[policycoreutils] - Move /etc/pam.d/newrole in to polcicycoreutils-newrole - Additiona capability checking in sepolge
Daniel J Walsh
dwalsh at fedoraproject.org
Fri Oct 29 13:39:14 UTC 2010
commit 622bb69d771cee09d954a50361e0e31e19375aee
Author: Dan Walsh <dwalsh at redhat.com>
Date: Fri Oct 29 09:39:03 2010 -0400
- Move /etc/pam.d/newrole in to polcicycoreutils-newrole
- Additiona capability checking in sepolgen
policycoreutils-gui.patch | 107 ++--
policycoreutils-po.patch | 230 +++-----
policycoreutils-rhat.patch | 1531 +++++++++++++++++++++++---------------------
policycoreutils.spec | 8 +-
4 files changed, 923 insertions(+), 953 deletions(-)
---
diff --git a/policycoreutils-gui.patch b/policycoreutils-gui.patch
index d5c3964..f5e57ad 100644
--- a/policycoreutils-gui.patch
+++ b/policycoreutils-gui.patch
@@ -1,6 +1,6 @@
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/booleansPage.py policycoreutils-2.0.83/gui/booleansPage.py
--- nsapolicycoreutils/gui/booleansPage.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.83/gui/booleansPage.py 2010-07-30 13:50:41.000000000 -0400
++++ policycoreutils-2.0.83/gui/booleansPage.py 2010-10-25 17:11:18.000000000 -0400
@@ -0,0 +1,247 @@
+#
+# booleansPage.py - GUI for Booleans page in system-config-securitylevel
@@ -251,7 +251,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/booleansPage.py poli
+
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/domainsPage.py policycoreutils-2.0.83/gui/domainsPage.py
--- nsapolicycoreutils/gui/domainsPage.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.83/gui/domainsPage.py 2010-07-30 13:50:41.000000000 -0400
++++ policycoreutils-2.0.83/gui/domainsPage.py 2010-10-25 17:11:18.000000000 -0400
@@ -0,0 +1,154 @@
+## domainsPage.py - show selinux domains
+## Copyright (C) 2009 Red Hat, Inc.
@@ -409,7 +409,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/domainsPage.py polic
+ self.error(e.args[0])
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/fcontextPage.py policycoreutils-2.0.83/gui/fcontextPage.py
--- nsapolicycoreutils/gui/fcontextPage.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.83/gui/fcontextPage.py 2010-08-23 11:16:44.000000000 -0400
++++ policycoreutils-2.0.83/gui/fcontextPage.py 2010-10-25 17:11:18.000000000 -0400
@@ -0,0 +1,223 @@
+## fcontextPage.py - show selinux mappings
+## Copyright (C) 2006 Red Hat, Inc.
@@ -636,7 +636,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/fcontextPage.py poli
+ self.store.set_value(iter, TYPE_COL, "%s:%s" % (type, mls))
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/html_util.py policycoreutils-2.0.83/gui/html_util.py
--- nsapolicycoreutils/gui/html_util.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.83/gui/html_util.py 2010-07-30 13:50:41.000000000 -0400
++++ policycoreutils-2.0.83/gui/html_util.py 2010-10-25 17:11:18.000000000 -0400
@@ -0,0 +1,164 @@
+# Authors: John Dennis <jdennis at redhat.com>
+#
@@ -804,7 +804,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/html_util.py policyc
+
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.glade policycoreutils-2.0.83/gui/lockdown.glade
--- nsapolicycoreutils/gui/lockdown.glade 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.83/gui/lockdown.glade 2010-07-30 13:50:41.000000000 -0400
++++ policycoreutils-2.0.83/gui/lockdown.glade 2010-10-25 17:11:18.000000000 -0400
@@ -0,0 +1,771 @@
+<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*-->
+<!DOCTYPE glade-interface SYSTEM "http://glade.gnome.org/glade-2.0.dtd">
@@ -1579,7 +1579,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.glade polic
+</glade-interface>
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.gladep policycoreutils-2.0.83/gui/lockdown.gladep
--- nsapolicycoreutils/gui/lockdown.gladep 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.83/gui/lockdown.gladep 2010-07-30 13:50:41.000000000 -0400
++++ policycoreutils-2.0.83/gui/lockdown.gladep 2010-10-25 17:11:18.000000000 -0400
@@ -0,0 +1,7 @@
+<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*-->
+<!DOCTYPE glade-project SYSTEM "http://glade.gnome.org/glade-project-2.0.dtd">
@@ -1590,7 +1590,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.gladep poli
+</glade-project>
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.py policycoreutils-2.0.83/gui/lockdown.py
--- nsapolicycoreutils/gui/lockdown.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.83/gui/lockdown.py 2010-07-30 13:50:41.000000000 -0400
++++ policycoreutils-2.0.83/gui/lockdown.py 2010-10-25 17:11:18.000000000 -0400
@@ -0,0 +1,382 @@
+#!/usr/bin/python -Es
+#
@@ -1976,7 +1976,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.py policyco
+ app.stand_alone()
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/loginsPage.py policycoreutils-2.0.83/gui/loginsPage.py
--- nsapolicycoreutils/gui/loginsPage.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.83/gui/loginsPage.py 2010-07-30 13:50:41.000000000 -0400
++++ policycoreutils-2.0.83/gui/loginsPage.py 2010-10-25 17:11:18.000000000 -0400
@@ -0,0 +1,185 @@
+## loginsPage.py - show selinux mappings
+## Copyright (C) 2006 Red Hat, Inc.
@@ -2165,7 +2165,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/loginsPage.py policy
+
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/Makefile policycoreutils-2.0.83/gui/Makefile
--- nsapolicycoreutils/gui/Makefile 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.83/gui/Makefile 2010-07-30 13:50:41.000000000 -0400
++++ policycoreutils-2.0.83/gui/Makefile 2010-10-25 17:11:18.000000000 -0400
@@ -0,0 +1,40 @@
+# Installation directories.
+PREFIX ?= ${DESTDIR}/usr
@@ -2209,7 +2209,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/Makefile policycoreu
+relabel:
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/mappingsPage.py policycoreutils-2.0.83/gui/mappingsPage.py
--- nsapolicycoreutils/gui/mappingsPage.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.83/gui/mappingsPage.py 2010-07-30 13:50:41.000000000 -0400
++++ policycoreutils-2.0.83/gui/mappingsPage.py 2010-10-25 17:11:18.000000000 -0400
@@ -0,0 +1,56 @@
+## mappingsPage.py - show selinux mappings
+## Copyright (C) 2006 Red Hat, Inc.
@@ -2269,7 +2269,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/mappingsPage.py poli
+
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/modulesPage.py policycoreutils-2.0.83/gui/modulesPage.py
--- nsapolicycoreutils/gui/modulesPage.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.83/gui/modulesPage.py 2010-07-30 13:50:41.000000000 -0400
++++ policycoreutils-2.0.83/gui/modulesPage.py 2010-10-25 17:11:18.000000000 -0400
@@ -0,0 +1,190 @@
+## modulesPage.py - show selinux mappings
+## Copyright (C) 2006-2009 Red Hat, Inc.
@@ -2463,7 +2463,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/modulesPage.py polic
+ self.error(e.args[0])
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.glade policycoreutils-2.0.83/gui/polgen.glade
--- nsapolicycoreutils/gui/polgen.glade 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.83/gui/polgen.glade 2010-07-30 13:50:41.000000000 -0400
++++ policycoreutils-2.0.83/gui/polgen.glade 2010-10-25 17:11:18.000000000 -0400
@@ -0,0 +1,3305 @@
+<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*-->
+<!DOCTYPE glade-interface SYSTEM "http://glade.gnome.org/glade-2.0.dtd">
@@ -5772,7 +5772,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.glade policyc
+</glade-interface>
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.gladep policycoreutils-2.0.83/gui/polgen.gladep
--- nsapolicycoreutils/gui/polgen.gladep 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.83/gui/polgen.gladep 2010-07-30 13:50:41.000000000 -0400
++++ policycoreutils-2.0.83/gui/polgen.gladep 2010-10-25 17:11:18.000000000 -0400
@@ -0,0 +1,7 @@
+<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*-->
+<!DOCTYPE glade-project SYSTEM "http://glade.gnome.org/glade-project-2.0.dtd">
@@ -5783,7 +5783,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.gladep policy
+</glade-project>
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgengui.py policycoreutils-2.0.83/gui/polgengui.py
--- nsapolicycoreutils/gui/polgengui.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.83/gui/polgengui.py 2010-09-10 11:45:24.000000000 -0400
++++ policycoreutils-2.0.83/gui/polgengui.py 2010-10-25 17:11:18.000000000 -0400
@@ -0,0 +1,657 @@
+#!/usr/bin/python -Es
+#
@@ -6444,8 +6444,8 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgengui.py policyc
+ app.stand_alone()
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycoreutils-2.0.83/gui/polgen.py
--- nsapolicycoreutils/gui/polgen.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.83/gui/polgen.py 2010-09-10 11:45:43.000000000 -0400
-@@ -0,0 +1,1318 @@
++++ policycoreutils-2.0.83/gui/polgen.py 2010-10-29 08:47:44.000000000 -0400
+@@ -0,0 +1,1311 @@
+#!/usr/bin/python -Es
+#
+# Copyright (C) 2007-2010 Red Hat
@@ -6548,9 +6548,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore
+ types=get_all_types()
+ types.sort()
+ for i in types:
-+ m = re.findall("(.*)%s" % "_exec$", i)
++ m = re.findall("(.*)%s" % "_exec_t$", i)
+ if len(m) > 0:
-+ if len(re.findall("(.*)%s" % "_initrc$", m[0])) == 0:
++ if len(re.findall("(.*)%s" % "_initrc$", m[0])) == 0 and m[0] not in all_domains:
+ all_domains.append(m[0])
+ return all_domains
+
@@ -6703,6 +6703,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore
+ self.symbols["fsetid"] = "add_capability('fsetid')"
+ self.symbols["kill"] = "add_capability('kill')"
+ self.symbols["setgid"] = "add_capability('setgid')"
++ self.symbols["setresuid"] = "add_capability('setuid')"
+ self.symbols["setuid"] = "add_capability('setuid')"
+ self.symbols["setpcap"] = "add_capability('setpcap')"
+ self.symbols["linux_immutable"] = "add_capability('linux_immutable')"
@@ -6714,9 +6715,12 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore
+ self.symbols["ipc_owner"] = "add_capability('ipc_owner')"
+ self.symbols["sys_module"] = "add_capability('sys_module')"
+ self.symbols["sys_rawio"] = "add_capability('sys_rawio')"
++ self.symbols["chroot"] = "add_capability('sys_chroot')"
+ self.symbols["sys_chroot"] = "add_capability('sys_chroot')"
+ self.symbols["sys_ptrace"] = "add_capability('sys_ptrace')"
+ self.symbols["sys_pacct"] = "add_capability('sys_pacct')"
++ self.symbols["mount"] = "add_capability('sys_admin')"
++ self.symbols["unshare"] = "add_capability('sys_admin')"
+ self.symbols["sys_admin"] = "add_capability('sys_admin')"
+ self.symbols["sys_boot"] = "add_capability('sys_boot')"
+ self.symbols["sys_nice"] = "add_capability('sys_nice')"
@@ -6840,13 +6844,13 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore
+
+ def set_program(self, program):
+ if self.type not in APPLICATIONS:
-+ raise ValueError(_("USER Types are not allowed executables"))
++ raise ValueError(_("User Role types can not be assigned executables."))
+
+ self.program = program
+
+ def set_init_script(self, initscript):
+ if self.type != DAEMON:
-+ raise ValueError(_("Only DAEMON apps can use an init script"))
++ raise ValueError(_("Only Daemon apps can use an init script.."))
+
+ self.initscript = initscript
+
@@ -7740,17 +7744,6 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore
+ if len(cmds) == 0:
+ usage(_("Executable or Name required"))
+
-+ if not name:
-+ name = os.path.basename(cmds[0]).replace("-","_")
-+ cmd = cmds[0]
-+ mypolicy = policy(name, setype)
-+ mypolicy.set_program(cmd)
-+ if setype in APPLICATIONS:
-+ mypolicy.gen_writeable()
-+ mypolicy.gen_symbols()
-+ print mypolicy.generate()
-+ sys.exit(0)
-+
+ try:
+ if not name:
+ name = os.path.basename(cmds[0]).replace("-","_")
@@ -7766,7 +7759,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore
+ usage(e)
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/portsPage.py policycoreutils-2.0.83/gui/portsPage.py
--- nsapolicycoreutils/gui/portsPage.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.83/gui/portsPage.py 2010-07-30 13:50:41.000000000 -0400
++++ policycoreutils-2.0.83/gui/portsPage.py 2010-10-25 17:11:18.000000000 -0400
@@ -0,0 +1,259 @@
+## portsPage.py - show selinux mappings
+## Copyright (C) 2006 Red Hat, Inc.
@@ -8029,7 +8022,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/portsPage.py policyc
+
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/selinux.tbl policycoreutils-2.0.83/gui/selinux.tbl
--- nsapolicycoreutils/gui/selinux.tbl 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.83/gui/selinux.tbl 2010-07-30 13:50:41.000000000 -0400
++++ policycoreutils-2.0.83/gui/selinux.tbl 2010-10-25 17:11:18.000000000 -0400
@@ -0,0 +1,234 @@
+acct_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for acct daemon")
+allow_daemons_dump_core _("Admin") _("Allow all daemons to write corefiles to /")
@@ -8267,7 +8260,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/selinux.tbl policyco
+
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/semanagePage.py policycoreutils-2.0.83/gui/semanagePage.py
--- nsapolicycoreutils/gui/semanagePage.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.83/gui/semanagePage.py 2010-07-30 13:50:41.000000000 -0400
++++ policycoreutils-2.0.83/gui/semanagePage.py 2010-10-25 17:11:18.000000000 -0400
@@ -0,0 +1,168 @@
+## semanagePage.py - show selinux mappings
+## Copyright (C) 2006 Red Hat, Inc.
@@ -8439,7 +8432,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/semanagePage.py poli
+
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/statusPage.py policycoreutils-2.0.83/gui/statusPage.py
--- nsapolicycoreutils/gui/statusPage.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.83/gui/statusPage.py 2010-07-30 13:50:41.000000000 -0400
++++ policycoreutils-2.0.83/gui/statusPage.py 2010-10-25 17:11:19.000000000 -0400
@@ -0,0 +1,190 @@
+# statusPage.py - show selinux status
+## Copyright (C) 2006-2009 Red Hat, Inc.
@@ -8633,7 +8626,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/statusPage.py policy
+
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinux.glade policycoreutils-2.0.83/gui/system-config-selinux.glade
--- nsapolicycoreutils/gui/system-config-selinux.glade 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.83/gui/system-config-selinux.glade 2010-07-30 13:50:41.000000000 -0400
++++ policycoreutils-2.0.83/gui/system-config-selinux.glade 2010-10-25 17:11:19.000000000 -0400
@@ -0,0 +1,3024 @@
+<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*-->
+<!DOCTYPE glade-interface SYSTEM "http://glade.gnome.org/glade-2.0.dtd">
@@ -11661,7 +11654,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinu
+</glade-interface>
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinux.gladep policycoreutils-2.0.83/gui/system-config-selinux.gladep
--- nsapolicycoreutils/gui/system-config-selinux.gladep 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.83/gui/system-config-selinux.gladep 2010-07-30 13:50:41.000000000 -0400
++++ policycoreutils-2.0.83/gui/system-config-selinux.gladep 2010-10-25 17:11:19.000000000 -0400
@@ -0,0 +1,7 @@
+<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*-->
+<!DOCTYPE glade-project SYSTEM "http://glade.gnome.org/glade-project-2.0.dtd">
@@ -11672,7 +11665,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinu
+</glade-project>
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinux.py policycoreutils-2.0.83/gui/system-config-selinux.py
--- nsapolicycoreutils/gui/system-config-selinux.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.83/gui/system-config-selinux.py 2010-07-30 13:50:41.000000000 -0400
++++ policycoreutils-2.0.83/gui/system-config-selinux.py 2010-10-25 17:11:19.000000000 -0400
@@ -0,0 +1,187 @@
+#!/usr/bin/python -Es
+#
@@ -11863,7 +11856,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinu
+ app.stand_alone()
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/boolean.py policycoreutils-2.0.83/gui/templates/boolean.py
--- nsapolicycoreutils/gui/templates/boolean.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.83/gui/templates/boolean.py 2010-07-30 13:50:41.000000000 -0400
++++ policycoreutils-2.0.83/gui/templates/boolean.py 2010-10-25 17:11:19.000000000 -0400
@@ -0,0 +1,40 @@
+# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information
@@ -11907,7 +11900,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/boolean.py
+
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/etc_rw.py policycoreutils-2.0.83/gui/templates/etc_rw.py
--- nsapolicycoreutils/gui/templates/etc_rw.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.83/gui/templates/etc_rw.py 2010-07-30 13:50:41.000000000 -0400
++++ policycoreutils-2.0.83/gui/templates/etc_rw.py 2010-10-25 17:11:19.000000000 -0400
@@ -0,0 +1,113 @@
+# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information
@@ -12024,7 +12017,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/etc_rw.py
+"""
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/executable.py policycoreutils-2.0.83/gui/templates/executable.py
--- nsapolicycoreutils/gui/templates/executable.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.83/gui/templates/executable.py 2010-08-05 10:24:24.000000000 -0400
++++ policycoreutils-2.0.83/gui/templates/executable.py 2010-10-25 17:11:19.000000000 -0400
@@ -0,0 +1,393 @@
+# Copyright (C) 2007-2009 Red Hat
+# see file 'COPYING' for use and warranty information
@@ -12421,7 +12414,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/executable
+"""
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/__init__.py policycoreutils-2.0.83/gui/templates/__init__.py
--- nsapolicycoreutils/gui/templates/__init__.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.83/gui/templates/__init__.py 2010-07-30 13:50:41.000000000 -0400
++++ policycoreutils-2.0.83/gui/templates/__init__.py 2010-10-25 17:11:19.000000000 -0400
@@ -0,0 +1,18 @@
+#
+# Copyright (C) 2007 Red Hat, Inc.
@@ -12443,7 +12436,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/__init__.p
+
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/network.py policycoreutils-2.0.83/gui/templates/network.py
--- nsapolicycoreutils/gui/templates/network.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.83/gui/templates/network.py 2010-07-30 13:50:41.000000000 -0400
++++ policycoreutils-2.0.83/gui/templates/network.py 2010-10-25 17:11:19.000000000 -0400
@@ -0,0 +1,80 @@
+te_port_types="""
+type TEMPLATETYPE_port_t;
@@ -12527,7 +12520,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/network.py
+
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/polgen.py policycoreutils-2.0.83/gui/templates/polgen.py
--- nsapolicycoreutils/gui/templates/polgen.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.83/gui/templates/polgen.py 2010-08-05 10:24:53.000000000 -0400
++++ policycoreutils-2.0.83/gui/templates/polgen.py 2010-10-28 13:24:54.000000000 -0400
@@ -0,0 +1,1303 @@
+#!/usr/bin/python -Es
+#
@@ -12623,9 +12616,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/polgen.py
+ types=get_all_types()
+ types.sort()
+ for i in types:
-+ m = re.findall("(.*)%s" % "_exec$", i)
++ m = re.findall("(.*)%s" % "_exec_t$", i)
+ if len(m) > 0:
-+ if len(re.findall("(.*)%s" % "_initrc$", m[0])) == 0:
++ if len(re.findall("(.*)%s" % "_initrc$", m[0])) == 0 and m[0] not in all_domains:
+ all_domains.append(m[0])
+ return all_domains
+
@@ -13834,7 +13827,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/polgen.py
+ usage(e)
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/rw.py policycoreutils-2.0.83/gui/templates/rw.py
--- nsapolicycoreutils/gui/templates/rw.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.83/gui/templates/rw.py 2010-07-30 13:50:41.000000000 -0400
++++ policycoreutils-2.0.83/gui/templates/rw.py 2010-10-25 17:11:19.000000000 -0400
@@ -0,0 +1,131 @@
+# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information
@@ -13969,7 +13962,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/rw.py poli
+"""
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/script.py policycoreutils-2.0.83/gui/templates/script.py
--- nsapolicycoreutils/gui/templates/script.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.83/gui/templates/script.py 2010-09-09 07:02:41.000000000 -0400
++++ policycoreutils-2.0.83/gui/templates/script.py 2010-10-25 17:11:19.000000000 -0400
@@ -0,0 +1,126 @@
+# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information
@@ -14099,7 +14092,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/script.py
+"""
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/semodule.py policycoreutils-2.0.83/gui/templates/semodule.py
--- nsapolicycoreutils/gui/templates/semodule.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.83/gui/templates/semodule.py 2010-07-30 13:50:41.000000000 -0400
++++ policycoreutils-2.0.83/gui/templates/semodule.py 2010-10-25 17:11:19.000000000 -0400
@@ -0,0 +1,41 @@
+# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information
@@ -14144,7 +14137,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/semodule.p
+
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/tmp.py policycoreutils-2.0.83/gui/templates/tmp.py
--- nsapolicycoreutils/gui/templates/tmp.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.83/gui/templates/tmp.py 2010-07-30 13:50:41.000000000 -0400
++++ policycoreutils-2.0.83/gui/templates/tmp.py 2010-10-25 17:11:19.000000000 -0400
@@ -0,0 +1,102 @@
+# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information
@@ -14250,7 +14243,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/tmp.py pol
+"""
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/user.py policycoreutils-2.0.83/gui/templates/user.py
--- nsapolicycoreutils/gui/templates/user.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.83/gui/templates/user.py 2010-08-05 17:40:01.000000000 -0400
++++ policycoreutils-2.0.83/gui/templates/user.py 2010-10-25 17:11:19.000000000 -0400
@@ -0,0 +1,205 @@
+# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information
@@ -14459,7 +14452,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/user.py po
+"""
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_cache.py policycoreutils-2.0.83/gui/templates/var_cache.py
--- nsapolicycoreutils/gui/templates/var_cache.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.83/gui/templates/var_cache.py 2010-08-05 10:24:10.000000000 -0400
++++ policycoreutils-2.0.83/gui/templates/var_cache.py 2010-10-25 17:11:19.000000000 -0400
@@ -0,0 +1,133 @@
+# Copyright (C) 2010 Red Hat
+# see file 'COPYING' for use and warranty information
@@ -14596,7 +14589,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_cache.
+"""
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_lib.py policycoreutils-2.0.83/gui/templates/var_lib.py
--- nsapolicycoreutils/gui/templates/var_lib.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.83/gui/templates/var_lib.py 2010-07-30 13:50:41.000000000 -0400
++++ policycoreutils-2.0.83/gui/templates/var_lib.py 2010-10-25 17:11:19.000000000 -0400
@@ -0,0 +1,161 @@
+# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information
@@ -14761,7 +14754,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_lib.py
+"""
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_log.py policycoreutils-2.0.83/gui/templates/var_log.py
--- nsapolicycoreutils/gui/templates/var_log.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.83/gui/templates/var_log.py 2010-07-30 13:50:41.000000000 -0400
++++ policycoreutils-2.0.83/gui/templates/var_log.py 2010-10-25 17:11:19.000000000 -0400
@@ -0,0 +1,116 @@
+# Copyright (C) 2007,2010 Red Hat
+# see file 'COPYING' for use and warranty information
@@ -14881,7 +14874,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_log.py
+
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_run.py policycoreutils-2.0.83/gui/templates/var_run.py
--- nsapolicycoreutils/gui/templates/var_run.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.83/gui/templates/var_run.py 2010-07-30 13:50:41.000000000 -0400
++++ policycoreutils-2.0.83/gui/templates/var_run.py 2010-10-25 17:11:19.000000000 -0400
@@ -0,0 +1,101 @@
+# Copyright (C) 2007,2010 Red Hat
+# see file 'COPYING' for use and warranty information
@@ -14986,7 +14979,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_run.py
+"""
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_spool.py policycoreutils-2.0.83/gui/templates/var_spool.py
--- nsapolicycoreutils/gui/templates/var_spool.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.83/gui/templates/var_spool.py 2010-07-30 13:50:41.000000000 -0400
++++ policycoreutils-2.0.83/gui/templates/var_spool.py 2010-10-25 17:11:19.000000000 -0400
@@ -0,0 +1,133 @@
+# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information
@@ -15123,7 +15116,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_spool.
+"""
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/usersPage.py policycoreutils-2.0.83/gui/usersPage.py
--- nsapolicycoreutils/gui/usersPage.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.83/gui/usersPage.py 2010-07-30 13:50:41.000000000 -0400
++++ policycoreutils-2.0.83/gui/usersPage.py 2010-10-25 17:11:19.000000000 -0400
@@ -0,0 +1,150 @@
+## usersPage.py - show selinux mappings
+## Copyright (C) 2006,2007,2008 Red Hat, Inc.
diff --git a/policycoreutils-po.patch b/policycoreutils-po.patch
index 0cb4e5a..16d6660 100644
--- a/policycoreutils-po.patch
+++ b/policycoreutils-po.patch
@@ -1,7 +1,6 @@
-Binary files nsapolicycoreutils/po/af.mo and policycoreutils-2.0.83/po/af.mo differ
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/af.po policycoreutils-2.0.83/po/af.po
--- nsapolicycoreutils/po/af.po 2010-05-19 14:45:51.000000000 -0400
-+++ policycoreutils-2.0.83/po/af.po 2010-09-14 17:18:17.000000000 -0400
++++ policycoreutils-2.0.83/po/af.po 2010-10-25 17:11:18.000000000 -0400
@@ -8,10 +8,11 @@
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
@@ -3213,10 +3212,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/af.po policycoreutils
+#, python-format
+msgid "SELinux user '%s' is required"
+msgstr ""
-Binary files nsapolicycoreutils/po/am.mo and policycoreutils-2.0.83/po/am.mo differ
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/am.po policycoreutils-2.0.83/po/am.po
--- nsapolicycoreutils/po/am.po 2010-05-19 14:45:51.000000000 -0400
-+++ policycoreutils-2.0.83/po/am.po 2010-09-14 17:18:13.000000000 -0400
++++ policycoreutils-2.0.83/po/am.po 2010-10-25 17:11:18.000000000 -0400
@@ -8,10 +8,11 @@
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
@@ -6428,10 +6426,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/am.po policycoreutils
+#, python-format
+msgid "SELinux user '%s' is required"
+msgstr ""
-Binary files nsapolicycoreutils/po/ar.mo and policycoreutils-2.0.83/po/ar.mo differ
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/ar.po policycoreutils-2.0.83/po/ar.po
--- nsapolicycoreutils/po/ar.po 2010-05-19 14:45:51.000000000 -0400
-+++ policycoreutils-2.0.83/po/ar.po 2010-09-14 17:18:12.000000000 -0400
++++ policycoreutils-2.0.83/po/ar.po 2010-10-25 17:11:18.000000000 -0400
@@ -1,20 +1,25 @@
-# SOME DESCRIPTIVE TITLE.
# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER
@@ -10502,10 +10499,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/ar.po policycoreutils
+#, fuzzy
+#~ msgid "Sensitivity Level"
+#~ msgstr "Ù
ستÙ٠اÙØساسÙØ©"
-Binary files nsapolicycoreutils/po/as.mo and policycoreutils-2.0.83/po/as.mo differ
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/as.po policycoreutils-2.0.83/po/as.po
--- nsapolicycoreutils/po/as.po 2010-05-19 14:45:51.000000000 -0400
-+++ policycoreutils-2.0.83/po/as.po 2010-09-14 17:18:13.000000000 -0400
++++ policycoreutils-2.0.83/po/as.po 2010-10-25 17:11:18.000000000 -0400
@@ -1,23 +1,24 @@
-# translation of as.po to Assamese
+# translation of policycoreutils.HEAD.po to Assamese
@@ -15314,10 +15310,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/as.po policycoreutils
-#~ "MCS Level"
+#~ msgid "Sensitivity Level"
#~ msgstr "সà§à¦¤à§°"
-Binary files nsapolicycoreutils/po/be.mo and policycoreutils-2.0.83/po/be.mo differ
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/be.po policycoreutils-2.0.83/po/be.po
--- nsapolicycoreutils/po/be.po 2010-05-19 14:45:51.000000000 -0400
-+++ policycoreutils-2.0.83/po/be.po 2010-09-14 17:18:14.000000000 -0400
++++ policycoreutils-2.0.83/po/be.po 2010-10-25 17:11:18.000000000 -0400
@@ -8,10 +8,11 @@
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
@@ -18529,10 +18524,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/be.po policycoreutils
+#, python-format
+msgid "SELinux user '%s' is required"
+msgstr ""
-Binary files nsapolicycoreutils/po/bg.mo and policycoreutils-2.0.83/po/bg.mo differ
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/bg.po policycoreutils-2.0.83/po/bg.po
--- nsapolicycoreutils/po/bg.po 2010-05-19 14:45:51.000000000 -0400
-+++ policycoreutils-2.0.83/po/bg.po 2010-09-14 17:18:15.000000000 -0400
++++ policycoreutils-2.0.83/po/bg.po 2010-10-25 17:11:18.000000000 -0400
@@ -8,10 +8,11 @@
msgstr ""
"Project-Id-Version: policycoreutils\n"
@@ -23331,10 +23325,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/bg.po policycoreutils
#~ msgid "SELinux Policy Generation Druid"
#~ msgstr "ÐÑÑид за генеÑиÑане на SELinux полиÑики"
-Binary files nsapolicycoreutils/po/bn_IN.mo and policycoreutils-2.0.83/po/bn_IN.mo differ
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/bn_IN.po policycoreutils-2.0.83/po/bn_IN.po
--- nsapolicycoreutils/po/bn_IN.po 2010-05-19 14:45:51.000000000 -0400
-+++ policycoreutils-2.0.83/po/bn_IN.po 2010-09-14 17:18:16.000000000 -0400
++++ policycoreutils-2.0.83/po/bn_IN.po 2010-10-25 17:11:18.000000000 -0400
@@ -2,17 +2,18 @@
# This file is distributed under the same license as the PACKAGE package.
# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER.
@@ -28303,10 +28296,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/bn_IN.po policycoreut
-#~ "Disabled\n"
+#~ msgid "label40"
+#~ msgstr "label40"
-Binary files nsapolicycoreutils/po/bn.mo and policycoreutils-2.0.83/po/bn.mo differ
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/bn.po policycoreutils-2.0.83/po/bn.po
--- nsapolicycoreutils/po/bn.po 2010-05-19 14:45:51.000000000 -0400
-+++ policycoreutils-2.0.83/po/bn.po 2010-09-14 17:18:17.000000000 -0400
++++ policycoreutils-2.0.83/po/bn.po 2010-10-25 17:11:18.000000000 -0400
@@ -8,10 +8,11 @@
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
@@ -31518,10 +31510,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/bn.po policycoreutils
+#, python-format
+msgid "SELinux user '%s' is required"
+msgstr ""
-Binary files nsapolicycoreutils/po/bs.mo and policycoreutils-2.0.83/po/bs.mo differ
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/bs.po policycoreutils-2.0.83/po/bs.po
--- nsapolicycoreutils/po/bs.po 2010-05-19 14:45:51.000000000 -0400
-+++ policycoreutils-2.0.83/po/bs.po 2010-09-14 17:18:13.000000000 -0400
++++ policycoreutils-2.0.83/po/bs.po 2010-10-25 17:11:18.000000000 -0400
@@ -4,10 +4,11 @@
msgstr ""
"Project-Id-Version: bs\n"
@@ -34892,10 +34883,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/bs.po policycoreutils
#~ msgid "Requires 2 or more arguments"
#~ msgstr "Zahtijeva 2 ili više argumenta"
-Binary files nsapolicycoreutils/po/ca.mo and policycoreutils-2.0.83/po/ca.mo differ
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/ca.po policycoreutils-2.0.83/po/ca.po
--- nsapolicycoreutils/po/ca.po 2010-05-19 14:45:51.000000000 -0400
-+++ policycoreutils-2.0.83/po/ca.po 2010-09-14 17:18:14.000000000 -0400
++++ policycoreutils-2.0.83/po/ca.po 2010-10-25 17:11:18.000000000 -0400
@@ -5,6 +5,8 @@
#
# Josep Puigdemont Casamajó <josep.puigdemont at gmail.com>, 2006.
@@ -38648,10 +38638,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/ca.po policycoreutils
+#, fuzzy
+#~ msgid "Sensitivity Level"
+#~ msgstr "Nivell de sensibilitat"
-Binary files nsapolicycoreutils/po/cs.mo and policycoreutils-2.0.83/po/cs.mo differ
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/cs.po policycoreutils-2.0.83/po/cs.po
--- nsapolicycoreutils/po/cs.po 2010-05-19 14:45:51.000000000 -0400
-+++ policycoreutils-2.0.83/po/cs.po 2010-09-14 17:18:13.000000000 -0400
++++ policycoreutils-2.0.83/po/cs.po 2010-10-25 17:11:18.000000000 -0400
@@ -9,16 +9,17 @@
msgstr ""
"Project-Id-Version: cs\n"
@@ -42583,10 +42572,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/cs.po policycoreutils
#~ msgid "<b>Device number:</b>"
#~ msgstr "<b>ÄÃslo zaÅÃzenÃ:</b>"
-Binary files nsapolicycoreutils/po/cy.mo and policycoreutils-2.0.83/po/cy.mo differ
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/cy.po policycoreutils-2.0.83/po/cy.po
--- nsapolicycoreutils/po/cy.po 2010-05-19 14:45:51.000000000 -0400
-+++ policycoreutils-2.0.83/po/cy.po 2010-09-14 17:18:15.000000000 -0400
++++ policycoreutils-2.0.83/po/cy.po 2010-10-25 17:11:18.000000000 -0400
@@ -8,10 +8,11 @@
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
@@ -45798,10 +45786,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/cy.po policycoreutils
+#, python-format
+msgid "SELinux user '%s' is required"
+msgstr ""
-Binary files nsapolicycoreutils/po/da.mo and policycoreutils-2.0.83/po/da.mo differ
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/da.po policycoreutils-2.0.83/po/da.po
--- nsapolicycoreutils/po/da.po 2010-05-19 14:45:51.000000000 -0400
-+++ policycoreutils-2.0.83/po/da.po 2010-09-14 17:18:14.000000000 -0400
++++ policycoreutils-2.0.83/po/da.po 2010-10-25 17:11:18.000000000 -0400
@@ -1,24 +1,26 @@
-# translation of da.po to
-# Danish messages for policycoreutils.
@@ -49847,10 +49834,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/da.po policycoreutils
#~ "skal du køre \n"
#~ "\n"
#~ "semodule -i %s.pp\n"
-Binary files nsapolicycoreutils/po/de.mo and policycoreutils-2.0.83/po/de.mo differ
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/de.po policycoreutils-2.0.83/po/de.po
--- nsapolicycoreutils/po/de.po 2010-05-19 14:45:51.000000000 -0400
-+++ policycoreutils-2.0.83/po/de.po 2010-09-14 17:18:16.000000000 -0400
++++ policycoreutils-2.0.83/po/de.po 2010-10-25 17:11:18.000000000 -0400
@@ -1,28 +1,33 @@
-# translation of policycoreutils.HEAD.de.po to German
+# translation of policycoreutils.HEAD.po to
@@ -55063,10 +55049,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/de.po policycoreutils
-#~ msgstr "SELinux-Benutzer '%s' wird benötigt"
+#~ msgid "label40"
+#~ msgstr "label40"
-Binary files nsapolicycoreutils/po/el.mo and policycoreutils-2.0.83/po/el.mo differ
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/el.po policycoreutils-2.0.83/po/el.po
--- nsapolicycoreutils/po/el.po 2010-05-19 14:45:51.000000000 -0400
-+++ policycoreutils-2.0.83/po/el.po 2010-09-14 17:18:14.000000000 -0400
++++ policycoreutils-2.0.83/po/el.po 2010-10-25 17:11:18.000000000 -0400
@@ -1,22 +1,24 @@
# translation of el.po to Greek
# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER
@@ -58609,10 +58594,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/el.po policycoreutils
#, fuzzy
#~ msgid "Requires 2 or more arguments"
-Binary files nsapolicycoreutils/po/en_GB.mo and policycoreutils-2.0.83/po/en_GB.mo differ
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/en_GB.po policycoreutils-2.0.83/po/en_GB.po
--- nsapolicycoreutils/po/en_GB.po 2010-05-19 14:45:51.000000000 -0400
-+++ policycoreutils-2.0.83/po/en_GB.po 2010-09-14 17:18:15.000000000 -0400
++++ policycoreutils-2.0.83/po/en_GB.po 2010-10-25 17:11:18.000000000 -0400
@@ -1,19 +1,23 @@
# English (British) translation.
# Copyright (C) 2007 THE PACKAGE'S COPYRIGHT HOLDER
@@ -62295,10 +62279,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/en_GB.po policycoreut
#~ msgid "Requires 2 or more arguments"
#~ msgstr "Requires 2 or more arguments"
-Binary files nsapolicycoreutils/po/es.mo and policycoreutils-2.0.83/po/es.mo differ
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/es.po policycoreutils-2.0.83/po/es.po
--- nsapolicycoreutils/po/es.po 2010-05-19 14:45:51.000000000 -0400
-+++ policycoreutils-2.0.83/po/es.po 2010-09-14 17:18:12.000000000 -0400
++++ policycoreutils-2.0.83/po/es.po 2010-10-25 17:11:18.000000000 -0400
@@ -1,22 +1,27 @@
# translation of policycoreutils.HEAD.es.po to Spanish
+# Fedora Spanish translation of policycoreutils.HEAD.
@@ -67509,10 +67492,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/es.po policycoreutils
-#~ "Deshabilitado\n"
+#~ msgid "label40"
+#~ msgstr "label40"
-Binary files nsapolicycoreutils/po/et.mo and policycoreutils-2.0.83/po/et.mo differ
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/et.po policycoreutils-2.0.83/po/et.po
--- nsapolicycoreutils/po/et.po 2010-05-19 14:45:51.000000000 -0400
-+++ policycoreutils-2.0.83/po/et.po 2010-09-14 17:18:17.000000000 -0400
++++ policycoreutils-2.0.83/po/et.po 2010-10-25 17:11:18.000000000 -0400
@@ -3,7 +3,7 @@
"USAGE: run_init <script> <args ...>\n"
" where: <script> is the name of the init script to run,\n"
@@ -70720,10 +70702,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/et.po policycoreutils
+#, python-format
+msgid "SELinux user '%s' is required"
+msgstr ""
-Binary files nsapolicycoreutils/po/eu_ES.mo and policycoreutils-2.0.83/po/eu_ES.mo differ
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/eu_ES.po policycoreutils-2.0.83/po/eu_ES.po
--- nsapolicycoreutils/po/eu_ES.po 2010-05-19 14:45:51.000000000 -0400
-+++ policycoreutils-2.0.83/po/eu_ES.po 2010-09-14 17:18:15.000000000 -0400
++++ policycoreutils-2.0.83/po/eu_ES.po 2010-10-25 17:11:18.000000000 -0400
@@ -8,10 +8,11 @@
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
@@ -73935,10 +73916,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/eu_ES.po policycoreut
+#, python-format
+msgid "SELinux user '%s' is required"
+msgstr ""
-Binary files nsapolicycoreutils/po/fa.mo and policycoreutils-2.0.83/po/fa.mo differ
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/fa.po policycoreutils-2.0.83/po/fa.po
--- nsapolicycoreutils/po/fa.po 2010-05-19 14:45:51.000000000 -0400
-+++ policycoreutils-2.0.83/po/fa.po 2010-09-14 17:18:16.000000000 -0400
++++ policycoreutils-2.0.83/po/fa.po 2010-10-25 17:11:18.000000000 -0400
@@ -8,10 +8,11 @@
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
@@ -77150,10 +77130,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/fa.po policycoreutils
+#, python-format
+msgid "SELinux user '%s' is required"
+msgstr ""
-Binary files nsapolicycoreutils/po/fi.mo and policycoreutils-2.0.83/po/fi.mo differ
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/fi.po policycoreutils-2.0.83/po/fi.po
--- nsapolicycoreutils/po/fi.po 2010-05-19 14:45:51.000000000 -0400
-+++ policycoreutils-2.0.83/po/fi.po 2010-09-14 17:18:15.000000000 -0400
++++ policycoreutils-2.0.83/po/fi.po 2010-10-25 17:11:18.000000000 -0400
@@ -1,20 +1,20 @@
-# SOME DESCRIPTIVE TITLE.
-# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER
@@ -81276,10 +81255,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/fi.po policycoreutils
+#, fuzzy
+#~ msgid "Sensitivity Level"
+#~ msgstr "Herkkyystaso"
-Binary files nsapolicycoreutils/po/fr.mo and policycoreutils-2.0.83/po/fr.mo differ
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/fr.po policycoreutils-2.0.83/po/fr.po
--- nsapolicycoreutils/po/fr.po 2010-05-19 14:45:51.000000000 -0400
-+++ policycoreutils-2.0.83/po/fr.po 2010-09-14 17:18:16.000000000 -0400
++++ policycoreutils-2.0.83/po/fr.po 2010-10-25 17:11:18.000000000 -0400
@@ -1,22 +1,26 @@
-# translation of policycoreutils.HEAD.fr_modifié(1).po to french
-# Thomas Canniot <mrtom at fedoraproject.org>, 2006.
@@ -86281,7 +86259,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/fr.po policycoreutils
+#~ msgstr "étiquette40"
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/gl.po policycoreutils-2.0.83/po/gl.po
--- nsapolicycoreutils/po/gl.po 2010-05-19 14:45:51.000000000 -0400
-+++ policycoreutils-2.0.83/po/gl.po 2010-09-14 17:18:13.000000000 -0400
++++ policycoreutils-2.0.83/po/gl.po 2010-10-25 17:11:18.000000000 -0400
@@ -59,829 +59,846 @@
msgid "Could not set exec context to %s.\n"
msgstr ""
@@ -89480,10 +89458,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/gl.po policycoreutils
+#, python-format
+msgid "SELinux user '%s' is required"
+msgstr ""
-Binary files nsapolicycoreutils/po/gu.mo and policycoreutils-2.0.83/po/gu.mo differ
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/gu.po policycoreutils-2.0.83/po/gu.po
--- nsapolicycoreutils/po/gu.po 2010-05-19 14:45:51.000000000 -0400
-+++ policycoreutils-2.0.83/po/gu.po 2010-09-14 17:18:13.000000000 -0400
++++ policycoreutils-2.0.83/po/gu.po 2010-10-25 17:11:18.000000000 -0400
@@ -3,19 +3,21 @@
# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER.
#
@@ -94505,10 +94482,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/gu.po policycoreutils
-#~ "Disabled\n"
+#~ msgid "label40"
+#~ msgstr "label40"
-Binary files nsapolicycoreutils/po/he.mo and policycoreutils-2.0.83/po/he.mo differ
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/he.po policycoreutils-2.0.83/po/he.po
--- nsapolicycoreutils/po/he.po 2010-05-19 14:45:51.000000000 -0400
-+++ policycoreutils-2.0.83/po/he.po 2010-09-14 17:18:16.000000000 -0400
++++ policycoreutils-2.0.83/po/he.po 2010-10-25 17:11:18.000000000 -0400
@@ -8,10 +8,11 @@
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
@@ -97720,10 +97696,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/he.po policycoreutils
+#, python-format
+msgid "SELinux user '%s' is required"
+msgstr ""
-Binary files nsapolicycoreutils/po/hi.mo and policycoreutils-2.0.83/po/hi.mo differ
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/hi.po policycoreutils-2.0.83/po/hi.po
--- nsapolicycoreutils/po/hi.po 2010-05-19 14:45:51.000000000 -0400
-+++ policycoreutils-2.0.83/po/hi.po 2010-09-14 17:18:15.000000000 -0400
++++ policycoreutils-2.0.83/po/hi.po 2010-10-25 17:11:18.000000000 -0400
@@ -1,16 +1,17 @@
-# translation of policycoreutils.HEAD.hi.po to Hindi
+# translation of policycoreutils.HEAD.po to Hindi
@@ -102754,10 +102729,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/hi.po policycoreutils
-#~ "निषà¥à¤à¥à¤°à¤¿à¤¯\n"
+#~ msgid "label40"
+#~ msgstr "label40"
-Binary files nsapolicycoreutils/po/hr.mo and policycoreutils-2.0.83/po/hr.mo differ
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/hr.po policycoreutils-2.0.83/po/hr.po
--- nsapolicycoreutils/po/hr.po 2010-05-19 14:45:51.000000000 -0400
-+++ policycoreutils-2.0.83/po/hr.po 2010-09-14 17:18:15.000000000 -0400
++++ policycoreutils-2.0.83/po/hr.po 2010-10-25 17:11:18.000000000 -0400
@@ -2,10 +2,11 @@
msgstr ""
"Project-Id-Version: policycoreutils\n"
@@ -107257,10 +107231,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/hr.po policycoreutils
#~ msgid "SELinux Policy Generation Druid"
#~ msgstr "Druid za izradu SELinux pravila"
-Binary files nsapolicycoreutils/po/hu.mo and policycoreutils-2.0.83/po/hu.mo differ
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/hu.po policycoreutils-2.0.83/po/hu.po
--- nsapolicycoreutils/po/hu.po 2010-05-19 14:45:51.000000000 -0400
-+++ policycoreutils-2.0.83/po/hu.po 2010-09-14 17:18:16.000000000 -0400
++++ policycoreutils-2.0.83/po/hu.po 2010-10-25 17:11:18.000000000 -0400
@@ -1,19 +1,23 @@
# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER.
#
@@ -111025,10 +110998,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/hu.po policycoreutils
#~ msgid "Requires 2 or more arguments"
#~ msgstr "Meg kell adni legalább 2 argumentumot"
-Binary files nsapolicycoreutils/po/hy.mo and policycoreutils-2.0.83/po/hy.mo differ
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/hy.po policycoreutils-2.0.83/po/hy.po
--- nsapolicycoreutils/po/hy.po 2010-05-19 14:45:51.000000000 -0400
-+++ policycoreutils-2.0.83/po/hy.po 2010-09-14 17:18:17.000000000 -0400
++++ policycoreutils-2.0.83/po/hy.po 2010-10-25 17:11:18.000000000 -0400
@@ -8,10 +8,11 @@
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
@@ -114242,7 +114214,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/hy.po policycoreutils
+msgstr ""
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/id.po policycoreutils-2.0.83/po/id.po
--- nsapolicycoreutils/po/id.po 2010-05-19 14:45:51.000000000 -0400
-+++ policycoreutils-2.0.83/po/id.po 2010-09-14 17:18:16.000000000 -0400
++++ policycoreutils-2.0.83/po/id.po 2010-10-25 17:11:18.000000000 -0400
@@ -59,829 +59,846 @@
msgid "Could not set exec context to %s.\n"
msgstr ""
@@ -117441,10 +117413,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/id.po policycoreutils
+#, python-format
+msgid "SELinux user '%s' is required"
+msgstr ""
-Binary files nsapolicycoreutils/po/is.mo and policycoreutils-2.0.83/po/is.mo differ
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/is.po policycoreutils-2.0.83/po/is.po
--- nsapolicycoreutils/po/is.po 2010-05-19 14:45:51.000000000 -0400
-+++ policycoreutils-2.0.83/po/is.po 2010-09-14 17:18:17.000000000 -0400
++++ policycoreutils-2.0.83/po/is.po 2010-10-25 17:11:18.000000000 -0400
@@ -8,10 +8,11 @@
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
@@ -120656,10 +120627,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/is.po policycoreutils
+#, python-format
+msgid "SELinux user '%s' is required"
+msgstr ""
-Binary files nsapolicycoreutils/po/it.mo and policycoreutils-2.0.83/po/it.mo differ
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/it.po policycoreutils-2.0.83/po/it.po
--- nsapolicycoreutils/po/it.po 2010-05-19 14:45:51.000000000 -0400
-+++ policycoreutils-2.0.83/po/it.po 2010-09-14 17:18:14.000000000 -0400
++++ policycoreutils-2.0.83/po/it.po 2010-10-25 17:11:18.000000000 -0400
@@ -1,20 +1,24 @@
# translation of it.po to
# This file is distributed under the same license as the policycoreutils package.
@@ -125749,10 +125719,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/it.po policycoreutils
-#~ "Disabilitata\n"
+#~ msgid "label40"
+#~ msgstr "label40"
-Binary files nsapolicycoreutils/po/ja.mo and policycoreutils-2.0.83/po/ja.mo differ
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/ja.po policycoreutils-2.0.83/po/ja.po
--- nsapolicycoreutils/po/ja.po 2010-05-19 14:45:51.000000000 -0400
-+++ policycoreutils-2.0.83/po/ja.po 2010-09-14 17:18:16.000000000 -0400
++++ policycoreutils-2.0.83/po/ja.po 2010-10-25 17:11:18.000000000 -0400
@@ -1,25 +1,28 @@
# translation of ja.po to Japanese
-# translation of ja.po to
@@ -130849,10 +130818,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/ja.po policycoreutils
-#~ msgid "_Previous"
-#~ msgstr "å(_Pï¼"
+#~ msgstr "ææ度ã¬ãã«"
-Binary files nsapolicycoreutils/po/ka.mo and policycoreutils-2.0.83/po/ka.mo differ
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/ka.po policycoreutils-2.0.83/po/ka.po
--- nsapolicycoreutils/po/ka.po 2010-05-19 14:45:51.000000000 -0400
-+++ policycoreutils-2.0.83/po/ka.po 2010-09-14 17:18:14.000000000 -0400
++++ policycoreutils-2.0.83/po/ka.po 2010-10-25 17:11:18.000000000 -0400
@@ -8,10 +8,11 @@
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
@@ -134064,10 +134032,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/ka.po policycoreutils
+#, python-format
+msgid "SELinux user '%s' is required"
+msgstr ""
-Binary files nsapolicycoreutils/po/kn.mo and policycoreutils-2.0.83/po/kn.mo differ
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/kn.po policycoreutils-2.0.83/po/kn.po
--- nsapolicycoreutils/po/kn.po 2010-05-19 14:45:51.000000000 -0400
-+++ policycoreutils-2.0.83/po/kn.po 2010-09-14 17:18:15.000000000 -0400
++++ policycoreutils-2.0.83/po/kn.po 2010-10-25 17:11:18.000000000 -0400
@@ -2,20 +2,21 @@
# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER
# This file is distributed under the same license as the PACKAGE package.
@@ -139132,10 +139099,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/kn.po policycoreutils
-#~ "à²à²¤à³à²¤à²¾à²¯à²ªà³à²°à³à²µà²\n"
-#~ "à²
ನà³à²®à²¤à²¿à²ªà³à²°à³à²µà²\n"
-#~ "à²
ಶà²à³à²¤à²à³à²à²¡\n"
-Binary files nsapolicycoreutils/po/ko.mo and policycoreutils-2.0.83/po/ko.mo differ
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/ko.po policycoreutils-2.0.83/po/ko.po
--- nsapolicycoreutils/po/ko.po 2010-05-19 14:45:51.000000000 -0400
-+++ policycoreutils-2.0.83/po/ko.po 2010-09-14 17:18:17.000000000 -0400
++++ policycoreutils-2.0.83/po/ko.po 2010-10-25 17:11:18.000000000 -0400
@@ -1,20 +1,25 @@
-# translation of ko.po to Korean
-# Eunju Kim <eukim at redhat.com>, 2006, 2007.
@@ -142910,10 +142876,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/ko.po policycoreutils
+
+#~ msgid "label40"
+#~ msgstr "label40"
-Binary files nsapolicycoreutils/po/ku.mo and policycoreutils-2.0.83/po/ku.mo differ
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/ku.po policycoreutils-2.0.83/po/ku.po
--- nsapolicycoreutils/po/ku.po 2010-05-19 14:45:51.000000000 -0400
-+++ policycoreutils-2.0.83/po/ku.po 2010-09-14 17:18:17.000000000 -0400
++++ policycoreutils-2.0.83/po/ku.po 2010-10-25 17:11:18.000000000 -0400
@@ -8,10 +8,11 @@
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
@@ -146125,10 +146090,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/ku.po policycoreutils
+#, python-format
+msgid "SELinux user '%s' is required"
+msgstr ""
-Binary files nsapolicycoreutils/po/lo.mo and policycoreutils-2.0.83/po/lo.mo differ
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/lo.po policycoreutils-2.0.83/po/lo.po
--- nsapolicycoreutils/po/lo.po 2010-05-19 14:45:51.000000000 -0400
-+++ policycoreutils-2.0.83/po/lo.po 2010-09-14 17:18:16.000000000 -0400
++++ policycoreutils-2.0.83/po/lo.po 2010-10-25 17:11:18.000000000 -0400
@@ -8,10 +8,11 @@
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
@@ -149340,10 +149304,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/lo.po policycoreutils
+#, python-format
+msgid "SELinux user '%s' is required"
+msgstr ""
-Binary files nsapolicycoreutils/po/lt.mo and policycoreutils-2.0.83/po/lt.mo differ
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/lt.po policycoreutils-2.0.83/po/lt.po
--- nsapolicycoreutils/po/lt.po 2010-05-19 14:45:51.000000000 -0400
-+++ policycoreutils-2.0.83/po/lt.po 2010-09-14 17:18:14.000000000 -0400
++++ policycoreutils-2.0.83/po/lt.po 2010-10-25 17:11:18.000000000 -0400
@@ -8,10 +8,11 @@
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
@@ -152555,10 +152518,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/lt.po policycoreutils
+#, python-format
+msgid "SELinux user '%s' is required"
+msgstr ""
-Binary files nsapolicycoreutils/po/lv.mo and policycoreutils-2.0.83/po/lv.mo differ
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/lv.po policycoreutils-2.0.83/po/lv.po
--- nsapolicycoreutils/po/lv.po 2010-05-19 14:45:51.000000000 -0400
-+++ policycoreutils-2.0.83/po/lv.po 2010-09-14 17:18:13.000000000 -0400
++++ policycoreutils-2.0.83/po/lv.po 2010-10-25 17:11:18.000000000 -0400
@@ -8,10 +8,11 @@
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
@@ -155770,10 +155732,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/lv.po policycoreutils
+#, python-format
+msgid "SELinux user '%s' is required"
+msgstr ""
-Binary files nsapolicycoreutils/po/mai.mo and policycoreutils-2.0.83/po/mai.mo differ
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/mai.po policycoreutils-2.0.83/po/mai.po
--- nsapolicycoreutils/po/mai.po 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.83/po/mai.po 2010-09-14 17:18:17.000000000 -0400
++++ policycoreutils-2.0.83/po/mai.po 2010-10-25 17:11:18.000000000 -0400
@@ -0,0 +1,3549 @@
+# translation of policycoreutils.HEAD.policycoreutils.po to Maithili
+# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER
@@ -159326,7 +159287,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/mai.po policycoreutil
+#~ msgstr "सà¤à¤µà¥à¤¦à¤¨à¤¶à¥à¤²à¤¤à¤¾ सà¥à¤¤à¤°"
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/Makefile policycoreutils-2.0.83/po/Makefile
--- nsapolicycoreutils/po/Makefile 2010-05-19 14:45:51.000000000 -0400
-+++ policycoreutils-2.0.83/po/Makefile 2010-09-14 17:18:28.000000000 -0400
++++ policycoreutils-2.0.83/po/Makefile 2010-10-25 17:11:18.000000000 -0400
@@ -45,6 +45,33 @@
../restorecond/stringslist.h \
../restorecond/restorecond.c \
@@ -159376,7 +159337,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/Makefile policycoreut
%.mo: %.po
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/Makefile.in.in policycoreutils-2.0.83/po/Makefile.in.in
--- nsapolicycoreutils/po/Makefile.in.in 2010-05-19 14:45:51.000000000 -0400
-+++ policycoreutils-2.0.83/po/Makefile.in.in 2010-09-14 17:08:27.000000000 -0400
++++ policycoreutils-2.0.83/po/Makefile.in.in 2010-10-25 17:11:18.000000000 -0400
@@ -117,9 +117,11 @@
$(INSTALL_DATA) $$cat $$dir/$(PACKAGE)$(INSTOBJEXT); \
echo "installing $$cat as $$dir/$(PACKAGE)$(INSTOBJEXT)"; \
@@ -159392,10 +159353,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/Makefile.in.in policy
fi; \
if test -r $$cat.m; then \
$(INSTALL_DATA) $$cat.m $$dir/$(PACKAGE)$(INSTOBJEXT).m; \
-Binary files nsapolicycoreutils/po/mk.mo and policycoreutils-2.0.83/po/mk.mo differ
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/mk.po policycoreutils-2.0.83/po/mk.po
--- nsapolicycoreutils/po/mk.po 2010-05-19 14:45:51.000000000 -0400
-+++ policycoreutils-2.0.83/po/mk.po 2010-09-14 17:18:14.000000000 -0400
++++ policycoreutils-2.0.83/po/mk.po 2010-10-25 17:11:18.000000000 -0400
@@ -8,10 +8,11 @@
msgstr ""
"Project-Id-Version: mk\n"
@@ -162776,10 +162736,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/mk.po policycoreutils
#~ msgid "Requires 2 or more arguments"
#~ msgstr "Ðма поÑÑеба од 2 или повеÑе аÑгÑменÑи"
-Binary files nsapolicycoreutils/po/ml.mo and policycoreutils-2.0.83/po/ml.mo differ
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/ml.po policycoreutils-2.0.83/po/ml.po
--- nsapolicycoreutils/po/ml.po 2010-05-19 14:45:51.000000000 -0400
-+++ policycoreutils-2.0.83/po/ml.po 2010-09-14 17:18:13.000000000 -0400
++++ policycoreutils-2.0.83/po/ml.po 2010-10-25 17:11:18.000000000 -0400
@@ -1,3 +1,4 @@
+# translation of policycoreutils.HEAD.ml.po to
# translation of ml.po to
@@ -167924,10 +167883,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/ml.po policycoreutils
-#~ "à´ªàµà´°à´µà´°àµâà´¤àµà´¤à´¨ രഹിതà´\n"
+#~ msgid "label40"
+#~ msgstr "label40"
-Binary files nsapolicycoreutils/po/mr.mo and policycoreutils-2.0.83/po/mr.mo differ
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/mr.po policycoreutils-2.0.83/po/mr.po
--- nsapolicycoreutils/po/mr.po 2010-05-19 14:45:51.000000000 -0400
-+++ policycoreutils-2.0.83/po/mr.po 2010-09-14 17:18:15.000000000 -0400
++++ policycoreutils-2.0.83/po/mr.po 2010-10-25 17:11:18.000000000 -0400
@@ -1,19 +1,21 @@
-# translation of policycoreutils.HEAD.mr.po to marathi
+# translation of mr.po to Marathi
@@ -173085,10 +173043,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/mr.po policycoreutils
+#, fuzzy
+#~ msgid "Sensitivity Level"
+#~ msgstr "सà¤à¤µà¥à¤¦à¤¨à¤¶à¥à¤²à¤¤à¤¾ सà¥à¤¤à¤°"
-Binary files nsapolicycoreutils/po/ms.mo and policycoreutils-2.0.83/po/ms.mo differ
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/ms.po policycoreutils-2.0.83/po/ms.po
--- nsapolicycoreutils/po/ms.po 2010-05-19 14:45:51.000000000 -0400
-+++ policycoreutils-2.0.83/po/ms.po 2010-09-14 17:18:16.000000000 -0400
++++ policycoreutils-2.0.83/po/ms.po 2010-10-25 17:11:18.000000000 -0400
@@ -7,10 +7,11 @@
msgstr ""
"Project-Id-Version: policycoreutils\n"
@@ -176457,10 +176414,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/ms.po policycoreutils
#, fuzzy
#~ msgid "Requires 2 or more arguments"
-Binary files nsapolicycoreutils/po/my.mo and policycoreutils-2.0.83/po/my.mo differ
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/my.po policycoreutils-2.0.83/po/my.po
--- nsapolicycoreutils/po/my.po 2010-05-19 14:45:51.000000000 -0400
-+++ policycoreutils-2.0.83/po/my.po 2010-09-14 17:18:15.000000000 -0400
++++ policycoreutils-2.0.83/po/my.po 2010-10-25 17:11:18.000000000 -0400
@@ -8,10 +8,11 @@
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
@@ -179672,10 +179628,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/my.po policycoreutils
+#, python-format
+msgid "SELinux user '%s' is required"
+msgstr ""
-Binary files nsapolicycoreutils/po/nb.mo and policycoreutils-2.0.83/po/nb.mo differ
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/nb.po policycoreutils-2.0.83/po/nb.po
--- nsapolicycoreutils/po/nb.po 2010-05-19 14:45:51.000000000 -0400
-+++ policycoreutils-2.0.83/po/nb.po 2010-09-14 17:18:15.000000000 -0400
++++ policycoreutils-2.0.83/po/nb.po 2010-10-25 17:11:18.000000000 -0400
@@ -7,10 +7,11 @@
msgstr ""
"Project-Id-Version: policycoreutils\n"
@@ -182972,10 +182927,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/nb.po policycoreutils
#~ msgid "You must be root to run %s."
#~ msgstr "Du må være root for å kjøre %s."
-Binary files nsapolicycoreutils/po/nl.mo and policycoreutils-2.0.83/po/nl.mo differ
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/nl.po policycoreutils-2.0.83/po/nl.po
--- nsapolicycoreutils/po/nl.po 2010-05-19 14:45:51.000000000 -0400
-+++ policycoreutils-2.0.83/po/nl.po 2010-09-14 17:18:16.000000000 -0400
++++ policycoreutils-2.0.83/po/nl.po 2010-10-25 17:11:18.000000000 -0400
@@ -1,19 +1,25 @@
+# translation of policycoreutils.HEAD.nl.po to Dutch
# translation of policycoreutils to Dutch
@@ -187065,10 +187019,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/nl.po policycoreutils
+#, fuzzy
+#~ msgid "Sensitivity Level"
+#~ msgstr "Gevoeligheid niveau"
-Binary files nsapolicycoreutils/po/nn.mo and policycoreutils-2.0.83/po/nn.mo differ
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/nn.po policycoreutils-2.0.83/po/nn.po
--- nsapolicycoreutils/po/nn.po 2010-05-19 14:45:51.000000000 -0400
-+++ policycoreutils-2.0.83/po/nn.po 2010-09-14 17:18:15.000000000 -0400
++++ policycoreutils-2.0.83/po/nn.po 2010-10-25 17:11:18.000000000 -0400
@@ -8,10 +8,11 @@
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
@@ -191556,10 +191509,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/no.po policycoreutils
-#, c-format
-msgid "Options Error %s "
-msgstr ""
-Binary files nsapolicycoreutils/po/nso.mo and policycoreutils-2.0.83/po/nso.mo differ
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/nso.po policycoreutils-2.0.83/po/nso.po
--- nsapolicycoreutils/po/nso.po 2010-05-19 14:45:51.000000000 -0400
-+++ policycoreutils-2.0.83/po/nso.po 2010-09-14 17:18:16.000000000 -0400
++++ policycoreutils-2.0.83/po/nso.po 2010-10-25 17:11:18.000000000 -0400
@@ -8,10 +8,11 @@
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
@@ -194771,10 +194723,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/nso.po policycoreutil
+#, python-format
+msgid "SELinux user '%s' is required"
+msgstr ""
-Binary files nsapolicycoreutils/po/or.mo and policycoreutils-2.0.83/po/or.mo differ
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/or.po policycoreutils-2.0.83/po/or.po
--- nsapolicycoreutils/po/or.po 2010-05-19 14:45:51.000000000 -0400
-+++ policycoreutils-2.0.83/po/or.po 2010-09-14 17:18:15.000000000 -0400
++++ policycoreutils-2.0.83/po/or.po 2010-10-25 17:11:18.000000000 -0400
@@ -1,17 +1,19 @@
-# translation of policycoreutils.HEAD.or.po to Oriya
+# translation of or.po to Oriya
@@ -199674,10 +199625,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/or.po policycoreutils
+#, fuzzy
+#~ msgid "Sensitivity Level"
+#~ msgstr "ସàପରàଶà¬à¬¾à¬¤à¬° ସàତର"
-Binary files nsapolicycoreutils/po/pa.mo and policycoreutils-2.0.83/po/pa.mo differ
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/pa.po policycoreutils-2.0.83/po/pa.po
--- nsapolicycoreutils/po/pa.po 2010-05-19 14:45:51.000000000 -0400
-+++ policycoreutils-2.0.83/po/pa.po 2010-09-14 17:18:13.000000000 -0400
++++ policycoreutils-2.0.83/po/pa.po 2010-10-25 17:11:18.000000000 -0400
@@ -3,19 +3,20 @@
# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER.
#
@@ -204645,10 +204595,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/pa.po policycoreutils
-#~ "à¨
ਯà©à¨\n"
+#~ "tcp\n"
+#~ "udp"
-Binary files nsapolicycoreutils/po/pl.mo and policycoreutils-2.0.83/po/pl.mo differ
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/pl.po policycoreutils-2.0.83/po/pl.po
--- nsapolicycoreutils/po/pl.po 2010-05-19 14:45:51.000000000 -0400
-+++ policycoreutils-2.0.83/po/pl.po 2010-09-14 17:18:15.000000000 -0400
++++ policycoreutils-2.0.83/po/pl.po 2010-10-25 17:11:18.000000000 -0400
@@ -5,10 +5,11 @@
msgstr ""
"Project-Id-Version: pl\n"
@@ -209861,7 +209810,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/pl.po policycoreutils
-#~ msgstr "Użytkownik SELinuksa \"%s\" jest wymagany"
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/policycoreutils.pot policycoreutils-2.0.83/po/policycoreutils.pot
--- nsapolicycoreutils/po/policycoreutils.pot 2010-05-19 14:45:51.000000000 -0400
-+++ policycoreutils-2.0.83/po/policycoreutils.pot 2010-09-14 16:59:14.000000000 -0400
++++ policycoreutils-2.0.83/po/policycoreutils.pot 2010-10-25 17:11:18.000000000 -0400
@@ -8,10 +8,11 @@
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
@@ -213075,7 +213024,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/policycoreutils.pot p
+msgstr ""
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/POTFILES policycoreutils-2.0.83/po/POTFILES
--- nsapolicycoreutils/po/POTFILES 2010-05-19 14:45:51.000000000 -0400
-+++ policycoreutils-2.0.83/po/POTFILES 2010-07-30 13:50:41.000000000 -0400
++++ policycoreutils-2.0.83/po/POTFILES 2010-10-25 17:11:18.000000000 -0400
@@ -22,5 +22,32 @@
../restorecond/stringslist.h \
../restorecond/restorecond.c \
@@ -213111,7 +213060,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/POTFILES policycoreut
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/POTFILES.in policycoreutils-2.0.83/po/POTFILES.in
--- nsapolicycoreutils/po/POTFILES.in 2010-05-19 14:45:51.000000000 -0400
-+++ policycoreutils-2.0.83/po/POTFILES.in 2010-07-30 13:50:41.000000000 -0400
++++ policycoreutils-2.0.83/po/POTFILES.in 2010-10-25 17:11:18.000000000 -0400
@@ -21,6 +21,7 @@
restorecond/restorecond.c
restorecond/utmpwatcher.c
@@ -213128,10 +213077,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/POTFILES.in policycor
gui/usersPage.py
gui/templates/executable.py
gui/templates/__init__.py
-Binary files nsapolicycoreutils/po/pt_BR.mo and policycoreutils-2.0.83/po/pt_BR.mo differ
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/pt_BR.po policycoreutils-2.0.83/po/pt_BR.po
--- nsapolicycoreutils/po/pt_BR.po 2010-05-19 14:45:51.000000000 -0400
-+++ policycoreutils-2.0.83/po/pt_BR.po 2010-09-14 17:18:16.000000000 -0400
++++ policycoreutils-2.0.83/po/pt_BR.po 2010-10-25 17:11:18.000000000 -0400
@@ -1,22 +1,28 @@
-# Brazilian Portuguese translation of policycoreutils
+# translation of pt_BR.po to Portuguese
@@ -219185,10 +219133,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/pt_BR.po policycoreut
-#~ msgstr "Erro de Opções: %s "
+#~ msgid "Sensitvity Level"
+#~ msgstr "NÃvel de sensibilidade"
-Binary files nsapolicycoreutils/po/pt.mo and policycoreutils-2.0.83/po/pt.mo differ
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/pt.po policycoreutils-2.0.83/po/pt.po
--- nsapolicycoreutils/po/pt.po 2010-05-19 14:45:51.000000000 -0400
-+++ policycoreutils-2.0.83/po/pt.po 2010-09-14 17:18:14.000000000 -0400
++++ policycoreutils-2.0.83/po/pt.po 2010-10-25 17:11:18.000000000 -0400
@@ -1,22 +1,21 @@
+# Rui Gouveia <rui.gouveia at gmail.com>, 2010.
+# Sérgio Mesquita <smesquita at gmail.com>, 2010.
@@ -224824,10 +224771,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/pt.po policycoreutils
#~ msgid "Allow httpd to access samba/cifs file systems"
#~ msgstr "Permitir ao HTTPD aceder a sistemas de ficheiros Samba/CIFS"
-Binary files nsapolicycoreutils/po/ro.mo and policycoreutils-2.0.83/po/ro.mo differ
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/ro.po policycoreutils-2.0.83/po/ro.po
--- nsapolicycoreutils/po/ro.po 2010-05-19 14:45:51.000000000 -0400
-+++ policycoreutils-2.0.83/po/ro.po 2010-09-14 17:18:13.000000000 -0400
++++ policycoreutils-2.0.83/po/ro.po 2010-10-25 17:11:18.000000000 -0400
@@ -8,10 +8,11 @@
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
@@ -228039,10 +227985,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/ro.po policycoreutils
+#, python-format
+msgid "SELinux user '%s' is required"
+msgstr ""
-Binary files nsapolicycoreutils/po/ru.mo and policycoreutils-2.0.83/po/ru.mo differ
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/ru.po policycoreutils-2.0.83/po/ru.po
--- nsapolicycoreutils/po/ru.po 2010-05-19 14:45:51.000000000 -0400
-+++ policycoreutils-2.0.83/po/ru.po 2010-09-14 17:18:16.000000000 -0400
++++ policycoreutils-2.0.83/po/ru.po 2010-10-25 17:11:18.000000000 -0400
@@ -1,21 +1,25 @@
+# translation of ru.po to Russian
+# translation of ru.po to
@@ -233080,10 +233025,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/ru.po policycoreutils
-#~ msgstr "ÎÅÏÂÈÏÄÉÍ SELinux ÐÏÌØÚÏ×ÁÔÅÌØ '%s' "
+#~ msgid "label40"
+#~ msgstr "label40"
-Binary files nsapolicycoreutils/po/si.mo and policycoreutils-2.0.83/po/si.mo differ
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/si.po policycoreutils-2.0.83/po/si.po
--- nsapolicycoreutils/po/si.po 2010-05-19 14:45:51.000000000 -0400
-+++ policycoreutils-2.0.83/po/si.po 2010-09-14 17:18:14.000000000 -0400
++++ policycoreutils-2.0.83/po/si.po 2010-10-25 17:11:18.000000000 -0400
@@ -8,10 +8,11 @@
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
@@ -236295,10 +236239,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/si.po policycoreutils
+#, python-format
+msgid "SELinux user '%s' is required"
+msgstr ""
-Binary files nsapolicycoreutils/po/sk.mo and policycoreutils-2.0.83/po/sk.mo differ
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/sk.po policycoreutils-2.0.83/po/sk.po
--- nsapolicycoreutils/po/sk.po 2010-05-19 14:45:51.000000000 -0400
-+++ policycoreutils-2.0.83/po/sk.po 2010-09-14 17:18:13.000000000 -0400
++++ policycoreutils-2.0.83/po/sk.po 2010-10-25 17:11:18.000000000 -0400
@@ -7,10 +7,11 @@
msgstr ""
"Project-Id-Version: policycoreutils\n"
@@ -239671,10 +239614,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/sk.po policycoreutils
#~ msgid "Requires 2 or more arguments"
#~ msgstr "Vyžaduje 2 alebo viac parametrov"
-Binary files nsapolicycoreutils/po/sl.mo and policycoreutils-2.0.83/po/sl.mo differ
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/sl.po policycoreutils-2.0.83/po/sl.po
--- nsapolicycoreutils/po/sl.po 2010-05-19 14:45:51.000000000 -0400
-+++ policycoreutils-2.0.83/po/sl.po 2010-09-14 17:18:16.000000000 -0400
++++ policycoreutils-2.0.83/po/sl.po 2010-10-25 17:11:18.000000000 -0400
@@ -8,10 +8,11 @@
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
@@ -242886,10 +242828,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/sl.po policycoreutils
+#, python-format
+msgid "SELinux user '%s' is required"
+msgstr ""
-Binary files nsapolicycoreutils/po/sq.mo and policycoreutils-2.0.83/po/sq.mo differ
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/sq.po policycoreutils-2.0.83/po/sq.po
--- nsapolicycoreutils/po/sq.po 2010-05-19 14:45:51.000000000 -0400
-+++ policycoreutils-2.0.83/po/sq.po 2010-09-14 17:18:14.000000000 -0400
++++ policycoreutils-2.0.83/po/sq.po 2010-10-25 17:11:18.000000000 -0400
@@ -8,10 +8,11 @@
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
@@ -246101,10 +246042,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/sq.po policycoreutils
+#, python-format
+msgid "SELinux user '%s' is required"
+msgstr ""
-Binary files nsapolicycoreutils/po/sr at latin.mo and policycoreutils-2.0.83/po/sr at latin.mo differ
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/sr at latin.po policycoreutils-2.0.83/po/sr at latin.po
--- nsapolicycoreutils/po/sr at latin.po 2010-05-19 14:45:51.000000000 -0400
-+++ policycoreutils-2.0.83/po/sr at latin.po 2010-09-14 17:18:13.000000000 -0400
++++ policycoreutils-2.0.83/po/sr at latin.po 2010-10-25 17:11:18.000000000 -0400
@@ -1,26 +1,25 @@
-# translation of policycoreutils.HEAD.sr.po to Serbian
# Serbian(Latin) translations for policycoreutils
@@ -251188,10 +251128,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/sr at latin.po policycor
-#~ "Primoravanje\n"
-#~ "Dopuštanje\n"
-#~ "IskljuÄeno\n"
-Binary files nsapolicycoreutils/po/sr.mo and policycoreutils-2.0.83/po/sr.mo differ
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/sr.po policycoreutils-2.0.83/po/sr.po
--- nsapolicycoreutils/po/sr.po 2010-05-19 14:45:51.000000000 -0400
-+++ policycoreutils-2.0.83/po/sr.po 2010-09-14 17:18:14.000000000 -0400
++++ policycoreutils-2.0.83/po/sr.po 2010-10-25 17:11:18.000000000 -0400
@@ -1,26 +1,25 @@
-# translation of policycoreutils.HEAD.sr.po to Serbian
# Serbian translations for policycoreutils
@@ -256267,10 +256206,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/sr.po policycoreutils
-#~ "ÐÑимоÑаваÑе\n"
-#~ "ÐопÑÑÑаÑе\n"
-#~ "ÐÑкÑÑÑено\n"
-Binary files nsapolicycoreutils/po/sv.mo and policycoreutils-2.0.83/po/sv.mo differ
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/sv.po policycoreutils-2.0.83/po/sv.po
--- nsapolicycoreutils/po/sv.po 2010-05-19 14:45:51.000000000 -0400
-+++ policycoreutils-2.0.83/po/sv.po 2010-09-14 17:18:17.000000000 -0400
++++ policycoreutils-2.0.83/po/sv.po 2010-10-25 17:11:18.000000000 -0400
@@ -1,17 +1,20 @@
# Swedish messages for policycoreutils.
-# Copyright © 2001-2008 Free Software Foundation, Inc.
@@ -260549,10 +260487,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/sv.po policycoreutils
+
+#~ msgid "label40"
+#~ msgstr "label40"
-Binary files nsapolicycoreutils/po/ta.mo and policycoreutils-2.0.83/po/ta.mo differ
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/ta.po policycoreutils-2.0.83/po/ta.po
--- nsapolicycoreutils/po/ta.po 2010-05-19 14:45:51.000000000 -0400
-+++ policycoreutils-2.0.83/po/ta.po 2010-09-14 17:18:14.000000000 -0400
++++ policycoreutils-2.0.83/po/ta.po 2010-10-25 17:11:18.000000000 -0400
@@ -1,28 +1,25 @@
-# translation of ta.po to Tamil
+# translation of policycoreutils.HEAD.ta.po to Tamil
@@ -265043,10 +264980,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/ta.po policycoreutils
-#~ msgstr ""
-#~ "MLS/\n"
-#~ "MCS நிலà¯"
-Binary files nsapolicycoreutils/po/te.mo and policycoreutils-2.0.83/po/te.mo differ
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/te.po policycoreutils-2.0.83/po/te.po
--- nsapolicycoreutils/po/te.po 2010-05-19 14:45:51.000000000 -0400
-+++ policycoreutils-2.0.83/po/te.po 2010-09-14 17:18:14.000000000 -0400
++++ policycoreutils-2.0.83/po/te.po 2010-10-25 17:11:18.000000000 -0400
@@ -1,16 +1,17 @@
-# translation of new_policycoreutils.HEAD.te.po to Telugu
+# translation of policycoreutils.HEAD.te.po to Telugu
@@ -270001,10 +269937,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/te.po policycoreutils
-#~ "à°
à°à±à°¤à°¨à°®à±à°¨\n"
+#~ msgid "label40"
+#~ msgstr "label40"
-Binary files nsapolicycoreutils/po/th.mo and policycoreutils-2.0.83/po/th.mo differ
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/th.po policycoreutils-2.0.83/po/th.po
--- nsapolicycoreutils/po/th.po 2010-05-19 14:45:51.000000000 -0400
-+++ policycoreutils-2.0.83/po/th.po 2010-09-14 17:18:13.000000000 -0400
++++ policycoreutils-2.0.83/po/th.po 2010-10-25 17:11:18.000000000 -0400
@@ -8,10 +8,11 @@
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
@@ -273216,10 +273151,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/th.po policycoreutils
+#, python-format
+msgid "SELinux user '%s' is required"
+msgstr ""
-Binary files nsapolicycoreutils/po/tr.mo and policycoreutils-2.0.83/po/tr.mo differ
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/tr.po policycoreutils-2.0.83/po/tr.po
--- nsapolicycoreutils/po/tr.po 2010-05-19 14:45:51.000000000 -0400
-+++ policycoreutils-2.0.83/po/tr.po 2010-09-14 17:18:15.000000000 -0400
++++ policycoreutils-2.0.83/po/tr.po 2010-10-25 17:11:18.000000000 -0400
@@ -8,10 +8,11 @@
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
@@ -276431,10 +276365,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/tr.po policycoreutils
+#, python-format
+msgid "SELinux user '%s' is required"
+msgstr ""
-Binary files nsapolicycoreutils/po/uk.mo and policycoreutils-2.0.83/po/uk.mo differ
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/uk.po policycoreutils-2.0.83/po/uk.po
--- nsapolicycoreutils/po/uk.po 2010-05-19 14:45:51.000000000 -0400
-+++ policycoreutils-2.0.83/po/uk.po 2010-09-14 17:18:13.000000000 -0400
++++ policycoreutils-2.0.83/po/uk.po 2010-10-25 17:11:18.000000000 -0400
@@ -1,19 +1,23 @@
# Ukraqinian translation of policycoreutils.
# Copyright (C) 2006 Free software Foundation
@@ -280192,10 +280125,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/uk.po policycoreutils
+#, fuzzy
+#~ msgid "Sensitivity Level"
+#~ msgstr "Ð ÑÐ²ÐµÐ½Ñ ÑÑÑливоÑÑÑ"
-Binary files nsapolicycoreutils/po/ur.mo and policycoreutils-2.0.83/po/ur.mo differ
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/ur.po policycoreutils-2.0.83/po/ur.po
--- nsapolicycoreutils/po/ur.po 2010-05-19 14:45:51.000000000 -0400
-+++ policycoreutils-2.0.83/po/ur.po 2010-09-14 17:18:14.000000000 -0400
++++ policycoreutils-2.0.83/po/ur.po 2010-10-25 17:11:18.000000000 -0400
@@ -8,10 +8,11 @@
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
@@ -283407,10 +283339,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/ur.po policycoreutils
+#, python-format
+msgid "SELinux user '%s' is required"
+msgstr ""
-Binary files nsapolicycoreutils/po/vi.mo and policycoreutils-2.0.83/po/vi.mo differ
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/vi.po policycoreutils-2.0.83/po/vi.po
--- nsapolicycoreutils/po/vi.po 2010-05-19 14:45:51.000000000 -0400
-+++ policycoreutils-2.0.83/po/vi.po 2010-09-14 17:18:14.000000000 -0400
++++ policycoreutils-2.0.83/po/vi.po 2010-10-25 17:11:18.000000000 -0400
@@ -8,10 +8,11 @@
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
@@ -286622,10 +286553,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/vi.po policycoreutils
+#, python-format
+msgid "SELinux user '%s' is required"
+msgstr ""
-Binary files nsapolicycoreutils/po/zh_CN.mo and policycoreutils-2.0.83/po/zh_CN.mo differ
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/zh_CN.po policycoreutils-2.0.83/po/zh_CN.po
--- nsapolicycoreutils/po/zh_CN.po 2010-05-19 14:45:51.000000000 -0400
-+++ policycoreutils-2.0.83/po/zh_CN.po 2010-09-14 17:18:13.000000000 -0400
++++ policycoreutils-2.0.83/po/zh_CN.po 2010-10-25 17:11:18.000000000 -0400
@@ -1,17 +1,18 @@
-# translation of policycoreutils.HEAD.po to Simplified Chinese
+# translation of policycoreutils.HEAD.po to Wei Liu
@@ -291470,10 +291400,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/zh_CN.po policycoreut
-#~ msgstr "SELinux ç¨æ· '%s' æ¯å¿
éç"
+#~ msgid "label40"
+#~ msgstr "label40"
-Binary files nsapolicycoreutils/po/zh_TW.mo and policycoreutils-2.0.83/po/zh_TW.mo differ
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/zh_TW.po policycoreutils-2.0.83/po/zh_TW.po
--- nsapolicycoreutils/po/zh_TW.po 2010-05-19 14:45:51.000000000 -0400
-+++ policycoreutils-2.0.83/po/zh_TW.po 2010-09-14 17:18:14.000000000 -0400
++++ policycoreutils-2.0.83/po/zh_TW.po 2010-10-25 17:11:18.000000000 -0400
@@ -1,19 +1,22 @@
# translation of policycoreutils.HEAD.po to Traditional Chinese
+# translation of policycoreutils.HEAD.po to
@@ -296570,10 +296499,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/zh_TW.po policycoreut
-#~ "udp"
+#~ msgid "label40"
+#~ msgstr "label40"
-Binary files nsapolicycoreutils/po/zu.mo and policycoreutils-2.0.83/po/zu.mo differ
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/zu.po policycoreutils-2.0.83/po/zu.po
--- nsapolicycoreutils/po/zu.po 2010-05-19 14:45:51.000000000 -0400
-+++ policycoreutils-2.0.83/po/zu.po 2010-09-14 17:18:17.000000000 -0400
++++ policycoreutils-2.0.83/po/zu.po 2010-10-25 17:11:18.000000000 -0400
@@ -8,10 +8,11 @@
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
diff --git a/policycoreutils-rhat.patch b/policycoreutils-rhat.patch
index dbdf4d8..69aaa81 100644
--- a/policycoreutils-rhat.patch
+++ b/policycoreutils-rhat.patch
@@ -1,93 +1,5 @@
-diff -up policycoreutils-2.0.83/audit2allow/audit2allow.1.rhat policycoreutils-2.0.83/audit2allow/audit2allow.1
---- policycoreutils-2.0.83/audit2allow/audit2allow.1.rhat 2010-06-16 08:04:13.000000000 -0400
-+++ policycoreutils-2.0.83/audit2allow/audit2allow.1 2010-10-25 17:11:18.000000000 -0400
-@@ -66,6 +66,9 @@ Generate module/require output <modulena
- .B "\-M <modulename>"
- Generate loadable module package, conflicts with -o
- .TP
-+.B "\-p <policyfile>" | "\-\-policy <policyfile>"
-+Policy file to use for analysis
-+.TP
- .B "\-o <outputfile>" | "\-\-output <outputfile>"
- append output to
- .I <outputfile>
-@@ -117,14 +120,6 @@ an 'allow' rule.
- .B Please substitute /var/log/messages for /var/log/audit/audit.log in the
- .B examples.
- .PP
--.B Using audit2allow to generate monolithic (non-module) policy
--$ cd /etc/selinux/$SELINUXTYPE/src/policy
--$ cat /var/log/audit/audit.log | audit2allow >> domains/misc/local.te
--$ cat domains/misc/local.te
--allow cupsd_config_t unconfined_t:fifo_file { getattr ioctl };
--<review domains/misc/local.te and customize as desired>
--$ make load
--
- .B Using audit2allow to generate module policy
-
- $ cat /var/log/audit/audit.log | audit2allow -m local > local.te
-@@ -132,20 +127,38 @@ $ cat local.te
- module local 1.0;
-
- require {
-- role system_r;
-+ class file { getattr open read };
-
-
-- class fifo_file { getattr ioctl };
-+ type myapp_t;
-+ type etc_t;
-+ };
-
-
-- type cupsd_config_t;
-- type unconfined_t;
-- };
-+allow myapp_t etc_t:file { getattr open read };
-+<review local.te and customize as desired>
-
-+.B Using audit2allow to generate module policy using reference policy
-
--allow cupsd_config_t unconfined_t:fifo_file { getattr ioctl };
-+$ cat /var/log/audit/audit.log | audit2allow -R -m local > local.te
-+$ cat local.te
-+policy_module(local, 1.0)
-+
-+gen_require(`
-+ type myapp_t;
-+ type etc_t;
-+ };
-+
-+files_read_etc_files(myapp_t)
- <review local.te and customize as desired>
-
-+.B Building module policy using Makefile
-+
-+# SELinux provides a policy devel environment under /usr/share/selinux/devel
-+# You can create a te file and compile it by executing
-+$ make -f /usr/share/selinux/devel/Makefile
-+$ semodule -i local.pp
-+
- .B Building module policy manually
-
- # Compile the module
-@@ -168,6 +181,14 @@ you are required to execute
-
- semodule -i local.pp
-
-+.B Using audit2allow to generate monolithic (non-module) policy
-+$ cd /etc/selinux/$SELINUXTYPE/src/policy
-+$ cat /var/log/audit/audit.log | audit2allow >> domains/misc/local.te
-+$ cat domains/misc/local.te
-+allow cupsd_config_t unconfined_t:fifo_file { getattr ioctl };
-+<review domains/misc/local.te and customize as desired>
-+$ make load
-+
- .fi
- .PP
- .SH AUTHOR
-diff -up policycoreutils-2.0.83/audit2allow/audit2allow.rhat policycoreutils-2.0.83/audit2allow/audit2allow
---- policycoreutils-2.0.83/audit2allow/audit2allow.rhat 2010-06-16 08:04:13.000000000 -0400
+diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/audit2allow/audit2allow policycoreutils-2.0.83/audit2allow/audit2allow
+--- nsapolicycoreutils/audit2allow/audit2allow 2010-05-19 14:45:51.000000000 -0400
+++ policycoreutils-2.0.83/audit2allow/audit2allow 2010-10-25 17:11:18.000000000 -0400
@@ -1,4 +1,4 @@
-#! /usr/bin/python -E
@@ -95,7 +7,7 @@ diff -up policycoreutils-2.0.83/audit2allow/audit2allow.rhat policycoreutils-2.0
# Authors: Karl MacMillan <kmacmillan at mentalrootkit.com>
#
# Copyright (C) 2006-2007 Red Hat
-@@ -28,6 +28,7 @@ import sepolgen.objectmodel as objectmod
+@@ -28,6 +28,7 @@
import sepolgen.defaults as defaults
import sepolgen.module as module
from sepolgen.sepolgeni18n import _
@@ -103,7 +15,7 @@ diff -up policycoreutils-2.0.83/audit2allow/audit2allow.rhat policycoreutils-2.0
class AuditToPolicy:
VERSION = "%prog .1"
-@@ -46,6 +47,7 @@ class AuditToPolicy:
+@@ -46,6 +47,7 @@
help="audit messages since last boot conflicts with -i")
parser.add_option("-a", "--all", action="store_true", dest="audit", default=False,
help="read input from audit log - conflicts with -i")
@@ -111,7 +23,7 @@ diff -up policycoreutils-2.0.83/audit2allow/audit2allow.rhat policycoreutils-2.0
parser.add_option("-d", "--dmesg", action="store_true", dest="dmesg", default=False,
help="read input from dmesg - conflicts with --all and --input")
parser.add_option("-i", "--input", dest="input",
-@@ -231,63 +233,44 @@ class AuditToPolicy:
+@@ -231,63 +233,44 @@
def __output_audit2why(self):
import selinux
@@ -187,7 +99,7 @@ diff -up policycoreutils-2.0.83/audit2allow/audit2allow.rhat policycoreutils-2.0
print "\t\tMissing role allow rule.\n"
print "\t\tAdd an allow rule for the role pair.\n"
continue
-@@ -350,11 +333,19 @@ class AuditToPolicy:
+@@ -350,11 +333,19 @@
def main(self):
try:
self.__parse_options()
@@ -207,8 +119,112 @@ diff -up policycoreutils-2.0.83/audit2allow/audit2allow.rhat policycoreutils-2.0
if __name__ == "__main__":
app = AuditToPolicy()
-diff -up policycoreutils-2.0.83/audit2allow/sepolgen-ifgen.rhat policycoreutils-2.0.83/audit2allow/sepolgen-ifgen
---- policycoreutils-2.0.83/audit2allow/sepolgen-ifgen.rhat 2010-06-16 08:04:13.000000000 -0400
+diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/audit2allow/audit2allow.1 policycoreutils-2.0.83/audit2allow/audit2allow.1
+--- nsapolicycoreutils/audit2allow/audit2allow.1 2010-05-19 14:45:51.000000000 -0400
++++ policycoreutils-2.0.83/audit2allow/audit2allow.1 2010-10-29 09:38:31.000000000 -0400
+@@ -1,5 +1,6 @@
+ .\" Hey, Emacs! This is an -*- nroff -*- source file.
+ .\" Copyright (c) 2005 Manoj Srivastava <srivasta at debian.org>
++.\" Copyright (c) 2010 Dan Walsh <dwalsh at redhat.com>
+ .\"
+ .\" This is free documentation; you can redistribute it and/or
+ .\" modify it under the terms of the GNU General Public License as
+@@ -22,7 +23,7 @@
+ .\" USA.
+ .\"
+ .\"
+-.TH AUDIT2ALLOW "1" "January 2005" "Security Enhanced Linux" NSA
++.TH AUDIT2ALLOW "1" "October 2010" "Security Enhanced Linux" NSA
+ .SH NAME
+ .BR audit2allow
+ \- generate SELinux policy allow/dontaudit rules from logs of denied operations
+@@ -66,6 +67,9 @@
+ .B "\-M <modulename>"
+ Generate loadable module package, conflicts with -o
+ .TP
++.B "\-p <policyfile>" | "\-\-policy <policyfile>"
++Policy file to use for analysis
++.TP
+ .B "\-o <outputfile>" | "\-\-output <outputfile>"
+ append output to
+ .I <outputfile>
+@@ -117,14 +121,6 @@
+ .B Please substitute /var/log/messages for /var/log/audit/audit.log in the
+ .B examples.
+ .PP
+-.B Using audit2allow to generate monolithic (non-module) policy
+-$ cd /etc/selinux/$SELINUXTYPE/src/policy
+-$ cat /var/log/audit/audit.log | audit2allow >> domains/misc/local.te
+-$ cat domains/misc/local.te
+-allow cupsd_config_t unconfined_t:fifo_file { getattr ioctl };
+-<review domains/misc/local.te and customize as desired>
+-$ make load
+-
+ .B Using audit2allow to generate module policy
+
+ $ cat /var/log/audit/audit.log | audit2allow -m local > local.te
+@@ -132,20 +128,38 @@
+ module local 1.0;
+
+ require {
+- role system_r;
++ class file { getattr open read };
+
+
+- class fifo_file { getattr ioctl };
++ type myapp_t;
++ type etc_t;
++ };
+
+
+- type cupsd_config_t;
+- type unconfined_t;
+- };
++allow myapp_t etc_t:file { getattr open read };
++<review local.te and customize as desired>
+
++.B Using audit2allow to generate module policy using reference policy
+
+-allow cupsd_config_t unconfined_t:fifo_file { getattr ioctl };
++$ cat /var/log/audit/audit.log | audit2allow -R -m local > local.te
++$ cat local.te
++policy_module(local, 1.0)
++
++gen_require(`
++ type myapp_t;
++ type etc_t;
++ };
++
++files_read_etc_files(myapp_t)
+ <review local.te and customize as desired>
+
++.B Building module policy using Makefile
++
++# SELinux provides a policy devel environment under /usr/share/selinux/devel
++# You can create a te file and compile it by executing
++$ make -f /usr/share/selinux/devel/Makefile
++$ semodule -i local.pp
++
+ .B Building module policy manually
+
+ # Compile the module
+@@ -168,6 +182,14 @@
+
+ semodule -i local.pp
+
++.B Using audit2allow to generate monolithic (non-module) policy
++$ cd /etc/selinux/$SELINUXTYPE/src/policy
++$ cat /var/log/audit/audit.log | audit2allow >> domains/misc/local.te
++$ cat domains/misc/local.te
++allow cupsd_config_t unconfined_t:fifo_file { getattr ioctl };
++<review domains/misc/local.te and customize as desired>
++$ make load
++
+ .fi
+ .PP
+ .SH AUTHOR
+diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/audit2allow/sepolgen-ifgen policycoreutils-2.0.83/audit2allow/sepolgen-ifgen
+--- nsapolicycoreutils/audit2allow/sepolgen-ifgen 2010-05-19 14:45:51.000000000 -0400
+++ policycoreutils-2.0.83/audit2allow/sepolgen-ifgen 2010-10-25 17:11:18.000000000 -0400
@@ -1,4 +1,4 @@
-#! /usr/bin/python -E
@@ -227,7 +243,7 @@ diff -up policycoreutils-2.0.83/audit2allow/sepolgen-ifgen.rhat policycoreutils-
import sepolgen.refparser as refparser
import sepolgen.defaults as defaults
-@@ -35,6 +39,7 @@ import sepolgen.interfaces as interfaces
+@@ -35,6 +39,7 @@
VERSION = "%prog .1"
@@ -235,7 +251,7 @@ diff -up policycoreutils-2.0.83/audit2allow/sepolgen-ifgen.rhat policycoreutils-
def parse_options():
from optparse import OptionParser
-@@ -44,14 +49,43 @@ def parse_options():
+@@ -44,14 +49,43 @@
help="filename to store output")
parser.add_option("-i", "--interfaces", dest="headers", default=defaults.headers(),
help="location of the interface header files")
@@ -279,7 +295,7 @@ diff -up policycoreutils-2.0.83/audit2allow/sepolgen-ifgen.rhat policycoreutils-
def main():
options = parse_options()
-@@ -68,6 +102,14 @@ def main():
+@@ -68,6 +102,14 @@
else:
log = None
@@ -294,7 +310,7 @@ diff -up policycoreutils-2.0.83/audit2allow/sepolgen-ifgen.rhat policycoreutils-
try:
headers = refparser.parse_headers(options.headers, output=log, debug=options.debug)
except ValueError, e:
-@@ -76,7 +118,7 @@ def main():
+@@ -76,7 +118,7 @@
return 1
if_set = interfaces.InterfaceSet(output=log)
@@ -303,8 +319,8 @@ diff -up policycoreutils-2.0.83/audit2allow/sepolgen-ifgen.rhat policycoreutils-
if_set.to_file(f)
f.close()
-diff -up policycoreutils-2.0.83/load_policy/load_policy.c.rhat policycoreutils-2.0.83/load_policy/load_policy.c
---- policycoreutils-2.0.83/load_policy/load_policy.c.rhat 2010-06-16 08:04:12.000000000 -0400
+diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/load_policy/load_policy.c policycoreutils-2.0.83/load_policy/load_policy.c
+--- nsapolicycoreutils/load_policy/load_policy.c 2010-05-19 14:45:51.000000000 -0400
+++ policycoreutils-2.0.83/load_policy/load_policy.c 2010-10-25 17:11:18.000000000 -0400
@@ -1,3 +1,4 @@
+#define _GNU_SOURCE
@@ -333,7 +349,7 @@ diff -up policycoreutils-2.0.83/load_policy/load_policy.c.rhat policycoreutils-2
int main(int argc, char **argv)
{
int ret, opt, quiet = 0, nargs, init=0, enforce=0;
-@@ -76,9 +86,11 @@ int main(int argc, char **argv)
+@@ -76,9 +86,11 @@
if (ret != 0 ) {
if (enforce > 0) {
/* SELinux in enforcing mode but load_policy failed */
@@ -347,7 +363,7 @@ diff -up policycoreutils-2.0.83/load_policy/load_policy.c.rhat policycoreutils-2
exit(3);
}
}
-@@ -87,8 +99,10 @@ int main(int argc, char **argv)
+@@ -87,8 +99,10 @@
ret = selinux_mkload_policy(1);
}
if (ret < 0) {
@@ -360,8 +376,8 @@ diff -up policycoreutils-2.0.83/load_policy/load_policy.c.rhat policycoreutils-2
exit(2);
}
exit(0);
-diff -up policycoreutils-2.0.83/Makefile.rhat policycoreutils-2.0.83/Makefile
---- policycoreutils-2.0.83/Makefile.rhat 2010-06-16 08:04:11.000000000 -0400
+diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/Makefile policycoreutils-2.0.83/Makefile
+--- nsapolicycoreutils/Makefile 2010-06-16 08:03:38.000000000 -0400
+++ policycoreutils-2.0.83/Makefile 2010-10-25 17:11:18.000000000 -0400
@@ -1,4 +1,4 @@
-SUBDIRS = setfiles semanage load_policy newrole run_init sandbox secon audit2allow audit2why scripts sestatus semodule_package semodule semodule_link semodule_expand semodule_deps setsebool po
@@ -369,10 +385,34 @@ diff -up policycoreutils-2.0.83/Makefile.rhat policycoreutils-2.0.83/Makefile
INOTIFYH = $(shell ls /usr/include/sys/inotify.h 2>/dev/null)
-diff -up policycoreutils-2.0.83/newrole/newrole.c.rhat policycoreutils-2.0.83/newrole/newrole.c
---- policycoreutils-2.0.83/newrole/newrole.c.rhat 2010-06-16 08:04:12.000000000 -0400
+diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/newrole/Makefile policycoreutils-2.0.83/newrole/Makefile
+--- nsapolicycoreutils/newrole/Makefile 2010-05-19 14:45:51.000000000 -0400
++++ policycoreutils-2.0.83/newrole/Makefile 2010-10-25 17:17:28.000000000 -0400
+@@ -32,17 +32,19 @@
+ override CFLAGS += -D_XOPEN_SOURCE=500
+ LDLIBS += -lcrypt
+ endif
++
+ ifeq (${AUDITH}, /usr/include/libaudit.h)
+ override CFLAGS += -DUSE_AUDIT
+ LDLIBS += -laudit
+ endif
++
+ ifeq (${LSPP_PRIV},y)
+ override AUDIT_LOG_PRIV=y
+ override NAMESPACE_PRIV=y
+ endif
+ ifeq (${AUDIT_LOG_PRIV},y)
+ override CFLAGS += -DAUDIT_LOG_PRIV
+- IS_SUID=y
++ IS_SUID
+ endif
+ ifeq (${NAMESPACE_PRIV},y)
+ override CFLAGS += -DNAMESPACE_PRIV
+diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/newrole/newrole.c policycoreutils-2.0.83/newrole/newrole.c
+--- nsapolicycoreutils/newrole/newrole.c 2010-05-19 14:45:51.000000000 -0400
+++ policycoreutils-2.0.83/newrole/newrole.c 2010-10-25 17:14:24.000000000 -0400
-@@ -537,7 +537,7 @@ static int restore_environment(int prese
+@@ -537,7 +537,7 @@
*
* Returns zero on success, non-zero otherwise
*/
@@ -381,7 +421,7 @@ diff -up policycoreutils-2.0.83/newrole/newrole.c.rhat policycoreutils-2.0.83/ne
static int drop_capabilities(void)
{
int rc = 0;
-@@ -602,7 +602,7 @@ static int drop_capabilities(void)
+@@ -602,7 +602,7 @@
fprintf(stderr, _("Error freeing caps\n"));
return rc;
}
@@ -390,7 +430,7 @@ diff -up policycoreutils-2.0.83/newrole/newrole.c.rhat policycoreutils-2.0.83/ne
/**
* This function will drop the capabilities so that we are left
* only with access to the audit system and the ability to raise
-@@ -1334,6 +1334,9 @@ int main(int argc, char *argv[])
+@@ -1334,6 +1334,9 @@
if (send_audit_message(1, old_context, new_context, ttyn))
goto err_close_pam_session;
@@ -400,8 +440,8 @@ diff -up policycoreutils-2.0.83/newrole/newrole.c.rhat policycoreutils-2.0.83/ne
#ifdef NAMESPACE_PRIV
if (transition_to_caller_uid())
goto err_close_pam_session;
-diff -up policycoreutils-2.0.83/restorecond/Makefile.rhat policycoreutils-2.0.83/restorecond/Makefile
---- policycoreutils-2.0.83/restorecond/Makefile.rhat 2010-06-16 08:04:13.000000000 -0400
+diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/Makefile policycoreutils-2.0.83/restorecond/Makefile
+--- nsapolicycoreutils/restorecond/Makefile 2010-05-19 14:45:51.000000000 -0400
+++ policycoreutils-2.0.83/restorecond/Makefile 2010-10-25 17:11:18.000000000 -0400
@@ -1,17 +1,28 @@
# Installation directories.
@@ -435,7 +475,7 @@ diff -up policycoreutils-2.0.83/restorecond/Makefile.rhat policycoreutils-2.0.83
$(CC) $(LDFLAGS) -o $@ $^ $(LDLIBS)
install: all
-@@ -22,7 +33,12 @@ install: all
+@@ -22,7 +33,12 @@
-mkdir -p $(INITDIR)
install -m 755 restorecond.init $(INITDIR)/restorecond
-mkdir -p $(SELINUXDIR)
@@ -449,15 +489,15 @@ diff -up policycoreutils-2.0.83/restorecond/Makefile.rhat policycoreutils-2.0.83
relabel: install
/sbin/restorecon $(SBINDIR)/restorecond
-diff -up policycoreutils-2.0.83/restorecond/org.selinux.Restorecond.service.rhat policycoreutils-2.0.83/restorecond/org.selinux.Restorecond.service
---- policycoreutils-2.0.83/restorecond/org.selinux.Restorecond.service.rhat 2010-10-25 17:11:18.000000000 -0400
+diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/org.selinux.Restorecond.service policycoreutils-2.0.83/restorecond/org.selinux.Restorecond.service
+--- nsapolicycoreutils/restorecond/org.selinux.Restorecond.service 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.83/restorecond/org.selinux.Restorecond.service 2010-10-25 17:11:18.000000000 -0400
@@ -0,0 +1,3 @@
+[D-BUS Service]
+Name=org.selinux.Restorecond
+Exec=/usr/sbin/restorecond -u
-diff -up policycoreutils-2.0.83/restorecond/restorecond.8.rhat policycoreutils-2.0.83/restorecond/restorecond.8
---- policycoreutils-2.0.83/restorecond/restorecond.8.rhat 2010-06-16 08:04:13.000000000 -0400
+diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.8 policycoreutils-2.0.83/restorecond/restorecond.8
+--- nsapolicycoreutils/restorecond/restorecond.8 2010-05-19 14:45:51.000000000 -0400
+++ policycoreutils-2.0.83/restorecond/restorecond.8 2010-10-25 17:11:18.000000000 -0400
@@ -3,7 +3,7 @@
restorecond \- daemon that watches for file creation and then sets the default SELinux file context
@@ -468,7 +508,7 @@ diff -up policycoreutils-2.0.83/restorecond/restorecond.8.rhat policycoreutils-2
.P
.SH "DESCRIPTION"
-@@ -19,13 +19,22 @@ the correct file context associated with
+@@ -19,13 +19,22 @@
.B \-d
Turns on debugging mode. Application will stay in the foreground and lots of
debugs messages start printing.
@@ -493,21 +533,8 @@ diff -up policycoreutils-2.0.83/restorecond/restorecond.8.rhat policycoreutils-2
.SH "SEE ALSO"
.BR restorecon (8),
-diff -up policycoreutils-2.0.83/restorecond/restorecond.conf.rhat policycoreutils-2.0.83/restorecond/restorecond.conf
---- policycoreutils-2.0.83/restorecond/restorecond.conf.rhat 2010-06-16 08:04:13.000000000 -0400
-+++ policycoreutils-2.0.83/restorecond/restorecond.conf 2010-10-25 17:11:18.000000000 -0400
-@@ -4,8 +4,5 @@
- /etc/mtab
- /var/run/utmp
- /var/log/wtmp
--~/*
--/root/.ssh
-+/root/*
- /root/.ssh/*
--
--
-diff -up policycoreutils-2.0.83/restorecond/restorecond.c.rhat policycoreutils-2.0.83/restorecond/restorecond.c
---- policycoreutils-2.0.83/restorecond/restorecond.c.rhat 2010-06-16 08:04:13.000000000 -0400
+diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.c policycoreutils-2.0.83/restorecond/restorecond.c
+--- nsapolicycoreutils/restorecond/restorecond.c 2010-05-19 14:45:51.000000000 -0400
+++ policycoreutils-2.0.83/restorecond/restorecond.c 2010-10-25 17:11:18.000000000 -0400
@@ -30,9 +30,11 @@
* and makes sure that there security context matches the systems defaults
@@ -837,7 +864,7 @@ diff -up policycoreutils-2.0.83/restorecond/restorecond.c.rhat policycoreutils-2
}
static const char *pidfile = "/var/run/restorecond.pid";
-@@ -374,7 +120,7 @@ static void term_handler()
+@@ -374,7 +120,7 @@
static void usage(char *program)
{
@@ -846,7 +873,7 @@ diff -up policycoreutils-2.0.83/restorecond/restorecond.c.rhat policycoreutils-2
exit(0);
}
-@@ -390,74 +136,35 @@ void exitApp(const char *msg)
+@@ -390,74 +136,35 @@
to see if it is one that we are watching.
*/
@@ -945,7 +972,7 @@ diff -up policycoreutils-2.0.83/restorecond/restorecond.c.rhat policycoreutils-2
/* Register sighandlers */
sa.sa_flags = 0;
-@@ -467,36 +174,56 @@ int main(int argc, char **argv)
+@@ -467,36 +174,56 @@
set_matchpathcon_flags(MATCHPATHCON_NOTRANS);
@@ -1011,8 +1038,21 @@ diff -up policycoreutils-2.0.83/restorecond/restorecond.c.rhat policycoreutils-2
if (pidfile)
unlink(pidfile);
-diff -up policycoreutils-2.0.83/restorecond/restorecond.desktop.rhat policycoreutils-2.0.83/restorecond/restorecond.desktop
---- policycoreutils-2.0.83/restorecond/restorecond.desktop.rhat 2010-10-25 17:11:18.000000000 -0400
+diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.conf policycoreutils-2.0.83/restorecond/restorecond.conf
+--- nsapolicycoreutils/restorecond/restorecond.conf 2010-05-19 14:45:51.000000000 -0400
++++ policycoreutils-2.0.83/restorecond/restorecond.conf 2010-10-25 17:11:18.000000000 -0400
+@@ -4,8 +4,5 @@
+ /etc/mtab
+ /var/run/utmp
+ /var/log/wtmp
+-~/*
+-/root/.ssh
++/root/*
+ /root/.ssh/*
+-
+-
+diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.desktop policycoreutils-2.0.83/restorecond/restorecond.desktop
+--- nsapolicycoreutils/restorecond/restorecond.desktop 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.83/restorecond/restorecond.desktop 2010-10-25 17:11:18.000000000 -0400
@@ -0,0 +1,7 @@
+[Desktop Entry]
@@ -1022,8 +1062,8 @@ diff -up policycoreutils-2.0.83/restorecond/restorecond.desktop.rhat policycoreu
+Encoding=UTF-8
+Type=Application
+StartupNotify=false
-diff -up policycoreutils-2.0.83/restorecond/restorecond.h.rhat policycoreutils-2.0.83/restorecond/restorecond.h
---- policycoreutils-2.0.83/restorecond/restorecond.h.rhat 2010-06-16 08:04:13.000000000 -0400
+diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.h policycoreutils-2.0.83/restorecond/restorecond.h
+--- nsapolicycoreutils/restorecond/restorecond.h 2010-05-19 14:45:51.000000000 -0400
+++ policycoreutils-2.0.83/restorecond/restorecond.h 2010-10-25 17:11:18.000000000 -0400
@@ -24,7 +24,22 @@
#ifndef RESTORED_CONFIG_H
@@ -1050,10 +1090,10 @@ diff -up policycoreutils-2.0.83/restorecond/restorecond.h.rhat policycoreutils-2
+extern int watch_list_isempty();
#endif
-diff -up policycoreutils-2.0.83/restorecond/restorecond.init.rhat policycoreutils-2.0.83/restorecond/restorecond.init
---- policycoreutils-2.0.83/restorecond/restorecond.init.rhat 2010-06-16 08:04:13.000000000 -0400
+diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.init policycoreutils-2.0.83/restorecond/restorecond.init
+--- nsapolicycoreutils/restorecond/restorecond.init 2010-05-19 14:45:51.000000000 -0400
+++ policycoreutils-2.0.83/restorecond/restorecond.init 2010-10-25 17:11:18.000000000 -0400
-@@ -26,7 +26,7 @@ PATH=/sbin:/bin:/usr/bin:/usr/sbin
+@@ -26,7 +26,7 @@
# Source function library.
. /etc/rc.d/init.d/functions
@@ -1062,7 +1102,7 @@ diff -up policycoreutils-2.0.83/restorecond/restorecond.init.rhat policycoreutil
# Check that we are root ... so non-root users stop here
test $EUID = 0 || exit 4
-@@ -75,16 +75,15 @@ case "$1" in
+@@ -75,16 +75,15 @@
status restorecond
RETVAL=$?
;;
@@ -1081,14 +1121,14 @@ diff -up policycoreutils-2.0.83/restorecond/restorecond.init.rhat policycoreutil
exit $RETVAL
-
-diff -up policycoreutils-2.0.83/restorecond/restorecond_user.conf.rhat policycoreutils-2.0.83/restorecond/restorecond_user.conf
---- policycoreutils-2.0.83/restorecond/restorecond_user.conf.rhat 2010-10-25 17:11:18.000000000 -0400
+diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond_user.conf policycoreutils-2.0.83/restorecond/restorecond_user.conf
+--- nsapolicycoreutils/restorecond/restorecond_user.conf 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.83/restorecond/restorecond_user.conf 2010-10-25 17:11:18.000000000 -0400
@@ -0,0 +1,2 @@
+~/*
+~/public_html/*
-diff -up policycoreutils-2.0.83/restorecond/user.c.rhat policycoreutils-2.0.83/restorecond/user.c
---- policycoreutils-2.0.83/restorecond/user.c.rhat 2010-10-25 17:11:18.000000000 -0400
+diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/user.c policycoreutils-2.0.83/restorecond/user.c
+--- nsapolicycoreutils/restorecond/user.c 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.83/restorecond/user.c 2010-10-25 17:11:18.000000000 -0400
@@ -0,0 +1,239 @@
+/*
@@ -1330,10 +1370,10 @@ diff -up policycoreutils-2.0.83/restorecond/user.c.rhat policycoreutils-2.0.83/r
+ return 0;
+}
+
-diff -up policycoreutils-2.0.83/restorecond/utmpwatcher.c.rhat policycoreutils-2.0.83/restorecond/utmpwatcher.c
---- policycoreutils-2.0.83/restorecond/utmpwatcher.c.rhat 2010-06-16 08:04:13.000000000 -0400
+diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/utmpwatcher.c policycoreutils-2.0.83/restorecond/utmpwatcher.c
+--- nsapolicycoreutils/restorecond/utmpwatcher.c 2010-05-19 14:45:51.000000000 -0400
+++ policycoreutils-2.0.83/restorecond/utmpwatcher.c 2010-10-25 17:11:18.000000000 -0400
-@@ -72,8 +72,8 @@ unsigned int utmpwatcher_handle(int inot
+@@ -72,8 +72,8 @@
if (utmp_wd == -1)
exitApp("Error watching utmp file.");
@@ -1343,8 +1383,8 @@ diff -up policycoreutils-2.0.83/restorecond/utmpwatcher.c.rhat policycoreutils-2
strings_list_free(prev_utmp_ptr);
}
return changed;
-diff -up policycoreutils-2.0.83/restorecond/watch.c.rhat policycoreutils-2.0.83/restorecond/watch.c
---- policycoreutils-2.0.83/restorecond/watch.c.rhat 2010-10-25 17:11:18.000000000 -0400
+diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/watch.c policycoreutils-2.0.83/restorecond/watch.c
+--- nsapolicycoreutils/restorecond/watch.c 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.83/restorecond/watch.c 2010-10-25 17:11:18.000000000 -0400
@@ -0,0 +1,260 @@
+#define _GNU_SOURCE
@@ -1607,16 +1647,16 @@ diff -up policycoreutils-2.0.83/restorecond/watch.c.rhat policycoreutils-2.0.83/
+ if (master_wd == -1)
+ exitApp("Error watching config file.");
+}
-diff -up policycoreutils-2.0.83/sandbox/deliverables/basicwrapper.rhat policycoreutils-2.0.83/sandbox/deliverables/basicwrapper
---- policycoreutils-2.0.83/sandbox/deliverables/basicwrapper.rhat 2010-10-25 17:11:18.000000000 -0400
+diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/deliverables/basicwrapper policycoreutils-2.0.83/sandbox/deliverables/basicwrapper
+--- nsapolicycoreutils/sandbox/deliverables/basicwrapper 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.83/sandbox/deliverables/basicwrapper 2010-10-25 17:11:18.000000000 -0400
@@ -0,0 +1,4 @@
+import os, sys
+SANDBOX_ARGS = ['-f%s' % os.environ['_CONDOR_SCRATCH_DIR']]
+SANDBOX_ARGS.extend(sys.argv[1::])
+os.execv('/usr/bin/sandbox',SANDBOX_ARGS)
-diff -up policycoreutils-2.0.83/sandbox/deliverables/README.rhat policycoreutils-2.0.83/sandbox/deliverables/README
---- policycoreutils-2.0.83/sandbox/deliverables/README.rhat 2010-10-25 17:11:18.000000000 -0400
+diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/deliverables/README policycoreutils-2.0.83/sandbox/deliverables/README
+--- nsapolicycoreutils/sandbox/deliverables/README 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.83/sandbox/deliverables/README 2010-10-25 17:11:18.000000000 -0400
@@ -0,0 +1,32 @@
+Files:
@@ -1651,8 +1691,8 @@ diff -up policycoreutils-2.0.83/sandbox/deliverables/README.rhat policycoreutils
+
+Thanks for a great summer.
+Chris Pardy
-diff -up policycoreutils-2.0.83/sandbox/deliverables/run-in-sandbox.py.rhat policycoreutils-2.0.83/sandbox/deliverables/run-in-sandbox.py
---- policycoreutils-2.0.83/sandbox/deliverables/run-in-sandbox.py.rhat 2010-10-25 17:11:18.000000000 -0400
+diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/deliverables/run-in-sandbox.py policycoreutils-2.0.83/sandbox/deliverables/run-in-sandbox.py
+--- nsapolicycoreutils/sandbox/deliverables/run-in-sandbox.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.83/sandbox/deliverables/run-in-sandbox.py 2010-10-25 17:11:18.000000000 -0400
@@ -0,0 +1,49 @@
+import os
@@ -1704,10 +1744,10 @@ diff -up policycoreutils-2.0.83/sandbox/deliverables/run-in-sandbox.py.rhat poli
+ def get_background_items(self, window, file):
+ return
+
-diff -up policycoreutils-2.0.83/sandbox/Makefile.rhat policycoreutils-2.0.83/sandbox/Makefile
---- policycoreutils-2.0.83/sandbox/Makefile.rhat 2010-06-16 08:04:12.000000000 -0400
+diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/Makefile policycoreutils-2.0.83/sandbox/Makefile
+--- nsapolicycoreutils/sandbox/Makefile 2010-06-16 08:03:38.000000000 -0400
+++ policycoreutils-2.0.83/sandbox/Makefile 2010-10-25 17:11:18.000000000 -0400
-@@ -7,8 +7,8 @@ SBINDIR ?= $(PREFIX)/sbin
+@@ -7,8 +7,8 @@
MANDIR ?= $(PREFIX)/share/man
LOCALEDIR ?= /usr/share/locale
SHAREDIR ?= $(PREFIX)/share/sandbox
@@ -1718,7 +1758,7 @@ diff -up policycoreutils-2.0.83/sandbox/Makefile.rhat policycoreutils-2.0.83/san
all: sandbox seunshare sandboxX.sh
-@@ -20,6 +20,9 @@ install: all
+@@ -20,6 +20,9 @@
install -m 755 sandbox $(BINDIR)
-mkdir -p $(MANDIR)/man8
install -m 644 sandbox.8 $(MANDIR)/man8/
@@ -1728,7 +1768,7 @@ diff -up policycoreutils-2.0.83/sandbox/Makefile.rhat policycoreutils-2.0.83/san
-mkdir -p $(SBINDIR)
install -m 4755 seunshare $(SBINDIR)/
-mkdir -p $(SHAREDIR)
-@@ -27,7 +30,7 @@ install: all
+@@ -27,7 +30,7 @@
-mkdir -p $(INITDIR)
install -m 755 sandbox.init $(INITDIR)/sandbox
-mkdir -p $(SYSCONFDIR)
@@ -1737,204 +1777,69 @@ diff -up policycoreutils-2.0.83/sandbox/Makefile.rhat policycoreutils-2.0.83/san
test:
@python test_sandbox.py -v
-diff -up policycoreutils-2.0.83/sandbox/sandbox.8.rhat policycoreutils-2.0.83/sandbox/sandbox.8
---- policycoreutils-2.0.83/sandbox/sandbox.8.rhat 2010-06-16 08:04:12.000000000 -0400
-+++ policycoreutils-2.0.83/sandbox/sandbox.8 2010-10-25 17:11:18.000000000 -0400
-@@ -1,10 +1,13 @@
--.TH SANDBOX "8" "May 2009" "chcat" "User Commands"
-+.TH SANDBOX "8" "May 2010" "sandbox" "User Commands"
- .SH NAME
- sandbox \- Run cmd under an SELinux sandbox
- .SH SYNOPSIS
- .B sandbox
--[-l level ] [[-M | -X] -H homedir -T tempdir ] [-I includefile ] [ -W windowmanager ] [[-i file ]...] [ -t type ] cmd
--[-l level ] [[-M | -X] -H homedir -T tempdir ] [-I includefile ] [ -W windowmanager ] [[-i file ]...] [ -t type ] -S
-+[-l level ] [[-M | -X] -H homedir -T tempdir ] [-I includefile ] [ -W windowmanager ] [ -w windowsize ] [[-i file ]...] [ -t type ] cmd
-+
-+.br
-+.B sandbox
-+[-l level ] [[-M | -X] -H homedir -T tempdir ] [-I includefile ] [ -W windowmanager ] [ -w windowsize ] [[-i file ]...] [ -t type ] -S
- .br
- .SH DESCRIPTION
- .PP
-@@ -42,6 +45,12 @@ Use alternate sandbox type, defaults to
- \fB\-T\ tmpdir
- Use alternate tempory directory to mount on /tmp. Defaults to tmpfs. Requires -X or -M.
- .TP
-+\fB\-S
-+Run a full desktop session, Requires level, and home and tmpdir.
-+.TP
-+\fB\-w windowsize\fR
-+Specifies the windowsize when creating an X based Sandbox. The default windowsize is 1000x700.
-+.TP
- \fB\-W windowmanager\fR
- Select alternative window manager to run within
- .B sandbox -X.
-@@ -50,8 +59,17 @@ Default to /usr/bin/matchbox-window-mana
- \fB\-X\fR
- Create an X based Sandbox for gui apps, temporary files for
- $HOME and /tmp, secondary Xserver, defaults to sandbox_x_t
-+.TP
-+\fB\-C\fR
-+Use control groups to control this copy of sandbox. Specify parameters in /etc/sysconfig/sandbox. Max memory usage and cpu usage are to be specified in percent. You can specify which CPUs to use by numbering them 0,1,2... etc.
- .PP
- .SH "SEE ALSO"
- .TP
--runcon(1)
-+runcon(1), seunshare(8), selinux(8)
- .PP
-+
-+.SH AUTHOR
-+This manual page was written by
-+.I Dan Walsh <dwalsh at redhat.com>
-+and
-+.I Thomas Liu <tliu at fedoraproject.org>
-diff -up policycoreutils-2.0.83/sandbox/sandbox.conf.5.rhat policycoreutils-2.0.83/sandbox/sandbox.conf.5
---- policycoreutils-2.0.83/sandbox/sandbox.conf.5.rhat 2010-10-25 17:11:18.000000000 -0400
-+++ policycoreutils-2.0.83/sandbox/sandbox.conf.5 2010-10-25 17:11:18.000000000 -0400
-@@ -0,0 +1,40 @@
-+.TH sandbox.conf "5" "June 2010" "sandbox.conf" "Linux System Administration"
-+.SH NAME
-+sandbox.conf \- user config file for the SELinux sandbox
-+.SH DESCRIPTION
-+.PP
-+When running sandbox with the -C argument, it will be confined using control groups and a system administrator can specify how the sandbox is confined.
-+
-+.PP
-+Everything after "#" is ignored, as are empty lines. All arguments should be separated by and equals sign ("=").
-+
-+.PP
-+These keywords are allowed.
-+
-+.RS
-+.TP
-+.B NAME
-+The name of the sandbox control group. Default is "sandbox".
-+
-+.TP
-+.B CPUAFFINITY
-+Which cpus to assign sandbox to. The default is ALL, but users can specify a comma-separated list with dashes ("-") to represent ranges. Ex: 0-2,5
-+
-+.TP
-+.B MEMUSAGE
-+How much memory to allow sandbox to use. The default is 80%. Users can specify either a percentage or a value in the form of a number followed by one of the suffixes K, M, G to denote kilobytes, megabytes or gigabytes respectively. Ex: 50% or 100M
-+
-+.TP
-+.B CPUUSAGE
-+Percentage of cpu sandbox should be allowed to use. The default is 80%. Specify a value followed by a percent sign ("%"). Ex: 50%
-+
-+
-+
-+.SH "SEE ALSO"
-+.TP
-+sandbox(8)
-+.PP
-+
-+.SH AUTHOR
-+This manual page was written by
-+.I Thomas Liu <tliu at fedoraproject.org>
-diff -up policycoreutils-2.0.83/sandbox/sandbox.config.rhat policycoreutils-2.0.83/sandbox/sandbox.config
-diff -up policycoreutils-2.0.83/sandbox/sandbox.conf.rhat policycoreutils-2.0.83/sandbox/sandbox.conf
---- policycoreutils-2.0.83/sandbox/sandbox.conf.rhat 2010-10-25 17:11:18.000000000 -0400
-+++ policycoreutils-2.0.83/sandbox/sandbox.conf 2010-10-25 17:11:18.000000000 -0400
-@@ -0,0 +1,7 @@
-+# Space separate list of homedirs
-+HOMEDIRS="/home"
-+# Control group configuration
-+NAME=sandbox
-+CPUAFFINITY=ALL
-+MEMUSAGE=80%
-+CPUUSAGE=80%
-diff -up policycoreutils-2.0.83/sandbox/sandbox.init.rhat policycoreutils-2.0.83/sandbox/sandbox.init
---- policycoreutils-2.0.83/sandbox/sandbox.init.rhat 2010-06-16 08:04:12.000000000 -0400
-+++ policycoreutils-2.0.83/sandbox/sandbox.init 2010-10-25 17:11:18.000000000 -0400
-@@ -10,17 +10,12 @@
- #
- # chkconfig: 345 1 99
- #
--# Description: sandbox and other apps that want to use pam_namespace
--# on /var/tmp, /tmp and home directories, requires this script
--# to be run at boot time.
--# This script sets up the / mount point and all of its
--# subdirectories as shared. The script sets up
--# /tmp, /var/tmp, /home and any homedirs listed in
--# /etc/sysconfig/sandbox and all of their subdirectories
--# as unshared.
--# All processes that use pam_namespace will see
--# modifications to the global mountspace, except for the
--# unshared directories.
-+# description: sandbox, xguest and other apps that want to use pam_namespace \
-+# require this script be run at boot. This service script does \
-+# not actually run any service but sets up: \
-+# /var/tmp, /tmp and home directories to be used by these tools.\
-+# If you do not use sandbox, xguest or pam_namespace you can turn \
-+# this service off.\
- #
-
- # Source function library.
-diff -up policycoreutils-2.0.83/sandbox/sandbox.rhat policycoreutils-2.0.83/sandbox/sandbox
---- policycoreutils-2.0.83/sandbox/sandbox.rhat 2010-06-16 08:04:12.000000000 -0400
-+++ policycoreutils-2.0.83/sandbox/sandbox 2010-10-25 17:11:18.000000000 -0400
-@@ -1,5 +1,6 @@
--#! /usr/bin/python -E
-+#! /usr/bin/python -Es
- # Authors: Dan Walsh <dwalsh at redhat.com>
-+# Authors: Thomas Liu <tliu at fedoraproject.org>
- # Authors: Josh Cogliati
- #
- # Copyright (C) 2009,2010 Red Hat
-@@ -19,15 +20,17 @@
- # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
- #
-
--import os, sys, socket, random, fcntl, shutil, re, subprocess
-+import os, stat, sys, socket, random, fcntl, shutil, re, subprocess
- import selinux
- import signal
- from tempfile import mkdtemp
- import pwd
-+import commands
-
- PROGNAME = "policycoreutils"
- HOMEDIR=pwd.getpwuid(os.getuid()).pw_dir
--
-+SEUNSHARE = "/usr/sbin/seunshare"
-+SANDBOXSH = "/usr/share/sandbox/sandboxX.sh"
- import gettext
- gettext.bindtextdomain(PROGNAME, "/usr/share/locale")
- gettext.textdomain(PROGNAME)
-@@ -41,6 +44,7 @@ except IOError:
- import __builtin__
- __builtin__.__dict__['_'] = unicode
-
-+DEFAULT_WINDOWSIZE = "1000x700"
- DEFAULT_TYPE = "sandbox_t"
- DEFAULT_X_TYPE = "sandbox_x_t"
- SAVE_FILES = {}
-@@ -63,15 +67,15 @@ def error_exit(msg):
- sys.stderr.flush()
- sys.exit(1)
-
--def copyfile(file, dir, dest):
-+def copyfile(file, srcdir, dest):
- import re
-- if file.startswith(dir):
-+ if file.startswith(srcdir):
- dname = os.path.dirname(file)
- bname = os.path.basename(file)
-- if dname == dir:
-+ if dname == srcdir:
- dest = dest + "/" + bname
- else:
-- newdir = re.sub(dir, dest, dname)
-+ newdir = re.sub(srcdir, dest, dname)
- if not os.path.exists(newdir):
- os.makedirs(newdir)
- dest = newdir + "/" + bname
-@@ -81,9 +85,10 @@ def copyfile(file, dir, dest):
- shutil.copytree(file, dest)
- else:
- shutil.copy2(file, dest)
+diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/sandbox policycoreutils-2.0.83/sandbox/sandbox
+--- nsapolicycoreutils/sandbox/sandbox 2010-06-16 08:03:38.000000000 -0400
++++ policycoreutils-2.0.83/sandbox/sandbox 2010-10-25 17:11:18.000000000 -0400
+@@ -1,5 +1,6 @@
+-#! /usr/bin/python -E
++#! /usr/bin/python -Es
+ # Authors: Dan Walsh <dwalsh at redhat.com>
++# Authors: Thomas Liu <tliu at fedoraproject.org>
+ # Authors: Josh Cogliati
+ #
+ # Copyright (C) 2009,2010 Red Hat
+@@ -19,15 +20,17 @@
+ # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ #
+
+-import os, sys, socket, random, fcntl, shutil, re, subprocess
++import os, stat, sys, socket, random, fcntl, shutil, re, subprocess
+ import selinux
+ import signal
+ from tempfile import mkdtemp
+ import pwd
++import commands
+
+ PROGNAME = "policycoreutils"
+ HOMEDIR=pwd.getpwuid(os.getuid()).pw_dir
+-
++SEUNSHARE = "/usr/sbin/seunshare"
++SANDBOXSH = "/usr/share/sandbox/sandboxX.sh"
+ import gettext
+ gettext.bindtextdomain(PROGNAME, "/usr/share/locale")
+ gettext.textdomain(PROGNAME)
+@@ -41,6 +44,7 @@
+ import __builtin__
+ __builtin__.__dict__['_'] = unicode
+
++DEFAULT_WINDOWSIZE = "1000x700"
+ DEFAULT_TYPE = "sandbox_t"
+ DEFAULT_X_TYPE = "sandbox_x_t"
+ SAVE_FILES = {}
+@@ -63,15 +67,15 @@
+ sys.stderr.flush()
+ sys.exit(1)
+
+-def copyfile(file, dir, dest):
++def copyfile(file, srcdir, dest):
+ import re
+- if file.startswith(dir):
++ if file.startswith(srcdir):
+ dname = os.path.dirname(file)
+ bname = os.path.basename(file)
+- if dname == dir:
++ if dname == srcdir:
+ dest = dest + "/" + bname
+ else:
+- newdir = re.sub(dir, dest, dname)
++ newdir = re.sub(srcdir, dest, dname)
+ if not os.path.exists(newdir):
+ os.makedirs(newdir)
+ dest = newdir + "/" + bname
+@@ -81,9 +85,10 @@
+ shutil.copytree(file, dest)
+ else:
+ shutil.copy2(file, dest)
+
except shutil.Error, elist:
- for e in elist:
@@ -1944,7 +1849,7 @@ diff -up policycoreutils-2.0.83/sandbox/sandbox.rhat policycoreutils-2.0.83/sand
SAVE_FILES[file] = (dest, os.path.getmtime(dest))
-@@ -161,10 +166,10 @@ class Sandbox:
+@@ -161,10 +166,10 @@
if not self.__options.homedir or not self.__options.tmpdir:
self.usage(_("Homedir and tempdir required for level mounts"))
@@ -1958,7 +1863,7 @@ diff -up policycoreutils-2.0.83/sandbox/sandbox.rhat policycoreutils-2.0.83/sand
def __mount_callback(self, option, opt, value, parser):
self.__mount = True
-@@ -172,6 +177,15 @@ class Sandbox:
+@@ -172,6 +177,15 @@
def __x_callback(self, option, opt, value, parser):
self.__mount = True
setattr(parser.values, option.dest, True)
@@ -1974,7 +1879,7 @@ diff -up policycoreutils-2.0.83/sandbox/sandbox.rhat policycoreutils-2.0.83/sand
def __validdir(self, option, opt, value, parser):
if not os.path.isdir(value):
-@@ -194,6 +208,8 @@ class Sandbox:
+@@ -194,6 +208,8 @@
self.__include(option, opt, i[:-1], parser)
except IOError, e:
sys.stderr.write(str(e))
@@ -1983,7 +1888,7 @@ diff -up policycoreutils-2.0.83/sandbox/sandbox.rhat policycoreutils-2.0.83/sand
fd.close()
def __copyfiles(self):
-@@ -212,13 +228,15 @@ class Sandbox:
+@@ -212,13 +228,15 @@
/etc/gdm/Xsession
""")
else:
@@ -2001,7 +1906,7 @@ diff -up policycoreutils-2.0.83/sandbox/sandbox.rhat policycoreutils-2.0.83/sand
kill -TERM $WM_PID 2> /dev/null
""" % (command, wm, command))
fd.close()
-@@ -230,9 +248,9 @@ kill -TERM $WM_PID 2> /dev/null
+@@ -230,9 +248,9 @@
def __parse_options(self):
from optparse import OptionParser
usage = _("""
@@ -2013,7 +1918,7 @@ diff -up policycoreutils-2.0.83/sandbox/sandbox.rhat policycoreutils-2.0.83/sand
""")
parser = OptionParser(version=self.VERSION, usage=usage)
-@@ -268,6 +286,10 @@ sandbox [-h] [-[X|M] [-l level ] [-H hom
+@@ -268,6 +286,10 @@
action="callback", callback=self.__validdir,
help=_("alternate /tmp directory to use for mounting"))
@@ -2024,7 +1929,7 @@ diff -up policycoreutils-2.0.83/sandbox/sandbox.rhat policycoreutils-2.0.83/sand
parser.add_option("-W", "--windowmanager", dest="wm",
type="string",
default="/usr/bin/matchbox-window-manager -use_titlebar no",
-@@ -276,13 +298,17 @@ sandbox [-h] [-[X|M] [-l level ] [-H hom
+@@ -276,13 +298,17 @@
parser.add_option("-l", "--level", dest="level",
help=_("MCS/MLS level for the sandbox"))
@@ -2043,7 +1948,7 @@ diff -up policycoreutils-2.0.83/sandbox/sandbox.rhat policycoreutils-2.0.83/sand
if self.__options.setype:
self.setype = self.__options.setype
-@@ -299,6 +325,9 @@ sandbox [-h] [-[X|M] [-l level ] [-H hom
+@@ -299,6 +325,9 @@
self.__options.X_ind = True
self.__homedir = self.__options.homedir
self.__tmpdir = self.__options.tmpdir
@@ -2053,7 +1958,7 @@ diff -up policycoreutils-2.0.83/sandbox/sandbox.rhat policycoreutils-2.0.83/sand
else:
if len(cmds) == 0:
self.usage(_("Command required"))
-@@ -351,22 +380,24 @@ sandbox [-h] [-[X|M] [-l level ] [-H hom
+@@ -351,22 +380,24 @@
def __execute(self):
try:
@@ -2093,8 +1998,148 @@ diff -up policycoreutils-2.0.83/sandbox/sandbox.rhat policycoreutils-2.0.83/sand
selinux.setexeccon(self.__execcon)
rc = subprocess.Popen(self.__cmds).wait()
-diff -up policycoreutils-2.0.83/sandbox/sandboxX.sh.rhat policycoreutils-2.0.83/sandbox/sandboxX.sh
---- policycoreutils-2.0.83/sandbox/sandboxX.sh.rhat 2010-06-16 08:04:12.000000000 -0400
+diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/sandbox.8 policycoreutils-2.0.83/sandbox/sandbox.8
+--- nsapolicycoreutils/sandbox/sandbox.8 2010-06-16 08:03:38.000000000 -0400
++++ policycoreutils-2.0.83/sandbox/sandbox.8 2010-10-25 17:11:18.000000000 -0400
+@@ -1,10 +1,13 @@
+-.TH SANDBOX "8" "May 2009" "chcat" "User Commands"
++.TH SANDBOX "8" "May 2010" "sandbox" "User Commands"
+ .SH NAME
+ sandbox \- Run cmd under an SELinux sandbox
+ .SH SYNOPSIS
+ .B sandbox
+-[-l level ] [[-M | -X] -H homedir -T tempdir ] [-I includefile ] [ -W windowmanager ] [[-i file ]...] [ -t type ] cmd
+-[-l level ] [[-M | -X] -H homedir -T tempdir ] [-I includefile ] [ -W windowmanager ] [[-i file ]...] [ -t type ] -S
++[-l level ] [[-M | -X] -H homedir -T tempdir ] [-I includefile ] [ -W windowmanager ] [ -w windowsize ] [[-i file ]...] [ -t type ] cmd
++
++.br
++.B sandbox
++[-l level ] [[-M | -X] -H homedir -T tempdir ] [-I includefile ] [ -W windowmanager ] [ -w windowsize ] [[-i file ]...] [ -t type ] -S
+ .br
+ .SH DESCRIPTION
+ .PP
+@@ -42,6 +45,12 @@
+ \fB\-T\ tmpdir
+ Use alternate tempory directory to mount on /tmp. Defaults to tmpfs. Requires -X or -M.
+ .TP
++\fB\-S
++Run a full desktop session, Requires level, and home and tmpdir.
++.TP
++\fB\-w windowsize\fR
++Specifies the windowsize when creating an X based Sandbox. The default windowsize is 1000x700.
++.TP
+ \fB\-W windowmanager\fR
+ Select alternative window manager to run within
+ .B sandbox -X.
+@@ -50,8 +59,17 @@
+ \fB\-X\fR
+ Create an X based Sandbox for gui apps, temporary files for
+ $HOME and /tmp, secondary Xserver, defaults to sandbox_x_t
++.TP
++\fB\-C\fR
++Use control groups to control this copy of sandbox. Specify parameters in /etc/sysconfig/sandbox. Max memory usage and cpu usage are to be specified in percent. You can specify which CPUs to use by numbering them 0,1,2... etc.
+ .PP
+ .SH "SEE ALSO"
+ .TP
+-runcon(1)
++runcon(1), seunshare(8), selinux(8)
+ .PP
++
++.SH AUTHOR
++This manual page was written by
++.I Dan Walsh <dwalsh at redhat.com>
++and
++.I Thomas Liu <tliu at fedoraproject.org>
+diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/sandbox.conf policycoreutils-2.0.83/sandbox/sandbox.conf
+--- nsapolicycoreutils/sandbox/sandbox.conf 1969-12-31 19:00:00.000000000 -0500
++++ policycoreutils-2.0.83/sandbox/sandbox.conf 2010-10-25 17:11:18.000000000 -0400
+@@ -0,0 +1,7 @@
++# Space separate list of homedirs
++HOMEDIRS="/home"
++# Control group configuration
++NAME=sandbox
++CPUAFFINITY=ALL
++MEMUSAGE=80%
++CPUUSAGE=80%
+diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/sandbox.conf.5 policycoreutils-2.0.83/sandbox/sandbox.conf.5
+--- nsapolicycoreutils/sandbox/sandbox.conf.5 1969-12-31 19:00:00.000000000 -0500
++++ policycoreutils-2.0.83/sandbox/sandbox.conf.5 2010-10-25 17:11:18.000000000 -0400
+@@ -0,0 +1,40 @@
++.TH sandbox.conf "5" "June 2010" "sandbox.conf" "Linux System Administration"
++.SH NAME
++sandbox.conf \- user config file for the SELinux sandbox
++.SH DESCRIPTION
++.PP
++When running sandbox with the -C argument, it will be confined using control groups and a system administrator can specify how the sandbox is confined.
++
++.PP
++Everything after "#" is ignored, as are empty lines. All arguments should be separated by and equals sign ("=").
++
++.PP
++These keywords are allowed.
++
++.RS
++.TP
++.B NAME
++The name of the sandbox control group. Default is "sandbox".
++
++.TP
++.B CPUAFFINITY
++Which cpus to assign sandbox to. The default is ALL, but users can specify a comma-separated list with dashes ("-") to represent ranges. Ex: 0-2,5
++
++.TP
++.B MEMUSAGE
++How much memory to allow sandbox to use. The default is 80%. Users can specify either a percentage or a value in the form of a number followed by one of the suffixes K, M, G to denote kilobytes, megabytes or gigabytes respectively. Ex: 50% or 100M
++
++.TP
++.B CPUUSAGE
++Percentage of cpu sandbox should be allowed to use. The default is 80%. Specify a value followed by a percent sign ("%"). Ex: 50%
++
++
++
++.SH "SEE ALSO"
++.TP
++sandbox(8)
++.PP
++
++.SH AUTHOR
++This manual page was written by
++.I Thomas Liu <tliu at fedoraproject.org>
+diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/sandbox.config policycoreutils-2.0.83/sandbox/sandbox.config
+--- nsapolicycoreutils/sandbox/sandbox.config 2010-06-16 08:03:38.000000000 -0400
++++ policycoreutils-2.0.83/sandbox/sandbox.config 1969-12-31 19:00:00.000000000 -0500
+@@ -1,2 +0,0 @@
+-# Space separate list of homedirs
+-HOMEDIRS="/home"
+diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/sandbox.init policycoreutils-2.0.83/sandbox/sandbox.init
+--- nsapolicycoreutils/sandbox/sandbox.init 2010-06-16 08:03:38.000000000 -0400
++++ policycoreutils-2.0.83/sandbox/sandbox.init 2010-10-25 17:11:18.000000000 -0400
+@@ -10,17 +10,12 @@
+ #
+ # chkconfig: 345 1 99
+ #
+-# Description: sandbox and other apps that want to use pam_namespace
+-# on /var/tmp, /tmp and home directories, requires this script
+-# to be run at boot time.
+-# This script sets up the / mount point and all of its
+-# subdirectories as shared. The script sets up
+-# /tmp, /var/tmp, /home and any homedirs listed in
+-# /etc/sysconfig/sandbox and all of their subdirectories
+-# as unshared.
+-# All processes that use pam_namespace will see
+-# modifications to the global mountspace, except for the
+-# unshared directories.
++# description: sandbox, xguest and other apps that want to use pam_namespace \
++# require this script be run at boot. This service script does \
++# not actually run any service but sets up: \
++# /var/tmp, /tmp and home directories to be used by these tools.\
++# If you do not use sandbox, xguest or pam_namespace you can turn \
++# this service off.\
+ #
+
+ # Source function library.
+diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/sandboxX.sh policycoreutils-2.0.83/sandbox/sandboxX.sh
+--- nsapolicycoreutils/sandbox/sandboxX.sh 2010-06-16 08:03:38.000000000 -0400
+++ policycoreutils-2.0.83/sandbox/sandboxX.sh 2010-10-25 17:11:18.000000000 -0400
@@ -1,13 +1,26 @@
#!/bin/bash
@@ -2126,8 +2171,8 @@ diff -up policycoreutils-2.0.83/sandbox/sandboxX.sh.rhat policycoreutils-2.0.83/
export EXITCODE=$?
kill -HUP 0
break
-diff -up policycoreutils-2.0.83/sandbox/seunshare.8.rhat policycoreutils-2.0.83/sandbox/seunshare.8
---- policycoreutils-2.0.83/sandbox/seunshare.8.rhat 2010-10-25 17:11:18.000000000 -0400
+diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/seunshare.8 policycoreutils-2.0.83/sandbox/seunshare.8
+--- nsapolicycoreutils/sandbox/seunshare.8 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.83/sandbox/seunshare.8 2010-10-25 17:11:18.000000000 -0400
@@ -0,0 +1,37 @@
+.TH SEUNSHARE "8" "May 2010" "seunshare" "User Commands"
@@ -2167,8 +2212,8 @@ diff -up policycoreutils-2.0.83/sandbox/seunshare.8.rhat policycoreutils-2.0.83/
+.I Dan Walsh <dwalsh at redhat.com>
+and
+.I Thomas Liu <tliu at fedoraproject.org>
-diff -up policycoreutils-2.0.83/sandbox/seunshare.c.rhat policycoreutils-2.0.83/sandbox/seunshare.c
---- policycoreutils-2.0.83/sandbox/seunshare.c.rhat 2010-06-16 08:04:12.000000000 -0400
+diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/seunshare.c policycoreutils-2.0.83/sandbox/seunshare.c
+--- nsapolicycoreutils/sandbox/seunshare.c 2010-06-16 08:03:38.000000000 -0400
+++ policycoreutils-2.0.83/sandbox/seunshare.c 2010-10-25 17:11:18.000000000 -0400
@@ -1,13 +1,21 @@
+/*
@@ -2222,7 +2267,7 @@ diff -up policycoreutils-2.0.83/sandbox/seunshare.c.rhat policycoreutils-2.0.83/
/**
* This function will drop all capabilities
* Returns zero on success, non-zero otherwise
-@@ -134,42 +145,98 @@ static int verify_shell(const char *shel
+@@ -134,42 +145,98 @@
static int seunshare_mount(const char *src, const char *dst, struct passwd *pwd) {
if (verbose)
printf("Mount %s on %s\n", src, dst);
@@ -2326,7 +2371,7 @@ diff -up policycoreutils-2.0.83/sandbox/seunshare.c.rhat policycoreutils-2.0.83/
{NULL, 0, 0, 0}
};
-@@ -180,6 +247,12 @@ int main(int argc, char **argv) {
+@@ -180,6 +247,12 @@
return -1;
}
@@ -2339,7 +2384,7 @@ diff -up policycoreutils-2.0.83/sandbox/seunshare.c.rhat policycoreutils-2.0.83/
struct passwd *pwd=getpwuid(uid);
if (!pwd) {
perror(_("getpwduid failed"));
-@@ -192,30 +265,30 @@ int main(int argc, char **argv) {
+@@ -192,30 +265,30 @@
}
while (1) {
@@ -2379,7 +2424,7 @@ diff -up policycoreutils-2.0.83/sandbox/seunshare.c.rhat policycoreutils-2.0.83/
default:
fprintf(stderr, "%s\n", USAGE_STRING);
return -1;
-@@ -223,21 +296,179 @@ int main(int argc, char **argv) {
+@@ -223,21 +296,179 @@
}
if (! homedir_s && ! tmpdir_s) {
@@ -2565,7 +2610,7 @@ diff -up policycoreutils-2.0.83/sandbox/seunshare.c.rhat policycoreutils-2.0.83/
if (unshare(CLONE_NEWNS) < 0) {
perror(_("Failed to unshare"));
-@@ -286,11 +517,13 @@ int main(int argc, char **argv) {
+@@ -286,11 +517,13 @@
exit(-1);
}
@@ -2584,7 +2629,7 @@ diff -up policycoreutils-2.0.83/sandbox/seunshare.c.rhat policycoreutils-2.0.83/
}
if (display)
-@@ -305,17 +538,14 @@ int main(int argc, char **argv) {
+@@ -305,17 +538,14 @@
perror(_("Failed to change dir to homedir"));
exit(-1);
}
@@ -2603,8 +2648,8 @@ diff -up policycoreutils-2.0.83/sandbox/seunshare.c.rhat policycoreutils-2.0.83/
-
return status;
}
-diff -up policycoreutils-2.0.83/scripts/chcat.rhat policycoreutils-2.0.83/scripts/chcat
---- policycoreutils-2.0.83/scripts/chcat.rhat 2010-06-16 08:04:12.000000000 -0400
+diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/chcat policycoreutils-2.0.83/scripts/chcat
+--- nsapolicycoreutils/scripts/chcat 2010-05-19 14:45:51.000000000 -0400
+++ policycoreutils-2.0.83/scripts/chcat 2010-10-25 17:11:18.000000000 -0400
@@ -1,4 +1,4 @@
-#! /usr/bin/python -E
@@ -2612,9 +2657,9 @@ diff -up policycoreutils-2.0.83/scripts/chcat.rhat policycoreutils-2.0.83/script
# Copyright (C) 2005 Red Hat
# see file 'COPYING' for use and warranty information
#
-diff -up policycoreutils-2.0.83/scripts/fixfiles.rhat policycoreutils-2.0.83/scripts/fixfiles
---- policycoreutils-2.0.83/scripts/fixfiles.rhat 2010-06-16 08:04:12.000000000 -0400
-+++ policycoreutils-2.0.83/scripts/fixfiles 2010-10-25 17:11:18.000000000 -0400
+diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/fixfiles policycoreutils-2.0.83/scripts/fixfiles
+--- nsapolicycoreutils/scripts/fixfiles 2010-05-19 14:45:51.000000000 -0400
++++ policycoreutils-2.0.83/scripts/fixfiles 2010-10-28 13:24:24.000000000 -0400
@@ -21,6 +21,17 @@
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
@@ -2633,7 +2678,7 @@ diff -up policycoreutils-2.0.83/scripts/fixfiles.rhat policycoreutils-2.0.83/scr
# Set global Variables
#
fullFlag=0
-@@ -35,9 +46,7 @@ SYSLOGFLAG="-l"
+@@ -35,9 +46,7 @@
LOGGER=/usr/sbin/logger
SETFILES=/sbin/setfiles
RESTORECON=/sbin/restorecon
@@ -2644,7 +2689,7 @@ diff -up policycoreutils-2.0.83/scripts/fixfiles.rhat policycoreutils-2.0.83/scr
SELINUXTYPE="targeted"
if [ -e /etc/selinux/config ]; then
. /etc/selinux/config
-@@ -87,23 +96,10 @@ if [ -f ${PREFC} -a -x /usr/bin/diff ];
+@@ -87,23 +96,10 @@
esac; \
fi; \
done | \
@@ -2653,7 +2698,7 @@ diff -up policycoreutils-2.0.83/scripts/fixfiles.rhat policycoreutils-2.0.83/scr
- \( -wholename /home -o -wholename /root -o -wholename /tmp -wholename /dev \) -prune -o -print0"; \
- done 2> /dev/null | \
- ${RESTORECON} $* -0 -f -
-+ ${RESTORECON} -f - -R -p -e /home -e /tmp -r /dev; \
++ ${RESTORECON} -f - -R -p -e /var/lib/BackupPC -e /home -e /tmp -r /dev; \
rm -f ${TEMPFILE} ${PREFCTEMPFILE}
fi
}
@@ -2669,7 +2714,7 @@ diff -up policycoreutils-2.0.83/scripts/fixfiles.rhat policycoreutils-2.0.83/scr
rpmlist() {
rpm -q --qf '[%{FILESTATES} %{FILENAMES}\n]' "$1" | grep '^0 ' | cut -f2- -d ' '
-@@ -121,23 +117,16 @@ if [ ! -z "$PREFC" ]; then
+@@ -121,23 +117,16 @@
fi
if [ ! -z "$RPMFILES" ]; then
for i in `echo "$RPMFILES" | sed 's/,/ /g'`; do
@@ -2696,7 +2741,7 @@ diff -up policycoreutils-2.0.83/scripts/fixfiles.rhat policycoreutils-2.0.83/scr
rm -rf /tmp/gconfd-* /tmp/pulse-* /tmp/orbit-*
find /tmp \( -context "*:file_t*" -o -context "*:unlabeled_t*" \) -exec chcon -t tmp_t {} \;
find /var/tmp \( -context "*:file_t*" -o -context "*:unlabeled_t*" \) -exec chcon -t tmp_t {} \;
-@@ -146,8 +135,7 @@ exit $?
+@@ -146,8 +135,7 @@
fullrelabel() {
logit "Cleaning out /tmp"
@@ -2706,8 +2751,8 @@ diff -up policycoreutils-2.0.83/scripts/fixfiles.rhat policycoreutils-2.0.83/scr
restore
}
-diff -up policycoreutils-2.0.83/scripts/genhomedircon.8.rhat policycoreutils-2.0.83/scripts/genhomedircon.8
---- policycoreutils-2.0.83/scripts/genhomedircon.8.rhat 2010-10-25 17:11:18.000000000 -0400
+diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/genhomedircon.8 policycoreutils-2.0.83/scripts/genhomedircon.8
+--- nsapolicycoreutils/scripts/genhomedircon.8 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.83/scripts/genhomedircon.8 2010-10-25 17:11:18.000000000 -0400
@@ -0,0 +1,37 @@
+.\" Hey, Emacs! This is an -*- nroff -*- source file.
@@ -2747,10 +2792,10 @@ diff -up policycoreutils-2.0.83/scripts/genhomedircon.8.rhat policycoreutils-2.0
+.SH AUTHOR
+This manual page was written by
+.I Dan Walsh <dwalsh at redhat.com>
-diff -up policycoreutils-2.0.83/scripts/Makefile.rhat policycoreutils-2.0.83/scripts/Makefile
---- policycoreutils-2.0.83/scripts/Makefile.rhat 2010-06-16 08:04:12.000000000 -0400
+diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/Makefile policycoreutils-2.0.83/scripts/Makefile
+--- nsapolicycoreutils/scripts/Makefile 2010-05-19 14:45:51.000000000 -0400
+++ policycoreutils-2.0.83/scripts/Makefile 2010-10-25 17:11:18.000000000 -0400
-@@ -14,6 +14,7 @@ install: all
+@@ -14,6 +14,7 @@
install -m 755 genhomedircon $(SBINDIR)
-mkdir -p $(MANDIR)/man8
install -m 644 fixfiles.8 $(MANDIR)/man8/
@@ -2758,8 +2803,8 @@ diff -up policycoreutils-2.0.83/scripts/Makefile.rhat policycoreutils-2.0.83/scr
install -m 644 chcat.8 $(MANDIR)/man8/
clean:
-diff -up policycoreutils-2.0.83/scripts/severify.py.rhat policycoreutils-2.0.83/scripts/severify.py
---- policycoreutils-2.0.83/scripts/severify.py.rhat 2010-10-25 17:11:18.000000000 -0400
+diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/severify.py policycoreutils-2.0.83/scripts/severify.py
+--- nsapolicycoreutils/scripts/severify.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.83/scripts/severify.py 2010-10-25 17:11:18.000000000 -0400
@@ -0,0 +1,21 @@
+#! /usr/bin/python -Es
@@ -2783,8 +2828,8 @@ diff -up policycoreutils-2.0.83/scripts/severify.py.rhat policycoreutils-2.0.83/
+#setools.sesearch([ setools.ALLOW ], { setools.SCONTEXT:"rwho_t", setools.TCONTEXT:"rwho_spool_t" } )
+#mod.enable("zebra")
+
-diff -up policycoreutils-2.0.83/semanage/default_encoding/default_encoding.c.rhat policycoreutils-2.0.83/semanage/default_encoding/default_encoding.c
---- policycoreutils-2.0.83/semanage/default_encoding/default_encoding.c.rhat 2010-10-25 17:11:18.000000000 -0400
+diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/default_encoding/default_encoding.c policycoreutils-2.0.83/semanage/default_encoding/default_encoding.c
+--- nsapolicycoreutils/semanage/default_encoding/default_encoding.c 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.83/semanage/default_encoding/default_encoding.c 2010-10-25 17:11:18.000000000 -0400
@@ -0,0 +1,59 @@
+/*
@@ -2846,8 +2891,8 @@ diff -up policycoreutils-2.0.83/semanage/default_encoding/default_encoding.c.rha
+ PyUnicode_SetDefaultEncoding("utf-8");
+ m = Py_InitModule3("default_encoding_utf8", methods, "Forces the default encoding to utf-8");
+}
-diff -up policycoreutils-2.0.83/semanage/default_encoding/Makefile.rhat policycoreutils-2.0.83/semanage/default_encoding/Makefile
---- policycoreutils-2.0.83/semanage/default_encoding/Makefile.rhat 2010-10-25 17:11:18.000000000 -0400
+diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/default_encoding/Makefile policycoreutils-2.0.83/semanage/default_encoding/Makefile
+--- nsapolicycoreutils/semanage/default_encoding/Makefile 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.83/semanage/default_encoding/Makefile 2010-10-25 17:11:18.000000000 -0400
@@ -0,0 +1,8 @@
+all:
@@ -2858,8 +2903,8 @@ diff -up policycoreutils-2.0.83/semanage/default_encoding/Makefile.rhat policyco
+
+clean:
+ rm -rf build *~
-diff -up policycoreutils-2.0.83/semanage/default_encoding/policycoreutils/__init__.py.rhat policycoreutils-2.0.83/semanage/default_encoding/policycoreutils/__init__.py
---- policycoreutils-2.0.83/semanage/default_encoding/policycoreutils/__init__.py.rhat 2010-10-25 17:11:18.000000000 -0400
+diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/default_encoding/policycoreutils/__init__.py policycoreutils-2.0.83/semanage/default_encoding/policycoreutils/__init__.py
+--- nsapolicycoreutils/semanage/default_encoding/policycoreutils/__init__.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.83/semanage/default_encoding/policycoreutils/__init__.py 2010-10-25 17:11:18.000000000 -0400
@@ -0,0 +1,17 @@
+#
@@ -2879,8 +2924,8 @@ diff -up policycoreutils-2.0.83/semanage/default_encoding/policycoreutils/__init
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+#
-diff -up policycoreutils-2.0.83/semanage/default_encoding/setup.py.rhat policycoreutils-2.0.83/semanage/default_encoding/setup.py
---- policycoreutils-2.0.83/semanage/default_encoding/setup.py.rhat 2010-10-25 17:11:18.000000000 -0400
+diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/default_encoding/setup.py policycoreutils-2.0.83/semanage/default_encoding/setup.py
+--- nsapolicycoreutils/semanage/default_encoding/setup.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.83/semanage/default_encoding/setup.py 2010-10-25 17:11:18.000000000 -0400
@@ -0,0 +1,38 @@
+# Authors:
@@ -2912,226 +2957,17 @@ diff -up policycoreutils-2.0.83/semanage/default_encoding/setup.py.rhat policyco
+ long_description = 'Forces the default encoding in Python to be utf-8',
+ author = 'John Dennis',
+ author_email = 'jdennis at redhat.com',
-+ maintainer = 'John Dennis',
-+ maintainer_email = 'jdennis at redhat.com',
-+ license = 'GPLv3+',
-+ platforms = 'posix',
-+ url = '',
-+ download_url = '',
-+ ext_modules = [default_encoding_utf8],
-+ packages=["policycoreutils"],
-+)
-diff -up policycoreutils-2.0.83/semanage/semanage.8.rhat policycoreutils-2.0.83/semanage/semanage.8
---- policycoreutils-2.0.83/semanage/semanage.8.rhat 2010-06-16 08:04:12.000000000 -0400
-+++ policycoreutils-2.0.83/semanage/semanage.8 2010-10-25 17:11:18.000000000 -0400
-@@ -1,29 +1,69 @@
--.TH "semanage" "8" "2005111103" "" ""
-+.TH "semanage" "8" "20100223" "" ""
- .SH "NAME"
- semanage \- SELinux Policy Management tool
-
- .SH "SYNOPSIS"
--.B semanage {boolean|login|user|port|interface|node|fcontext} \-{l|D} [\-n] [\-S store]
-+Output local customizations
- .br
--.B semanage boolean \-{d|m} [\-\-on|\-\-off|\-1|\-0] -F boolean | boolean_file
-+.B semanage [ -S store ] -o [ output_file | - ]
-+
-+Input local customizations
- .br
--.B semanage login \-{a|d|m} [\-sr] login_name | %groupname
-+.B semanage [ -S store ] -i [ input_file | - ]
-+
-+Manage booleans. Booleans allow the administrator to modify the confinement of
-+processes based on his configuration.
- .br
--.B semanage user \-{a|d|m} [\-LrRP] selinux_name
-+.B semanage boolean [\-S store] \-{d|m|l|n|D} \-[\-on|\-off|\1|0] -F boolean | boolean_file
-+
-+Manage SELinux confined users (Roles and levels for an SELinux user)
-+.br
-+.B semanage user [\-S store] \-{a|d|m|l|n|D} [\-LrRP] selinux_name
-+
-+Manage login mappings between linux users and SELinux confined users.
-+.br
-+.B semanage login [\-S store] \-{a|d|m|l|n|D} [\-sr] login_name | %groupname
-+
-+Manage policy modules.
-+.br
-+.B semanage module [\-S store] \-{a|d|l} [-m [--enable | --disable] ] module_name
-+
-+Manage network port type definitions
-+.br
-+.B semanage port [\-S store] \-{a|d|m|l|n|D} [\-tr] [\-p proto] port | port_range
-+.br
-+
-+Manage network interface type definitions
-+.br
-+.B semanage interface [\-S store] \-{a|d|m|l|n|D} [\-tr] interface_spec
-+
-+Manage network node type definitions
-+.br
-+.B semanage node [\-S store] -{a|d|m|l|n|D} [-tr] [ -p protocol ] [-M netmask] address
-+.br
-+
-+Manage file context mapping definitions
- .br
--.B semanage port \-{a|d|m} [\-tr] [\-p proto] port | port_range
-+.B semanage fcontext [\-S store] \-{a|d|m|l|n|D} [\-frst] file_spec
- .br
--.B semanage interface \-{a|d|m} [\-tr] interface_spec
-+.B semanage fcontext [\-S store] \-{a|d|m|l|n|D} \-e replacement target
- .br
--.B semanage node -{a|d|m} [-tr] [ -p protocol ] [-M netmask] address
-+
-+Manage processes type enforcement mode
- .br
--.B semanage fcontext \-{a|d|m} [\-frst] file_spec
-+.B semanage permissive [\-S store] \-{a|d|l|n|D} type
- .br
--.B semanage permissive \-{a|d} type
-+
-+Disable/Enable dontaudit rules in policy
- .br
--.B semanage dontaudit [ on | off ]
-+.B semanage dontaudit [\-S store] [ on | off ]
- .P
-
-+Execute multiple commands within a single transaction.
-+.br
-+.B semanage [\-S store] \-i command-file
-+.br
-+
- .SH "DESCRIPTION"
- semanage is used to configure certain elements of
- SELinux policy without requiring modification to or recompilation
-@@ -52,6 +92,22 @@ Delete a OBJECT record NAME
- .I \-D, \-\-deleteall
- Remove all OBJECTS local customizations
- .TP
-+.I \-\-disable
-+Disable a policy module, requires -m option
-+
-+Currently modules only.
-+.TP
-+.I \-\-enable
-+Enable a disabled policy module, requires -m option
-+
-+Currently modules only.
-+.TP
-+.I \-e, \-\-equal
-+Substitute target path with sourcepath when generating default label. This is used with
-+fcontext. Requires source and target path arguments. The context
-+labeling for the target subtree is made equivalent to that
-+defined for the source.
-+.TP
- .I \-f, \-\-ftype
- File Type. This is used with fcontext.
- Requires a file type as shown in the mode field by ls, e.g. use -d to match only directories or -- to match only regular files.
-@@ -60,6 +116,7 @@ Requires a file type as shown in the mod
- Set multiple records from the input file. When used with the \-l \-\-list, it will output the current settings to stdout in the proper format.
-
- Currently booleans only.
-+
- .TP
- .I \-h, \-\-help
- display this message
-@@ -76,6 +133,9 @@ Default SELinux Level for SELinux use, s
- .I \-m, \-\-modify
- Modify a OBJECT record NAME
- .TP
-+.I \-M, \-\-mask
-+Network Mask
-+.TP
- .I \-n, \-\-noheading
- Do not print heading when listing OBJECTS.
- .TP
-@@ -99,26 +159,67 @@ Select and alternate SELinux store to ma
- .TP
- .I \-t, \-\-type
- SELinux Type for the object
-+.TP
-+.I \-i, \-\-input
-+Take a set of commands from a specified file and load them in a single
-+transaction.
-
- .SH EXAMPLE
- .nf
--# View SELinux user mappings
--$ semanage user -l
--# Allow joe to login as staff_u
--$ semanage login -a -s staff_u joe
--# Allow the group clerks to login as user_u
--$ semanage login -a -s user_u %clerks
--# Add file-context for everything under /web (used by restorecon)
--$ semanage fcontext -a -t httpd_sys_content_t "/web(/.*)?"
--# Allow Apache to listen on port 81
--$ semanage port -a -t http_port_t -p tcp 81
--# Change apache to a permissive domain
--$ semanage permissive -a httpd_t
--# Turn off dontaudit rules
--$ semanage dontaudit off
-+.B SELinux user
-+List SELinux users
-+# semanage user -l
-+
-+.B SELinux login
-+Change joe to login as staff_u
-+# semanage login -a -s staff_u joe
-+Change the group clerks to login as user_u
-+# semanage login -a -s user_u %clerks
-+
-+.B File contexts
-+.i remember to run restorecon after you set the file context
-+Add file-context for everything under /web
-+# semanage fcontext -a -t httpd_sys_content_t "/web(/.*)?"
-+# restorecon -R -v /web
-+
-+Substitute /home1 with /home when setting file context
-+# semanage fcontext -a -e /home /home1
-+# restorecon -R -v /home1
-+
-+For home directories under top level directory, for example /disk6/home,
-+execute the following commands.
-+# semanage fcontext -a -t home_root_t "/disk6"
-+# semanage fcontext -a -e /home /disk6/home
-+# restorecon -R -v /disk6
-+
-+.B Port contexts
-+Allow Apache to listen on tcp port 81
-+# semanage port -a -t http_port_t -p tcp 81
-+
-+.B Change apache to a permissive domain
-+# semanage permissive -a httpd_t
-+
-+.B Turn off dontaudit rules
-+# semanage dontaudit off
-+
-+.B Managing multiple machines
-+Multiple machines that need the same customizations.
-+Extract customizations off first machine, copy them
-+to second and import them.
-+
-+# semanage -o /tmp/local.selinux
-+# scp /tmp/local.selinux secondmachine:/tmp
-+# ssh secondmachine
-+# semanage -i /tmp/local.selinux
-+
-+If these customizations include file context, you need to apply the
-+context using restorecon.
-+
- .fi
-
- .SH "AUTHOR"
--This man page was written by Daniel Walsh <dwalsh at redhat.com> and
--Russell Coker <rcoker at redhat.com>.
-+This man page was written by Daniel Walsh <dwalsh at redhat.com>
-+.br
-+and Russell Coker <rcoker at redhat.com>.
-+.br
- Examples by Thomas Bleher <ThomasBleher at gmx.de>.
-diff -up policycoreutils-2.0.83/semanage/semanage.rhat policycoreutils-2.0.83/semanage/semanage
---- policycoreutils-2.0.83/semanage/semanage.rhat 2010-06-16 08:04:12.000000000 -0400
++ maintainer = 'John Dennis',
++ maintainer_email = 'jdennis at redhat.com',
++ license = 'GPLv3+',
++ platforms = 'posix',
++ url = '',
++ download_url = '',
++ ext_modules = [default_encoding_utf8],
++ packages=["policycoreutils"],
++)
+diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/semanage policycoreutils-2.0.83/semanage/semanage
+--- nsapolicycoreutils/semanage/semanage 2010-05-19 14:45:51.000000000 -0400
+++ policycoreutils-2.0.83/semanage/semanage 2010-10-25 17:11:18.000000000 -0400
@@ -1,4 +1,4 @@
-#! /usr/bin/python -E
@@ -3147,7 +2983,7 @@ diff -up policycoreutils-2.0.83/semanage/semanage.rhat policycoreutils-2.0.83/se
import sys, getopt, re
import seobject
import selinux
-@@ -32,27 +33,36 @@ gettext.textdomain(PROGNAME)
+@@ -32,27 +33,36 @@
try:
gettext.install(PROGNAME,
localedir="/usr/share/locale",
@@ -3189,7 +3025,7 @@ diff -up policycoreutils-2.0.83/semanage/semanage.rhat policycoreutils-2.0.83/se
semanage dontaudit [ on | off ]
Primary Options:
-@@ -61,7 +71,9 @@ Primary Options:
+@@ -61,7 +71,9 @@
-d, --delete Delete a OBJECT record NAME
-m, --modify Modify a OBJECT record NAME
-i, --input Input multiple semange commands in a transaction
@@ -3199,7 +3035,7 @@ diff -up policycoreutils-2.0.83/semanage/semanage.rhat policycoreutils-2.0.83/se
-C, --locallist List OBJECTS local customizations
-D, --deleteall Remove all OBJECTS local customizations
-@@ -84,12 +96,15 @@ Object-specific Options (see above):
+@@ -84,12 +96,15 @@
-F, --file Treat target as an input file for command, change multiple settings
-p, --proto Port protocol (tcp or udp) or internet protocol version of node (ipv4 or ipv6)
-M, --mask Netmask
@@ -3215,7 +3051,7 @@ diff -up policycoreutils-2.0.83/semanage/semanage.rhat policycoreutils-2.0.83/se
""")
raise ValueError("%s\n%s" % (text, message))
-@@ -101,7 +116,7 @@ Object-specific Options (see above):
+@@ -101,7 +116,7 @@
def get_options():
valid_option={}
@@ -3224,7 +3060,7 @@ diff -up policycoreutils-2.0.83/semanage/semanage.rhat policycoreutils-2.0.83/se
valid_option["login"] = []
valid_option["login"] += valid_everyone + [ '-s', '--seuser', '-r', '--range']
valid_option["user"] = []
-@@ -112,8 +127,10 @@ Object-specific Options (see above):
+@@ -112,8 +127,10 @@
valid_option["interface"] += valid_everyone + [ '-t', '--type', '-r', '--range']
valid_option["node"] = []
valid_option["node"] += valid_everyone + [ '-M', '--mask', '-t', '--type', '-r', '--range', '-p', '--protocol']
@@ -3236,7 +3072,7 @@ diff -up policycoreutils-2.0.83/semanage/semanage.rhat policycoreutils-2.0.83/se
valid_option["dontaudit"] = [ '-S', '--store' ]
valid_option["boolean"] = []
valid_option["boolean"] += valid_everyone + [ '--on', "--off", "-1", "-0", "-F", "--file"]
-@@ -168,6 +185,8 @@ Object-specific Options (see above):
+@@ -168,6 +185,8 @@
return ret
def process_args(argv):
@@ -3245,7 +3081,7 @@ diff -up policycoreutils-2.0.83/semanage/semanage.rhat policycoreutils-2.0.83/se
serange = ""
port = ""
proto = ""
-@@ -184,11 +203,17 @@ Object-specific Options (see above):
+@@ -184,11 +203,17 @@
modify = False
delete = False
deleteall = False
@@ -3263,7 +3099,7 @@ diff -up policycoreutils-2.0.83/semanage/semanage.rhat policycoreutils-2.0.83/se
object = argv[0]
option_dict=get_options()
if object not in option_dict.keys():
-@@ -197,10 +222,14 @@ Object-specific Options (see above):
+@@ -197,10 +222,14 @@
args = argv[1:]
gopts, cmds = getopt.getopt(args,
@@ -3279,7 +3115,7 @@ diff -up policycoreutils-2.0.83/semanage/semanage.rhat policycoreutils-2.0.83/se
'ftype=',
'file',
'help',
-@@ -225,29 +254,47 @@ Object-specific Options (see above):
+@@ -225,29 +254,47 @@
for o, a in gopts:
if o not in option_dict[object]:
sys.stderr.write(_("%s not valid for %s objects\n") % ( o, object) );
@@ -3334,7 +3170,7 @@ diff -up policycoreutils-2.0.83/semanage/semanage.rhat policycoreutils-2.0.83/se
if o == "-n" or o == "--noheading":
heading = False
-@@ -256,8 +303,7 @@ Object-specific Options (see above):
+@@ -256,8 +303,7 @@
locallist = True
if o == "-m"or o == "--modify":
@@ -3344,7 +3180,7 @@ diff -up policycoreutils-2.0.83/semanage/semanage.rhat policycoreutils-2.0.83/se
modify = True
if o == "-S" or o == '--store':
-@@ -292,8 +338,10 @@ Object-specific Options (see above):
+@@ -292,8 +338,10 @@
if o == "--on" or o == "-1":
value = "on"
@@ -3355,7 +3191,7 @@ diff -up policycoreutils-2.0.83/semanage/semanage.rhat policycoreutils-2.0.83/se
if object == "login":
OBJECT = seobject.loginRecords(store)
-@@ -315,6 +363,11 @@ Object-specific Options (see above):
+@@ -315,6 +363,11 @@
if object == "boolean":
OBJECT = seobject.booleanRecords(store)
@@ -3367,7 +3203,7 @@ diff -up policycoreutils-2.0.83/semanage/semanage.rhat policycoreutils-2.0.83/se
if object == "permissive":
OBJECT = seobject.permissiveRecords(store)
-@@ -330,65 +383,97 @@ Object-specific Options (see above):
+@@ -330,65 +383,97 @@
OBJECT.deleteall()
return
@@ -3477,7 +3313,7 @@ diff -up policycoreutils-2.0.83/semanage/semanage.rhat policycoreutils-2.0.83/se
if delete:
if object == "port":
OBJECT.delete(target, proto)
-@@ -401,15 +486,14 @@ Object-specific Options (see above):
+@@ -401,15 +486,14 @@
else:
OBJECT.delete(target)
@@ -3495,7 +3331,7 @@ diff -up policycoreutils-2.0.83/semanage/semanage.rhat policycoreutils-2.0.83/se
input = None
store = ""
-@@ -417,7 +501,7 @@ Object-specific Options (see above):
+@@ -417,7 +501,7 @@
usage(_("Requires 2 or more arguments"))
gopts, cmds = getopt.getopt(sys.argv[1:],
@@ -3504,7 +3340,7 @@ diff -up policycoreutils-2.0.83/semanage/semanage.rhat policycoreutils-2.0.83/se
['add',
'delete',
'deleteall',
-@@ -431,6 +515,7 @@ Object-specific Options (see above):
+@@ -431,6 +515,7 @@
'localist',
'off',
'on',
@@ -3512,7 +3348,7 @@ diff -up policycoreutils-2.0.83/semanage/semanage.rhat policycoreutils-2.0.83/se
'proto=',
'seuser=',
'store=',
-@@ -438,6 +523,7 @@ Object-specific Options (see above):
+@@ -438,6 +523,7 @@
'level=',
'roles=',
'type=',
@@ -3520,7 +3356,7 @@ diff -up policycoreutils-2.0.83/semanage/semanage.rhat policycoreutils-2.0.83/se
'prefix='
])
for o, a in gopts:
-@@ -445,6 +531,16 @@ Object-specific Options (see above):
+@@ -445,6 +531,16 @@
store = a
if o == "-i" or o == '--input':
input = a
@@ -3537,16 +3373,225 @@ diff -up policycoreutils-2.0.83/semanage/semanage.rhat policycoreutils-2.0.83/se
if input != None:
if input == "-":
-@@ -467,3 +563,5 @@ Object-specific Options (see above):
+@@ -467,3 +563,5 @@
errorExit(_("Invalid value %s") % error.args[0])
except IOError, error:
errorExit(error.args[1])
+ except OSError, error:
+ errorExit(error.args[1])
-diff -up policycoreutils-2.0.83/semanage/seobject.py.rhat policycoreutils-2.0.83/semanage/seobject.py
---- policycoreutils-2.0.83/semanage/seobject.py.rhat 2010-06-16 08:04:12.000000000 -0400
+diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/semanage.8 policycoreutils-2.0.83/semanage/semanage.8
+--- nsapolicycoreutils/semanage/semanage.8 2010-05-19 14:45:51.000000000 -0400
++++ policycoreutils-2.0.83/semanage/semanage.8 2010-10-25 17:11:18.000000000 -0400
+@@ -1,29 +1,69 @@
+-.TH "semanage" "8" "2005111103" "" ""
++.TH "semanage" "8" "20100223" "" ""
+ .SH "NAME"
+ semanage \- SELinux Policy Management tool
+
+ .SH "SYNOPSIS"
+-.B semanage {boolean|login|user|port|interface|node|fcontext} \-{l|D} [\-n] [\-S store]
++Output local customizations
+ .br
+-.B semanage boolean \-{d|m} [\-\-on|\-\-off|\-1|\-0] -F boolean | boolean_file
++.B semanage [ -S store ] -o [ output_file | - ]
++
++Input local customizations
+ .br
+-.B semanage login \-{a|d|m} [\-sr] login_name | %groupname
++.B semanage [ -S store ] -i [ input_file | - ]
++
++Manage booleans. Booleans allow the administrator to modify the confinement of
++processes based on his configuration.
+ .br
+-.B semanage user \-{a|d|m} [\-LrRP] selinux_name
++.B semanage boolean [\-S store] \-{d|m|l|n|D} \-[\-on|\-off|\1|0] -F boolean | boolean_file
++
++Manage SELinux confined users (Roles and levels for an SELinux user)
++.br
++.B semanage user [\-S store] \-{a|d|m|l|n|D} [\-LrRP] selinux_name
++
++Manage login mappings between linux users and SELinux confined users.
++.br
++.B semanage login [\-S store] \-{a|d|m|l|n|D} [\-sr] login_name | %groupname
++
++Manage policy modules.
++.br
++.B semanage module [\-S store] \-{a|d|l} [-m [--enable | --disable] ] module_name
++
++Manage network port type definitions
++.br
++.B semanage port [\-S store] \-{a|d|m|l|n|D} [\-tr] [\-p proto] port | port_range
++.br
++
++Manage network interface type definitions
++.br
++.B semanage interface [\-S store] \-{a|d|m|l|n|D} [\-tr] interface_spec
++
++Manage network node type definitions
++.br
++.B semanage node [\-S store] -{a|d|m|l|n|D} [-tr] [ -p protocol ] [-M netmask] address
++.br
++
++Manage file context mapping definitions
+ .br
+-.B semanage port \-{a|d|m} [\-tr] [\-p proto] port | port_range
++.B semanage fcontext [\-S store] \-{a|d|m|l|n|D} [\-frst] file_spec
+ .br
+-.B semanage interface \-{a|d|m} [\-tr] interface_spec
++.B semanage fcontext [\-S store] \-{a|d|m|l|n|D} \-e replacement target
+ .br
+-.B semanage node -{a|d|m} [-tr] [ -p protocol ] [-M netmask] address
++
++Manage processes type enforcement mode
+ .br
+-.B semanage fcontext \-{a|d|m} [\-frst] file_spec
++.B semanage permissive [\-S store] \-{a|d|l|n|D} type
+ .br
+-.B semanage permissive \-{a|d} type
++
++Disable/Enable dontaudit rules in policy
+ .br
+-.B semanage dontaudit [ on | off ]
++.B semanage dontaudit [\-S store] [ on | off ]
+ .P
+
++Execute multiple commands within a single transaction.
++.br
++.B semanage [\-S store] \-i command-file
++.br
++
+ .SH "DESCRIPTION"
+ semanage is used to configure certain elements of
+ SELinux policy without requiring modification to or recompilation
+@@ -52,6 +92,22 @@
+ .I \-D, \-\-deleteall
+ Remove all OBJECTS local customizations
+ .TP
++.I \-\-disable
++Disable a policy module, requires -m option
++
++Currently modules only.
++.TP
++.I \-\-enable
++Enable a disabled policy module, requires -m option
++
++Currently modules only.
++.TP
++.I \-e, \-\-equal
++Substitute target path with sourcepath when generating default label. This is used with
++fcontext. Requires source and target path arguments. The context
++labeling for the target subtree is made equivalent to that
++defined for the source.
++.TP
+ .I \-f, \-\-ftype
+ File Type. This is used with fcontext.
+ Requires a file type as shown in the mode field by ls, e.g. use -d to match only directories or -- to match only regular files.
+@@ -60,6 +116,7 @@
+ Set multiple records from the input file. When used with the \-l \-\-list, it will output the current settings to stdout in the proper format.
+
+ Currently booleans only.
++
+ .TP
+ .I \-h, \-\-help
+ display this message
+@@ -76,6 +133,9 @@
+ .I \-m, \-\-modify
+ Modify a OBJECT record NAME
+ .TP
++.I \-M, \-\-mask
++Network Mask
++.TP
+ .I \-n, \-\-noheading
+ Do not print heading when listing OBJECTS.
+ .TP
+@@ -99,26 +159,67 @@
+ .TP
+ .I \-t, \-\-type
+ SELinux Type for the object
++.TP
++.I \-i, \-\-input
++Take a set of commands from a specified file and load them in a single
++transaction.
+
+ .SH EXAMPLE
+ .nf
+-# View SELinux user mappings
+-$ semanage user -l
+-# Allow joe to login as staff_u
+-$ semanage login -a -s staff_u joe
+-# Allow the group clerks to login as user_u
+-$ semanage login -a -s user_u %clerks
+-# Add file-context for everything under /web (used by restorecon)
+-$ semanage fcontext -a -t httpd_sys_content_t "/web(/.*)?"
+-# Allow Apache to listen on port 81
+-$ semanage port -a -t http_port_t -p tcp 81
+-# Change apache to a permissive domain
+-$ semanage permissive -a httpd_t
+-# Turn off dontaudit rules
+-$ semanage dontaudit off
++.B SELinux user
++List SELinux users
++# semanage user -l
++
++.B SELinux login
++Change joe to login as staff_u
++# semanage login -a -s staff_u joe
++Change the group clerks to login as user_u
++# semanage login -a -s user_u %clerks
++
++.B File contexts
++.i remember to run restorecon after you set the file context
++Add file-context for everything under /web
++# semanage fcontext -a -t httpd_sys_content_t "/web(/.*)?"
++# restorecon -R -v /web
++
++Substitute /home1 with /home when setting file context
++# semanage fcontext -a -e /home /home1
++# restorecon -R -v /home1
++
++For home directories under top level directory, for example /disk6/home,
++execute the following commands.
++# semanage fcontext -a -t home_root_t "/disk6"
++# semanage fcontext -a -e /home /disk6/home
++# restorecon -R -v /disk6
++
++.B Port contexts
++Allow Apache to listen on tcp port 81
++# semanage port -a -t http_port_t -p tcp 81
++
++.B Change apache to a permissive domain
++# semanage permissive -a httpd_t
++
++.B Turn off dontaudit rules
++# semanage dontaudit off
++
++.B Managing multiple machines
++Multiple machines that need the same customizations.
++Extract customizations off first machine, copy them
++to second and import them.
++
++# semanage -o /tmp/local.selinux
++# scp /tmp/local.selinux secondmachine:/tmp
++# ssh secondmachine
++# semanage -i /tmp/local.selinux
++
++If these customizations include file context, you need to apply the
++context using restorecon.
++
+ .fi
+
+ .SH "AUTHOR"
+-This man page was written by Daniel Walsh <dwalsh at redhat.com> and
+-Russell Coker <rcoker at redhat.com>.
++This man page was written by Daniel Walsh <dwalsh at redhat.com>
++.br
++and Russell Coker <rcoker at redhat.com>.
++.br
+ Examples by Thomas Bleher <ThomasBleher at gmx.de>.
+diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/seobject.py policycoreutils-2.0.83/semanage/seobject.py
+--- nsapolicycoreutils/semanage/seobject.py 2010-05-19 14:45:51.000000000 -0400
+++ policycoreutils-2.0.83/semanage/seobject.py 2010-10-25 17:11:18.000000000 -0400
-@@ -29,47 +29,12 @@ import sepolgen.module as module
+@@ -29,47 +29,12 @@
import gettext
gettext.bindtextdomain(PROGNAME, "/usr/share/locale")
gettext.textdomain(PROGNAME)
@@ -3598,7 +3643,7 @@ diff -up policycoreutils-2.0.83/semanage/seobject.py.rhat policycoreutils-2.0.83
file_types = {}
file_types[""] = SEMANAGE_FCONTEXT_ALL;
-@@ -194,44 +159,153 @@ def untranslate(trans, prepend = 1):
+@@ -194,44 +159,153 @@
return trans
else:
return raw
@@ -3766,7 +3811,7 @@ diff -up policycoreutils-2.0.83/semanage/seobject.py.rhat policycoreutils-2.0.83
class dontauditClass(semanageRecords):
def __init__(self, store):
-@@ -259,14 +333,23 @@ class permissiveRecords(semanageRecords)
+@@ -259,14 +333,23 @@
name = semanage_module_get_name(mod)
if name and name.startswith("permissive_"):
l.append(name.split("permissive_")[1])
@@ -3794,7 +3839,7 @@ diff -up policycoreutils-2.0.83/semanage/seobject.py.rhat policycoreutils-2.0.83
def add(self, type):
import glob
-@@ -343,7 +426,9 @@ class loginRecords(semanageRecords):
+@@ -343,7 +426,9 @@
if rc < 0:
raise ValueError(_("Could not check if login mapping for %s is defined") % name)
if exists:
@@ -3805,7 +3850,7 @@ diff -up policycoreutils-2.0.83/semanage/seobject.py.rhat policycoreutils-2.0.83
if name[0] == '%':
try:
grp.getgrnam(name[1:])
-@@ -475,6 +560,16 @@ class loginRecords(semanageRecords):
+@@ -475,6 +560,16 @@
mylog.log(1, "delete SELinux user mapping", name);
@@ -3822,7 +3867,7 @@ diff -up policycoreutils-2.0.83/semanage/seobject.py.rhat policycoreutils-2.0.83
def get_all(self, locallist = 0):
ddict = {}
if locallist:
-@@ -489,6 +584,15 @@ class loginRecords(semanageRecords):
+@@ -489,6 +584,15 @@
ddict[name] = (semanage_seuser_get_sename(u), semanage_seuser_get_mlsrange(u))
return ddict
@@ -3838,7 +3883,7 @@ diff -up policycoreutils-2.0.83/semanage/seobject.py.rhat policycoreutils-2.0.83
def list(self,heading = 1, locallist = 0):
ddict = self.get_all(locallist)
keys = ddict.keys()
-@@ -531,7 +635,8 @@ class seluserRecords(semanageRecords):
+@@ -531,7 +635,8 @@
if rc < 0:
raise ValueError(_("Could not check if SELinux user %s is defined") % name)
if exists:
@@ -3848,7 +3893,7 @@ diff -up policycoreutils-2.0.83/semanage/seobject.py.rhat policycoreutils-2.0.83
(rc, u) = semanage_user_create(self.sh)
if rc < 0:
-@@ -682,6 +787,16 @@ class seluserRecords(semanageRecords):
+@@ -682,6 +787,16 @@
mylog.log(1,"delete SELinux user record", name)
@@ -3865,7 +3910,7 @@ diff -up policycoreutils-2.0.83/semanage/seobject.py.rhat policycoreutils-2.0.83
def get_all(self, locallist = 0):
ddict = {}
if locallist:
-@@ -702,6 +817,15 @@ class seluserRecords(semanageRecords):
+@@ -702,6 +817,15 @@
return ddict
@@ -3881,7 +3926,7 @@ diff -up policycoreutils-2.0.83/semanage/seobject.py.rhat policycoreutils-2.0.83
def list(self, heading = 1, locallist = 0):
ddict = self.get_all(locallist)
keys = ddict.keys()
-@@ -740,12 +864,16 @@ class portRecords(semanageRecords):
+@@ -740,12 +864,16 @@
low = int(ports[0])
high = int(ports[1])
@@ -3898,7 +3943,7 @@ diff -up policycoreutils-2.0.83/semanage/seobject.py.rhat policycoreutils-2.0.83
if is_mls_enabled == 1:
if serange == "":
serange = "s0"
-@@ -808,6 +936,7 @@ class portRecords(semanageRecords):
+@@ -808,6 +936,7 @@
self.commit()
def __modify(self, port, proto, serange, setype):
@@ -3906,7 +3951,7 @@ diff -up policycoreutils-2.0.83/semanage/seobject.py.rhat policycoreutils-2.0.83
if serange == "" and setype == "":
if is_mls_enabled == 1:
raise ValueError(_("Requires setype or serange"))
-@@ -942,6 +1071,18 @@ class portRecords(semanageRecords):
+@@ -942,6 +1071,18 @@
ddict[(ctype,proto_str)].append("%d-%d" % (low, high))
return ddict
@@ -3925,7 +3970,7 @@ diff -up policycoreutils-2.0.83/semanage/seobject.py.rhat policycoreutils-2.0.83
def list(self, heading = 1, locallist = 0):
if heading:
print "%-30s %-8s %s\n" % (_("SELinux Port Type"), _("Proto"), _("Port Number"))
-@@ -958,7 +1099,8 @@ class portRecords(semanageRecords):
+@@ -958,7 +1099,8 @@
class nodeRecords(semanageRecords):
def __init__(self, store = ""):
semanageRecords.__init__(self,store)
@@ -3935,7 +3980,7 @@ diff -up policycoreutils-2.0.83/semanage/seobject.py.rhat policycoreutils-2.0.83
def __add(self, addr, mask, proto, serange, ctype):
if addr == "":
raise ValueError(_("Node Address is required"))
-@@ -966,14 +1108,11 @@ class nodeRecords(semanageRecords):
+@@ -966,14 +1108,11 @@
if mask == "":
raise ValueError(_("Node Netmask is required"))
@@ -3953,7 +3998,7 @@ diff -up policycoreutils-2.0.83/semanage/seobject.py.rhat policycoreutils-2.0.83
if is_mls_enabled == 1:
if serange == "":
serange = "s0"
-@@ -991,11 +1130,13 @@ class nodeRecords(semanageRecords):
+@@ -991,11 +1130,13 @@
(rc, exists) = semanage_node_exists(self.sh, k)
if exists:
@@ -3968,7 +4013,7 @@ diff -up policycoreutils-2.0.83/semanage/seobject.py.rhat policycoreutils-2.0.83
rc = semanage_node_set_addr(self.sh, node, proto, addr)
(rc, con) = semanage_context_create(self.sh)
-@@ -1005,8 +1146,7 @@ class nodeRecords(semanageRecords):
+@@ -1005,8 +1146,7 @@
rc = semanage_node_set_mask(self.sh, node, proto, mask)
if rc < 0:
raise ValueError(_("Could not set mask for %s") % addr)
@@ -3978,7 +4023,7 @@ diff -up policycoreutils-2.0.83/semanage/seobject.py.rhat policycoreutils-2.0.83
rc = semanage_context_set_user(self.sh, con, "system_u")
if rc < 0:
raise ValueError(_("Could not set user in addr context for %s") % addr)
-@@ -1047,13 +1187,10 @@ class nodeRecords(semanageRecords):
+@@ -1047,13 +1187,10 @@
if mask == "":
raise ValueError(_("Node Netmask is required"))
@@ -3996,7 +4041,7 @@ diff -up policycoreutils-2.0.83/semanage/seobject.py.rhat policycoreutils-2.0.83
if serange == "" and setype == "":
raise ValueError(_("Requires setype or serange"))
-@@ -1068,12 +1205,11 @@ class nodeRecords(semanageRecords):
+@@ -1068,12 +1205,11 @@
if not exists:
raise ValueError(_("Addr %s is not defined") % addr)
@@ -4010,7 +4055,7 @@ diff -up policycoreutils-2.0.83/semanage/seobject.py.rhat policycoreutils-2.0.83
if serange != "":
semanage_context_set_mls(self.sh, con, untranslate(serange))
if setype != "":
-@@ -1098,11 +1234,9 @@ class nodeRecords(semanageRecords):
+@@ -1098,11 +1234,9 @@
if mask == "":
raise ValueError(_("Node Netmask is required"))
@@ -4025,7 +4070,7 @@ diff -up policycoreutils-2.0.83/semanage/seobject.py.rhat policycoreutils-2.0.83
raise ValueError(_("Unknown or missing protocol"))
(rc, k) = semanage_node_key_create(self.sh, addr, mask, proto)
-@@ -1132,6 +1266,16 @@ class nodeRecords(semanageRecords):
+@@ -1132,6 +1266,16 @@
self.__delete(addr, mask, proto)
self.commit()
@@ -4042,7 +4087,7 @@ diff -up policycoreutils-2.0.83/semanage/seobject.py.rhat policycoreutils-2.0.83
def get_all(self, locallist = 0):
ddict = {}
if locallist :
-@@ -1145,15 +1289,20 @@ class nodeRecords(semanageRecords):
+@@ -1145,15 +1289,20 @@
con = semanage_node_get_con(node)
addr = semanage_node_get_addr(self.sh, node)
mask = semanage_node_get_mask(self.sh, node)
@@ -4068,7 +4113,7 @@ diff -up policycoreutils-2.0.83/semanage/seobject.py.rhat policycoreutils-2.0.83
def list(self, heading = 1, locallist = 0):
if heading:
print "%-18s %-18s %-5s %-5s\n" % ("IP Address", "Netmask", "Protocol", "Context")
-@@ -1193,7 +1342,8 @@ class interfaceRecords(semanageRecords):
+@@ -1193,7 +1342,8 @@
if rc < 0:
raise ValueError(_("Could not check if interface %s is defined") % interface)
if exists:
@@ -4078,7 +4123,7 @@ diff -up policycoreutils-2.0.83/semanage/seobject.py.rhat policycoreutils-2.0.83
(rc, iface) = semanage_iface_create(self.sh)
if rc < 0:
-@@ -1307,6 +1457,16 @@ class interfaceRecords(semanageRecords):
+@@ -1307,6 +1457,16 @@
self.__delete(interface)
self.commit()
@@ -4095,7 +4140,7 @@ diff -up policycoreutils-2.0.83/semanage/seobject.py.rhat policycoreutils-2.0.83
def get_all(self, locallist = 0):
ddict = {}
if locallist:
-@@ -1322,6 +1482,15 @@ class interfaceRecords(semanageRecords):
+@@ -1322,6 +1482,15 @@
return ddict
@@ -4111,7 +4156,7 @@ diff -up policycoreutils-2.0.83/semanage/seobject.py.rhat policycoreutils-2.0.83
def list(self, heading = 1, locallist = 0):
if heading:
print "%-30s %s\n" % (_("SELinux Interface"), _("Context"))
-@@ -1338,6 +1507,48 @@ class interfaceRecords(semanageRecords):
+@@ -1338,6 +1507,48 @@
class fcontextRecords(semanageRecords):
def __init__(self, store = ""):
semanageRecords.__init__(self, store)
@@ -4160,7 +4205,7 @@ diff -up policycoreutils-2.0.83/semanage/seobject.py.rhat policycoreutils-2.0.83
def createcon(self, target, seuser = "system_u"):
(rc, con) = semanage_context_create(self.sh)
-@@ -1364,6 +1575,8 @@ class fcontextRecords(semanageRecords):
+@@ -1364,6 +1575,8 @@
def validate(self, target):
if target == "" or target.find("\n") >= 0:
raise ValueError(_("Invalid file specification"))
@@ -4169,7 +4214,7 @@ diff -up policycoreutils-2.0.83/semanage/seobject.py.rhat policycoreutils-2.0.83
def __add(self, target, type, ftype = "", serange = "", seuser = "system_u"):
self.validate(target)
-@@ -1388,7 +1601,8 @@ class fcontextRecords(semanageRecords):
+@@ -1388,7 +1601,8 @@
raise ValueError(_("Could not check if file context for %s is defined") % target)
if exists:
@@ -4179,7 +4224,7 @@ diff -up policycoreutils-2.0.83/semanage/seobject.py.rhat policycoreutils-2.0.83
(rc, fcontext) = semanage_fcontext_create(self.sh)
if rc < 0:
-@@ -1504,9 +1718,16 @@ class fcontextRecords(semanageRecords):
+@@ -1504,9 +1718,16 @@
raise ValueError(_("Could not delete the file context %s") % target)
semanage_fcontext_key_free(k)
@@ -4196,7 +4241,7 @@ diff -up policycoreutils-2.0.83/semanage/seobject.py.rhat policycoreutils-2.0.83
(rc,k) = semanage_fcontext_key_create(self.sh, target, file_types[ftype])
if rc < 0:
raise ValueError(_("Could not create a key for %s") % target)
-@@ -1561,12 +1782,22 @@ class fcontextRecords(semanageRecords):
+@@ -1561,12 +1782,22 @@
return ddict
@@ -4221,7 +4266,7 @@ diff -up policycoreutils-2.0.83/semanage/seobject.py.rhat policycoreutils-2.0.83
for k in keys:
if fcon_dict[k]:
if is_mls_enabled:
-@@ -1575,6 +1806,12 @@ class fcontextRecords(semanageRecords):
+@@ -1575,6 +1806,12 @@
print "%-50s %-18s %s:%s:%s " % (k[0], k[1], fcon_dict[k][0], fcon_dict[k][1],fcon_dict[k][2])
else:
print "%-50s %-18s <<None>>" % (k[0], k[1])
@@ -4234,7 +4279,7 @@ diff -up policycoreutils-2.0.83/semanage/seobject.py.rhat policycoreutils-2.0.83
class booleanRecords(semanageRecords):
def __init__(self, store = ""):
-@@ -1587,6 +1824,18 @@ class booleanRecords(semanageRecords):
+@@ -1587,6 +1824,18 @@
self.dict["1"] = 1
self.dict["0"] = 0
@@ -4253,7 +4298,7 @@ diff -up policycoreutils-2.0.83/semanage/seobject.py.rhat policycoreutils-2.0.83
def __mod(self, name, value):
(rc, k) = semanage_bool_key_create(self.sh, name)
if rc < 0:
-@@ -1606,9 +1855,10 @@ class booleanRecords(semanageRecords):
+@@ -1606,9 +1855,10 @@
else:
raise ValueError(_("You must specify one of the following values: %s") % ", ".join(self.dict.keys()) )
@@ -4267,7 +4312,7 @@ diff -up policycoreutils-2.0.83/semanage/seobject.py.rhat policycoreutils-2.0.83
rc = semanage_bool_modify_local(self.sh, k, b)
if rc < 0:
raise ValueError(_("Could not modify boolean %s") % name)
-@@ -1691,8 +1941,12 @@ class booleanRecords(semanageRecords):
+@@ -1691,8 +1941,12 @@
value = []
name = semanage_bool_get_name(boolean)
value.append(semanage_bool_get_value(boolean))
@@ -4282,7 +4327,7 @@ diff -up policycoreutils-2.0.83/semanage/seobject.py.rhat policycoreutils-2.0.83
ddict[name] = value
return ddict
-@@ -1706,6 +1960,16 @@ class booleanRecords(semanageRecords):
+@@ -1706,6 +1960,16 @@
else:
return _("unknown")
@@ -4299,8 +4344,8 @@ diff -up policycoreutils-2.0.83/semanage/seobject.py.rhat policycoreutils-2.0.83
def list(self, heading = True, locallist = False, use_file = False):
on_off = (_("off"), _("on"))
if use_file:
-diff -up policycoreutils-2.0.83/sepolgen-ifgen/Makefile.rhat policycoreutils-2.0.83/sepolgen-ifgen/Makefile
---- policycoreutils-2.0.83/sepolgen-ifgen/Makefile.rhat 2010-10-25 17:11:18.000000000 -0400
+diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sepolgen-ifgen/Makefile policycoreutils-2.0.83/sepolgen-ifgen/Makefile
+--- nsapolicycoreutils/sepolgen-ifgen/Makefile 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.83/sepolgen-ifgen/Makefile 2010-10-25 17:11:18.000000000 -0400
@@ -0,0 +1,25 @@
+# Installation directories.
@@ -4328,8 +4373,8 @@ diff -up policycoreutils-2.0.83/sepolgen-ifgen/Makefile.rhat policycoreutils-2.0
+ ../../scripts/Lindent $(wildcard *.[ch])
+
+relabel: ;
-diff -up policycoreutils-2.0.83/sepolgen-ifgen/sepolgen-ifgen-attr-helper.c.rhat policycoreutils-2.0.83/sepolgen-ifgen/sepolgen-ifgen-attr-helper.c
---- policycoreutils-2.0.83/sepolgen-ifgen/sepolgen-ifgen-attr-helper.c.rhat 2010-10-25 17:11:18.000000000 -0400
+diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sepolgen-ifgen/sepolgen-ifgen-attr-helper.c policycoreutils-2.0.83/sepolgen-ifgen/sepolgen-ifgen-attr-helper.c
+--- nsapolicycoreutils/sepolgen-ifgen/sepolgen-ifgen-attr-helper.c 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.83/sepolgen-ifgen/sepolgen-ifgen-attr-helper.c 2010-10-25 17:11:18.000000000 -0400
@@ -0,0 +1,230 @@
+/* Authors: Frank Mayer <mayerf at tresys.com>
@@ -4562,34 +4607,8 @@ diff -up policycoreutils-2.0.83/sepolgen-ifgen/sepolgen-ifgen-attr-helper.c.rhat
+
+ return 0;
+}
-diff -up policycoreutils-2.0.83/setfiles/restorecon.8.rhat policycoreutils-2.0.83/setfiles/restorecon.8
---- policycoreutils-2.0.83/setfiles/restorecon.8.rhat 2010-06-16 08:04:12.000000000 -0400
-+++ policycoreutils-2.0.83/setfiles/restorecon.8 2010-10-25 17:11:18.000000000 -0400
-@@ -4,10 +4,10 @@ restorecon \- restore file(s) default SE
-
- .SH "SYNOPSIS"
- .B restorecon
--.I [\-o outfilename ] [\-R] [\-n] [\-v] [\-e directory ] pathname...
-+.I [\-o outfilename ] [\-R] [\-n] [\-p] [\-v] [\-e directory ] pathname...
- .P
- .B restorecon
--.I \-f infilename [\-o outfilename ] [\-e directory ] [\-R] [\-n] [\-v] [\-F]
-+.I \-f infilename [\-o outfilename ] [\-e directory ] [\-R] [\-n] [\-p] [\-v] [\-F]
-
- .SH "DESCRIPTION"
- This manual page describes the
-@@ -40,6 +40,9 @@ don't change any file labels.
- .TP
- .B \-o outfilename
- save list of files with incorrect context in outfilename.
-+.TP
-+.B \-p
-+show progress by printing * every 1000 files.
- .TP
- .B \-v
- show changes in file labels.
-diff -up policycoreutils-2.0.83/setfiles/restore.c.rhat policycoreutils-2.0.83/setfiles/restore.c
---- policycoreutils-2.0.83/setfiles/restore.c.rhat 2010-06-16 08:04:12.000000000 -0400
+diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/setfiles/restore.c policycoreutils-2.0.83/setfiles/restore.c
+--- nsapolicycoreutils/setfiles/restore.c 2010-05-19 14:45:51.000000000 -0400
+++ policycoreutils-2.0.83/setfiles/restore.c 2010-10-25 17:11:18.000000000 -0400
@@ -1,4 +1,5 @@
#include "restore.h"
@@ -4597,7 +4616,7 @@ diff -up policycoreutils-2.0.83/setfiles/restore.c.rhat policycoreutils-2.0.83/s
#define SKIP -2
#define ERR -1
-@@ -31,7 +32,6 @@ struct edir {
+@@ -31,7 +32,6 @@
static file_spec_t *fl_head;
@@ -4605,7 +4624,7 @@ diff -up policycoreutils-2.0.83/setfiles/restore.c.rhat policycoreutils-2.0.83/s
static int filespec_add(ino_t ino, const security_context_t con, const char *file);
static int only_changed_user(const char *a, const char *b);
struct restore_opts *r_opts = NULL;
-@@ -53,7 +53,6 @@ void remove_exclude(const char *director
+@@ -53,7 +53,6 @@
}
}
return;
@@ -4613,7 +4632,7 @@ diff -up policycoreutils-2.0.83/setfiles/restore.c.rhat policycoreutils-2.0.83/s
}
void restore_init(struct restore_opts *opts)
-@@ -300,8 +299,14 @@ static int process_one(char *name, int r
+@@ -300,8 +299,14 @@
int rc = 0;
const char *namelist[2] = {name, NULL};
dev_t dev_num = 0;
@@ -4630,7 +4649,7 @@ diff -up policycoreutils-2.0.83/setfiles/restore.c.rhat policycoreutils-2.0.83/s
fts_handle = fts_open((char **)namelist, r_opts->fts_flags, NULL);
if (fts_handle == NULL) {
-@@ -357,11 +362,34 @@ err:
+@@ -357,11 +362,34 @@
goto out;
}
@@ -4666,7 +4685,7 @@ diff -up policycoreutils-2.0.83/setfiles/restore.c.rhat policycoreutils-2.0.83/s
if (r_opts == NULL){
fprintf(stderr,
-@@ -372,8 +400,9 @@ int process_one_realpath(char *name, int
+@@ -372,8 +400,9 @@
if (!r_opts->expand_realpath) {
return process_one(name, recurse);
} else {
@@ -4677,7 +4696,7 @@ diff -up policycoreutils-2.0.83/setfiles/restore.c.rhat policycoreutils-2.0.83/s
fprintf(stderr, "%s: lstat(%s) failed: %s\n",
r_opts->progname, name, strerror(errno));
return -1;
-@@ -409,7 +438,7 @@ int process_one_realpath(char *name, int
+@@ -409,7 +438,7 @@
}
}
@@ -4686,7 +4705,7 @@ diff -up policycoreutils-2.0.83/setfiles/restore.c.rhat policycoreutils-2.0.83/s
{
int i = 0;
for (i = 0; i < excludeCtr; i++) {
-@@ -537,7 +566,7 @@ static int filespec_add(ino_t ino, const
+@@ -537,7 +566,7 @@
{
file_spec_t *prevfl, *fl;
int h, ret;
@@ -4695,7 +4714,7 @@ diff -up policycoreutils-2.0.83/setfiles/restore.c.rhat policycoreutils-2.0.83/s
if (!fl_head) {
fl_head = malloc(sizeof(file_spec_t) * HASH_BUCKETS);
-@@ -550,7 +579,7 @@ static int filespec_add(ino_t ino, const
+@@ -550,7 +579,7 @@
for (prevfl = &fl_head[h], fl = fl_head[h].next; fl;
prevfl = fl, fl = fl->next) {
if (ino == fl->ino) {
@@ -4704,7 +4723,7 @@ diff -up policycoreutils-2.0.83/setfiles/restore.c.rhat policycoreutils-2.0.83/s
if (ret < 0 || sb.st_ino != ino) {
freecon(fl->con);
free(fl->file);
-@@ -602,5 +631,67 @@ static int filespec_add(ino_t ino, const
+@@ -602,5 +631,67 @@
return -1;
}
@@ -4772,10 +4791,36 @@ diff -up policycoreutils-2.0.83/setfiles/restore.c.rhat policycoreutils-2.0.83/s
+ free(buf);
+}
-diff -up policycoreutils-2.0.83/setfiles/restore.h.rhat policycoreutils-2.0.83/setfiles/restore.h
---- policycoreutils-2.0.83/setfiles/restore.h.rhat 2010-06-16 08:04:12.000000000 -0400
+diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/setfiles/restorecon.8 policycoreutils-2.0.83/setfiles/restorecon.8
+--- nsapolicycoreutils/setfiles/restorecon.8 2010-05-19 14:45:51.000000000 -0400
++++ policycoreutils-2.0.83/setfiles/restorecon.8 2010-10-25 17:11:18.000000000 -0400
+@@ -4,10 +4,10 @@
+
+ .SH "SYNOPSIS"
+ .B restorecon
+-.I [\-o outfilename ] [\-R] [\-n] [\-v] [\-e directory ] pathname...
++.I [\-o outfilename ] [\-R] [\-n] [\-p] [\-v] [\-e directory ] pathname...
+ .P
+ .B restorecon
+-.I \-f infilename [\-o outfilename ] [\-e directory ] [\-R] [\-n] [\-v] [\-F]
++.I \-f infilename [\-o outfilename ] [\-e directory ] [\-R] [\-n] [\-p] [\-v] [\-F]
+
+ .SH "DESCRIPTION"
+ This manual page describes the
+@@ -40,6 +40,9 @@
+ .TP
+ .B \-o outfilename
+ save list of files with incorrect context in outfilename.
++.TP
++.B \-p
++show progress by printing * every 1000 files.
+ .TP
+ .B \-v
+ show changes in file labels.
+diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/setfiles/restore.h policycoreutils-2.0.83/setfiles/restore.h
+--- nsapolicycoreutils/setfiles/restore.h 2010-05-19 14:45:51.000000000 -0400
+++ policycoreutils-2.0.83/setfiles/restore.h 2010-10-25 17:11:18.000000000 -0400
-@@ -27,6 +27,7 @@ struct restore_opts {
+@@ -27,6 +27,7 @@
int hard_links;
int verbose;
int logging;
@@ -4783,7 +4828,7 @@ diff -up policycoreutils-2.0.83/setfiles/restore.h.rhat policycoreutils-2.0.83/s
char *rootpath;
int rootpathlen;
char *progname;
-@@ -44,7 +45,10 @@ struct restore_opts {
+@@ -44,7 +45,10 @@
void restore_init(struct restore_opts *opts);
void restore_finish();
int add_exclude(const char *directory);
@@ -4794,10 +4839,10 @@ diff -up policycoreutils-2.0.83/setfiles/restore.h.rhat policycoreutils-2.0.83/s
+void exclude_non_seclabel_mounts();
#endif
-diff -up policycoreutils-2.0.83/setfiles/setfiles.8.rhat policycoreutils-2.0.83/setfiles/setfiles.8
---- policycoreutils-2.0.83/setfiles/setfiles.8.rhat 2010-06-16 08:04:12.000000000 -0400
+diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/setfiles/setfiles.8 policycoreutils-2.0.83/setfiles/setfiles.8
+--- nsapolicycoreutils/setfiles/setfiles.8 2010-05-19 14:45:51.000000000 -0400
+++ policycoreutils-2.0.83/setfiles/setfiles.8 2010-10-25 17:11:18.000000000 -0400
-@@ -31,6 +31,9 @@ log changes in file labels to syslog.
+@@ -31,6 +31,9 @@
.TP
.B \-n
don't change any file labels.
@@ -4807,8 +4852,8 @@ diff -up policycoreutils-2.0.83/setfiles/setfiles.8.rhat policycoreutils-2.0.83/
.TP
.B \-q
suppress non-error output.
-diff -up policycoreutils-2.0.83/setfiles/setfiles.c.rhat policycoreutils-2.0.83/setfiles/setfiles.c
---- policycoreutils-2.0.83/setfiles/setfiles.c.rhat 2010-06-16 08:04:12.000000000 -0400
+diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/setfiles/setfiles.c policycoreutils-2.0.83/setfiles/setfiles.c
+--- nsapolicycoreutils/setfiles/setfiles.c 2010-05-19 14:45:51.000000000 -0400
+++ policycoreutils-2.0.83/setfiles/setfiles.c 2010-10-25 17:11:18.000000000 -0400
@@ -5,7 +5,6 @@
#include <ctype.h>
@@ -4818,7 +4863,7 @@ diff -up policycoreutils-2.0.83/setfiles/setfiles.c.rhat policycoreutils-2.0.83/
#define __USE_XOPEN_EXTENDED 1 /* nftw */
#include <libgen.h>
#ifdef USE_AUDIT
-@@ -25,7 +24,6 @@ static char *policyfile = NULL;
+@@ -25,7 +24,6 @@
static int warn_no_match = 0;
static int null_terminated = 0;
static int errors;
@@ -4826,7 +4871,7 @@ diff -up policycoreutils-2.0.83/setfiles/setfiles.c.rhat policycoreutils-2.0.83/
static struct restore_opts r_opts;
#define STAT_BLOCK_SIZE 1
-@@ -44,13 +42,13 @@ void usage(const char *const name)
+@@ -44,13 +42,13 @@
{
if (iamrestorecon) {
fprintf(stderr,
@@ -4842,7 +4887,7 @@ diff -up policycoreutils-2.0.83/setfiles/setfiles.c.rhat policycoreutils-2.0.83/
name);
}
exit(1);
-@@ -138,69 +136,6 @@ static void maybe_audit_mass_relabel(voi
+@@ -138,69 +136,6 @@
#endif
}
@@ -4912,7 +4957,7 @@ diff -up policycoreutils-2.0.83/setfiles/setfiles.c.rhat policycoreutils-2.0.83/
int main(int argc, char **argv)
{
struct stat sb;
-@@ -335,7 +270,7 @@ int main(int argc, char **argv)
+@@ -335,7 +270,7 @@
r_opts.debug = 1;
break;
case 'i':
@@ -4921,7 +4966,7 @@ diff -up policycoreutils-2.0.83/setfiles/setfiles.c.rhat policycoreutils-2.0.83/
break;
case 'l':
r_opts.logging = 1;
-@@ -371,7 +306,7 @@ int main(int argc, char **argv)
+@@ -371,7 +306,7 @@
break;
}
if (optind + 1 >= argc) {
@@ -4930,7 +4975,7 @@ diff -up policycoreutils-2.0.83/setfiles/setfiles.c.rhat policycoreutils-2.0.83/
argv[0]);
exit(1);
}
-@@ -475,7 +410,7 @@ int main(int argc, char **argv)
+@@ -475,7 +410,7 @@
buf[len - 1] = 0;
if (!strcmp(buf, "/"))
mass_relabel = 1;
@@ -4939,7 +4984,7 @@ diff -up policycoreutils-2.0.83/setfiles/setfiles.c.rhat policycoreutils-2.0.83/
}
if (strcmp(input_filename, "-") != 0)
fclose(f);
-@@ -483,7 +418,8 @@ int main(int argc, char **argv)
+@@ -483,7 +418,8 @@
for (i = optind; i < argc; i++) {
if (!strcmp(argv[i], "/"))
mass_relabel = 1;
@@ -4949,8 +4994,8 @@ diff -up policycoreutils-2.0.83/setfiles/setfiles.c.rhat policycoreutils-2.0.83/
}
}
-diff -up policycoreutils-2.0.83/VERSION.rhat policycoreutils-2.0.83/VERSION
---- policycoreutils-2.0.83/VERSION.rhat 2010-06-16 08:04:12.000000000 -0400
+diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/VERSION policycoreutils-2.0.83/VERSION
+--- nsapolicycoreutils/VERSION 2010-06-16 08:03:38.000000000 -0400
+++ policycoreutils-2.0.83/VERSION 2010-10-25 17:11:18.000000000 -0400
@@ -1 +1 @@
-2.0.83
diff --git a/policycoreutils.spec b/policycoreutils.spec
index 3d754bd..3cb13f9 100644
--- a/policycoreutils.spec
+++ b/policycoreutils.spec
@@ -7,7 +7,7 @@
Summary: SELinux policy core utilities
Name: policycoreutils
Version: 2.0.83
-Release: 32%{?dist}
+Release: 33%{?dist}
License: GPLv2
Group: System Environment/Base
Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz
@@ -194,6 +194,7 @@ or level of a logged in user.
%defattr(-,root,root)
%attr(0755,root,root) %caps(cap_audit_write=pe) %{_bindir}/newrole
%{_mandir}/man1/newrole.1.gz
+%config(noreplace) %{_sysconfdir}/pam.d/newrole
%package gui
Summary: SELinux configuration GUI
@@ -253,7 +254,6 @@ rm -rf %{buildroot}
%{_bindir}/semodule_package
%{_sysconfdir}/rc.d/init.d/sandbox
%config(noreplace) %{_sysconfdir}/sysconfig/sandbox
-%config(noreplace) %{_sysconfdir}/pam.d/newrole
%config(noreplace) %{_sysconfdir}/pam.d/run_init
%config(noreplace) %{_sysconfdir}/sestatus.conf
# selinux-policy Requires: policycoreutils, so we own this set of directories and our files within them
@@ -326,6 +326,10 @@ fi
exit 0
%changelog
+* Fri Oct 29 2010 Dan Walsh <dwalsh at redhat.com> 2.0.83-33
+- Move /etc/pam.d/newrole in to polcicycoreutils-newrole
+- Additiona capability checking in sepolgen
+
* Mon Oct 25 2010 Dan Walsh <dwalsh at redhat.com> 2.0.83-32
- Remove setuid flag and replace with file capabilities
- Fix sandbox handling of files with spaces in them
More information about the scm-commits
mailing list