#!/bin/bash
# 
# This script is used for Administration of RSBAC general attributes
#
#
# Make sure we're really running bash.
#
[ -z "$BASH" ] && { echo "This menu requires bash - sorry!" 1>&2; exit 1; }
#
# We also need the proc fs mounted.
[ ! -f /proc/stat ] && { echo "This menu requires proc fs mounted" 1>&2; exit 1; }
#
# Cache function definitions, turn off posix compliance
#
set -h +o posix

# This must be a unique temporary filename
if test -z "$TMPDIR" ; then TMPDIR=/tmp ; fi
TMPFILE=$TMPDIR/rsbac_dialog.$$

# set this to rsbac bin dir, if not in path (trailing / is mandatory!)
#
#if test -z "$RSBACPATH" ; then RSBACPATH=./ ; fi

# test for LINES and COLUMNS (should be exported e.g. in /etc/profile)
if test -z "$LINES" ; then LINES=25 ; fi
if test -z "$COLUMNS" ; then COLUMNS=80 ; fi
declare -i BL=$LINES-4
declare -i BC=$COLUMNS-4
declare -i MAXLINES=$LINES-10
gl () {
  if test $1 -gt $MAXLINES
  then echo $MAXLINES
  else echo $1
  fi
}

export BACKTITLE="RSBAC Administration Tools v1.0.9b"
TITLE="`whoami`: RSBAC Administration"
ERRTITLE="RSBAC Administration - ERROR"

while true ; do \
  if ! \
  dialog --title "$TITLE" \
         --backtitle "$BACKTITLE" \
         --menu "Main Menu" $BL $BC `gl 22` \
                "User Attributes:" "Go to user attribute menu" \
                "File/Dir Attributes:" "Go to file/dir attribute menu" \
                "Block/Char Device Attributes:" "Go to dev attribute menu" \
                "Process Attributes:" "Go to process attribute menu" \
                "IPC Attributes:" "Go to IPC attribute menu" \
                "RC Roles:" "Go to RC role menu" \
                "RC Types:" "Go to RC type menu" \
                "ACL Management:" "Go to ACL menu" \
                "ACL Group Management:" "Go to ACL group menu" \
                "---------------" "" \
                "Switch Modules:" "Switch modules on or off" \
                "Check Status:" "rsbac_check 1 1" \
                "Show Status" "" \
                "Show PM Status" "" \
                "Show RC Status" "" \
                "Show ACL Lists" "" \
                "Show ACL Groups" "" \
                "Show eXtended Status" "" \
                "---------------" "" \
                "Bash Shell" "" \
                "---------------" "" \
                "Quit" "" \
         2>$TMPFILE
   then rm $TMPFILE ; exit
  fi

  case `cat $TMPFILE` in
    'User Attributes:')
        $RSBACPATH""rsbac_user_menu
      ;;

    'File/Dir Attributes:')
        $RSBACPATH""rsbac_fd_menu
      ;;

    'Block/Char Device Attributes:')
        $RSBACPATH""rsbac_dev_menu
      ;;

    'Process Attributes:')
        $RSBACPATH""rsbac_process_menu
      ;;

    'IPC Attributes:')
        $RSBACPATH""rsbac_ipc_menu
      ;;

    'RC Roles:')
        $RSBACPATH""rsbac_rc_role_menu
      ;;

    'RC Types:')
        $RSBACPATH""rsbac_rc_type_menu
      ;;

    'ACL Management:')
        $RSBACPATH""rsbac_acl_menu
      ;;

    'ACL Group Management:')
        $RSBACPATH""rsbac_acl_group_menu
      ;;

    'Switch Modules:')
        if \
        dialog --title "$TITLE" \
               --backtitle "$BACKTITLE" \
               --menu "Select Module to Switch" $BL $BC `gl 8` \
                      "MAC" "Mandatory Access Control (Bell-LaPadula)" \
                      "FC"  "Functional Control" \
                      "SIM" "Security Information Modification" \
                      "PM"  "Privacy Model" \
                      "MS"  "Malware Scan" \
                      "FF"  "File Flags" \
                      "RC"  "Role Compatibility" \
                      "ACL" "Access Control Lists" \
             2>$TMPFILE
        then
          TMP=`cat $TMPFILE`
              if dialog --title "$TITLE" \
                        --backtitle "$BACKTITLE" \
                        --radiolist "Switch $TMP to" $BL $BC 2 \
                                    0 "off" off \
                                    1 "on" off \
                 2>$TMPFILE
              then
                 if ! $RSBACPATH""switch_module $TMP `cat $TMPFILE` &>$TMPFILE
                 then \
                   dialog --title "$ERRTITLE" \
                          --backtitle "$BACKTITLE" \
                          --msgbox "`head -n 1 $TMPFILE`" $BL $BC
                 fi
              fi
        fi
      ;;

    'Check Status:')
        if test -f /proc/rsbac-info/stats
        then
          if ! ${RSBACPATH}rsbac_check 1 1 &>$TMPFILE
          then dialog --title "$TITLE" \
                      --backtitle "$BACKTITLE" \
                      --textbox $TMPFILE $BL $BC
          fi
        fi
      ;;

    'Show Status')
        if test -f /proc/rsbac-info/stats
        then 
          less /proc/rsbac-info/stats
#          dialog --title "$TITLE" \
#                 --backtitle "$BACKTITLE" \
#                 --textbox /proc/rsbac-info/stats $BL $BC
        fi
      ;;

    'Show PM Status')
        if test -f /proc/rsbac-info/stats_pm
        then 
          less /proc/rsbac-info/stats_pm
#          dialog --title "$TITLE" \
#                 --backtitle "$BACKTITLE" \
#                 --textbox /proc/rsbac-info/stats_pm $BL $BC
        fi
      ;;

    'Show RC Status')
        if test -f /proc/rsbac-info/stats_rc
        then 
          less /proc/rsbac-info/stats_rc
#          dialog --title "$TITLE" \
#                 --backtitle "$BACKTITLE" \
#                 --textbox /proc/rsbac-info/stats_rc $BL $BC
        fi
      ;;

    'Show ACL Lists')
        if test -f /proc/rsbac-info/acl_acllist
        then 
          less /proc/rsbac-info/acl_acllist
#          dialog --title "$TITLE" \
#                 --backtitle "$BACKTITLE" \
#                 --textbox /proc/rsbac-info/acl_acllist $BL $BC
        fi
      ;;

    'Show ACL Groups')
        if test -f /proc/rsbac-info/acl_grouplist
        then 
          less /proc/rsbac-info/acl_grouplist
#          dialog --title "$TITLE" \
#                 --backtitle "$BACKTITLE" \
#                 --textbox /proc/rsbac-info/acl_grouplist $BL $BC
        fi
      ;;

    'Show eXtended Status')
        if test -f /proc/rsbac-info/xstats
        then 
          less /proc/rsbac-info/xstats
#          dialog --title "$TITLE" \
#                 --backtitle "$BACKTITLE" \
#                 --textbox /proc/rsbac-info/xstats $BL $BC
        fi
      ;;

    'Bash Shell')
        echo Return with exit!
        bash --login || bash -login || bash -l
      ;;

    Quit)
        rm $TMPFILE ; exit
      ;;

    *)
        dialog --title "$ERRTITLE" \
               --backtitle "$BACKTITLE" \
               --msgbox "Main Menu: Selection Error!" 5 $BC

  esac
# sleep 2
done
