|
 |
06cdf6 |
diff -up firewalld-0.3.9/src/firewall/server/firewalld.py.RHBZ#1061809 firewalld-0.3.9/src/firewall/server/firewalld.py
|
|
|
06cdf6 |
--- firewalld-0.3.9/src/firewall/server/firewalld.py.RHBZ#1061809 2014-09-30 02:47:38.392358853 +0200
|
|
|
06cdf6 |
+++ firewalld-0.3.9/src/firewall/server/firewalld.py 2014-09-30 02:48:16.012487112 +0200
|
|
|
06cdf6 |
@@ -403,7 +403,7 @@ class FirewallD(slip.dbus.service.Object
|
|
|
06cdf6 |
self.fw.policies.disable_lockdown()
|
|
|
06cdf6 |
self.LockdownDisabled()
|
|
|
06cdf6 |
|
|
|
06cdf6 |
- @slip.dbus.polkit.require_auth(PK_ACTION_POLICIES)
|
|
|
06cdf6 |
+ @slip.dbus.polkit.require_auth(PK_ACTION_INFO)
|
|
|
06cdf6 |
@dbus_service_method(DBUS_INTERFACE_POLICIES, in_signature='',
|
|
|
06cdf6 |
out_signature='b')
|
|
|
06cdf6 |
@dbus_handle_exceptions
|
|
|
06cdf6 |
@@ -454,7 +454,7 @@ class FirewallD(slip.dbus.service.Object
|
|
|
06cdf6 |
self.fw.policies.lockdown_whitelist.remove_command(command)
|
|
|
06cdf6 |
self.LockdownWhitelistCommandRemoved(command)
|
|
|
06cdf6 |
|
|
|
06cdf6 |
- @slip.dbus.polkit.require_auth(PK_ACTION_POLICIES)
|
|
|
06cdf6 |
+ @slip.dbus.polkit.require_auth(PK_ACTION_INFO)
|
|
|
06cdf6 |
@dbus_service_method(DBUS_INTERFACE_POLICIES, in_signature='s',
|
|
|
06cdf6 |
out_signature='b')
|
|
|
06cdf6 |
@dbus_handle_exceptions
|
|
|
06cdf6 |
@@ -466,7 +466,7 @@ class FirewallD(slip.dbus.service.Object
|
|
|
06cdf6 |
# no access check here
|
|
|
06cdf6 |
return self.fw.policies.lockdown_whitelist.has_command(command)
|
|
|
06cdf6 |
|
|
|
06cdf6 |
- @slip.dbus.polkit.require_auth(PK_ACTION_POLICIES)
|
|
|
06cdf6 |
+ @slip.dbus.polkit.require_auth(PK_ACTION_INFO)
|
|
|
06cdf6 |
@dbus_service_method(DBUS_INTERFACE_POLICIES, in_signature='',
|
|
|
06cdf6 |
out_signature='as')
|
|
|
06cdf6 |
@dbus_handle_exceptions
|
|
|
06cdf6 |
@@ -515,7 +515,7 @@ class FirewallD(slip.dbus.service.Object
|
|
|
06cdf6 |
self.fw.policies.lockdown_whitelist.remove_uid(uid)
|
|
|
06cdf6 |
self.LockdownWhitelistUidRemoved(uid)
|
|
|
06cdf6 |
|
|
|
06cdf6 |
- @slip.dbus.polkit.require_auth(PK_ACTION_POLICIES)
|
|
|
06cdf6 |
+ @slip.dbus.polkit.require_auth(PK_ACTION_INFO)
|
|
|
06cdf6 |
@dbus_service_method(DBUS_INTERFACE_POLICIES, in_signature='i',
|
|
|
06cdf6 |
out_signature='b')
|
|
|
06cdf6 |
@dbus_handle_exceptions
|
|
|
06cdf6 |
@@ -527,7 +527,7 @@ class FirewallD(slip.dbus.service.Object
|
|
|
06cdf6 |
# no access check here
|
|
|
06cdf6 |
return self.fw.policies.lockdown_whitelist.has_uid(uid)
|
|
|
06cdf6 |
|
|
|
06cdf6 |
- @slip.dbus.polkit.require_auth(PK_ACTION_POLICIES)
|
|
|
06cdf6 |
+ @slip.dbus.polkit.require_auth(PK_ACTION_INFO)
|
|
|
06cdf6 |
@dbus_service_method(DBUS_INTERFACE_POLICIES, in_signature='',
|
|
|
06cdf6 |
out_signature='ai')
|
|
|
06cdf6 |
@dbus_handle_exceptions
|
|
|
06cdf6 |
@@ -576,7 +576,7 @@ class FirewallD(slip.dbus.service.Object
|
|
|
06cdf6 |
self.fw.policies.lockdown_whitelist.remove_user(user)
|
|
|
06cdf6 |
self.LockdownWhitelistUserRemoved(user)
|
|
|
06cdf6 |
|
|
|
06cdf6 |
- @slip.dbus.polkit.require_auth(PK_ACTION_POLICIES)
|
|
|
06cdf6 |
+ @slip.dbus.polkit.require_auth(PK_ACTION_INFO)
|
|
|
06cdf6 |
@dbus_service_method(DBUS_INTERFACE_POLICIES, in_signature='s',
|
|
|
06cdf6 |
out_signature='b')
|
|
|
06cdf6 |
@dbus_handle_exceptions
|
|
|
06cdf6 |
@@ -588,7 +588,7 @@ class FirewallD(slip.dbus.service.Object
|
|
|
06cdf6 |
# no access check here
|
|
|
06cdf6 |
return self.fw.policies.lockdown_whitelist.has_user(user)
|
|
|
06cdf6 |
|
|
|
06cdf6 |
- @slip.dbus.polkit.require_auth(PK_ACTION_POLICIES)
|
|
|
06cdf6 |
+ @slip.dbus.polkit.require_auth(PK_ACTION_INFO)
|
|
|
06cdf6 |
@dbus_service_method(DBUS_INTERFACE_POLICIES, in_signature='',
|
|
|
06cdf6 |
out_signature='as')
|
|
|
06cdf6 |
@dbus_handle_exceptions
|
|
|
06cdf6 |
@@ -637,7 +637,7 @@ class FirewallD(slip.dbus.service.Object
|
|
|
06cdf6 |
self.fw.policies.lockdown_whitelist.remove_context(context)
|
|
|
06cdf6 |
self.LockdownWhitelistContextRemoved(context)
|
|
|
06cdf6 |
|
|
|
06cdf6 |
- @slip.dbus.polkit.require_auth(PK_ACTION_POLICIES)
|
|
|
06cdf6 |
+ @slip.dbus.polkit.require_auth(PK_ACTION_INFO)
|
|
|
06cdf6 |
@dbus_service_method(DBUS_INTERFACE_POLICIES, in_signature='s',
|
|
|
06cdf6 |
out_signature='b')
|
|
|
06cdf6 |
@dbus_handle_exceptions
|
|
|
06cdf6 |
@@ -649,7 +649,7 @@ class FirewallD(slip.dbus.service.Object
|
|
|
06cdf6 |
# no access check here
|
|
|
06cdf6 |
return self.fw.policies.lockdown_whitelist.has_context(context)
|
|
|
06cdf6 |
|
|
|
06cdf6 |
- @slip.dbus.polkit.require_auth(PK_ACTION_POLICIES)
|
|
|
06cdf6 |
+ @slip.dbus.polkit.require_auth(PK_ACTION_INFO)
|
|
|
06cdf6 |
@dbus_service_method(DBUS_INTERFACE_POLICIES, in_signature='',
|
|
|
06cdf6 |
out_signature='as')
|
|
|
06cdf6 |
@dbus_handle_exceptions
|
|
|
06cdf6 |
@@ -869,7 +869,7 @@ class FirewallD(slip.dbus.service.Object
|
|
|
06cdf6 |
return zone
|
|
|
06cdf6 |
return ""
|
|
|
06cdf6 |
|
|
|
06cdf6 |
- @slip.dbus.polkit.require_auth(PK_ACTION_CONFIG)
|
|
|
06cdf6 |
+ @slip.dbus.polkit.require_auth(PK_ACTION_INFO)
|
|
|
06cdf6 |
@dbus_service_method(DBUS_INTERFACE_ZONE, in_signature='s',
|
|
|
06cdf6 |
out_signature='b')
|
|
|
06cdf6 |
@dbus_handle_exceptions
|
|
|
06cdf6 |
@@ -946,7 +946,7 @@ class FirewallD(slip.dbus.service.Object
|
|
|
06cdf6 |
self.InterfaceRemoved(_zone, interface)
|
|
|
06cdf6 |
return _zone
|
|
|
06cdf6 |
|
|
|
06cdf6 |
- @slip.dbus.polkit.require_auth(PK_ACTION_CONFIG)
|
|
|
06cdf6 |
+ @slip.dbus.polkit.require_auth(PK_ACTION_INFO)
|
|
|
06cdf6 |
@dbus_service_method(DBUS_INTERFACE_ZONE, in_signature='ss',
|
|
|
06cdf6 |
out_signature='b')
|
|
|
06cdf6 |
@dbus_handle_exceptions
|
|
|
06cdf6 |
@@ -959,7 +959,7 @@ class FirewallD(slip.dbus.service.Object
|
|
|
06cdf6 |
log.debug1("zone.queryInterface('%s', '%s')" % (zone, interface))
|
|
|
06cdf6 |
return self.fw.zone.query_interface(zone, interface)
|
|
|
06cdf6 |
|
|
|
06cdf6 |
- @slip.dbus.polkit.require_auth(PK_ACTION_CONFIG)
|
|
|
06cdf6 |
+ @slip.dbus.polkit.require_auth(PK_ACTION_INFO)
|
|
|
06cdf6 |
@dbus_service_method(DBUS_INTERFACE_ZONE, in_signature='s',
|
|
|
06cdf6 |
out_signature='as')
|
|
|
06cdf6 |
@dbus_handle_exceptions
|
|
|
06cdf6 |
@@ -1053,7 +1053,7 @@ class FirewallD(slip.dbus.service.Object
|
|
|
06cdf6 |
self.SourceRemoved(_zone, source)
|
|
|
06cdf6 |
return _zone
|
|
|
06cdf6 |
|
|
|
06cdf6 |
- @slip.dbus.polkit.require_auth(PK_ACTION_CONFIG)
|
|
|
06cdf6 |
+ @slip.dbus.polkit.require_auth(PK_ACTION_INFO)
|
|
|
06cdf6 |
@dbus_service_method(DBUS_INTERFACE_ZONE, in_signature='ss',
|
|
|
06cdf6 |
out_signature='b')
|
|
|
06cdf6 |
@dbus_handle_exceptions
|
|
|
06cdf6 |
@@ -1066,7 +1066,7 @@ class FirewallD(slip.dbus.service.Object
|
|
|
06cdf6 |
log.debug1("zone.querySource('%s', '%s')" % (zone, source))
|
|
|
06cdf6 |
return self.fw.zone.query_source(zone, source)
|
|
|
06cdf6 |
|
|
|
06cdf6 |
- @slip.dbus.polkit.require_auth(PK_ACTION_CONFIG)
|
|
|
06cdf6 |
+ @slip.dbus.polkit.require_auth(PK_ACTION_INFO)
|
|
|
06cdf6 |
@dbus_service_method(DBUS_INTERFACE_ZONE, in_signature='s',
|
|
|
06cdf6 |
out_signature='as')
|
|
|
06cdf6 |
@dbus_handle_exceptions
|
|
|
06cdf6 |
@@ -1143,7 +1143,7 @@ class FirewallD(slip.dbus.service.Object
|
|
|
06cdf6 |
self.RichRuleRemoved(_zone, rule)
|
|
|
06cdf6 |
return _zone
|
|
|
06cdf6 |
|
|
|
06cdf6 |
- @slip.dbus.polkit.require_auth(PK_ACTION_CONFIG)
|
|
|
06cdf6 |
+ @slip.dbus.polkit.require_auth(PK_ACTION_INFO)
|
|
|
06cdf6 |
@dbus_service_method(DBUS_INTERFACE_ZONE, in_signature='ss',
|
|
|
06cdf6 |
out_signature='b')
|
|
|
06cdf6 |
@dbus_handle_exceptions
|
|
|
06cdf6 |
@@ -1155,7 +1155,7 @@ class FirewallD(slip.dbus.service.Object
|
|
|
06cdf6 |
obj = Rich_Rule(rule_str=rule)
|
|
|
06cdf6 |
return self.fw.zone.query_rule(zone, obj)
|
|
|
06cdf6 |
|
|
|
06cdf6 |
- @slip.dbus.polkit.require_auth(PK_ACTION_CONFIG)
|
|
|
06cdf6 |
+ @slip.dbus.polkit.require_auth(PK_ACTION_INFO)
|
|
|
06cdf6 |
@dbus_service_method(DBUS_INTERFACE_ZONE, in_signature='s',
|
|
|
06cdf6 |
out_signature='as')
|
|
|
06cdf6 |
@dbus_handle_exceptions
|
|
|
06cdf6 |
@@ -1227,7 +1227,7 @@ class FirewallD(slip.dbus.service.Object
|
|
|
06cdf6 |
self.ServiceRemoved(_zone, service)
|
|
|
06cdf6 |
return _zone
|
|
|
06cdf6 |
|
|
|
06cdf6 |
- @slip.dbus.polkit.require_auth(PK_ACTION_CONFIG)
|
|
|
06cdf6 |
+ @slip.dbus.polkit.require_auth(PK_ACTION_INFO)
|
|
|
06cdf6 |
@dbus_service_method(DBUS_INTERFACE_ZONE, in_signature='ss',
|
|
|
06cdf6 |
out_signature='b')
|
|
|
06cdf6 |
@dbus_handle_exceptions
|
|
|
06cdf6 |
@@ -1238,7 +1238,7 @@ class FirewallD(slip.dbus.service.Object
|
|
|
06cdf6 |
log.debug1("zone.queryService('%s', '%s')" % (zone, service))
|
|
|
06cdf6 |
return self.fw.zone.query_service(zone, service)
|
|
|
06cdf6 |
|
|
|
06cdf6 |
- @slip.dbus.polkit.require_auth(PK_ACTION_CONFIG)
|
|
|
06cdf6 |
+ @slip.dbus.polkit.require_auth(PK_ACTION_INFO)
|
|
|
06cdf6 |
@dbus_service_method(DBUS_INTERFACE_ZONE, in_signature='s',
|
|
|
06cdf6 |
out_signature='as')
|
|
|
06cdf6 |
@dbus_handle_exceptions
|
|
|
06cdf6 |
@@ -1314,7 +1314,7 @@ class FirewallD(slip.dbus.service.Object
|
|
|
06cdf6 |
self.PortRemoved(_zone, port, protocol)
|
|
|
06cdf6 |
return _zone
|
|
|
06cdf6 |
|
|
|
06cdf6 |
- @slip.dbus.polkit.require_auth(PK_ACTION_CONFIG)
|
|
|
06cdf6 |
+ @slip.dbus.polkit.require_auth(PK_ACTION_INFO)
|
|
|
06cdf6 |
@dbus_service_method(DBUS_INTERFACE_ZONE, in_signature='sss',
|
|
|
06cdf6 |
out_signature='b')
|
|
|
06cdf6 |
@dbus_handle_exceptions
|
|
|
06cdf6 |
@@ -1326,7 +1326,7 @@ class FirewallD(slip.dbus.service.Object
|
|
|
06cdf6 |
log.debug1("zone.queryPort('%s', '%s', '%s')" % (zone, port, protocol))
|
|
|
06cdf6 |
return self.fw.zone.query_port(zone, port, protocol)
|
|
|
06cdf6 |
|
|
|
06cdf6 |
- @slip.dbus.polkit.require_auth(PK_ACTION_CONFIG)
|
|
|
06cdf6 |
+ @slip.dbus.polkit.require_auth(PK_ACTION_INFO)
|
|
|
06cdf6 |
@dbus_service_method(DBUS_INTERFACE_ZONE, in_signature='s',
|
|
|
06cdf6 |
out_signature='aas')
|
|
|
06cdf6 |
@dbus_handle_exceptions
|
|
|
06cdf6 |
@@ -1395,7 +1395,7 @@ class FirewallD(slip.dbus.service.Object
|
|
|
06cdf6 |
self.MasqueradeRemoved(_zone)
|
|
|
06cdf6 |
return _zone
|
|
|
06cdf6 |
|
|
|
06cdf6 |
- @slip.dbus.polkit.require_auth(PK_ACTION_CONFIG)
|
|
|
06cdf6 |
+ @slip.dbus.polkit.require_auth(PK_ACTION_INFO)
|
|
|
06cdf6 |
@dbus_service_method(DBUS_INTERFACE_ZONE, in_signature='s',
|
|
|
06cdf6 |
out_signature='b')
|
|
|
06cdf6 |
@dbus_handle_exceptions
|
|
|
06cdf6 |
@@ -1476,7 +1476,7 @@ class FirewallD(slip.dbus.service.Object
|
|
|
06cdf6 |
self.ForwardPortRemoved(_zone, port, protocol, toport, toaddr)
|
|
|
06cdf6 |
return _zone
|
|
|
06cdf6 |
|
|
|
06cdf6 |
- @slip.dbus.polkit.require_auth(PK_ACTION_CONFIG)
|
|
|
06cdf6 |
+ @slip.dbus.polkit.require_auth(PK_ACTION_INFO)
|
|
|
06cdf6 |
@dbus_service_method(DBUS_INTERFACE_ZONE, in_signature='sssss',
|
|
|
06cdf6 |
out_signature='b')
|
|
|
06cdf6 |
@dbus_handle_exceptions
|
|
|
06cdf6 |
@@ -1493,7 +1493,7 @@ class FirewallD(slip.dbus.service.Object
|
|
|
06cdf6 |
return self.fw.zone.query_forward_port(zone, port, protocol, toport,
|
|
|
06cdf6 |
toaddr)
|
|
|
06cdf6 |
|
|
|
06cdf6 |
- @slip.dbus.polkit.require_auth(PK_ACTION_CONFIG)
|
|
|
06cdf6 |
+ @slip.dbus.polkit.require_auth(PK_ACTION_INFO)
|
|
|
06cdf6 |
@dbus_service_method(DBUS_INTERFACE_ZONE, in_signature='s',
|
|
|
06cdf6 |
out_signature='aas')
|
|
|
06cdf6 |
@dbus_handle_exceptions
|
|
|
06cdf6 |
@@ -1566,7 +1566,7 @@ class FirewallD(slip.dbus.service.Object
|
|
|
06cdf6 |
self.IcmpBlockRemoved(_zone, icmp)
|
|
|
06cdf6 |
return _zone
|
|
|
06cdf6 |
|
|
|
06cdf6 |
- @slip.dbus.polkit.require_auth(PK_ACTION_CONFIG)
|
|
|
06cdf6 |
+ @slip.dbus.polkit.require_auth(PK_ACTION_INFO)
|
|
|
06cdf6 |
@dbus_service_method(DBUS_INTERFACE_ZONE, in_signature='ss',
|
|
|
06cdf6 |
out_signature='b')
|
|
|
06cdf6 |
@dbus_handle_exceptions
|
|
|
06cdf6 |
@@ -1577,7 +1577,7 @@ class FirewallD(slip.dbus.service.Object
|
|
|
06cdf6 |
log.debug1("zone.queryIcmpBlock('%s', '%s')" % (zone, icmp))
|
|
|
06cdf6 |
return self.fw.zone.query_icmp_block(zone, icmp)
|
|
|
06cdf6 |
|
|
|
06cdf6 |
- @slip.dbus.polkit.require_auth(PK_ACTION_CONFIG)
|
|
|
06cdf6 |
+ @slip.dbus.polkit.require_auth(PK_ACTION_INFO)
|
|
|
06cdf6 |
@dbus_service_method(DBUS_INTERFACE_ZONE, in_signature='s',
|
|
|
06cdf6 |
out_signature='as')
|
|
|
06cdf6 |
@dbus_handle_exceptions
|
|
|
06cdf6 |
@@ -1634,7 +1634,7 @@ class FirewallD(slip.dbus.service.Object
|
|
|
06cdf6 |
self.fw.direct.remove_chain(ipv, table, chain)
|
|
|
06cdf6 |
self.ChainRemoved(ipv, table, chain)
|
|
|
06cdf6 |
|
|
|
06cdf6 |
- @slip.dbus.polkit.require_auth(PK_ACTION_DIRECT)
|
|
|
06cdf6 |
+ @slip.dbus.polkit.require_auth(PK_ACTION_INFO)
|
|
|
06cdf6 |
@dbus_service_method(DBUS_INTERFACE_DIRECT, in_signature='sss',
|
|
|
06cdf6 |
out_signature='b')
|
|
|
06cdf6 |
@dbus_handle_exceptions
|
|
|
06cdf6 |
@@ -1646,7 +1646,7 @@ class FirewallD(slip.dbus.service.Object
|
|
|
06cdf6 |
log.debug1("direct.queryChain('%s', '%s', '%s')" % (ipv, table, chain))
|
|
|
06cdf6 |
return self.fw.direct.query_chain(ipv, table, chain)
|
|
|
06cdf6 |
|
|
|
06cdf6 |
- @slip.dbus.polkit.require_auth(PK_ACTION_DIRECT)
|
|
|
06cdf6 |
+ @slip.dbus.polkit.require_auth(PK_ACTION_INFO)
|
|
|
06cdf6 |
@dbus_service_method(DBUS_INTERFACE_DIRECT, in_signature='ss',
|
|
|
06cdf6 |
out_signature='as')
|
|
|
06cdf6 |
@dbus_handle_exceptions
|
|
|
06cdf6 |
@@ -1657,7 +1657,7 @@ class FirewallD(slip.dbus.service.Object
|
|
|
06cdf6 |
log.debug1("direct.getChains('%s', '%s')" % (ipv, table))
|
|
|
06cdf6 |
return self.fw.direct.get_chains(ipv, table)
|
|
|
06cdf6 |
|
|
|
06cdf6 |
- @slip.dbus.polkit.require_auth(PK_ACTION_DIRECT)
|
|
|
06cdf6 |
+ @slip.dbus.polkit.require_auth(PK_ACTION_INFO)
|
|
|
06cdf6 |
@dbus_service_method(DBUS_INTERFACE_DIRECT, in_signature='',
|
|
|
06cdf6 |
out_signature='a(sss)')
|
|
|
06cdf6 |
@dbus_handle_exceptions
|
|
|
06cdf6 |
@@ -1729,7 +1729,7 @@ class FirewallD(slip.dbus.service.Object
|
|
|
06cdf6 |
self.fw.direct.remove_rule(ipv, table, chain, priority, args)
|
|
|
06cdf6 |
self.RuleRemoved(ipv, table, chain, priority, args)
|
|
|
06cdf6 |
|
|
|
06cdf6 |
- @slip.dbus.polkit.require_auth(PK_ACTION_DIRECT)
|
|
|
06cdf6 |
+ @slip.dbus.polkit.require_auth(PK_ACTION_INFO)
|
|
|
06cdf6 |
@dbus_service_method(DBUS_INTERFACE_DIRECT, in_signature='sssias',
|
|
|
06cdf6 |
out_signature='b')
|
|
|
06cdf6 |
@dbus_handle_exceptions
|
|
|
06cdf6 |
@@ -1744,7 +1744,7 @@ class FirewallD(slip.dbus.service.Object
|
|
|
06cdf6 |
(table, chain, priority, "','".join(args)))
|
|
|
06cdf6 |
return self.fw.direct.query_rule(ipv, table, chain, priority, args)
|
|
|
06cdf6 |
|
|
|
06cdf6 |
- @slip.dbus.polkit.require_auth(PK_ACTION_DIRECT)
|
|
|
06cdf6 |
+ @slip.dbus.polkit.require_auth(PK_ACTION_INFO)
|
|
|
06cdf6 |
@dbus_service_method(DBUS_INTERFACE_DIRECT, in_signature='sss',
|
|
|
06cdf6 |
out_signature='a(ias)')
|
|
|
06cdf6 |
@dbus_handle_exceptions
|
|
|
06cdf6 |
@@ -1756,7 +1756,7 @@ class FirewallD(slip.dbus.service.Object
|
|
|
06cdf6 |
log.debug1("direct.getRules('%s', '%s', '%s')" % (ipv, table, chain))
|
|
|
06cdf6 |
return self.fw.direct.get_rules(ipv, table, chain)
|
|
|
06cdf6 |
|
|
|
06cdf6 |
- @slip.dbus.polkit.require_auth(PK_ACTION_DIRECT)
|
|
|
06cdf6 |
+ @slip.dbus.polkit.require_auth(PK_ACTION_INFO)
|
|
|
06cdf6 |
@dbus_service_method(DBUS_INTERFACE_DIRECT, in_signature='',
|
|
|
06cdf6 |
out_signature='a(sssias)')
|
|
|
06cdf6 |
@dbus_handle_exceptions
|