diff --git a/fapolicy_analyzer/ui/policy_rules_admin_page.py b/fapolicy_analyzer/ui/policy_rules_admin_page.py index 5e96d2f89..16e6482b6 100644 --- a/fapolicy_analyzer/ui/policy_rules_admin_page.py +++ b/fapolicy_analyzer/ui/policy_rules_admin_page.py @@ -39,6 +39,8 @@ GROUPS_LABEL, OPEN_FILE_LABEL, PARSE_EVENT_LOG_ERROR_MSG, + SYSLOG_FORMAT_WARNING, + TIME_FORMAT_CONFIG_TITLE, USER_LABEL, USERS_LABEL, ) @@ -50,10 +52,25 @@ gi.require_version("Gtk", "3.0") from gi.repository import Gtk # isort: skip -import datetime import time +def time_format_config_dlg(): + + dlgTimeFormatConfig = Gtk.Dialog( + title=TIME_FORMAT_CONFIG_TITLE + ) + dlgTimeFormatConfig.add_buttons(Gtk.STOCK_OK, Gtk.ResponseType.OK) + + label = Gtk.Label(label=SYSLOG_FORMAT_WARNING) + hbox = dlgTimeFormatConfig.get_content_area() + label.set_justify(Gtk.Justification.LEFT) + hbox.add(label) + dlgTimeFormatConfig.show_all() + dlgTimeFormatConfig.run() + dlgTimeFormatConfig.destroy() + + class PolicyRulesAdminPage(UIConnectedWidget, UIPage): def __init__(self, use_syslog: bool = False, audit_file: Optional[str] = None): UIConnectedWidget.__init__( @@ -137,7 +154,7 @@ def __init__(self, use_syslog: bool = False, audit_file: Optional[str] = None): self._time_delay = -1 self.__time_unit = "2" self.__time_number = 1 - + self.when_none = 0 self.__switchers = [ self.Switcher( self.get_object("userPanel"), @@ -385,6 +402,7 @@ def __populate_objects(self): or self.__selection_state["group"] is not None ): last_subject = self.__selection_state["subjects"][-1] + self.when_none = any([e.when() is None for e in self.__log.by_subject(last_subject)]) data = list( { e.object.file: {e.rule_id: e.object} @@ -447,8 +465,7 @@ def exec_primary_data_func(): ): self.__events_loading = False self.__log = eventsState.log - utc = int(datetime.datetime.utcnow().timestamp()) - tzdelta = int(time.time()) - utc + tzdelta = int(time.localtime().tm_gmtoff) if self._time_delay < 0: self.__log.begin(int(time.time()) + tzdelta - 3600) else: @@ -557,6 +574,9 @@ def on_timeSelectBtn_clicked(self, *args): def plural(count): return "s" if count > 1 else "" + if self.when_none: + time_format_config_dlg() + time_dialog = TimeSelectDialog() time_dialog.set_time_unit(self.__time_unit) time_dialog.set_time_number(self.__time_number) diff --git a/fapolicy_analyzer/ui/strings.py b/fapolicy_analyzer/ui/strings.py index 73cb89646..d093da3e9 100644 --- a/fapolicy_analyzer/ui/strings.py +++ b/fapolicy_analyzer/ui/strings.py @@ -212,3 +212,13 @@ ACCESS_ALLOWED_TOOLTIP = _("File access fully allowed") ACCESS_PARTIAL_TOOLTIP = _("File access partially allowed") ACCESS_DENIED_TOOLTIP = _("File access denied") +TIME_FORMAT_CONFIG_TITLE = _("Syslog Format Check") +SYSLOG_FORMAT_WARNING = _( + """ +No event time found, time filtering will not work. +Please update /etc/rsyslog.conf then restart the syslog service. + +regexp: "RSYSLOG_TraditionalFileFormat" +replace: "RSYSLOG_FileFormat" + """ +) diff --git a/locale/fapolicy-analyzer.pot b/locale/fapolicy-analyzer.pot index 34c3536e4..62f21a033 100644 --- a/locale/fapolicy-analyzer.pot +++ b/locale/fapolicy-analyzer.pot @@ -7,9 +7,9 @@ #, fuzzy msgid "" msgstr "" -"Project-Id-Version: fapolicy-analyzer 0.0.0+402.gdbfc0a6.dirty\n" +"Project-Id-Version: fapolicy-analyzer 0.0.0+371.g14d3f45.dirty\n" "Report-Msgid-Bugs-To: EMAIL@ADDRESS\n" -"POT-Creation-Date: 2023-02-28 09:14-0500\n" +"POT-Creation-Date: 2023-05-04 09:04-0700\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME \n" "Language-Team: LANGUAGE \n" @@ -19,7 +19,7 @@ msgstr "" "Generated-By: Babel 2.11.0\n" #: fapolicy_analyzer/ui/ancillary_trust_database_admin.py:116 -#: fapolicy_analyzer/ui/system_trust_database_admin.py:135 +#: fapolicy_analyzer/ui/system_trust_database_admin.py:138 msgid "" "File: {trust.path}\n" "Size: {trust.size}\n" @@ -27,7 +27,7 @@ msgid "" msgstr "" #: fapolicy_analyzer/ui/ancillary_trust_database_admin.py:126 -#: fapolicy_analyzer/ui/system_trust_database_admin.py:144 +#: fapolicy_analyzer/ui/system_trust_database_admin.py:147 msgid "" "{fs.stat(trust.path)}\n" "SHA256: {fs.sha(trust.path)}" @@ -56,7 +56,7 @@ msgstr "" msgid "Reverting to previous settings in {i+1} seconds" msgstr "" -#: fapolicy_analyzer/ui/main_window.py:276 +#: fapolicy_analyzer/ui/main_window.py:302 msgid "" "An error occurred trying to open the session file, " "{self.strSessionFilename}" @@ -120,6 +120,7 @@ msgstr "" msgid "Rule" msgstr "" +#: fapolicy_analyzer/glade/main_window.glade:159 #: fapolicy_analyzer/ui/strings.py:37 msgid "Rules" msgstr "" @@ -193,6 +194,7 @@ msgid "Ancillary Trust Database" msgstr "" #: fapolicy_analyzer/glade/ancillary_trust_database_admin.glade:60 +#: fapolicy_analyzer/glade/main_window.glade:150 #: fapolicy_analyzer/glade/trust_reconciliation_dialog.glade:41 #: fapolicy_analyzer/ui/strings.py:74 msgid "Trust" @@ -498,12 +500,27 @@ msgstr "" msgid "File access denied" msgstr "" -#: fapolicy_analyzer/ui/trust_file_list.py:165 +#: fapolicy_analyzer/ui/strings.py:215 +msgid "Syslog Format Check" +msgstr "" + +#: fapolicy_analyzer/ui/strings.py:216 +msgid "" +"\n" +"No event time found, time filtering will not work.\n" +"Please update /etc/rsyslog.conf then restart the syslog service.\n" +"\n" +"regexp: \"RSYSLOG_TraditionalFileFormat\"\n" +"replace: \"RSYSLOG_FileFormat\"\n" +" " +msgstr "" + +#: fapolicy_analyzer/ui/trust_file_list.py:170 #, python-format msgid "Loading trust {pct}% complete..." msgstr "" -#: fapolicy_analyzer/ui/operations/deploy_changesets_op.py:159 +#: fapolicy_analyzer/ui/operations/deploy_changesets_op.py:143 msgid "Deploy Changes" msgstr "" @@ -519,23 +536,6 @@ msgstr "" msgid "informational message(s)" msgstr "" -#: fapolicy_analyzer/glade/analyzer_selection_dialog.glade:41 -msgid "Scan System" -msgstr "" - -#: fapolicy_analyzer/glade/analyzer_selection_dialog.glade:55 -#: fapolicy_analyzer/glade/main_window.glade:175 -msgid "Administer Trust Databases" -msgstr "" - -#: fapolicy_analyzer/glade/analyzer_selection_dialog.glade:77 -msgid "Analyzer Selection" -msgstr "" - -#: fapolicy_analyzer/glade/analyzer_selection_dialog.glade:111 -msgid "Analyze From Audit" -msgstr "" - #: fapolicy_analyzer/glade/ancillary_trust_database_admin.glade:75 #: fapolicy_analyzer/glade/trust_reconciliation_dialog.glade:54 msgid "Untrust" @@ -563,13 +563,13 @@ msgstr "" msgid "Deploy Changesets?" msgstr "" -#: fapolicy_analyzer/glade/confirm_deployment_dialog.glade:87 +#: fapolicy_analyzer/glade/confirm_deployment_dialog.glade:102 msgid "" "Are you sure you wish to deploy your changes to the fapolicyd?\n" "This will update fapolicyd and restart the service." msgstr "" -#: fapolicy_analyzer/glade/confirm_deployment_dialog.glade:127 +#: fapolicy_analyzer/glade/confirm_deployment_dialog.glade:142 msgid "" "\"Save As...\" fapolicyd data and configuration to archive prior to " "deployment." @@ -600,44 +600,48 @@ msgstr "" msgid "_File" msgstr "" -#. Presents option to load prior sessions tmp file (if it exists.) -#: fapolicy_analyzer/glade/main_window.glade:105 -msgid "Restore" +#: fapolicy_analyzer/glade/main_window.glade:109 +msgid "Analyze" msgstr "" -#: fapolicy_analyzer/glade/main_window.glade:148 -msgid "_Tool" +#: fapolicy_analyzer/glade/main_window.glade:119 +msgid "Syslog" msgstr "" -#: fapolicy_analyzer/glade/main_window.glade:158 -msgid "Analyze From Syslog" +#: fapolicy_analyzer/glade/main_window.glade:128 +msgid "Debug Log" msgstr "" -#: fapolicy_analyzer/glade/main_window.glade:167 -msgid "Analyze From Debug Log" +#: fapolicy_analyzer/glade/main_window.glade:140 +msgid "_Tool" msgstr "" -#: fapolicy_analyzer/glade/main_window.glade:184 -msgid "Administer Rules" +#: fapolicy_analyzer/glade/main_window.glade:168 +msgid "Profiler" msgstr "" -#: fapolicy_analyzer/glade/main_window.glade:193 -msgid "Profile Executable" +#: fapolicy_analyzer/glade/main_window.glade:181 +msgid "Daemon" msgstr "" -#: fapolicy_analyzer/glade/main_window.glade:206 -msgid "System" +#: fapolicy_analyzer/glade/main_window.glade:213 +msgid "Session" msgstr "" -#: fapolicy_analyzer/glade/main_window.glade:239 +#. Presents option to load prior sessions tmp file (if it exists.) +#: fapolicy_analyzer/glade/main_window.glade:233 +msgid "Restore" +msgstr "" + +#: fapolicy_analyzer/glade/main_window.glade:266 msgid "_Help" msgstr "" -#: fapolicy_analyzer/glade/main_window.glade:249 +#: fapolicy_analyzer/glade/main_window.glade:276 msgid "User Guide" msgstr "" -#: fapolicy_analyzer/glade/main_window.glade:312 +#: fapolicy_analyzer/glade/main_window.glade:339 msgid "fapolicyd:" msgstr "" @@ -645,7 +649,7 @@ msgstr "" msgid "x" msgstr "" -#: fapolicy_analyzer/glade/policy_rules_admin_page.glade:53 +#: fapolicy_analyzer/glade/policy_rules_admin_page.glade:41 msgid "Showing events since " msgstr "" @@ -689,6 +693,18 @@ msgstr "" msgid "Rules View" msgstr "" +#: fapolicy_analyzer/glade/rules_difference_dialog.glade:23 +msgid "Rule Differences" +msgstr "" + +#: fapolicy_analyzer/glade/rules_difference_dialog.glade:74 +msgid "Previous Rules" +msgstr "" + +#: fapolicy_analyzer/glade/rules_difference_dialog.glade:113 +msgid "New Rules" +msgstr "" + #: fapolicy_analyzer/glade/rules_status_info.glade:55 msgid "Status Information" msgstr ""