Remove firewall configuration screen. This will be coming back in

firstboot using system-config-securitylevel.

2 files changed, 7 insertions, 183 deletions

diff --git a/iw/firewall_gui.py b/iw/firewall_gui.py
deleted file mode 100644
index 3c64f0fb2..000000000
--- a/iw/firewall_gui.py
+++ /dev/null
@@ -1,183 +0,0 @@
-#
-# firewall_gui.py: firewall setup screen
-#
-# Copyright 2001-2004 Red Hat, Inc.
-#
-# This software may be freely redistributed under the terms of the GNU
-# library public license.
-#
-# You should have received a copy of the GNU Library Public License
-# along with this program; if not, write to the Free Software
-# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
-#
-
-import checklist
-import gtk
-import gui
-from iw_gui import *
-from isys import *
-from rhpl.translate import _, N_
-from flags import flags
-from constants import *
-
-selopts = [ N_("Disabled"), N_("Warn"), N_("Active") ]
-
-class FirewallWindow (InstallWindow):		
-
-    windowTitle = N_("Firewall")
-    htmlTag = "securitylevel"
-
-    def __init__ (self, ics):
-	InstallWindow.__init__ (self, ics)
-
-    def getNext (self):
-        self.security.setSELinux(self.selinux_combo.get_active())
-        
-        if self.disabled_radio.get_active ():
-	    rc2 = self.intf.messageWindow(_("Warning - No Firewall"),
-		   _("If this system is attached directly to the Internet or "
-		     "is on a large public network, it is recommended that a "
-		     "firewall be configured to help prevent unauthorized "
-		     "access.  However, you have selected not to "
-		     "configure a firewall.  Choose \"Proceed\" to continue "
-		     "without a firewall."),
-		    type="custom", custom_icon="warning",
-		    custom_buttons=[_("_Configure Firewall"), _("_Proceed")])
-	    
-	    if rc2 == 0:
-		raise gui.StayOnScreen
-            self.firewall.enabled = 0
-        else:
-            self.firewall.enabled = 1
-            
-            count = 0
-            for service in self.firewall.services:
-                val = self.incoming.get_active(count)
-                service.set_enabled(val)
-                count = count + 1
-
-    def activate_firewall (self, widget):
-        if self.disabled_radio.get_active ():
-            self.table.set_sensitive(False)            
-        else:
-            self.table.set_sensitive(True)
-
-    def getScreen (self, intf, network, firewall, security):
-	self.firewall = firewall
-        self.security = security
-	self.network = network
-        self.intf = intf
-
-        self.devices = self.network.available().keys()
-        self.devices.sort()
-        
-	self.netCBs = {}
-
-        box = gtk.VBox (False, 5)
-        box.set_border_width (5)
-
-        label = gui.WrappingLabel (_("A firewall can help prevent "
-                                     "unauthorized access to your computer "
-                                     "from the outside world.  Would you like "
-                                     "to enable a firewall?"))
-        label.set_alignment (0.0, 0)
-	label.set_size_request(450, -1)        
-
-        box.pack_start(label, False)
-
-        vbox = gtk.VBox (False)
-
-        self.disabled_radio = gtk.RadioButton (None, (_("N_o firewall")))
-        self.enabled_radio = gtk.RadioButton (self.disabled_radio,
-                                               (_("_Enable firewall")))
-        self.disabled_radio.connect("clicked", self.activate_firewall)
-        self.enabled_radio.connect("clicked", self.activate_firewall)
-
-        vbox.pack_start (self.disabled_radio)
-        vbox.pack_start (self.enabled_radio)
-
-        a = gtk.Alignment ()
-        a.add (vbox)
-        a.set (0.3, 0, 0.7, 1.0)
-
-        box.pack_start (a, False, 5)
-
-        self.table = gtk.Table (2, 8)
-        box.pack_start (self.table, False, 5)
-
-        y = 0
-        label = gui.WrappingLabel (_("You can use a firewall to allow "
-                                     "access to specific services on your "
-                                     "computer from other computers. Which "
-                                     "services, if any, do you wish to "
-                                     "allow access to ?"))
-	label.set_size_request(400, -1)
-        label.set_alignment(0.0, 0.0)
-        self.table.attach(label, 0, 2, y, y + 1, gtk.EXPAND | gtk.FILL, gtk.FILL, 5, 5)
-
-        y = y + 1
-        hbox = gtk.HBox(False, 10)        
-        self.incoming = checklist.CheckList(1)
-	self.incoming.set_size_request(-1, 125)
-
-        incomingSW = gtk.ScrolledWindow()
-        incomingSW.set_border_width(5)
-        incomingSW.set_policy(gtk.POLICY_NEVER, gtk.POLICY_AUTOMATIC)
-        incomingSW.set_shadow_type(gtk.SHADOW_IN)
-        incomingSW.add(self.incoming)
-        
-        for serv in self.firewall.services:
-            self.incoming.append_row ( (_(serv.get_name()), serv),
-                                       serv.get_enabled() )
-
-        self.table.attach (incomingSW, 0, 2, y, y + 1, gtk.EXPAND|gtk.FILL, gtk.FILL, 5, 5)
-
-        if self.firewall.enabled == 0:
-            self.disabled_radio.set_active (True)
-        else:
-            self.enabled_radio.set_active(True)
-            
-        self.activate_firewall(None)
-
-        # SELinux widgets
-        selbox = gtk.VBox()
-        selbox.set_spacing(8)
-
-        l = gui.WrappingLabel(_("Security Enhanced Linux (SELinux) "
-                                "provides finer-grained "
-                                "security controls than those available "
-                                "in a traditional Linux system.  It can "
-                                "be set up in a disabled state, a state "
-                                "which only warns about things which would "
-                                "be denied, or a fully active state."))
-        l.set_size_request(400, -1)
-        l.set_alignment(0.0, 0.0)
-
-        selbox.pack_start(l, False)
-
-        label = gtk.Label(_("Enable _SELinux?:"))
-        label.set_use_underline(True)
-        self.selinux_combo = gtk.combo_box_new_text()
-        label.set_mnemonic_widget(self.selinux_combo)
-
-        for i in selopts:
-            self.selinux_combo.append_text(_(i))
-
-        self.selinux_combo.set_active(self.security.getSELinux())
-        
-        hbox = gtk.HBox()
-        hbox.set_spacing(8)
-        hbox.pack_start(label, False)
-        hbox.pack_start(self.selinux_combo, False)
-        selbox.pack_start(hbox)
-
-        if flags.selinux == 0:
-            selbox.set_sensitive(False)
-
-        if (SELINUX_DEFAULT == 1) or flags.selinux:
-            box.pack_start (gtk.HSeparator(), False)
-            box.pack_start(selbox, False)
-
-        return box
-
-
diff --git a/iw/network_gui.py b/iw/network_gui.py
index c5b4da9f9..236ebe529 100644
--- a/iw/network_gui.py
+++ b/iw/network_gui.py
@@ -122,6 +122,13 @@ class NetworkWindow(InstallWindow):
 	self.network.hostname = newHostname
 	self.network.overrideDHCPhostname = override
 
+	# Initialize firewall and SELinux settings to our strict defaults
+	# but only if we're not doing a kickstart install.
+	if self.id.instClass.name != "kickstart":
+	    import security
+	    self.id.instClass.setFirewall (self.id, ports = ["22:tcp"])
+	    self.id.instClass.setSELinux (self.id, security.SEL_ENFORCING)
+
         return None
         
     def DHCPtoggled(self, widget, (dev, table)):