[policycoreutils/f16] Backport fixes from F17
Daniel J Walsh
dwalsh at fedoraproject.org
Tue Oct 4 12:56:02 UTC 2011
commit 84f80332c44b86fcb8e8de5e4c79ef73f2a5ab6e
Author: Dan Walsh <dwalsh at redhat.com>
Date: Tue Oct 4 08:55:45 2011 -0400
Backport fixes from F17
policycoreutils-f17.patch | 749 +++++++++++++++++++++++++++++++++++++++++++++
policycoreutils-gui.patch | 251 ++++++++--------
policycoreutils.spec | 7 +-
3 files changed, 877 insertions(+), 130 deletions(-)
---
diff --git a/policycoreutils-f17.patch b/policycoreutils-f17.patch
new file mode 100644
index 0000000..4e384e1
--- /dev/null
+++ b/policycoreutils-f17.patch
@@ -0,0 +1,749 @@
+diff -up policycoreutils-2.1.4/audit2allow/audit2allow.f17 policycoreutils-2.1.4/audit2allow/audit2allow
+--- policycoreutils-2.1.4/audit2allow/audit2allow.f17 2011-10-04 08:49:30.068139401 -0400
++++ policycoreutils-2.1.4/audit2allow/audit2allow 2011-10-04 08:51:05.442086558 -0400
+@@ -104,7 +104,7 @@ class AuditToPolicy:
+ if name:
+ options.requires = True
+ if not module.is_valid_name(name):
+- sys.stderr.write("only letters and numbers allowed in module names\n")
++ sys.stderr.write('error: module names must begin with a letter, optionally followed by letters, numbers, "-", "_", "."\n')
+ sys.exit(2)
+
+ # Make -M and -o conflict
+diff -up policycoreutils-2.1.4/.gitignore.f17 policycoreutils-2.1.4/.gitignore
+--- policycoreutils-2.1.4/.gitignore.f17 2011-08-18 06:52:31.000000000 -0400
++++ policycoreutils-2.1.4/.gitignore 2011-10-04 08:51:05.443086559 -0400
+@@ -9,6 +9,7 @@ semodule_deps/semodule_deps
+ semodule_expand/semodule_expand
+ semodule_link/semodule_link
+ semodule_package/semodule_package
++semodule_package/semodule_unpackage
+ sestatus/sestatus
+ setfiles/restorecon
+ setfiles/setfiles
+diff -up policycoreutils-2.1.4/mcstrans/man/Makefile.f17 policycoreutils-2.1.4/mcstrans/man/Makefile
+--- policycoreutils-2.1.4/mcstrans/man/Makefile.f17 2011-08-18 06:52:31.000000000 -0400
++++ policycoreutils-2.1.4/mcstrans/man/Makefile 2011-10-04 08:51:05.444086563 -0400
+@@ -1,7 +1,9 @@
+ # Installation directories.
+ MAN8DIR ?= $(DESTDIR)/usr/share/man/man8
+
+-install:
++all:
++
++install: all
+ mkdir -p $(MAN8DIR)
+ install -m 644 man8/*.8 $(MAN8DIR)
+
+diff -up policycoreutils-2.1.4/newrole/newrole.c.f17 policycoreutils-2.1.4/newrole/newrole.c
+--- policycoreutils-2.1.4/newrole/newrole.c.f17 2011-10-04 08:49:30.070139399 -0400
++++ policycoreutils-2.1.4/newrole/newrole.c 2011-10-04 08:51:05.445086567 -0400
+@@ -543,13 +543,13 @@ static int restore_environment(int prese
+ #if defined(AUDIT_LOG_PRIV) && !defined(NAMESPACE_PRIV)
+ static int drop_capabilities(int full)
+ {
++ uid_t uid = getuid();
++ if (!uid) return 0;
++
+ capng_clear(CAPNG_SELECT_BOTH);
+ if (capng_lock() < 0)
+ return -1;
+
+- uid_t uid = getuid();
+- if (!uid) return 0;
+-
+ /* Change uid */
+ if (setresuid(uid, uid, uid)) {
+ fprintf(stderr, _("Error changing uid, aborting.\n"));
+diff -up policycoreutils-2.1.4/sandbox/sandbox.f17 policycoreutils-2.1.4/sandbox/sandbox
+--- policycoreutils-2.1.4/sandbox/sandbox.f17 2011-10-04 08:49:30.077139396 -0400
++++ policycoreutils-2.1.4/sandbox/sandbox 2011-10-04 08:51:05.447086566 -0400
+@@ -263,7 +263,6 @@ sandbox [-h] [-c] [-l level ] [-[X|M] [-
+ %s
+ """) % types
+
+-
+ parser = OptionParser(version=self.VERSION, usage=usage)
+ parser.disable_interspersed_args()
+ parser.add_option("-i", "--include",
+diff -up policycoreutils-2.1.4/sandbox/sandbox.init.f17 policycoreutils-2.1.4/sandbox/sandbox.init
+--- policycoreutils-2.1.4/sandbox/sandbox.init.f17 2011-10-04 08:49:30.080139393 -0400
++++ policycoreutils-2.1.4/sandbox/sandbox.init 2011-10-04 08:51:05.447086566 -0400
+@@ -13,17 +13,12 @@
+ # description: sandbox, xguest and other apps that want to use pam_namespace \
+ # require this script be run at boot. This service script does \
+ # not actually run any service but sets up: \
+-# /var/tmp, /tmp and home directories to be used by these tools.\
++# / to be shared by any app that starts a separate namespace
+ # If you do not use sandbox, xguest or pam_namespace you can turn \
+ # this service off.\
+ #
+
+ # Source function library.
+-. /etc/init.d/functions
+-
+-HOMEDIRS="/home"
+-
+-. /etc/sysconfig/sandbox
+
+ LOCKFILE=/var/lock/subsys/sandbox
+
+diff -up policycoreutils-2.1.4/sandbox/seunshare.c.f17 policycoreutils-2.1.4/sandbox/seunshare.c
+--- policycoreutils-2.1.4/sandbox/seunshare.c.f17 2011-10-04 08:49:30.082139392 -0400
++++ policycoreutils-2.1.4/sandbox/seunshare.c 2011-10-04 08:51:05.449086562 -0400
+@@ -5,8 +5,9 @@
+
+ #define _GNU_SOURCE
+ #include <signal.h>
+-#include <sys/types.h>
++#include <sys/fsuid.h>
+ #include <sys/stat.h>
++#include <sys/types.h>
+ #include <sys/wait.h>
+ #include <syslog.h>
+ #include <sys/mount.h>
+@@ -18,7 +19,6 @@
+ #include <stdio.h>
+ #include <regex.h>
+ #include <unistd.h>
+-#include <sys/fsuid.h>
+ #include <stdlib.h>
+ #include <cap-ng.h>
+ #include <getopt.h> /* for getopt_long() form of getopt() */
+@@ -53,7 +53,7 @@
+
+ #define BUF_SIZE 1024
+ #define DEFAULT_PATH "/usr/bin:/bin"
+-#define USAGE_STRING _("USAGE: seunshare [ -v ] [ -c ] [ -k ] [ -C ] [ -t tmpdir] [ -h homedir ] [ -Z context ] -- executable [args]")
++#define USAGE_STRING _("USAGE: seunshare [ -v ] [ -C ] [ -c ] [ -k ] [ -t tmpdir ] [ -h homedir ] [ -Z CONTEXT ] -- executable [args] ")
+
+ static int verbose = 0;
+ static int child = 0;
+@@ -959,6 +959,7 @@ int main(int argc, char **argv) {
+
+ if (child == 0) {
+ char *display = NULL;
++ char *LANG = NULL;
+ int rc = -1;
+
+ if (unshare(CLONE_NEWNS) < 0) {
+@@ -984,12 +985,23 @@ int main(int argc, char **argv) {
+ goto childerr;
+ }
+ }
++
++ /* construct a new environment */
++ if ((LANG = getenv("LANG")) != NULL) {
++ if ((LANG = strdup(LANG)) == NULL) {
++ perror(_("Out of memory"));
++ goto childerr;
++ }
++ }
++
+ if ((rc = clearenv()) != 0) {
+ perror(_("Failed to clear environment"));
+ goto childerr;
+ }
+ if (display)
+ rc |= setenv("DISPLAY", display, 1);
++ if (LANG)
++ rc |= setenv("LANG", LANG, 1);
+ rc |= setenv("HOME", pwd->pw_dir, 1);
+ rc |= setenv("SHELL", pwd->pw_shell, 1);
+ rc |= setenv("USER", pwd->pw_name, 1);
+@@ -1015,6 +1027,7 @@ int main(int argc, char **argv) {
+ fprintf(stderr, _("Failed to execute command %s: %s\n"), argv[optind], strerror(errno));
+ childerr:
+ free(display);
++ free(LANG);
+ exit(-1);
+ }
+
+diff -up policycoreutils-2.1.4/semanage/semanage.8.f17 policycoreutils-2.1.4/semanage/semanage.8
+--- policycoreutils-2.1.4/semanage/semanage.8.f17 2011-08-18 06:52:31.000000000 -0400
++++ policycoreutils-2.1.4/semanage/semanage.8 2011-10-04 08:51:05.450086559 -0400
+@@ -163,6 +163,9 @@ SELinux Type for the object
+ .I \-i, \-\-input
+ Take a set of commands from a specified file and load them in a single
+ transaction.
++.TP
++.I \-o, \-\-output
++Output all local customizations into a file. This file than can be used with the semanage -i command to customize other machines to match the local machine.
+
+ .SH EXAMPLE
+ .nf
+diff -up policycoreutils-2.1.4/semanage/semanage.f17 policycoreutils-2.1.4/semanage/semanage
+--- policycoreutils-2.1.4/semanage/semanage.f17 2011-10-04 08:49:30.086139391 -0400
++++ policycoreutils-2.1.4/semanage/semanage 2011-10-04 08:51:05.449086562 -0400
+@@ -575,3 +575,5 @@ Object-specific Options (see above):
+ errorExit(error.args[1])
+ except OSError, error:
+ errorExit(error.args[1])
++ except RuntimeError, error:
++ errorExit(error.args[0])
+diff -up policycoreutils-2.1.4/semanage/seobject.py.f17 policycoreutils-2.1.4/semanage/seobject.py
+--- policycoreutils-2.1.4/semanage/seobject.py.f17 2011-10-04 08:49:30.087139390 -0400
++++ policycoreutils-2.1.4/semanage/seobject.py 2011-10-04 08:51:05.451086557 -0400
+@@ -1,5 +1,5 @@
+ #! /usr/bin/python -E
+-# Copyright (C) 2005, 2006, 2007, 2008, 2009 Red Hat
++# Copyright (C) 2005-2011 Red Hat
+ # see file 'COPYING' for use and warranty information
+ #
+ # semanage is a tool for managing SELinux configuration files
+@@ -254,9 +254,13 @@ class moduleRecords(semanageRecords):
+ return l
+
+ def list(self, heading = 1, locallist = 0):
++ all = self.get_all()
++ if len(all) == 0:
++ return
++
+ if heading:
+ print "\n%-25s%-10s\n" % (_("Modules Name"), _("Version"))
+- for t in self.get_all():
++ for t in all:
+ if t[2] == 0:
+ disabled = _("Disabled")
+ else:
+@@ -335,6 +339,8 @@ class permissiveRecords(semanageRecords)
+ def list(self, heading = 1, locallist = 0):
+ import setools
+ all = map(lambda y: y["name"], filter(lambda x: x["permissive"], setools.seinfo(setools.TYPE)))
++ if len(all) == 0:
++ return
+
+ if heading:
+ print "\n%-25s\n" % (_("Builtin Permissive Types"))
+@@ -342,6 +348,10 @@ class permissiveRecords(semanageRecords)
+ for t in all:
+ if t not in customized:
+ print t
++
++ if len(customized) == 0:
++ return
++
+ if heading:
+ print "\n%-25s\n" % (_("Customized Permissive Types"))
+ for t in customized:
+@@ -592,7 +602,10 @@ class loginRecords(semanageRecords):
+ def list(self,heading = 1, locallist = 0):
+ ddict = self.get_all(locallist)
+ keys = ddict.keys()
++ if len(keys) == 0:
++ return
+ keys.sort()
++
+ if is_mls_enabled == 1:
+ if heading:
+ print "\n%-25s %-25s %-25s\n" % (_("Login Name"), _("SELinux User"), _("MLS/MCS Range"))
+@@ -825,7 +838,10 @@ class seluserRecords(semanageRecords):
+ def list(self, heading = 1, locallist = 0):
+ ddict = self.get_all(locallist)
+ keys = ddict.keys()
++ if len(keys) == 0:
++ return
+ keys.sort()
++
+ if is_mls_enabled == 1:
+ if heading:
+ print "\n%-15s %-10s %-10s %-30s" % ("", _("Labeling"), _("MLS/"), _("MLS/"))
+@@ -1080,11 +1096,14 @@ class portRecords(semanageRecords):
+ return l
+
+ def list(self, heading = 1, locallist = 0):
+- if heading:
+- print "%-30s %-8s %s\n" % (_("SELinux Port Type"), _("Proto"), _("Port Number"))
+ ddict = self.get_all_by_type(locallist)
+ keys = ddict.keys()
++ if len(keys) == 0:
++ return
+ keys.sort()
++
++ if heading:
++ print "%-30s %-8s %s\n" % (_("SELinux Port Type"), _("Proto"), _("Port Number"))
+ for i in keys:
+ rec = "%-30s %-8s " % i
+ rec += "%s" % ddict[i][0]
+@@ -1302,11 +1321,14 @@ class nodeRecords(semanageRecords):
+ return l
+
+ def list(self, heading = 1, locallist = 0):
+- if heading:
+- print "%-18s %-18s %-5s %-5s\n" % ("IP Address", "Netmask", "Protocol", "Context")
+ ddict = self.get_all(locallist)
+ keys = ddict.keys()
++ if len(keys) == 0:
++ return
+ keys.sort()
++
++ if heading:
++ print "%-18s %-18s %-5s %-5s\n" % ("IP Address", "Netmask", "Protocol", "Context")
+ if is_mls_enabled:
+ for k in keys:
+ val = ''
+@@ -1490,11 +1512,14 @@ class interfaceRecords(semanageRecords):
+ return l
+
+ def list(self, heading = 1, locallist = 0):
+- if heading:
+- print "%-30s %s\n" % (_("SELinux Interface"), _("Context"))
+ ddict = self.get_all(locallist)
+ keys = ddict.keys()
++ if len(keys) == 0:
++ return
+ keys.sort()
++
++ if heading:
++ print "%-30s %s\n" % (_("SELinux Interface"), _("Context"))
+ if is_mls_enabled:
+ for k in keys:
+ print "%-30s %s:%s:%s:%s " % (k,ddict[k][0], ddict[k][1],ddict[k][2], translate(ddict[k][3], False))
+@@ -1793,8 +1818,11 @@ class fcontextRecords(semanageRecords):
+ def list(self, heading = 1, locallist = 0 ):
+ fcon_dict = self.get_all(locallist)
+ keys = fcon_dict.keys()
++ if len(keys) == 0:
++ return
+ keys.sort()
+- if len(keys) > 0 and heading:
++
++ if heading:
+ print "%-50s %-18s %s\n" % (_("SELinux fcontext"), _("type"), _("Context"))
+ for k in keys:
+ if fcon_dict[k]:
+@@ -1977,11 +2005,13 @@ class booleanRecords(semanageRecords):
+ if ddict[k]:
+ print "%s=%s" % (k, ddict[k][2])
+ return
+- if heading:
+- print "%-40s %s\n" % (_("SELinux boolean"), _("Description"))
+ ddict = self.get_all(locallist)
+ keys = ddict.keys()
++ if len(keys) == 0:
++ return
++
++ if heading:
++ print "%-30s %s %s %s\n" % (_("SELinux boolean"),_("State"), _("Default"), _("Description"))
+ for k in keys:
+ if ddict[k]:
+- print "%-30s -> %-5s %s" % (k, on_off[ddict[k][2]], self.get_desc(k))
+-
++ print "%-30s (%-5s,%5s) %s" % (k, on_off[selinux.security_get_boolean_active(k)], on_off[ddict[k][2]], self.get_desc(k))
+diff -up policycoreutils-2.1.4/semodule_package/Makefile.f17 policycoreutils-2.1.4/semodule_package/Makefile
+--- policycoreutils-2.1.4/semodule_package/Makefile.f17 2011-10-04 08:49:30.088139389 -0400
++++ policycoreutils-2.1.4/semodule_package/Makefile 2011-10-04 08:51:05.452086558 -0400
+@@ -24,7 +24,7 @@ install: all
+ relabel:
+
+ clean:
+- -rm -f semodule_package *.o
++ -rm -f semodule_package semodule_unpackage *.o
+
+ indent:
+ ../../scripts/Lindent $(wildcard *.[ch])
+diff -up policycoreutils-2.1.4/setfiles/restore.c.f17 policycoreutils-2.1.4/setfiles/restore.c
+--- policycoreutils-2.1.4/setfiles/restore.c.f17 2011-10-04 08:49:30.091139387 -0400
++++ policycoreutils-2.1.4/setfiles/restore.c 2011-10-04 08:51:05.453086559 -0400
+@@ -1,5 +1,6 @@
+ #include "restore.h"
+ #include <glob.h>
++#include <selinux/context.h>
+
+ #define SKIP -2
+ #define ERR -1
+@@ -33,7 +34,6 @@ struct edir {
+
+ static file_spec_t *fl_head;
+ static int filespec_add(ino_t ino, const security_context_t con, const char *file);
+-static int only_changed_user(const char *a, const char *b);
+ struct restore_opts *r_opts = NULL;
+ static void filespec_destroy(void);
+ static void filespec_eval(void);
+@@ -60,9 +60,10 @@ void restore_init(struct restore_opts *o
+ r_opts = opts;
+ struct selinux_opt selinux_opts[] = {
+ { SELABEL_OPT_VALIDATE, r_opts->selabel_opt_validate },
+- { SELABEL_OPT_PATH, r_opts->selabel_opt_path }
++ { SELABEL_OPT_PATH, r_opts->selabel_opt_path },
++ { SELABEL_OPT_SUBSET, r_opts->selabel_opt_subset }
+ };
+- r_opts->hnd = selabel_open(SELABEL_CTX_FILE, selinux_opts, 2);
++ r_opts->hnd = selabel_open(SELABEL_CTX_FILE, selinux_opts, 3);
+ if (!r_opts->hnd) {
+ perror(r_opts->selabel_opt_path);
+ exit(1);
+@@ -104,8 +105,7 @@ static int restore(FTSENT *ftsent)
+ {
+ char *my_file = strdupa(ftsent->fts_path);
+ int ret;
+- char *context, *newcon;
+- int user_only_changed = 0;
++ security_context_t curcon = NULL, newcon = NULL;
+
+ if (match(my_file, ftsent->fts_statp, &newcon) < 0)
+ /* Check for no matching specification. */
+@@ -113,10 +113,6 @@ static int restore(FTSENT *ftsent)
+
+ if (r_opts->progress) {
+ r_opts->count++;
+- if (r_opts->count % (80 * STAR_COUNT) == 0) {
+- fprintf(stdout, "\n");
+- fflush(stdout);
+- }
+ if (r_opts->count % STAR_COUNT == 0) {
+ fprintf(stdout, "*");
+ fflush(stdout);
+@@ -143,74 +139,105 @@ static int restore(FTSENT *ftsent)
+ printf("%s: %s matched by %s\n", r_opts->progname, my_file, newcon);
+ }
+
++ /*
++ * Do not relabel if their is no default specification for this file
++ */
++
++ if (strcmp(newcon, "<<none>>") == 0) {
++ goto out;
++ }
++
+ /* Get the current context of the file. */
+- ret = lgetfilecon_raw(ftsent->fts_accpath, &context);
++ ret = lgetfilecon_raw(ftsent->fts_accpath, &curcon);
+ if (ret < 0) {
+ if (errno == ENODATA) {
+- context = NULL;
++ curcon = NULL;
+ } else {
+ fprintf(stderr, "%s get context on %s failed: '%s'\n",
+ r_opts->progname, my_file, strerror(errno));
+ goto err;
+ }
+- user_only_changed = 0;
+- } else
+- user_only_changed = only_changed_user(context, newcon);
++ }
++
+ /* lgetfilecon returns number of characters and ret needs to be reset
+ * to 0.
+ */
+ ret = 0;
+
+ /*
+- * Do not relabel the file if the matching specification is
+- * <<none>> or the file is already labeled according to the
+- * specification.
++ * Do not relabel the file if the file is already labeled according to
++ * the specification.
+ */
+- if ((strcmp(newcon, "<<none>>") == 0) ||
+- (context && (strcmp(context, newcon) == 0))) {
+- freecon(context);
++ if (curcon && (strcmp(curcon, newcon) == 0)) {
+ goto out;
+ }
+
+- if (!r_opts->force && context && (is_context_customizable(context) > 0)) {
++ if (!r_opts->force && curcon && (is_context_customizable(curcon) > 0)) {
+ if (r_opts->verbose > 1) {
+ fprintf(stderr,
+ "%s: %s not reset customized by admin to %s\n",
+- r_opts->progname, my_file, context);
++ r_opts->progname, my_file, curcon);
+ }
+- freecon(context);
+ goto out;
+ }
+
+- if (r_opts->verbose) {
+- /* If we're just doing "-v", trim out any relabels where
+- * the user has r_opts->changed but the role and type are the
+- * same. For "-vv", emit everything. */
+- if (r_opts->verbose > 1 || !user_only_changed) {
+- printf("%s reset %s context %s->%s\n",
+- r_opts->progname, my_file, context ?: "", newcon);
++ /*
++ * Do not change label unless this is a force or the type is different
++ */
++ if (!r_opts->force && curcon) {
++ int types_differ = 0;
++ context_t cona;
++ context_t conb;
++ int err = 0;
++ cona = context_new(curcon);
++ if (! cona) {
++ goto out;
++ }
++ conb = context_new(newcon);
++ if (! conb) {
++ context_free(cona);
++ goto out;
++ }
++
++ types_differ = strcmp(context_type_get(cona), context_type_get(conb));
++ if (types_differ) {
++ err |= context_user_set(conb, context_user_get(cona));
++ err |= context_role_set(conb, context_role_get(cona));
++ err |= context_range_set(conb, context_range_get(cona));
++ if (!err) {
++ freecon(newcon);
++ newcon = strdup(context_str(conb));
++ }
++ }
++ context_free(cona);
++ context_free(conb);
++
++ if (!types_differ || err) {
++ goto out;
+ }
+ }
+
+- if (r_opts->logging && !user_only_changed) {
+- if (context)
++ if (r_opts->verbose) {
++ printf("%s reset %s context %s->%s\n",
++ r_opts->progname, my_file, curcon ?: "", newcon);
++ }
++
++ if (r_opts->logging) {
++ if (curcon)
+ syslog(LOG_INFO, "relabeling %s from %s to %s\n",
+- my_file, context, newcon);
++ my_file, curcon, newcon);
+ else
+ syslog(LOG_INFO, "labeling %s to %s\n",
+ my_file, newcon);
+ }
+
+- if (r_opts->outfile && !user_only_changed)
++ if (r_opts->outfile)
+ fprintf(r_opts->outfile, "%s\n", my_file);
+
+- if (context)
+- freecon(context);
+-
+ /*
+ * Do not relabel the file if -n was used.
+ */
+- if (!r_opts->change || user_only_changed)
++ if (!r_opts->change)
+ goto out;
+
+ /*
+@@ -222,7 +249,7 @@ static int restore(FTSENT *ftsent)
+ r_opts->progname, my_file, newcon, strerror(errno));
+ goto skip;
+ }
+- ret = 1;
++ ret = 0;
+ out:
+ freecon(newcon);
+ return ret;
+@@ -491,22 +518,6 @@ int add_exclude(const char *directory)
+ return 0;
+ }
+
+-/* Compare two contexts to see if their differences are "significant",
+- * or whether the only difference is in the user. */
+-static int only_changed_user(const char *a, const char *b)
+-{
+- char *rest_a, *rest_b; /* Rest of the context after the user */
+- if (r_opts->force)
+- return 0;
+- if (!a || !b)
+- return 0;
+- rest_a = strchr(a, ':');
+- rest_b = strchr(b, ':');
+- if (!rest_a || !rest_b)
+- return 0;
+- return (strcmp(rest_a, rest_b) == 0);
+-}
+-
+ /*
+ * Evaluate the association hash table distribution.
+ */
+diff -up policycoreutils-2.1.4/setfiles/restorecon.8.f17 policycoreutils-2.1.4/setfiles/restorecon.8
+--- policycoreutils-2.1.4/setfiles/restorecon.8.f17 2011-08-18 06:52:32.000000000 -0400
++++ policycoreutils-2.1.4/setfiles/restorecon.8 2011-10-04 08:51:05.453086559 -0400
+@@ -4,22 +4,27 @@ restorecon \- restore file(s) default SE
+
+ .SH "SYNOPSIS"
+ .B restorecon
+-.I [\-o outfilename ] [\-R] [\-n] [\-p] [\-v] [\-e directory ] pathname...
++.I [\-o outfilename ] [\-R] [\-n] [\-p] [\-v] [\-e directory ] [\-L labelprefix ] pathname...
+ .P
+ .B restorecon
+-.I \-f infilename [\-o outfilename ] [\-e directory ] [\-R] [\-n] [\-p] [\-v] [\-F]
++.I \-f infilename [\-o outfilename ] [\-e directory ] [\-L labelprefix ] [\-R] [\-n] [\-p] [\-v] [\-F]
+
+ .SH "DESCRIPTION"
+ This manual page describes the
+ .BR restorecon
+ program.
+ .P
+-This program is primarily used to set the security context
++This program is primarily used to reset the security context (type)
+ (extended attributes) on one or more files.
+ .P
+ It can be run at any time to correct errors, to add support for
+ new policy, or with the \-n option it can just check whether the file
+ contexts are all as you expect.
++.P
++If a file object does not have a context, restorecon will write the default
++context to the file object's extended attributes. If a file object has a
++context, restorecon will only modify the type portion of the security context.
++The -F option will force a replacement of the entire context.
+
+ .SH "OPTIONS"
+ .TP
+@@ -32,6 +37,12 @@ infilename contains a list of files to b
+ .B \-e directory
+ directory to exclude (repeat option for more than one directory.)
+ .TP
++.B \-L labelprefix
++Tells selinux to only use the file context that match this prefix for labeling, -L can be called multiple times. Can speed up labeling if you are only doing one directory.
++
++# restorecon -R -v -L /dev /dev
++
++.TP
+ .B \-R \-r
+ change files and directories file labels recursively
+ .TP
+@@ -47,11 +58,8 @@ show progress by printing * every 1000 f
+ .B \-v
+ show changes in file labels.
+ .TP
+-.B \-vv
+-show changes in file labels, if type, role, or user are changing.
+-.TP
+ .B \-F
+-Force reset of context to match file_context for customizable files, or the user section, if it has changed.
++Force reset of context to match file_context for customizable files, and the default file context, changing the user, role, range portion as well as the type.
+ .TP
+ .SH "ARGUMENTS"
+ .B pathname...
+diff -up policycoreutils-2.1.4/setfiles/restore.h.f17 policycoreutils-2.1.4/setfiles/restore.h
+--- policycoreutils-2.1.4/setfiles/restore.h.f17 2011-10-04 08:49:30.092139387 -0400
++++ policycoreutils-2.1.4/setfiles/restore.h 2011-10-04 08:51:05.454086560 -0400
+@@ -40,6 +40,7 @@ struct restore_opts {
+ int fts_flags; /* Flags to fts, e.g. follow links, follow mounts */
+ const char *selabel_opt_validate;
+ const char *selabel_opt_path;
++ char *selabel_opt_subset;
+ };
+
+ void restore_init(struct restore_opts *opts);
+diff -up policycoreutils-2.1.4/setfiles/setfiles.8.f17 policycoreutils-2.1.4/setfiles/setfiles.8
+--- policycoreutils-2.1.4/setfiles/setfiles.8.f17 2011-08-18 06:52:32.000000000 -0400
++++ policycoreutils-2.1.4/setfiles/setfiles.8 2011-10-04 08:51:05.454086560 -0400
+@@ -4,7 +4,7 @@ setfiles \- set file SELinux security co
+
+ .SH "SYNOPSIS"
+ .B setfiles
+-.I [\-c policy ] [\-d] [\-l] [\-n] [\-e directory ] [\-o filename ] [\-q] [\-s] [\-v] [\-vv] [\-W] [\-F] spec_file pathname...
++.I [\-c policy ] [\-d] [\-l] [\-n] [\-e directory ] [\-o filename ] [\-L labelprefix ] [\-q] [\-s] [\-v] [\-W] [\-F] spec_file pathname...
+ .SH "DESCRIPTION"
+ This manual page describes the
+ .BR setfiles
+@@ -17,6 +17,11 @@ program is initially run as part of the
+ It can also be run at any time to correct errors, to add support for
+ new policy, or with the \-n option it can just check whether the file
+ contexts are all as you expect.
++.P
++If a file object does not have a context, setfiles will write the default
++context to the file object's extended attributes. If a file object has a
++context, setfiles will only modify the type portion of the security context.
++The -F option will force a replacement of the entire context.
+
+ .SH "OPTIONS"
+ .TP
+@@ -45,7 +50,10 @@ use an alternate root path
+ directory to exclude (repeat option for more than one directory.)
+ .TP
+ .B \-F
+-Force reset of context to match file_context for customizable files
++Force reset of context to match file_context for customizable files, and the default file context, changing the user, role, range portion as well as the type.
++.TP
++.B \-L labelprefix
++Tells selinux to only use the file context that match this prefix for labeling, -L can be called multiple times. Can speed up labeling if you are only doing one directory.
+ .TP
+ .B \-o filename
+ save list of files with incorrect context in filename.
+@@ -55,10 +63,7 @@ take a list of files from standard input
+ command line.
+ .TP
+ .B \-v
+-show changes in file labels, if type or role are changing.
+-.TP
+-.B \-vv
+-show changes in file labels, if type, role, or user are changing.
++show changes in file labels.
+ .TP
+ .B \-W
+ display warnings about entries that had no matching files.
+diff -up policycoreutils-2.1.4/setfiles/setfiles.c.f17 policycoreutils-2.1.4/setfiles/setfiles.c
+--- policycoreutils-2.1.4/setfiles/setfiles.c.f17 2011-10-04 08:49:30.092139387 -0400
++++ policycoreutils-2.1.4/setfiles/setfiles.c 2011-10-04 08:51:05.455086560 -0400
+@@ -39,7 +39,7 @@ void usage(const char *const name)
+ {
+ if (iamrestorecon) {
+ fprintf(stderr,
+- "usage: %s [-iFnprRv0] [-e excludedir ] [-o filename ] [-f filename | pathname... ]\n",
++ "usage: %s [-iFnprRv0] [ -L labelprefix ] [-e excludedir ] [-o filename ] [-f filename | pathname... ]\n",
+ name);
+ } else {
+ fprintf(stderr,
+@@ -160,6 +160,7 @@ int main(int argc, char **argv)
+ r_opts.outfile = NULL;
+ r_opts.force = 0;
+ r_opts.hard_links = 1;
++ r_opts.selabel_opt_subset = 0;
+
+ altpath = NULL;
+
+@@ -217,7 +218,7 @@ int main(int argc, char **argv)
+ exclude_non_seclabel_mounts();
+
+ /* Process any options. */
+- while ((opt = getopt(argc, argv, "c:de:f:ilnpqrsvo:FRW0")) > 0) {
++ while ((opt = getopt(argc, argv, "c:de:f:ilnpqrsvo:FL:RW0")) > 0) {
+ switch (opt) {
+ case 'c':
+ {
+@@ -280,6 +281,23 @@ int main(int argc, char **argv)
+ case 'n':
+ r_opts.change = 0;
+ break;
++ case 'L':
++ if (r_opts.selabel_opt_subset) {
++ if (asprintf((char**) &(r_opts.selabel_opt_subset),"%s:%s",r_opts.selabel_opt_subset,optarg) < 0) {
++ fprintf(stderr, "Can't allocate memory for labeling prefix %s:%s\n",
++ optarg, strerror(errno));
++ exit(1);
++ }
++ }
++ else {
++ r_opts.selabel_opt_subset = strdup(optarg);
++ if (! r_opts.selabel_opt_subset) {
++ fprintf(stderr, "Can't allocate memory for labeling prefix %s:%s\n",
++ optarg, strerror(errno));
++ exit(1);
++ }
++ }
++ break;
+ case 'o':
+ if (strcmp(optarg, "-") == 0) {
+ r_opts.outfile = stdout;
+@@ -433,7 +451,11 @@ int main(int argc, char **argv)
+ if (r_opts.outfile)
+ fclose(r_opts.outfile);
+
+- if (r_opts.progress && r_opts.count >= STAR_COUNT)
+- printf("\n");
++ if (r_opts.progress && r_opts.count >= STAR_COUNT)
++ printf("\n");
++
++ free(r_opts.progname);
++ free(r_opts.selabel_opt_subset);
++ free(r_opts.rootpath);
+ exit(errors);
+ }
diff --git a/policycoreutils-gui.patch b/policycoreutils-gui.patch
index 415d192..31e935c 100644
--- a/policycoreutils-gui.patch
+++ b/policycoreutils-gui.patch
@@ -1,6 +1,6 @@
-diff -up policycoreutils-2.0.86/gui/booleansPage.py.gui policycoreutils-2.0.86/gui/booleansPage.py
---- policycoreutils-2.0.86/gui/booleansPage.py.gui 2011-06-13 13:35:38.766854582 -0400
-+++ policycoreutils-2.0.86/gui/booleansPage.py 2011-06-13 13:35:38.766854582 -0400
+diff -up policycoreutils-2.1.5/gui/booleansPage.py.gui policycoreutils-2.1.5/gui/booleansPage.py
+--- policycoreutils-2.1.5/gui/booleansPage.py.gui 2011-09-07 16:58:08.229268533 -0400
++++ policycoreutils-2.1.5/gui/booleansPage.py 2011-09-07 16:58:08.229268533 -0400
@@ -0,0 +1,247 @@
+#
+# booleansPage.py - GUI for Booleans page in system-config-securitylevel
@@ -249,9 +249,9 @@ diff -up policycoreutils-2.0.86/gui/booleansPage.py.gui policycoreutils-2.0.86/g
+ self.load(self.filter)
+ return True
+
-diff -up policycoreutils-2.0.86/gui/domainsPage.py.gui policycoreutils-2.0.86/gui/domainsPage.py
---- policycoreutils-2.0.86/gui/domainsPage.py.gui 2011-06-13 13:35:38.767854591 -0400
-+++ policycoreutils-2.0.86/gui/domainsPage.py 2011-06-13 13:35:38.767854591 -0400
+diff -up policycoreutils-2.1.5/gui/domainsPage.py.gui policycoreutils-2.1.5/gui/domainsPage.py
+--- policycoreutils-2.1.5/gui/domainsPage.py.gui 2011-09-07 16:58:08.230268533 -0400
++++ policycoreutils-2.1.5/gui/domainsPage.py 2011-09-07 16:58:08.230268533 -0400
@@ -0,0 +1,154 @@
+## domainsPage.py - show selinux domains
+## Copyright (C) 2009 Red Hat, Inc.
@@ -407,9 +407,9 @@ diff -up policycoreutils-2.0.86/gui/domainsPage.py.gui policycoreutils-2.0.86/gu
+
+ except ValueError, e:
+ self.error(e.args[0])
-diff -up policycoreutils-2.0.86/gui/fcontextPage.py.gui policycoreutils-2.0.86/gui/fcontextPage.py
---- policycoreutils-2.0.86/gui/fcontextPage.py.gui 2011-06-13 13:35:38.768854600 -0400
-+++ policycoreutils-2.0.86/gui/fcontextPage.py 2011-06-13 13:35:38.768854600 -0400
+diff -up policycoreutils-2.1.5/gui/fcontextPage.py.gui policycoreutils-2.1.5/gui/fcontextPage.py
+--- policycoreutils-2.1.5/gui/fcontextPage.py.gui 2011-09-07 16:58:08.230268533 -0400
++++ policycoreutils-2.1.5/gui/fcontextPage.py 2011-09-07 16:58:08.231268533 -0400
@@ -0,0 +1,223 @@
+## fcontextPage.py - show selinux mappings
+## Copyright (C) 2006 Red Hat, Inc.
@@ -634,9 +634,9 @@ diff -up policycoreutils-2.0.86/gui/fcontextPage.py.gui policycoreutils-2.0.86/g
+ self.store.set_value(iter, SPEC_COL, fspec)
+ self.store.set_value(iter, FTYPE_COL, ftype)
+ self.store.set_value(iter, TYPE_COL, "%s:%s" % (type, mls))
-diff -up policycoreutils-2.0.86/gui/html_util.py.gui policycoreutils-2.0.86/gui/html_util.py
---- policycoreutils-2.0.86/gui/html_util.py.gui 2011-06-13 13:35:38.768854600 -0400
-+++ policycoreutils-2.0.86/gui/html_util.py 2011-06-13 13:35:38.769854608 -0400
+diff -up policycoreutils-2.1.5/gui/html_util.py.gui policycoreutils-2.1.5/gui/html_util.py
+--- policycoreutils-2.1.5/gui/html_util.py.gui 2011-09-07 16:58:08.231268533 -0400
++++ policycoreutils-2.1.5/gui/html_util.py 2011-09-07 16:58:08.231268533 -0400
@@ -0,0 +1,164 @@
+# Authors: John Dennis <jdennis at redhat.com>
+#
@@ -802,9 +802,9 @@ diff -up policycoreutils-2.0.86/gui/html_util.py.gui policycoreutils-2.0.86/gui/
+ doc += tail
+ return doc
+
-diff -up policycoreutils-2.0.86/gui/lockdown.glade.gui policycoreutils-2.0.86/gui/lockdown.glade
---- policycoreutils-2.0.86/gui/lockdown.glade.gui 2011-06-13 13:35:38.770854616 -0400
-+++ policycoreutils-2.0.86/gui/lockdown.glade 2011-06-13 13:35:38.770854616 -0400
+diff -up policycoreutils-2.1.5/gui/lockdown.glade.gui policycoreutils-2.1.5/gui/lockdown.glade
+--- policycoreutils-2.1.5/gui/lockdown.glade.gui 2011-09-07 16:58:08.232268533 -0400
++++ policycoreutils-2.1.5/gui/lockdown.glade 2011-09-07 16:58:08.232268533 -0400
@@ -0,0 +1,771 @@
+<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*-->
+<!DOCTYPE glade-interface SYSTEM "http://glade.gnome.org/glade-2.0.dtd">
@@ -1577,9 +1577,9 @@ diff -up policycoreutils-2.0.86/gui/lockdown.glade.gui policycoreutils-2.0.86/gu
+</widget>
+
+</glade-interface>
-diff -up policycoreutils-2.0.86/gui/lockdown.gladep.gui policycoreutils-2.0.86/gui/lockdown.gladep
---- policycoreutils-2.0.86/gui/lockdown.gladep.gui 2011-06-13 13:35:38.770854616 -0400
-+++ policycoreutils-2.0.86/gui/lockdown.gladep 2011-06-13 13:35:38.771854624 -0400
+diff -up policycoreutils-2.1.5/gui/lockdown.gladep.gui policycoreutils-2.1.5/gui/lockdown.gladep
+--- policycoreutils-2.1.5/gui/lockdown.gladep.gui 2011-09-07 16:58:08.233268533 -0400
++++ policycoreutils-2.1.5/gui/lockdown.gladep 2011-09-07 16:58:08.233268533 -0400
@@ -0,0 +1,7 @@
+<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*-->
+<!DOCTYPE glade-project SYSTEM "http://glade.gnome.org/glade-project-2.0.dtd">
@@ -1588,11 +1588,11 @@ diff -up policycoreutils-2.0.86/gui/lockdown.gladep.gui policycoreutils-2.0.86/g
+ <name></name>
+ <program_name></program_name>
+</glade-project>
-diff -up policycoreutils-2.0.86/gui/lockdown.py.gui policycoreutils-2.0.86/gui/lockdown.py
---- policycoreutils-2.0.86/gui/lockdown.py.gui 2011-06-13 13:35:38.773854641 -0400
-+++ policycoreutils-2.0.86/gui/lockdown.py 2011-06-13 13:35:38.773854641 -0400
-@@ -0,0 +1,382 @@
-+#!/usr/bin/python -Es
+diff -up policycoreutils-2.1.5/gui/lockdown.py.gui policycoreutils-2.1.5/gui/lockdown.py
+--- policycoreutils-2.1.5/gui/lockdown.py.gui 2011-09-07 16:58:08.234268533 -0400
++++ policycoreutils-2.1.5/gui/lockdown.py 2011-09-08 09:42:14.245334273 -0400
+@@ -0,0 +1,375 @@
++#!/usr/bin/python
+#
+# lockdown.py - GUI for Booleans page in system-config-securitylevel
+#
@@ -1623,7 +1623,7 @@ diff -up policycoreutils-2.0.86/gui/lockdown.py.gui policycoreutils-2.0.86/gui/l
+import sys
+import selinux
+import seobject
-+import gtkhtml2
++import webkit
+import commands
+import tempfile
+
@@ -1714,18 +1714,14 @@ diff -up policycoreutils-2.0.86/gui/lockdown.py.gui policycoreutils-2.0.86/gui/l
+ col.set_resizable(True)
+ self.view.append_column(col)
+
-+ self.html_view, self.doc = self.create_htmlview(self.html_scrolledwindow)
++ self.html_view = self.create_htmlview(self.html_scrolledwindow)
+ self.load()
+ self.view.get_selection().select_path ((0,))
+
+ def create_htmlview(self, container):
-+ view = gtkhtml2.View()
-+ doc = gtkhtml2.Document()
-+ container.set_hadjustment(view.get_hadjustment())
-+ container.set_vadjustment(view.get_vadjustment())
-+ view.set_document(doc)
++ view = webkit.WebView()
+ container.add(view)
-+ return (view, doc)
++ return (view)
+
+ def wait(self):
+ self.window.set_cursor(self.busy_cursor)
@@ -1922,9 +1918,7 @@ diff -up policycoreutils-2.0.86/gui/lockdown.py.gui policycoreutils-2.0.86/gui/l
+ self.cat = None
+
+ self.name = store.get_value(iter, BOOLEAN)
-+ self.doc.clear()
-+ self.doc.open_stream("text/html")
-+
++
+ html = ''
+
+ self.radiobox.hide()
@@ -1956,8 +1950,7 @@ diff -up policycoreutils-2.0.86/gui/lockdown.py.gui policycoreutils-2.0.86/gui/l
+ self.default_radiobutton.set_active(True)
+ html_doc= html_document(html)
+
-+ self.doc.write_stream(html_doc)
-+ self.doc.close_stream()
++ self.html_view.load_html_string(html, "")
+
+ def stand_alone(self):
+ desktopName = _("Lockdown SELinux Booleans")
@@ -1974,9 +1967,9 @@ diff -up policycoreutils-2.0.86/gui/lockdown.py.gui policycoreutils-2.0.86/gui/l
+
+ app = booleanWindow()
+ app.stand_alone()
-diff -up policycoreutils-2.0.86/gui/loginsPage.py.gui policycoreutils-2.0.86/gui/loginsPage.py
---- policycoreutils-2.0.86/gui/loginsPage.py.gui 2011-06-13 13:35:38.775854659 -0400
-+++ policycoreutils-2.0.86/gui/loginsPage.py 2011-06-13 13:35:38.775854659 -0400
+diff -up policycoreutils-2.1.5/gui/loginsPage.py.gui policycoreutils-2.1.5/gui/loginsPage.py
+--- policycoreutils-2.1.5/gui/loginsPage.py.gui 2011-09-07 16:58:08.234268533 -0400
++++ policycoreutils-2.1.5/gui/loginsPage.py 2011-09-07 16:58:08.234268533 -0400
@@ -0,0 +1,185 @@
+## loginsPage.py - show selinux mappings
+## Copyright (C) 2006 Red Hat, Inc.
@@ -2163,9 +2156,9 @@ diff -up policycoreutils-2.0.86/gui/loginsPage.py.gui policycoreutils-2.0.86/gui
+ self.store.set_value(iter, 1, seuser)
+ self.store.set_value(iter, 2, seobject.translate(serange))
+
-diff -up policycoreutils-2.0.86/gui/Makefile.gui policycoreutils-2.0.86/gui/Makefile
---- policycoreutils-2.0.86/gui/Makefile.gui 2011-06-13 13:35:38.776854668 -0400
-+++ policycoreutils-2.0.86/gui/Makefile 2011-06-13 13:35:38.776854668 -0400
+diff -up policycoreutils-2.1.5/gui/Makefile.gui policycoreutils-2.1.5/gui/Makefile
+--- policycoreutils-2.1.5/gui/Makefile.gui 2011-09-07 16:58:08.235268532 -0400
++++ policycoreutils-2.1.5/gui/Makefile 2011-09-08 09:43:07.615249107 -0400
@@ -0,0 +1,40 @@
+# Installation directories.
+PREFIX ?= ${DESTDIR}/usr
@@ -2207,9 +2200,9 @@ diff -up policycoreutils-2.0.86/gui/Makefile.gui policycoreutils-2.0.86/gui/Make
+indent:
+
+relabel:
-diff -up policycoreutils-2.0.86/gui/mappingsPage.py.gui policycoreutils-2.0.86/gui/mappingsPage.py
---- policycoreutils-2.0.86/gui/mappingsPage.py.gui 2011-06-13 13:35:38.776854668 -0400
-+++ policycoreutils-2.0.86/gui/mappingsPage.py 2011-06-13 13:35:38.777854677 -0400
+diff -up policycoreutils-2.1.5/gui/mappingsPage.py.gui policycoreutils-2.1.5/gui/mappingsPage.py
+--- policycoreutils-2.1.5/gui/mappingsPage.py.gui 2011-09-07 16:58:08.235268532 -0400
++++ policycoreutils-2.1.5/gui/mappingsPage.py 2011-09-07 16:58:08.236268531 -0400
@@ -0,0 +1,56 @@
+## mappingsPage.py - show selinux mappings
+## Copyright (C) 2006 Red Hat, Inc.
@@ -2267,9 +2260,9 @@ diff -up policycoreutils-2.0.86/gui/mappingsPage.py.gui policycoreutils-2.0.86/g
+ for k in keys:
+ print "%-25s %-25s %-25s" % (k, dict[k][0], translate(dict[k][1]))
+
-diff -up policycoreutils-2.0.86/gui/modulesPage.py.gui policycoreutils-2.0.86/gui/modulesPage.py
---- policycoreutils-2.0.86/gui/modulesPage.py.gui 2011-06-13 13:35:38.778854686 -0400
-+++ policycoreutils-2.0.86/gui/modulesPage.py 2011-06-13 13:35:38.778854686 -0400
+diff -up policycoreutils-2.1.5/gui/modulesPage.py.gui policycoreutils-2.1.5/gui/modulesPage.py
+--- policycoreutils-2.1.5/gui/modulesPage.py.gui 2011-09-07 16:58:08.236268531 -0400
++++ policycoreutils-2.1.5/gui/modulesPage.py 2011-09-07 16:58:08.236268531 -0400
@@ -0,0 +1,190 @@
+## modulesPage.py - show selinux mappings
+## Copyright (C) 2006-2009 Red Hat, Inc.
@@ -2461,9 +2454,9 @@ diff -up policycoreutils-2.0.86/gui/modulesPage.py.gui policycoreutils-2.0.86/gu
+
+ except ValueError, e:
+ self.error(e.args[0])
-diff -up policycoreutils-2.0.86/gui/polgen.glade.gui policycoreutils-2.0.86/gui/polgen.glade
---- policycoreutils-2.0.86/gui/polgen.glade.gui 2011-06-13 13:35:38.782854720 -0400
-+++ policycoreutils-2.0.86/gui/polgen.glade 2011-06-13 13:35:38.783854728 -0400
+diff -up policycoreutils-2.1.5/gui/polgen.glade.gui policycoreutils-2.1.5/gui/polgen.glade
+--- policycoreutils-2.1.5/gui/polgen.glade.gui 2011-09-07 16:58:08.239268531 -0400
++++ policycoreutils-2.1.5/gui/polgen.glade 2011-09-07 16:58:08.240268531 -0400
@@ -0,0 +1,3432 @@
+<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*-->
+<!DOCTYPE glade-interface SYSTEM "http://glade.gnome.org/glade-2.0.dtd">
@@ -5897,9 +5890,9 @@ diff -up policycoreutils-2.0.86/gui/polgen.glade.gui policycoreutils-2.0.86/gui/
+</widget>
+
+</glade-interface>
-diff -up policycoreutils-2.0.86/gui/polgen.gladep.gui policycoreutils-2.0.86/gui/polgen.gladep
---- policycoreutils-2.0.86/gui/polgen.gladep.gui 2011-06-13 13:35:38.784854736 -0400
-+++ policycoreutils-2.0.86/gui/polgen.gladep 2011-06-13 13:35:38.784854736 -0400
+diff -up policycoreutils-2.1.5/gui/polgen.gladep.gui policycoreutils-2.1.5/gui/polgen.gladep
+--- policycoreutils-2.1.5/gui/polgen.gladep.gui 2011-09-07 16:58:08.241268531 -0400
++++ policycoreutils-2.1.5/gui/polgen.gladep 2011-09-07 16:58:08.241268531 -0400
@@ -0,0 +1,7 @@
+<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*-->
+<!DOCTYPE glade-project SYSTEM "http://glade.gnome.org/glade-project-2.0.dtd">
@@ -5908,9 +5901,9 @@ diff -up policycoreutils-2.0.86/gui/polgen.gladep.gui policycoreutils-2.0.86/gui
+ <name></name>
+ <program_name></program_name>
+</glade-project>
-diff -up policycoreutils-2.0.86/gui/polgengui.py.gui policycoreutils-2.0.86/gui/polgengui.py
---- policycoreutils-2.0.86/gui/polgengui.py.gui 2011-06-13 13:35:38.786854754 -0400
-+++ policycoreutils-2.0.86/gui/polgengui.py 2011-06-13 13:35:38.786854754 -0400
+diff -up policycoreutils-2.1.5/gui/polgengui.py.gui policycoreutils-2.1.5/gui/polgengui.py
+--- policycoreutils-2.1.5/gui/polgengui.py.gui 2011-09-07 16:58:08.242268530 -0400
++++ policycoreutils-2.1.5/gui/polgengui.py 2011-09-07 16:58:08.242268530 -0400
@@ -0,0 +1,750 @@
+#!/usr/bin/python -Es
+#
@@ -6662,9 +6655,9 @@ diff -up policycoreutils-2.0.86/gui/polgengui.py.gui policycoreutils-2.0.86/gui/
+
+ app = childWindow()
+ app.stand_alone()
-diff -up policycoreutils-2.0.86/gui/polgen.py.gui policycoreutils-2.0.86/gui/polgen.py
---- policycoreutils-2.0.86/gui/polgen.py.gui 2011-06-13 13:35:38.789854781 -0400
-+++ policycoreutils-2.0.86/gui/polgen.py 2011-07-26 10:08:47.330188867 -0400
+diff -up policycoreutils-2.1.5/gui/polgen.py.gui policycoreutils-2.1.5/gui/polgen.py
+--- policycoreutils-2.1.5/gui/polgen.py.gui 2011-09-07 16:58:08.243268529 -0400
++++ policycoreutils-2.1.5/gui/polgen.py 2011-09-07 16:58:08.244268529 -0400
@@ -0,0 +1,1346 @@
+#!/usr/bin/python -Es
+#
@@ -8012,9 +8005,9 @@ diff -up policycoreutils-2.0.86/gui/polgen.py.gui policycoreutils-2.0.86/gui/pol
+ sys.exit(0)
+ except ValueError, e:
+ usage(e)
-diff -up policycoreutils-2.0.86/gui/portsPage.py.gui policycoreutils-2.0.86/gui/portsPage.py
---- policycoreutils-2.0.86/gui/portsPage.py.gui 2011-06-13 13:35:38.790854790 -0400
-+++ policycoreutils-2.0.86/gui/portsPage.py 2011-06-13 13:35:38.791854799 -0400
+diff -up policycoreutils-2.1.5/gui/portsPage.py.gui policycoreutils-2.1.5/gui/portsPage.py
+--- policycoreutils-2.1.5/gui/portsPage.py.gui 2011-09-07 16:58:08.244268529 -0400
++++ policycoreutils-2.1.5/gui/portsPage.py 2011-09-07 16:58:08.244268529 -0400
@@ -0,0 +1,259 @@
+## portsPage.py - show selinux mappings
+## Copyright (C) 2006 Red Hat, Inc.
@@ -8275,9 +8268,9 @@ diff -up policycoreutils-2.0.86/gui/portsPage.py.gui policycoreutils-2.0.86/gui/
+
+ return True
+
-diff -up policycoreutils-2.0.86/gui/selinux.tbl.gui policycoreutils-2.0.86/gui/selinux.tbl
---- policycoreutils-2.0.86/gui/selinux.tbl.gui 2011-06-13 13:35:38.792854808 -0400
-+++ policycoreutils-2.0.86/gui/selinux.tbl 2011-06-13 13:35:38.793854816 -0400
+diff -up policycoreutils-2.1.5/gui/selinux.tbl.gui policycoreutils-2.1.5/gui/selinux.tbl
+--- policycoreutils-2.1.5/gui/selinux.tbl.gui 2011-09-07 16:58:08.245268529 -0400
++++ policycoreutils-2.1.5/gui/selinux.tbl 2011-09-07 16:58:08.246268529 -0400
@@ -0,0 +1,234 @@
+acct_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for acct daemon")
+allow_daemons_dump_core _("Admin") _("Allow all daemons to write corefiles to /")
@@ -8513,9 +8506,9 @@ diff -up policycoreutils-2.0.86/gui/selinux.tbl.gui policycoreutils-2.0.86/gui/s
+webadm_manage_user_files _("HTTPD Service") _("Allow SELinux webadm user to manage unprivileged users home directories")
+webadm_read_user_files _("HTTPD Service") _("Allow SELinux webadm user to read unprivileged users home directories")
+
-diff -up policycoreutils-2.0.86/gui/semanagePage.py.gui policycoreutils-2.0.86/gui/semanagePage.py
---- policycoreutils-2.0.86/gui/semanagePage.py.gui 2011-06-13 13:35:38.794854824 -0400
-+++ policycoreutils-2.0.86/gui/semanagePage.py 2011-06-13 13:35:38.794854824 -0400
+diff -up policycoreutils-2.1.5/gui/semanagePage.py.gui policycoreutils-2.1.5/gui/semanagePage.py
+--- policycoreutils-2.1.5/gui/semanagePage.py.gui 2011-09-07 16:58:08.246268529 -0400
++++ policycoreutils-2.1.5/gui/semanagePage.py 2011-09-07 16:58:08.246268529 -0400
@@ -0,0 +1,168 @@
+## semanagePage.py - show selinux mappings
+## Copyright (C) 2006 Red Hat, Inc.
@@ -8685,9 +8678,9 @@ diff -up policycoreutils-2.0.86/gui/semanagePage.py.gui policycoreutils-2.0.86/g
+ self.load(self.filter)
+ return True
+
-diff -up policycoreutils-2.0.86/gui/statusPage.py.gui policycoreutils-2.0.86/gui/statusPage.py
---- policycoreutils-2.0.86/gui/statusPage.py.gui 2011-06-13 13:35:38.795854832 -0400
-+++ policycoreutils-2.0.86/gui/statusPage.py 2011-06-13 13:35:38.795854832 -0400
+diff -up policycoreutils-2.1.5/gui/statusPage.py.gui policycoreutils-2.1.5/gui/statusPage.py
+--- policycoreutils-2.1.5/gui/statusPage.py.gui 2011-09-07 16:58:08.247268528 -0400
++++ policycoreutils-2.1.5/gui/statusPage.py 2011-09-07 16:58:08.247268528 -0400
@@ -0,0 +1,190 @@
+# statusPage.py - show selinux status
+## Copyright (C) 2006-2009 Red Hat, Inc.
@@ -8879,9 +8872,9 @@ diff -up policycoreutils-2.0.86/gui/statusPage.py.gui policycoreutils-2.0.86/gui
+ return self.types[self.selinuxTypeOptionMenu.get_active()]
+
+
-diff -up policycoreutils-2.0.86/gui/system-config-selinux.glade.gui policycoreutils-2.0.86/gui/system-config-selinux.glade
---- policycoreutils-2.0.86/gui/system-config-selinux.glade.gui 2011-06-13 13:35:38.799854868 -0400
-+++ policycoreutils-2.0.86/gui/system-config-selinux.glade 2011-06-13 13:35:38.800854877 -0400
+diff -up policycoreutils-2.1.5/gui/system-config-selinux.glade.gui policycoreutils-2.1.5/gui/system-config-selinux.glade
+--- policycoreutils-2.1.5/gui/system-config-selinux.glade.gui 2011-09-07 16:58:08.249268527 -0400
++++ policycoreutils-2.1.5/gui/system-config-selinux.glade 2011-09-08 09:44:04.498161457 -0400
@@ -0,0 +1,3024 @@
+<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*-->
+<!DOCTYPE glade-interface SYSTEM "http://glade.gnome.org/glade-2.0.dtd">
@@ -11907,9 +11900,9 @@ diff -up policycoreutils-2.0.86/gui/system-config-selinux.glade.gui policycoreut
+</widget>
+
+</glade-interface>
-diff -up policycoreutils-2.0.86/gui/system-config-selinux.gladep.gui policycoreutils-2.0.86/gui/system-config-selinux.gladep
---- policycoreutils-2.0.86/gui/system-config-selinux.gladep.gui 2011-06-13 13:35:38.801854886 -0400
-+++ policycoreutils-2.0.86/gui/system-config-selinux.gladep 2011-06-13 13:35:38.801854886 -0400
+diff -up policycoreutils-2.1.5/gui/system-config-selinux.gladep.gui policycoreutils-2.1.5/gui/system-config-selinux.gladep
+--- policycoreutils-2.1.5/gui/system-config-selinux.gladep.gui 2011-09-07 16:58:08.250268527 -0400
++++ policycoreutils-2.1.5/gui/system-config-selinux.gladep 2011-09-07 16:58:08.250268527 -0400
@@ -0,0 +1,7 @@
+<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*-->
+<!DOCTYPE glade-project SYSTEM "http://glade.gnome.org/glade-project-2.0.dtd">
@@ -11918,9 +11911,9 @@ diff -up policycoreutils-2.0.86/gui/system-config-selinux.gladep.gui policycoreu
+ <name></name>
+ <program_name></program_name>
+</glade-project>
-diff -up policycoreutils-2.0.86/gui/system-config-selinux.py.gui policycoreutils-2.0.86/gui/system-config-selinux.py
---- policycoreutils-2.0.86/gui/system-config-selinux.py.gui 2011-06-13 13:35:38.802854894 -0400
-+++ policycoreutils-2.0.86/gui/system-config-selinux.py 2011-06-13 13:35:38.802854894 -0400
+diff -up policycoreutils-2.1.5/gui/system-config-selinux.py.gui policycoreutils-2.1.5/gui/system-config-selinux.py
+--- policycoreutils-2.1.5/gui/system-config-selinux.py.gui 2011-09-07 16:58:08.251268527 -0400
++++ policycoreutils-2.1.5/gui/system-config-selinux.py 2011-09-07 16:58:08.251268527 -0400
@@ -0,0 +1,187 @@
+#!/usr/bin/python -Es
+#
@@ -12109,9 +12102,9 @@ diff -up policycoreutils-2.0.86/gui/system-config-selinux.py.gui policycoreutils
+
+ app = childWindow()
+ app.stand_alone()
-diff -up policycoreutils-2.0.86/gui/templates/boolean.py.gui policycoreutils-2.0.86/gui/templates/boolean.py
---- policycoreutils-2.0.86/gui/templates/boolean.py.gui 2011-06-13 13:35:38.804854910 -0400
-+++ policycoreutils-2.0.86/gui/templates/boolean.py 2011-06-13 13:35:38.804854910 -0400
+diff -up policycoreutils-2.1.5/gui/templates/boolean.py.gui policycoreutils-2.1.5/gui/templates/boolean.py
+--- policycoreutils-2.1.5/gui/templates/boolean.py.gui 2011-09-07 16:58:08.252268527 -0400
++++ policycoreutils-2.1.5/gui/templates/boolean.py 2011-09-07 16:58:08.252268527 -0400
@@ -0,0 +1,40 @@
+# Copyright (C) 2007-2011 Red Hat
+# see file 'COPYING' for use and warranty information
@@ -12153,9 +12146,9 @@ diff -up policycoreutils-2.0.86/gui/templates/boolean.py.gui policycoreutils-2.0
+')
+"""
+
-diff -up policycoreutils-2.0.86/gui/templates/etc_rw.py.gui policycoreutils-2.0.86/gui/templates/etc_rw.py
---- policycoreutils-2.0.86/gui/templates/etc_rw.py.gui 2011-06-13 13:35:38.805854919 -0400
-+++ policycoreutils-2.0.86/gui/templates/etc_rw.py 2011-06-13 13:35:38.806854928 -0400
+diff -up policycoreutils-2.1.5/gui/templates/etc_rw.py.gui policycoreutils-2.1.5/gui/templates/etc_rw.py
+--- policycoreutils-2.1.5/gui/templates/etc_rw.py.gui 2011-09-07 16:58:08.252268527 -0400
++++ policycoreutils-2.1.5/gui/templates/etc_rw.py 2011-09-07 16:58:08.252268527 -0400
@@ -0,0 +1,112 @@
+# Copyright (C) 2007-2011 Red Hat
+# see file 'COPYING' for use and warranty information
@@ -12269,9 +12262,9 @@ diff -up policycoreutils-2.0.86/gui/templates/etc_rw.py.gui policycoreutils-2.0.
+fc_dir="""\
+FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_etc_rw_t,s0)
+"""
-diff -up policycoreutils-2.0.86/gui/templates/executable.py.gui policycoreutils-2.0.86/gui/templates/executable.py
---- policycoreutils-2.0.86/gui/templates/executable.py.gui 2011-06-13 13:35:38.807854937 -0400
-+++ policycoreutils-2.0.86/gui/templates/executable.py 2011-06-13 13:35:38.807854937 -0400
+diff -up policycoreutils-2.1.5/gui/templates/executable.py.gui policycoreutils-2.1.5/gui/templates/executable.py
+--- policycoreutils-2.1.5/gui/templates/executable.py.gui 2011-09-07 16:58:08.253268527 -0400
++++ policycoreutils-2.1.5/gui/templates/executable.py 2011-09-07 16:58:08.253268527 -0400
@@ -0,0 +1,451 @@
+# Copyright (C) 2007-2011 Red Hat
+# see file 'COPYING' for use and warranty information
@@ -12724,9 +12717,9 @@ diff -up policycoreutils-2.0.86/gui/templates/executable.py.gui policycoreutils-
+
+EXECUTABLE -- gen_context(system_u:object_r:TEMPLATETYPE_initrc_exec_t,s0)
+"""
-diff -up policycoreutils-2.0.86/gui/templates/__init__.py.gui policycoreutils-2.0.86/gui/templates/__init__.py
---- policycoreutils-2.0.86/gui/templates/__init__.py.gui 2011-06-13 13:35:38.808854946 -0400
-+++ policycoreutils-2.0.86/gui/templates/__init__.py 2011-06-13 13:35:38.808854946 -0400
+diff -up policycoreutils-2.1.5/gui/templates/__init__.py.gui policycoreutils-2.1.5/gui/templates/__init__.py
+--- policycoreutils-2.1.5/gui/templates/__init__.py.gui 2011-09-07 16:58:08.254268527 -0400
++++ policycoreutils-2.1.5/gui/templates/__init__.py 2011-09-07 16:58:08.254268527 -0400
@@ -0,0 +1,18 @@
+#
+# Copyright (C) 2007-2011 Red Hat
@@ -12746,9 +12739,9 @@ diff -up policycoreutils-2.0.86/gui/templates/__init__.py.gui policycoreutils-2.
+# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+#
+
-diff -up policycoreutils-2.0.86/gui/templates/network.py.gui policycoreutils-2.0.86/gui/templates/network.py
---- policycoreutils-2.0.86/gui/templates/network.py.gui 2011-06-13 13:35:38.809854955 -0400
-+++ policycoreutils-2.0.86/gui/templates/network.py 2011-06-13 13:35:38.810854964 -0400
+diff -up policycoreutils-2.1.5/gui/templates/network.py.gui policycoreutils-2.1.5/gui/templates/network.py
+--- policycoreutils-2.1.5/gui/templates/network.py.gui 2011-09-07 16:58:08.254268527 -0400
++++ policycoreutils-2.1.5/gui/templates/network.py 2011-09-07 16:58:08.255268527 -0400
@@ -0,0 +1,102 @@
+# Copyright (C) 2007-2011 Red Hat
+# see file 'COPYING' for use and warranty information
@@ -12852,9 +12845,9 @@ diff -up policycoreutils-2.0.86/gui/templates/network.py.gui policycoreutils-2.0
+corenet_udp_bind_all_unreserved_ports(TEMPLATETYPE_t)
+"""
+
-diff -up policycoreutils-2.0.86/gui/templates/rw.py.gui policycoreutils-2.0.86/gui/templates/rw.py
---- policycoreutils-2.0.86/gui/templates/rw.py.gui 2011-06-13 13:35:38.811854972 -0400
-+++ policycoreutils-2.0.86/gui/templates/rw.py 2011-06-13 13:35:38.811854972 -0400
+diff -up policycoreutils-2.1.5/gui/templates/rw.py.gui policycoreutils-2.1.5/gui/templates/rw.py
+--- policycoreutils-2.1.5/gui/templates/rw.py.gui 2011-09-07 16:58:08.255268527 -0400
++++ policycoreutils-2.1.5/gui/templates/rw.py 2011-09-07 16:58:08.255268527 -0400
@@ -0,0 +1,129 @@
+# Copyright (C) 2007-2011 Red Hat
+# see file 'COPYING' for use and warranty information
@@ -12985,9 +12978,9 @@ diff -up policycoreutils-2.0.86/gui/templates/rw.py.gui policycoreutils-2.0.86/g
+fc_dir="""
+FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_rw_t,s0)
+"""
-diff -up policycoreutils-2.0.86/gui/templates/script.py.gui policycoreutils-2.0.86/gui/templates/script.py
---- policycoreutils-2.0.86/gui/templates/script.py.gui 2011-06-13 13:35:38.812854980 -0400
-+++ policycoreutils-2.0.86/gui/templates/script.py 2011-06-13 13:35:38.813854988 -0400
+diff -up policycoreutils-2.1.5/gui/templates/script.py.gui policycoreutils-2.1.5/gui/templates/script.py
+--- policycoreutils-2.1.5/gui/templates/script.py.gui 2011-09-07 16:58:08.256268527 -0400
++++ policycoreutils-2.1.5/gui/templates/script.py 2011-09-07 16:58:08.256268527 -0400
@@ -0,0 +1,126 @@
+# Copyright (C) 2007-2011 Red Hat
+# see file 'COPYING' for use and warranty information
@@ -13115,9 +13108,9 @@ diff -up policycoreutils-2.0.86/gui/templates/script.py.gui policycoreutils-2.0.
+_EOF
+fi
+"""
-diff -up policycoreutils-2.0.86/gui/templates/semodule.py.gui policycoreutils-2.0.86/gui/templates/semodule.py
---- policycoreutils-2.0.86/gui/templates/semodule.py.gui 2011-06-13 13:35:38.814854997 -0400
-+++ policycoreutils-2.0.86/gui/templates/semodule.py 2011-06-13 13:35:38.814854997 -0400
+diff -up policycoreutils-2.1.5/gui/templates/semodule.py.gui policycoreutils-2.1.5/gui/templates/semodule.py
+--- policycoreutils-2.1.5/gui/templates/semodule.py.gui 2011-09-07 16:58:08.256268527 -0400
++++ policycoreutils-2.1.5/gui/templates/semodule.py 2011-09-07 16:58:08.256268527 -0400
@@ -0,0 +1,41 @@
+# Copyright (C) 2007-2011 Red Hat
+# see file 'COPYING' for use and warranty information
@@ -13160,9 +13153,9 @@ diff -up policycoreutils-2.0.86/gui/templates/semodule.py.gui policycoreutils-2.
+semanage ports -a -t TEMPLATETYPE_port_t -p udp PORTNUM
+"""
+
-diff -up policycoreutils-2.0.86/gui/templates/tmp.py.gui policycoreutils-2.0.86/gui/templates/tmp.py
---- policycoreutils-2.0.86/gui/templates/tmp.py.gui 2011-06-13 13:35:38.815855006 -0400
-+++ policycoreutils-2.0.86/gui/templates/tmp.py 2011-06-13 13:35:38.815855006 -0400
+diff -up policycoreutils-2.1.5/gui/templates/tmp.py.gui policycoreutils-2.1.5/gui/templates/tmp.py
+--- policycoreutils-2.1.5/gui/templates/tmp.py.gui 2011-09-07 16:58:08.257268526 -0400
++++ policycoreutils-2.1.5/gui/templates/tmp.py 2011-09-07 16:58:08.257268526 -0400
@@ -0,0 +1,102 @@
+# Copyright (C) 2007-2011 Red Hat
+# see file 'COPYING' for use and warranty information
@@ -13266,9 +13259,9 @@ diff -up policycoreutils-2.0.86/gui/templates/tmp.py.gui policycoreutils-2.0.86/
+ files_search_tmp($1)
+ admin_pattern($1, TEMPLATETYPE_tmp_t)
+"""
-diff -up policycoreutils-2.0.86/gui/templates/user.py.gui policycoreutils-2.0.86/gui/templates/user.py
---- policycoreutils-2.0.86/gui/templates/user.py.gui 2011-06-13 13:35:38.816855015 -0400
-+++ policycoreutils-2.0.86/gui/templates/user.py 2011-06-13 13:35:38.817855024 -0400
+diff -up policycoreutils-2.1.5/gui/templates/user.py.gui policycoreutils-2.1.5/gui/templates/user.py
+--- policycoreutils-2.1.5/gui/templates/user.py.gui 2011-09-07 16:58:08.257268526 -0400
++++ policycoreutils-2.1.5/gui/templates/user.py 2011-09-07 16:58:08.257268526 -0400
@@ -0,0 +1,204 @@
+# Copyright (C) 2007-2011 Red Hat
+# see file 'COPYING' for use and warranty information
@@ -13474,9 +13467,9 @@ diff -up policycoreutils-2.0.86/gui/templates/user.py.gui policycoreutils-2.0.86
+te_newrole_rules="""
+seutil_run_newrole(TEMPLATETYPE_t, TEMPLATETYPE_r)
+"""
-diff -up policycoreutils-2.0.86/gui/templates/var_cache.py.gui policycoreutils-2.0.86/gui/templates/var_cache.py
---- policycoreutils-2.0.86/gui/templates/var_cache.py.gui 2011-06-13 13:35:38.818855033 -0400
-+++ policycoreutils-2.0.86/gui/templates/var_cache.py 2011-06-13 13:35:38.818855033 -0400
+diff -up policycoreutils-2.1.5/gui/templates/var_cache.py.gui policycoreutils-2.1.5/gui/templates/var_cache.py
+--- policycoreutils-2.1.5/gui/templates/var_cache.py.gui 2011-09-07 16:58:08.258268525 -0400
++++ policycoreutils-2.1.5/gui/templates/var_cache.py 2011-09-07 16:58:08.258268525 -0400
@@ -0,0 +1,132 @@
+# Copyright (C) 2007-2011 Red Hat
+# see file 'COPYING' for use and warranty information
@@ -13610,9 +13603,9 @@ diff -up policycoreutils-2.0.86/gui/templates/var_cache.py.gui policycoreutils-2
+fc_dir="""\
+FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_cache_t,s0)
+"""
-diff -up policycoreutils-2.0.86/gui/templates/var_lib.py.gui policycoreutils-2.0.86/gui/templates/var_lib.py
---- policycoreutils-2.0.86/gui/templates/var_lib.py.gui 2011-06-13 13:35:38.819855042 -0400
-+++ policycoreutils-2.0.86/gui/templates/var_lib.py 2011-06-13 13:35:38.819855042 -0400
+diff -up policycoreutils-2.1.5/gui/templates/var_lib.py.gui policycoreutils-2.1.5/gui/templates/var_lib.py
+--- policycoreutils-2.1.5/gui/templates/var_lib.py.gui 2011-09-07 16:58:08.258268525 -0400
++++ policycoreutils-2.1.5/gui/templates/var_lib.py 2011-09-07 16:58:08.259268525 -0400
@@ -0,0 +1,160 @@
+# Copyright (C) 2007-2011 Red Hat
+# see file 'COPYING' for use and warranty information
@@ -13774,9 +13767,9 @@ diff -up policycoreutils-2.0.86/gui/templates/var_lib.py.gui policycoreutils-2.0
+fc_dir="""\
+FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_var_lib_t,s0)
+"""
-diff -up policycoreutils-2.0.86/gui/templates/var_log.py.gui policycoreutils-2.0.86/gui/templates/var_log.py
---- policycoreutils-2.0.86/gui/templates/var_log.py.gui 2011-06-13 13:35:38.821855059 -0400
-+++ policycoreutils-2.0.86/gui/templates/var_log.py 2011-06-13 13:35:38.821855059 -0400
+diff -up policycoreutils-2.1.5/gui/templates/var_log.py.gui policycoreutils-2.1.5/gui/templates/var_log.py
+--- policycoreutils-2.1.5/gui/templates/var_log.py.gui 2011-09-07 16:58:08.259268525 -0400
++++ policycoreutils-2.1.5/gui/templates/var_log.py 2011-09-07 16:58:08.259268525 -0400
@@ -0,0 +1,114 @@
+# Copyright (C) 2007-2011 Red Hat
+# see file 'COPYING' for use and warranty information
@@ -13892,9 +13885,9 @@ diff -up policycoreutils-2.0.86/gui/templates/var_log.py.gui policycoreutils-2.0
+fc_dir="""\
+FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_log_t,s0)
+"""
-diff -up policycoreutils-2.0.86/gui/templates/var_run.py.gui policycoreutils-2.0.86/gui/templates/var_run.py
---- policycoreutils-2.0.86/gui/templates/var_run.py.gui 2011-06-13 13:35:38.822855067 -0400
-+++ policycoreutils-2.0.86/gui/templates/var_run.py 2011-06-13 13:35:38.822855067 -0400
+diff -up policycoreutils-2.1.5/gui/templates/var_run.py.gui policycoreutils-2.1.5/gui/templates/var_run.py
+--- policycoreutils-2.1.5/gui/templates/var_run.py.gui 2011-09-07 16:58:08.260268525 -0400
++++ policycoreutils-2.1.5/gui/templates/var_run.py 2011-09-07 16:58:08.260268525 -0400
@@ -0,0 +1,101 @@
+# Copyright (C) 2007-2011 Red Hat
+# see file 'COPYING' for use and warranty information
@@ -13997,9 +13990,9 @@ diff -up policycoreutils-2.0.86/gui/templates/var_run.py.gui policycoreutils-2.0
+fc_dir="""\
+FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_var_run_t,s0)
+"""
-diff -up policycoreutils-2.0.86/gui/templates/var_spool.py.gui policycoreutils-2.0.86/gui/templates/var_spool.py
---- policycoreutils-2.0.86/gui/templates/var_spool.py.gui 2011-06-13 13:35:38.823855075 -0400
-+++ policycoreutils-2.0.86/gui/templates/var_spool.py 2011-06-13 13:35:38.824855083 -0400
+diff -up policycoreutils-2.1.5/gui/templates/var_spool.py.gui policycoreutils-2.1.5/gui/templates/var_spool.py
+--- policycoreutils-2.1.5/gui/templates/var_spool.py.gui 2011-09-07 16:58:08.261268525 -0400
++++ policycoreutils-2.1.5/gui/templates/var_spool.py 2011-09-07 16:58:08.261268525 -0400
@@ -0,0 +1,131 @@
+# Copyright (C) 2007-2011 Red Hat
+# see file 'COPYING' for use and warranty information
@@ -14132,9 +14125,9 @@ diff -up policycoreutils-2.0.86/gui/templates/var_spool.py.gui policycoreutils-2
+fc_dir="""\
+FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_spool_t,s0)
+"""
-diff -up policycoreutils-2.0.86/gui/usersPage.py.gui policycoreutils-2.0.86/gui/usersPage.py
---- policycoreutils-2.0.86/gui/usersPage.py.gui 2011-06-13 13:35:38.825855092 -0400
-+++ policycoreutils-2.0.86/gui/usersPage.py 2011-06-13 13:35:38.825855092 -0400
+diff -up policycoreutils-2.1.5/gui/usersPage.py.gui policycoreutils-2.1.5/gui/usersPage.py
+--- policycoreutils-2.1.5/gui/usersPage.py.gui 2011-09-07 16:58:08.261268525 -0400
++++ policycoreutils-2.1.5/gui/usersPage.py 2011-09-07 16:58:08.261268525 -0400
@@ -0,0 +1,150 @@
+## usersPage.py - show selinux mappings
+## Copyright (C) 2006,2007,2008 Red Hat, Inc.
diff --git a/policycoreutils.spec b/policycoreutils.spec
index c43f199..f2e272a 100644
--- a/policycoreutils.spec
+++ b/policycoreutils.spec
@@ -7,7 +7,7 @@
Summary: SELinux policy core utilities
Name: policycoreutils
Version: 2.1.4
-Release: 2%{?dist}
+Release: 3%{?dist}
License: GPLv2
Group: System Environment/Base
# Based on git repository with tag 20101221
@@ -27,6 +27,7 @@ Source10: restorecond.service
Patch1: policycoreutils-po.patch
Patch3: policycoreutils-gui.patch
Patch4: policycoreutils-sepolgen.patch
+Patch5: policycoreutils-f17.patch
Obsoletes: policycoreutils < 2.0.61-2
%global python_sitelib %(%{__python} -c "from distutils.sysconfig import get_python_lib; print get_python_lib(1)")
@@ -67,6 +68,7 @@ context.
%patch1 -p1 -b .rhatpo
%patch3 -p1 -b .gui
%patch4 -p1 -b .sepolgen
+%patch5 -p1 -b .f17
%build
make LSPP_PRIV=y LIBDIR="%{_libdir}" CFLAGS="%{optflags} -fPIE " LDFLAGS="-pie -Wl,-z,relro" all
@@ -352,6 +354,9 @@ fi
/bin/systemctl try-restart restorecond.service >/dev/null 2>&1 || :
%changelog
+* Tue Oct 4 2011 Dan Walsh <dwalsh at redhat.com> - 2.1.4-3
+- Backport fixes from F17
+
* Thu Aug 18 2011 Dan Walsh <dwalsh at redhat.com> - 2.1.4-2
- Fix bug in glob handling for restorecon
More information about the scm-commits
mailing list