[policycoreutils] Add back in the help png files
Daniel J Walsh
dwalsh at fedoraproject.org
Wed Sep 18 19:38:59 UTC 2013
commit 6879d6378309a35e6cee23469a8853a384b7b7f1
Author: Dan Walsh <dwalsh at redhat.com>
Date: Wed Sep 18 15:03:38 2013 -0400
Add back in the help png files
- Begin Adding support for file equivalency.
policycoreutils-rhat.patch | 1131 +++++++++++++++++++++++++++----------------
policycoreutils.spec | 18 +-
sepolicy-help.tgz | Bin 0 -> 950728 bytes
3 files changed, 725 insertions(+), 424 deletions(-)
---
diff --git a/policycoreutils-rhat.patch b/policycoreutils-rhat.patch
index 6d211c5..db7867e 100644
--- a/policycoreutils-rhat.patch
+++ b/policycoreutils-rhat.patch
@@ -513350,7 +513350,7 @@ index 378eac2..3186c86 100644
+tmp
+*.bak
diff --git a/policycoreutils/sepolicy/Makefile b/policycoreutils/sepolicy/Makefile
-index 11b534f..a17eb72 100644
+index 11b534f..61324b5 100644
--- a/policycoreutils/sepolicy/Makefile
+++ b/policycoreutils/sepolicy/Makefile
@@ -7,11 +7,11 @@ SBINDIR ?= $(PREFIX)/sbin
@@ -513368,7 +513368,7 @@ index 11b534f..a17eb72 100644
all: python-build
-@@ -22,11 +22,26 @@ clean:
+@@ -22,11 +22,27 @@ clean:
$(PYTHON) setup.py clean
-rm -rf build *~ \#* *pyc .#*
@@ -513396,6 +513396,7 @@ index 11b534f..a17eb72 100644
+ install -m 644 org.selinux.policy $(DESTDIR)/usr/share/polkit-1/actions/
+ -mkdir -p $(DESTDIR)/usr/share/system-config-selinux
+ install -m 755 selinux_server.py $(DESTDIR)/usr/share/system-config-selinux
++ install -m 644 *.desktop $(DESTDIR)/usr/share/system-config-selinux
diff --git a/policycoreutils/sepolicy/info.c b/policycoreutils/sepolicy/info.c
index 65458e6..cd1026a 100644
--- a/policycoreutils/sepolicy/info.c
@@ -514178,19 +514179,37 @@ index 0748ca9..6348287 100644
.SH "SEE ALSO"
-selinux(8), sepolicy-booleans(8), sepolicy-communicate(8), sepolicy-generate(8), sepolicy-interface(8), sepolicy-network(8), sepolicy-manpage(8), sepolicy-transition(8)
+selinux(8), sepolicy-booleans(8), sepolicy-communicate(8), sepolicy-generate(8),sepolicy-gui(8), sepolicy-interface(8), sepolicy-network(8), sepolicy-manpage(8), sepolicy-transition(8)
+diff --git a/policycoreutils/sepolicy/sepolicy.desktop b/policycoreutils/sepolicy/sepolicy.desktop
+new file mode 100644
+index 0000000..f9d0cec
+--- /dev/null
++++ b/policycoreutils/sepolicy/sepolicy.desktop
+@@ -0,0 +1,10 @@
++[Desktop Entry]
++Name=SELinux Policy Management Tool
++Comment=Generate SELinux policy modules
++Icon=system-config-selinux
++Exec=/usr/bin/sepolicy gui
++Type=Application
++Terminal=false
++Categories=System;Security;
++X-Desktop-File-Install-Version=0.2
++Keywords=policy;security;selinux;avc;permission;mac;
diff --git a/policycoreutils/sepolicy/sepolicy.py b/policycoreutils/sepolicy/sepolicy.py
-index b25d3b2..43b3666 100755
+index b25d3b2..50279e1 100755
--- a/policycoreutils/sepolicy/sepolicy.py
+++ b/policycoreutils/sepolicy/sepolicy.py
-@@ -22,6 +22,8 @@
+@@ -22,7 +22,9 @@
#
#
import os, sys
+-from sepolicy import get_os_version
+import selinux
+import sepolicy
- from sepolicy import get_os_version
++from sepolicy import get_os_version, get_conditionals, get_conditionals_format_text
import argparse
import gettext
+ PROGNAME="policycoreutils"
@@ -37,6 +39,9 @@ except IOError:
import __builtin__
__builtin__.__dict__['_'] = unicode
@@ -514259,7 +514278,7 @@ index b25d3b2..43b3666 100755
newval = getattr(namespace, self.dest)
if not newval:
newval = []
-@@ -140,102 +165,173 @@ class CheckPolicyType(argparse.Action):
+@@ -140,102 +165,181 @@ class CheckPolicyType(argparse.Action):
class CheckUser(argparse.Action):
def __call__(self, parser, namespace, value, option_string=None):
@@ -514326,13 +514345,22 @@ index b25d3b2..43b3666 100755
+ import sepolicy.network
+ portdict = sepolicy.network.get_network_connect(src, protocol, perm)
if len(portdict) > 0:
- print "%s: %s %s" % (src, protocol, perm)
+- print "%s: %s %s" % (src, protocol, perm)
++ bold_start="\033[1m"
++ bold_end="\033[0;0m"
++ print "\n"+bold_start+"%s: %s %s" % (src, protocol, perm) + bold_end
+ port_strings=[]
++ boolean_text=""
for p in portdict:
- for recs in portdict[p]:
- print "\t" + recs
+ for t, recs in portdict[p]:
-+ port_strings.append("%s (%s)" % (", ".join(recs), t))
++ cond=get_conditionals(src,t,"%s_socket" % protocol, [perm])
++ if cond:
++ boolean_text=get_conditionals_format_text(cond)
++ port_strings.append("%s (%s) %s" % (", ".join(recs), t, boolean_text))
++ else:
++ port_strings.append("%s (%s)" % (", ".join(recs), t))
+ port_strings.sort(numcmp)
+ for p in port_strings:
+ print "\t" + p
@@ -514490,7 +514518,7 @@ index b25d3b2..43b3666 100755
def gen_network_args(parser):
net = parser.add_parser("network",
-@@ -245,15 +341,18 @@ def gen_network_args(parser):
+@@ -245,15 +349,18 @@ def gen_network_args(parser):
group.add_argument("-l", "--list", dest="list_ports",
action="store_true",
help=_("list all SELinux port types"))
@@ -514512,7 +514540,7 @@ index b25d3b2..43b3666 100755
net.set_defaults(func=network)
def communicate(args):
-@@ -283,7 +382,6 @@ def gen_communicate_args(parser):
+@@ -283,7 +390,6 @@ def gen_communicate_args(parser):
comm.set_defaults(func=communicate)
def booleans(args):
@@ -514520,7 +514548,7 @@ index b25d3b2..43b3666 100755
from sepolicy import boolean_desc
if args.all:
rc, args.booleans = selinux.security_get_boolean_names()
-@@ -300,6 +398,7 @@ def gen_booleans_args(parser):
+@@ -300,6 +406,7 @@ def gen_booleans_args(parser):
action="store_true",
help=_("get all booleans descriptions"))
group.add_argument("-b", "--boolean", dest="booleans", nargs="+",
@@ -514528,7 +514556,7 @@ index b25d3b2..43b3666 100755
help=_("boolean to get description"))
bools.set_defaults(func=booleans)
-@@ -319,22 +418,49 @@ def gen_transition_args(parser):
+@@ -319,22 +426,49 @@ def gen_transition_args(parser):
help=_("target process domain"))
trans.set_defaults(func=transition)
@@ -514587,7 +514615,7 @@ index b25d3b2..43b3666 100755
if not args.command:
raise ValueError(_("Command required for this type of policy"))
cmd = os.path.realpath(args.command)
-@@ -346,8 +472,22 @@ def generate(args):
+@@ -346,8 +480,22 @@ def generate(args):
mypolicy.set_program(cmd)
if args.types:
@@ -514610,7 +514638,7 @@ index b25d3b2..43b3666 100755
for p in args.writepaths:
if os.path.isdir(p):
mypolicy.add_dir(p)
-@@ -355,6 +495,7 @@ def generate(args):
+@@ -355,6 +503,7 @@ def generate(args):
mypolicy.add_file(p)
mypolicy.set_transition_users(args.user)
@@ -514618,7 +514646,7 @@ index b25d3b2..43b3666 100755
mypolicy.set_admin_domains(args.admin_domain)
mypolicy.set_existing_domains(args.domain)
-@@ -366,20 +507,34 @@ def generate(args):
+@@ -366,20 +515,34 @@ def generate(args):
def gen_interface_args(parser):
itf = parser.add_parser("interface",
help=_('List SELinux Policy interfaces'))
@@ -514656,7 +514684,7 @@ index b25d3b2..43b3666 100755
help=_('Generate SELinux Policy module template'))
pol.add_argument("-d", "--domain", dest="domain", default=[],
action=CheckDomain, nargs="*",
-@@ -387,9 +542,12 @@ def gen_generate_args(parser):
+@@ -387,9 +550,12 @@ def gen_generate_args(parser):
pol.add_argument("-u", "--user", dest="user", default=[],
action=CheckUser,
help=_("Enter SELinux user(s) which will transition to this domain"))
@@ -514670,7 +514698,7 @@ index b25d3b2..43b3666 100755
pol.add_argument("-n", "--name", dest="name",
default=None,
help=_("name of policy to generate"))
-@@ -397,53 +555,57 @@ def gen_generate_args(parser):
+@@ -397,53 +563,57 @@ def gen_generate_args(parser):
help=argparse.SUPPRESS)
pol.add_argument("-t", "--type", dest="types", default=[], nargs="*",
action=CheckType,
@@ -514754,7 +514782,7 @@ index b25d3b2..43b3666 100755
pol.set_defaults(func=generate)
if __name__ == '__main__':
-@@ -455,17 +617,25 @@ if __name__ == '__main__':
+@@ -455,17 +625,25 @@ if __name__ == '__main__':
gen_booleans_args(subparsers)
gen_communicate_args(subparsers)
gen_generate_args(subparsers)
@@ -514782,7 +514810,7 @@ index b25d3b2..43b3666 100755
sys.exit(0)
+
diff --git a/policycoreutils/sepolicy/sepolicy/__init__.py b/policycoreutils/sepolicy/sepolicy/__init__.py
-index 5e7415c..79cd732 100644
+index 5e7415c..0fe8226 100644
--- a/policycoreutils/sepolicy/sepolicy/__init__.py
+++ b/policycoreutils/sepolicy/sepolicy/__init__.py
@@ -1,12 +1,15 @@
@@ -514802,7 +514830,7 @@ index 5e7415c..79cd732 100644
gettext.bindtextdomain(PROGNAME, "/usr/share/locale")
gettext.textdomain(PROGNAME)
try:
-@@ -37,16 +40,308 @@ CLASS = 'class'
+@@ -37,16 +40,362 @@ CLASS = 'class'
TRANSITION = 'transition'
ROLE_ALLOW = 'role_allow'
@@ -514828,6 +514856,33 @@ index 5e7415c..79cd732 100644
+ dict_list = filter(lambda x: _dict_has_perms(x, perms), dict_list)
+ return dict_list
+
++def get_conditionals(src,dest,tclass,perm):
++ tdict = {}
++ tlist = []
++ if dest.endswith("_t"):
++ allows=search([ALLOW],{SOURCE:src,TARGET:dest,CLASS:tclass,PERMS:perm})
++ else:
++ # to include attribute
++ allows=search([ALLOW],{SOURCE:src,CLASS:tclass,PERMS:perm})
++ for i in allows:
++ if i['target'] == dest:
++ allows=[]
++ allows.append(i)
++ try:
++ for i in map(lambda y: (y), filter(lambda x: set(perm).issubset(x[PERMS]) and x['boolean'], allows)):
++ tdict.update({'source':i['source'],'boolean':i['boolean']})
++ if tdict not in tlist:
++ tlist.append(tdict)
++ tdict={}
++ except KeyError:
++ return(tlist)
++
++ return (tlist)
++
++def get_conditionals_format_text(cond):
++ enabled = len(filter(lambda x: x['boolean'][0][1], cond)) > 0
++ return _("-- Allowed %s [ %s ]") % (enabled, " || ".join(set(map(lambda x: "%s=%d" % (x['boolean'][0][0], x['boolean'][0][1]), cond))))
++
+def get_types_from_attribute(attribute):
+ return info(ATTRIBUTE,attribute)[0]["types"]
+
@@ -514949,6 +515004,33 @@ index 5e7415c..79cd732 100644
+ pass
+ return None
+
++def read_file_equiv(edict, fc_path):
++ fd = open(fc_path, "r")
++ fc = fd.readlines()
++ fd.close()
++ for e in fc:
++ f = e.split()
++ edict[f[0]] = f[1]
++ return edict
++
++file_equiv_modified=None
++def get_file_equiv_modified(fc_path = selinux.selinux_file_context_path()):
++ global file_equiv_modified
++ if file_equiv_modified:
++ return file_equiv_modified
++ file_equiv_modified = {}
++ file_equiv_modified = read_file_equiv(file_equiv_modified, fc_path + ".subs")
++ return file_equiv_modified
++
++file_equiv=None
++def get_file_equiv(fc_path = selinux.selinux_file_context_path()):
++ global file_equiv
++ if file_equiv:
++ return file_equiv
++ file_equiv = get_file_equiv_modified(fc_path)
++ file_equiv = read_file_equiv(file_equiv, fc_path + ".subs_dist")
++ return file_equiv
++
+fcdict=None
+def get_fcdict(fc_path = selinux.selinux_file_context_path()):
+ global fcdict
@@ -515114,7 +515196,7 @@ index 5e7415c..79cd732 100644
all_types = None
def get_all_types():
global all_types
-@@ -54,23 +349,31 @@ def get_all_types():
+@@ -54,23 +403,31 @@ def get_all_types():
all_types = map(lambda x: x['name'], info(TYPE))
return all_types
@@ -515159,7 +515241,7 @@ index 5e7415c..79cd732 100644
all_domains = []
types=get_all_types()
types.sort()
-@@ -81,138 +384,364 @@ def get_all_entrypoint_domains():
+@@ -81,138 +438,366 @@ def get_all_entrypoint_domains():
all_domains.append(m[0])
return all_domains
@@ -515236,6 +515318,8 @@ index 5e7415c..79cd732 100644
+ global selinux_user_list
+ if not selinux_user_list:
+ selinux_user_list = info(USER)
++ for x in selinux_user_list:
++ x['range']="".join(x['range'].split(" "))
+ return selinux_user_list
+
+login_mappings = None
@@ -515608,7 +515692,7 @@ index 5e7415c..79cd732 100644
def boolean_category(boolean):
booleans_dict = gen_bool_dict()
-@@ -233,18 +762,56 @@ def get_os_version():
+@@ -233,18 +818,56 @@ def get_os_version():
os_version = ""
pkg_name = "selinux-policy"
try:
@@ -515965,10 +516049,10 @@ index 26f8390..ba959ae 100644
return out
diff --git a/policycoreutils/sepolicy/sepolicy/gui.py b/policycoreutils/sepolicy/sepolicy/gui.py
new file mode 100644
-index 0000000..c6d4588
+index 0000000..b772c7b
--- /dev/null
+++ b/policycoreutils/sepolicy/sepolicy/gui.py
-@@ -0,0 +1,2932 @@
+@@ -0,0 +1,2990 @@
+#!/usr/bin/python -Es
+#
+# Copyright (C) 2013 Red Hat
@@ -516044,9 +516128,10 @@ index 0000000..c6d4588
+TRANSITIONS_PAGE=3
+LOGIN_PAGE=4
+USER_PAGE=5
-+SYSTEM_PAGE=7
+LOCKDOWN_PAGE=6
-+START_PAGE=8
++SYSTEM_PAGE=7
++FILE_EQUIV_PAGE=8
++START_PAGE=9
+
+DISABLED_TEXT = _("""<small>
+To change from Disabled to Enforcing mode
@@ -516124,11 +516209,12 @@ index 0000000..c6d4588
+ # Login Items **************************************
+ self.login_label = builder.get_object("Login_label")
+ self.login_seuser_combobox = builder.get_object("login_seuser_combobox")
-+ self.login_seuser_liststore = builder.get_object("login_seuser_liststore")
++ self.login_seuser_combolist = builder.get_object("login_seuser_liststore")
+ self.login_name_entry = builder.get_object("login_name_entry")
+ self.login_mls_label = builder.get_object("login_mls_label")
+ self.login_mls_entry = builder.get_object("login_mls_entry")
+ self.login_radio_button = builder.get_object("Login_button")
++ self.login_treeview = builder.get_object("login_treeview")
+ self.login_liststore = builder.get_object("login_liststore")
+ self.login_popup_window = builder.get_object("popup_window_login")
+
@@ -516136,6 +516222,7 @@ index 0000000..c6d4588
+ self.user_popup_window = builder.get_object("popup_window_user")
+ self.user_radio_button = builder.get_object("User_button")
+ self.user_liststore = builder.get_object("user_liststore")
++ self.user_treeview = builder.get_object("user_treeview")
+ self.user_roles_liststore = builder.get_object("user_roles_liststore")
+ self.user_label = builder.get_object("User_label")
+ self.user_name_entry = builder.get_object("user_name_entry")
@@ -516143,6 +516230,9 @@ index 0000000..c6d4588
+ self.user_mls_entry = builder.get_object("user_mls_entry")
+ self.selinux_user_combobox = builder.get_object("selinux_user_combobox")
+
++ self.file_equiv_radio_button = builder.get_object("file_equiv_button")
++ self.file_equiv_treeview = builder.get_object("file_equiv_treeview")
++ self.file_equiv_liststore = builder.get_object("file_equiv_liststore")
+ # System Items **************************************
+ self.app_system_button = builder.get_object("app_system_button")
+ self.system_radio_button = builder.get_object("System_button")
@@ -516490,6 +516580,7 @@ index 0000000..c6d4588
+ "on_column_clicked" : self.column_clicked,
+ "on_tab_switch" : self.clear_filters,
+
++ "on_file_equiv_button_clicked" : self.show_file_equiv_page,
+ "on_app/system_button_clicked" : self.system_interface,
+ "on_app/users_button_clicked" : self.users_interface,
+ "on_main_advanced_label_button_press_event": self.advanced_label_main,
@@ -516499,8 +516590,9 @@ index 0000000..c6d4588
+ "on_cancel_delete_network_clicked" : self.close_network_popup,
+ "on_cancel_user_clicked" : self.user_close_popup,
+ "on_cancel_login_clicked" : self.login_close_popup,
-+ "on_user_treeview_row_activated" : self.user_row_activated,
-+ "on_login_treeview_row_activated" : self.login_row_activated,
++ "on_treeview_cursor_changed" : self.cursor_changed,
++ "on_login_seuser_combobox_changed" : self.login_seuser_combobox_change,
++
+ "on_login_advanced_button_press_event" : self.login_advanced_button,
+ "on_user_advanced_button_press_event" : self.user_advanced_button,
+ "on_cancel_network_clicked" : self.close_add_network_popup,
@@ -516560,12 +516652,14 @@ index 0000000..c6d4588
+ self.applications_selection_button.set_label(self.application)
+ self.show_applications_page()
+ else:
-+ self.clearbuttons()
++ self.clearbuttons()
+ self.outer_notebook.set_current_page(START_PAGE)
+
++ self.add_modify_delete_box.hide()
++ self.filter_box.hide()
+ self.finish_init = True
+ Gtk.main()
-+
++
+ def selinux_status(self):
+ try:
+ self.status = selinux.security_getenforce()
@@ -516715,11 +516809,17 @@ index 0000000..c6d4588
+ self.help_window.set_title(_("Help: Systems Page"))
+ self.help_list = [ "system"]
+ return self.help_show_page()
++
+ if opage == LOCKDOWN_PAGE:
+ self.help_window.set_title(_("Help: Lockdown Page"))
+ self.help_list = [ "lockdown"]
+ return self.help_show_page()
+
++ if opage == FILE_EQUIV_PAGE:
++ self.help_window.set_title(_("Help: File Equivalence Page"))
++ self.help_list = [ "file_equiv"]
++ return self.help_show_page()
++
+ def open_combo_menu(self, *args):
+ if self.popup == 0:
+ self.popup = 1
@@ -516806,7 +516906,16 @@ index 0000000..c6d4588
+ except KeyError:
+ pass
+
-+
++
++ def file_equiv_initialize(self):
++ self.wait_mouse()
++ edict = sepolicy.get_file_equiv()
++ for f in edict:
++ iter = self.file_equiv_liststore.append()
++ self.file_equiv_liststore.set_value(iter, 0, f)
++ self.file_equiv_liststore.set_value(iter, 0, edict[f])
++ self.ready_mouse()
++
+ def user_initialize(self):
+ self.wait_mouse()
+ for u in sepolicy.get_selinux_users():
@@ -516815,11 +516924,14 @@ index 0000000..c6d4588
+ roles = u["roles"]
+ roles.remove("object_r")
+ self.user_liststore.set_value(iter, 1, ", ".join(roles))
++ self.user_liststore.set_value(iter, 2, u["level"])
++ self.user_liststore.set_value(iter, 3, u["range"])
+
+ for u in sepolicy.get_login_mappings():
+ iter = self.login_liststore.append()
+ self.login_liststore.set_value(iter, 0, u["name"])
+ self.login_liststore.set_value(iter, 1, u["seuser"])
++ self.login_liststore.set_value(iter, 2, u["mls"])
+ self.ready_mouse()
+
+ def network_initialize(self, app):
@@ -516832,7 +516944,7 @@ index 0000000..c6d4588
+ self.net_update(app, netd, "udp", INBOUND)
+
+ def network_initial_data_insert(self, bound, ports, portType, protocol):
-+ if bound == OUTBOUND:
++ if bound == OUTBOUND:
+ model = self.out_network_tree_data_set
+ else:
+ model = self.in_network_tree_data_set
@@ -516842,6 +516954,24 @@ index 0000000..c6d4588
+ model.set_value(iter, 1, protocol)
+ model.set_value(iter, 2, portType)
+
++ def combo_set_active_text(self, combobox, val):
++ ctr = 0
++ liststore = combobox.get_model()
++ for i in liststore:
++ if i[0] == val:
++ combobox.set_active(ctr)
++ return
++ ctr += 1
++
++ niter = liststore.get_iter(ctr-1)
++ if liststore.get_value(niter, 0) == _("More..."):
++ iter = liststore.insert_before(niter)
++ ctr = ctr - 1
++ else:
++ iter = liststore.append()
++ liststore.set_value(iter, 0, val)
++ combobox.set_active(ctr)
++
+ def combo_get_active_text(self, combobox):
+ liststore = combobox.get_model()
+ index = combobox.get_active()
@@ -516857,12 +516987,11 @@ index 0000000..c6d4588
+
+ def select_type_more(self, *args):
+ app = self.moreTypes_treeview.get_selection()
-+ iter = app.get_selected()
-+ if iter[1] == None:
++ iter = app.get_selected()[1]
++ if iter == None:
+ return
-+ app = self.more_types_files_liststore.get_value(iter[1], 0)
-+ self.check_if_type_is_in_combo(self.files_type_combolist, app)
-+ self.files_type_combobox.set_active(self.map_selected_items_into_combobox(self.files_type_combolist, app))
++ app = self.more_types_files_liststore.get_value(iter, 0)
++ self.combo_set_active_text(self.files_type_combobox, app)
+ self.closewindow(self.moreTypes_window_files)
+
+ def advanced_item_button_push(self, *args):
@@ -517093,7 +517222,7 @@ index 0000000..c6d4588
+ continue
+ except KeyError:
+ pass
-+ self.application_file_types_initial_data_insert(path, desc, file_class)
++ self.application_file_types_initial_data_insert(path, desc, file_class)
+ try:
+ for action, key in (("Add", "old"), ("Modify", "changed")):
+ for path, file_class in self.filedict[application, 2, action]:
@@ -517122,13 +517251,13 @@ index 0000000..c6d4588
+ desc = sepolicy.boolean_desc(b)
+ self.boolean_initial_data_insert(b, desc , active)
+
-+ def boolean_initial_data_insert(self, val, desc, active):
++ def boolean_initial_data_insert(self, val, desc, active):
+ # Insert data from data source into tree
+ iter = self.boolean_tree_data_set.append()
+ self.boolean_tree_data_set.set_value(iter, 0, active)
-+ self.boolean_tree_data_set.set_value(iter, 1, desc)
++ self.boolean_tree_data_set.set_value(iter, 1, desc)
+ self.boolean_tree_data_set.set_value(iter, 2, val)
-+ self.boolean_tree_data_set.set_value(iter, 3, 'More...')
++ self.boolean_tree_data_set.set_value(iter, 3, _('More...'))
+
+ def transitions_into_x_initialize(self, application):
+ for x in sepolicy.get_transitions_into(application):
@@ -517179,7 +517308,7 @@ index 0000000..c6d4588
+ else:
+ niter = self.transitions_from_x_treestore.append(iter)
+ # active[0][1] is either T or F (enabled is all the way at the top)
-+ self.transitions_from_x_treestore.set_value(iter, 0, enabled[active[0][1]])
++ self.transitions_from_x_treestore.set_value(iter, 0, enabled[active[0][1]])
+ markup = '<span foreground="blue"><u>%s</u></span>'
+ if active[0][1]:
+ self.transitions_from_x_treestore.set_value(niter, 2, (_("To disable this transition, go to the " + markup % _("Boolean section."))))
@@ -517187,7 +517316,7 @@ index 0000000..c6d4588
+ self.transitions_from_x_treestore.set_value(niter, 2, (_("To enable this transition, go to the " + markup % _("Boolean section."))))
+
+ # active[0][0] is the Bool Name
-+ self.transitions_from_x_treestore.set_value(niter, 1, active[0][0])
++ self.transitions_from_x_treestore.set_value(niter, 1, active[0][0])
+ self.transitions_from_x_treestore.set_value(niter, 5, True)
+
+ self.transitions_from_x_treestore.set_value(iter, 2, executable)
@@ -517217,10 +517346,12 @@ index 0000000..c6d4588
+ if self.booleans_radio_button.get_active():
+ self.outer_notebook.set_current_page(BOOLEANS_PAGE)
+ self.fuzzin_modify(self.boolean_treeview)
++ self.filter_box.show()
+
+ if self.files_radio_button.get_active():
+ self.add_modify_delete_box.show()
+ self.outer_notebook.set_current_page(FILES_PAGE)
++ self.filter_box.show()
+ ipage = self.inner_notebook_files.get_current_page()
+ if ipage == 0:
+ self.fuzzin_modify(self.executable_files_treeview)
@@ -517231,6 +517362,7 @@ index 0000000..c6d4588
+
+ if self.network_radio_button.get_active():
+ self.add_modify_delete_box.show()
++ self.filter_box.show()
+ self.outer_notebook.set_current_page(NETWORK_PAGE)
+ ipage = self.inner_notebook_network.get_current_page()
+ if ipage == 0:
@@ -517240,20 +517372,31 @@ index 0000000..c6d4588
+
+ if self.transitions_radio_button.get_active():
+ self.outer_notebook.set_current_page(TRANSITIONS_PAGE)
++ self.filter_box.show()
+
+ if self.system_radio_button.get_active():
+ self.outer_notebook.set_current_page(SYSTEM_PAGE)
++ self.filter_box.hide()
+
+ if self.lockdown_radio_button.get_active():
+ self.outer_notebook.set_current_page(LOCKDOWN_PAGE)
++ self.filter_box.hide()
+
+ if self.user_radio_button.get_active():
+ self.outer_notebook.set_current_page(USER_PAGE)
+ self.add_modify_delete_box.show()
++ self.fuzzin_modify(self.user_treeview)
++ self.filter_box.show()
+
+ if self.login_radio_button.get_active():
+ self.outer_notebook.set_current_page(LOGIN_PAGE)
+ self.add_modify_delete_box.show()
++ self.fuzzin_modify(self.login_treeview)
++ self.filter_box.show()
++
++ if self.file_equiv_radio_button.get_active():
++ self.outer_notebook.set_current_page(FILE_EQUIV_PAGE)
++ self.filter_box.show()
+
+ def return_to_booleans_clicked(self, model, path):
+ self.booleans_radio_button.clicked()
@@ -517311,12 +517454,6 @@ index 0000000..c6d4588
+ self.user_init_dialog(args)
+ self.clear_entry = True
+
-+ def error_check_iter(self, iter):
-+ if iter == None:
-+ self.modify_button.set_sensitive(False)
-+ return True
-+ return False
-+
+ def modify_button_clicked(self, *args):
+ opage = self.outer_notebook.get_current_page()
+ if opage == NETWORK_PAGE:
@@ -517335,49 +517472,49 @@ index 0000000..c6d4588
+ self.filedict[(self.application, ipage, operation)] = {}
+ if ipage == self.EXE_PAGE:
+ row = self.executable_files_treeview.get_selection()
-+ # iter[0] is tree model iter[1] is the iter
-+ iter = row.get_selected()
-+ if self.error_check_iter(iter[1]):
++ iter = row.get_selected()[1]
++ if not iter:
++ self.modify_button.set_sensitive(False)
+ return
-+ iter = self.executable_files_treemodel_sort.convert_iter_to_child_iter(iter[1])
++ iter = self.executable_files_treemodel_sort.convert_iter_to_child_iter(iter)
+ iter = self.exe_files_filter_data_set.convert_iter_to_child_iter(iter)
+ self.delete_old_item = iter
+ path = self.executable_files_treestore.get_value(iter, 0)
+ self.files_path_entry.set_text(path)
-+ type = self.executable_files_treestore.get_value(iter, 2)
++ ftype = self.executable_files_treestore.get_value(iter, 1)
+ if type != None:
-+ self.files_class_combobox.set_active(self.map_selected_items_into_combobox(self.files_class_combolist, type))
-+ tclass = self.executable_files_treestore.get_value(iter, 1)
++ self.combo_set_active_text(self.files_type_combobox, ftype)
++ tclass = self.executable_files_treestore.get_value(iter, 2)
+ if tclass != None:
-+ self.check_if_type_is_in_combo(self.files_type_combolist, tclass)
-+ self.files_type_combobox.set_active(self.map_selected_items_into_combobox(self.files_type_combolist, tclass))
++ self.combo_set_active_text(self.files_class_combobox, tclass)
+
+ if ipage == self.WRITABLE_PAGE:
+ row = self.writable_files_treeview.get_selection()
-+ # iter[0] is tree model iter[1] is the iter
-+ iter = row.get_selected()
-+ if self.error_check_iter(iter[1]):
++ iter = row.get_selected()[1]
++ if not iter:
++ self.modify_button.set_sensitive(False)
++
+ return
-+ iter = self.writable_files_treemodel_sort.convert_iter_to_child_iter(iter[1])
++ iter = self.writable_files_treemodel_sort.convert_iter_to_child_iter(iter)
+ iter = self.writable_files_filter_data_set.convert_iter_to_child_iter(iter)
+ self.delete_old_item = iter
+ path = self.writable_files_treestore.get_value(iter, 0)
+ self.files_path_entry.set_text(path)
-+ type = self.writable_files_treestore.get_value(iter, 2)
++ type = self.writable_files_treestore.get_value(iter, 1)
+ if type != None:
-+ self.files_class_combobox.set_active(self.map_selected_items_into_combobox(self.files_class_combolist, type))
-+ tclass = self.writable_files_treestore.get_value(iter, 1)
++ self.combo_set_active_text(self.files_type_combobox, type)
++ tclass = self.writable_files_treestore.get_value(iter, 2)
+ if tclass != None:
-+ self.check_if_type_is_in_combo(self.files_type_combolist, tclass)
-+ self.files_type_combobox.set_active(self.map_selected_items_into_combobox(self.files_type_combolist, tclass))
++ self.combo_set_active_text(self.files_class_combobox, tclass)
+
+ if ipage == self.APP_PAGE:
+ row = self.application_files_treeview.get_selection()
+ # iter[0] is tree model iter[1] is the iter
-+ iter = row.get_selected()
-+ if self.error_check_iter(iter[1]):
++ iter = row.get_selected()[1]
++ if not iter:
++ self.modify_button.set_sensitive(False)
+ return
-+ iter = self.application_files_treemodel_sort.convert_iter_to_child_iter(iter[1])
++ iter = self.application_files_treemodel_sort.convert_iter_to_child_iter(iter)
+ iter = self.application_files_filter_data_set.convert_iter_to_child_iter(iter)
+ self.delete_old_item = iter
+ path = self.application_files_treestore.get_value(iter, 0)
@@ -517389,40 +517526,35 @@ index 0000000..c6d4588
+ pass
+ type = self.application_files_treestore.get_value(iter, 2)
+ if type != None:
-+ self.files_class_combobox.set_active(self.map_selected_items_into_combobox(self.files_class_combolist, type))
++ self.combo_set_active_text(self.files_type_combobox, type)
+ tclass = get_type[0]
+ if tclass != None:
-+ self.check_if_type_is_in_combo(self.files_type_combolist, tclass)
-+ self.files_type_combobox.set_active(self.map_selected_items_into_combobox(self.files_type_combolist, tclass))
++ self.combo_set_active_text(self.files_class_combobox, tclass)
++
+ self.filedict[(self.application, ipage, operation)][(path, type)] = {"type": tclass, "mls": mls, "changed": True, "old": False}
++
+ if opage == USER_PAGE:
+ row = self.user_treeview.get_selection()
-+ print row
-+
++ iter = row.get_selected()[1]
++ self.user_init_dialog(args)
++ self.user_liststore.get_value(iter,0), self.user_liststore.get_value(iter,1)
++ self.user_name_entry.set_text(self.user_liststore.get_value(iter,0))
++ self.user_mls_entry.set_text(self.user_liststore.get_value(iter,3))
++ self.user_popup_window.show()
++
+ if opage == LOGIN_PAGE:
++ self.login_init_dialog(args)
+ row = self.login_treeview.get_selection()
-+ print row
-+
-+
-+ def check_if_type_is_in_combo(self, combolist, ftype):
-+ match = False
-+ ctr = 0
-+ for i in combolist:
-+ if ftype == i[0]:
-+ match = True
-+ ctr += 1
-+ if not match:
-+ #'More...' is last item in the list = (ctr-1)
-+ niter = combolist.get_iter(ctr-1)
-+ iter = combolist.insert_before(niter)
-+ combolist.set_value(iter, 0, ftype)
-+ #return True
++ iter = row.get_selected()[1]
++ self.login_popup_window.show()
++ self.login_name_entry.set_text(self.login_liststore.get_value(iter,0))
++ self.login_mls_entry.set_text(self.login_liststore.get_value(iter,2))
++ self.combo_set_active_text(self.login_seuser_combobox, self.login_liststore.get_value(iter,1))
+
+ def populate_type_combo(self, tree, loc, *args):
+ iter = self.more_types_files_liststore.get_iter(loc)
+ ftype = self.more_types_files_liststore.get_value(iter, 0)
-+ self.check_if_type_is_in_combo(self.files_type_combolist, ftype)
-+ self.files_type_combobox.set_active(self.map_selected_items_into_combobox(self.files_type_combolist, ftype))
++ self.combo_set_active_text(self.files_type_combobox, ftype)
+ self.popup_window_files.show()
+ self.moreTypes_window_files.hide()
+
@@ -517493,7 +517625,7 @@ index 0000000..c6d4588
+ self.files_type_combobox.set_active(0)
+ self.files_mls_combobox.set_active(0)
+ iter = self.files_type_combolist.append()
-+ self.files_type_combolist.set_value(iter, 0, 'More...')
++ self.files_type_combolist.set_value(iter, 0, _('More...'))
+
+ def modify_button_network_clicked(self, *args):
+ if self.application != None:
@@ -517509,18 +517641,18 @@ index 0000000..c6d4588
+ self.portdict[(self.application, ipage, operation)] = {}
+ if ipage == OUTBOUND:
+ row = self.out_network_treeview.get_selection()
-+ # iter[0] is tree model iter[1] is the iter
-+ iter = row.get_selected()
-+ if self.error_check_iter(iter[1]):
++ iter = row.get_selected()[1]
++ if not iter:
++ self.modify_button.set_sensitive(False)
+ return
-+ iter = self.out_network_treemodel_sort.convert_iter_to_child_iter(iter[1])
++ iter = self.out_network_treemodel_sort.convert_iter_to_child_iter(iter)
+ iter = self.out_network_filter_data_set.convert_iter_to_child_iter(iter)
+ self.delete_old_item = iter
+ port = self.out_network_tree_data_set.get_value(iter, 0)
+ self.network_ports_entry.set_text(port)
+ type = self.out_network_tree_data_set.get_value(iter, 2)
+ if type != None:
-+ self.network_port_type_combobox.set_active(self.map_selected_items_into_combobox(self.network_port_type_combolist, type))
++ self.combo_set_active_text(self.network_port_type_combobox, type)
+ protocol = self.out_network_tree_data_set.get_value(iter, 1)
+ if protocol == "tcp":
+ self.network_tcp_button.set_active(True)
@@ -517529,8 +517661,9 @@ index 0000000..c6d4588
+
+ elif ipage == INBOUND:
+ row = self.in_network_treeview.get_selection()
-+ model, iter = row.get_selected()
-+ if self.error_check_iter(iter):
++ iter = row.get_selected()[1]
++ if not iter:
++ self.modify_button.set_sensitive(False)
+ return
+ iter = self.in_network_treemodel_sort.convert_iter_to_child_iter(iter)
+ iter = self.in_network_filter_data_set.convert_iter_to_child_iter(iter)
@@ -517539,24 +517672,16 @@ index 0000000..c6d4588
+ self.network_ports_entry.set_text(port)
+ type = self.in_network_tree_data_set.get_value(iter, 2)
+ if type != None:
-+ self.network_port_type_combobox.set_active(self.map_selected_items_into_combobox(self.network_port_type_combolist, type))
++ self.combo_set_active_text(self.network_port_type_combobox, type)
+ protocol = self.in_network_tree_data_set.get_value(iter, 1)
+ if protocol == "tcp":
+ self.network_tcp_button.set_active(True)
-+ #self.network_protocol_combobox.set_active(self.map_selected_items_into_combobox(self.network_protocol_combolist, protocol))
++
+ elif protocol == "udp":
+ self.network_udp_button.set_active(True)
+
+ self.portdict[(self.application, ipage, operation)][(port, protocol)] = {"type": type, "mls": mls, "changed": True, "old": False}
+
-+ def map_selected_items_into_combobox(self, combolist, match):
-+ ctr = 0
-+ for items in combolist:
-+ if match.startswith(items[0]):
-+ break
-+ ctr += 1
-+ return ctr
-+
+ def init_network_dialog(self, *args):
+ self.popup_window_network.show()
+ self.window.set_sensitive(False)
@@ -517613,6 +517738,13 @@ index 0000000..c6d4588
+ self.login_popup_window.hide()
+ self.window.set_sensitive(True)
+
++ def login_seuser_combobox_change(self, combo, *args):
++ seuser = self.combo_get_active_text(combo)
++ if self.login_mls_entry.get_text() == "":
++ for u in sepolicy.get_selinux_users():
++ if seuser == u['name']:
++ self.login_mls_entry.set_text(u['range'])
++
+ def login_advanced_button(self, label, *args):
+ advanced = (label.get_text() == ADVANCED_LABEL[0])
+ self.login_mls_label.set_visible(advanced)
@@ -517622,31 +517754,34 @@ index 0000000..c6d4588
+ else:
+ label.set_text(ADVANCED_LABEL[0])
+
-+ def login_row_activated(self, treeview, path, *args):
++ def cursor_changed(self, treeview, *args):
++ row = treeview.get_selection()
++ if row == None:
++ self.modify_button.set_sensitive(False)
++ return
++ iter = row.get_selected()[1]
++ self.modify_button.set_sensitive(iter == None)
++
++ def row_activated(self, treeview, *args):
+ self.modify_button.set_sensitive(True)
-+ print treeview, path, args
+
+ def login_init_dialog(self, *args):
+ self.login_popup_window.show()
-+ self.login_seuser_liststore.clear()
++ self.login_seuser_combolist.clear()
+ users = sepolicy.get_all_users()
+ users.sort()
-+ for u in users:
-+ iter = self.login_seuser_liststore.append()
-+ self.login_seuser_liststore.set_value(iter, 0, str(u))
++ for u in users:
++ iter = self.login_seuser_combolist.append()
++ self.login_seuser_combolist.set_value(iter, 0, str(u))
+ self.login_name_entry.set_text("")
+ self.login_mls_entry.set_text("")
+
-+ def user_row_activated(self, treeview, path, *args):
-+ self.modify_button.set_sensitive(True)
-+ print treeview, path, args
-+
+ def user_init_dialog(self, *args):
+ self.user_popup_window.show()
+ self.user_liststore.clear()
+ roles = sepolicy.get_all_roles()
+ roles.sort()
-+ for r in roles:
++ for r in roles:
+ iter = self.user_roles_liststore.append()
+ self.user_roles_liststore.set_value(iter, 0, str(r))
+ self.user_name_entry.set_text("")
@@ -517660,7 +517795,7 @@ index 0000000..c6d4588
+ self.files_show_modified(checkbutton)
+ if opage == NETWORK_PAGE:
+ self.network_show_modified(checkbutton)
-+
++
+ def bools_show_modified(self, checkbutton):
+ append_list = []
+ if checkbutton.get_active() == True:
@@ -517674,7 +517809,7 @@ index 0000000..c6d4588
+ self.boolean_tree_data_set.set_value(iter, 0, self.booldict[i]['active'])
+ self.boolean_tree_data_set.set_value(iter, 1, sepolicy.boolean_desc(i))
+ self.boolean_tree_data_set.set_value(iter, 2, i)
-+ self.boolean_tree_data_set.set_value(iter, 3, 'More...')
++ self.boolean_tree_data_set.set_value(iter, 3, _('More...'))
+ elif self.application != None:
+ self.boolean_tree_data_set.clear()
+ self.bool_initialize(self.application)
@@ -517919,7 +518054,7 @@ index 0000000..c6d4588
+ return False
+
+ def show_more_types(self, *args):
-+ if self.combo_get_active_text(self.files_type_combobox) == 'More...':
++ if self.combo_get_active_text(self.files_type_combobox) == _('More...'):
+ self.popup_window_files.hide()
+ self.moreTypes_window_files.show()
+
@@ -518128,7 +518263,7 @@ index 0000000..c6d4588
+ def get_filter_data(self, windows, *args):
+ #search for desired item
+ # The txt that the user inputs into the filter is stored in filter_txt
-+ self.filter_txt = windows.get_text()
++ self.filter_txt = windows.get_text()
+ opage = self.outer_notebook.get_current_page()
+ if opage == BOOLEANS_PAGE:
+ self.booleans_filter_data_set.refilter()
@@ -518270,16 +518405,24 @@ index 0000000..c6d4588
+ self.clearbuttons()
+ self.system_radio_button.set_visible(True)
+ self.lockdown_radio_button.set_visible(True)
-+ self.applications_selection_button.set_label("System")
++ self.applications_selection_button.set_label(_("System"))
+ self.system_radio_button.set_active(True)
+ self.tab_change()
+ self.idle_func()
+
++ def show_file_equiv_page(self, *args):
++ self.clearbuttons()
++ self.file_equiv_initialize()
++ self.file_equiv_radio_button.set_active(True)
++ self.applications_selection_button.set_label(_("File Equivalence"))
++ self.tab_change()
++ self.idle_func()
++
+ def show_users_page(self):
+ self.clearbuttons()
+ self.login_radio_button.set_visible(True)
+ self.user_radio_button.set_visible(True)
-+ self.applications_selection_button.set_label("Users")
++ self.applications_selection_button.set_label(_("Users"))
+ self.login_radio_button.set_active(True)
+ self.tab_change()
+ self.user_initialize()
@@ -518534,7 +518677,7 @@ index 0000000..c6d4588
+
+ entrypoints = sepolicy.get_entrypoints(domain)
+ # From entry_point = 0 to the number of keys in the dic
-+ for exe in entrypoints:
++ for exe in entrypoints:
+ if len(entrypoints[exe]):
+ file_class = entrypoints[exe][1]
+ for path in entrypoints[exe][0]:
@@ -518605,11 +518748,10 @@ index 0000000..c6d4588
+ def fuzzin_modify(self, tree, *args):
+ row = tree.get_selection()
+ if row == None:
-+ self.modify_button.set_sensitive(True)
-+ model, iter = row.get_selected()
-+ # Returns True if there is an error
-+ if not self.error_check_iter(iter):
-+ self.modify_button.set_sensitive(True)
++ self.modify_button.set_sensitive(False)
++ return
++ iter = row.get_selected()[1]
++ self.modify_button.set_sensitive(iter != None)
+
+ def highlight_entry_text(self, entry_obj, *args):
+ txt = entry_obj.get_text()
@@ -518627,7 +518769,7 @@ index 0000000..c6d4588
+ if text.startswith(d):
+ for t in self.files_type_combolist:
+ if t[0].endswith(sepolicy.DEFAULT_DIRS[d]):
-+ self.files_type_combobox.set_active(self.map_selected_items_into_combobox(self.files_type_combolist, t[0]))
++ self.combo_set_active_text(self.files_type_combobox, t[0])
+
+ def resize_columns(self, *args):
+ self.booleans_column_1 = self.boolean_treeview.get_col(1)
@@ -518769,7 +518911,7 @@ index 0000000..c6d4588
+ self.window.set_sensitive(True)
+ if self.moreTypes_window_files == window:
+ self.popup_window_files.show()
-+ if self.combo_get_active_text(self.files_type_combobox) =='More...':
++ if self.combo_get_active_text(self.files_type_combobox) == _('More...'):
+ self.files_type_combobox.set_active(0)
+ if self.error_check_window == window:
+ self.window.set_sensitive(False)
@@ -518901,6 +519043,9 @@ index 0000000..c6d4588
+
+if __name__ == '__main__':
+ start = SELinuxGui()
+diff --git a/policycoreutils/sepolicy/sepolicy/help/__init__.py b/policycoreutils/sepolicy/sepolicy/help/__init__.py
+new file mode 100644
+index 0000000..e69de29
diff --git a/policycoreutils/sepolicy/sepolicy/help/booleans.png b/policycoreutils/sepolicy/sepolicy/help/booleans.png
new file mode 100644
index 0000000..a7b4206
@@ -519755,10 +519900,10 @@ index 25062da..049b66a 100755
def _home_exec(self):
permlist = sepolicy.search([sepolicy.ALLOW],{'source':self.type,'target':'user_home_type', 'class':'file', 'permlist':['ioctl', 'read', 'getattr', 'execute', 'execute_no_trans', 'open']})
diff --git a/policycoreutils/sepolicy/sepolicy/network.py b/policycoreutils/sepolicy/sepolicy/network.py
-index 66efe26..970f4c8 100755
+index 66efe26..6a7dab7 100755
--- a/policycoreutils/sepolicy/sepolicy/network.py
+++ b/policycoreutils/sepolicy/sepolicy/network.py
-@@ -25,27 +25,6 @@ import sepolicy
+@@ -25,47 +25,22 @@ import sepolicy
search=sepolicy.search
info=sepolicy.info
@@ -519786,7 +519931,12 @@ index 66efe26..970f4c8 100755
def get_types(src, tclass, perm):
allows=search([sepolicy.ALLOW],{sepolicy.SOURCE:src,sepolicy.CLASS:tclass, sepolicy.PERMS:perm})
nlist=[]
-@@ -57,11 +36,12 @@ def get_types(src, tclass, perm):
+ if allows:
+- for i in map(lambda y: y[sepolicy.TARGET], filter(lambda x: set(perm).issubset(x[sepolicy.PERMS]) and x['enabled'], allows)):
++ for i in map(lambda y: y[sepolicy.TARGET], filter(lambda x: set(perm).issubset(x[sepolicy.PERMS]), allows)):
+ if i not in nlist:
+ nlist.append(i)
+ return nlist
def get_network_connect(src, protocol, perm):
@@ -519794,18 +519944,23 @@ index 66efe26..970f4c8 100755
d={}
tlist = get_types(src, "%s_socket" % protocol, [perm])
if len(tlist) > 0:
- if "port_type" in tlist:
+- if "port_type" in tlist:
- d[(src,protocol,perm)] = ["all ports"]
-+ d[(src,protocol,perm)] = [("port_type", ["all ports"])]
- return d
-
+- return d
+-
d[(src,protocol,perm)] = []
-@@ -77,16 +57,16 @@ def get_network_connect(src, protocol, perm):
+-
+ for i in tlist:
+ if i == "ephemeral_port_type":
+ if "unreserved_port_type" in tlist:
+@@ -77,16 +52,18 @@ def get_network_connect(src, protocol, perm):
if "port_t" in tlist:
continue
if i == "port_t":
- d[(src,protocol,perm)].append("all ports with out defined types")
+ d[(src,protocol,perm)].append((i, ["all ports with out defined types"]))
++ if i == "port_type":
++ d[(src,protocol,perm)].append((i, ["all ports"]))
elif i == "unreserved_port_type":
- d[(src,protocol,perm)].append("%s: all ports > 1024" % i)
+ d[(src,protocol,perm)].append((i, ["all ports > 1024"]))
@@ -519885,12 +520040,12 @@ index 0000000..7ad2af7
+ print e
diff --git a/policycoreutils/sepolicy/sepolicy/sepolicy.glade b/policycoreutils/sepolicy/sepolicy/sepolicy.glade
new file mode 100644
-index 0000000..526ad31
+index 0000000..440c30e
--- /dev/null
+++ b/policycoreutils/sepolicy/sepolicy/sepolicy.glade
-@@ -0,0 +1,4807 @@
+@@ -0,0 +1,4935 @@
+<?xml version="1.0" encoding="UTF-8"?>
-+<!-- Generated with glade 3.15.3 on Mon Sep 9 22:53:49 2013 -->
++<!-- Generated with glade 3.15.3 on Tue Sep 17 16:30:19 2013 -->
+<interface>
+ <!-- interface-requires gtk+ 3.8 -->
+ <object class="GtkListStore" id="Advanced_search_liststore">
@@ -520052,6 +520207,23 @@ index 0000000..526ad31
+ </packing>
+ </child>
+ <child>
++ <object class="GtkButton" id="app_file_equiv_button">
++ <property name="label" translatable="yes">File Equivalency</property>
++ <property name="visible">True</property>
++ <property name="can_focus">True</property>
++ <property name="receives_default">True</property>
++ <property name="focus_on_click">False</property>
++ <property name="relief">none</property>
++ <property name="xalign">0</property>
++ <signal name="clicked" handler="on_file_equiv_button_clicked" swapped="no"/>
++ </object>
++ <packing>
++ <property name="expand">True</property>
++ <property name="fill">True</property>
++ <property name="position">2</property>
++ </packing>
++ </child>
++ <child>
+ <object class="GtkButton" id="app_users_button">
+ <property name="label" translatable="yes">Users</property>
+ <property name="visible">True</property>
@@ -520065,7 +520237,7 @@ index 0000000..526ad31
+ <packing>
+ <property name="expand">True</property>
+ <property name="fill">True</property>
-+ <property name="position">2</property>
++ <property name="position">3</property>
+ </packing>
+ </child>
+ <child>
@@ -520082,7 +520254,7 @@ index 0000000..526ad31
+ <packing>
+ <property name="expand">True</property>
+ <property name="fill">True</property>
-+ <property name="position">3</property>
++ <property name="position">4</property>
+ </packing>
+ </child>
+ </object>
@@ -520369,6 +520541,14 @@ index 0000000..526ad31
+ <object class="GtkTreeModelSort" id="executable_files_treemodelsort">
+ <property name="model">executable_files_treemodelfilter</property>
+ </object>
++ <object class="GtkListStore" id="file_equiv_liststore">
++ <columns>
++ <!-- column-name Source -->
++ <column type="gchararray"/>
++ <!-- column-name Destination -->
++ <column type="gchararray"/>
++ </columns>
++ </object>
+ <object class="GtkListStore" id="files_class_combo_store">
+ <columns>
+ <!-- column-name gchararray1 -->
@@ -520548,6 +520728,8 @@ index 0000000..526ad31
+ <column type="gchararray"/>
+ <!-- column-name SELinuxUser -->
+ <column type="gchararray"/>
++ <!-- column-name MLS -->
++ <column type="gchararray"/>
+ </columns>
+ </object>
+ <object class="GtkListStore" id="login_seuser_liststore">
@@ -520975,6 +521157,12 @@ index 0000000..526ad31
+ <property name="n_rows">5</property>
+ <property name="n_columns">2</property>
+ <child>
++ <placeholder/>
++ </child>
++ <child>
++ <placeholder/>
++ </child>
++ <child>
+ <object class="GtkLabel" id="label15">
+ <property name="visible">True</property>
+ <property name="can_focus">False</property>
@@ -521051,6 +521239,7 @@ index 0000000..526ad31
+ <property name="visible">True</property>
+ <property name="can_focus">False</property>
+ <property name="model">login_seuser_liststore</property>
++ <signal name="changed" handler="on_login_seuser_combobox_changed" swapped="no"/>
+ <child>
+ <object class="GtkCellRendererText" id="cellrenderertext51"/>
+ <attributes>
@@ -521108,12 +521297,6 @@ index 0000000..526ad31
+ </packing>
+ </child>
+ <child>
-+ <placeholder/>
-+ </child>
-+ <child>
-+ <placeholder/>
-+ </child>
-+ <child>
+ <object class="GtkEntry" id="login_mls_entry">
+ <property name="can_focus">True</property>
+ <property name="invisible_char">●</property>
@@ -521448,6 +521631,10 @@ index 0000000..526ad31
+ <column type="gchararray"/>
+ <!-- column-name SELinuxRoles -->
+ <column type="gchararray"/>
++ <!-- column-name Default -->
++ <column type="gchararray"/>
++ <!-- column-name MLSRange -->
++ <column type="gchararray"/>
+ </columns>
+ </object>
+ <object class="GtkListStore" id="user_roles_liststore">
@@ -521456,253 +521643,55 @@ index 0000000..526ad31
+ <column type="gchararray"/>
+ </columns>
+ </object>
-+ <object class="GtkWindow" id="popup_window_user">
++ <object class="GtkTreeStore" id="writable_files_treestore">
++ <columns>
++ <!-- column-name File -->
++ <column type="gchararray"/>
++ <!-- column-name SELinux -->
++ <column type="gchararray"/>
++ <!-- column-name File1 -->
++ <column type="gchararray"/>
++ <!-- column-name Label -->
++ <column type="gboolean"/>
++ <!-- column-name Mislabled -->
++ <column type="gboolean"/>
++ <!-- column-name Cur -->
++ <column type="gchararray"/>
++ <!-- column-name Con -->
++ <column type="gchararray"/>
++ </columns>
++ </object>
++ <object class="GtkTreeModelFilter" id="writable_files_treemodelfilter">
++ <property name="child_model">writable_files_treestore</property>
++ </object>
++ <object class="GtkTreeModelSort" id="writable_files_treemodelsort">
++ <property name="model">writable_files_treemodelfilter</property>
++ </object>
++ <object class="GtkWindow" id="SELinux_window">
+ <property name="can_focus">False</property>
-+ <property name="title" translatable="yes">Network Port Definitions</property>
-+ <property name="resizable">False</property>
-+ <property name="modal">True</property>
-+ <property name="window_position">center-on-parent</property>
-+ <property name="transient_for">SELinux_window</property>
-+ <signal name="delete-event" handler="gtk_widget_hide" swapped="no"/>
++ <property name="title" translatable="yes">SELinux Policy Manager</property>
++ <property name="window_position">center-always</property>
++ <property name="default_width">650</property>
++ <property name="default_height">420</property>
++ <signal name="configure-event" handler="on_SELinux_window_configure_event" swapped="no"/>
++ <signal name="delete-event" handler="on_confirmation_close" swapped="no"/>
++ <signal name="focus-in-event" handler="on_SELinux_window_configure_event" swapped="no"/>
+ <child>
-+ <object class="GtkBox" id="vbox11">
++ <object class="GtkBox" id="vbox1">
+ <property name="visible">True</property>
+ <property name="can_focus">False</property>
+ <property name="orientation">vertical</property>
+ <child>
-+ <object class="GtkLabel" id="User_label">
-+ <property name="visible">True</property>
-+ <property name="can_focus">False</property>
-+ <property name="xalign">0</property>
-+ <property name="xpad">10</property>
-+ <property name="label" translatable="yes">Add User Roles. SELinux User Roles will be created when Update is applied.</property>
-+ <property name="justify">fill</property>
-+ <property name="wrap">True</property>
-+ </object>
-+ <packing>
-+ <property name="expand">True</property>
-+ <property name="fill">True</property>
-+ <property name="position">0</property>
-+ </packing>
-+ </child>
-+ <child>
-+ <object class="GtkTable" id="table3">
++ <object class="GtkBox" id="hbox1">
+ <property name="visible">True</property>
+ <property name="can_focus">False</property>
-+ <property name="n_rows">5</property>
-+ <property name="n_columns">2</property>
-+ <child>
-+ <placeholder/>
-+ </child>
-+ <child>
-+ <placeholder/>
-+ </child>
-+ <child>
-+ <object class="GtkLabel" id="label16">
-+ <property name="visible">True</property>
-+ <property name="can_focus">False</property>
-+ <property name="xalign">0</property>
-+ <property name="xpad">10</property>
-+ <property name="label" translatable="yes">SELinux User Name</property>
-+ </object>
-+ <packing>
-+ <property name="y_options"/>
-+ </packing>
-+ </child>
-+ <child>
-+ <object class="GtkEntry" id="user_name_entry">
-+ <property name="visible">True</property>
-+ <property name="can_focus">True</property>
-+ <property name="invisible_char">●</property>
-+ <property name="primary_icon_activatable">False</property>
-+ <property name="secondary_icon_activatable">False</property>
-+ </object>
-+ <packing>
-+ <property name="left_attach">1</property>
-+ <property name="right_attach">2</property>
-+ </packing>
-+ </child>
-+ <child>
-+ <object class="GtkLabel" id="label23">
-+ <property name="visible">True</property>
-+ <property name="can_focus">False</property>
-+ <property name="xalign">0</property>
-+ <property name="xpad">10</property>
-+ <property name="label" translatable="yes">SELinux Roles</property>
-+ </object>
-+ <packing>
-+ <property name="top_attach">1</property>
-+ <property name="bottom_attach">2</property>
-+ <property name="y_options"/>
-+ </packing>
-+ </child>
+ <child>
-+ <object class="GtkLabel" id="user_advanced_button">
-+ <property name="visible">True</property>
-+ <property name="can_focus">False</property>
-+ <property name="xalign">0</property>
-+ <property name="xpad">10</property>
-+ <property name="label" translatable="yes">Advanced >></property>
-+ <property name="selectable">True</property>
-+ <attributes>
-+ <attribute name="foreground" value="#00004e4e9999"/>
-+ </attributes>
-+ <signal name="button-press-event" handler="on_user_advanced_button_press_event" swapped="no"/>
-+ </object>
-+ <packing>
-+ <property name="top_attach">2</property>
-+ <property name="bottom_attach">3</property>
-+ <property name="y_options"/>
-+ </packing>
-+ </child>
-+ <child>
-+ <object class="GtkLabel" id="user_mls_label">
-+ <property name="can_focus">False</property>
-+ <property name="xalign">0</property>
-+ <property name="xpad">10</property>
-+ <property name="label" translatable="yes">MLS</property>
-+ </object>
-+ <packing>
-+ <property name="top_attach">3</property>
-+ <property name="bottom_attach">4</property>
-+ <property name="y_options"/>
-+ </packing>
-+ </child>
-+ <child>
-+ <object class="GtkComboBox" id="user_roles_combobox">
-+ <property name="width_request">360</property>
-+ <property name="visible">True</property>
-+ <property name="can_focus">False</property>
-+ <property name="model">user_roles_liststore</property>
-+ <child>
-+ <object class="GtkCellRendererText" id="cellrenderertext50"/>
-+ <attributes>
-+ <attribute name="text">0</attribute>
-+ </attributes>
-+ </child>
-+ </object>
-+ <packing>
-+ <property name="left_attach">1</property>
-+ <property name="right_attach">2</property>
-+ <property name="top_attach">1</property>
-+ <property name="bottom_attach">2</property>
-+ </packing>
-+ </child>
-+ <child>
-+ <object class="GtkBox" id="hbox3">
-+ <property name="visible">True</property>
-+ <property name="can_focus">False</property>
-+ <child>
-+ <object class="GtkButton" id="save_changes_user">
-+ <property name="label" translatable="yes">Save to update</property>
-+ <property name="visible">True</property>
-+ <property name="can_focus">True</property>
-+ <property name="receives_default">True</property>
-+ <signal name="clicked" handler="on_save_changes_login_clicked" swapped="no"/>
-+ </object>
-+ <packing>
-+ <property name="expand">False</property>
-+ <property name="fill">True</property>
-+ <property name="pack_type">end</property>
-+ <property name="position">0</property>
-+ </packing>
-+ </child>
-+ <child>
-+ <object class="GtkButton" id="cancel_user">
-+ <property name="label" translatable="yes">Cancel</property>
-+ <property name="visible">True</property>
-+ <property name="can_focus">True</property>
-+ <property name="receives_default">True</property>
-+ <signal name="clicked" handler="on_cancel_user_clicked" swapped="no"/>
-+ </object>
-+ <packing>
-+ <property name="expand">False</property>
-+ <property name="fill">True</property>
-+ <property name="pack_type">end</property>
-+ <property name="position">1</property>
-+ </packing>
-+ </child>
-+ </object>
-+ <packing>
-+ <property name="left_attach">1</property>
-+ <property name="right_attach">2</property>
-+ <property name="top_attach">4</property>
-+ <property name="bottom_attach">5</property>
-+ </packing>
-+ </child>
-+ <child>
-+ <object class="GtkEntry" id="user_mls_entry">
-+ <property name="can_focus">True</property>
-+ <property name="invisible_char">●</property>
-+ <property name="primary_icon_activatable">False</property>
-+ <property name="secondary_icon_activatable">False</property>
-+ </object>
-+ <packing>
-+ <property name="left_attach">1</property>
-+ <property name="right_attach">2</property>
-+ <property name="top_attach">3</property>
-+ <property name="bottom_attach">4</property>
-+ </packing>
-+ </child>
-+ </object>
-+ <packing>
-+ <property name="expand">True</property>
-+ <property name="fill">True</property>
-+ <property name="position">1</property>
-+ </packing>
-+ </child>
-+ </object>
-+ </child>
-+ </object>
-+ <object class="GtkTreeStore" id="writable_files_treestore">
-+ <columns>
-+ <!-- column-name File -->
-+ <column type="gchararray"/>
-+ <!-- column-name SELinux -->
-+ <column type="gchararray"/>
-+ <!-- column-name File1 -->
-+ <column type="gchararray"/>
-+ <!-- column-name Label -->
-+ <column type="gboolean"/>
-+ <!-- column-name Mislabled -->
-+ <column type="gboolean"/>
-+ <!-- column-name Cur -->
-+ <column type="gchararray"/>
-+ <!-- column-name Con -->
-+ <column type="gchararray"/>
-+ </columns>
-+ </object>
-+ <object class="GtkTreeModelFilter" id="writable_files_treemodelfilter">
-+ <property name="child_model">writable_files_treestore</property>
-+ </object>
-+ <object class="GtkTreeModelSort" id="writable_files_treemodelsort">
-+ <property name="model">writable_files_treemodelfilter</property>
-+ </object>
-+ <object class="GtkWindow" id="SELinux_window">
-+ <property name="can_focus">False</property>
-+ <property name="title" translatable="yes">SELinux Policy Manager</property>
-+ <property name="window_position">center-always</property>
-+ <property name="default_width">650</property>
-+ <property name="default_height">420</property>
-+ <signal name="configure-event" handler="on_SELinux_window_configure_event" swapped="no"/>
-+ <signal name="delete-event" handler="on_confirmation_close" swapped="no"/>
-+ <signal name="focus-in-event" handler="on_SELinux_window_configure_event" swapped="no"/>
-+ <child>
-+ <object class="GtkBox" id="vbox1">
-+ <property name="visible">True</property>
-+ <property name="can_focus">False</property>
-+ <property name="orientation">vertical</property>
-+ <child>
-+ <object class="GtkBox" id="hbox1">
-+ <property name="visible">True</property>
-+ <property name="can_focus">False</property>
-+ <child>
-+ <object class="GtkBox" id="vbox4">
++ <object class="GtkBox" id="vbox4">
+ <property name="visible">True</property>
+ <property name="can_focus">False</property>
+ <property name="orientation">vertical</property>
+ <child>
-+ <object class="GtkBox" id="hbox7">
++ <object class="GtkBox" id="box100">
+ <property name="visible">True</property>
+ <property name="can_focus">False</property>
+ <child>
@@ -521905,6 +521894,20 @@ index 0000000..526ad31
+ </packing>
+ </child>
+ <child>
++ <object class="GtkRadioButton" id="file_equiv_button">
++ <property name="label" translatable="yes">radiobutton</property>
++ <property name="can_focus">False</property>
++ <property name="receives_default">False</property>
++ <property name="xalign">0</property>
++ <property name="draw_indicator">False</property>
++ </object>
++ <packing>
++ <property name="expand">False</property>
++ <property name="fill">True</property>
++ <property name="position">9</property>
++ </packing>
++ </child>
++ <child>
+ <object class="GtkEventBox" id="eventbox1">
+ <property name="visible">True</property>
+ <property name="can_focus">False</property>
@@ -521922,7 +521925,7 @@ index 0000000..526ad31
+ <property name="expand">False</property>
+ <property name="fill">False</property>
+ <property name="pack_type">end</property>
-+ <property name="position">10</property>
++ <property name="position">11</property>
+ </packing>
+ </child>
+ </object>
@@ -522082,13 +522085,13 @@ index 0000000..526ad31
+allow alternative access control.</property>
+ <property name="model">boolean_treemodelsort</property>
+ <property name="activate_on_single_click">True</property>
++ <signal name="cursor-changed" handler="on_treeview_cursor_changed" swapped="no"/>
+ <signal name="row-activated" handler="on_column_clicked" swapped="no"/>
+ <child internal-child="selection">
+ <object class="GtkTreeSelection" id="treeview-selection1"/>
+ </child>
+ <child>
+ <object class="GtkTreeViewColumn" id="Active">
-+ <property name="sizing">autosize</property>
+ <property name="title" translatable="yes">Enabled</property>
+ <property name="reorderable">True</property>
+ <property name="sort_column_id">0</property>
@@ -522197,6 +522200,7 @@ index 0000000..526ad31
+ <property name="search_column">0</property>
+ <property name="activate_on_single_click">True</property>
+ <signal name="button-press-event" handler="item_in_tree_selected" swapped="no"/>
++ <signal name="cursor-changed" handler="on_treeview_cursor_changed" swapped="no"/>
+ <signal name="row-activated" handler="on_column_clicked" swapped="no"/>
+ <child internal-child="selection">
+ <object class="GtkTreeSelection" id="treeview-selection2"/>
@@ -522303,6 +522307,7 @@ index 0000000..526ad31
+ <property name="model">writable_files_treemodelsort</property>
+ <property name="activate_on_single_click">True</property>
+ <signal name="button-press-event" handler="item_in_tree_selected" swapped="no"/>
++ <signal name="cursor-changed" handler="on_treeview_cursor_changed" swapped="no"/>
+ <signal name="row-activated" handler="on_column_clicked" swapped="no"/>
+ <child internal-child="selection">
+ <object class="GtkTreeSelection" id="treeview-selection3"/>
@@ -522416,6 +522421,7 @@ index 0000000..526ad31
+ <property name="search_column">0</property>
+ <property name="activate_on_single_click">True</property>
+ <signal name="button-press-event" handler="item_in_tree_selected" swapped="no"/>
++ <signal name="cursor-changed" handler="on_treeview_cursor_changed" swapped="no"/>
+ <signal name="row-activated" handler="on_column_clicked" swapped="no"/>
+ <child internal-child="selection">
+ <object class="GtkTreeSelection" id="treeview-selection4"/>
@@ -522570,6 +522576,7 @@ index 0000000..526ad31
+ <property name="fixed_height_mode">True</property>
+ <property name="activate_on_single_click">True</property>
+ <signal name="button-press-event" handler="item_in_tree_selected" swapped="no"/>
++ <signal name="cursor-changed" handler="on_treeview_cursor_changed" swapped="no"/>
+ <signal name="row-activated" handler="on_column_clicked" swapped="no"/>
+ <child internal-child="selection">
+ <object class="GtkTreeSelection" id="treeview-selection5"/>
@@ -522662,6 +522669,7 @@ index 0000000..526ad31
+ <property name="fixed_height_mode">True</property>
+ <property name="activate_on_single_click">True</property>
+ <signal name="button-press-event" handler="item_in_tree_selected" swapped="no"/>
++ <signal name="cursor-changed" handler="on_treeview_cursor_changed" swapped="no"/>
+ <signal name="row-activated" handler="on_column_clicked" swapped="no"/>
+ <child internal-child="selection">
+ <object class="GtkTreeSelection" id="treeview-selection6"/>
@@ -522792,7 +522800,6 @@ index 0000000..526ad31
+ <child>
+ <object class="GtkTreeViewColumn" id="active_from">
+ <property name="resizable">True</property>
-+ <property name="sizing">autosize</property>
+ <property name="title" translatable="yes">Boolean
+Enabled</property>
+ <property name="clickable">True</property>
@@ -523045,12 +523052,11 @@ index 0000000..526ad31
+ <property name="visible">True</property>
+ <property name="can_focus">True</property>
+ <property name="no_show_all">True</property>
-+ <property name="tooltip_text" translatable="yes">If-Then-Else rules written in policy that can
-+allow alternative access control.</property>
+ <property name="model">login_liststore</property>
+ <property name="search_column">0</property>
+ <property name="activate_on_single_click">True</property>
-+ <signal name="row-activated" handler="on_login_treeview_row_activated" swapped="no"/>
++ <signal name="cursor-changed" handler="on_treeview_cursor_changed" swapped="no"/>
++ <signal name="row-activated" handler="on_column_clicked" swapped="no"/>
+ <child internal-child="selection">
+ <object class="GtkTreeSelection" id="treeview-selection22"/>
+ </child>
@@ -523058,16 +523064,12 @@ index 0000000..526ad31
+ <object class="GtkTreeViewColumn" id="Login Name">
+ <property name="resizable">True</property>
+ <property name="sizing">fixed</property>
-+ <property name="min_width">240</property>
+ <property name="title" translatable="yes">Login Name</property>
+ <property name="expand">True</property>
+ <property name="clickable">True</property>
+ <property name="sort_column_id">0</property>
+ <child>
-+ <object class="GtkCellRendererText" id="cellrenderertext22">
-+ <property name="wrap_mode">word</property>
-+ <property name="wrap_width">360</property>
-+ </object>
++ <object class="GtkCellRendererText" id="cellrenderertext22"/>
+ <attributes>
+ <attribute name="text">0</attribute>
+ </attributes>
@@ -523076,6 +523078,7 @@ index 0000000..526ad31
+ </child>
+ <child>
+ <object class="GtkTreeViewColumn" id="SELinuxUser">
++ <property name="resizable">True</property>
+ <property name="sizing">fixed</property>
+ <property name="title" translatable="yes">SELinux User</property>
+ <property name="expand">True</property>
@@ -523090,6 +523093,19 @@ index 0000000..526ad31
+ </child>
+ </object>
+ </child>
++ <child>
++ <object class="GtkTreeViewColumn" id="MLS Range">
++ <property name="resizable">True</property>
++ <property name="title" translatable="yes">MLS Range</property>
++ <property name="sort_column_id">2</property>
++ <child>
++ <object class="GtkCellRendererText" id="cellrenderertext52"/>
++ <attributes>
++ <attribute name="text">2</attribute>
++ </attributes>
++ </child>
++ </object>
++ </child>
+ </object>
+ <packing>
+ <property name="expand">True</property>
@@ -523129,14 +523145,14 @@ index 0000000..526ad31
+ <property name="reorderable">True</property>
+ <property name="search_column">0</property>
+ <property name="activate_on_single_click">True</property>
-+ <signal name="row-activated" handler="on_user_treeview_row_activated" swapped="no"/>
++ <signal name="cursor-changed" handler="on_treeview_cursor_changed" swapped="no"/>
++ <signal name="row-activated" handler="on_column_clicked" swapped="no"/>
+ <child internal-child="selection">
+ <object class="GtkTreeSelection" id="treeview-selection21"/>
+ </child>
+ <child>
+ <object class="GtkTreeViewColumn" id="SELinuxUser Name">
+ <property name="resizable">True</property>
-+ <property name="sizing">fixed</property>
+ <property name="min_width">240</property>
+ <property name="title" translatable="yes">SELinux User</property>
+ <property name="expand">True</property>
@@ -523155,7 +523171,7 @@ index 0000000..526ad31
+ </child>
+ <child>
+ <object class="GtkTreeViewColumn" id="SELinuxRoles1">
-+ <property name="sizing">fixed</property>
++ <property name="resizable">True</property>
+ <property name="title" translatable="yes">SELinux Roles</property>
+ <property name="expand">True</property>
+ <property name="clickable">True</property>
@@ -523170,6 +523186,33 @@ index 0000000..526ad31
+ </child>
+ </object>
+ </child>
++ <child>
++ <object class="GtkTreeViewColumn" id="DEFAULT Level">
++ <property name="title" translatable="yes">Default Level</property>
++ <property name="sort_indicator">True</property>
++ <property name="sort_column_id">2</property>
++ <child>
++ <object class="GtkCellRendererText" id="cellrenderertext53"/>
++ <attributes>
++ <attribute name="text">2</attribute>
++ </attributes>
++ </child>
++ </object>
++ </child>
++ <child>
++ <object class="GtkTreeViewColumn" id="treeviewcolumn26">
++ <property name="resizable">True</property>
++ <property name="title" translatable="yes">MLS Range</property>
++ <property name="sort_indicator">True</property>
++ <property name="sort_column_id">3</property>
++ <child>
++ <object class="GtkCellRendererText" id="cellrenderertext54"/>
++ <attributes>
++ <attribute name="text">3</attribute>
++ </attributes>
++ </child>
++ </object>
++ </child>
+ </object>
+ <packing>
+ <property name="expand">True</property>
@@ -523818,6 +523861,48 @@ index 0000000..526ad31
+ </packing>
+ </child>
+ <child>
++ <object class="GtkTreeView" id="file_equiv_treeview">
++ <property name="visible">True</property>
++ <property name="can_focus">True</property>
++ <property name="model">file_equiv_liststore</property>
++ <child internal-child="selection">
++ <object class="GtkTreeSelection" id="treeview-selection23"/>
++ </child>
++ <child>
++ <object class="GtkTreeViewColumn" id="file_equiv_source">
++ <property name="resizable">True</property>
++ <property name="title" translatable="yes">Source</property>
++ <child>
++ <object class="GtkCellRendererText" id="cellrenderertext55"/>
++ </child>
++ </object>
++ </child>
++ <child>
++ <object class="GtkTreeViewColumn" id="treeviewcolumn25">
++ <property name="resizable">True</property>
++ <property name="title" translatable="yes">Destination</property>
++ <child>
++ <object class="GtkCellRendererText" id="cellrenderertext56"/>
++ </child>
++ </object>
++ </child>
++ </object>
++ <packing>
++ <property name="position">8</property>
++ </packing>
++ </child>
++ <child type="tab">
++ <object class="GtkLabel" id="files_equiv">
++ <property name="visible">True</property>
++ <property name="can_focus">False</property>
++ <property name="label" translatable="yes">Files Equivalence</property>
++ </object>
++ <packing>
++ <property name="position">8</property>
++ <property name="tab_fill">False</property>
++ </packing>
++ </child>
++ <child>
+ <object class="GtkLabel" id="init_label">
+ <property name="visible">True</property>
+ <property name="can_focus">False</property>
@@ -523827,7 +523912,7 @@ index 0000000..526ad31
+ <property name="use_markup">True</property>
+ </object>
+ <packing>
-+ <property name="position">8</property>
++ <property name="position">9</property>
+ </packing>
+ </child>
+ <child type="tab">
@@ -523837,7 +523922,7 @@ index 0000000..526ad31
+ <property name="lines">0</property>
+ </object>
+ <packing>
-+ <property name="position">8</property>
++ <property name="position">9</property>
+ <property name="tab_fill">False</property>
+ </packing>
+ </child>
@@ -524530,6 +524615,204 @@ index 0000000..526ad31
+ </object>
+ </child>
+ </object>
++ <object class="GtkWindow" id="popup_window_user">
++ <property name="can_focus">False</property>
++ <property name="title" translatable="yes">Network Port Definitions</property>
++ <property name="resizable">False</property>
++ <property name="modal">True</property>
++ <property name="window_position">center-on-parent</property>
++ <property name="transient_for">SELinux_window</property>
++ <signal name="delete-event" handler="gtk_widget_hide" swapped="no"/>
++ <child>
++ <object class="GtkBox" id="vbox11">
++ <property name="visible">True</property>
++ <property name="can_focus">False</property>
++ <property name="orientation">vertical</property>
++ <child>
++ <object class="GtkLabel" id="User_label">
++ <property name="visible">True</property>
++ <property name="can_focus">False</property>
++ <property name="xalign">0</property>
++ <property name="xpad">10</property>
++ <property name="label" translatable="yes">Add User Roles. SELinux User Roles will be created when Update is applied.</property>
++ <property name="justify">fill</property>
++ <property name="wrap">True</property>
++ </object>
++ <packing>
++ <property name="expand">True</property>
++ <property name="fill">True</property>
++ <property name="position">0</property>
++ </packing>
++ </child>
++ <child>
++ <object class="GtkTable" id="table3">
++ <property name="visible">True</property>
++ <property name="can_focus">False</property>
++ <property name="n_rows">5</property>
++ <property name="n_columns">2</property>
++ <child>
++ <placeholder/>
++ </child>
++ <child>
++ <placeholder/>
++ </child>
++ <child>
++ <object class="GtkLabel" id="label16">
++ <property name="visible">True</property>
++ <property name="can_focus">False</property>
++ <property name="xalign">0</property>
++ <property name="xpad">10</property>
++ <property name="label" translatable="yes">SELinux User Name</property>
++ </object>
++ <packing>
++ <property name="y_options"/>
++ </packing>
++ </child>
++ <child>
++ <object class="GtkEntry" id="user_name_entry">
++ <property name="visible">True</property>
++ <property name="can_focus">True</property>
++ <property name="invisible_char">●</property>
++ <property name="primary_icon_activatable">False</property>
++ <property name="secondary_icon_activatable">False</property>
++ </object>
++ <packing>
++ <property name="left_attach">1</property>
++ <property name="right_attach">2</property>
++ </packing>
++ </child>
++ <child>
++ <object class="GtkLabel" id="label23">
++ <property name="visible">True</property>
++ <property name="can_focus">False</property>
++ <property name="xalign">0</property>
++ <property name="xpad">10</property>
++ <property name="label" translatable="yes">SELinux Roles</property>
++ </object>
++ <packing>
++ <property name="top_attach">1</property>
++ <property name="bottom_attach">2</property>
++ <property name="y_options"/>
++ </packing>
++ </child>
++ <child>
++ <object class="GtkLabel" id="user_advanced_button">
++ <property name="visible">True</property>
++ <property name="can_focus">False</property>
++ <property name="xalign">0</property>
++ <property name="xpad">10</property>
++ <property name="label" translatable="yes">Advanced >></property>
++ <property name="selectable">True</property>
++ <attributes>
++ <attribute name="foreground" value="#00004e4e9999"/>
++ </attributes>
++ <signal name="button-press-event" handler="on_user_advanced_button_press_event" swapped="no"/>
++ </object>
++ <packing>
++ <property name="top_attach">2</property>
++ <property name="bottom_attach">3</property>
++ <property name="y_options"/>
++ </packing>
++ </child>
++ <child>
++ <object class="GtkLabel" id="user_mls_label">
++ <property name="can_focus">False</property>
++ <property name="xalign">0</property>
++ <property name="xpad">10</property>
++ <property name="label" translatable="yes">MLS</property>
++ </object>
++ <packing>
++ <property name="top_attach">3</property>
++ <property name="bottom_attach">4</property>
++ <property name="y_options"/>
++ </packing>
++ </child>
++ <child>
++ <object class="GtkComboBox" id="user_roles_combobox">
++ <property name="width_request">360</property>
++ <property name="visible">True</property>
++ <property name="can_focus">False</property>
++ <property name="model">user_roles_liststore</property>
++ <child>
++ <object class="GtkCellRendererText" id="cellrenderertext50"/>
++ <attributes>
++ <attribute name="text">0</attribute>
++ </attributes>
++ </child>
++ </object>
++ <packing>
++ <property name="left_attach">1</property>
++ <property name="right_attach">2</property>
++ <property name="top_attach">1</property>
++ <property name="bottom_attach">2</property>
++ </packing>
++ </child>
++ <child>
++ <object class="GtkBox" id="hbox3">
++ <property name="visible">True</property>
++ <property name="can_focus">False</property>
++ <child>
++ <object class="GtkButton" id="save_changes_user">
++ <property name="label" translatable="yes">Save to update</property>
++ <property name="visible">True</property>
++ <property name="can_focus">True</property>
++ <property name="receives_default">True</property>
++ <signal name="clicked" handler="on_save_changes_login_clicked" swapped="no"/>
++ </object>
++ <packing>
++ <property name="expand">False</property>
++ <property name="fill">True</property>
++ <property name="pack_type">end</property>
++ <property name="position">0</property>
++ </packing>
++ </child>
++ <child>
++ <object class="GtkButton" id="cancel_user">
++ <property name="label" translatable="yes">Cancel</property>
++ <property name="visible">True</property>
++ <property name="can_focus">True</property>
++ <property name="receives_default">True</property>
++ <signal name="clicked" handler="on_cancel_user_clicked" swapped="no"/>
++ </object>
++ <packing>
++ <property name="expand">False</property>
++ <property name="fill">True</property>
++ <property name="pack_type">end</property>
++ <property name="position">1</property>
++ </packing>
++ </child>
++ </object>
++ <packing>
++ <property name="left_attach">1</property>
++ <property name="right_attach">2</property>
++ <property name="top_attach">4</property>
++ <property name="bottom_attach">5</property>
++ </packing>
++ </child>
++ <child>
++ <object class="GtkEntry" id="user_mls_entry">
++ <property name="can_focus">True</property>
++ <property name="invisible_char">●</property>
++ <property name="primary_icon_activatable">False</property>
++ <property name="secondary_icon_activatable">False</property>
++ </object>
++ <packing>
++ <property name="left_attach">1</property>
++ <property name="right_attach">2</property>
++ <property name="top_attach">3</property>
++ <property name="bottom_attach">4</property>
++ </packing>
++ </child>
++ </object>
++ <packing>
++ <property name="expand">True</property>
++ <property name="fill">True</property>
++ <property name="position">1</property>
++ </packing>
++ </child>
++ </object>
++ </child>
++ </object>
+ <object class="GtkWindow" id="update_window">
+ <property name="can_focus">False</property>
+ <property name="modal">True</property>
@@ -524991,10 +525274,15 @@ index 79f3997..1ff9d2c 100644
')
"""
diff --git a/policycoreutils/sepolicy/sepolicy/transition.py b/policycoreutils/sepolicy/sepolicy/transition.py
-index 5850622..5e308e3 100755
+index 5850622..1688c97 100755
--- a/policycoreutils/sepolicy/sepolicy/transition.py
+++ b/policycoreutils/sepolicy/sepolicy/transition.py
-@@ -64,8 +64,9 @@ class setrans:
+@@ -60,12 +60,18 @@ class setrans:
+
+ def out(self, name, seen=[], header=""):
+ buf = ""
++ boolean_text=""
+ if name in seen:
return buf
seen.append(name)
@@ -525002,7 +525290,11 @@ index 5850622..5e308e3 100755
- buf += "%s%s @ %s --> %s\n" % (header, t["source"], t["target"], t["transtype"])
+ if "map" in self.sdict[name]:
+ for t in self.sdict[name]["map"]:
-+ buf += "%s%s @ %s --> %s\n" % (header, t["source"], t["target"], t["transtype"])
++ cond=sepolicy.get_conditionals(t["source"], t["transtype"],"process",["transition"])
++ if cond:
++ buf += "%s%s @ %s --> %s %s\n" % (header, t["source"], t["target"], t["transtype"], sepolicy.get_conditionals_format_text(cond))
++ else:
++ buf += "%s%s @ %s --> %s\n" % (header, t["source"], t["target"], t["transtype"])
if "child" in self.sdict[name]:
for x in self.sdict[name]["child"]:
@@ -525500,7 +525792,7 @@ index 38abeb8..916a58c 100644
-getsebool(8), booleans(8), togglesebool(8)
+getsebool(8), booleans(8), togglesebool(8), semanage(8)
diff --git a/policycoreutils/setsebool/setsebool.c b/policycoreutils/setsebool/setsebool.c
-index 86578f7..3ef37a0 100644
+index 86578f7..29146a8 100644
--- a/policycoreutils/setsebool/setsebool.c
+++ b/policycoreutils/setsebool/setsebool.c
@@ -10,6 +10,8 @@
@@ -525566,21 +525858,18 @@ index 86578f7..3ef37a0 100644
managed = semanage_is_managed(handle);
if (managed < 0) {
fprintf(stderr,
-@@ -166,13 +177,25 @@ static int semanage_set_boolean_list(size_t boolcnt,
+@@ -166,13 +177,22 @@ static int semanage_set_boolean_list(size_t boolcnt,
if (semanage_bool_key_extract(handle, boolean, &bool_key) < 0)
goto err;
+
+ semanage_bool_exists(handle, bool_key, &result);
+ if ( !result ) {
-+ fprintf(stderr, "Boolean %s is not defined\n", boollist[j].name);
-+ goto err;
-+ }
-+
-+ semanage_bool_exists_local(handle, bool_key, &result);
-+ if ( !result ) {
-+ fprintf(stderr, "Boolean %s is not defined\n", boollist[j].name);
-+ goto err;
++ semanage_bool_exists_local(handle, bool_key, &result);
++ if ( !result ) {
++ fprintf(stderr, "Boolean %s is not defined\n", boollist[j].name);
++ goto err;
++ }
+ }
if (semanage_bool_modify_local(handle, bool_key,
@@ -525593,7 +525882,7 @@ index 86578f7..3ef37a0 100644
boollist[j].name);
goto err;
}
-@@ -194,7 +217,6 @@ static int semanage_set_boolean_list(size_t boolcnt,
+@@ -194,7 +214,6 @@ static int semanage_set_boolean_list(size_t boolcnt,
semanage_bool_key_free(bool_key);
semanage_bool_free(boolean);
semanage_handle_destroy(handle);
diff --git a/policycoreutils.spec b/policycoreutils.spec
index 1df55d9..a70a11a 100644
--- a/policycoreutils.spec
+++ b/policycoreutils.spec
@@ -7,7 +7,7 @@
Summary: SELinux policy core utilities
Name: policycoreutils
Version: 2.1.14
-Release: 80%{?dist}
+Release: 81%{?dist}
License: GPLv2
Group: System Environment/Base
# Based on git repository with tag 20101221
@@ -16,6 +16,7 @@ Source1:git://oss.tresys.com/git/selinux/sepolgen-%{sepolgenver}.tgz
URL: http://www.selinuxproject.org
Source2: policycoreutils_man_ru2.tar.bz2
Source3: system-config-selinux.png
+Source4: sepolicy-help.tgz
Patch: policycoreutils-rhat.patch
Patch1: policycoreutils-sepolgen.patch
Obsoletes: policycoreutils < 2.0.61-2
@@ -49,9 +50,10 @@ to switch roles.
%setup -q -a 1
%patch -p2 -b .rhat
%patch1 -p2 -b .sepolgen -d sepolgen-%{sepolgenver}
+cp %{SOURCE3} gui/
+tar xvf %{SOURCE4}
%build
-cp %{SOURCE3} gui/
make LSPP_PRIV=y SBINDIR="%{_sbindir}" LIBDIR="%{_libdir}" CFLAGS="%{optflags} -fPIE" LDFLAGS="-pie -Wl,-z,relro -Wl,-z,now" SEMODULE_PATH="/usr/sbin" all
make -C sepolgen-%{sepolgenver} SBINDIR="%{_sbindir}" LSPP_PRIV=y LIBDIR="%{_libdir}" CFLAGS="%{optflags} -fPIE" LDFLAGS="-pie -Wl,-z,relro" all
@@ -85,10 +87,15 @@ desktop-file-install --dir ${RPM_BUILD_ROOT}%{_datadir}/applications \
%{buildroot}%{_datadir}/system-config-selinux/system-config-selinux.desktop
desktop-file-install --dir ${RPM_BUILD_ROOT}%{_datadir}/applications \
+ --add-category Settings \
+ %{buildroot}%{_datadir}/system-config-selinux/sepolicy.desktop
+
+desktop-file-install --dir ${RPM_BUILD_ROOT}%{_datadir}/applications \
%{buildroot}%{_datadir}/system-config-selinux/selinux-polgengui.desktop
rm -f %{buildroot}%{_datadir}/system-config-selinux/selinux-polgengui.desktop
rm -f %{buildroot}%{_datadir}/system-config-selinux/system-config-selinux.desktop
+rm -f %{buildroot}%{_datadir}/system-config-selinux/sepolicy.desktop
%find_lang %{name}
@@ -120,7 +127,7 @@ an SELinux environment.
%dir %{python_sitearch}/sepolicy
%{python_sitearch}/sepolicy/*so
%{python_sitearch}/sepolicy/templates
-%{python_sitearch}/sepolicy/help
+%dir %{python_sitearch}/sepolicy/help
%{python_sitearch}/sepolicy/help/*
%{python_sitearch}/sepolicy/__init__.py*
%{python_sitearch}/sepolicy/booleans.py*
@@ -228,6 +235,7 @@ system-config-selinux is a utility for managing the SELinux environment
%files gui
%{_bindir}/system-config-selinux
%{_bindir}/selinux-polgengui
+%{_datadir}/applications/sepolicy.desktop
%{_datadir}/applications/system-config-selinux.desktop
%{_datadir}/applications/selinux-polgengui.desktop
%{_datadir}/icons/hicolor/24x24/apps/system-config-selinux.png
@@ -336,6 +344,10 @@ The policycoreutils-restorecond package contains the restorecond service.
%systemd_postun_with_restart restorecond.service
%changelog
+* Wed Sep 18 2013 Dan Walsh <dwalsh at redhat.com> - 2.1.14-81
+- Add back in the help png files
+- Begin Adding support for file equivalency.
+
* Wed Sep 4 2013 Dan Walsh <dwalsh at redhat.com> - 2.1.14-80
- Random fixes for sepolicy gui
* Do not prompt for password until you make a change
diff --git a/sepolicy-help.tgz b/sepolicy-help.tgz
new file mode 100644
index 0000000..fd579a5
Binary files /dev/null and b/sepolicy-help.tgz differ
More information about the scm-commits
mailing list