-
Notifications
You must be signed in to change notification settings - Fork 44
/
security.rb
152 lines (131 loc) · 3.61 KB
/
security.rb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
# ------------------------------------------------------------------------------
# Copyright (c) 2017 SUSE LLC
#
#
# This program is free software; you can redistribute it and/or modify it under
# the terms of version 2 of the GNU General Public License as published by the
# Free Software Foundation.
#
# This program is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
# FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License along with
# this program; if not, contact SUSE.
#
# To contact SUSE about this file by physical or electronic mail, you may find
# current contact information at www.suse.com.
# ------------------------------------------------------------------------------
require "yast"
require "cwm/dialog"
require "installation/widgets/lsm"
require "installation/widgets/polkit_default_priv"
Yast.import "Hostname"
Yast.import "Mode"
module Installation
module Dialogs
# Dialog for security proposal configuration
class Security < CWM::Dialog
def initialize(settings)
super()
textdomain "installation"
@settings = settings
end
def title
_("Security Configuration")
end
def contents
# lazy require to avoid build dependency on firewall
require "y2firewall/widgets/proposal"
# lazy require to avoid build dependency on bootloader
require "bootloader/grub2_widgets"
left_col = [firewall_frame, polkit_frame]
right_col = [cpu_frame]
right_col << lsm_frame if lsm_configurable?
HBox(
HStretch(),
VBox(
VStretch(),
*left_col,
VStretch()
),
HStretch(),
VBox(
VStretch(),
*right_col,
VStretch()
),
HStretch()
)
end
def abort_button
""
end
def back_button
# do not show back button when running on running system. See CWM::Dialog.back_button
Yast::Mode.installation ? nil : ""
end
def next_button
Yast::Mode.installation ? Yast::Label.OKButton : Yast::Label.FinishButton
end
def disable_buttons
[:abort]
end
protected
# Hostname of the current system.
#
# Getting the hostname is sometimes a little bit slow, so the value is
# cached to be reused in every dialog redraw
#
# @return [String]
def hostname
@hostname ||= Yast::Hostname.CurrentHostname
end
def should_open_dialog?
true
end
def lsm_configurable?
@settings.lsm_config.configurable?
end
def firewall_frame
frame(
_("Firewall and SSH service"),
Y2Firewall::Widgets::FirewallSSHProposal.new(@settings)
)
end
def polkit_frame
frame(
_("PolicyKit"),
Widgets::PolkitDefaultPriv.new(@settings)
)
end
def cpu_frame
frame(
_("CPU"),
::Bootloader::CpuMitigationsWidget.new
)
end
def lsm_frame
frame(
_("Major Linux Security Module"),
Widgets::LSM.new(@settings)
)
end
def frame(label, widget)
Left(
Frame(
label,
MarginBox(
0.5,
0.5,
HBox(
widget,
HStretch()
)
)
)
)
end
end
end
end