#!/bin/bash
# 
# This script is used for Administration of RSBAC ACLs
#
#
# Make sure we're really running bash.
#
[ -z "$BASH" ] && { echo "This menu requires bash" 1>&2; exit 1; }

#
# Cache function definitions, turn off posix compliance
#
set -h +o posix

# This must be a unique temporary filename
if test -z "$TMPDIR" ; then TMPDIR=/tmp ; fi
TMPFILE=$TMPDIR/rsbac_dialog.$$
TMPFILETWO=${TMPFILE}.2

# set this to rsbac bin dir, if not in path (trailing / is mandatory!)
#
#if test -z "$RSBACPATH" ; then RSBACPATH=./ ; fi

# set this to initial dir on script startup
LASTDIR='.'

# test for LINES and COLUMNS (should be exported e.g. in /etc/profile)
if test -z "$LINES" ; then LINES=25 ; fi
if test -z "$COLUMNS" ; then COLUMNS=80 ; fi
declare -i BL=$LINES-4
declare -i BC=$COLUMNS-4
declare -i MAXWIDTH=$BC-26
declare -i MAXLINES=$LINES-10
gl () {
  if test $1 -gt $MAXLINES
  then echo $MAXLINES
  else echo $1
  fi
}

if test -z "$BACKTITLE"
  then BACKTITLE="RSBAC Administration Tools v1.1.0" ; fi
TITLE="`whoami`: RSBAC ACL Administration"
ERRTITLE="RSBAC ACL Administration - ERROR"

## no changes below this line!

NO_USER=65533
ALL_USERS=65532
GETMODE=real
GETSWITCH=

get_attributes () {
  if test $TARGET == "FD"
  then
    if test -n "$OBJECT"
    then
      if test "$OBJECT" == ":DEFAULT:"
        then TYPE=FD
      elif test -d "$OBJECT"
        then TYPE=DIR
             LASTDIR=`( cd "$OBJECT" && pwd ) || echo "$OBJECT"`
             OBJECT=$LASTDIR
      elif test -f "$OBJECT" -o -b "$OBJECT" -o -c "$OBJECT"
        then TYPE=FILE
      else TYPE=NONE
      fi
    else
      TYPE=NONE
    fi
  elif test $TARGET == "DEV"
  then
    if test -b "$OBJECT" -o -c "$OBJECT"
    then
      TYPE=DEV
    elif test -d "$OBJECT"
    then
      TYPE=NONE
      LASTDIR=`( cd "$OBJECT" && pwd ) || echo "$OBJECT"`
      OBJECT=$LASTDIR
    else
      TYPE=NONE
    fi
  else
    if test "$OBJECT" != "" 
    then TYPE=$TARGET
    else TYPE=NONE
    fi
  fi
}


onoff () {
   if test "$1" = "$2"
     then echo on
   else echo off
   fi
}

onoffb () {
   if test "$1" = "1"
     then echo on
   else echo off
   fi
}

list_item () {
   if test -L "$1"
   then echo $1 "->`ls -l $1|cut -d '>' -f 2`"
   elif test -d "$1"
   then echo $1 DIR
   elif test -f "$1"
   then echo $1 FILE
   elif test "$1" == ":DEFAULT:"
   then echo $1 FILE
   else echo $1 NONE
   fi
}

list_dev_item () {
   if test -L "$1"
   then echo $1 "->`ls -l $1|cut -d '>' -f 2`"
   elif test -b "$1"
   then echo $1 BLOCK
   elif test -c "$1"
   then echo $1 CHAR
   elif test -d "$1"
   then echo $1 DIR
   elif test "$1" == ":DEFAULT:"
   then echo $1 DEV
   else echo $1 NONE
   fi
}

get_vname () {
  if test "$TYPE" = "NONE"
    then echo " "
         return
  fi
  if test -z "$2"
    then echo "N/A"
         return
  fi

  case $1 in
    onoff)
      case $2 in
        1) echo On
          ;;
        *) echo Off
          ;;
      esac 
      ;;
    *) echo ERROR!
      ;;
  esac
}

full_name () {
  if test "$1" = ""
  then echo " "
  else echo `$RSBACPATH""attr_get_user $1 full_name`
  fi
}

get_uid () {
  if test "$1" = ""
  then echo " "
  else echo `$RSBACPATH""attr_get_user $1 user_nr`
  fi
}

get_name () {
  if test "$1" = ""
  then echo " "
  else echo `$RSBACPATH""attr_get_user $1 user_name`
  fi
}

split_subj () {
  echo $1|tr '_' ' '
}

gen_tlist () {
  if test "$TYPE" != "NONE"
  then
    if $RSBACPATH""acl_tlist -s $TYPE "$OBJECT" > $TMPFILE
    then
      TMP=`cat $TMPFILE | sort | tr ' ' '_'`
      if test "$SHOW" == Rights
      then
        for i in $TMP
        do
          echo $i `$RSBACPATH""acl_rights -sd --\`split_subj $i\` $TYPE "$OBJECT"`
        done
      else
        for i in $TMP
        do
          TMP2=`echo $i|cut -d '_' -f 2`
          case $i in
            GROUP_*)
              if $RSBACPATH""acl_group -s get_group_entry $TMP2 >$TMPFILE 2>/dev/null
              then TMP3=`cat $TMPFILE | tr ' ' '_'`
              else TMP3='(private)'
              fi
              echo $i $TMP3
              ;;
            ROLE_*)
              if $RSBACPATH""rc_get_item ROLE $TMP2 name > $TMPFILE 2>/dev/null
              then
                echo $i `cat $TMPFILE | tr ' ' '_'`
              else
                echo $i '(unknown)'
              fi
              ;;
            USER_*)
              echo $i `$RSBACPATH""attr_get_user $TMP2 user_name`
              ;;
            *)
              ;;
          esac
        done
      fi
    fi
  fi
}

gen_subj_list () {
  if test "$TYPE" != "NONE"
  then
    case $1 in
      GROUP)
        TMP=`$RSBACPATH""acl_group -gsn list_groups`
        for i in $TMP
        do
          TMP2=`$RSBACPATH""acl_group -s get_group_entry $i|tr ' ' '_'`
          echo $i $TMP2
        done
        ;;
      ROLE)
        rc_get_item list_used_roles
        ;;
      USER)
        ${RSBACPATH}attr_get_user -bl
        ;;
      *)
        echo ERROR !
        ;;
    esac
  fi
}

gen_right_list () {
    ALLREQUESTS=`$RSBACPATH""acl_rights -N $TARGET $OBJECT`
    TMP=`${RSBACPATH}acl_rights -sdp --\`split_subj $1\` $TYPE $OBJECT`
    for i in $ALLREQUESTS
    do
      if echo $TMP | grep -q $i
      then
        echo $i on on
      else
        echo $i off off
      fi
    done
}

check_rights () {
  if $RSBACPATH""acl_rights -sd --`split_subj $1` $TYPE $OBJECT > $TMPFILE 2>$TMPFILETWO
  then
    RIGHTBITS=`cat $TMPFILE`
    if dialog --title "Rights for $1 to $TYPE $OBJECT" \
              --backtitle "$BACKTITLE" \
              --checklist "Bits: $RIGHTBITS" $BL $BC $MAXLINES \
                `gen_right_list $1` \
                '--------------' '-----------------' off \
                UA 'Unset ALL' off \
                A  'Set ALL' off \
                R  'Set Read Requests' off \
                W  'Set Write Requests' off \
                SY 'Set System R.' off \
                SE 'Set Security R.' off \
                S  'Set ACL Special R.' off \
      2>$TMPFILE
    then TMP=`cat $TMPFILE|tr -d '"'`
         if ! $RSBACPATH""acl_grant -s `split_subj $1` $TMP $TYPE $OBJECT &>$TMPFILE
         then \
             dialog --title "$ERRTITLE" \
                    --backtitle "$BACKTITLE" \
                    --msgbox "`head -n 1 $TMPFILE`" $BL $BC
             continue
         fi
    fi
  else
    dialog --title "$ERRTITLE" \
           --backtitle "$BACKTITLE" \
           --msgbox "`head -n 1 $TMPFILETWO`" $BL $BC
  fi
  rm $TMPFILETWO
}

show_mask () {
  if test "$TYPE" != "NONE"
  then
    if test "$OBJECT" == ":DEFAULT:"
    then
        echo '(none)'
    else
        $RSBACPATH""acl_mask $TYPE "$OBJECT" | cut -d ':' -f 2 | cut -c2-
    fi
  else
    echo '(none)'
  fi
}

gen_mask_right_list () {
    ALLREQUESTS=`$RSBACPATH""acl_rights -N`
    TMP=`${RSBACPATH}acl_mask -p $TYPE "$OBJECT" | grep -v 000`
    for i in $ALLREQUESTS
    do
      if echo $TMP | grep -q $i
      then
        echo $i on on
      else
        echo $i off off
      fi
    done
}

check_mask_rights () {
  RIGHTBITS=`$RSBACPATH""acl_mask $TYPE $OBJECT`
  if dialog --title "Inheritance Mask for $TYPE $OBJECT" \
            --backtitle "$BACKTITLE" \
            --checklist "$RIGHTBITS" $BL $BC $MAXLINES \
              `gen_mask_right_list` \
              '--------------' '-----------------' off \
              UA 'Unset ALL' off \
              A  'Set ALL' off \
              R  'Set Read Requests' off \
              W  'Set Write Requests' off \
              SY 'Set System R.' off \
              SE 'Set Security R.' off \
              S  'Set ACL Special R.' off \
    2>$TMPFILE
  then TMP=`cat $TMPFILE|tr -d '"'`
       if ! $RSBACPATH""acl_mask -s $TMP $TYPE $OBJECT &>$TMPFILE
       then \
           dialog --title "$ERRTITLE" \
                  --backtitle "$BACKTITLE" \
                  --msgbox "`head -n 1 $TMPFILE`" $BL $BC
           continue
       fi
  fi
}

gen_menu_choose_items () {
  case $TARGET in
      FD)
        case $1 in
          1)
            echo File/Dir List
          ;;
          2)
            echo Choose from `name_print "$LASTDIR"`
          ;;
          3)
            echo File/Dir
          ;;
          4)
            echo `name_print "$OBJECT"` / $TYPE
          ;;
          *)
          ;;
        esac
        ;;
      DEV)
        case $1 in
          1)
            echo Device List
          ;;
          2)
            echo Choose from `name_print "$LASTDIR"`
          ;;
          3)
            echo Device
          ;;
          4)
            echo `name_print "$OBJECT"`
          ;;
          *)
          ;;
        esac
        ;;
      USER)
        case $1 in
          1)
            echo User
          ;;
          2)
            echo :DEFAULT: only
          ;;
          3)
            echo User
          ;;
          4)
            echo `name_print "$OBJECT"`
          ;;
          *)
          ;;
        esac
        ;;
      PROCESS)
        case $1 in
          1)
            echo Process
          ;;
          2)
            echo :DEFAULT: only
          ;;
          3)
            echo Process
          ;;
          4)
            echo `name_print "$OBJECT"`
          ;;
          *)
          ;;
        esac
        ;;
      IPC)
        case $1 in
          1)
            echo IPC
          ;;
          2)
            echo :DEFAULT: only
          ;;
          3)
            echo IPC
          ;;
          4)
            echo `name_print "$OBJECT"`
          ;;
          *)
          ;;
        esac
        ;;
      SCD)
        case $1 in
          1)
            echo SCD List
          ;;
          2)
            echo Choose from list
          ;;
          3)
            echo SCD
          ;;
          4)
            echo `name_print "$OBJECT"`
          ;;
          *)
          ;;
        esac
        ;;
      *)
        ;;
  esac
}

get_target_name () {
  case $1 in
      FD)
        echo File/Dir
        ;;
      DEV)
        echo Device
        ;;
      USER)
        echo User
        ;;
      PROCESS)
        echo Process
        ;;
      IPC)
        echo Inter Process Communication
        ;;
      SCD)
        echo System Control Data
        ;;
      *)
        echo " "
        ;;
  esac
}

choose_target () {
    if dialog --title "$TITLE" \
              --backtitle "$BACKTITLE" \
              --menu "$1" $BL $BC 6 \
              FD "`get_target_name FD`" \
              DEV "`get_target_name DEV`" \
              USER "`get_target_name USER`" \
              PROCESS "`get_target_name PROCESS`" \
              IPC "`get_target_name IPC`" \
              SCD "`get_target_name SCD`" \
           2>$TMPFILE
    then
       TARGET=`cat $TMPFILE`
       case $TARGET in
         FD)
           TYPE=NONE
           OBJECT=":DEFAULT:"
           ;;
         DEV)
           TYPE=$TARGET
           LASTDIR=/dev
           OBJECT=":DEFAULT:"
         ;;
         IPC|SCD|USER|PROCESS)
           TYPE=$TARGET
           OBJECT=":DEFAULT:"
           ;;
       esac
    fi
}

declare -i MAXNAMELEN=$BC-34
name_print () {
  if test ${#1} -gt $MAXNAMELEN
  then
    declare -i START=${#1}-$MAXNAMELEN
    echo "$1" | cut -c$START-${#1}
  else
    echo "$1"
  fi
}

###################### Menu #################

case $1 in
  FD|FILE|DIR)
    TARGET=FD
    TYPE=NONE
    if test -n "$2"
    then OBJECT="$2"
    else OBJECT=":DEFAULT:"
    fi
    ;;
  DEV|SCD)
    TARGET=$1
    TYPE=$1
    LASTDIR=/dev
    if test -n "$2"
    then OBJECT="$2"
    else OBJECT=":DEFAULT:"
    fi
    ;;
  IPC|USER|PROCESS)
    TARGET=$1
    TYPE=$1
    OBJECT=":DEFAULT:"
    ;;
  "-h" | "--help")
    echo Use: $0 '[target-type [object-name [Rights|Name]]]'
    exit
    ;;
   *)
    choose_target
    if test -z "$TARGET"
    then exit
    fi
    ;;
esac
get_attributes "$OBJECT"

if test "$3" == "Rights" -o "$3" == "rights"
then SHOW=Rights
else SHOW=Name
fi

while true ; do \
  if ! \
  dialog --title "$TITLE" \
         --backtitle "$BACKTITLE" \
         --menu "Main Menu" $BL $BC $MAXLINES \
                "`gen_menu_choose_items 1`" "`gen_menu_choose_items 2`" \
                "`gen_menu_choose_items 3`" "`gen_menu_choose_items 4`" \
                "Choose Target" "$TARGET" \
                "-------------" "" \
                "Add ACL Entry" "Add group, role or user entry" \
                "Remove Entry" "" \
                "Name / Rights" "$SHOW" \
                "Who has here" "" \
                "Change Mask" "`show_mask`" \
                "-------------" "" \
                `gen_tlist` \
                "-------------" "" \
                "Clear ACL" "" \
                "Groups" "Go to ACL groups menu" \
                "Roles" "Go to RC roles menu" \
                "$TARGET attr" "Go to $TARGET general attributes" \
                "Quit" "" \
         2>$TMPFILE
   then rm $TMPFILE ; exit
  fi

  SELECTED=`cat $TMPFILE`
  case $SELECTED in
    'File/Dir List')
        if test ! -d $LASTDIR
        then LASTDIR='/'
        fi
        TMP=`ls -1Fad "$LASTDIR"/* "$LASTDIR"/.*|tr '*' ' '`
        while dialog --title "$TITLE" \
                     --backtitle "$BACKTITLE" \
                     --menu "File/Dir Name (choose cancel for $OBJECT)" $BL $BC $MAXLINES \
                         ':DEFAULT:' "Default ACL" \
                         `for i in $TMP ; do list_item "$i" ; done` \
           2>$TMPFILE
        do OBJECT=`cat $TMPFILE`
           get_attributes
           TMP=`ls -1Fad $LASTDIR/* $LASTDIR/.*|tr '*' ' '`
           if test $TYPE != "DIR"
           then break
           fi
        done
      ;;

    'Device List')
        if test ! -d $LASTDIR
        then LASTDIR='/dev'
        fi
        TMP=`ls -1Fad "$LASTDIR"/*|tr '*' ' '`
        if dialog --title "$TITLE" \
                  --backtitle "$BACKTITLE" \
                  --menu "Device Name" $BL $BC $MAXLINES \
                         ':DEFAULT:' "Default ACL" \
                         `for i in $TMP ; do list_dev_item "$i" ; done` \
           2>$TMPFILE
        then OBJECT=`cat $TMPFILE`
             get_attributes
        fi
      ;;

    'SCD List')
        TMP=`$RSBACPATH""acl_rights -n`
        if dialog --title "$TITLE" \
                  --backtitle "$BACKTITLE" \
                  --menu "Device Name" $BL $BC $MAXLINES \
                         ':DEFAULT:' "Default ACL" \
                         `for i in $TMP ; do echo "$i" "-" ; done` \
           2>$TMPFILE
        then OBJECT=`cat $TMPFILE`
             get_attributes
        fi
      ;;

    "File/Dir" | "Device" | "SCD")
        if dialog --title "$TITLE" \
                  --backtitle "$BACKTITLE" \
                  --inputbox "Choose `get_target_name $TARGET`" $BL $BC "$OBJECT" \
           2>$TMPFILE
        then OBJECT=`cat $TMPFILE`
             get_attributes
        fi
      ;;

    "User" | "Process" | "IPC")
        OBJECT=:DEFAULT:
        get_attributes
      ;;

    "Choose Target")
      choose_target
      ;;

    'Add ACL Entry')
        if test "$TYPE" != "NONE"
        then \
          if dialog --title "$TITLE" \
                    --backtitle "$BACKTITLE" \
                    --menu "Choose new entry's subject type" $BL $BC 3 \
                                GROUP "ACL group" \
                                ROLE "RC role" \
                                USER "Normal user" \
             2>$TMPFILE
          then STYPE=`cat $TMPFILE`
               if dialog --title "$TITLE" \
                         --backtitle "$BACKTITLE" \
                         --menu "Choose $STYPE" $BL $BC $MAXLINES \
                                     `gen_subj_list $STYPE` \
                  2>$TMPFILE
               then SUBJ=`cat $TMPFILE`
                   if ! $RSBACPATH""acl_grant $STYPE $SUBJ $TYPE "$OBJECT" &>$TMPFILE
                   then 
                     dialog --title "$ERRTITLE" \
                            --backtitle "$BACKTITLE" \
                            --msgbox "`head -n 1 $TMPFILE`" $BL $BC
                   fi
               fi
          fi
        else
                 dialog --title "$ERRTITLE" \
                        --backtitle "$BACKTITLE" \
                        --msgbox "Add ACL Entry: No object specified!" 5 $BC
        fi
      ;;

    "Remove Entry")
        if test "$TYPE" != "NONE"
        then \
          if dialog --title "$TITLE" \
                    --backtitle "$BACKTITLE" \
                    --menu "Choose entry to delete" $BL $BC $MAXLINES \
                    `gen_tlist` \
             2>$TMPFILE
          then TMP=`cat $TMPFILE`
              if ! $RSBACPATH""acl_grant -m `split_subj $TMP` $TYPE "$OBJECT" &>$TMPFILE
              then 
                dialog --title "$ERRTITLE" \
                       --backtitle "$BACKTITLE" \
                       --msgbox "`head -n 1 $TMPFILE`" $BL $BC
              fi
          fi
        else
                 dialog --title "$ERRTITLE" \
                        --backtitle "$BACKTITLE" \
                        --msgbox "Add ACL Entry: No object specified!" 5 $BC
        fi
      ;;

    "Name / Rights")
        if test "$SHOW" == Rights
        then SHOW=Name
        else SHOW=Rights
        fi
      ;;

    'Who has here')
        if test "$TYPE" != "NONE"
        then \
          while dialog --title "$TITLE" \
                    --backtitle "$BACKTITLE" \
                    --menu "Who has rights to $TYPE $OBJECT: Choose subject type" $BL $BC 4 \
                                ALL "All types" \
                                GROUP "ACL group" \
                                ROLE "RC role" \
                                USER "Normal user" \
             2>$TMPFILE
          do
            STYPE=`cat $TMPFILE`
            case $STYPE in
              GROUP)
                TMP=`$RSBACPATH""acl_group -gsn list_groups|sort -n`
                for i in $TMP
                do
                  TMP2=`$RSBACPATH""acl_rights -sg $i $TYPE $OBJECT`
                  echo GROUP_${i} $TMP2
                done > $TMPFILETWO
                ;;
              ROLE)
                TMP=`rc_get_item list_used_role_nr`
                for i in $TMP
                do
                  TMP2=`$RSBACPATH""acl_rights -sl $i $TYPE $OBJECT`
                  echo ROLE_${i} $TMP2
                done > $TMPFILETWO
                ;;
              USER)
                TMP=`${RSBACPATH}attr_get_user -nl|sort -n`
                for i in $TMP
                do
                  TMP2=`$RSBACPATH""acl_rights -su $i $TYPE $OBJECT`
                  echo USER_${i} $TMP2
                done > $TMPFILETWO
                ;;
              ALL)
                TMP=`$RSBACPATH""acl_group -gsn list_groups|sort -n`
                for i in $TMP
                do
                  TMP2=`$RSBACPATH""acl_rights -sg $i $TYPE $OBJECT`
                  echo GROUP_${i} $TMP2
                done > $TMPFILETWO
                TMP=`rc_get_item list_used_role_nr`
                for i in $TMP
                do
                  TMP2=`$RSBACPATH""acl_rights -sl $i $TYPE $OBJECT`
                  echo ROLE_${i} $TMP2
                done >> $TMPFILETWO
                TMP=`${RSBACPATH}attr_get_user -nl|sort -n`
                for i in $TMP
                do
                  TMP2=`$RSBACPATH""acl_rights -su $i $TYPE $OBJECT`
                  echo USER_${i} $TMP2
                done >> $TMPFILETWO
                ;;
            esac
            while dialog --title "$TITLE" \
                      --backtitle "$BACKTITLE" \
                      --menu "Who has rights to $TYPE $OBJECT" $BL $BC $MAXLINES \
                             `cat $TMPFILETWO | grep -v "000000000000000000000000000000000000000000000000000"` \
                  2>$TMPFILE
            do SUBJ=`cat $TMPFILE`
               TMP=`echo $SUBJ|cut -d '_' -f 2`
               case $SUBJ in
                 GROUP_*)
                   if $RSBACPATH""acl_group -s get_group_entry $TMP >$TMPFILE 2>/dev/null
                   then TMP="$SUBJ / `cat $TMPFILE | tr ' ' '_'`"
                   else TMP="$SUBJ / '(private)'"
                   fi
                   ;;
                 ROLE_*)
                   if $RSBACPATH""rc_get_item ROLE $TMP name > $TMPFILE 2>/dev/null
                   then
                     TMP="$SUBJ / `cat $TMPFILE | tr ' ' '_'`"
                   else
                     TMP="$SUBJ / '(unknown)'"
                   fi
                   ;;
                 USER_*)
                   TMP="$SUBJ / `$RSBACPATH""attr_get_user $TMP user_name`"
                   ;;
               esac
               echo "$TMP" rights to $TYPE $OBJECT >$TMPFILE
               echo --------------------------------------- >>$TMPFILE
               if $RSBACPATH""acl_rights -sp --`split_subj $SUBJ` $TYPE $OBJECT >>$TMPFILE
               then 
                 dialog --title "$TITLE" \
                        --backtitle "$BACKTITLE" \
                        --textbox $TMPFILE $BL $BC
               fi
            done
            rm $TMPFILETWO
          done
        else
                 dialog --title "$ERRTITLE" \
                        --backtitle "$BACKTITLE" \
                        --msgbox "Who has here: No object specified!" 5 $BC
        fi
      ;;

    'Change Mask')
      check_mask_rights
      ;;

    GROUP* | ROLE* | USER*)
      check_rights $SELECTED
      ;;

    "Clear ACL")
      if test "$TYPE" != "NONE"
      then
        if dialog --title "$TITLE" \
                  --backtitle "$BACKTITLE" \
                  --yesno "Remove all ACL entries for $TYPE $OBJECT?" 6 $BC \
           2>$TMPFILE
        then
          TMP=`$RSBACPATH""acl_tlist -s $TYPE "$OBJECT" | tr ' ' '_'`
          for i in $TMP
          do
            $RSBACPATH""acl_grant -m `split_subj $i` $TYPE "$OBJECT"
          done
        fi
      fi
      ;;

    'Groups')
      $RSBACPATH""rsbac_acl_group_menu
      ;;

    'Roles')
      $RSBACPATH""rsbac_rc_role_menu
      ;;

    'FD attr')
      $RSBACPATH""rsbac_fd_menu "$OBJECT"
      ;;

    'DEV attr')
      $RSBACPATH""rsbac_dev_menu "$OBJECT"
      ;;

    'IPC attr')
      $RSBACPATH""rsbac_ipc_menu
      ;;

    'SCD attr')
      $RSBACPATH""rsbac_scd_menu "$OBJECT"
      ;;

    'USER attr')
      $RSBACPATH""rsbac_user_menu
      ;;

    'PROCESS attr')
      $RSBACPATH""rsbac_process_menu
      ;;

    Quit)
        rm $TMPFILE ; exit
      ;;

    *)
        dialog --title "$ERRTITLE" \
               --backtitle "$BACKTITLE" \
               --msgbox "Main Menu: Selection Error!" 5 $BC
  esac
# sleep 2
done
