Qubes/core-admin
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

qubespolicy: implement --just-evaluate and --assume-yes-for-ask options

Browse Source 
Those were registered in the parser, but ignored otherwise. The main
(and only?) purpose of them is to evaluate policy when pasting some text
between domains.

Fixes QubesOS/qubes-issues#2985
This commit is contained in:
Marek Marczykowski-Górecki 2017-08-07 02:02:01 +02:00
parent 5d0a2fe463
commit b3c92c475a
No known key found for this signature in database
GPG Key ID: 063938BA42CFA724
1 changed files with 8 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
qubespolicy/cli.py
View File

@ -66,6 +66,14 @@ def main(args=None):
try:
policy = qubespolicy.Policy(args.service_name)
action = policy.evaluate(system_info, args.domain, args.target)
if args.assume_yes_for_ask and action.action == qubespolicy.Action.ask:
action.action = qubespolicy.Action.allow
if args.just_evaluate:
return {
qubespolicy.Action.allow: 0,
qubespolicy.Action.deny: 1,
qubespolicy.Action.ask: 1,
}[action.action]
if action.action == qubespolicy.Action.ask:
# late import to save on time for allow/deny actions
import pydbus