
X-KDE-HasReadOnlyMode=true
X-KDE-Library=yast2
X-SuSE-YaST-Call=SD_DeleteProfile
X-SuSE-YaST-Group=AppArmor
X-SuSE-YaST-Argument=
X-SuSE-YaST-RootOnly=true
X-SuSE-YaST-AutoInst=none
X-SuSE-YaST-Geometry=
X-SuSE-YaST-SortKey=
X-SuSE-YaST-AutoInstClonable=false
Icon=apparmor_delete_profile
Exec=/sbin/yast2 SD_DeleteProfile
Name=Delete Profile
GenericName=AppArmor Configuration

23
management/yastui/src/desktop/SD_edit_profile.desktop
View file

@ -1,23 +0,0 @@
[Desktop Entry]
Type=Application
Categories=Qt;X-SuSE-YaST;X-SuSE-YaST-AppArmor;
X-KDE-ModuleType=Library
X-KDE-RootOnly=true
X-KDE-HasReadOnlyMode=true
X-KDE-Library=yast2
X-SuSE-YaST-Call=SD_EditProfile
X-SuSE-YaST-Group=AppArmor
X-SuSE-YaST-Argument=
X-SuSE-YaST-RootOnly=true
X-SuSE-YaST-AutoInst=none
X-SuSE-YaST-Geometry=
X-SuSE-YaST-SortKey=
X-SuSE-YaST-AutoInstClonable=false
Icon=apparmor_edit_profile
Exec=/sbin/yast2 SD_EditProfile
Name=Edit Profile
GenericName=AppArmor Configuration

23
management/yastui/src/desktop/SD_genprof.desktop
View file

@ -1,23 +0,0 @@
[Desktop Entry]
Type=Application
Categories=Qt;X-SuSE-YaST;X-SuSE-YaST-AppArmor;
X-KDE-ModuleType=Library
X-KDE-RootOnly=true
X-KDE-HasReadOnlyMode=true
X-KDE-Library=yast2
X-SuSE-YaST-Call=GenProf
X-SuSE-YaST-Group=AppArmor
X-SuSE-YaST-Argument=
X-SuSE-YaST-RootOnly=true
X-SuSE-YaST-AutoInst=none
X-SuSE-YaST-Geometry=
X-SuSE-YaST-SortKey=
X-SuSE-YaST-AutoInstClonable=false
Icon=apparmor_creation_wizard
Exec=/sbin/yast2 GenProf
Name=Add Profile Wizard
GenericName=Profile Wizard

23
management/yastui/src/desktop/SD_logprof.desktop
View file

@ -1,23 +0,0 @@
[Desktop Entry]
Type=Application
Categories=Qt;X-SuSE-YaST;X-SuSE-YaST-AppArmor;
X-KDE-ModuleType=Library
X-KDE-RootOnly=true
X-KDE-HasReadOnlyMode=true
X-KDE-Library=yast2
X-SuSE-YaST-Call=LogProf
X-SuSE-YaST-Group=AppArmor
X-SuSE-YaST-Argument=
X-SuSE-YaST-RootOnly=true
X-SuSE-YaST-AutoInst=none
X-SuSE-YaST-Geometry=
X-SuSE-YaST-SortKey=
X-SuSE-YaST-AutoInstClonable=false
Icon=apparmor_update_wizard
Exec=/sbin/yast2 LogProf
Name=Update Profile Wizard
GenericName=Update Profiles

16
management/yastui/src/desktop/groups/apparmor.desktop
View file

@ -1,16 +0,0 @@
[Desktop Entry]
Type=Application
Categories=Qt;X-SuSE-YaST-AppArmor;
X-KDE-ModuleType=Library
X-KDE-RootOnly=true
X-KDE-HasReadOnlyMode=true
X-KDE-Library=yast2
X-SuSE-YaST-Group=AppArmor
X-SuSE-YaST-SortKey=50
OnlyShowIn=X-SuSE-YaST;
Icon=apparmor_app_armor
Name=Novell AppArmor

BIN
management/yastui/src/icons/22x22/apparmor_add_profile.png
View file

Binary file not shown.
Side by side

Before

Width:  |  Height:  |  Size: 1.5 KiB

BIN
management/yastui/src/icons/22x22/apparmor_control_panel.png
View file

Binary file not shown.
Side by side

Before

Width:  |  Height:  |  Size: 1.3 KiB

BIN
management/yastui/src/icons/22x22/apparmor_creation_wizard.png
View file

Binary file not shown.
Side by side

Before

Width:  |  Height:  |  Size: 1.5 KiB

BIN
management/yastui/src/icons/22x22/apparmor_delete_profile.png
View file

Binary file not shown.
Side by side

Before

Width:  |  Height:  |  Size: 1.1 KiB

BIN
management/yastui/src/icons/22x22/apparmor_edit_profile.png
View file

Binary file not shown.
Side by side

Before

Width:  |  Height:  |  Size: 1.3 KiB

BIN
management/yastui/src/icons/22x22/apparmor_update_wizard.png
View file

Binary file not shown.
Side by side

Before

Width:  |  Height:  |  Size: 1.6 KiB

BIN
management/yastui/src/icons/22x22/apparmor_view_profile.png
View file

Binary file not shown.
Side by side

Before

Width:  |  Height:  |  Size: 1.4 KiB

BIN
management/yastui/src/icons/32x32/apparmor_add_profile.png
View file

Binary file not shown.
Side by side

Before

Width:  |  Height:  |  Size: 2.5 KiB

BIN
management/yastui/src/icons/32x32/apparmor_app_armor.png
View file

Binary file not shown.
Side by side

Before

Width:  |  Height:  |  Size: 1.9 KiB

BIN
management/yastui/src/icons/32x32/apparmor_control_panel.png
View file

Binary file not shown.
Side by side

Before

Width:  |  Height:  |  Size: 2.2 KiB

BIN
management/yastui/src/icons/32x32/apparmor_creation_wizard.png
View file

Binary file not shown.
Side by side

Before

Width:  |  Height:  |  Size: 2.6 KiB

BIN
management/yastui/src/icons/32x32/apparmor_delete_profile.png
View file

Binary file not shown.
Side by side

Before

Width:  |  Height:  |  Size: 1.8 KiB

BIN
management/yastui/src/icons/32x32/apparmor_edit_profile.png
View file

Binary file not shown.
Side by side

Before

Width:  |  Height:  |  Size: 2.1 KiB

BIN
management/yastui/src/icons/32x32/apparmor_update_wizard.png
View file

Binary file not shown.
Side by side

Before

Width:  |  Height:  |  Size: 2.8 KiB

BIN
management/yastui/src/icons/32x32/apparmor_view_profile.png
View file

Binary file not shown.
Side by side

Before

Width:  |  Height:  |  Size: 2.5 KiB

BIN
management/yastui/src/icons/48x48/apparmor_add_profile.png
View file

Binary file not shown.
Side by side

Before

Width:  |  Height:  |  Size: 4.5 KiB

BIN
management/yastui/src/icons/48x48/apparmor_app_armor.png
View file

Binary file not shown.
Side by side

Before

Width:  |  Height:  |  Size: 3.4 KiB

BIN
management/yastui/src/icons/48x48/apparmor_control_panel.png
View file

Binary file not shown.
Side by side

Before

Width:  |  Height:  |  Size: 3.9 KiB

BIN
management/yastui/src/icons/48x48/apparmor_creation_wizard.png
View file

Binary file not shown.
Side by side

Before

Width:  |  Height:  |  Size: 4.8 KiB

BIN
management/yastui/src/icons/48x48/apparmor_delete_profile.png
View file

Binary file not shown.
Side by side

Before

Width:  |  Height:  |  Size: 3.1 KiB

BIN
management/yastui/src/icons/48x48/apparmor_edit_profile.png
View file

Binary file not shown.
Side by side

Before

Width:  |  Height:  |  Size: 3.7 KiB

BIN
management/yastui/src/icons/48x48/apparmor_update_wizard.png
View file

Binary file not shown.
Side by side

Before

Width:  |  Height:  |  Size: 5.3 KiB

BIN
management/yastui/src/icons/48x48/apparmor_view_profile.png
View file

Binary file not shown.
Side by side

Before

Width:  |  Height:  |  Size: 4.4 KiB

30
management/yastui/src/include/subdomain/apparmor_packages.ycp
View file

@ -1,30 +0,0 @@
/*
Copyright (C) 2006 Novell Inc. All Rights Reserved.
This program is free software; you can redistribute it and/or
modify it under the terms of version 2 of the GNU General Public
License published by the Free Software Foundation.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, contact Novell, Inc.
Written by Steve Beattie <sbeattie@suse.de>
*/
/* This should probably be more intelligent and query the user once
* whether they want optional packages like apparmor-docs, libapparmor,
* apache2-mod-apparmor and * (eventually) pam-apparmor installed. */
import "PackageSystem";
list<string> __needed_packages =
["apparmor-parser", "apparmor-utils", "apparmor-profiles"];
define boolean installAppArmorPackages () {
return PackageSystem::CheckAndInstallPackagesInteractive (__needed_packages);
}

50
management/yastui/src/include/subdomain/apparmor_profile_check.ycp
View file

@ -1,50 +0,0 @@
/*
Copyright (C) 2006 Novell Inc. All Rights Reserved.
This program is free software; you can redistribute it and/or
modify it under the terms of version 2 of the GNU General Public
License published by the Free Software Foundation.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, contact Novell, Inc.
*/
import "Popup";
textdomain "yast2-apparmor";
define boolean checkProfileSyntax () {
map <string,string> args = $[];
string errmsg = "<ul>";
boolean syntax_ok = true;
args["profile-syntax-check"] = "1";
list <string> errors = (list <string>) SCR::Execute (.subdomain, "profile-syntax-check" );
foreach ( string error, errors, ``{
syntax_ok = false;
errmsg = errmsg + "<li>" + error + "</li>";
});
errmsg = errmsg + "</ul>";
if ( syntax_ok == false ) {
string headline = _("Errors found in AppArmor profiles");
errmsg = _("<p>These problems must be corrected before AppArmor can be \
started or the profile management tools can be used.</p> ")
+ "<p>" + errmsg + "</p>"
+ _("<p>You can find a description of AppArmor profile syntax by \
running ")
+ "<code>man apparmor.d</code></p>"
+ _("<p>Comprehensive documentation about AppArmor is available in \
the AppArmor Administration guide.")
+ "</p>"
+ _("<p>Please refer to this for more detailed information about \
AppArmor</p>");
Popup::LongText( headline, `RichText(errmsg), 55, 15);
}
return( syntax_ok );
}

645
management/yastui/src/include/subdomain/apparmor_ycp_utils.ycp
View file

@ -1,645 +0,0 @@
/*
Copyright (C) 2007 Novell Inc. All Rights Reserved.
This program is free software; you can redistribute it and/or
modify it under the terms of version 2 of the GNU General Public
License published by the Free Software Foundation.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, contact Novell, Inc.
*/
import "Popup";
import "AppArmorDialogs";
textdomain "yast2-apparmor";
map CMDS = $[ ];
CMDS["CMD_ALLOW"] = _("&Allow");
CMDS["CMD_DENY"] = _("&Deny");
CMDS["CMD_ABORT"] = _("Abo(r)t");
CMDS["CMD_FINISHED"] = _("&Finish");
CMDS["CMD_INHERIT"] = _("&Inherit");
CMDS["CMD_PROFILE"] = _("&Profile");
CMDS["CMD_UNCONFINED"] = _("&Unconfined");
CMDS["CMD_NEW"] = _("&Edit");
CMDS["CMD_GLOB"] = _("&Glob");
CMDS["CMD_GLOBEXT"] = _("Glob w/E&xt");
CMDS["CMD_ADDHAT"] = _("&Add Requested Hat");
CMDS["CMD_USEDEFAULT"] = _("&Use Default Hat");
CMDS["CMD_SCAN"] = _("&Scan system log for AppArmor events");
CMDS["CMD_VIEW_PROFILE"] = _("&View Profile");
CMDS["CMD_USE_PROFILE"] = _("&Use Profile");
CMDS["CMD_CREATE_PROFILE"] = _("&Create New Profile");
CMDS["CMD_UPDATE_PROFILE"] = _("&Update Profile");
CMDS["CMD_IGNORE_UPDATE"] = _("&Ignore Update");
CMDS["CMD_SAVE_CHANGES"] = _("&Save Changes");
CMDS["CMD_UPLOAD_CHANGES"] = _("&Upload Changes");
CMDS["CMD_VIEW_CHANGES"] = _("&View Changes");
CMDS["CMD_ENABLE_REPO"] = _("&Enable Repository");
CMDS["CMD_DISABLE_REPO"] = _("&Disable Repository");
CMDS["CMD_ASK_NEVER"] = _("&Never Ask Again");
CMDS["CMD_ASK_LATER"] = _("Ask Me &Later");
CMDS["CMD_YES"] = _("&Yes");
CMDS["CMD_NO"] = _("&No");
define boolean validEmailAddress ( string emailAddr, boolean allowlocal ) {
integer emailAddrLength = size(emailAddr);
boolean isSafe = false;
if ( allowlocal && regexpmatch( emailAddr, "^\/var\/mail\/\\w+$" )) {
isSafe = true;
} else if ((regexpmatch( emailAddr, "\\w+(-\\w+?)@\\w+" ) ||
regexpmatch( emailAddr, "/^(\\w+\.?)+\\w+\@(\\w+\.?)+\\w+$" ) ||
regexpmatch( emailAddr, "\\w+@\\w+" ) ||
!regexpmatch( emailAddr, "..+" )) &&
emailAddrLength < 129 ) {
isSafe = true;
}
return isSafe;
}
/** UI_RepositorySignInDialog
* Dialog to allow users to signin or register with an external AppArmor
* profile repository
*
* @param agent_data - data from the backend
* [ repo_url - string ]
* @return answers - map that contains:
* [ newuser => 1|0 - registering a new user? ]
* [ user => username ]
* [ pass => password ]
* [ email => email address - if newuser = 1 ]
* [ save_config => true/false - save this information on ]
* [ the system ]
*
**/
define map<string,string> UI_RepositorySignInDialog( map<any,any> agent_data ) {
string repo_url = (string) agent_data["repo_url"]:"MISSING_REPO_URL";
term dialog =
`VBox(
`VSpacing(1),
`Top(`Label(_("AppArmor Profile Repository Setup") + "\n" + repo_url)),
`VBox(
`ReplacePoint(`id(`replace), `Empty())
),
`VSpacing(1)
);
term signin_box =
`VBox(
`HBox(
`HSpacing(1),
`Frame(`id(`signin_frame), _("Sign in to the repository"),
`HBox(
`HSpacing(0.5),
`VBox(
`TextEntry(`id(`username), _("Username")),
`Password(`id(`password), _("Password")),
`VSpacing(1),
`HBox(
`CheckBox(`id(`save_conf), `opt(`notify),
_("S&ave configuration")),
`HSpacing( 0.5),
`Left(`PushButton(`id(`signin_submit),
_("&Signin"))),
`Right(`PushButton(`id(`signin_cancel),
_("&Cancel"))),
`HSpacing( 0.5)
)
),
`HSpacing(0.5)
)
),
`HSpacing(1)
),
`VSpacing(1),
`PushButton(`id(`newuser), _("&Register new user..."))
);
term registration_box =
`VBox(
`HBox(
`HSpacing(1),
`Frame(`id(`register_frame), _("Register New User"),
`HBox(
`HSpacing(0.5),
`VBox(
`TextEntry(`id(`register_username),
_("Enter Username")),
`TextEntry(`id(`register_email),
_("Enter Email Address")),
`Password(`id(`register_password),
_("Enter Password")),
`Password(`id(`register_password2),
_("Verify Password")),
`VSpacing(1),
`HBox(
`HSpacing( 0.2),
`CheckBox(`id(`save_conf_new), `opt(`notify),
_("S&ave configuration")),
`Left(`PushButton(`id(`register_submit),
_("&Register"))),
`Right(`PushButton(`id(`register_cancel),
_("&Cancel"))),
`HSpacing( 0.2)
)
),
`HSpacing( 0.5)
)
),
`HSpacing(1)
),
`VSpacing(1),
`PushButton(`id(`signin), _("&Signin as existing user..."))
);
UI::OpenDialog(`opt(`decorated), dialog);
UI::ReplaceWidget(`replace, signin_box);
map<string,string> answers = $[ ];
any input = nil;
repeat {
input = UI::UserInput();
if(input == `newreg) {
boolean new_registration =
(boolean) UI::QueryWidget(`id(`newreg), `Value);
if ( new_registration == true ) {
UI::ChangeWidget(`id(`register_frame), `Enabled, true);
UI::ChangeWidget(`id(`signin_frame), `Enabled, false);
} else {
UI::ChangeWidget(`id(`register_frame), `Enabled, false);
UI::ChangeWidget(`id(`signin_frame), `Enabled, true);
}
} else if(input == `newuser) {
UI::ReplaceWidget(`replace, registration_box);
UI::ChangeWidget(`id(`register_email), `InputMaxLength, 129);
} else if(input == `signin) {
UI::ReplaceWidget(`replace, signin_box);
UI::ChangeWidget(`id(`register_email), `InputMaxLength, 129);
} else if(input == `signin_cancel || input == `register_cancel) {
answers["answer"] = "cancel";
} else if ( input == `signin_submit ) {
string username = (string) UI::QueryWidget(`id(`username), `Value);
string password = (string) UI::QueryWidget(`id(`password), `Value);
string save_config =
(boolean) UI::QueryWidget(`id(`save_conf), `Value) ? "y": "n";
if ( username == "" ) {
Popup::Error(_("Username is required"));
} else if ( password == "" ) {
Popup::Error(_("Password is required"));
} else {
y2milestone("APPARMOR : REPO - signon: \n\tusername [" +
username +
"]\n\tpassword [" +
password + "]");
answers["newuser"] = "n";
answers["user"] = username;
answers["pass"] = password;
answers["save_config"] = save_config;
input = `done;
}
} else if ( input == `register_submit ) {
string username =
(string) UI::QueryWidget( `id(`register_username), `Value);
string password =
(string) UI::QueryWidget( `id(`register_password), `Value);
string password_verify =
(string) UI::QueryWidget( `id(`register_password2), `Value);
string email = (string) UI::QueryWidget( `id(`register_email),
`Value );
string save_config =
(boolean) UI::QueryWidget( `id(`save_conf_new), `Value )
? "y": "n";
if ( username == "" ) {
Popup::Error( _("Username required for registration." ));
} else if ( email == "" ) {
Popup::Error( _("Email address required for registration." ));
} else if ( password == "" && password_verify == "" ) {
Popup::Error( _("Password is required for registration." ));
} else if ( password != password_verify ) {
Popup::Error( _("Passwords do not match. Please re-enter." ));
} else if ( ! validEmailAddress( email, false ) ) {
string err_email_format = _("Email address format invalid.\nEmail address must be less than 129 characters \n and of the format \"name@domain\". \n Please enter another address.");
Popup::Error( err_email_format );
} else {
y2milestone(
"APPARMOR : REPO - new registration: \n\tusername [" +
username + "]\n\tpassword [" + password +
"]\n\temail [" + email + "]\n\tsave config [" +
save_config + "]" );
answers["newuser"] = "y";
answers["pass"] = password;
answers["user"] = username;
answers["email"] = email;
answers["save_config"] = save_config;
input = `done;
}
} else {
y2milestone("APPARMOR : REPO - signon - no valid input[" +
tostring(input) + "]");
}
} until ((input == `done) ||
(input == `register_cancel) ||
(input == `signin_cancel));
if ( input != `done ) {
answers["cancelled"] = "y";
}
UI::CloseDialog();
return( answers );
}
/** UI_RepositoryViewProfile
* Dialog to allow users to view a profile from the repository
* and display it in a small scrollable dialog
*
* @param agent_data - map data from the backend
* [ user => string ]
* [ profile => string contiaining profile contents ]
* [ profile_type => string INACTIVE_LOCAL|REPOSITORY ]
*
* @return void
*
**/
define void UI_RepositoryViewProfile( map<any,any> agent_data ) {
string user = agent_data["user"]:"MISSING USER";
string profile = agent_data["profile"]:"MISSING PROFILE";
string type = agent_data["profile_type"]:"MISSING PROFILE";
string headline = "";
if ( type == "INACTIVE_LOCAL" ) {
headline = _("Local inactive profile");
} else if ( type == "REPOSITORY" ) {
headline = _("Profile created by user ") + user;
} else {
headline = _("Local profile");
}
Popup::LongText ( headline, `RichText(`opt(`plainText), profile), 50, 20 );
}
/** UI_LongMessage
* Basic message dialog that will scroll long text
* @param agent_data - map - data from backend
* [ headline - string ]
* [ message - string ]
*
* @return void
**/
define void UI_LongMessage( map<any,any> agent_data ) {
any user = agent_data["user"]:nil;
string headline = agent_data["headline"]:"MISSING HEADLINE";
string message = agent_data["message"]:"MISSING MESSAGE";
Popup::LongText(headline,`RichText(`opt(`plainText), message), 60, 40);
}
/** UI_ShortMessage
* Basic message dialog - no scrollbars
* @param agent_data - map - data from backend
* [ headline - string ]
* [ message - string ]
*
* @return void
**/
define void UI_ShortMessage( map<any,any> agent_data ) {
any user = agent_data["user"]:nil;
string headline = agent_data["headline"]:"MISSING HEADLINE";
string message = agent_data["message"]:"MISSING MESSAGE";
Popup::AnyMessage(headline, message);
}
/** UI_ChangeLog_Dialog
* Takes a list of profiles and collects one or multiple changelog entries
* and returns them
*
* @param agent_data - data from the backend
* [ profiles - list of profile names ]
*
* @return results - map
* [ STATUS - string - ok/cancel ]
* [ SINGLE_CHANGELOG - string - set with changelog if user ]
* [ selects a single changelog ]
*
* [ profile 1 name - string - changelog 1 ]
* [ profile 2 name - string - changelog 2 ]
* ...
* [ profile n name - string - changelog n ]
*
**/
define map<string,any> UI_ChangeLog_Dialog ( map<any,any> agent_data ) {
map<string,any> results = $[];
string main_label = _("Enter a changelog for the changes for ");
string main_label_single = _(" the selected profiles");
string checkbox_label = _("Individual changelogs per profile");
list<string> profiles = agent_data["profiles"]:[];
term dialog = `VBox(
`TextEntry(`id(`stringfield), main_label + "\n" + main_label_single),
`CheckBox(`id(`individual_changelogs), `opt(`notify), checkbox_label),
`VSpacing(0.5),
`HBox(
`HWeight(1, `PushButton(`id(`okay),
`opt(`default,
`key_F10),
_("&OK"))),
`HSpacing(2),
`HWeight(1, `PushButton(`id(`cancel), `opt(`key_F9), _("&Cancel")))
)
);
results["STATUS"] = "ok";
boolean single_changelog = true;
foreach( string profile_name, profiles, {
UI::OpenDialog(dialog);
if ( !single_changelog ) {
UI::ChangeWidget(`id(`stringfield),
`Label,
main_label + "\n" +
profile_name);
UI::ChangeWidget(`id(`individual_changelogs), `Value, true);
}
UI::SetFocus(`id(`stringfield));
any input = nil;
repeat {
input = UI::UserInput();
if ( input == `cancel ) {
results["STATUS"] = "cancel";
UI::CloseDialog();
break;
} else if ( input == `okay ) {
if (((boolean) UI::QueryWidget(`id(`individual_changelogs),
`Value)) == false ) {
results["SINGLE_CHANGELOG"] =
(string) UI::QueryWidget(`id(`stringfield), `Value);
UI::CloseDialog();
} else {
results[profile_name] =
(string) UI::QueryWidget(`id(`stringfield), `Value);
UI::CloseDialog();
}
} else if ( input == `individual_changelogs ){
if (((boolean) UI::QueryWidget(`id(`individual_changelogs),
`Value)) == true ) {
UI::ChangeWidget(`id(`stringfield),
`Label,
main_label + "\n"
+ profile_name);
single_changelog = false;
} else {
UI::ChangeWidget(`id(`stringfield),
`Label,
main_label + "\n"
+ main_label_single);
}
}
} until ( input == `okay || `input == `cancel );
if ( single_changelog || input == `cancel ) {
break;
}
});
return( results );
}
/** UI_MultiProfileSelectionDialog
* Two pane dialog with a multi-selection box on the left
* and a long text on the right. Allows a list of profiles
* or profile changes to be viewed and selected for further
* processing - for example uploading to the repository
*
* @param agent_data - map - data from backend
* [ title - string - explanation of the forms use ]
* [ get_changelog - string true/false - prompt user to ]
* [ supply changelogs ]
* [ never_ask_again - string true/false - add widget to let ]
* [ user select to never prompt again to ]
* [ upload unselected profiles to the ]
* [ repository ]
* [ default_select - string true/false - default value for ]
* [ profile selection ]
* [ profiles - map<string,string> ]
*
* @return results - map
* [ STATUS - string - ok/cancel ]
* [ PROFILES - list[string] - list of selected profiles ]
* [ NEVER_ASK_AGAIN - string - true/false - mark unselected ]
* [ profiles as local only and don't prompt ]
* [ to upload ]
* [ CHANGELOG - map[string,string] - changelog data from ]
* [ UI_ChangeLog_Dialog() ]
*
**/
define map<any,any> UI_MultiProfileSelectionDialog( map<any,any> agent_data ) {
string headline = agent_data["title"]:"MISSING TITLE";
string explanation = agent_data["explanation"]:"MISSING EXPLANATION";
boolean default_select = agent_data["default_select"]:false;
boolean get_changelog = agent_data["get_changelog"]:true;
boolean disable_ask_upload = agent_data["disable_ask_upload"]:false;
map<any,any> profiles = agent_data["profiles"]:$[];
map<any,any> results = $[];
list profile_list = [];
foreach ( string profile_name, string profile_contents,
(map<string,string>) profiles, {
profile_list = add( profile_list, `item( `id(profile_name),
profile_name, default_select) );
});
term first_profile = (term) profile_list[0]:nil;
string first_profile_name = first_profile[1]:"MISSING PROFILE NAME";
string profile_rules =
(string) profiles[first_profile_name]:"MISSING CONTENTS";
string disable_ask_upload_str =
_("&Don't ask again for unselected profiles");
map ui_capabilities = UI::GetDisplayInfo();
boolean in_ncurses = ui_capabilities["TextMode"]:true;;
term profile_contents_text = nil;
term explanation_text = nil;
if ( in_ncurses ) {
profile_contents_text =
`RichText( `id(`contents),`opt(`plainText), profile_rules);
} else {
profile_contents_text =
`VBox(
`VSpacing(1.25),
`RichText( `id(`contents),`opt(`plainText), profile_rules)
);
}
term control_widgets = nil;
if ( disable_ask_upload == true ) {
control_widgets =
`VBox(
`CheckBox(`id(`disable_ask_upload), `opt(`notify),
disable_ask_upload_str),
`VSpacing(0.5),
`HBox(
`HWeight( 50, `HCenter(`PushButton(`id(`save), _("&OK")))),
`HWeight( 50, `HCenter(`PushButton(`id(`cancel),
_("&Cancel"))))
)
);
} else {
if ( in_ncurses ) {
control_widgets =
`HBox(
`HWeight( 50, `HCenter(`PushButton(`id(`save), _("&OK")))),
`HWeight( 50, `HCenter(`PushButton(`id(`cancel),
_("&Cancel"))))
);
} else {
control_widgets =
`VBox(
`VSpacing(0.5),
`HBox(
`HWeight( 50, `HCenter(`PushButton(`id(`save),
_("&OK")))),
`HWeight( 50, `HCenter(`PushButton(`id(`cancel),
_("&Cancel"))))
)
);
}
}
UI::OpenDialog(
`VBox(
`VSpacing(0.1),
`VWeight( 15, `Top(`Label(`id(`explanation), explanation))),
`VSpacing(0.2),
`VWeight( 70,
`HBox(
`VSpacing( 1 ),
`HSpacing( 0.5 ),
`Frame( `id(`select_profiles), headline,
`HBox(
`HWeight( 40, `MinSize( 30, 15,
`MultiSelectionBox( `id(`profiles),
`opt(`notify),
_("Profiles"),
profile_list) )
),
`HWeight( 60, profile_contents_text )
)
),
`HSpacing( 0.5 )
)
),
`VSpacing( 0.2 ),
`VWeight( 15, control_widgets ),
`VSpacing( 0.2 )
)
);
UI::ChangeWidget( `id(`profiles), `CurrentValue, first_profile_name );
map event2 = $[];
any id2 = nil;
repeat
{
event2 = UI::WaitForEvent ();
id2 = event2["ID"]:nil;
if ( id2 == `profiles ) {
any itemid = UI::QueryWidget( `id(`profiles), `CurrentItem );
string stritem = tostring( itemid );
string contents = profiles[stritem]:"MISSING CONTENTS";
UI::ChangeWidget( `id(`contents), `Value, contents );
}
} until ( id2 == `save || id2 == `cancel );
list selected_profiles = [];
if (id2 == `save) {
list<any> selected_items =
(list<any>) UI::QueryWidget( `id(`profiles), `SelectedItems );
integer profile_index = 0;
foreach ( any p_name, selected_items, {
selected_profiles[profile_index] = tostring( p_name );
profile_index = profile_index + 1;
});
results["STATUS"] = "ok";
if (get_changelog == true) {
map<string,any> changelog_results =
UI_ChangeLog_Dialog( $["profiles":selected_profiles] );
if ( changelog_results["STATUS"]:"cancel" == "cancel" ) {
results["STATUS"] = "cancel";
} else {
results["CHANGELOG"] = changelog_results;
results["PROFILES"] = selected_profiles;
}
} else {
results["PROFILES"] = selected_profiles;
}
if ( disable_ask_upload == true &&
((boolean) UI::QueryWidget( `id(`disable_ask_upload), `Value ))
== true ) {
results["NEVER_ASK_AGAIN"] = "true";
}
} else if ( id2 == `cancel ) {
results["STATUS"] = "cancel";
}
UI::CloseDialog();
return results;
}
/** Form_BusyFeedbackDialog
*
* @param agent_data - map - data from backend
* [ title - string - explanation of the forms use ]
*
* @return results - map
* [ STATUS - string - ok/cancel ]
*
**/
define term Form_BusyFeedbackDialog( string message ) {
//`MinSize( 10, 4, `Image(`opt(`animated), movie, "animation" ),
//`Image(`opt(`animated), movie, "animation" ),
string movie =
"/usr/share/YaST2/theme/current/animations/ticks-endless.gif";
term busy_dialog =
`HBox(
//`MinSize( 10, 4, `Image(`opt(`animated), movie, "animation" ) ),
`Image(`opt(`animated), movie, "animation" ),
`Label( message )
);
return busy_dialog;
}
define void UI_BusyFeedbackStart( map<any,any> agent_data ) {
string message = agent_data["message"]:"MISSING MESSAGE";
if ( AppArmorDialogs::busy_dialog != nil ) {
UI::CloseDialog();
}
AppArmorDialogs::busy_dialog = Form_BusyFeedbackDialog( message );
UI::OpenDialog( AppArmorDialogs::busy_dialog);
return;
}
define void UI_BusyFeedbackStop( ) {
if ( AppArmorDialogs::busy_dialog != nil ) {
UI::CloseDialog();
AppArmorDialogs::busy_dialog = nil;
}
}

220
management/yastui/src/include/subdomain/capabilities.ycp
View file

@ -1,220 +0,0 @@
/* ------------------------------------------------------------------
*
* Copyright (C) 2002-2005 Novell/SUSE
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of version 2 of the GNU General Public
* License published by the Free Software Foundation.
*
------------------------------------------------------------------*/
//
// YCP map containing definitons for Capabiltiies
//
{
textdomain "yast2-apparmor";
map<string,map> capdefs = $[
"chown" :
$[
"name" : "CAP_CHOWN",
"info" : _("<ul><li>In a system with the [_POSIX_CHOWN_RESTRICTED] option defined, this overrides the restriction of changing file ownership and group ownership.</li></ul>"),
],
"dac_override" :
$[
"name" : "CAP_DAC_OVERRIDE",
"info" : _("<ul><li>Override all DAC access, including ACL execute access if [_POSIX_ACL] is defined. Excluding DAC access covered by CAP_LINUX_IMMUTABLE.</li></ul>"),
],
"dac_read_search" :
$[
"name" : "CAP_DAC_READ_SEARCH",
"info" : _("<ul><li>Overrides all DAC restrictions regarding read and search on files and directories, including ACL restrictions if [_POSIX_ACL] is defined. Excluding DAC access covered by CAP_LINUX_IMMUTABLE. </li></ul>"),
],
"fowner" :
$[
"name" : "CAP_FOWNER",
"info" : _("<ul><li>Overrides all restrictions about allowed operations on files, where file owner ID must be equal to the user ID, except where CAP_FSETID is applicable. It doesn't override MAC and DAC restrictions. </li></ul>"),
],
"fsetid" :
$[
"name" : "CAP_FSETID",
"info" : _("<ul><li>Overrides the following restrictions that the effective user ID shall match the file owner ID when setting the S_ISUID and S_ISGID bits on that file; that the effective group ID (or one of the supplementary group IDs) shall match the file owner ID when setting the S_ISGID bit on that file; that the S_ISUID and S_ISGID bits are cleared on successful return from chown(2) (not implemented). </li></ul>"),
],
"kill" :
$[
"name" : "CAP_KILL",
"info" : _("<ul><li>Overrides the restriction that the real or effective user ID of a process sending a signal must match the real or effective user ID of the process receiving the signal.</li></ul>"),
],
"setgid" :
$[
"name" : "CAP_SETGID",
"info" : _("<ul><li>Allows setgid(2) manipulation </li> <li> Allows setgroups(2) </li> <li> Allows forged gids on socket credentials passing. </li></ul>"),
],
"setuid" :
$[
"name" : "CAP_SETUID",
"info" : _("<ul><li>Allows setuid(2) manipulation (including fsuid) </li> <li> Allows forged pids on socket credentials passing. </li></ul>"),
],
"setpcap" :
$[
"name" : "CAP_SETPCAP",
"info" : _("<ul><li> Transfer any capability in your permitted set to any pid, remove any capability in your permitted set from any pid</li></ul>"),
],
"linux_immutable" :
$[
"name" : "CAP_LINUX_IMMUTABLE",
"info" : _("<ul><li>Allow modification of S_IMMUTABLE and S_APPEND file attributes</li></ul>"),
],
"net_bind_service" :
$[
"name" : "CAP_NET_BIND_SERVICE",
"info" : _("<ul><li>Allows binding to TCP/UDP sockets below 1024 </li> <li> Allows binding to ATM VCIs below 32</li></ul>"),
],
"net_broadcast" :
$[
"name" : "CAP_NET_BROADCAST",
"info" : _("<ul><li> Allow broadcasting, listen to multicast </li></ul>"),
],
"net_admin" :
$[
"name" : "CAP_NET_ADMIN",
"info" : _("<ul><li> Allow interface configuration</li> <li> Allow administration of IP firewall, masquerading and accounting</li> <li> Allow setting debug option on sockets</li> <li> Allow modification of routing tables</li> <li> Allow setting arbitrary process / process group ownership on sockets</li> <li> Allow binding to any address for transparent proxying</li> <li> Allow setting TOS (type of service)</li> <li> Allow setting promiscuous mode</li> <li> Allow clearing driver statistics</li> <li> Allow multicasting</li> <li> Allow read/write of device-specific registers</li> <li> Allow activation of ATM control sockets </li></ul>"),
],
"net_raw" :
$[
"name" : "CAP_NET_RAW",
"info" : _("<ul><li> Allow use of RAW sockets</li> <li> Allow use of PACKET sockets </li></ul>"),
],
"ipc_lock" :
$[
"name" : "CAP_IPC_LOCK",
"info" : _("<ul><li> Allow locking of shared memory segments</li> <li> Allow mlock and mlockall (which doesn't really have anything to do with IPC) </li></ul>"),
],
"ipc_owner" :
$[
"name" : "CAP_IPC_OWNER",
"info" : _("<ul><li> Override IPC ownership checks </li></ul>"),
],
"sys_module" :
$[
"name" : "CAP_SYS_MODULE",
"info" : _("<ul><li> Insert and remove kernel modules - modify kernel without limit</li> <li> Modify cap_bset </li></ul>"),
],
"sys_rawio" :
$[
"name" : "CAP_SYS_RAWIO",
"info" : _("<ul><li> Allow ioperm/iopl access</li> <li> Allow sending USB messages to any device via /proc/bus/usb </li></ul>"),
],
"sys_chroot" :
$[
"name" : "CAP_SYS_CHROOT",
"info" : _("<ul><li> Allow use of chroot() </li></ul>"),
],
"sys_ptrace" :
$[
"name" : "CAP_SYS_PTRACE",
"info" : _("<ul><li> Allow ptrace() of any process </li></ul>"),
],
"sys_pacct" :
$[
"name" : "CAP_SYS_PACCT",
"info" : _("<ul><li> Allow configuration of process accounting </li></ul>"),
],
"sys_admin" :
$[
"name" : "CAP_SYS_ADMIN",
"info" : _("<ul><li> Allow configuration of the secure attention key</li> <li> Allow administration of the random device</li> <li> Allow examination and configuration of disk quotas</li> <li> Allow configuring the kernel's syslog (printk behaviour)</li> <li> Allow setting the domainname</li> <li> Allow setting the hostname</li> <li> Allow calling bdflush()</li> <li> Allow mount() and umount(), setting up new smb connection</li> <li> Allow some autofs root ioctls</li> <li> Allow nfsservctl</li> <li> Allow VM86_REQUEST_IRQ</li> <li> Allow to read/write pci config on alpha</li> <li> Allow irix_prctl on mips (setstacksize)</li> <li> Allow flushing all cache on m68k (sys_cacheflush)</li> <li> Allow removing semaphores</li> <li> Used instead of CAP_CHOWN to \"chown\" IPC message queues, semaphores and shared memory</li> <li> Allow locking/unlocking of shared memory segment</li> <li> Allow turning swap on/off</li> <li> Allow forged pids on socket credentials passing</li> <li> Allow setting readahead and flushing buffers on block devices</li> <li> Allow setting geometry in floppy driver</li> <li> Allow turning DMA on/off in xd driver</li> <li> Allow administration of md devices (mostly the above, but some extra ioctls)</li> <li> Allow tuning the ide driver</li> <li> Allow access to the nvram device</li> <li> Allow administration of apm_bios, serial and bttv (TV) device</li> <li> Allow manufacturer commands in isdn CAPI support driver</li> <li> Allow reading non-standardized portions of pci configuration space</li> <li> Allow DDI debug ioctl on sbpcd driver</li> <li> Allow setting up serial ports</li> <li> Allow sending raw qic-117 commands</li> <li> Allow enabling/disabling tagged queuing on SCSI controllers and sending arbitrary SCSI commands</li> <li> Allow setting encryption key on loopback filesystem </li></ul>"),
],
"sys_boot" :
$[
"name" : "CAP_SYS_BOOT",
"info" : _("<ul><li> Allow use of reboot() </li></ul>"),
],
"sys_nice" :
$[
"name" : "CAP_SYS_NICE",
"info" : _("<ul><li> Allow raising priority and setting priority on other (different UID) processes</li> <li> Allow use of FIFO and round-robin (realtime) scheduling on own processes and setting the scheduling algorithm used by another process.</li> <li> Allow setting cpu affinity on other processes </li></ul>"),
],
"sys_resource" :
$[
"name" : "CAP_SYS_RESOURCE",
"info" : _("<ul><li> Override resource limits. Set resource limits.</li> <li> Override quota limits.</li> <li> Override reserved space on ext2 filesystem</li> <li> Modify data journaling mode on ext3 filesystem (uses journaling resources)</li> <li> NOTE: ext2 honors fsuid when checking for resource overrides, so you can override using fsuid too</li> <li> Override size restrictions on IPC message queues</li> <li> Allow more than 64hz interrupts from the real-time clock</li> <li> Override max number of consoles on console allocation</li> <li> Override max number of keymaps </li></ul>"),
],
"sys_time" :
$[
"name" : "CAP_SYS_TIME",
"info" : _("<ul><li> Allow manipulation of system clock</li> <li> Allow irix_stime on mips</li> <li> Allow setting the real-time clock </li></ul>"),
],
"sys_tty_config" :
$[
"name" : "CAP_SYS_TTY_CONFIG",
"info" : _("<ul><li> Allow configuration of tty devices</li> <li> Allow vhangup() of tty </li></ul>"),
],
"mknod" :
$[
"name" : "CAP_MKNOD",
"info" : _("<ul><li> Allow the privileged aspects of mknod() </li></ul>"),
],
"lease" :
$[
"name" : "CAP_LEASE",
"info" : _("<ul><li> Allow taking of leases on files </li></ul>"),
],
];
map<string,string> linnametolp = $[
"CAP_CHOWN" : "chown",
"CAP_DAC_OVERRIDE" : "dac_override",
"CAP_DAC_READ_SEARCH" : "dac_read_search",
"CAP_FOWNER" : "fowner",
"CAP_FSETID" : "fsetid",
"CAP_KILL" : "kill",
"CAP_SETGID" : "setgid",
"CAP_SETUID" : "setuid",
"CAP_SETPCAP" : "setpcap",
"CAP_LINUX_IMMUTABLE" : "linux_immutable",
"CAP_NET_BIND_SERVICE" : "net_bind_service",
"CAP_NET_BROADCAST" : "net_broadcast",
"CAP_NET_ADMIN" : "net_admin",
"CAP_NET_RAW" : "net_raw",
"CAP_IPC_LOCK" : "ipc_lock",
"CAP_IPC_OWNER" : "ipc_owner",
"CAP_SYS_MODULE" : "sys_module",
"CAP_SYS_RAWIO" : "sys_rawio",
"CAP_SYS_CHROOT" : "sys_chroot",
"CAP_SYS_PTRACE" : "sys_ptrace",
"CAP_SYS_PACCT" : "sys_pacct",
"CAP_SYS_ADMIN" : "sys_admin",
"CAP_SYS_BOOT" : "sys_boot",
"CAP_SYS_NICE" : "sys_nice",
"CAP_SYS_RESOURCE" : "sys_resource",
"CAP_SYS_TIME" : "sys_time",
"CAP_SYS_TTY_CONFIG" : "sys_tty_config",
"CAP_MKNOD" : "mknod",
"CAP_LEASE" : "lease",
];
}

198
management/yastui/src/include/subdomain/config_complain.ycp
View file

@ -1,198 +0,0 @@
/* ------------------------------------------------------------------
*
* Copyright (C) 2002-2005 Novell/SUSE
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of version 2 of the GNU General Public
* License published by the Free Software Foundation.
*
------------------------------------------------------------------*/
{
textdomain "yast2-apparmor";
string modeHelp = _("<p><b>Profile Mode Configuration</b><br>This tool allows you to set AppArmor profiles to either complain or enforce mode.</p><p>Complain mode is a profile training state that logs application activity, but does not restrict the application's behavior.</p><p>Profiles in enforce mode are protected by AppArmor.</p>");
boolean showAll = false; // Button for showing active or all profiles
define void updateComplain(any id, string profile, string mode, boolean showAll) {
boolean error = false;
map<string,string> profCmd = $[ ];
if (id == `allEnforce || id == `allComplain) {
profCmd["all"] = "1";
} else if ( profile != "" ) {
profCmd["profile"] = profile;
} else {
Popup::Error( _("Couldn't recognize profile name: ") + profile );
return;
}
if ( id == `toggle && mode != "" ) {
// Reverse modes for toggling
if ( mode == "enforce" ) {
profCmd["mode"] = "complain";
} else if (mode == "complain") {
profCmd["mode"] = "enforce";
} else {
error = true;
Popup::Error( _("Couldn't recognize mode: ") + mode );
}
} else if ( id != `toggle ) {
profCmd["mode"] = mode;
}
if ( showAll == true ) {
profCmd["showall"] = "1";
} else {
profCmd["showall"] = "0";
}
SCR::Write(.complain, profCmd);
return;
}
define list<term> getRecordList(boolean showAll) {
map<string,string> Settings = $[ ];
Settings["list"] = "1";
if ( showAll == true ) {
Settings["showall"] = "1";
} else {
Settings["showall"] = "0";
}
list<term> recList = [];
integer key = 1;
// restarts ag_complain agent if necessary
list <map> db = nil;
while ( db == nil ) {
db = (list <map>) SCR::Read (.complain, Settings);
}
foreach ( map record, db, {
recList = add( recList, `item( `id(key), record["name"]:nil, record["mode"]:nil ));
key = key + 1;
});
return recList;
}
define term getProfModeForm(list<term> recList, boolean showAll ) {
term allBtn = `PushButton(`id(`showAll), _("Show All Profiles") );
string allText = _("Configure Mode for Active Profiles");
if ( showAll && showAll == true ) {
allBtn = `PushButton(`id(`showAct), _("Show Active Profiles") );
allText = _("Configure Mode for All Profiles");
}
term modeForm =
`Frame( `id(`changeMode), allText,
//`Frame( `id(`changeMode), _("Configure Profile Mode"),
`VBox(
`VSpacing(2),
`HBox(
`VSpacing(10),
`Table(`id(`table), `opt(`notify), `header(_("Profile Name"), _("Mode")), recList)
),
`VSpacing(0.5),
`HBox(
allBtn,
`PushButton(`id(`toggle), _("Toggle Mode") ),
`PushButton(`id(`allEnforce), _("Set All to Enforce") ),
`PushButton(`id(`allComplain), _("Set All to Complain") )
))
);
return modeForm;
}
define term updateModeConfigForm(boolean showAll) {
list<term> recList = getRecordList(showAll);
term newModeForm = getProfModeForm(recList, showAll);
return newModeForm;
}
// Profile Mode Configuration -- Sets Complain and Enforce Behavior
define symbol profileModeConfigForm() {
list<term> recList = getRecordList(showAll);
term modeForm = getProfModeForm(recList, showAll);
Wizard::SetContentsButtons( _("Profile Mode Configuration"), modeForm, modeHelp, _("Back"), _("&Done") );
map event = $[];
any id = nil;
while( true ) {
event = UI::WaitForEvent();
id = event["ID"]:nil; // We'll need this often - cache it
string profile = nil;
string mode = nil;
if ( id == `abort || id == `cancel || id == `next || id == `back ) {
break;
} else if ( id == `showAll ) {
showAll = true;
Wizard::SetContentsButtons( _("Configure Profile Mode"), updateModeConfigForm(showAll), modeHelp, _("Back"), _("&Done") );
continue;
} else if ( id == `showAct ) {
showAll = false;
Wizard::SetContentsButtons( _("Configure Profile Mode"), updateModeConfigForm(showAll), modeHelp, _("Back"), _("&Done") );
continue;
} else if ( id == `next || id == `toggle) {
integer itemselected = ((integer) UI::QueryWidget(`id(`table), `CurrentItem) );
profile = (string) select((term) UI::QueryWidget(`id(`table), `Item(itemselected)), 1, "");
mode = (string) select((term) UI::QueryWidget(`id(`table), `Item(itemselected)), 2, "");
updateComplain(id, profile, mode, showAll);
Wizard::SetContentsButtons( _("Configure Profile Mode"), updateModeConfigForm(showAll), modeHelp, _("Back"), _("&Done") );
continue;
} else if ( id == `allEnforce || id == `allComplain) {
profile = "";
if ( id == `allEnforce ) {
mode = "enforce";
} else {
mode = "complain";
}
updateComplain(id, profile, mode, showAll);
Wizard::SetContentsButtons( _("Configure Profile Mode"), updateModeConfigForm(showAll), modeHelp, _("Back"), _("&Done") );
continue;
} else if ( id == `table ) {
Popup::Message( _("Please select an action to perform from the buttons below.") );
} else {
y2error("Unexpected return code: %1", id);
break;
}
}
Wizard::CloseDialog(); // new
return (symbol) id;
}
/* EOF */
}

19
management/yastui/src/include/subdomain/event_notification_helptext.ycp
View file

@ -1,19 +0,0 @@
/* ------------------------------------------------------------------
*
* Copyright (C) 2002-2005 Novell/SUSE
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of version 2 of the GNU General Public
* License published by the Free Software Foundation.
*
------------------------------------------------------------------*/
{
textdomain "yast2-apparmor";
/* START Help Section
************************************************************/
string EventNotifyHelpText = _("The Security Event Notification screen enables you to setup email alerts for security events. In the following steps, specify how often alerts are sent, who receives the alert, and how severe the security event must be to send an alert. <br><br><b>Notification Types</b><br> <b>Terse Notification:</b> Terse notification summarizes the total number of system events without providing details. <br>For example:<br> dhcp-101.up.wirex.com has had 10 security events since Tue Oct 12 11:10:00 2004<br><br> <b>Summary Notification:</b> The Summary notification displays the logged AppArmor security events, and lists the number of individual occurrences, including the date of the last occurrence. <br>For example:<br> SubDomain: PERMITTING access to capability 'setgid' (httpd2-prefork(6347) profile /usr/sbin/httpd2-prefork active /usr/sbin/httpd2-prefork) 2 times, the latest at Sat Oct 9 16:05:54 2004.<br><br> <b>Verbose Notification:</b> The Verbose notification displays unmodified, logged AppArmor security events. It tells you every time an event occurs and writes a new line in the Verbose log. These security events include the date and time the event occurred, when the application profile permits access as well as rejects access, and the type of file permission access that is permitted or rejected. Verbose Notification also reports several messages that the logprof tool uses to interpret profiles. <br>For example:<br> Oct 9 15:40:31 SubDomain: PERMITTING r access to /etc/apache2/httpd.conf (httpd2-prefork(6068) profile /usr/sbin/httpd2-prefork active /usr/sbin/httpd2-prefork) <br<br> <ol> <li> For each notification type that you would like enabled, select the frequency of notification that you would like. For example, if you select <b>1 day</b> from the pull-down list, you will be sent daily notifications of security events, if they occur.</li> <br><br> <li> Enter the email address of those who should receive the Terse, Summary, or Verbose notifications. </li><br><br> <li>Select the lowest <b>severity level</b> for which a notification should be sent. Security events will be logged and the notifications will be sent at the time indicated by the interval when events are equal or greater than the selected severity level. If the interval is 1 day, the notification will be sent daily, if security events occur.<br><br> <b>Severity Levels:</b> These are numbered one through ten, ten being the most severe security incident. The <b>severity.db</b> file defines the severity level of potential security events. The severity levels are determined by the importance of different security events, such as certain resources accessed or services denied.</li> <li>Select <b>Include unknown security events</b> if you would like to include events that are not rated with a severity number.</li> </ol>");
}

1085
management/yastui/src/include/subdomain/profile_dialogs.ycp
View file

File diff suppressed because it is too large Load diff

56
management/yastui/src/include/subdomain/report_helptext.ycp
View file

@ -1,56 +0,0 @@
/* ------------------------------------------------------------------
*
* Copyright (C) 2002-2005 Novell/SUSE
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of version 2 of the GNU General Public
* License published by the Free Software Foundation.
*
------------------------------------------------------------------*/
{
textdomain "yast2-apparmor";
string setArchHelp = _("The Report Configuration dialog enables you to filter the archived report selected in the previous screen. To filter by <b>Date Range:</b><br><br> <ol> <li>Click <b>Filter By Date Range</b>. The fields become active. <li>Enter the start and end dates that delineate the scope of the report. <li>Enter other filtering parameters. See below for definitions of parameters. </ol> The following definitions help you to enter the filtering parameters in the Report Configuration Dialog: <br><br> <b>Program Name Pattern:</b> When you enter a program name or pattern that matches the name of the binary executable of the program of interest, the report will display security events that have occurred for a specific program.<br><br> <b>Profile Name Pattern:</b> When you enter the name of the profile, the report will display the security events that are generated for the specified profile. You can use this to see what is being confined by a specific profile.<br><br> <b>PID Number:</b> Process ID number is a number that uniquely identifies one specific process or running program (this number is valid only during the lifetime of that process).<br><br> <b>Severity Level:</b> Select the lowest severity level for security events that you would like to be included in the report. The selected severity level, and above, will be included in the reports.<br><br> <b>Detail:</b> A source to which the profile has denied access. This includes capabilities and files. You can use this field to report the resources are not allowed to be accessed by profiles.<br><br> <b>Mode:</b> The Mode is the permission that the profile grants to the program or process to which it is applied. The options are: r (read) w (write) l (link) x (execute)<br><br> <b>Access Type:</b> The access type describes what is actually happening with the security event. The options are: PERMITTING, REJECTING, or AUDITING.<br><br> <b>CSV or HTML:</b> Enables you to export a CSV (comma separated values) or html file. The CSV file separates pieces of data in the log entries with commas using a standard data format for importing into table-oriented applications. You can enter a pathname for your exported report by typing in the full pathname in the field provided.");
string runHelp = _("The AppArmor On-Demand Report screen displays an instantly generated version of one of the following reports. <b>Executive Security Summary:</b> A combined report, consisting of one or more Security incident reports from one or more machines. This report provides a single view of security events on multiple machines.<br><br> <b>Applications Audit Report:</b> An auditing tool that reports which application servers are running and whether the applications are confined by AppArmor. Application servers are applications that accept incoming network connections. <br><br> <b>Security Incident Report:</b> A report that displays application security for a single host. It reports policy violations for locally confined applications during a specific time period. You can edit and customize this report, or add new versions.");
string filterCfHelp1 = _("The Report Configuration dialog enables you to filter the report selected in the previous screen. To filter by <b>Date Range:</b><br><br> <ol> <li>Click <b>Filter By Date Range</b>. The fields become active. <li>Enter the start and end dates that delineate the scope of the report. <li>Enter other filtering parameters. See below for definitions of parameters. </ol> The following definitions help you to enter the filtering parameters in the Report Configuration Dialog: <b>Program Name Pattern:</b> When you enter a program name or pattern that matches the name of the executable process of interest, the report will display security events that have occurred for a specific program.<br><br> <b>Profile Name Pattern:</b> When you enter the name of the security profile that is applied to the rocess, the report will display the security events that are generated for the specified profile. You can use this to see what is being confined by a specific profile.<br><br> <b>PID Number:</b> Process ID number is a number that uniquely identifies one specific process or running program (this number is valid only during the lifetime of that process).<br><br> <b>Severity Level:</b> Select the lowest severity level for security events that you would like to be included in the report. The selected severity level, and above, will be included in the reports.<br><br> <b>Detail:</b> A source to which the profile has denied access. This includes capabilities and files. You can use this field to report the resources are not allowed to be accessed by profiles.<br><br> <b>Mode:</b> The Mode is the permission that the profile grants to the program or process to which it is applied. The options are: r (read) w (write) l (link) x (execute)<br><br> <b>Access Type:</b> The access type describes what is actually happening with the security event. The options are: PERMITTING, REJECTING, or AUDITING.<br><br> <b>CSV or HTML:</b> Enables you to export a CSV (comma separated values) or html file. The CSV file separates pieces of data in the log entries with commas using a standard data format for importing into table-oriented applications. You can enter a pathname for your exported report by typing in the full pathname in the field provided.<br><br>");
/* START Help Section
************************************************************/
string repGenHelpText = _("<b>Generate Reports Help</b> <p>If there were, in fact, going to be any help for you (which, incidentally, there isn't going to be), then you would indeed find said help, here.<p> Thank you for your time, and have a nice day.");
string schedHelpText =
_("The summary of scheduled reports page shows us when reports are scheduled to run. Reports can be set to run monthly, weekly, daily, or hourly. The default settings are daily at midnight. The reports can also be emailed, upon completion, to up to three email recipients.<br><br> In the Set Schedule section, you can schedule the following three types of security reports:<br><br> <b>Executive Security Summary:</b> A combined report, consisting of one or more Security incident reports from one or more machines. This report provides a single view of security events on multiple machines.<br><br> <b>Applications Audit Report:</b> An auditing tool that reports which application servers are running and whether the applications are confined by AppArmor. Application servers are applications that accept incoming network connections. <br><br> <b>Security Incident Report:</b> A report that displays application security for a single host. It reports policy violations for locally confined applications during a specific time period. You can edit and customize this report, or add new versions.");
string archHelpText = _(" The View Archive Reports form enables you to view previously generated reports, located in the /var/log/apparmor/reports-archived directory. The checkboxes at the top of the form enable you to narrow-down the category of reports shown in the list to the following: SIR Reports, AUD Reports, or ESS Reports. To see report details, select a report and click the <b>View</b> button.<br><br> You can view reports from one or more systems if you move the reports to the /var/log/apparmor/reports-archived directory.");
string mainHelp = schedHelpText;
list helpList = [ schedHelpText ];
term defaultHelp = `RichText ( schedHelpText );
term schedHelp = `RichText ( schedHelpText );
term repGenHelp = `RichText ( repGenHelpText );
term archHelp = `RichText ( archHelpText );
term otherHelp = `RichText ( archHelpText );
string repConfHelp = _("repConfHelp");
string sirHelp = _("<b>Security Incident Report (SIR):</b> A report that displays security events of interest to an administrator. The SIR reports policy violations for locally confined applications during the specified time period. The SIR reports policy exceptions and policy engine state changes. These two types of security events are defined as follows: <ul> <li><b>Policy Exceptions:</b> When an application requests a resource that's not defined within its profile, a security event is generated. <li><b>Policy Engine State Changes:</b> Enforces policy for applications and maintains its own state, including when engines start or stop, when a policy is reloaded, and when global security feature are enabled or disabled. </ul> Select the report from the archive, then <b>View</b> to see the report details.");
string audHelp = _("<b>Applications Audit Report (AUD):</b> An auditing tool that reports which application servers are running and whether they are confined by AppArmor. Application servers are applications that accept incoming network connections. This report provides the host machine's IP Address, the date the Applications Audit Report ran, the name and path of the unconfined program or application server, the suggested profile or a placeholder for a profile for an unconfined program, the process ID number, The state of the program (confined or unconfined), and the type of confinement that the profile is performing (enforce/complain).<br><br> ");
string essHelp = _("<b>Executive Security Summary (ESS):</b> A combined report, consisting of one or more high-level reports from one or more machines. This report can provide a single view of security events on multiple machines if each machine's data is copied to the reports archive directory, which is <b>/var/log/apparmor/reports-archived</b>. This report provides the host machine's IP address, the start and end dates of the polled events, total number of rejects, total number of events, average of severity levels reported, and the highest severity level reported. One line of the ESS report represents a range of SIR reports.<br><br> ");
}

306
management/yastui/src/include/subdomain/reporting_archived_dialogs.ycp
View file

@ -1,306 +0,0 @@
/* ------------------------------------------------------------------
*
* Copyright (C) 2002-2005 Novell/SUSE
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of version 2 of the GNU General Public
* License published by the Free Software Foundation.
*
------------------------------------------------------------------*/
{
import "Wizard";
import "Popup";
include "subdomain/report_helptext.ycp";
include "subdomain/reporting_utils.ycp";
textdomain "yast2-apparmor";
// Global
integer timeout_millisec = 20 * 1000;
//define term turnReportPage (integer curPage) {
define term turnArchReportPage (integer curPage, integer lastPage) {
map<string,string> Settings = $[ ];
list<term> reportList = [];
string currentPage = tostring( curPage );
string slastPage = tostring( lastPage );
Settings["page"] = currentPage;
Settings["turnArch"] = "1";
Settings["turnPage"] = "1";
reportList = getReportList("sir",Settings);
// poor i18n
string myLabel = _("Archived Security Incident Report - Page ") + currentPage + _(" of ") + slastPage;
term odForm =
`Frame( `id(`odframe), myLabel,
`VBox(
`HBox(
`VSpacing(10),
makeSirTable(reportList),
`VSpacing(0.5)
),
`HSpacing(`opt(`hstretch), 1.0),
`VSpacing(0.5),
`HBox(
`PushButton(`id(`first), _("F&irst") ),
`PushButton(`id(`prev), _("&Previous") ),
`PushButton(`id(`psort), _("&Sort") ),
`PushButton(`id(`fwd), _("&Forward") ),
`PushButton(`id(`last), _("&Last") )
),
`VSpacing(1)
));
return odForm;
}
define term filterArchForm() {
string expPath = "/var/log/apparmor/reports-exported";
term arForm =
`Top(`VBox(
`Left( `CheckBox( `id(`bydate), `opt(`notify), _("Filter By Date Range") )),
`Frame( `id(`bydate_frame), _(" Select Date Range ") ,
`VBox(
`Label( _("Enter Starting Date/Time") ),
`HBox(
`HSpacing( `opt(`hstretch), 1),
`IntField(`id(`startHours), _("Hours"), 0, 23, 0),
`IntField(`id(`startMins), _("Minutes"), 0, 59, 0),
`IntField(`id(`startDay), _("Day"), 1, 31, 1),
`IntField(`id(`startMonth), _("Month"), 1, 12, 1),
`IntField(`id(`startYear), _("Year"), 2005, 2020, 2005)
),
`VSpacing(1.0),
`Label( _("Enter Ending Date") ),
`HBox(
`HSpacing( `opt(`hstretch), 1),
`IntField(`id(`endHours), _("Hours"), 0, 23, 0),
`IntField(`id(`endMins), _("Minutes"), 0, 59, 0),
`IntField(`id(`endDay), _("Day"), 1, 31, 1),
`IntField(`id(`endMonth), _("Month"), 1, 12, 1),
`IntField(`id(`endYear), _("Year"), 2005, 2020, 2005)
),
`VSpacing(1.0)
)),
`VSpacing( 1.0 ),
`HBox(
`HWeight( 4, `TextEntry(`id(`prog), _("Program name") )),
`HWeight( 4, `TextEntry(`id(`prof), _("Profile name") )),
`HWeight( 3, `TextEntry(`id(`pid), _("PID number") )),
`HWeight( 2,
`ComboBox(`id(`sev), _("Severity"), [
_("All"), _("U"), "00", "01", "02", "03", "04", "05", "06", "07", "08", "09", "10"
]) ),
`HSpacing( `opt(`hstretch), 5)
),
`HBox(
`HWeight( 3, `TextEntry(`id(`res), _("Detail") )),
`HWeight( 3, `ReplacePoint(`id(`replace_sdmode), `PushButton(`id(`sdmode), _("Access Type: R") ))),
`HWeight( 3, `ReplacePoint(`id(`replace_mode), `PushButton(`id(`mode), _("Mode: All") ))),
`HSpacing( `opt(`hstretch), 5)
),
`VSpacing( 0.5 ),
`HBox(
`VSpacing(0.5),
`ComboBox(`id(`expType), `opt(`notify, `immediate), _("Export Type"), [
_("None"), _("csv"), _("html"), _("Both")
]),
`TextEntry(`id(`expPath), _("Location to store log."), expPath ),
`Bottom( `VWeight( 1, `PushButton(`id(`accept), _("&Accept")) )),
`Bottom( `VWeight( 1, `PushButton(`id(`browse), _("&Browse")) ))
)
));
return arForm;
}
define map<any,any> setArchFilter() {
map<any,any> Settings = $[];
term archForm = filterArchForm();
Wizard::SetContentsButtons( _("Report Configuration Dialog"), archForm,
setArchHelp, _("Back"), _("&Next") );
UI::ChangeWidget(`id(`bydate_frame), `Enabled, false);
string mode = "All";
string sdmode = "R";
map event = $[];
any id = nil;
while ( true ) {
event = UI::WaitForEvent( timeout_millisec );
id = event["ID"]:nil; // We'll need this often - cache it
if ( id == `bydate ) {
UI::ChangeWidget(`id(`bydate_frame), `Enabled, true);
} else if ( id == `next || id == `save ) {
boolean bydate = (boolean) UI::QueryWidget(`id(`bydate), `Value);
if ( bydate == true ) {
integer startDay = (integer) UI::QueryWidget(`id(`startDay), `Value);
integer startMonth = (integer) UI::QueryWidget(`id(`startMonth), `Value);
integer startYear = (integer) UI::QueryWidget(`id(`startYear), `Value);
integer startHours = (integer) UI::QueryWidget(`id(`startHours), `Value);
integer startMins = (integer) UI::QueryWidget(`id(`startMins), `Value);
integer endDay = (integer) UI::QueryWidget(`id(`endDay), `Value);
integer endMonth = (integer) UI::QueryWidget(`id(`endMonth), `Value);
integer endYear = (integer) UI::QueryWidget(`id(`endYear), `Value);
integer endHours = (integer) UI::QueryWidget(`id(`endHours), `Value);
integer endMins = (integer) UI::QueryWidget(`id(`endMins), `Value);
// start_day & start_month are mutually exclusive
if ( id == `startDay ) {
UI::ChangeWidget(`id(`startMonth), `Value, 0);
} else if ( id == `startMonth ) {
UI::ChangeWidget(`id(`startDay), `Value, 0);
}
// start_day & start_month are mutually exclusive
if ( id == `endDay ) {
UI::ChangeWidget(`id(`endMonth), `Value, 0);
} else if ( id == `endMonth ) {
UI::ChangeWidget(`id(`endDay), `Value, 0);
}
if ( CheckDate(startDay,startMonth,startYear) == false ) {
Popup::Error( _("Illegal start date entered. Please retry.") );
continue;
}
if ( CheckDate(endDay,endMonth,endYear) == false ) {
Popup::Error( _("Illegal end date entered. Please retry.") );
continue;
}
////////////////////////////////////////////////////////////
string startday = tostring(startDay);
string startmonth = tostring(startMonth);
string startyear = tostring(startYear);
string starthours = tostring(startHours);
string startmins = tostring(startMins);
string endday = tostring(endDay);
string endmonth = tostring(endMonth);
string endyear = tostring(endYear);
string endhours = tostring(endHours);
string endmins = tostring(endMins);
Settings["startday"] = startday;
Settings["startmonth"] = startmonth;
Settings["startyear"] = startyear;
Settings["endday"] = endday;
Settings["endmonth"] = endmonth;
Settings["endyear"] = endyear;
Settings["starttime"] = starthours + ":" + startmins;
Settings["endtime"] = endhours + ":" + endmins;
}
string expType = (string) UI::QueryWidget(`id(`exportType), `Value);
string expPath = (string) UI::QueryWidget(`id(`exportPath), `Value);
if ( expType != "" && expType != "None" ) {
if ( expType == "csv" ) {
Settings["exporttext"] = "true";
} else if ( expType == "html" ) {
Settings["exporthtml"] = "true";
} else if ( expType == "both" ) {
Settings["exporttext"] = "true";
Settings["exporthtml"] = "true";
}
}
string program_name = (string) UI::QueryWidget(`id(`prog), `Value);
string profile = (string) UI::QueryWidget(`id(`prof), `Value);
string pid = (string) UI::QueryWidget(`id(`pid), `Value);
string sev = (string) UI::QueryWidget(`id(`sev), `Value);
string res = (string) UI::QueryWidget(`id(`res), `Value);
string sdmode = (string) UI::QueryWidget(`id(`sdmode), `Label);
string mode = (string) UI::QueryWidget(`id(`mode), `Label);
string exppath = (string) UI::QueryWidget(`id(`expPath), `Value);
if (sdmode == "-") { sdmode = "All"; }
if (mode == "-") { mode = "All"; }
if ( program_name != "" ) { Settings["prog"] = program_name; }
if ( profile != "" ) { Settings["profile"] = profile; }
if ( pid != "" ) { Settings["pid"] = pid; }
if ( sev != "" && sev != "All" ) { Settings["severity"] = sev; }
if ( res != "" ) { Settings["resource"] = res; }
if ( sdmode != "" ) { Settings["sdmode"] = sdmode; }
if ( mode != "" ) { Settings["mode"] = mode; }
if ( exppath != "" ) { Settings["exportPath"] = exppath; }
id = nil;
break;
} else if ( id == `sdmode ) {
sdmode = popUpSdMode();
Settings["sdmode"] = sdmode;
UI::ReplaceWidget(`id(`replace_sdmode), `PushButton(`id(`sdmode), _("Access Type: ") + sdmode) );
} else if ( id == `mode ) {
mode = popUpMode();
Settings["mode"] = mode;
UI::ReplaceWidget(`id(`replace_mode), `PushButton(`id(`mode), _("Mode: ") + mode) );
} else if ( id == `abort || id == `cancel || id == `done ) {
Settings["break"] = "abort";
break;
} else if ( id == `close || id == `back) {
Settings["break"] = "back";
break;
}
}
return Settings;
}
define term viewArchForm(string tab, string logFile, map<any,any> Settings) {
Settings["archRep"] = "1";
Settings["logFile"] = logFile;
Settings["type"] = "archRep";
integer curPage = 1;
string currentPage = "1";
Settings["currentPage"] = currentPage;
integer isingle = Settings["single"]:1;
string single = "1";
if ( isingle != nil ) {
single = tostring(isingle);
}
Settings["single"] = single;
// mark - new
any junk = SCR::Read(.logparse,Settings);
integer lastPage = getLastPage("sirRep",Settings,"");
term myPage = turnArchReportPage(curPage,lastPage);
return myPage;
}
}

2470
management/yastui/src/include/subdomain/reporting_dialogues.ycp
View file

File diff suppressed because it is too large Load diff

608
management/yastui/src/include/subdomain/reporting_utils.ycp
View file

@ -1,608 +0,0 @@
/* ------------------------------------------------------------------
*
* Copyright (C) 2002-2005 Novell/SUSE
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of version 2 of the GNU General Public
* License published by the Free Software Foundation.
*
------------------------------------------------------------------*/
{
import "Wizard";
import "Popup";
include "subdomain/report_helptext.ycp";
textdomain "yast2-apparmor";
define boolean checkEventDb() {
boolean dbActivated = false;
map<string,string> args = $[];
args["checkDb"] = "1";
any dbCheck = (any) SCR::Read( .reports_parse, args);
integer dbOn = tointeger(dbCheck);
if ( dbOn == 1 ) {
dbActivated = true;
}
return dbActivated;
}
define boolean findDupe(string name) {
boolean unique = false;
map<string,string> args = $[ ];
args["name"] = name;
args["getdupe"] = "1";
any aDupe = (any) SCR::Read (.reports_sched, args );
if ( aDupe == "" || aDupe == nil ) {
unique = true; // bad, but try for a non-breaking failure
} else if ( aDupe == 1 ) {
unique = false;
} else {
unique = true;
}
return unique;
}
define string unI18n(string weekday) {
if ( weekday == _("Mon") ) { weekday = "Mon"; }
if ( weekday == _("Tue") ) { weekday = "Tue"; }
if ( weekday == _("Wed") ) { weekday = "Wed"; }
if ( weekday == _("Thu") ) { weekday = "Thu"; }
if ( weekday == _("Fri") ) { weekday = "Fri"; }
if ( weekday == _("Sat") ) { weekday = "Sat"; }
if ( weekday == _("Sun") ) { weekday = "Sun"; }
return weekday;
}
/* Possible 'type's for getLastPage() && getLastSirPage()
- displayArchForm(): type = sirRep || audRep || essRep
- displayRunForm(): type = sir || aud || ess
*/
// Return last page number of post-filtered report
define integer getLastPage(string type, map Settings, string name) {
if ( type == "sir" || type == "sirRep" ) {
if ( name != nil && name != "" ) {
Settings["name"] = name;
} else {
y2error(_("No name provided for retrieving SIR report page count."));
return 1; // return a page count of 1
}
}
Settings["type"] = type;
Settings["getLastPage"] = "1";
map<any,any> page = $[];
page = (map) SCR::Read (.reports_parse, Settings);
integer lastPage = page["numPages"]:1;
return lastPage;
}
define boolean CheckDate( integer day, integer month, integer year ) ``{
list mdays = [ 31, 28, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31 ];
boolean ret = true;
if (year == nil || month == nil || day == nil)
return false;
ret = ret && month>=1 && month<=12;
if( year%4==0 && (year%100!=0 || year%400==0)) {
mdays[1] = 29;
}
ret = ret && day>=1 && day<=mdays[month-1]:0;
ret = ret && year>=1970 && year<2032;
return( ret );
}
// Make the table for displaying report data
define term makeSirTable (list reportList) {
term myTable =
`Table(`id(`table), `opt(`keepSorting, `immediate ), `header(_("Host"),
_("Date"), _("Program"), _("Profile"), _("PID"), _("Severity"),
_("Mode Request"), _("Mode Deny"), _("Detail"), _("Event Type"),
_("Operation"), _("Attribute"), _("Additional Name"), _("Net Family"),
_("Net Protocol"), _("Net Socket Type")), reportList
);
return myTable;
}
define integer popUpGoto(integer lastPage) {
UI::OpenDialog(
`VBox(
`HBox(
`TextEntry(`id(`gotoPage), _("Enter a Page to Move to."), "")
),
`HBox(
`PushButton(`id(`abort), `opt(`notify), _("&Abort") ),
`PushButton(`id(`save), `opt(`notify), _("&Save") )
)
)
);
map event = $[];
any id = nil;
integer igoto = nil;
while( true ) {
event = UI::WaitForEvent();
id = event["ID"]:nil;
if ( id == `abort || id == `close || id == `cancel ) {
break;
} else if ( id == `save ) {
any agoto = UI::QueryWidget(`id(`gotoPage), `Value);
igoto = tointeger(agoto);
if ( igoto == nil || igoto < 1 || igoto > lastPage ) {
Popup::Message("You must enter a value between 1 and " + lastPage + ".");
} else {
break;
}
}
}
UI::CloseDialog();
return igoto;
}
define string getSortId(string type, any sortId) {
string sortKey = "";
if ( type == "aud" || type == "audRep") {
if ( sortId == 0 ) {
sortKey = "prog";
} else if ( sortId == 1 ) {
sortKey = "profile";
} else if ( sortId == 2 ) {
sortKey = "pid";
} else if ( sortId == 3 ) {
sortKey = "state";
} else if ( sortId == 4 ) {
sortKey = "type";
}
} else if (type == "ess" || type == "essRep" ) {
if ( sortId == 0 ) {
sortKey = "host";
} else if ( sortId == 1 ) {
//sortKey = "date";
sortKey = "numRejects";
} else if ( sortId == 2 ) {
sortKey = "numEvents";
} else if ( sortId == 3 ) {
sortKey = "sevMean";
} else if ( sortId == 4 ) {
sortKey = "sevHi";
}
} else {
if ( sortId == 0 ) {
sortKey = "host";
} else if ( sortId == 1 ) {
//sortKey = "date";
sortKey = "time";
} else if ( sortId == 2 ) {
sortKey = "prog";
} else if ( sortId == 3 ) {
sortKey = "profile";
} else if ( sortId == 4 ) {
sortKey = "pid";
} else if ( sortId == 5 ) {
sortKey = "resource";
} else if ( sortId == 6 ) {
sortKey = "severity";
} else if ( sortId == 7 ) {
sortKey = "sdmode";
} else if ( sortId == 8 ) {
sortKey = "mode";
}
}
return sortKey;
}
// Get the name of the filter (header column) to sort by
define string popUpSort(string type) {
term btnList = nil;
if ( type == "aud" || type == "audRep") {
btnList =
`VBox(
`Left(`RadioButton(`id(0), _("Program") )),
`Left(`RadioButton(`id(1), _("Profile") )),
`Left(`RadioButton(`id(2), _("PID") )),
`Left(`RadioButton(`id(3), _("State") )),
`Left(`RadioButton(`id(4), _("Type") ))
);
} else if (type == "ess" || type == "essRep" ) {
btnList =
`VBox(
`Left(`RadioButton(`id(0), _("Host") )),
`Left(`RadioButton(`id(1), _("Num. Rejects") )),
`Left(`RadioButton(`id(2), _("Num. Events") )),
`Left(`RadioButton(`id(3), _("Ave. Sev") )),
`Left(`RadioButton(`id(4), _("High Sev") ))
);
} else {
btnList =
`VBox(
// Sorting by host is no longer meaningful (due to sql changes)
//`Left(`RadioButton(`id(0), _("Host") )),
`Left(`RadioButton(`id(1), _("Date") )),
`Left(`RadioButton(`id(2), _("Program") )),
`Left(`RadioButton(`id(3), _("Profile") )),
`Left(`RadioButton(`id(4), _("PID") )),
`Left(`RadioButton(`id(5), _("Detail") )),
`Left(`RadioButton(`id(6), _("Severity") )),
`Left(`RadioButton(`id(7), _("Access Type") )),
`Left(`RadioButton(`id(8), _("Mode") ))
);
}
UI::OpenDialog(
`VBox(
`HBox(
//`HSpacing( `opt(`vstretch), 0.5),
`RadioButtonGroup(`id(`sortKey),
btnList
)
),
`HBox(
`PushButton(`id(`abort), _("&Abort") ),
`PushButton(`id(`save), _("&Save") )
)
)
);
map event = $[];
any id = nil;
string sortKey = nil;
while( true ) {
event = UI::WaitForEvent();
id = event["ID"]:nil; // We'll need this often - cache it
if ( id == `abort || id == `cancel || id == `close) {
break;
} else if (id == `save ) {
any sortId = UI::QueryWidget(`id(`sortKey), `CurrentButton);
/* sortKey needs to match the hash reference names in parseEventLog()
&& sortRecords() in Immunix::Reports.pm */
sortKey = getSortId(type,sortId);
break;
}
}
UI::CloseDialog();
return sortKey;
}
// Mode
define string popUpMode() {
string checkMode = (string) UI::QueryWidget(`id(`mode), `Label);
list splitMode = splitstring (checkMode, " ");
string myMode = splitMode[size(splitMode)-1]:"All";
UI::OpenDialog(
`VBox(
`HBox(
`CheckBox(`id(`clear), `opt(`notify, `immediate ), _("All"), true),
`CheckBox(`id(`read), `opt(`notify, `immediate ), _("Read"), false),
`CheckBox(`id(`write), `opt(`notify, `immediate ), _("Write"), false),
`CheckBox(`id(`link), `opt(`notify, `immediate ), _("Link"), false),
`CheckBox(`id(`exec), `opt(`notify, `immediate ), _("Execute"), false),
`CheckBox(`id(`mmap), `opt(`notify, `immediate ), _("MMap"), false)
),
`HBox(
`PushButton(`id(`cancel), _("&Cancel") ),
`PushButton(`id(`save), _("&Save") )
)
)
);
integer isall = search( myMode, "All");
if ( isall != nil && isall >= 0 ) {
UI::ChangeWidget(`id(`clear), `Value, false);
UI::ChangeWidget(`id(`read), `Value, true);
UI::ChangeWidget(`id(`write), `Value, true);
UI::ChangeWidget(`id(`link), `Value, true);
UI::ChangeWidget(`id(`exec), `Value, true);
UI::ChangeWidget(`id(`mmap), `Value, true);
} else {
if ( search( myMode, "r") != nil ) {
UI::ChangeWidget(`id(`clear), `Value, false);
UI::ChangeWidget(`id(`read), `Value, true);
}
if ( search( myMode, "w") != nil ) {
UI::ChangeWidget(`id(`clear), `Value, false);
UI::ChangeWidget(`id(`write), `Value, true);
}
if ( search( myMode, "l") != nil ) {
UI::ChangeWidget(`id(`clear), `Value, false);
UI::ChangeWidget(`id(`link), `Value, true);
}
if ( search( myMode, "x") != nil ) {
UI::ChangeWidget(`id(`clear), `Value, false);
UI::ChangeWidget(`id(`exec), `Value, true);
}
if ( search( myMode, "m") != nil ) {
UI::ChangeWidget(`id(`clear), `Value, false);
UI::ChangeWidget(`id(`mmap), `Value, true);
}
}
string mode = "";
map event = $[];
any id = nil;
while( true ) {
event = UI::WaitForEvent();
id = event["ID"]:nil; // We'll need this often - cache it
if ( id == `clear) {
if ( UI::QueryWidget(`id(`clear), `Value) == true ) {
UI::ChangeWidget(`id(`read), `Value, false);
UI::ChangeWidget(`id(`write), `Value, false);
UI::ChangeWidget(`id(`link), `Value, false);
UI::ChangeWidget(`id(`exec), `Value, false);
UI::ChangeWidget(`id(`mmap), `Value, false);
mode = "All";
}
} else if ( id == `read || id == `write || id == `link || id == `exec || id == `mmap ) {
if ( UI::QueryWidget(`id(`read), `Value) == true ) {
UI::ChangeWidget(`id(`clear), `Value, false);
} else if ( UI::QueryWidget(`id(`write), `Value) == true ) {
UI::ChangeWidget(`id(`clear), `Value, false);
} else if ( UI::QueryWidget(`id(`link), `Value) == true ) {
UI::ChangeWidget(`id(`clear), `Value, false);
} else if ( UI::QueryWidget(`id(`exec), `Value) == true ) {
UI::ChangeWidget(`id(`clear), `Value, false);
} else if ( UI::QueryWidget(`id(`mmap), `Value) == true ) {
UI::ChangeWidget(`id(`link), `Value, false);
}
} else if ( id == `abort || id == `cancel || id == `close) {
mode = myMode;
break;
} else if ( id == `save ) {
if ( UI::QueryWidget(`id(`clear), `Value) == true ) {
mode = "All";
} else {
list<string> sdList = [];
if ( UI::QueryWidget(`id(`read), `Value) == true ) { sdList = add(sdList, "r"); }
if ( UI::QueryWidget(`id(`write), `Value) == true ) { sdList = add(sdList, "w"); }
if ( UI::QueryWidget(`id(`link), `Value) == true ) { sdList = add(sdList, "l"); }
if ( UI::QueryWidget(`id(`exec), `Value) == true ) { sdList = add(sdList, "x"); }
if ( UI::QueryWidget(`id(`mmap), `Value) == true ) { sdList = add(sdList, "m"); }
foreach ( string perm, sdList, { mode = mode + perm; });
}
break;
}
}
UI::CloseDialog();
return mode;
}
// Access Type - SD Mode
define string popUpSdMode() {
string checkMode = (string) UI::QueryWidget(`id(`sdmode), `Label);
checkMode = filterchars(checkMode, "APRl");
list splitMode = splitstring (checkMode, " ");
string mySdMode = splitMode[size(splitMode)-1]:"R";
UI::OpenDialog(
`VBox(
`HBox(
`CheckBox(`id(`clear), `opt(`notify, `immediate ), _("All"), false),
`CheckBox(`id(`permit), `opt(`notify, `immediate ), _("Permit"), false),
`CheckBox(`id(`reject),`opt(`notify, `immediate ), _("Reject"), false),
`CheckBox(`id(`audit),`opt(`notify, `immediate ), _("Audit"), false)
),
`HBox(
`PushButton(`id(`cancel), `opt(`notify), _("&Cancel") ),
`PushButton(`id(`save), `opt(`notify), _("&Save") )
)
)
);
if ( mySdMode == "P") {
UI::ChangeWidget(`id(`clear), `Value, false);
UI::ChangeWidget(`id(`permit), `Value, true);
} else if ( mySdMode == "R") {
UI::ChangeWidget(`id(`clear), `Value, false);
UI::ChangeWidget(`id(`reject), `Value, true);
} else if ( mySdMode == "A") {
UI::ChangeWidget(`id(`clear), `Value, false);
UI::ChangeWidget(`id(`audit), `Value, true);
} else if ( mySdMode == "PR" ) {
UI::ChangeWidget(`id(`clear), `Value, false);
UI::ChangeWidget(`id(`permit), `Value, true);
UI::ChangeWidget(`id(`reject), `Value, true);
} else if (mySdMode == "PA" ) {
UI::ChangeWidget(`id(`clear), `Value, false);
UI::ChangeWidget(`id(`permit), `Value, true);
UI::ChangeWidget(`id(`audit), `Value, true);
} else if (mySdMode == "PRA" ) {
UI::ChangeWidget(`id(`clear), `Value, false);
UI::ChangeWidget(`id(`permit), `Value, true);
UI::ChangeWidget(`id(`reject), `Value, true);
UI::ChangeWidget(`id(`audit), `Value, true);
} else if (mySdMode == "RA" ) {
UI::ChangeWidget(`id(`clear), `Value, false);
UI::ChangeWidget(`id(`reject), `Value, true);
UI::ChangeWidget(`id(`audit), `Value, true);
} else if ( mySdMode == "All" ) {
UI::ChangeWidget(`id(`clear), `Value, true);
UI::ChangeWidget(`id(`permit), `Value, false);
UI::ChangeWidget(`id(`reject), `Value, false);
UI::ChangeWidget(`id(`audit), `Value, false);
}
string sdMode = "";
map event = $[];
any id = nil;
while( true ) {
event = UI::WaitForEvent();
id = event["ID"]:nil;
if ( id == `clear) {
if ( UI::QueryWidget(`id(`clear), `Value) == true ) {
UI::ChangeWidget(`id(`permit), `Value, false);
UI::ChangeWidget(`id(`reject), `Value, false);
UI::ChangeWidget(`id(`audit), `Value, false);
sdMode = "All";
}
} else if ( id == `permit || id == `reject || id == `audit ) {
if ( UI::QueryWidget(`id(`permit), `Value) == true ) {
UI::ChangeWidget(`id(`clear), `Value, false);
} else if ( UI::QueryWidget(`id(`reject), `Value) == true ) {
UI::ChangeWidget(`id(`clear), `Value, false);
} else if ( UI::QueryWidget(`id(`audit), `Value) == true ) {
UI::ChangeWidget(`id(`clear), `Value, false);
}
} else if ( id == `cancel ) {
sdMode = mySdMode;
break;
} else if ( id == `save ) {
if ( UI::QueryWidget(`id(`clear), `Value) == true ) {
sdMode = "All";
} else {
sdMode = "";
list<string> mList = [];
if ( UI::QueryWidget(`id(`permit), `Value) == true ) { mList = add(mList, "P"); }
if ( UI::QueryWidget(`id(`reject), `Value) == true ) { mList = add(mList, "R"); }
if ( UI::QueryWidget(`id(`audit), `Value) == true ) { mList = add(mList, "A"); }
foreach ( string state, mList, { sdMode = sdMode + state; });
}
break;
}
}
UI::CloseDialog();
return sdMode;
}
/* For On Demand Reports
- Returns list of terms corresponding to the type of report
***********************************************************************/
define list<term> getReportList(string type, map Settings) {
list<term> reportList = [];
if ( type == "aud" ) {
list <map> db = (list <map>) SCR::Read (.reports_confined, Settings);
integer key = 1;
foreach ( map repdata, db, {
reportList = add( reportList, `item( `id(key), repdata["host"]:nil, repdata["date"]:nil,
repdata["prog"]:nil, repdata["prof"]:nil, repdata["pid"]:nil, repdata["state"]:nil,
repdata["type"]:nil ));
key = key + 1;
});
} else if ( type == "ess" ) {
list <map> db = (list <map>) SCR::Read (.reports_ess, Settings);
integer key = 1;
foreach ( map repdata, db, {
reportList = add( reportList, `item( `id(key), repdata["host"]:nil,
repdata["startdate"]:nil, repdata["enddate"]:nil, repdata["numRejects"]:nil,
repdata["numEvents"]:nil, repdata["sevMean"]:nil, repdata["sevHi"]:nil ));
key = key + 1;
});
} else {
list <map> db = (list <map>) SCR::Read (.logparse, Settings);
integer key = 0;
foreach ( map record, db, {
reportList = add( reportList, `item( `id(key),
record["host"]:nil, record["date"]:nil, record["prog"]:nil,
record["profile"]:nil, record["pid"]:nil, record["severity"]:nil,
record["mode_req"]:nil, record["mode_deny"]:nil,
record["resource"]:nil, record["sdmode"]:nil, record["op"]:nil,
record["attr"]:nil, record["name_alt"]:nil, record["net_family"]:nil,
record["net_proto"]:nil, record["net_socktype"]:nil
));
key = key + 1;
});
}
return reportList;
}
}

429
management/yastui/src/include/subdomain/sd-config.ycp
View file

@ -1,429 +0,0 @@
/* ------------------------------------------------------------------
*
* Copyright (C) 2002-2005 Novell/SUSE
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of version 2 of the GNU General Public
* License published by the Free Software Foundation.
*
------------------------------------------------------------------*/
{
include "subdomain/config_complain.ycp";
include "subdomain/event_notification_helptext.ycp";
textdomain "yast2-apparmor";
define boolean safeFormat (string emailAddr) {
boolean isSafe = false;
integer emailAddrLength = size(emailAddr);
// Allow only name@host formats
if ( emailAddrLength > 128 ) {
Popup::Error( _("Email address is too long. Please enter another address.") );
} else if ( ! regexpmatch(emailAddr, "..+") &&
regexpmatch(emailAddr, "/^(\w+\.?)+\w+\@(\w+\.?)+\w+$") ) {
isSafe = true;
} else if ( regexpmatch(emailAddr, "\\w+@\\w+") ) {
isSafe = true;
} else {
Popup::Error( _("Error in email address format. Please use \"name@host\" format.") );
}
return isSafe;
}
define boolean changeAppArmorState(boolean aaEnabled) {
any error = nil;
string sdAction = "";
if (aaEnabled == true) {
sdAction = "subdomain:enable";
} else {
sdAction = "subdomain:disable";
}
error = SCR::Execute(.sdconf, sdAction);
if ( error != nil && is(error, string) ) {
string errorMsg = (string) error;
string popError = _("This operation generated the following error. Please check your installation and AppArmor profile settings.");
Popup::Message( popError+ "\n[" + errorMsg + "]");
aaEnabled = ! aaEnabled;
}
return aaEnabled;
}
define void displayNotifyForm() {
map settings = (map) SCR::Execute(.subdomain, "sd-notify-settings");
map<string,any> terse = settings["terse"]:$[];
map<string,any> summary = settings["summary"]:$[];
map<string,any> verbose = settings["verbose"]:$[];
any t_freq = terse["terse_freq"]:0;
any s_freq = summary["summary_freq"]:0;
any v_freq = verbose["verbose_freq"]:0;
boolean t_unknown = true;
any a_t_poop = (any) terse["terse_unknown"]:"1";
string t_poop = tostring(a_t_poop);
if(t_poop == "0") {
t_unknown = false;
}
boolean s_unknown = true;
any a_s_poop = terse["summary_unknown"]:"1";
string s_poop = tostring(a_s_poop);
if(s_poop == "0") {
s_unknown = false;
}
boolean v_unknown = true;
any a_v_poop = verbose["verbose_unknown"]:"1";
string v_poop = tostring(a_v_poop);
if(v_poop == "0") {
v_unknown = false;
}
list terse_items = [
`item(`id(0), _("Disabled"), t_freq==0?true:false),
`item(`id(60), _("1 minute"), t_freq==60?true:false),
`item(`id(300), _("5 minutes"), t_freq==300?true:false),
`item(`id(600), _("10 minutes"), t_freq==600?true:false),
`item(`id(900), _("15 minutes"), t_freq==900?true:false),
`item(`id(1800), _("30 minutes"), t_freq==1800?true:false),
`item(`id(3600), _("1 hour"), t_freq==3600?true:false),
`item(`id(86400), _("1 day"), t_freq==86400?true:false),
`item(`id(604800), _("1 week"), t_freq==604800?true:false)
];
list summary_items = [
`item(`id(0), _("Disabled"), s_freq==0?true:false),
`item(`id(60), _("1 minute"), s_freq==60?true:false),
`item(`id(300), _("5 minutes"), s_freq==300?true:false),
`item(`id(600), _("10 minutes"), s_freq==600?true:false),
`item(`id(900), _("15 minutes"), s_freq==900?true:false),
`item(`id(1800), _("30 minutes"), s_freq==1800?true:false),
`item(`id(3600), _("1 hour"), s_freq==3600?true:false),
`item(`id(86400), _("1 day"), s_freq==86400?true:false),
`item(`id(604800), _("1 week"), s_freq==604800?true:false)
];
list verbose_items = [
`item(`id(0), _("Disabled"), v_freq==0?true:false),
`item(`id(60), _("1 minute"), v_freq==60?true:false),
`item(`id(300), _("5 minutes"), v_freq==300?true:false),
`item(`id(600), _("10 minutes"), v_freq==600?true:false),
`item(`id(900), _("15 minutes"), v_freq==900?true:false),
`item(`id(1800), _("30 minutes"), v_freq==1800?true:false),
`item(`id(3600), _("1 hour"), v_freq==3600?true:false),
`item(`id(86400), _("1 day"), v_freq==86400?true:false),
`item(`id(604800), _("1 week"), v_freq==604800?true:false)
];
term event_config = `HVCenter(`VBox(`opt(`vstretch),
`Frame( _("Security Event Notification"),
`HBox(`HSpacing(1),
`VBox(`opt(`vstretch),
`VSpacing(1),
`Frame( _("Terse Notification"),
`VBox(`opt(`vstretch),
`HBox(
`ComboBox(`id(`terse_freq), _("Frequency"), terse_items),
`TextEntry(`id(`terse_email), _("Email Address"), terse["terse_email"]:""),
`IntField(`id(`terse_level), _("Severity"), 0,10, terse["terse_level"]:0)
),
`HBox(
`CheckBox( `id(`terse_unknown), _("Include Unknown Severity Events"), t_unknown)
)
)
),
`VSpacing(1),
`Frame( _("Summary Notification"),
`VBox(`opt(`vstretch),
`HBox(
`ComboBox(`id(`summary_freq), _("Frequency"), summary_items),
`TextEntry(`id(`summary_email), _("Email Address"), summary["summary_email"]:""),
`IntField(`id(`summary_level), _("Severity"), 0,10, summary["summary_level"]:0)
),
`HBox(
`CheckBox( `id(`summary_unknown), _("Include Unknown Severity Events"), s_unknown)
)
)
),
`VSpacing(1),
`Frame( _("Verbose Notification"),
`VBox(`opt(`vstretch),
`HBox(
`ComboBox(`id(`verbose_freq), _("Frequency"), verbose_items),
`TextEntry(`id(`verbose_email), _("Email Address"), verbose["verbose_email"]:""),
`IntField(`id(`verbose_level), _("Severity"), 0,10, verbose["verbose_level"]:0)
),
`HBox(
`CheckBox( `id(`verbose_unknown), _("Include Unknown Severity Events"), v_unknown)
)
)
),
`VSpacing(1)
),
`HSpacing(1)
)
)
)
);
Wizard::CreateDialog();
Wizard::SetContentsButtons(_("Security Event Notification"), event_config, EventNotifyHelpText, nil, _("&OK"));
Wizard::DisableBackButton();
any ntInput = nil;
string notifyLabelValue = "";
while( true ) {
ntInput = UI::UserInput();
if (ntInput == `next) {
map<string,map> answers = $[ ];
map<string,string> set_notify = $[ ];
map<string,string> summary = $[ ];
map<string,string> verbose = $[ ];
map<string,string> terse = $[ ];
t_freq = UI::QueryWidget(`id(`terse_freq), `Value);
s_freq = UI::QueryWidget(`id(`summary_freq), `Value);
v_freq = UI::QueryWidget(`id(`verbose_freq), `Value);
set_notify["sd-set-notify"] = "yes";
terse["terse_freq"] = tostring(t_freq);
summary["summary_freq"] = tostring(s_freq);
verbose["verbose_freq"] = tostring(v_freq);
if (t_freq != 0) {
string t_email = (string) UI::QueryWidget(`id(`terse_email), `Value);
if ( t_email == nil || t_email == "" ) {
Popup::Error( _("An email address is required for each selected notification method.") );
continue;
} else if ( ! safeFormat(t_email) ) {
continue;
}
terse["enable_terse"] = "yes";
terse["terse_email"] = (string) UI::QueryWidget(`id(`terse_email), `Value);
terse["terse_level"] = (string) tostring(UI::QueryWidget(`id(`terse_level), `Value));
boolean t_unknown = (boolean) UI::QueryWidget(`id(`terse_unknown), `Value);
if (t_unknown == true) {
terse["terse_unknown"] = "1";
} else {
terse["terse_unknown"] = "0";
}
} else {
terse["enable_terse"] = "no";
}
if (s_freq != 0) {
string s_email = (string) UI::QueryWidget(`id(`summary_email), `Value);
if ( s_email == nil || s_email == "" ) {
Popup::Error( _("An email address is required for each selected notification method.") );
continue;
} else if ( ! safeFormat(s_email) ) {
continue;
}
summary["enable_summary"] = "yes";
summary["summary_email"] = (string) UI::QueryWidget(`id(`summary_email), `Value);
summary["summary_level"] = (string) tostring(UI::QueryWidget(`id(`summary_level), `Value));
boolean s_unknown = (boolean) UI::QueryWidget(`id(`summary_unknown), `Value);
if (s_unknown == true) {
summary["summary_unknown"] = "1";
} else {
summary["summary_unknown"] = "0";
}
} else {
summary["enable_summary"] = "no";
}
if (v_freq != 0) {
string v_email = (string) UI::QueryWidget(`id(`verbose_email), `Value);
if ( v_email == nil || v_email == "" ) {
Popup::Error( _("An email address is required for each selected notification method.") );
continue;
} else if (! safeFormat(v_email) ) {
continue;
}
verbose["enable_verbose"] = "yes";
verbose["verbose_email"] = (string) UI::QueryWidget(`id(`verbose_email), `Value);
verbose["verbose_level"] = (string) tostring(UI::QueryWidget(`id(`verbose_level), `Value));
boolean v_unknown = (boolean) UI::QueryWidget(`id(`verbose_unknown), `Value);
if (v_unknown == true) {
verbose["verbose_unknown"] = "1";
} else {
verbose["verbose_unknown"] = "0";
}
} else {
verbose["enable_verbose"] = "no";
}
answers["set_notify"] = set_notify;
answers["terse"] = terse;
answers["summary"] = summary;
answers["verbose"] = verbose;
string result = (string) SCR::Execute(.sdconf, answers);
if (result != "success") {
Popup::Error( _("Configuration failed for the following operations: ") + result);
}
if ( t_freq != 0 || s_freq != 0 || v_freq != 0 ) {
notifyLabelValue = _("Notification is enabled");
} else {
notifyLabelValue = _("Notification is disabled");
}
}
Wizard::CloseDialog();
if ( (ntInput == `ok) || (ntInput == `next) ) {
UI::ChangeWidget( `id(`notifyLabel), `Value, notifyLabelValue );
}
break;
}
}
define symbol displayAppArmorConfig () {
// AppArmor Status
boolean aaEnabled = false;
boolean ntIsEnabled = false;
string subdomain = (string) SCR::Execute(.subdomain, "sd-status");
string sdEnStr = _("AppArmor is disabled");
if (subdomain == "enabled") {
aaEnabled = true;
sdEnStr = _("AppArmor is enabled");
}
// Notification Status
string evnotify = (string) SCR::Execute(.subdomain, "sd-notify");
string evEnStr = _("Notification is disabled");
if (evnotify == "enabled") {
ntIsEnabled = true;
evEnStr = _("Notification is enabled");
} else if (evnotify == "notinstalled") {
evnotify = "disabled";
}
/* Network dialog caption */
string caption = _("AppArmor Configuration");
string help = _("<p><b>AppArmor Status</b><br>This reports whether the AppArmor policy enforcement module is loaded and functioning.</p> <p><b>Security Event Notification</b><br>Configure this tool if you want to be notified by email when access violations have occurred.</p> <p><b>Profile Modes</b><br>Use this tool to change the way that AppArmor uses individual profiles.</p>");
term contents =
`HVCenter(
`VBox(
`VSpacing(1), `HSpacing(2),
`HBox (
`HSpacing( `opt(`hstretch), 2 ),
`VBox(
`Left(`CheckBox( `id(`aaState), `opt(`notify), ("&Enable AppArmor"), aaEnabled)),
`VSpacing(1),
`Frame( `id(`aaEnableFrame), _("Configure AppArmor"),
`HBox (
`HSpacing( `opt(`hstretch), 4 ),
`VBox(
`VSpacing(1),
`Frame ( _("Security Event Notification"),
`HBox(
`VSpacing(1), `HSpacing(1),
`HVCenter( `Label( `id(`notifyLabel), evEnStr )),
`PushButton( `id(`ntconf), _("C&onfigure")),
`VSpacing(1), `HSpacing(1)
)
),
`VSpacing(1), `HSpacing(20),
`Frame ( _("Configure Profile Modes"),
`HBox(
`VSpacing(1), `HSpacing(1),
`Left(`HVCenter( `Label( `id(`notifyLabel), " " + _("Set profile modes") ))),
`PushButton( `id(`modeconf), _("Co&nfigure") ),
`VSpacing(1), `HSpacing(1)
)
),
`VSpacing(1)
),
`HSpacing( `opt(`hstretch), 4 )
))),
`HSpacing( `opt(`hstretch), 2 )
))
);
// May want to replace Wizard() with UI()
Wizard::CreateDialog();
Wizard::SetTitleIcon("apparmor/control_panel");
Wizard::SetContentsButtons(caption, contents, help, nil, _("&Done"));
Wizard::DisableBackButton();
UI::ChangeWidget(`id(`aaEnableFrame), `Enabled, aaEnabled);
while( true ) {
symbol ret = (symbol) UI::UserInput();
if ( ret == `abort || ret == `cancel || ret == `next) {
break;
} else if (ret == `aaState ) {
// Set AppArmor state: enabled|disabled
boolean requestedAaState = (boolean) UI::QueryWidget(`id(`aaState), `Value);
aaEnabled = changeAppArmorState(requestedAaState);
// These will match if the update was successful
if ( aaEnabled == requestedAaState ) {
UI::ChangeWidget(`id(`aaEnableFrame), `Enabled, aaEnabled);
}
} else if (ret == `ntconf ) {
displayNotifyForm();
} else if (ret == `modeconf ) {
ret = profileModeConfigForm();
if ( ret == `back ) {
displayAppArmorConfig();
}
break;
} else {
y2error("Unexpected return code: " + tostring(ret));
}
}
UI::CloseDialog();
return nil;
}
/* EOF */
}

24
management/yastui/src/locale/Makefile
View file

@ -1,24 +0,0 @@
# $Id: Makefile 4157 2005-03-29 23:02:21Z steve $
# ------------------------------------------------------------------
#
# Copyright (C) 2002-2005 Novell/SUSE
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of version 2 of the GNU General Public
# License published by the Free Software Foundation.
#
# ------------------------------------------------------------------
all:
# As translations get added, they will automatically be included, unless
# the lang is explicitly added to DISABLED_LANGS; e.g. DISABLED_LANGS=en es
DISABLED_LANGS=
include ../../common/Make-po.rules
../../common/Make-po.rules:
make -C ../.. common/Make.rules
# This definition has to come after the inclusion of Make.rules in order
# to override the definition of LOCALEDIR in it.
LOCALEDIR=/usr/share/YaST2/locale

1023
management/yastui/src/locale/de_DE.po
View file

File diff suppressed because it is too large Load diff

1167
management/yastui/src/locale/en_US.UTF-8/yast2-subdomain.po
View file

File diff suppressed because it is too large Load diff

1168
management/yastui/src/locale/en_US.po
View file

File diff suppressed because it is too large Load diff

1023
management/yastui/src/locale/es_ES.po
View file

File diff suppressed because it is too large Load diff

1022
management/yastui/src/locale/fr_FR.po
View file

File diff suppressed because it is too large Load diff

1073
management/yastui/src/locale/hu_HU.po
View file

File diff suppressed because it is too large Load diff

1023
management/yastui/src/locale/it_IT.po
View file

File diff suppressed because it is too large Load diff

1022
management/yastui/src/locale/ja_JP.po
View file

File diff suppressed because it is too large Load diff

1055
management/yastui/src/locale/nb_NO.po
View file

File diff suppressed because it is too large Load diff

1022
management/yastui/src/locale/pt_BR.po
View file

File diff suppressed because it is too large Load diff

1013
management/yastui/src/locale/pt_PT.po
View file

File diff suppressed because it is too large Load diff

1024
management/yastui/src/locale/zh_CN.po
View file

File diff suppressed because it is too large Load diff

1023
management/yastui/src/locale/zh_TW.po
View file

File diff suppressed because it is too large Load diff

9
management/yastui/src/modules/AppArmorDialogs.ycp
View file

@ -1,9 +0,0 @@
{
module "AppArmorDialogs";
textdomain "yast2-apparmor";
global define term busy_dialog = nil;
}

265
management/yastui/src/perl/Notify.pm
View file

@ -1,265 +0,0 @@
# ------------------------------------------------------------------
#
# Copyright (C) 2005-2006 Novell/SUSE
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of version 2 of the GNU General Public
# License published by the Free Software Foundation.
#
# ------------------------------------------------------------------
package Immunix::Notify;
################################################################################
# /usr/lib/perl5/vendor_perl/Immunix/Notify.pm
#
# - Parses /etc/apparmor/notify.cfg for AppArmor notification
# - Used with sd-config.ycp for yast configuration
#
################################################################################
use strict;
use ycp;
use POSIX;
use Locale::gettext;
setlocale(LC_MESSAGES, "");
textdomain("apparmor-utils");
use constant NTCONF => '/etc/apparmor/notify.cfg';
sub debug {
my $cf = shift;
for my $type ( keys %$cf) {
ycp::y2milestone("[apparmor] Type: $type");
for my $rec ( keys %{$cf->{ $type }} ) {
ycp::y2milestone("[apparmor]\t$rec value: $cf->{$type}{$rec}");
}
}
}
# Replaces old files with new files
sub updateFiles {
my ( $oldFile, $newFile ) = @_;
if ( unlink("$oldFile") ) {
if ( ! rename ("$newFile", "$oldFile") ) {
if ( ! system('/bin/mv', "$newFile","$oldFile") ) {
ycp::y2error(sprintf(gettext("Failed copying %s."), $oldFile));
return 1;
}
}
} else {
system('/bin/rm', "$oldFile");
system('/bin/mv', "$newFile", "$oldFile");
}
return 0;
}
sub safeFormat {
my $emailAddr = shift;
my $safeFormat = 0;
if ( $emailAddr && (length($emailAddr) < 129) ) {
#if ( $emailAddr =~ /^\w+[\.\w]+\@[\w+\.]+\w+$/ ||
if ( $emailAddr =~ /^(\w+\.?)+\w+\@(\w+\.?)+\w+$/ ||
$emailAddr =~ /^\/var\/mail\/\w+$/ ) {
$safeFormat = 1;
} else {
ycp::y2milestone("[apparmor] email address contains invalid
characters.");
}
} else {
ycp::y2milestone("[apparmor] email address is too long--more than
128 characters.");
}
return $safeFormat;
}
# check for reasonable values (especially email address)
sub sanitize {
my $newConfig = shift;
my $oldConfig = getNotifySettings();
my $result = "success";
if ( $newConfig->{'set_notify'}) {
delete($newConfig->{'set_notify'}); # don't need this anymore
}
# Sanitize, reverting to current values if poorly formed email address
for my $type (keys(%$newConfig)) {
my $enable = "enable_" . "$type";
my $email = "$type" . "_email";
next unless ($newConfig->{$type}->{$enable} eq 'yes');
if ( $newConfig->{$type}->{$enable} eq "yes" && !
safeFormat($newConfig->{$type}->{$email}) ) {
$result = "Error in email address format. Skipping changes
for $type notification.";
ycp::y2milestone("[apparmor] $result");
$newConfig->{$type} = $oldConfig->{$type};
}
}
return ($newConfig, $result);
}
sub getNotifyStatus {
my $config = getNotifySettings();
my $noteStatus = "disabled";
if ( $config->{terse}->{terse_freq} && $config->{terse}->{terse_freq} != 0) {
$noteStatus = "enabled";
} elsif ( $config->{summary}->{summary_freq} &&
$config->{summary}->{summary_freq} != 0) {
$noteStatus = "enabled";
} elsif ( $config->{verbose}->{verbose_freq} &&
$config->{verbose}->{verbose_freq} != 0) {
$noteStatus = "enabled";
}
return $noteStatus;
}
sub delBadEntries {
my $config = shift;
my @delList = ();
# Remove bad entries pulled from config file
for my $type (keys(%$config)) {
if ( $type !~ /(summary|terse|verbose)/ ) {
push(@delList, $type);
next;
} else {
my $freq = $type . "_freq";
my $email = $type . "_email";
my $level = $type . "_level";
my $unk = $type . "_unknown";
no strict;
if ( ! $config->{$type}->{$email} ) {
push(@delList, $type);
next;
}
for my $val ( keys %{$config->{ $type }} ) {
if ( $val eq $freq ) {
if ( $config->{$type}->{$val} !~ /\d+/ ) {
$config->{$type}->{$val} = 0;
}
} elsif ( $val eq $email ) {
if ( ! safeFormat($config->{$type}->{$val}) ) {
push(@delList, $type);
next;
}
} elsif ( $val eq $level ) {
if ( ! ($config->{$type}->{$val} =~ /\d\d/ &&
$config->{$type}->{$val} < 11) ) {
$config->{$type}->{$val} = 0;
}
} elsif ( $val eq $unk ) {
$config->{$type}->{$val} =~ /[0|1]/ || 0;
}
}
}
}
# Delete entire record if bad email address
for (@delList) {
delete($config->{$_});
}
return $config;
}
sub getNotifySettings {
my $config = ();
my $cleanConfig = ();
my $ntConf = NTCONF;
if ( open(CFG, "<$ntConf") ) {
while(<CFG>) {
chomp;
$config->{$2}{$1} = $4 if /^((\S+)_(\S+))\s+(.+)\s*$/;
}
close(CFG);
# delete notification entries without a reasonable email address
$cleanConfig = delBadEntries($config);
} else {
ycp::y2milestone("[apparmor] Couldn't open $ntConf.");
}
return $cleanConfig;
}
sub setNotifySettings {
my $config = shift;
my $result = "success";
my $ntConf = NTCONF;
Immunix::Reports::enableEventD();
if ( open(CFG, "> $ntConf") ) {
if($config->{terse}->{enable_terse} eq "yes") {
# if we didn't get passed a valid frequency, default to off
$config->{terse}->{terse_freq} ||= 0;
$config->{terse}->{terse_level} ||= 0;
# default to including unknown events if we didn't get passed that setting
$config->{terse}->{terse_unknown} = 1 unless defined $config->{terse}->{terse_unknown};
print CFG "terse_freq $config->{terse}->{terse_freq}\n";
print CFG "terse_email $config->{terse}->{terse_email}\n";
print CFG "terse_level $config->{terse}->{terse_level}\n";
print CFG "terse_unknown $config->{terse}->{terse_unknown}\n";
}
if($config->{summary}->{enable_summary} eq "yes") {
# if we didn't get passed a valid frequency, default to off
$config->{summary}->{summary_freq} ||= 0;
$config->{summary}->{summary_level} ||= 0;
# default to including unknown events if we didn't get passed that setting
$config->{summary}->{summary_unknown} = 1 unless defined $config->{summary}->{summary_unknown};
print CFG "summary_freq $config->{summary}->{summary_freq}\n";
print CFG "summary_email $config->{summary}->{summary_email}\n";
print CFG "summary_level $config->{summary}->{summary_level}\n";
print CFG "summary_unknown $config->{summary}->{summary_unknown}\n";
}
if($config->{verbose}->{enable_verbose} eq "yes") {
# if we didn't get passed a valid frequency, default to off
$config->{verbose}->{verbose_freq} ||= 0;
$config->{verbose}->{verbose_level} ||= 0;
# default to including unknown events if we didn't get passed that setting
$config->{verbose}->{verbose_unknown} = 1 unless defined $config->{verbose}->{verbose_unknown};
print CFG "verbose_freq $config->{verbose}->{verbose_freq}\n";
print CFG "verbose_email $config->{verbose}->{verbose_email}\n";
print CFG "verbose_level $config->{verbose}->{verbose_level}\n";
print CFG "verbose_unknown $config->{verbose}->{verbose_unknown}\n";
}
close(CFG);
} else {
$result = "Unable to write config changes to $ntConf";
ycp::y2milestone("[apparmor] $result: $!");
}
return($result);
}
1;

25
management/yastui/src/po/Makefile
View file

@ -1,25 +0,0 @@
# $Id: Makefile 4157 2005-03-29 23:02:21Z steve $
# ------------------------------------------------------------------
#
# Copyright (C) 2002-2005 Novell/SUSE
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of version 2 of the GNU General Public
# License published by the Free Software Foundation.
#
# ------------------------------------------------------------------
all:
# As translations get added, they will automatically be included, unless
# the lang is explicitly added to DISABLED_LANGS; e.g. DISABLED_LANGS=en es
DISABLED_LANGS=
include ../../common/Make-po.rules
../../common/Make-po.rules:
make -C ../.. common/Make.rules
# This definition has to come after the inclusion of Make.rules in order
# to override the definition of LOCALEDIR in it.
LOCALEDIR=/usr/share/locale

201
management/yastui/src/po/de_DE.po
View file

@ -1,201 +0,0 @@
# yast2-apparmor locale file
# Copyright (C) 2005 Novell INC.
# This file is distributed under the same license as the yast2-apparmor package.
# David Drewelow <davidd@immunix.com>, 2005.
#
msgid ""
msgstr ""
"Project-Id-Version: yast2-agents\n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2005-07-22 13:42-0700\n"
"PO-Revision-Date: 2005-08-17 15:14+0000\n"
"Last-Translator: Novell Language <language@novell.com>\n"
"Language-Team: Novell Language <language@novell.com>\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=utf-8\n"
"Content-Transfer-Encoding: 8bit\n"
#: ag_logparse:63 ag_logparse:83
msgid "Unable to open"
msgstr "Öffnen nicht möglich"
#: ag_logparse:63
msgid "Couldn't save query."
msgstr "Abfrage konnte nicht gespeichert werden."
#: ag_logparse:83
msgid "Couldn't retrieve query."
msgstr "Abfrage konnte nicht abgerufen werden."
#: ag_reports_confined:104
#, c-format
msgid "ag_reports_confined: Couldn't open %s for writing."
msgstr "ag_reports_confined: %s konnte zum Schreiben nicht geöffnet werden."
#: ag_reports_confined:130
#, c-format
msgid "Failure in readMultiAudLog() - couldn't open %s."
msgstr "Fehler in readMultiAudLog() - %s konnte nicht geöffnet werden."
#: ag_reports_confined:143
#, c-format
msgid "Problem in readMultiAudLog\\(\\) - couldn't open %s\\/%s."
msgstr "Problem in readMultiAudLog\\(\\) - %s konnte nicht geöffnet werden\\/%s."
#: ag_reports_confined:177
msgid "readAudLog() wasn't passed an input file."
msgstr "An readAudLog() wurde keine Eingabedatei weitergeleitet."
#: ag_reports_confined:201
#, c-format
msgid "readAudLog\\(\\) couldn't open %s."
msgstr "readAudLog\\(\\) konnte %s nicht öffnen."
#: ag_reports_confined:259
#, c-format
msgid "Can't run %s. Exiting."
msgstr "%s kann nicht ausgeführt werden. Vorgang wird beendet."
#: ag_reports_ess:57
msgid "Failure in readMultiEssLog() - couldn't open"
msgstr "Fehler in readMultiEssLog() - konnte nicht geöffnet werden"
#: ag_reports_ess:70
msgid "Problem in readMultiEssLog() - couldn't open"
msgstr "Problem in readMultiEssLog() - konnte nicht geöffnet werden"
#: ag_reports_ess:105
msgid "readEssLog() wasn't passed an input file."
msgstr "An readEssLog() wurde keine Eingabedatei weitergeleitet."
#: ag_reports_ess:129
msgid "readEssLog() couldn't open $logFile"
msgstr "readEssLog() konnte $logFile nicht öffnen"
#: ag_reports_ess:163
#, c-format
msgid "ag_logparse: Unknown instruction %s or argument: %s"
msgstr "ag_logparse: Unbekannte Anweisung %s oder unbekanntes Argument: %s"
#: ag_reports_parse:78
#, c-format
msgid "ag_reports_parse: Couldn't open %s for writing."
msgstr "ag_reports_parse: %s konnte zum Schreiben nicht geöffnet werden."
#: ag_reports_parse:145
msgid "ag_reports_parse: No archived reports found."
msgstr "ag_reports_parse: Keine archivierten Berichte gefunden."
#: ag_reports_parse:150
#, c-format
msgid "ag_reports_parse: Can't open directory %s: %s"
msgstr "ag_reports_parse: Verzeichnis %s kann nicht geöffnet werden: %s"
#: ag_reports_parse:179
#, c-format
msgid "ag_reports_parse: Unknown instruction %s or argument: %s"
msgstr "ag_reports_parse: Unbekannte Anweisung %s oder unbekanntes Argument: %s"
#: ag_reports_sched:76
#, c-format
msgid "Couldn't find %s. Unable to create crontab. Exiting."
msgstr "%s wurde nicht gefunden. Erstellen von crontab nicht möglich. Vorgang wird beendet."
#: ag_reports_sched:133 ag_reports_sched:175 ag_reports_sched:253
#: ag_reports_sched:316 ag_reports_sched:323 ag_reports_sched:387
#: ag_reports_sched:394 ag_reports_sched:477 ag_reports_sched:542
#, c-format
msgid "Couldn't open %s."
msgstr "%s konnte nicht geöffnet werden."
#: ag_reports_sched:245
#, c-format
msgid "Couldn't open %s. Unable to add report: %s"
msgstr "%s konnte nicht geöffnet werden. Bericht kann nicht hinzugefügt werden: %s"
#: ag_reports_sched:270
#, c-format
msgid "Duplicate report name not allowed. Didn't schedule new report: %s"
msgstr "Doppelter Berichtsname nicht zulässig. Es wurde kein neuer Bericht geplant: %s"
#: ag_reports_sched:583 ag_reports_sched:590
#, c-format
msgid "Couldn't open %s. No changes performed."
msgstr "%s konnte nicht geöffnet werden. Es wurden keine Änderungen vorgenommen."
#: ag_reports_sched:685
#, c-format
msgid "ag_reports_sched: Unknown instruction %s or arg: %s"
msgstr "ag_reports_sched: Unbekannte Anweisung %s oder unbekanntes Argument: %s"
#: Reports.pm:246 Reports.pm:1328
#, perl-format
msgid "DBI Execution failed: %s."
msgstr "Fehler bei DBI-Ausführung: %s."
#: Reports.pm:272
#, perl-format
msgid "Couldn't open file: %s."
msgstr "Datei konnte nicht geöffnet werden: %s."
#: Reports.pm:276
msgid "No type value passed. Unable to determine page count."
msgstr "Es wurde kein Typwert weitergeleitet. Seitenzahl kann nicht bestimmt werden."
#: Reports.pm:346
#, perl-format
msgid "Failed copying %s."
msgstr "Fehler beim Kopieren von %s."
#: Reports.pm:459
#, perl-format
msgid "Export Log Error: Couldn't open %s"
msgstr "Exportprotokollfehler: %s konnte nicht geöffnet werden"
#: Reports.pm:483
msgid "Fatal error. No report name given. Exiting."
msgstr "Schwer wiegender Fehler. Kein Berichtsname angegeben. Vorgang wird beendet."
#: Reports.pm:489
#, perl-format
msgid ""
"Unable to get configuration info for %s.\n"
" Unable to find %s."
msgstr "Konfigurationsinformationen für %s können nicht abgerufen werden.\n %s wurde nicht gefunden."
#: Reports.pm:530
#, perl-format
msgid "Failed to parse: %s."
msgstr "Fehler beim Analysieren: %s."
#: Reports.pm:539
#, perl-format
msgid "Fatal Error. Couldn't open %s."
msgstr "Schwer wiegender Fehler. %s konnte nicht geöffnet werden."
#: Reports.pm:587
#, perl-format
msgid "Fatal Error. Can't run %s. Exiting."
msgstr "Schwer wiegender Fehler. %s kann nicht ausgeführt werden. Vorgang wird beendet."
#: Reports.pm:608
#, perl-format
msgid "Fatal Error. No directory, %s, found. Exiting."
msgstr "Schwerwiegender Fehler. Kein Verzeichnis %s gefunden. Vorgang wird beendet."
#: Reports.pm:630
#, perl-format
msgid "Fatal Error. Couldn't open %s. Exiting"
msgstr "Schwer wiegender Fehler. %s konnte nicht geöffnet werden. Beenden"
#: Reports.pm:658 Reports.pm:671 Reports.pm:681
#, perl-format
msgid "DBI Execution failed: %s"
msgstr "Fehler bei DBI-Ausführung: %s"
#: Reports.pm:1434
#, perl-format
msgid "Fatal Error. getArchReport() couldn't open %s"
msgstr "Schwer wiegender Fehler. getArchReport() konnte %s nicht öffnen"

1152
management/yastui/src/po/en_US.po
View file

File diff suppressed because it is too large Load diff

202
management/yastui/src/po/es_ES.po
View file

@ -1,202 +0,0 @@
# yast2-apparmor locale file
# Copyright (C) 2005 Novell INC.
# This file is distributed under the same license as the yast2-apparmor package.
# David Drewelow <davidd@immunix.com>, 2005.
#
msgid ""
msgstr ""
"Project-Id-Version: apparmor\n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2005-07-29 14:02+0000\n"
"PO-Revision-Date: 2005-08-17 HO:MI+ZONE\n"
"Last-Translator: Novell Language <language@novell.com>\n"
"Language-Team: Novell Language <language@novell.com>\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=utf-8\n"
"Content-Transfer-Encoding: 8bit\n"
#: ag_logparse:63 ag_logparse:83
msgid "Unable to open"
msgstr "No es posible abrir"
#: ag_logparse:63
msgid "Couldn't save query."
msgstr "No es posible guardar la consulta."
#: ag_logparse:83
msgid "Couldn't retrieve query."
msgstr "No es posible recuperar la consulta."
#: ag_reports_confined:104
#, c-format
msgid "ag_reports_confined: Couldn't open %s for writing."
msgstr "ag_reports_confined: no es posible abrir %s para escritura."
#: ag_reports_confined:130
#, c-format
msgid "Failure in readMultiAudLog() - couldn't open %s."
msgstr "Error en readMultiAudLog(): no es posible abrir %s."
#: ag_reports_confined:143
#, c-format
msgid "Problem in readMultiAudLog\\(\\) - couldn't open %s\\/%s."
msgstr "Problema en readMultiAudLog\\(\\): no es posible abrir %s\\/%s."
#: ag_reports_confined:177
msgid "readAudLog() wasn't passed an input file."
msgstr "readAudLog() no se ha gestionado como un archivo de entrada."
#: ag_reports_confined:201
#, c-format
msgid "readAudLog\\(\\) couldn't open %s."
msgstr "readAudLog\\(\\) no ha podido abrir %s."
#: ag_reports_confined:259
#, c-format
msgid "Can't run %s. Exiting."
msgstr "No es posible ejecutar %s. Saliendo."
#: ag_reports_ess:57
msgid "Failure in readMultiEssLog() - couldn't open"
msgstr "Error en readMultiEssLog(): no es posible abrir"
#: ag_reports_ess:70
msgid "Problem in readMultiEssLog() - couldn't open"
msgstr "Problema en readMultiEssLog(): no es posible abrir"
#: ag_reports_ess:105
msgid "readEssLog() wasn't passed an input file."
msgstr "readEssLog() no se ha gestionado como un archivo de entrada."
#: ag_reports_ess:129
msgid "readEssLog() couldn't open $logFile"
msgstr "readEssLog() no ha podido abrir $logFile."
#: ag_reports_ess:163
#, c-format
msgid "ag_logparse: Unknown instruction %s or argument: %s"
msgstr "ag_logparse: instrucción o argumento %s desconocidos: %s"
#: ag_reports_parse:78
#, c-format
msgid "ag_reports_parse: Couldn't open %s for writing."
msgstr "ag_reports_parse: no es posible abrir %s para escritura."
#: ag_reports_parse:145
msgid "ag_reports_parse: No archived reports found."
msgstr "ag_reports_parse: no se han encontrado informes archivados."
#: ag_reports_parse:150
#, c-format
msgid "ag_reports_parse: Can't open directory %s: %s"
msgstr "ag_reports_parse: no es posible abrir el directorio %s: %s"
#: ag_reports_parse:179
#, c-format
msgid "ag_reports_parse: Unknown instruction %s or argument: %s"
msgstr "ag_reports_parse: instrucción o argumento %s desconocidos: %s"
#: ag_reports_sched:76
#, c-format
msgid "Couldn't find %s. Unable to create crontab. Exiting."
msgstr "No se encuentra %s. Imposible crear crontab. Saliendo."
#: ag_reports_sched:133 ag_reports_sched:175 ag_reports_sched:253
#: ag_reports_sched:316 ag_reports_sched:323 ag_reports_sched:387
#: ag_reports_sched:394 ag_reports_sched:477 ag_reports_sched:542
#, c-format
msgid "Couldn't open %s."
msgstr "No es posible abrir %s."
#: ag_reports_sched:245
#, c-format
msgid "Couldn't open %s. Unable to add report: %s"
msgstr "No es posible abrir %s. No es posible añadir el informe: %s"
#: ag_reports_sched:270
#, c-format
msgid "Duplicate report name not allowed. Didn't schedule new report: %s"
msgstr "No se admiten nombres de informes duplicados. No se ha programado un nuevo informe: %s"
#: ag_reports_sched:583 ag_reports_sched:590
#, c-format
msgid "Couldn't open %s. No changes performed."
msgstr "No es posible abrir %s. No se ha llevado a cabo ningún cambio."
#: ag_reports_sched:685
#, c-format
msgid "ag_reports_sched: Unknown instruction %s or arg: %s"
msgstr "ag_reports_sched: instrucción o argumento %s desconocidos: %s"
#: Reports.pm:246 Reports.pm:1328
#, perl-format
msgid "DBI Execution failed: %s."
msgstr "Error de ejecución DBI: %s."
#: Reports.pm:272
#, perl-format
msgid "Couldn't open file: %s."
msgstr "No es posible abrir el archivo. %s."
#: Reports.pm:276
msgid "No type value passed. Unable to determine page count."
msgstr "No se ha enviado ningún valor de tipo. No es posible determinar el número de páginas."
#: Reports.pm:346
#, perl-format
msgid "Failed copying %s."
msgstr "Error al copiar %s."
#: Reports.pm:459
#, perl-format
msgid "Export Log Error: Couldn't open %s"
msgstr "Error de exportación de registro: no es posible abrir %s."
#: Reports.pm:483
msgid "Fatal error. No report name given. Exiting."
msgstr "Error fatal. No se ha proporcionado ningún nombre de informe. Saliendo."
#: Reports.pm:489
#, perl-format
msgid ""
"Unable to get configuration info for %s.\n"
" Unable to find %s."
msgstr "No es posible conseguir la información de configuración de %s.\n No es posible encontrar %s."
#: Reports.pm:530
#, perl-format
msgid "Failed to parse: %s."
msgstr "Error al analizar: %s."
#: Reports.pm:539
#, perl-format
msgid "Fatal Error. Couldn't open %s."
msgstr "Error fatal. No es posible abrir %s."
#: Reports.pm:587
#, perl-format
msgid "Fatal Error. Can't run %s. Exiting."
msgstr "Error fatal. No es posible ejecutar %s. Saliendo."
#: Reports.pm:608
#, perl-format
msgid "Fatal Error. No directory, %s, found. Exiting."
msgstr "Error fatal. No se encuentra el directorio %s. Saliendo."
#: Reports.pm:630
#, perl-format
msgid "Fatal Error. Couldn't open %s. Exiting"
msgstr "Error fatal. No es posible abrir %s. Saliendo."
#: Reports.pm:658 Reports.pm:671 Reports.pm:681
#, perl-format
msgid "DBI Execution failed: %s"
msgstr "Error de ejecución DBI: %s"
#: Reports.pm:1434
#, perl-format
msgid "Fatal Error. getArchReport() couldn't open %s"
msgstr "Error fatal. getArchReport() no ha podido abrir %s"

201
management/yastui/src/po/fr_FR.po
View file

@ -1,201 +0,0 @@
# yast2-apparmor locale file
# Copyright (C) 2005 Novell INC.
# This file is distributed under the same license as the yast2-apparmor package.
# David Drewelow <davidd@immunix.com>, 2005.
#
msgid ""
msgstr ""
"Project-Id-Version: yast2-agents\n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2005-07-22 13:42-0700\n"
"PO-Revision-Date: 2005-08-18 12:10+0000\n"
"Last-Translator: Novell Language <language@novell.com>\n"
"Language-Team: Novell Language <language@novell.com>\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=utf-8\n"
"Content-Transfer-Encoding: 8bit\n"
#: ag_logparse:63 ag_logparse:83
msgid "Unable to open"
msgstr "Impossible d'ouvrir"
#: ag_logparse:63
msgid "Couldn't save query."
msgstr "Impossible d'enregistrer la requête."
#: ag_logparse:83
msgid "Couldn't retrieve query."
msgstr "Impossible de récupérer la requête."
#: ag_reports_confined:104
#, c-format
msgid "ag_reports_confined: Couldn't open %s for writing."
msgstr "ag_reports_confined : ouverture de %s pour écriture impossible."
#: ag_reports_confined:130
#, c-format
msgid "Failure in readMultiAudLog() - couldn't open %s."
msgstr "Échec dans readMultiAudLog() - impossible d'ouvrir %s."
#: ag_reports_confined:143
#, c-format
msgid "Problem in readMultiAudLog\\(\\) - couldn't open %s\\/%s."
msgstr "Problème dans readMultiAudLog\\(\\) - impossible d'ouvrir %s\\/%s."
#: ag_reports_confined:177
msgid "readAudLog() wasn't passed an input file."
msgstr "Aucun fichier d'entrée n'a été transmis à readAudLog()."
#: ag_reports_confined:201
#, c-format
msgid "readAudLog\\(\\) couldn't open %s."
msgstr "readAudLog\\(\\) n'a pas pu ouvrir %s."
#: ag_reports_confined:259
#, c-format
msgid "Can't run %s. Exiting."
msgstr "Exécution de %s impossible. Sortie."
#: ag_reports_ess:57
msgid "Failure in readMultiEssLog() - couldn't open"
msgstr "Échec dans readMultiEssLog() - impossible d'ouvrir"
#: ag_reports_ess:70
msgid "Problem in readMultiEssLog() - couldn't open"
msgstr "Problème dans readMultiEssLog() - impossible d'ouvrir"
#: ag_reports_ess:105
msgid "readEssLog() wasn't passed an input file."
msgstr "Aucun fichier d'entrée n'a été transmis à readEssLog()."
#: ag_reports_ess:129
msgid "readEssLog() couldn't open $logFile"
msgstr "readEssLog() n'a pas pu ouvrir $logFile"
#: ag_reports_ess:163
#, c-format
msgid "ag_logparse: Unknown instruction %s or argument: %s"
msgstr "ag_logparse : instruction %s ou argument inconnu : %s"
#: ag_reports_parse:78
#, c-format
msgid "ag_reports_parse: Couldn't open %s for writing."
msgstr "ag_reports_parse : ouverture de %s pour écriture impossible."
#: ag_reports_parse:145
msgid "ag_reports_parse: No archived reports found."
msgstr "ag_reports_parse : aucun rapport archivé n'a été trouvé."
#: ag_reports_parse:150
#, c-format
msgid "ag_reports_parse: Can't open directory %s: %s"
msgstr "ag_reports_parse : impossible d'ouvrir le répertoire %s : %s"
#: ag_reports_parse:179
#, c-format
msgid "ag_reports_parse: Unknown instruction %s or argument: %s"
msgstr "ag_reports_parse : instruction %s ou argument inconnu : %s"
#: ag_reports_sched:76
#, c-format
msgid "Couldn't find %s. Unable to create crontab. Exiting."
msgstr "%s introuvable. Impossible de créer crontab. Sortie."
#: ag_reports_sched:133 ag_reports_sched:175 ag_reports_sched:253
#: ag_reports_sched:316 ag_reports_sched:323 ag_reports_sched:387
#: ag_reports_sched:394 ag_reports_sched:477 ag_reports_sched:542
#, c-format
msgid "Couldn't open %s."
msgstr "Ouverture de %s impossible."
#: ag_reports_sched:245
#, c-format
msgid "Couldn't open %s. Unable to add report: %s"
msgstr "Ouverture de %s impossible. Impossible d'ajouter le rapport : %s"
#: ag_reports_sched:270
#, c-format
msgid "Duplicate report name not allowed. Didn't schedule new report: %s"
msgstr "La duplication d'un nom de rapport n'est pas autorisée. Le nouveau rapport n'a pas été planifié : %s"
#: ag_reports_sched:583 ag_reports_sched:590
#, c-format
msgid "Couldn't open %s. No changes performed."
msgstr "Ouverture de %s impossible. Aucun changement effectué."
#: ag_reports_sched:685
#, c-format
msgid "ag_reports_sched: Unknown instruction %s or arg: %s"
msgstr "ag_reports_sched : instruction %s ou argument inconnu : %s"
#: Reports.pm:246 Reports.pm:1328
#, perl-format
msgid "DBI Execution failed: %s."
msgstr "Échec de l'exécution de DBI : %s."
#: Reports.pm:272
#, perl-format
msgid "Couldn't open file: %s."
msgstr "Impossible d'ouvrir le fichier : %s."
#: Reports.pm:276
msgid "No type value passed. Unable to determine page count."
msgstr "Aucune valeur de type transmise. Impossible de déterminer le nombre de pages."
#: Reports.pm:346
#, perl-format
msgid "Failed copying %s."
msgstr "Échec lors de la copie de %s."
#: Reports.pm:459
#, perl-format
msgid "Export Log Error: Couldn't open %s"
msgstr "Erreur d'exportation du journal : impossible d'ouvrir %s."
#: Reports.pm:483
msgid "Fatal error. No report name given. Exiting."
msgstr "Erreur irrécupérable. Aucun nom de rapport indiqué. Sortie."
#: Reports.pm:489
#, perl-format
msgid ""
"Unable to get configuration info for %s.\n"
" Unable to find %s."
msgstr "Impossible d'obtenir les infos de configuration pour %s.\n Impossible de trouver %s."
#: Reports.pm:530
#, perl-format
msgid "Failed to parse: %s."
msgstr "Échec lors de l'analyse : %s."
#: Reports.pm:539
#, perl-format
msgid "Fatal Error. Couldn't open %s."
msgstr "Erreur irrécupérable. Ouverture de %s impossible."
#: Reports.pm:587
#, perl-format
msgid "Fatal Error. Can't run %s. Exiting."
msgstr "Erreur irrécupérable. Exécution de %s impossible. Sortie."
#: Reports.pm:608
#, perl-format
msgid "Fatal Error. No directory, %s, found. Exiting."
msgstr "Erreur irrécupérable. Aucun répertoire %s n'a été trouvé. Sortie."
#: Reports.pm:630
#, perl-format
msgid "Fatal Error. Couldn't open %s. Exiting"
msgstr "Erreur irrécupérable. Ouverture de %s impossible. Sortie."
#: Reports.pm:658 Reports.pm:671 Reports.pm:681
#, perl-format
msgid "DBI Execution failed: %s"
msgstr "Échec de l'exécution de DBI : %s"
#: Reports.pm:1434
#, perl-format
msgid "Fatal Error. getArchReport() couldn't open %s"
msgstr "Erreur irrécupérable. getArchReport() n'a pas pu ouvrir %s"

214
management/yastui/src/po/hu_HU.po
View file

@ -1,214 +0,0 @@
# yast2-apparmor locale file
# Copyright (C) 2005 Novell INC.
# This file is distributed under the same license as the yast2-apparmor package.
# David Drewelow <davidd@immunix.com>, 2005.
#
msgid ""
msgstr ""
"Project-Id-Version: yast2-apparmor\n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2005-07-22 13:42-0700\n"
"PO-Revision-Date: 2005-08-06 10:08+0100\n"
"Last-Translator: Szabolcs Varga <shirokuma@shirokuma.hu>\n"
"Language-Team: Novell language Team <LL@li.org>\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
#: ag_logparse:63
#: ag_logparse:83
msgid "Unable to open"
msgstr "Nem sikerült megnyitni"
#: ag_logparse:63
msgid "Couldn't save query."
msgstr "A lekérdezés nem menthető el."
#: ag_logparse:83
msgid "Couldn't retrieve query."
msgstr "A lekérdezés nem olvasható ki."
#: ag_reports_confined:104
#, c-format
msgid "ag_reports_confined: Couldn't open %s for writing."
msgstr "ag_reports_confined: %s nem nyitható meg írásra."
#: ag_reports_confined:130
#, c-format
msgid "Failure in readMultiAudLog() - couldn't open %s."
msgstr "Hiba a readMultiAudLog() hívásban - %s nem nyitható meg."
#: ag_reports_confined:143
#, c-format
msgid "Problem in readMultiAudLog\\(\\) - couldn't open %s\\/%s."
msgstr "Probléma a readMultiAudLog\\(\\) hívásban - %s\\/%s nem nyitható meg."
#: ag_reports_confined:177
msgid "readAudLog() wasn't passed an input file."
msgstr "A readAudLog() nem kapott bemeneti fájl paramétert."
#: ag_reports_confined:201
#, c-format
msgid "readAudLog\\(\\) couldn't open %s."
msgstr "A readAudLog\\(\\) nem tudja megnyitni a(z) %s fájlt."
#: ag_reports_confined:259
#, c-format
msgid "Can't run %s. Exiting."
msgstr "%s nem futtatható. A program leáll."
#: ag_reports_ess:57
msgid "Failure in readMultiEssLog() - couldn't open"
msgstr "Hiba a readMultiEssLog() hívásban - nem lehet megnyitni"
#: ag_reports_ess:70
msgid "Problem in readMultiEssLog() - couldn't open"
msgstr "Probléma a readMultiEssLog() hívásban - nem lehet megnyitni"
#: ag_reports_ess:105
msgid "readEssLog() wasn't passed an input file."
msgstr "A readEssLog() nem kapott bemeneti fájl paramétert."
#: ag_reports_ess:129
msgid "readEssLog() couldn't open $logFile"
msgstr "A readEssLog() nem tudja megnyitni a(z) $logFile fájlt."
#: ag_reports_ess:163
#, c-format
msgid "ag_logparse: Unknown instruction %s or argument: %s"
msgstr "ag_logparse: Ismeretlen utasítás (%s) vagy argumentum: %s"
#: ag_reports_parse:78
#, c-format
msgid "ag_reports_parse: Couldn't open %s for writing."
msgstr "ag_reports_parse: %s nem nyitható meg írásra."
#: ag_reports_parse:145
msgid "ag_reports_parse: No archived reports found."
msgstr "ag_reports_parse: Nem találhatók archivált jelentések."
#: ag_reports_parse:150
#, c-format
msgid "ag_reports_parse: Can't open directory %s: %s"
msgstr "ag_reports_parse: A(z) %s könyvtár nem nyitható meg: %s"
#: ag_reports_parse:179
#, c-format
msgid "ag_reports_parse: Unknown instruction %s or argument: %s"
msgstr "ag_reports_parse: Ismeretlen utasítás (%s) vagy argumentum: %s"
#: ag_reports_sched:76
#, c-format
msgid "Couldn't find %s. Unable to create crontab. Exiting."
msgstr "%s nem található. A crontab fájl nem hozható létre. A program leáll."
#: ag_reports_sched:133
#: ag_reports_sched:175
#: ag_reports_sched:253
#: ag_reports_sched:316
#: ag_reports_sched:323
#: ag_reports_sched:387
#: ag_reports_sched:394
#: ag_reports_sched:477
#: ag_reports_sched:542
#, c-format
msgid "Couldn't open %s."
msgstr "%s nem nyitható meg."
#: ag_reports_sched:245
#, c-format
msgid "Couldn't open %s. Unable to add report: %s"
msgstr "%s nem nyitható meg. A jelentést nem lehet felvenni: %s"
#: ag_reports_sched:270
#, c-format
msgid "Duplicate report name not allowed. Didn't schedule new report: %s"
msgstr "Két ugyanolyan nevű jelentés nem használható. Az új jelentés nem lett beütemezve: %s"
#: ag_reports_sched:583
#: ag_reports_sched:590
#, c-format
msgid "Couldn't open %s. No changes performed."
msgstr "%s nem nyitható meg. Semmilyen módosítás nem történt."
#: ag_reports_sched:685
#, c-format
msgid "ag_reports_sched: Unknown instruction %s or arg: %s"
msgstr "ag_reports_sched: Ismeretlen utasítás (%s) vagy argumentum: %s"
#: Reports.pm:246
#: Reports.pm:1328
#, perl-format
msgid "DBI Execution failed: %s."
msgstr "A DBI végrehajtása meghiúsult: %s."
#: Reports.pm:272
#, perl-format
msgid "Couldn't open file: %s."
msgstr "A fájl nem nyitható meg: %s."
#: Reports.pm:276
msgid "No type value passed. Unable to determine page count."
msgstr "Nem lett átadva típusérték. Az oldalszám nem állapítható meg."
#: Reports.pm:346
#, perl-format
msgid "Failed copying %s."
msgstr "%s másolása meghiúsult."
#: Reports.pm:459
#, perl-format
msgid "Export Log Error: Couldn't open %s"
msgstr "Exportálási napló hiba: %s nem nyitható meg"
#: Reports.pm:483
msgid "Fatal error. No report name given. Exiting."
msgstr "Végzetes hiba. A jelentés neve nem azonosítható. A program leáll."
#: Reports.pm:489
#, perl-format
msgid ""
"Unable to get configuration info for %s.\n"
" Unable to find %s."
msgstr ""
"%s konfigurációs adatai nem kérhetők le.\n"
" %s nem található."
#: Reports.pm:530
#, perl-format
msgid "Failed to parse: %s."
msgstr "Az elemzés meghiúsult: %s."
#: Reports.pm:539
#, perl-format
msgid "Fatal Error. Couldn't open %s."
msgstr "Végzetes hiba. %s nem nyitható meg."
#: Reports.pm:587
#, perl-format
msgid "Fatal Error. Can't run %s. Exiting."
msgstr "Végzetes hiba. %s nem futtatható. A program leáll."
#: Reports.pm:608
#, perl-format
msgid "Fatal Error. No directory, %s, found. Exiting."
msgstr "Végzetes hiba. %s nevű könyvtár nem található. A program leáll."
#: Reports.pm:630
#, perl-format
msgid "Fatal Error. Couldn't open %s. Exiting"
msgstr "Végzetes hiba. %s nem nyitható meg. A program leáll."
#: Reports.pm:658
#: Reports.pm:671
#: Reports.pm:681
#, perl-format
msgid "DBI Execution failed: %s"
msgstr "A DBI végrehajtása meghiúsult: %s."
#: Reports.pm:1434
#, perl-format
msgid "Fatal Error. getArchReport() couldn't open %s"
msgstr "Végzetes hiba. A getArchReport() nem tudta megnyitni a(z) %s fájlt."

202
management/yastui/src/po/it_IT.po
View file

@ -1,202 +0,0 @@
# yast2-apparmor locale file
# Copyright (C) 2005 Novell INC.
# This file is distributed under the same license as the yast2-apparmor package.
# David Drewelow <davidd@immunix.com>, 2005.
#
msgid ""
msgstr ""
"Project-Id-Version: yast2-agents\n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2005-07-22 13:42-0700\n"
"PO-Revision-Date: 2005-08-18 13:40-0000\n"
"Last-Translator: Novell Language <language@novell.com>\n"
"Language-Team: Novell Language <language@novell.com>\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=utf-8\n"
"Content-Transfer-Encoding: 8bit\n"
#: ag_logparse:63 ag_logparse:83
msgid "Unable to open"
msgstr "Impossibile aprire"
#: ag_logparse:63
msgid "Couldn't save query."
msgstr "Impossibile salvare la query."
#: ag_logparse:83
msgid "Couldn't retrieve query."
msgstr "Impossibile recuperare la query."
#: ag_reports_confined:104
#, c-format
msgid "ag_reports_confined: Couldn't open %s for writing."
msgstr "ag_reports_confined: Impossibile aprire %s per la scrittura."
#: ag_reports_confined:130
#, c-format
msgid "Failure in readMultiAudLog() - couldn't open %s."
msgstr "Errore in readMultiAudLog() - Impossibile aprire %s."
#: ag_reports_confined:143
#, c-format
msgid "Problem in readMultiAudLog\\(\\) - couldn't open %s\\/%s."
msgstr "Problema in readMultiAudLog\\(\\) - Impossibile aprire %s\\/%s."
#: ag_reports_confined:177
msgid "readAudLog() wasn't passed an input file."
msgstr "readAudLog() non ha ricevuto un file di input."
#: ag_reports_confined:201
#, c-format
msgid "readAudLog\\(\\) couldn't open %s."
msgstr "Impossibile aprire readAudLog\\(\\) %s."
#: ag_reports_confined:259
#, c-format
msgid "Can't run %s. Exiting."
msgstr "Impossibile eseguire %s. Uscita in corso."
#: ag_reports_ess:57
msgid "Failure in readMultiEssLog() - couldn't open"
msgstr "Errore in readMultiEssLog() - Apertura non riuscita"
#: ag_reports_ess:70
msgid "Problem in readMultiEssLog() - couldn't open"
msgstr "Problema in readMultiEssLog() - Apertura non riuscita"
#: ag_reports_ess:105
msgid "readEssLog() wasn't passed an input file."
msgstr "readEssLog() non ha ricevuto un file di input."
#: ag_reports_ess:129
msgid "readEssLog() couldn't open $logFile"
msgstr "readEssLog() non è riuscito ad aprire $logFile"
#: ag_reports_ess:163
#, c-format
msgid "ag_logparse: Unknown instruction %s or argument: %s"
msgstr "ag_logparse: Istruzione %s o argomento sconosciuti: %s"
#: ag_reports_parse:78
#, c-format
msgid "ag_reports_parse: Couldn't open %s for writing."
msgstr "ag_reports_parse: Impossibile aprire %s per la scrittura."
#: ag_reports_parse:145
msgid "ag_reports_parse: No archived reports found."
msgstr "ag_reports_parse: Non sono stati trovati rapporti archiviati."
#: ag_reports_parse:150
#, c-format
msgid "ag_reports_parse: Can't open directory %s: %s"
msgstr "ag_reports_parse: Impossibile aprire la directory %s: %s"
#: ag_reports_parse:179
#, c-format
msgid "ag_reports_parse: Unknown instruction %s or argument: %s"
msgstr "ag_reports_parse: Istruzione %s o argomento sconosciuti: %s"
#: ag_reports_sched:76
#, c-format
msgid "Couldn't find %s. Unable to create crontab. Exiting."
msgstr "Impossibile trovare %s. Impossibile creare crontab. Uscita in corso."
#: ag_reports_sched:133 ag_reports_sched:175 ag_reports_sched:253
#: ag_reports_sched:316 ag_reports_sched:323 ag_reports_sched:387
#: ag_reports_sched:394 ag_reports_sched:477 ag_reports_sched:542
#, c-format
msgid "Couldn't open %s."
msgstr "Impossibile aprire %s."
#: ag_reports_sched:245
#, c-format
msgid "Couldn't open %s. Unable to add report: %s"
msgstr "Impossibile aprire %s. Impossibile aggiungere un rapporto: %s"
#: ag_reports_sched:270
#, c-format
msgid "Duplicate report name not allowed. Didn't schedule new report: %s"
msgstr "Nome di rapporto duplicato non consentito. Il nuovo rapporto non è stato pianificato: %s"
#: ag_reports_sched:583 ag_reports_sched:590
#, c-format
msgid "Couldn't open %s. No changes performed."
msgstr "Impossibile aprire %s. Non sono state effettuate modifiche."
#: ag_reports_sched:685
#, c-format
msgid "ag_reports_sched: Unknown instruction %s or arg: %s"
msgstr "ag_reports_sched: Istruzione %s o argomento sconosciuti: %s"
#: Reports.pm:246 Reports.pm:1328
#, perl-format
msgid "DBI Execution failed: %s."
msgstr "Esecuzione di DBI non riuscita: %s."
#: Reports.pm:272
#, perl-format
msgid "Couldn't open file: %s."
msgstr "Impossibile aprire il file: %s."
#: Reports.pm:276
msgid "No type value passed. Unable to determine page count."
msgstr "Non è stato trasferito alcun valore tipo. Impossibile calcolare il conteggio pagine."
#: Reports.pm:346
#, perl-format
msgid "Failed copying %s."
msgstr "Impossibile copiare %s."
#: Reports.pm:459
#, perl-format
msgid "Export Log Error: Couldn't open %s"
msgstr "Errore del registro esportazioni: impossibile aprire %s"
#: Reports.pm:483
msgid "Fatal error. No report name given. Exiting."
msgstr "Errore irreversibile. Nessun nome assegnato al rapporto. Uscita in corso."
#: Reports.pm:489
#, perl-format
msgid ""
"Unable to get configuration info for %s.\n"
" Unable to find %s."
msgstr "Impossibile acquisire informazioni sulla configurazione per %s.\n Impossibile trovare %s."
#: Reports.pm:530
#, perl-format
msgid "Failed to parse: %s."
msgstr "Impossibile analizzare: %s."
#: Reports.pm:539
#, perl-format
msgid "Fatal Error. Couldn't open %s."
msgstr "Errore irreversibile. Impossibile aprire %s."
#: Reports.pm:587
#, perl-format
msgid "Fatal Error. Can't run %s. Exiting."
msgstr "Errore irreversibile. Impossibile eseguire %s. Uscita in corso."
#: Reports.pm:608
#, perl-format
msgid "Fatal Error. No directory, %s, found. Exiting."
msgstr "Errore irreversibile. Non è stata trovata nessuna directory %s. Uscita in corso."
#: Reports.pm:630
#, perl-format
msgid "Fatal Error. Couldn't open %s. Exiting"
msgstr "Errore irreversibile. Impossibile aprire %s. Uscita in corso"
#: Reports.pm:658 Reports.pm:671 Reports.pm:681
#, perl-format
msgid "DBI Execution failed: %s"
msgstr "Esecuzione di DBI non riuscita: %s"
#: Reports.pm:1434
#, perl-format
msgid "Fatal Error. getArchReport() couldn't open %s"
msgstr "Errore irreversibile. getArchReport()non è riuscito ad aprire %s"

202
management/yastui/src/po/ja_JP.po
View file

@ -1,202 +0,0 @@
# yast2-apparmor locale file
# Copyright (C) 2005 Novell INC.
# This file is distributed under the same license as the yast2-apparmor package.
# David Drewelow <davidd@immunix.com>, 2005.
#
msgid ""
msgstr ""
"Project-Id-Version: yast2-agents\n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2005-07-22 13:42-0700\n"
"PO-Revision-Date: 2005-08-18 09:52-0000\n"
"Last-Translator: Novell Language <language@novell.com>\n"
"Language-Team: Novell Language <language@novell.com>\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
#: ag_logparse:63 ag_logparse:83
msgid "Unable to open"
msgstr "開けません"
#: ag_logparse:63
msgid "Couldn't save query."
msgstr "クエリを保存できませんでした。"
#: ag_logparse:83
msgid "Couldn't retrieve query."
msgstr "クエリを検索できませんでした。"
#: ag_reports_confined:104
#, c-format
msgid "ag_reports_confined: Couldn't open %s for writing."
msgstr "ag_reports_confined: %sを開いて書き込めませんでした。"
#: ag_reports_confined:130
#, c-format
msgid "Failure in readMultiAudLog() - couldn't open %s."
msgstr "readMultiAudLog()の失敗 - %sを開けませんでした。"
#: ag_reports_confined:143
#, c-format
msgid "Problem in readMultiAudLog\\(\\) - couldn't open %s\\/%s."
msgstr "readMultiAudLog\\(\\)の問題 - %s\\/%sを開けませんでした。"
#: ag_reports_confined:177
msgid "readAudLog() wasn't passed an input file."
msgstr "readAudLog()が入力ファイルを渡せませんでした。"
#: ag_reports_confined:201
#, c-format
msgid "readAudLog\\(\\) couldn't open %s."
msgstr "readAudLog\\(\\)が%sを開けませんでした。"
#: ag_reports_confined:259
#, c-format
msgid "Can't run %s. Exiting."
msgstr "%sを実行できません。 終了中。"
#: ag_reports_ess:57
msgid "Failure in readMultiEssLog() - couldn't open"
msgstr "readMultiEssLog()の失敗 - 開けませんでした"
#: ag_reports_ess:70
msgid "Problem in readMultiEssLog() - couldn't open"
msgstr "readMultiEssLog()の問題 - 開けませんでした"
#: ag_reports_ess:105
msgid "readEssLog() wasn't passed an input file."
msgstr "readEssLog()が入力ファイルを渡せませんでした。"
#: ag_reports_ess:129
msgid "readEssLog() couldn't open $logFile"
msgstr "readEssLog()が$logFileを開けませんでした。"
#: ag_reports_ess:163
#, c-format
msgid "ag_logparse: Unknown instruction %s or argument: %s"
msgstr "ag_logparse: 不明な指示%sまたは引数: %s"
#: ag_reports_parse:78
#, c-format
msgid "ag_reports_parse: Couldn't open %s for writing."
msgstr "ag_reports_parse: %sを開いて書き込めませんでした。"
#: ag_reports_parse:145
msgid "ag_reports_parse: No archived reports found."
msgstr "ag_reports_parse: アーカイブされたリポートが見つかりませんでした。"
#: ag_reports_parse:150
#, c-format
msgid "ag_reports_parse: Can't open directory %s: %s"
msgstr "ag_reports_parse: ディレクトリ%s: %sを開けません"
#: ag_reports_parse:179
#, c-format
msgid "ag_reports_parse: Unknown instruction %s or argument: %s"
msgstr "ag_reports_parse: 不明な指示%sまたは引数: %s"
#: ag_reports_sched:76
#, c-format
msgid "Couldn't find %s. Unable to create crontab. Exiting."
msgstr "%sが見つかりませんでした。 crontabを作成できません。 終了中。"
#: ag_reports_sched:133 ag_reports_sched:175 ag_reports_sched:253
#: ag_reports_sched:316 ag_reports_sched:323 ag_reports_sched:387
#: ag_reports_sched:394 ag_reports_sched:477 ag_reports_sched:542
#, c-format
msgid "Couldn't open %s."
msgstr "%sを開けませんでした。"
#: ag_reports_sched:245
#, c-format
msgid "Couldn't open %s. Unable to add report: %s"
msgstr "%sを開けませんでした。 リポートを追加できません: %s"
#: ag_reports_sched:270
#, c-format
msgid "Duplicate report name not allowed. Didn't schedule new report: %s"
msgstr "複製リポート名は許可されません。 新しいリポートをスケジュールに入れることができません: %s"
#: ag_reports_sched:583 ag_reports_sched:590
#, c-format
msgid "Couldn't open %s. No changes performed."
msgstr "%sを開けませんでした。 変更は実行されていません。"
#: ag_reports_sched:685
#, c-format
msgid "ag_reports_sched: Unknown instruction %s or arg: %s"
msgstr "ag_reports_sched: 不明な指示%sまたは引数: %s"
#: Reports.pm:246 Reports.pm:1328
#, perl-format
msgid "DBI Execution failed: %s."
msgstr "DBIを実行できませんでした: %s。"
#: Reports.pm:272
#, perl-format
msgid "Couldn't open file: %s."
msgstr "ファイルを開けませんでした: %s。"
#: Reports.pm:276
msgid "No type value passed. Unable to determine page count."
msgstr "型の値が渡されていません。 ページ数を決定できません。"
#: Reports.pm:346
#, perl-format
msgid "Failed copying %s."
msgstr "%sのコピーに失敗しました。"
#: Reports.pm:459
#, perl-format
msgid "Export Log Error: Couldn't open %s"
msgstr "ログエラーのエクスポート: %sを開けませんでした"
#: Reports.pm:483
msgid "Fatal error. No report name given. Exiting."
msgstr "致命的エラー。 リポート名が与えられていません。 終了中。"
#: Reports.pm:489
#, perl-format
msgid ""
"Unable to get configuration info for %s.\n"
" Unable to find %s."
msgstr "%sに対する設定を取得できません。\n %sを検出できません。"
#: Reports.pm:530
#, perl-format
msgid "Failed to parse: %s."
msgstr "解析に失敗しました: %s。"
#: Reports.pm:539
#, perl-format
msgid "Fatal Error. Couldn't open %s."
msgstr "致命的エラー。 %sを開けませんでした。"
#: Reports.pm:587
#, perl-format
msgid "Fatal Error. Can't run %s. Exiting."
msgstr "致命的エラー。 %sを実行できません。 終了中。"
#: Reports.pm:608
#, perl-format
msgid "Fatal Error. No directory, %s, found. Exiting."
msgstr "致命的エラー。 ディレクトリ、%sが見つかりません。 終了中。"
#: Reports.pm:630
#, perl-format
msgid "Fatal Error. Couldn't open %s. Exiting"
msgstr "致命的エラー。 %sを開けませんでした。終了中"
#: Reports.pm:658 Reports.pm:671 Reports.pm:681
#, perl-format
msgid "DBI Execution failed: %s"
msgstr "DBIを実行できませんでした: %s"
#: Reports.pm:1434
#, perl-format
msgid "Fatal Error. getArchReport() couldn't open %s"
msgstr "致命的エラー。 getArchReport()が%sを開けませんでした"

178
management/yastui/src/po/nb_NO.po
View file

@ -1,178 +0,0 @@
# yast2-apparmor locale file
# Copyright (C) 2005 Novell INC.
# This file is distributed under the same license as the yast2-apparmor package.
# David Drewelow <davidd@immunix.com>, 2005.
# translation of yast2-agents.po to
# Olav Pettershagen <olav.pet@online.no>, 2005.
msgid ""
msgstr ""
"Project-Id-Version: yast2-agents\n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2005-07-22 13:42-0700\n"
"PO-Revision-Date: 2005-08-12 23:09+0200\n"
"Last-Translator: Olav Pettershagen <olav.pet@online.no>\n"
"Language-Team: <nb@li.org>\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
"X-Generator: KBabel 1.10.2\n"
#: ag_logparse:63 ag_logparse:83
msgid "Unable to open"
msgstr "Kan ikke åpne"
#: ag_logparse:63
msgid "Couldn't save query."
msgstr "Kunne ikke lagre forespørsel."
#: ag_logparse:83
msgid "Couldn't retrieve query."
msgstr "Kunne ikke hente forespørsel."
#: ag_reports_confined:104
msgid "ag_reports_confined: Couldn't open %s for writing."
msgstr "ag_reports_confined: Kunne ikke åpne %s for lagring."
#: ag_reports_confined:130
msgid "Failure in readMultiAudLog() - couldn't open %s."
msgstr "Feil i readMultiAudLog() - kunne ikke åpne %s."
#: ag_reports_confined:143
msgid "Problem in readMultiAudLog\\(\\) - couldn't open %s\\/%s."
msgstr "Problem i readMultiAudLog\\(\\) - kunne ikke åpne %s\\/%s."
#: ag_reports_confined:177
msgid "readAudLog() wasn't passed an input file."
msgstr "Ingen fil sendt til readAudLog()."
#: ag_reports_confined:201
msgid "readAudLog\\(\\) couldn't open %s."
msgstr "readAudLog\\(\\) kunne ikke åpne %s."
#: ag_reports_confined:259
msgid "Can't run %s. Exiting."
msgstr "Kan ikke kjøre %s. Avslutter."
#: ag_reports_ess:57
msgid "Failure in readMultiEssLog() - couldn't open"
msgstr "Feil i readMultiEssLog() - kunne ikke åpne"
#: ag_reports_ess:70
msgid "Problem in readMultiEssLog() - couldn't open"
msgstr "Problem i readMultiEssLog() - kunne ikke åpne"
#: ag_reports_ess:105
msgid "readEssLog() wasn't passed an input file."
msgstr "Ingen fil sendt til readEssLog()."
#: ag_reports_ess:129
msgid "readEssLog() couldn't open $logFile"
msgstr "readEssLog() kunne ikke åpne $logFile"
#: ag_reports_ess:163
msgid "ag_logparse: Unknown instruction %s or argument: %s"
msgstr "ag_logparse: Ukjent instruksjon %s eller argument: %s"
#: ag_reports_parse:78
msgid "ag_reports_parse: Couldn't open %s for writing."
msgstr "ag_reports_parse: Kunne ikke åpne %s for lagring."
#: ag_reports_parse:145
msgid "ag_reports_parse: No archived reports found."
msgstr "ag_reports_parse: Ingen arkiverte rapporter funnet."
#: ag_reports_parse:150
msgid "ag_reports_parse: Can't open directory %s: %s"
msgstr "ag_reports_parse: Kan ikke åpne katalog %s: %s"
#: ag_reports_parse:179
msgid "ag_reports_parse: Unknown instruction %s or argument: %s"
msgstr "ag_reports_parse: Ukjent instruksjon %s eller argument: %s"
#: ag_reports_sched:76
msgid "Couldn't find %s. Unable to create crontab. Exiting."
msgstr "Kunne ikke finne %s. Kan ikke opprette crontab. Avslutter."
#: ag_reports_sched:133 ag_reports_sched:175 ag_reports_sched:253
#: ag_reports_sched:316 ag_reports_sched:323 ag_reports_sched:387
#: ag_reports_sched:394 ag_reports_sched:477 ag_reports_sched:542
msgid "Couldn't open %s."
msgstr "Kunne ikke åpne %s."
#: ag_reports_sched:245
msgid "Couldn't open %s. Unable to add report: %s"
msgstr "Kunne ikke åpne %s. Kan ikke legge til rapport: %s"
#: ag_reports_sched:270
msgid "Duplicate report name not allowed. Didn't schedule new report: %s"
msgstr "Duplisert rapportnavn ikke tillatt. Ingen ny rapport planlagt: %s"
#: ag_reports_sched:583 ag_reports_sched:590
msgid "Couldn't open %s. No changes performed."
msgstr "Kunne ikke åpne %s. Ingen endringer utført."
#: ag_reports_sched:685
msgid "ag_reports_sched: Unknown instruction %s or arg: %s"
msgstr "ag_reports_sched: Ukjent instruksjon %s eller arg: %s"
#: Reports.pm:246 Reports.pm:1328
msgid "DBI Execution failed: %s."
msgstr "DBI Kjøring mislyktes: %s."
#: Reports.pm:272
msgid "Couldn't open file: %s."
msgstr "Kunne ikke åpne filen: %s."
#: Reports.pm:276
msgid "No type value passed. Unable to determine page count."
msgstr "Ingen typeverdi sendt. Kan ikke avgjøre sideantall."
#: Reports.pm:346
msgid "Failed copying %s."
msgstr "Feil under kopiering av %s."
#: Reports.pm:459
msgid "Export Log Error: Couldn't open %s"
msgstr "Feil under loggeksport: Kunne ikke åpne %s"
#: Reports.pm:483
msgid "Fatal error. No report name given. Exiting."
msgstr "Fatal feil. Rapportnavn ikke angitt. Avslutter."
#: Reports.pm:489
msgid ""
"Unable to get configuration info for %s.\n"
" Unable to find %s."
msgstr ""
"Kan ikke hente konfigurasjonsinfo for %s.\n"
" Kan ikke finne %s."
#: Reports.pm:530
msgid "Failed to parse: %s."
msgstr "Kunnne ikke analysere: %s."
#: Reports.pm:539
msgid "Fatal Error. Couldn't open %s."
msgstr "Fatal feil. Kunne ikke åpne %s."
#: Reports.pm:587
msgid "Fatal Error. Can't run %s. Exiting."
msgstr "Fatal feil. Kan ikke kjøre %s. Avslutter."
#: Reports.pm:608
msgid "Fatal Error. No directory, %s, found. Exiting."
msgstr "Fatal feil. Katalogen %s ikke funnet. Avslutter."
#: Reports.pm:630
msgid "Fatal Error. Couldn't open %s. Exiting"
msgstr "Fatal feil. Kunne ikke åpne %s. Avslutter"
#: Reports.pm:658 Reports.pm:671 Reports.pm:681
msgid "DBI Execution failed: %s"
msgstr "DBI-kjøring mislyktes: %s"
#: Reports.pm:1434
msgid "Fatal Error. getArchReport() couldn't open %s"
msgstr "Fatal feil. getArchReport() kunne ikke åpne %s"

202
management/yastui/src/po/pt_BR.po
View file

@ -1,202 +0,0 @@
# yast2-apparmor locale file
# Copyright (C) 2005 Novell INC.
# This file is distributed under the same license as the yast2-apparmor package.
# David Drewelow <davidd@immunix.com>, 2005.
#
msgid ""
msgstr ""
"Project-Id-Version: yast2-agents\n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2005-07-22 13:42-0700\n"
"PO-Revision-Date: 2005-08-18 15:50+0000\n"
"Last-Translator: Novell Language <language@novell.com>\n"
"Language-Team: Novell Language <language@novell.com>\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=utf-8\n"
"Content-Transfer-Encoding: 8bit\n"
#: ag_logparse:63 ag_logparse:83
msgid "Unable to open"
msgstr "Impossível abrir"
#: ag_logparse:63
msgid "Couldn't save query."
msgstr "Impossível gravar a consulta."
#: ag_logparse:83
msgid "Couldn't retrieve query."
msgstr "Impossível recuperar a consulta."
#: ag_reports_confined:104
#, c-format
msgid "ag_reports_confined: Couldn't open %s for writing."
msgstr "ag_reports_confined: Impossível abrir %s para gravação."
#: ag_reports_confined:130
#, c-format
msgid "Failure in readMultiAudLog() - couldn't open %s."
msgstr "Falha em readMultiAudLog() - impossível abrir %s."
#: ag_reports_confined:143
#, c-format
msgid "Problem in readMultiAudLog\\(\\) - couldn't open %s\\/%s."
msgstr "Problema em readMultiAudLog\\(\\) - impossível abrir %s\\/%s."
#: ag_reports_confined:177
msgid "readAudLog() wasn't passed an input file."
msgstr "Não foi passado um arquivo de entrada para readAudLog()."
#: ag_reports_confined:201
#, c-format
msgid "readAudLog\\(\\) couldn't open %s."
msgstr "readAudLog\\(\\) não pôde abrir %s."
#: ag_reports_confined:259
#, c-format
msgid "Can't run %s. Exiting."
msgstr "Impossível executar %s. Saindo."
#: ag_reports_ess:57
msgid "Failure in readMultiEssLog() - couldn't open"
msgstr "Falha em readMultiEssLog() - impossível abrir"
#: ag_reports_ess:70
msgid "Problem in readMultiEssLog() - couldn't open"
msgstr "Problema em readMultiEssLog() - impossível abrir"
#: ag_reports_ess:105
msgid "readEssLog() wasn't passed an input file."
msgstr "Não foi passado um arquivo de entrada para readEssLog()."
#: ag_reports_ess:129
msgid "readEssLog() couldn't open $logFile"
msgstr "readEssLog() não pôde abrir $logFile"
#: ag_reports_ess:163
#, c-format
msgid "ag_logparse: Unknown instruction %s or argument: %s"
msgstr "ag_logparse: Instrução %s ou argumento desconhecido(a): %s"
#: ag_reports_parse:78
#, c-format
msgid "ag_reports_parse: Couldn't open %s for writing."
msgstr "ag_reports_parse: Impossível abrir %s para gravação."
#: ag_reports_parse:145
msgid "ag_reports_parse: No archived reports found."
msgstr "ag_reports_parse: Nenhum relatório arquivado localizado."
#: ag_reports_parse:150
#, c-format
msgid "ag_reports_parse: Can't open directory %s: %s"
msgstr "ag_reports_parse: Impossível abrir diretório %s: %s"
#: ag_reports_parse:179
#, c-format
msgid "ag_reports_parse: Unknown instruction %s or argument: %s"
msgstr "ag_reports_parse: Instrução %s ou argumento desconhecido(a): %s"
#: ag_reports_sched:76
#, c-format
msgid "Couldn't find %s. Unable to create crontab. Exiting."
msgstr "Impossível localizar %s. Impossível criar crontab. Saindo."
#: ag_reports_sched:133 ag_reports_sched:175 ag_reports_sched:253
#: ag_reports_sched:316 ag_reports_sched:323 ag_reports_sched:387
#: ag_reports_sched:394 ag_reports_sched:477 ag_reports_sched:542
#, c-format
msgid "Couldn't open %s."
msgstr "Impossível abrir %s."
#: ag_reports_sched:245
#, c-format
msgid "Couldn't open %s. Unable to add report: %s"
msgstr "Impossível abrir %s. Impossível adicionar relatório: %s"
#: ag_reports_sched:270
#, c-format
msgid "Duplicate report name not allowed. Didn't schedule new report: %s"
msgstr "Nome de relatório duplicado não permitido. Novo relatório não programado: %s"
#: ag_reports_sched:583 ag_reports_sched:590
#, c-format
msgid "Couldn't open %s. No changes performed."
msgstr "Impossível abrir %s. Nenhuma mudança executada."
#: ag_reports_sched:685
#, c-format
msgid "ag_reports_sched: Unknown instruction %s or arg: %s"
msgstr "ag_reports_sched: Instrução %s ou argumento desconhecido(a): %s"
#: Reports.pm:246 Reports.pm:1328
#, perl-format
msgid "DBI Execution failed: %s."
msgstr "Falha na execução de DBI: %s."
#: Reports.pm:272
#, perl-format
msgid "Couldn't open file: %s."
msgstr "Impossível abrir arquivo: %s."
#: Reports.pm:276
msgid "No type value passed. Unable to determine page count."
msgstr "Nenhum valor de tipo foi passado. Impossível determinar a contagem de páginas."
#: Reports.pm:346
#, perl-format
msgid "Failed copying %s."
msgstr "Falha ao copiar %s."
#: Reports.pm:459
#, perl-format
msgid "Export Log Error: Couldn't open %s"
msgstr "Erro de Log de Exportação: Impossível abrir %s"
#: Reports.pm:483
msgid "Fatal error. No report name given. Exiting."
msgstr "Erro fatal. Nenhum nome de relatório fornecido. Saindo."
#: Reports.pm:489
#, perl-format
msgid ""
"Unable to get configuration info for %s.\n"
" Unable to find %s."
msgstr "Impossível obter informações de configuração para %s.\n Impossível localizar %s."
#: Reports.pm:530
#, perl-format
msgid "Failed to parse: %s."
msgstr "Falha ao analisar: %s."
#: Reports.pm:539
#, perl-format
msgid "Fatal Error. Couldn't open %s."
msgstr "Erro Fatal. Impossível abrir %s."
#: Reports.pm:587
#, perl-format
msgid "Fatal Error. Can't run %s. Exiting."
msgstr "Erro Fatal. Impossível executar %s. Saindo."
#: Reports.pm:608
#, perl-format
msgid "Fatal Error. No directory, %s, found. Exiting."
msgstr "Erro Fatal. Nenhum diretório, %s, localizado. Saindo."
#: Reports.pm:630
#, perl-format
msgid "Fatal Error. Couldn't open %s. Exiting"
msgstr "Erro Fatal. Impossível abrir %s. Saindo."
#: Reports.pm:658 Reports.pm:671 Reports.pm:681
#, perl-format
msgid "DBI Execution failed: %s"
msgstr "Falha na execução de DBI: %s"
#: Reports.pm:1434
#, perl-format
msgid "Fatal Error. getArchReport() couldn't open %s"
msgstr "Erro fatal. getArchReport() não pôde abrir %s"

204
management/yastui/src/po/pt_PT.po
View file

@ -1,204 +0,0 @@
# yast2-apparmor locale file
# Copyright (C) 2005 Novell INC.
# This file is distributed under the same license as the yast2-apparmor package.
# David Drewelow <davidd@immunix.com>, 2005.
# translation of yast2-agents.pt.po to portuguese
# Antonio Cardoso Martins <digiplan@netvisao.pt>, 2005.
msgid ""
msgstr ""
"Project-Id-Version: yast2-agents.pt\n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2005-07-22 13:42-0700\n"
"PO-Revision-Date: 2005-08-07 01:14+0100\n"
"Last-Translator: Antonio Cardoso Martins <digiplan@netvisao.pt>\n"
"Language-Team: portuguese\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
"X-Generator: KBabel 1.10\n"
#: ag_logparse:63 ag_logparse:83
msgid "Unable to open"
msgstr "Não foi possíve abrir"
#: ag_logparse:63
msgid "Couldn't save query."
msgstr "Não foi possível gravar a pergunta."
#: ag_logparse:83
msgid "Couldn't retrieve query."
msgstr "Não foi possíve obter a pergunta."
#: ag_reports_confined:104
#, c-format
msgid "ag_reports_confined: Couldn't open %s for writing."
msgstr "ag_reports_confined: Não foi possíve abrir %s para escrita."
#: ag_reports_confined:130
#, c-format
msgid "Failure in readMultiAudLog() - couldn't open %s."
msgstr "Falah em readMultiAudLog() - não foi possível abrir %s."
#: ag_reports_confined:143
#, c-format
msgid "Problem in readMultiAudLog\\(\\) - couldn't open %s\\/%s."
msgstr "Problema em readMultiAudLog\\(\\) - não foi possível abrir %s\\/%s."
#: ag_reports_confined:177
msgid "readAudLog() wasn't passed an input file."
msgstr "radAudLog() não foi fornecido um ficheiro de entrada."
#: ag_reports_confined:201
#, c-format
msgid "readAudLog\\(\\) couldn't open %s."
msgstr "readAudLog\\(\\) não foi possível abrir %s."
#: ag_reports_confined:259
#, c-format
msgid "Can't run %s. Exiting."
msgstr "Não foi possível executar %s. A sair."
#: ag_reports_ess:57
msgid "Failure in readMultiEssLog() - couldn't open"
msgstr "Falha em readMultiEssLog() . não foi possível abrir"
#: ag_reports_ess:70
msgid "Problem in readMultiEssLog() - couldn't open"
msgstr "Problema em readMultiEssLog() - não foi possível abrir"
#: ag_reports_ess:105
msgid "readEssLog() wasn't passed an input file."
msgstr "readEssLog() não foi fornecido um ficheiro de entrada."
#: ag_reports_ess:129
msgid "readEssLog() couldn't open $logFile"
msgstr "readEssLog() não foi possível abrir $logFile"
#: ag_reports_ess:163
#, c-format
msgid "ag_logparse: Unknown instruction %s or argument: %s"
msgstr "ag_logparse: Instrução %s ou argumento desconhecidos: %s"
#: ag_reports_parse:78
#, c-format
msgid "ag_reports_parse: Couldn't open %s for writing."
msgstr "ag_reports_parse: Não foi possível abrir %s para escrita."
#: ag_reports_parse:145
msgid "ag_reports_parse: No archived reports found."
msgstr "ag_reports_parse: Não foram encontrados relatórios arquivados."
#: ag_reports_parse:150
#, c-format
msgid "ag_reports_parse: Can't open directory %s: %s"
msgstr "ag_reports_parse: Não foi possível abrir o directório %s: %s"
#: ag_reports_parse:179
#, c-format
msgid "ag_reports_parse: Unknown instruction %s or argument: %s"
msgstr "ag_reports_parse: Instrução %s ou argumento desconhecidos: %s"
#: ag_reports_sched:76
#, c-format
msgid "Couldn't find %s. Unable to create crontab. Exiting."
msgstr "Não foi possível encontrar %s. Não foi possível criar o crontab. A sair."
#: ag_reports_sched:133 ag_reports_sched:175 ag_reports_sched:253
#: ag_reports_sched:316 ag_reports_sched:323 ag_reports_sched:387
#: ag_reports_sched:394 ag_reports_sched:477 ag_reports_sched:542
#, c-format
msgid "Couldn't open %s."
msgstr "Não foi possível abrir %s."
#: ag_reports_sched:245
#, c-format
msgid "Couldn't open %s. Unable to add report: %s"
msgstr "Não foi possível abrir %s. Incapaz de adicionar relatório: %s"
#: ag_reports_sched:270
#, c-format
msgid "Duplicate report name not allowed. Didn't schedule new report: %s"
msgstr "Não é permitido um nome duplicado de relatório. Não foi agendado novo relatório: %s"
#: ag_reports_sched:583 ag_reports_sched:590
#, c-format
msgid "Couldn't open %s. No changes performed."
msgstr "Não foi possível abrir %s. Não foram realizadas alterações."
#: ag_reports_sched:685
#, c-format
msgid "ag_reports_sched: Unknown instruction %s or arg: %s"
msgstr "ag_reports_sched: Instrucção %s ou argumento desconhecidos: %s"
#: Reports.pm:246 Reports.pm:1328
#, perl-format
msgid "DBI Execution failed: %s."
msgstr "Falhou a execução de DBI: %s."
#: Reports.pm:272
#, perl-format
msgid "Couldn't open file: %s."
msgstr "Não foi possível abrir o ficheiro: %s."
#: Reports.pm:276
msgid "No type value passed. Unable to determine page count."
msgstr "Não foi passado o valor do tipo. Não foi possível determinar a contagem de páginas."
#: Reports.pm:346
#, perl-format
msgid "Failed copying %s."
msgstr "Falhou a cópia de %s."
#: Reports.pm:459
#, perl-format
msgid "Export Log Error: Couldn't open %s"
msgstr "Erro no Registo Diário de Exportação: Não foi possível abrir %s"
#: Reports.pm:483
msgid "Fatal error. No report name given. Exiting."
msgstr "Erro fatal. Não foi dado um nome para o relatório. A sair."
#: Reports.pm:489
#, perl-format
msgid ""
"Unable to get configuration info for %s.\n"
" Unable to find %s."
msgstr ""
"Não foi possível obter a informação de configuração para %s.\n"
" Não foi possível encontrar %s."
#: Reports.pm:530
#, perl-format
msgid "Failed to parse: %s."
msgstr "Falha na interpretação: %s."
#: Reports.pm:539
#, perl-format
msgid "Fatal Error. Couldn't open %s."
msgstr "Erro Fatal. Não foi possível abrir %s."
#: Reports.pm:587
#, perl-format
msgid "Fatal Error. Can't run %s. Exiting."
msgstr "Erro Fatal. Não foi possível executar %s. A sair."
#: Reports.pm:608
#, perl-format
msgid "Fatal Error. No directory, %s, found. Exiting."
msgstr "Erro Fatal. Não foi encontrado o directório %s. A sair."
#: Reports.pm:630
#, perl-format
msgid "Fatal Error. Couldn't open %s. Exiting"
msgstr "Erro Fatal. Não foi possível abrir %s. A sair"
#: Reports.pm:658 Reports.pm:671 Reports.pm:681
#, perl-format
msgid "DBI Execution failed: %s"
msgstr "Falhou a execução de DBI: %s"
#: Reports.pm:1434
#, perl-format
msgid "Fatal Error. getArchReport() couldn't open %s"
msgstr "Erro Fatal. getArchReport() não foi possível abrir %s"

202
management/yastui/src/po/zh_CN.po
View file

@ -1,202 +0,0 @@
# yast2-apparmor locale file
# Copyright (C) 2005 Novell INC.
# This file is distributed under the same license as the yast2-apparmor package.
# David Drewelow <davidd@immunix.com>, 2005.
#
msgid ""
msgstr ""
"Project-Id-Version: apparmor\n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2005-07-22 13:42-0700\n"
"PO-Revision-Date: 2005-08-19 HO:MI+ZONE\n"
"Last-Translator: Novell Language <language@novell.com>\n"
"Language-Team: Novell Language <language@novell.com>\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
#: ag_logparse:63 ag_logparse:83
msgid "Unable to open"
msgstr "无法打开"
#: ag_logparse:63
msgid "Couldn't save query."
msgstr "无法保存查询。"
#: ag_logparse:83
msgid "Couldn't retrieve query."
msgstr "无法检索查询。"
#: ag_reports_confined:104
#, c-format
msgid "ag_reports_confined: Couldn't open %s for writing."
msgstr "ag_reports_confined无法打开 %s 以写入。"
#: ag_reports_confined:130
#, c-format
msgid "Failure in readMultiAudLog() - couldn't open %s."
msgstr "readMultiAudLog() 中的故障 无法打开 %s。"
#: ag_reports_confined:143
#, c-format
msgid "Problem in readMultiAudLog\\(\\) - couldn't open %s\\/%s."
msgstr "readMultiAudLog\\(\\) 中的问题 无法打开 %s\\/%s。"
#: ag_reports_confined:177
msgid "readAudLog() wasn't passed an input file."
msgstr "readAudLog() 没有传递输入文件。"
#: ag_reports_confined:201
#, c-format
msgid "readAudLog\\(\\) couldn't open %s."
msgstr "readAudLog\\(\\) 无法打开 %s。"
#: ag_reports_confined:259
#, c-format
msgid "Can't run %s. Exiting."
msgstr "无法运行 %s。正在退出。"
#: ag_reports_ess:57
msgid "Failure in readMultiEssLog() - couldn't open"
msgstr "readMultiEssLog() 中的故障 无法打开"
#: ag_reports_ess:70
msgid "Problem in readMultiEssLog() - couldn't open"
msgstr "readMultiEssLog() 中的问题 无法打开"
#: ag_reports_ess:105
msgid "readEssLog() wasn't passed an input file."
msgstr "readEssLog() 没有传递输入文件。"
#: ag_reports_ess:129
msgid "readEssLog() couldn't open $logFile"
msgstr "readEssLog() 无法打开 $logFile"
#: ag_reports_ess:163
#, c-format
msgid "ag_logparse: Unknown instruction %s or argument: %s"
msgstr "ag_logparse未知指令 %s 或自变量:%s"
#: ag_reports_parse:78
#, c-format
msgid "ag_reports_parse: Couldn't open %s for writing."
msgstr "ag_reports_parse无法打开 %s 以写入。"
#: ag_reports_parse:145
msgid "ag_reports_parse: No archived reports found."
msgstr "ag_reports_parse未找到存档报告。"
#: ag_reports_parse:150
#, c-format
msgid "ag_reports_parse: Can't open directory %s: %s"
msgstr "ag_reports_parse无法打开目录 %s%s"
#: ag_reports_parse:179
#, c-format
msgid "ag_reports_parse: Unknown instruction %s or argument: %s"
msgstr "ag_reports_parse未知指令 %s 或自变量:%s"
#: ag_reports_sched:76
#, c-format
msgid "Couldn't find %s. Unable to create crontab. Exiting."
msgstr "找不到 %s。无法创建 crontab。正在退出。"
#: ag_reports_sched:133 ag_reports_sched:175 ag_reports_sched:253
#: ag_reports_sched:316 ag_reports_sched:323 ag_reports_sched:387
#: ag_reports_sched:394 ag_reports_sched:477 ag_reports_sched:542
#, c-format
msgid "Couldn't open %s."
msgstr "无法打开 %s。"
#: ag_reports_sched:245
#, c-format
msgid "Couldn't open %s. Unable to add report: %s"
msgstr "无法打开 %s。无法添加报告%s"
#: ag_reports_sched:270
#, c-format
msgid "Duplicate report name not allowed. Didn't schedule new report: %s"
msgstr "不允许使用重复的报告名。没有安排新报告:%s"
#: ag_reports_sched:583 ag_reports_sched:590
#, c-format
msgid "Couldn't open %s. No changes performed."
msgstr "无法打开 %s。没有执行更改。"
#: ag_reports_sched:685
#, c-format
msgid "ag_reports_sched: Unknown instruction %s or arg: %s"
msgstr "ag_reports_sched未知指令 %s 或自变量:%s"
#: Reports.pm:246 Reports.pm:1328
#, perl-format
msgid "DBI Execution failed: %s."
msgstr "DBI 执行失败:%s。"
#: Reports.pm:272
#, perl-format
msgid "Couldn't open file: %s."
msgstr "无法打开文件:%s."
#: Reports.pm:276
msgid "No type value passed. Unable to determine page count."
msgstr "没有传递类型值。无法确定页数。"
#: Reports.pm:346
#, perl-format
msgid "Failed copying %s."
msgstr "未能复制 %s。"
#: Reports.pm:459
#, perl-format
msgid "Export Log Error: Couldn't open %s"
msgstr "导出日志错误:无法打开 %s"
#: Reports.pm:483
msgid "Fatal error. No report name given. Exiting."
msgstr "致命错误。没有给定报告名。正在退出。"
#: Reports.pm:489
#, perl-format
msgid ""
"Unable to get configuration info for %s.\n"
" Unable to find %s."
msgstr "无法获取 %s 的配置信息。\n 无法找到 %s。"
#: Reports.pm:530
#, perl-format
msgid "Failed to parse: %s."
msgstr "未能对 %s 进行语法分析."
#: Reports.pm:539
#, perl-format
msgid "Fatal Error. Couldn't open %s."
msgstr "致命错误。无法打开 %s。"
#: Reports.pm:587
#, perl-format
msgid "Fatal Error. Can't run %s. Exiting."
msgstr "致命错误。无法运行 %s。正在退出。"
#: Reports.pm:608
#, perl-format
msgid "Fatal Error. No directory, %s, found. Exiting."
msgstr "致命错误。未找到目录 %s。正在退出。"
#: Reports.pm:630
#, perl-format
msgid "Fatal Error. Couldn't open %s. Exiting"
msgstr "致命错误。无法打开 %s。正在退出"
#: Reports.pm:658 Reports.pm:671 Reports.pm:681
#, perl-format
msgid "DBI Execution failed: %s"
msgstr "DBI 执行失败:%s"
#: Reports.pm:1434
#, perl-format
msgid "Fatal Error. getArchReport() couldn't open %s"
msgstr "致命错误。getArchReport() 无法打开 %s"

202
management/yastui/src/po/zh_TW.po
View file

@ -1,202 +0,0 @@
# yast2-apparmor locale file
# Copyright (C) 2005 Novell INC.
# This file is distributed under the same license as the yast2-apparmor package.
# David Drewelow <davidd@immunix.com>, 2005.
#
msgid ""
msgstr ""
"Project-Id-Version: apparmor\n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2005-07-22 13:42-0701\n"
"PO-Revision-Date: 2005-08-18 13:42-0701\n"
"Last-Translator: Novell Language <language@novell.com>\n"
"Language-Team: Novell Language <language@novell.com>\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
#: ag_logparse:63 ag_logparse:83
msgid "Unable to open"
msgstr "無法開啟"
#: ag_logparse:63
msgid "Couldn't save query."
msgstr "無法儲存查詢。"
#: ag_logparse:83
msgid "Couldn't retrieve query."
msgstr "無法擷取查詢。"
#: ag_reports_confined:104
#, c-format
msgid "ag_reports_confined: Couldn't open %s for writing."
msgstr "ag_reports_confined無法開啟 %s 進行寫入。"
#: ag_reports_confined:130
#, c-format
msgid "Failure in readMultiAudLog() - couldn't open %s."
msgstr "readMultiAudLog() 發生錯誤 - 無法開啟 %s。"
#: ag_reports_confined:143
#, c-format
msgid "Problem in readMultiAudLog\\(\\) - couldn't open %s\\/%s."
msgstr "readMultiAudLog\\(\\) 發生問題 - 無法開啟 %s\\/%s。"
#: ag_reports_confined:177
msgid "readAudLog() wasn't passed an input file."
msgstr "readAudLog() 並未傳遞至輸入檔案。"
#: ag_reports_confined:201
#, c-format
msgid "readAudLog\\(\\) couldn't open %s."
msgstr "readAudLog\\(\\) 無法開啟 %s。"
#: ag_reports_confined:259
#, c-format
msgid "Can't run %s. Exiting."
msgstr "無法執行 %s。正在離開。"
#: ag_reports_ess:57
msgid "Failure in readMultiEssLog() - couldn't open"
msgstr "readMultiEssLog() 發生錯誤 - 無法開啟"
#: ag_reports_ess:70
msgid "Problem in readMultiEssLog() - couldn't open"
msgstr "readMultiEssLog() 發生錯誤 - 無法開啟"
#: ag_reports_ess:105
msgid "readEssLog() wasn't passed an input file."
msgstr "readEssLog() 並未傳遞至輸入檔案。"
#: ag_reports_ess:129
msgid "readEssLog() couldn't open $logFile"
msgstr "readEssLog() 無法開啟 $logFile"
#: ag_reports_ess:163
#, c-format
msgid "ag_logparse: Unknown instruction %s or argument: %s"
msgstr "ag_logparse未知的指示 %s 或引數:%s"
#: ag_reports_parse:78
#, c-format
msgid "ag_reports_parse: Couldn't open %s for writing."
msgstr "ag_reports_parse無法開啟 %s 進行寫入。"
#: ag_reports_parse:145
msgid "ag_reports_parse: No archived reports found."
msgstr "ag_reports_parse找不到已歸檔報告。"
#: ag_reports_parse:150
#, c-format
msgid "ag_reports_parse: Can't open directory %s: %s"
msgstr "ag_reports_parse無法開啟目錄 %s%s"
#: ag_reports_parse:179
#, c-format
msgid "ag_reports_parse: Unknown instruction %s or argument: %s"
msgstr "ag_reports_parse未知的指示 %s 或引數:%s"
#: ag_reports_sched:76
#, c-format
msgid "Couldn't find %s. Unable to create crontab. Exiting."
msgstr "找不到 %s。無法建立 crontab。正在離開。"
#: ag_reports_sched:133 ag_reports_sched:175 ag_reports_sched:253
#: ag_reports_sched:316 ag_reports_sched:323 ag_reports_sched:387
#: ag_reports_sched:394 ag_reports_sched:477 ag_reports_sched:542
#, c-format
msgid "Couldn't open %s."
msgstr "無法開啟 %s。"
#: ag_reports_sched:245
#, c-format
msgid "Couldn't open %s. Unable to add report: %s"
msgstr "無法開啟 %s。無法新增報告%s"
#: ag_reports_sched:270
#, c-format
msgid "Duplicate report name not allowed. Didn't schedule new report: %s"
msgstr "不允許重複的報告名稱。未排程新報告:%s"
#: ag_reports_sched:583 ag_reports_sched:590
#, c-format
msgid "Couldn't open %s. No changes performed."
msgstr "無法開啟 %s。未執行任何變更。"
#: ag_reports_sched:685
#, c-format
msgid "ag_reports_sched: Unknown instruction %s or arg: %s"
msgstr "ag_reports_sched未知的指示 %s 或引數:%s"
#: Reports.pm:246 Reports.pm:1328
#, perl-format
msgid "DBI Execution failed: %s."
msgstr "DBI 執行失敗:%s."
#: Reports.pm:272
#, perl-format
msgid "Couldn't open file: %s."
msgstr "無法開啟檔案:%s."
#: Reports.pm:276
msgid "No type value passed. Unable to determine page count."
msgstr "未傳遞類別值。無法判斷頁數。"
#: Reports.pm:346
#, perl-format
msgid "Failed copying %s."
msgstr "複製 %s 失敗。"
#: Reports.pm:459
#, perl-format
msgid "Export Log Error: Couldn't open %s"
msgstr "匯出記錄錯誤:無法開啟 %s"
#: Reports.pm:483
msgid "Fatal error. No report name given. Exiting."
msgstr "嚴重錯誤。未取得報告名稱。正在離開。"
#: Reports.pm:489
#, perl-format
msgid ""
"Unable to get configuration info for %s.\n"
" Unable to find %s."
msgstr "無法取得 %s 的組態資訊。\n 無法尋找 %s。"
#: Reports.pm:530
#, perl-format
msgid "Failed to parse: %s."
msgstr "剖析失敗:%s."
#: Reports.pm:539
#, perl-format
msgid "Fatal Error. Couldn't open %s."
msgstr "嚴重錯誤。無法開啟 %s。"
#: Reports.pm:587
#, perl-format
msgid "Fatal Error. Can't run %s. Exiting."
msgstr "嚴重錯誤。無法執行 %s。正在離開。"
#: Reports.pm:608
#, perl-format
msgid "Fatal Error. No directory, %s, found. Exiting."
msgstr "嚴重錯誤。找不到目錄 %s。正在離開。"
#: Reports.pm:630
#, perl-format
msgid "Fatal Error. Couldn't open %s. Exiting"
msgstr "嚴重錯誤。無法開啟 %s。正在離開"
#: Reports.pm:658 Reports.pm:671 Reports.pm:681
#, perl-format
msgid "DBI Execution failed: %s"
msgstr "DBI 執行失敗:%s"
#: Reports.pm:1434
#, perl-format
msgid "Fatal Error. getArchReport() couldn't open %s"
msgstr "嚴重錯誤。getArchReport() 無法開啟 %s"

3
management/yastui/src/scrconf/complain.scr
View file

@ -1,3 +0,0 @@
.complain
`ag_complain ()

3
management/yastui/src/scrconf/genprof.scr
View file

@ -1,3 +0,0 @@
.genprof
`ag_genprof ()

53
management/yastui/src/scrconf/logparse.scr
View file

@ -1,53 +0,0 @@
/**
* File:
* target.scr
* Summary:
* SCR Agent for interfacing with (shell) commands of the target system
* and reading/writing files.
* Access:
* read/write/execute
* Authors:
* Unknown <yast2-hacker@suse.de>
* See:
* libscr
* man bash
* source/y2a_system/doc/systemagent.txt
* Example:
* Execute (.target.bash, "uname -a")
* (0)
**
* Execute (.target.bash_output, "uname -a")
* (
* $[
* "exit":0,
* "stderr":"",
* "stdout":"Linux steiner 2.2.18 #1 Fri Jan 19 22:10:35 GMT 2001 i686 unknown\n"
* ]
* )
**
* Read(.target.dir, "/")
* (["usr", "tmp", "floppy", "var", "root", "opt", "home", "etc", ...])
**
* Write(.target.string, "/tmp/target.1", "Some Test\n")
* (true)
**
* Read(.target.string, "/tmp/target.1")
* ("Some Test\n")
*
* $Id: logparse.scr 3715 2005-01-19 09:06:05Z sarnold $
*
* <p>The target-agent is used for various actions on the target system.</p>
*
* <p>The Execute Interface can be used to execute some predefined commands
* like mount, umount, mkdir, remove, modprobe ... or arbitrary commands
* using the bash, bash_output or bash_background.</p>
*
* <p>The Read and Write interface can be used to access the target
* filesystem, most prominent reading or writing whole files using the
* "string" subpath.</p>
*
* <p>For more information see the agent's own documentation.</p>
*/
.logparse
`ag_logparse ()

3
management/yastui/src/scrconf/logprof.scr
View file

@ -1,3 +0,0 @@
.logprof
`ag_logprof ()

Some files were not shown because too many files have changed in this diff Show more