alterator-ports-access-0.0.3/000075500000000000000000000000001203001015200160715ustar00rootroot00000000000000alterator-ports-access-0.0.3/Makefile000064400000000000000000000007121203001015200175310ustar00rootroot00000000000000NAME=ports-access DESCRIPTION="Control access to ports" all: clean: clean-po install: install-module include /usr/share/alterator/build/module.mak install: install-tools install-tools: $(INSTALL) -Dpm 755 alterator-ports-access $(bindir)/alterator-ports-access $(INSTALL) -Dpm 755 rc.serial $(sysconfdir)/rc.d/rc.serial $(INSTALL) -d $(RPM_BUILD_ROOT)/lib/udev/ $(INSTALL) -Dpm 755 udev-test-helper $(RPM_BUILD_ROOT)/lib/udev/alterator-ports-access alterator-ports-access-0.0.3/alterator-ports-access000075500000000000000000000132231203001015200224210ustar00rootroot00000000000000#!/bin/sh # This file is covered by the GNU General Public License. # Copyright (C) 2012 Andrew V. Stepanov # Set serial ports access settigs # This file is part of alterator-ports-access package # Turn on libshell verbose mode verbose=1 # Require libshell . shell-error . shell-quote . shell-config . shell-var # Config file readonly CONFIG="/etc/alterator-ports-access.conf" readonly USB_UDEV_RULE="/etc/udev/rules.d/40-alterator-ports-access.rules" # Don't control serial ports serial_control_off() { # Read present serial ports in system local ports=( $(udevadm info --path=/devices/platform/serial8250 --export-db --export | sed -n -e '/DEVPATH.*ttyS/ { /serial8250/d; s/^.*\///p }') ) # Enable all serial ports for port in "${ports[@]}"; do verbose "Enable $port" setserial "/dev/$port" "uart" "16550A" done } # Apply rules for serial ports serial_control_on() { # Include config file ( . "$CONFIG" rule="" for port in "${SERIAL_ENABLED[@]}"; do verbose "Enable port $port" setserial "/dev/$port" "uart" "16550A" done for port in "${SERIAL_DISABLED[@]}"; do verbose "Disable port $port" setserial "/dev/$port" "uart" "none" done ) } # Turn off USB control usb_control_off() { cat << 'EOF' > "$USB_UDEV_RULE" # This file is covered by the GNU General Public License, # Copyright (C) 2012 Andrew V. Stepanov # Part of alterator-ports-access # Do not edit manually # For more information see kernel/Documentation/usb/authorization.txt ACTION!="add|change", GOTO="ctrl_end" SUBSYSTEM!="usb", GOTO="ctrl_end" ATTR{authorized_default}=="?*", ATTR{authorized_default}="1" ATTR{authorized}=="?*", ATTR{authorized}="1" LABEL="ctrl_end" EOF } # Turn on USB control usb_control_on() { tmpcfg="$(mktemp --tmpdir "alterator.XXXXXXX")" cat << 'EOF' > "$tmpcfg" # This file is covered by the GNU General Public License, # Copyright (C) 2012 Andrew V. Stepanov # Part of alterator-ports-access # Do not edit manually # For more information see kernel/Documentation/usb/authorization.txt ACTION!="add|change", GOTO="ctrl_end" SUBSYSTEM!="usb", GOTO="ctrl_end" # Always authorize USB hubs ATTR{authorized}=="?*", ATTR{bDeviceClass}=="09", ATTR{authorized}="1", GOTO="ctrl_end" EOF # Include config file ( . "$CONFIG" for i in "${USB_WHITE_LIST[@]}"; do rule="ATTR{authorized}==\"?*\", " add= vendor="$(echo "$i" | cut -d ';' -f1)" prodid="$(echo "$i" | cut -d ';' -f2)" serial="$(echo "$i" | cut -d ';' -f3)" if [ -n "$vendor" ]; then vendor="$(quote_shell "$vendor")" rule="$rule ATTR{idVendor}==\"$vendor\"," add="yes" fi if [ -n "$prodid" ]; then prodid="$(quote_shell "$prodid")" rule="$rule ATTR{idProduct}==\"$prodid\"," add="yes" fi if [ -n "$serial" ]; then serial="$(quote_shell "$serial")" rule="$rule ATTR{serial}==\"$serial\"," add="yes" fi rule="$rule ATTR{authorized}=\"1\", GOTO=\"ctrl_end\"" if shell_var_is_yes "$add"; then echo "$rule" >> "$tmpcfg" fi done # HID if shell_var_is_yes "$USB_ALLOW_HID"; then cat << 'EOF' >> "$tmpcfg" # Un block device. Necessary step. Suppose device is already deactivated, so we need to look up his properties. ATTR{authorized}=="?*", ATTR{authorized}="1" # Allow HID ATTR{authorized}=="?*", PROGRAM="alterator-ports-access", ATTR{authorized}="1", GOTO="ctrl_end" EOF fi ) cat << 'EOF' >> "$tmpcfg" # Block all other USB devices ATTR{authorized}=="?*", ATTR{authorized}="0" LABEL="ctrl_end" EOF if [ -f "$USB_UDEV_RULE" ]; then rm -f "$USB_UDEV_RULE" fi mv -f "$tmpcfg" "$USB_UDEV_RULE" } # ENTRY POINT # http://wiki.bash-hackers.org/howto/getopts_tutorial while getopts ":seuh" opt; do case $opt in u) verbose "Update USB ports configuration" USB="yes" ;; s) verbose "Update serial ports configuration" SERIAL="yes" ;; e) verbose "Disable USB control, enable all USB devices" USB_CTRL_OFF="yes" ;; h) verbose "Use: $PROG [-s] [-u] [-e]" verbose "-s update serial ports status" verbose "-e disable USB control without touch config, enable all USB devices" verbose "-u update USB ports status" verbose "Config file: $CONFIG" exit ;; \?) fatal "Invalid option: -$OPTARG" ;; esac done # Test correct invocation if [ -z "$USB" -a -z "$SERIAL" -a -z "$USB_CTRL_OFF" ]; then message "Use: $PROG -h for help." exit fi # Config file exist if ! [ -f "$CONFIG" -a -r "$CONFIG" ]; then fatal "Can't find configuration file $CONFIG" fi # Include config file . "$CONFIG" # Configure USB ports if shell_var_is_yes "$USB"; then verbose "Configure USB ports" if shell_var_is_yes "$USB_CONTROL"; then verbose "USB control is on" usb_control_on else verbose "USB control is off" usb_control_off fi # Apply new udev rules verbose "Apply authorized_default" udevadm trigger --verbose --subsystem-match="usb" --attr-match="authorized_default" verbose "Apply authorized" udevadm trigger --verbose --subsystem-match="usb" --attr-match="authorized" fi # Configure serial ports if shell_var_is_yes "$SERIAL"; then verbose "Configure serial ports" if shell_var_is_yes "$SERIAL_CONTROL"; then verbose "Serial control is on" serial_control_on else verbose "Serial control is off" serial_control_off fi fi if shell_var_is_yes "$USB_CTRL_OFF"; then for i in $(find /sys -name authorized); do [ -n "${e##*usb*}" ] && continue echo 1 > "$i" done fi # vim: autoindent tabstop=2 shiftwidth=2 expandtab softtabstop=2 filetype=sh alterator-ports-access-0.0.3/applications/000075500000000000000000000000001203001015200205575ustar00rootroot00000000000000alterator-ports-access-0.0.3/applications/ports-access.desktop000064400000000000000000000004141203001015200245570ustar00rootroot00000000000000[Desktop Entry] Encoding=UTF-8 Type=Application Categories=X-Alterator-System Icon=sysinfo Terminal=false Name=Ports access control X-Alterator-URI=/portsctrl X-Alterator-Weight=20 X-Alterator-Help=ports-access Name[ru]=Контроль доступа к портам alterator-ports-access-0.0.3/backend3/000075500000000000000000000000001203001015200175435ustar00rootroot00000000000000alterator-ports-access-0.0.3/backend3/portsctrl000075500000000000000000000302651203001015200215330ustar00rootroot00000000000000#!/bin/sh # Turn of auto expansion set -f po_domain="alterator-ports-access" alterator_api_version=1 . alterator-sh-functions . shell-config . shell-quote . shell-var # CONFIG CONFIG="/etc/alterator-ports-access.conf" # APPLY CHANGES apply_changes() { echo "[backend-portsctrl] apply_changes." 1>&2 alterator-ports-access -u -s } # LIST YES/NO list_yes_no() { write_enum_item "yes" "`_ 'Yes'`" write_enum_item "no" "`_ 'No'`" } # LIST CONFIGURED SERIAL PORTS list_serial() { # Create subshell & include config file ( if [ -f "$CONFIG" -a -r "$CONFIG" ]; then . "$CONFIG" fi # Read present serial ports in system local ports=( $(udevadm info --path=/devices/platform/serial8250 --export-db --export | sed -n -e '/DEVPATH.*ttyS/ { /serial8250/d; s/^.*\///p }') ) for port in "${ports[@]}"; do printed= for enabled in "${SERIAL_ENABLED[@]}"; do if [ "$port" = "$enabled" ]; then printf "(\"%s\" label_serial_port \"%s\" label_serial_enabled \"%s\")\n" "$port" "$port" "`_ 'Yes'`" >&3 printed="yes" break fi done for enabled in "${SERIAL_DISABLED[@]}"; do if [ "$port" = "$enabled" -a -z "$printed" ]; then printf "(\"%s\" label_serial_port \"%s\" label_serial_enabled \"%s\")\n" "$port" "$port" "`_ 'No'`" >&3 printed="yes" break fi done # Port not listed in config is enabled if [ -z "$printed" ]; then printf "(\"%s\" label_serial_port \"%s\" label_serial_enabled \"%s\")\n" "$port" "$port" "`_ 'Yes'`" >&3 fi done ) } # LIST USB WHITE LIST list_usb_rules() { if ! [ -f "$CONFIG" -a -r "$CONFIG" ]; then echo "[backend-portsctrl] whitelist empty, no config file ($CONFIG)" 1>&2 return fi # Create subshell & include config file ( . "$CONFIG" local j=0 local vendor= prodid= serial= info= for i in "${USB_WHITE_LIST[@]}"; do vendor="$(echo "$i" | cut -d ';' -f1)" prodid="$(echo "$i" | cut -d ';' -f2)" serial="$(echo "$i" | cut -d ';' -f3)" info="$(echo "$i" | cut -d ';' -f4)" printf "(\"%s\" label_usb_rule_number \"%s\" label_usb_vendor \"%s\" label_usb_prodid \"%s\" label_usb_serial \"%s\" label_usb_info \"%s\")\n" "$j" "$j" "$vendor" "$prodid" "$serial" "$info" >&3 j=$((j+1)) done ) } # LIST PRESENT USB DEVICES list_prsnt_devices() { # Force scan, temporary disable USB control if shell_var_is_yes "$in_force"; then echo "[backend-portsctrl] temporary disable USB control" 1>&2 alterator-ports-access -e fi for i in $(find /sys -name authorized); do local dir="$(dirname "$i")" local devclass="$(cat "$dir/bDeviceClass")" # Ignore USB hubs [ "$devclass" = "09" ] && continue [ -z "$devclass" ] && continue local idProduct="$(cat "$dir/idProduct")" local idVendor="$(cat "$dir/idVendor")" local serial="$(cat "$dir/serial" 2>/dev/null)" [ -z "$devclass" ] && continue [ -z "$idVendor" ] && continue if [ -n "$serial" ]; then serial_msg="$serial" else serial_msg="`_ 'None'`" fi local db="/usr/share/misc/usb.ids" local manufacturer= product= if [ -e "$db" ]; then manufacturer="$(sed -n -e "/^$idVendor/ s/....[[:space:]]\+//p" "$db")" product="$(sed -n -e "/^$idVendor/,/^[^[:space:]]/{ s/^[[:space:]]\+$idProduct[[:space:]]\+//p }" "$db")" fi [ -z "$manufacturer" ] && manufacturer="$(cat "$dir/manufacturer" 2>/dev/null)" [ -z "$product" ] && product="$(cat "$dir/product" 2>/dev/null)" [ -z "${manufacturer##*unauthorized*}" ] && continue [ -z "${product##*unauthorized*}" ] && continue printf "(\"%s\" label_prsnt_usb_vendor \"%s\" label_prsnt_usb_product \"%s\" label_prsnt_usb_idvendor \"%s\" label_prsnt_usb_idproduct \"%s\" label_prsnt_usb_serial \"%s\")\n" \ "$idVendor:$idProduct:$serial:$manufacturer $product" "$manufacturer" "$product" "$idVendor" "$idProduct" "$serial_msg" >&3 done # Renew USB control if shell_var_is_yes "$in_force"; then echo "[backend-portsctrl] renew USB control" 1>&2 alterator-ports-access -u fi } # READ SERIAL PORT STATUS print_serial () { if [ -z "$in_port" ]; then write_error "Serial port name doesn't specified." return 1 fi # Check config file exists if ! [ -f "$CONFIG" -a -r "$CONFIG" ]; then write_string_param "label_serial_selected" "$in_port" write_string_param "list_serial_enabled" "`_ 'Yes'`" return fi # Create subshell & include config file ( . "$CONFIG" write_string_param "label_serial_selected" "$in_port" for i in "${SERIAL_DISABLED[@]}"; do if [ "$in_port" = "$i" ]; then write_string_param "list_serial_enabled" "`_ 'No'`" return fi done write_string_param "list_serial_enabled" "`_ 'Yes'`" ) } # READ CONTROL STATUS FOR USB & SERIAL print_status () { # Check config file exists if ! [ -f "$CONFIG" -a -r "$CONFIG" ]; then write_bool_param "serial_ctrl_on" 0 write_bool_param "usb_ctrl_on" 0 return fi # Create subshell & include config file ( . "$CONFIG" if shell_var_is_yes "$SERIAL_CONTROL"; then write_bool_param "serial_ctrl_on" 1 else write_bool_param "serial_ctrl_on" 0 fi if shell_var_is_yes "$USB_CONTROL"; then write_bool_param "usb_ctrl_on" 1 else write_bool_param "usb_ctrl_on" 0 fi if shell_var_is_yes "$USB_ALLOW_HID"; then write_bool_param "usb_hid" 1 else write_bool_param "usb_hid" 0 fi ) } # CHECK CONFIG EVAILABLE check_config () { if ! [ -f "$CONFIG" -a -r "$CONFIG" ]; then # Create config if ! touch "$CONFIG"; then write_error "Can't create config file: ($CONFIG)" return 1 else echo "[backend-portsctrl] new config file created ($CONFIG)" 1>&2 fi fi } # TURN ON/OFF CONTROL control_ports() { # Check correct invocation if [ -z "$in_proto" -o -z "$in_enabled" ]; then write_error "Bad call." return 1 fi local status= if [ "$in_enabled" = "#t" ]; then status="yes" else status="no" fi # Check config file exists check_config # Update config local proto="$(echo "$in_proto" | tr '[:lower:]' '[:upper:]')" shell_config_set "$CONFIG" "${proto}_CONTROL" "\"$(quote_shell "$status")\"" # Apply changes apply_changes } # NEW SERIAL PORT PARAMETERS write_serial_options() { # Check correct invocation if [ -z "$in_port" -o -z "$in_enabled" ]; then write_error "Bad call." return 1 fi # Check config file exists check_config # Create subshell & include config file ( . "$CONFIG" # Remove any occurrence shell_config_set "$CONFIG" 'SERIAL_DISABLED' "($(for i in "${SERIAL_DISABLED[@]}"; do [ "$in_port" = "$i" ] && continue; echo -n "\"$(quote_shell "$i")\" "; done))" shell_config_set "$CONFIG" 'SERIAL_ENABLED' "($(for i in "${SERIAL_ENABLED[@]}"; do [ "$in_port" = "$i" ] && continue; echo -n "\"$(quote_shell "$i")\" "; done))" # Re-read config . "$CONFIG" # Add port to some list if shell_var_is_yes "$in_enabled"; then shell_config_set "$CONFIG" 'SERIAL_ENABLED' "($(for i in "${SERIAL_ENABLED[@]}" "$in_port"; do echo -n "\"$(quote_shell "$i")\" "; done))" elif shell_var_is_no "$in_enabled"; then shell_config_set "$CONFIG" 'SERIAL_DISABLED' "($(for i in "${SERIAL_DISABLED[@]}" "$in_port"; do echo -n "\"$(quote_shell "$i")\" "; done))" fi ) # Apply changes apply_changes } # REMOVE ENTRY FROM WHITE LIST usb_rm_rule() { # Check correct invocation if [ -z "$in_rule_num" ]; then write_error "Bad call." return 1 fi # Check config file exists check_config # Create subshell & include config file ( . "$CONFIG" USB_WHITE_LIST[$in_rule_num]= shell_config_set "$CONFIG" 'USB_WHITE_LIST' "($(for i in "${USB_WHITE_LIST[@]}"; do test -z "$i" && continue; echo -n "\"$(quote_shell "$i")\" "; done))" ) # Apply changes apply_changes } # ADD NEW ENTRY TO WHITE LIST usb_add_new_rule() { # Check correct invocation if [ -z "$in_vendor" -a -z "$in_productid" -a -z "$in_serial" ]; then write_error "Bad call." return 1 fi # Check config file exists check_config # Create subshell & include config file ( . "$CONFIG" # Test for existing rule for i in "${USB_WHITE_LIST[@]}"; do vendor="$(echo "$i" | cut -d ';' -f1)" prodid="$(echo "$i" | cut -d ';' -f2)" serial="$(echo "$i" | cut -d ';' -f3)" info="$(echo "$i" | cut -d ';' -f4)" if [ "$vendor" = "$in_vendor" -a "$prodid" = "$in_productid" -a "$serial" = "$in_serial" -a "$info" = "$in_info" ]; then return fi done shell_config_set "$CONFIG" 'USB_WHITE_LIST' "($(for i in "${USB_WHITE_LIST[@]}" "$in_vendor;$in_productid;$in_serial;$in_info"; do echo -n "\"$(quote_shell "$i")\" "; done))" ) # Apply changes apply_changes } # Control USB HID devices usb_hid() { # Check config file exists check_config # Update config if [ "$in_allow_hid" = "#t" ] ; then allow="yes" else allow="no" fi shell_config_set "$CONFIG" "USB_ALLOW_HID" "\"$allow\"" # Apply changes apply_changes } # Add present USB device to whitelist usb_add_prsnt() { # Check correct invocation if [ -z "$in_vendor_product" ]; then write_error "Bad call." return 1 fi vendor="$(echo "$in_vendor_product" | cut -d ':' -f1)" product="$(echo "$in_vendor_product" | cut -d ':' -f2)" serial="$(echo "$in_vendor_product" | cut -d ':' -f3)" info="$(echo "$in_vendor_product" | cut -d ':' -f4)" [ -z "$vendor" ] && return [ -z "$product" ] && return in_vendor="$vendor" in_productid="$product" in_info="$info" in_serial="$serial" usb_add_new_rule } # MAIN LOOP on_message() { case "$in_action" in read) case "$in__objects" in serial_port) # READ SERIAL PORT STATUS echo "[backend-portsctrl] read serial port settings" 1>&2 print_serial ;; status) # READ CONTROL STATUS FOR USB & SERIAL echo "[backend-portsctrl] read status" 1>&2 print_status ;; *) # UNDEFINED READ REQUEST echo "[backend-portsctrl] undefined read request: $in__objects" 1>&2 ;; esac ;; write) case "$in__objects" in ctrl) # TURN ON/OFF CONTROL echo "[backend-portsctrl] write ports ctrl" 1>&2 control_ports ;; serial) # NEW SERIAL PORT PARAMETERS echo "[backend-portsctrl] write serial port options" 1>&2 write_serial_options ;; usb_rm) # REMOVE ENTRY FROM WHITE LIST echo "[backend-portsctrl] remove rule from whitelist" 1>&2 usb_rm_rule ;; usb_add) # ADD NEW ENTRY TO WHITE LIST echo "[backend-portsctrl] add rule to whitelist" 1>&2 usb_add_new_rule ;; usb_add_prsnt) # ADD PRESENT USB DEVICE TO WHITE LIST echo "[backend-portsctrl] add present USB device to whitelist" 1>&2 usb_add_prsnt ;; usb_hid) # CONTROL USB HID echo "[backend-portsctrl] control USB HID" 1>&2 usb_hid ;; *) # UNDEFINED WRITE REQUEST echo "[backend-portsctrl] undefined write request: $in__objects" 1>&2 ;; esac ;; list) case "$in__objects" in list_serial) # LIST SERIAL PORTS echo "[backend-portsctrl] list serial ports" 1>&2 list_serial ;; list_usb_rules) # LIST USB WHITE LIST echo "[backend-portsctrl] list whitelist" 1>&2 list_usb_rules ;; list_serial_enabled) # BOOL LIST: ON/OFF SERIAL PORT echo "[backend-portsctrl] yes/no list for serial port" 1>&2 list_yes_no ;; list_prsnt_devices) # LIST PRESENT USB DEVICES echo "[backend-portsctrl] list present devices" 1>&2 list_prsnt_devices ;; *) # UNDEFINED LIST REQUEST echo "[backend-portsctrl] undefined list request: $in__objects" 1>&2 ;; esac ;; *) # UNDEFINED ACTION : ;; esac } message_loop # vim: autoindent tabstop=2 shiftwidth=2 expandtab softtabstop=2 filetype=sh alterator-ports-access-0.0.3/help/000075500000000000000000000000001203001015200170215ustar00rootroot00000000000000alterator-ports-access-0.0.3/help/en_US/000075500000000000000000000000001203001015200200325ustar00rootroot00000000000000alterator-ports-access-0.0.3/help/en_US/ports-access.html000064400000000000000000000023651203001015200233340ustar00rootroot00000000000000 Help - ALT Linux Console

Ports access control module

Serial ports access control

In this section displayed current configuration serial ports. To grant or restrict access to specific serial port do next steps:

  • Select desired serial port.
  • Grant or restrict access to selected port.
  • Press button Save serial port settings to confirm changes
  • Unsure that serial ports control is on. See status section.

USB ports access control

Whitelist table displays allowed USB devices. To remove rule from whitelist select desired rule in whitelist and press Delete selected rule button. To grant access to specific USB device provide one (or all) Vendor code, Product ID, Serial number and press Add new rule button.

Status

This section allow disable or enable control for Serial ports or USB devices.

alterator-ports-access-0.0.3/help/ru_RU/000075500000000000000000000000001203001015200200555ustar00rootroot00000000000000alterator-ports-access-0.0.3/help/ru_RU/ports-access.html000064400000000000000000000043451203001015200233570ustar00rootroot00000000000000 Help - ALT Linux Console

Модуль контроля доступа к портам

Контроль последовательных портов

В этом разделе модуля показаны текущие настройки последовательных портов. Для задания доступа к определённым портам, выполните следующие шаги:

  • выберите желаемый порт;
  • разрешите или запретите доступ к выбранному порту;
  • используя кнопку Сохранить настройки последовательного порта сохраните настройки;
  • посмотрите в раздел Статус, что бы убедиться в корректной работе настроек.

Контроль USB-портов

В таблице СПИСОК РАЗРЕШЕННЫХ УСТРОЙСТВ перечислены разрешеные USB устройства. Для удаления правила из списка, выберите желаемое правило и нажмите кнопку Удалить выбранное правило. Для помещения в список нового правила на определенное USB устройство, укажите один (или все) из индентификаторов: ID производителя, ID продукта, Серийный номер и нажмите кнопку Добавить новое правило.

Статус

В этом разделе можно включить или отключить контроль за последовательными портами и USB устройствами.

alterator-ports-access-0.0.3/po/000075500000000000000000000000001203001015200165075ustar00rootroot00000000000000alterator-ports-access-0.0.3/po/alterator-ports-access.pot000064400000000000000000000063471203001015200236460ustar00rootroot00000000000000# SOME DESCRIPTIVE TITLE. # Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER # This file is distributed under the same license as the PACKAGE package. # FIRST AUTHOR , YEAR. # #, fuzzy msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: \n" "POT-Creation-Date: 2012-09-19 18:20+0400\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME \n" "Language-Team: LANGUAGE \n" "Language: \n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=CHARSET\n" "Content-Transfer-Encoding: 8bit\n" #: standard input:1 msgid "Ports access control" msgstr "" #: standard input:1 msgid "Serial ports access control" msgstr "" #: standard input:2 msgid "Port" msgstr "" #: standard input:3 msgid "Enabled" msgstr "" #: standard input:4 msgid "Serial port settings" msgstr "" #: standard input:5 input:20 msgid "Value" msgstr "" #: standard input:6 msgid "Serial port:" msgstr "" #: standard input:8 msgid "Enabled:" msgstr "" #: standard input:9 msgid "Save serial port settings" msgstr "" #: standard input:10 msgid "USB ports access control" msgstr "" #: standard input:11 msgid "Allow any human interface devices (keyboard, mouse, joystick):" msgstr "" #: standard input:12 msgid "White list" msgstr "" #: standard input:13 msgid "Rule N" msgstr "" #: standard input:14 input:27 msgid "Vendor" msgstr "" #: standard input:15 msgid "ProdID" msgstr "" #: standard input:16 input:29 msgid "Serial" msgstr "" #: standard input:17 msgid "Rule info" msgstr "" #: standard input:18 msgid "Delete selected entry from white list" msgstr "" #: standard input:19 msgid "Rule parts" msgstr "" #: standard input:21 msgid "Vendor code:" msgstr "" #: standard input:22 msgid "Product ID:" msgstr "" #: standard input:23 msgid "Serial number:" msgstr "" #: standard input:24 msgid "Useful device info:" msgstr "" #: standard input:25 msgid "Add new entry to white list" msgstr "" #: standard input:26 msgid "Present USB devices in system" msgstr "" #: standard input:28 msgid "Product" msgstr "" #: standard input:30 msgid "Vendor ID" msgstr "" #: standard input:31 msgid "Product ID" msgstr "" #: standard input:32 msgid "Scan attached USB devices" msgstr "" #: standard input:33 msgid "Add selected device to white list" msgstr "" #: standard input:34 msgid "Status" msgstr "" #: standard input:35 msgid "Turn on serial control" msgstr "" #: standard input:36 msgid "Turn off serial control" msgstr "" #: standard input:37 msgid "Turn on USB control" msgstr "" #: standard input:38 msgid "Turn off USB control" msgstr "" #: ui/portsctrl/ajax.scm:27 msgid "please choose from the list above" msgstr "" #: ui/portsctrl/ajax.scm:100 msgid "Serial ports control activated" msgstr "" #: ui/portsctrl/ajax.scm:100 msgid "Serial ports control deactivated" msgstr "" #: ui/portsctrl/ajax.scm:101 msgid "USB ports control activated" msgstr "" #: ui/portsctrl/ajax.scm:101 msgid "USB ports control deactivated" msgstr "" #: backend3/portsctrl:27 backend3/portsctrl:51 backend3/portsctrl:67 #: backend3/portsctrl:182 backend3/portsctrl:200 msgid "Yes" msgstr "" #: backend3/portsctrl:28 backend3/portsctrl:59 backend3/portsctrl:195 msgid "No" msgstr "" #: backend3/portsctrl:139 msgid "None" msgstr "" alterator-ports-access-0.0.3/po/ru.po000064400000000000000000000115171203001015200175020ustar00rootroot00000000000000# Alterator passwd-policy module Russian translation. # Copyright (C) 2012 Andrew V. Stepanov # This file is distributed under the same license as # the alterator-passwd-policy package. # msgid "" msgstr "" "Project-Id-Version: 8.0\n" "Report-Msgid-Bugs-To: \n" "POT-Creation-Date: 2012-09-19 18:20+0400\n" "PO-Revision-Date: 2008-10-29 19:36+0300\n" "Last-Translator: Andrew V. Stepanov \n" "Language-Team: Russian \n" "Language: ru\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" #: standard input:1 msgid "Ports access control" msgstr "Контроль портов" #: standard input:1 msgid "Serial ports access control" msgstr "Контроль последовательных портов" #: standard input:2 msgid "Port" msgstr "Порт" #: standard input:3 msgid "Enabled" msgstr "Включен" #: standard input:4 msgid "Serial port settings" msgstr "Настройки последовательного порта" #: standard input:5 input:20 msgid "Value" msgstr "Значение" #: standard input:6 msgid "Serial port:" msgstr "Последовательный порт:" #: standard input:8 msgid "Enabled:" msgstr "Разрешен:" #: standard input:9 msgid "Save serial port settings" msgstr "Сохранить настройки последовательного порта" #: standard input:10 msgid "USB ports access control" msgstr "Контроль USB-портов" #: standard input:11 msgid "Allow any human interface devices (keyboard, mouse, joystick):" msgstr "" #: standard input:12 msgid "White list" msgstr "Список разрешенных устройств" #: standard input:13 msgid "Rule N" msgstr "Правило №" #: standard input:14 input:27 msgid "Vendor" msgstr "ID производителя" #: standard input:15 msgid "ProdID" msgstr "ID продукта" #: standard input:16 input:29 msgid "Serial" msgstr "Серийный №" #: standard input:17 msgid "Rule info" msgstr "Информация" #: standard input:18 msgid "Delete selected entry from white list" msgstr "Удалить выбранное правило" #: standard input:19 msgid "Rule parts" msgstr "Части правила" #: standard input:21 msgid "Vendor code:" msgstr "ID производителя:" #: standard input:22 msgid "Product ID:" msgstr "ID продукта:" #: standard input:23 msgid "Serial number:" msgstr "Серийный номер:" #: standard input:24 msgid "Useful device info:" msgstr "Полезная информация об устройстве:" #: standard input:25 msgid "Add new entry to white list" msgstr "Добавить новое правило" #: standard input:26 msgid "Present USB devices in system" msgstr "Подключенные USB устройства" #: standard input:28 msgid "Product" msgstr "Устройство" #: standard input:30 msgid "Vendor ID" msgstr "ID производителя" #: standard input:31 msgid "Product ID" msgstr "ID продукта" #: standard input:32 msgid "Scan attached USB devices" msgstr "Сканировать USB устройства" #: standard input:33 msgid "Add selected device to white list" msgstr "Разрешить выбранное устройство" #: standard input:34 msgid "Status" msgstr "Статус" #: standard input:35 msgid "Turn on serial control" msgstr "Включить контроль последовательных портов" #: standard input:36 msgid "Turn off serial control" msgstr "Выключить контроль последовательных портов" #: standard input:37 msgid "Turn on USB control" msgstr "Включить контроль USB-портов" #: standard input:38 msgid "Turn off USB control" msgstr "Выключить контроль USB-портов" #: ui/portsctrl/ajax.scm:27 msgid "please choose from the list above" msgstr "пожалуйста выберете из списка выше" #: ui/portsctrl/ajax.scm:100 msgid "Serial ports control activated" msgstr "Контроль последовательных портов активирован" #: ui/portsctrl/ajax.scm:100 msgid "Serial ports control deactivated" msgstr "Контроль последовательных портов выключен" #: ui/portsctrl/ajax.scm:101 msgid "USB ports control activated" msgstr "Контроль USB-портов активирован" #: ui/portsctrl/ajax.scm:101 msgid "USB ports control deactivated" msgstr "Контроль USB-портов выключен" #: backend3/portsctrl:27 backend3/portsctrl:51 backend3/portsctrl:67 #: backend3/portsctrl:182 backend3/portsctrl:200 msgid "Yes" msgstr "Да" #: backend3/portsctrl:28 backend3/portsctrl:59 backend3/portsctrl:195 msgid "No" msgstr "Нет" #: backend3/portsctrl:139 msgid "None" msgstr "Нет" alterator-ports-access-0.0.3/rc.serial000064400000000000000000000006421203001015200177000ustar00rootroot00000000000000#!/bin/sh # This file is covered by the GNU General Public License. # Copyright (C) 2012 Andrew V. Stepanov # Set serial ports access settigs # This file is part of alterator-ports-access package readonly RUN_PROG="/usr/bin/alterator-ports-access" if [ -f "$RUN_PROG" -a -x "$RUN_PROG" ]; then "$RUN_PROG" -s fi # vim: autoindent tabstop=2 shiftwidth=2 expandtab softtabstop=2 filetype=sh alterator-ports-access-0.0.3/udev-test-helper000064400000000000000000000006441203001015200212150ustar00rootroot00000000000000#!/bin/sh # USB HID devices has class ID == 03 # Test correct invocation [ "$DEVTYPE" != "usb_device" ] && exit 1 [ "$SUBSYSTEM" != "usb" ] && exit 1 [ -z "$DEVPATH" ] && exit 1 dpath="/sys/$DEVPATH" for i in $(find "$dpath" -name "bInterfaceClass"); do class="$(cat "$i")" [ "$class" = "03" ] && exit 0 done # Not HID device exit 1 # vim: autoindent tabstop=2 shiftwidth=2 expandtab softtabstop=2 filetype=sh alterator-ports-access-0.0.3/ui/000075500000000000000000000000001203001015200165065ustar00rootroot00000000000000alterator-ports-access-0.0.3/ui/portsctrl/000075500000000000000000000000001203001015200205425ustar00rootroot00000000000000alterator-ports-access-0.0.3/ui/portsctrl/ajax.scm000064400000000000000000000161371203001015200222010ustar00rootroot00000000000000(define-module (ui portsctrl ajax) :use-module (alterator ajax) :use-module (alterator woo) :use-module (alterator card-index) :export (init)) ; Debug string (paste in for your needs). ;(format #t "XXX: ~S\n" rdp_profile_name) ; Select some USB rule (define (usb-rule-selected) (form-update-activity "btn_usb_rule_remove" #t)) ; Select present USB device (define (usb-prsnt-dev-selected) (form-update-activity "btn_prsnt_dev_add" #t)) ; Update widgets status (define (widgets-update) (format #t "[ajax,portsctrl] Update widgets status\n") (form-update-activity "btn_serial_save" #f) (form-update-activity "btn_usb_rule_remove" #f) (form-update-activity "btn_prsnt_dev_add" #f) (form-update-value "label_serial_selected" (_ "please choose from the list above" "alterator-ports-access"))) ; Reset all values (define (widgets-reset) (format #t "[ajax,portsctrl] Reset all widgets\n") (for-each (lambda(p) (form-update-value p "")) '("label_usb_control" "label_serial_control" "label_serial_selected" "list_serial_enabled" "input_usb_vendor" "input_usb_productid" "input_usb_info" "input_usb_serial"))) ; Allow USB hid (define (allow-usb-hid) (catch/message (lambda() (woo-write "/portsctrl/usb_hid" 'allow_hid (form-value "bool_allow_hid"))))) ; Force scan USB device (define (prsnt-scan) (format #t "[ajax,portsctrl] Force scan present devices\n") (form-update-enum "list_prsnt_devices" (woo-list "/portsctrl/list_prsnt_devices" 'force "yes" 'language (form-value "language"))) (form-update-activity "btn_prsnt_dev_add" #f) (form-bind "list_prsnt_devices" "change" usb-prsnt-dev-selected)) ; Read current settings (define (read-current-status) (format #t "[ajax,portsctrl] Read current status\n") (and ; Reset widgets (widgets-reset) ; Fill lists (for-each (lambda(lst) (form-update-enum lst (woo-list (string-append "/portsctrl/" lst) 'language (form-value "language")))) '("list_serial" "list_usb_rules" "list_serial_enabled" "list_prsnt_devices")) ; Rebind actions on lists (form-bind "list_serial" "change" serial-edit) (form-bind "list_usb_rules" "change" usb-rule-selected) (form-bind "list_prsnt_devices" "change" usb-prsnt-dev-selected) ; Read current settings (let* ((settings (woo-read-first "/portsctrl/status" 'language (form-value "language"))) (usb-ctrl-on (woo-get-option settings 'usb_ctrl_on #f)) (usb-hid (woo-get-option settings 'usb_hid #f)) (serial-ctrl-on (woo-get-option settings 'serial_ctrl_on #f))) (form-update-value "label_serial_control" (if serial-ctrl-on (_ "Serial ports control activated" "alterator-ports-access") (_ "Serial ports control deactivated" "alterator-ports-access"))) (form-update-value "label_usb_control" (if usb-ctrl-on (_ "USB ports control activated" "alterator-ports-access") (_ "USB ports control deactivated" "alterator-ports-access"))) (form-update-value "bool_allow_hid" usb-hid) (form-update-visibility "btn_serial_off" serial-ctrl-on) (form-update-visibility "btn_serial_on" (not serial-ctrl-on)) (form-update-visibility "btn_usb_off" usb-ctrl-on) (form-update-visibility "btn_usb_on" (not usb-ctrl-on))) ; Update widgets status (widgets-update))) ; Change control (define (control proto enabled) (format #t "[ajax,portsctrl] change control for ~S to ~S\n" proto enabled) (catch/message (lambda() (woo-write "/portsctrl/ctrl" 'proto proto 'enabled enabled 'language (form-value "language")))) (read-current-status)) ; Turn ON serial control (define (serial-ctrl-on) (control "serial" #t)) ; Turn OFF serial control (define (serial-ctrl-off) (control "serial" #f)) ; Turn ON USB control (define (usb-ctrl-on) (control "usb" #t)) ; Turn OFF USB control (define (usb-ctrl-off) (control "usb" #f)) ; Save serial port settings (define (serial-save) (format #t "[ajax,portsctrl] Save serial port settings\n") (catch/message (lambda() (woo-write "/portsctrl/serial" 'port (form-value "list_serial") 'enabled (form-value "list_serial_enabled") 'language (form-value "language")))) (read-current-status)) ; Remove selected entry from USB whitelist (define (usb-rule-remove) (format #t "[ajax,portsctrl] Remove selected rule from whitelist\n") (catch/message (lambda() (woo-write "/portsctrl/usb_rm" 'rule_num (f-get-ci-value "list_usb_rules") 'language (form-value "language")))) (read-current-status)) ; Add new USB rule to white list (define (usb-rule-new) (format #t "[ajax,portsctrl] Add new entry to USB whitelist\n") (catch/message (lambda() (woo-write "/portsctrl/usb_add" 'vendor (form-value "input_usb_vendor") 'productid (form-value "input_usb_productid") 'serial (form-value "input_usb_serial") 'info (form-value "input_usb_info") 'language (form-value "language")))) (read-current-status)) ; Add present USB device to white list (define (prsnt-dev-add) (format #t "[ajax,portsctrl] Add present USB device to whitelist\n") (catch/message (lambda() (woo-write "/portsctrl/usb_add_prsnt" 'vendor_product (f-get-ci-value "list_prsnt_devices") 'language (form-value "language")))) (read-current-status)) ; Edit serial port setting (define (serial-edit) (format #t "[ajax,portsctrl] Edit serial port settings\n") (let* ((port (f-get-ci-value "list_serial"))) (and (string? port) ; Read current port settings (let* ((settings (woo-read-first "/portsctrl/serial_port" 'port port 'language (form-value "language")))) (form-update-value-list '("label_serial_selected" "list_serial_enabled") settings)) (form-update-activity "btn_serial_save" #t)))) ; Initialization routine (define (init) (format #t "[ajax,portsctrl] Run initialization routine\n") ; Interconnect button with action (form-bind "btn_serial_save" "click" serial-save) (form-bind "btn_usb_rule_remove" "click" usb-rule-remove) (form-bind "btn_usb_new_rule" "click" usb-rule-new) (form-bind "btn_prsnt_dev_add" "click" prsnt-dev-add) (form-bind "btn_prsnt_scan" "click" prsnt-scan) (form-bind "bool_allow_hid" "change" allow-usb-hid) (form-bind "btn_serial_on" "click" serial-ctrl-on) (form-bind "btn_serial_off" "click" serial-ctrl-off) (form-bind "btn_usb_on" "click" usb-ctrl-on) (form-bind "btn_usb_off" "click" usb-ctrl-off) ; Interface initialization (read-current-status)) ; vim: ft=lisp expandtab alterator-ports-access-0.0.3/ui/portsctrl/index.html000064400000000000000000000176601203001015200225510ustar00rootroot00000000000000

Serial ports access control

Port Enabled

Serial port settings Value
Serial port:
Enabled:

USB ports access control

Allow any human interface devices (keyboard, mouse, joystick):

White list

Rule N Vendor ProdID Serial Rule info

Rule parts Value
Vendor code:
Product ID:
Serial number:
Useful device info:

Present USB devices in system

Vendor Product Serial Vendor ID Product ID
  

Status