policycoreutils/policycoreutils-rhat.patch

5050 lines
207 KiB
Diff
Raw Normal View History

diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/booleansPage.py policycoreutils-1.33.7/gui/booleansPage.py
--- nsapolicycoreutils/gui/booleansPage.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-1.33.7/gui/booleansPage.py 2007-01-04 16:24:30.000000000 -0500
@@ -0,0 +1,199 @@
+#
+# booleansPage.py - GUI for Booleans page in system-config-securitylevel
+#
+# Brent Fox <bfox@redhat.com>
+# Dan Walsh <dwalsh@redhat.com>
+#
+# Copyright 2006 Red Hat, Inc.
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+#
+import string
+import gtk
+import gtk.glade
+import os
+import libxml2
+import gobject
+import sys
+import tempfile
+
+INSTALLPATH='/usr/share/system-config-selinux'
+sys.path.append(INSTALLPATH)
+
+from Conf import *
+import commands
+ENFORCING=0
+PERMISSIVE=1
+DISABLED=2
+
+##
+## I18N
+##
+PROGNAME="system-config-selinux"
+
+import gettext
+gettext.bindtextdomain(PROGNAME, "/usr/share/locale")
+gettext.textdomain(PROGNAME)
+try:
+ gettext.install(PROGNAME, localedir="/usr/share/locale", unicode=1)
+except IOError:
+ import __builtin__
+ __builtin__.__dict__['_'] = unicode
+
+class Translation:
+ def __init__(self):
+ self.translation={}
+ fd=open(INSTALLPATH + "/selinux.tbl","r")
+ lines=fd.readlines()
+ fd.close()
+ for i in lines:
+ try:
+ line=i.strip().split("_(\"")
+ key=line[0].strip()
+ category=line[1].split("\"")[0]
+ value=line[2].split("\"")[0]
+ self.translation[key]=(category,value)
+ except:
+ continue
+
+ def get_category(self,key):
+ try:
+ return _(self.translation[key][0])
+ except:
+ return _("Other")
+
+ def get_value(self,key):
+ try:
+ return _(self.translation[key][1])
+ except:
+ return key
+
+class Modifier:
+ def __init__(self,name, on, save):
+ self.on=on
+ self.name=name
+ self.save=save
+
+ def set(self,value):
+ self.on=value
+ self.save=True
+
+ def isOn(self):
+ return self.on
+
+class Boolean(Modifier):
+ def __init__(self,name, val, save=False):
+ Modifier.__init__(self,name, val, save)
+
+class Modifiers:
+ def __init__(self,store):
+ self.modifiers={}
+ self.translation=Translation()
+ self.store=store
+ self.store.clear()
+
+ def add(self,name,val):
+ if name == "targeted_policy":
+ return
+ category=self.translation.get_category(name)
+ if not self.modifiers.has_key(category):
+ self.modifiers[category]={}
+ iter=self.store.append(None)
+ self.modifiers[category]["iter"] = iter
+ self.store.set_value(iter, 1, category)
+ self.store.set_value(iter, 3, False)
+
+ self.modifiers[category][name]=val;
+ iter=self.store.append(self.modifiers[category]["iter"])
+ self.store.set_value(iter, 0, val.isOn())
+ self.store.set_value(iter, 1, self.translation.get_value(name))
+ self.store.set_value(iter, 2, name)
+ self.store.set_value(iter, 3, True)
+
+ def set(self,name,val):
+ category=self.translation.get_category(name)
+ self.modifiers[category][name].set(val)
+
+ def isBoolean(self,name):
+ c=self.translation.get_category(name)
+ return isinstance(self.modifiers[c][name], Boolean)
+
+ def get_booleans(self):
+ booleans={}
+ for c in self.modifiers.keys():
+ for n in self.modifiers[c].keys():
+ if isinstance(self.modifiers[c][n], Boolean):
+ booleans[n]=self.modifiers[c][n]
+ return booleans
+
+class booleansPage:
+ def __init__(self, xml, doDebug=None):
+ self.xml = xml
+ self.types=[]
+ self.selinuxsupport = True
+ self.translation = Translation()
+ self.typechanged = False
+ self.doDebug = doDebug
+
+ # Bring in widgets from glade file.
+ self.typeHBox = xml.get_widget("typeHBox")
+ self.booleanSW = xml.get_widget("booleanSW")
+ self.booleansView = xml.get_widget("booleansView")
+ self.typeLabel = xml.get_widget("typeLabel")
+ self.modifySeparator = xml.get_widget("modifySeparator")
+
+ listStore = gtk.ListStore(gobject.TYPE_STRING)
+ cell = gtk.CellRendererText()
+
+ self.booleansStore = gtk.TreeStore(gobject.TYPE_BOOLEAN, gobject.TYPE_STRING, gobject.TYPE_PYOBJECT, gobject.TYPE_BOOLEAN)
+ self.booleansStore.set_sort_column_id(1, gtk.SORT_ASCENDING)
+ self.booleansView.set_model(self.booleansStore)
+
+ checkbox = gtk.CellRendererToggle()
+ checkbox.connect("toggled", self.boolean_toggled)
+ col = gtk.TreeViewColumn('', checkbox, active = 0,visible=3)
+ col.set_fixed_width(20)
+ col.set_clickable(True)
+ self.booleansView.append_column(col)
+
+ col = gtk.TreeViewColumn("", gtk.CellRendererText(), text=1)
+ self.booleansView.append_column(col)
+ self.refreshBooleans()
+
+ def get_description(self):
+ return _("Boolean")
+
+ def refreshBooleans(self):
+ self.modifiers=Modifiers(self.booleansStore)
+ booleansList=commands.getoutput("/usr/sbin/getsebool -a").split("\n")
+ for i in booleansList:
+ rec=i.split()
+ name=rec[0]
+ if rec[2]=="on" or rec[2]=="active":
+ on=1
+ else:
+ on=0
+ self.modifiers.add(name,Boolean(name,on))
+
+ def boolean_toggled(self, widget, row):
+ if len(row) == 1:
+ return
+ iter = self.booleansStore.get_iter(row)
+ val = self.booleansStore.get_value(iter, 0)
+ key = self.booleansStore.get_value(iter, 2)
+ self.booleansStore.set_value(iter, 0 , not val)
+ self.modifiers.set(key, not val)
+
+ setsebool="/usr/sbin/setsebool -P %s=%d" % (key, not val)
+ commands.getstatusoutput(setsebool)
diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/fcontextPage.py policycoreutils-1.33.7/gui/fcontextPage.py
--- nsapolicycoreutils/gui/fcontextPage.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-1.33.7/gui/fcontextPage.py 2007-01-04 16:24:30.000000000 -0500
@@ -0,0 +1,158 @@
+## fcontextPage.py - show selinux mappings
+## Copyright (C) 2006 Red Hat, Inc.
+
+## This program is free software; you can redistribute it and/or modify
+## it under the terms of the GNU General Public License as published by
+## the Free Software Foundation; either version 2 of the License, or
+## (at your option) any later version.
+
+## This program is distributed in the hope that it will be useful,
+## but WITHOUT ANY WARRANTY; without even the implied warranty of
+## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+## GNU General Public License for more details.
+
+## You should have received a copy of the GNU General Public License
+## along with this program; if not, write to the Free Software
+## Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+
+## Author: Dan Walsh
+import gtk
+import gtk.glade
+import os
+import libxml2
+import gobject
+import seobject
+from semanagePage import *;
+from avc import context
+
+##
+## I18N
+##
+PROGNAME="system-config-selinux"
+
+import gettext
+gettext.bindtextdomain(PROGNAME, "/usr/share/locale")
+gettext.textdomain(PROGNAME)
+try:
+ gettext.install(PROGNAME, localedir="/usr/share/locale", unicode=1)
+except IOError:
+ import __builtin__
+ __builtin__.__dict__['_'] = unicode
+
+class fcontextPage(semanagePage):
+ def __init__(self, xml):
+ semanagePage.__init__(self, xml, "fcontext", _("File Labeling"))
+ self.view = xml.get_widget("fcontextView")
+ self.store = gtk.ListStore(gobject.TYPE_STRING, gobject.TYPE_STRING, gobject.TYPE_STRING)
+ self.view.set_model(self.store)
+# self.store.set_sort_column_id(0, gtk.SORT_ASCENDING)
+
+ col = gtk.TreeViewColumn(_("File\nSpecification"), gtk.CellRendererText(), text=0)
+ col.set_sizing(gtk.TREE_VIEW_COLUMN_FIXED)
+ col.set_fixed_width(250)
+
+ col.set_sort_column_id(0)
+ col.set_resizable(True)
+ self.view.append_column(col)
+ col = gtk.TreeViewColumn(_("Selinux\nFile Context"), gtk.CellRendererText(), text=1)
+
+ col.set_sizing(gtk.TREE_VIEW_COLUMN_FIXED)
+ col.set_fixed_width(250)
+ col.set_sort_column_id(1)
+ col.set_resizable(True)
+ self.view.append_column(col)
+ col = gtk.TreeViewColumn(_("File\nType"), gtk.CellRendererText(), text=2)
+ col.set_sort_column_id(2)
+ col.set_resizable(True)
+ self.view.append_column(col)
+ self.load()
+ self.fcontextEntry = xml.get_widget("fcontextEntry")
+ self.fcontextFileTypeCombo = xml.get_widget("fcontextFileTypeCombo")
+ liststore=self.fcontextFileTypeCombo.get_model()
+ for k in seobject.file_types:
+ if len(k) > 0 and k[0] != '-':
+ iter=liststore.append()
+ liststore.set_value(iter, 0, k)
+ iter = liststore.get_iter_first()
+ self.fcontextFileTypeCombo.set_active_iter(iter)
+ self.fcontextTypeEntry = xml.get_widget("fcontextTypeEntry")
+ self.fcontextMLSEntry = xml.get_widget("fcontextMLSEntry")
+
+ def load(self):
+ self.fcontext=seobject.fcontextRecords()
+ fcon_list=self.fcontext.get_all()
+ self.store.clear()
+ for fcon in fcon_list:
+ iter=self.store.append()
+ self.store.set_value(iter, 0, fcon[0])
+ self.store.set_value(iter, 2, fcon[1])
+ if len(fcon) > 3:
+ rec="%s:%s:%s:%s " % (fcon[2], fcon[3],fcon[4], seobject.translate(fcon[5],False))
+ else:
+ rec="<<None>>"
+ self.store.set_value(iter, 1, rec)
+ self.view.get_selection().select_path ((0,))
+
+ def dialogInit(self):
+ store, iter = self.view.get_selection().get_selected()
+ self.fcontextEntry.set_text(store.get_value(iter, 0))
+ self.fcontextEntry.set_sensitive(False)
+ scontext = store.get_value(iter, 1)
+ scon=context(scontext)
+ self.fcontextTypeEntry.set_text(scon.type)
+ self.fcontextMLSEntry.set_text(scon.mls)
+ type=store.get_value(iter, 2)
+ liststore=self.fcontextFileTypeCombo.get_model()
+ iter = liststore.get_iter_first()
+ while iter != None and liststore.get_value(iter,0) != type:
+ iter = liststore.iter_next(iter)
+ if iter != None:
+ self.fcontextFileTypeCombo.set_active_iter(iter)
+ self.fcontextFileTypeCombo.set_sensitive(False)
+
+ def dialogClear(self):
+ self.fcontextEntry.set_text("")
+ self.fcontextEntry.set_sensitive(True)
+ self.fcontextFileTypeCombo.set_sensitive(True)
+ self.fcontextTypeEntry.set_text("")
+ self.fcontextMLSEntry.set_text("s0")
+
+ def delete(self):
+ store, iter = self.view.get_selection().get_selected()
+ try:
+ fspec=store.get_value(iter, 0)
+ type=store.get_value(iter, 1)
+ self.fcontext.delete(fspec, type)
+ store.remove(iter)
+ self.view.get_selection().select_path ((0,))
+ except ValueError, e:
+ self.error(e.args[0])
+
+ def add(self):
+ fspec=self.fcontextEntry.get_text().strip()
+ type=self.fcontextTypeEntry.get_text().strip()
+ mls=self.fcontextMLSEntry.get_text().strip()
+ list_model=self.fcontextFileTypeCombo.get_model()
+ iter = self.fcontextFileTypeCombo.get_active_iter()
+ ftype=list_model.get_value(iter,0)
+
+ self.fcontext.add(fspec, type, ftype, mls)
+
+ iter=self.store.append()
+ self.store.set_value(iter, 0, fspec)
+ self.store.set_value(iter, 2, ftype)
+ self.store.set_value(iter, 1, "system_u:object_r:%s:%s" % (type, mls))
+
+ def modify(self):
+ fspec=self.fcontextEntry.get_text().strip()
+ type=self.fcontextTypeEntry.get_text().strip()
+ mls=self.fcontextMLSEntry.get_text().strip()
+ list_model=self.fcontextFileTypeCombo.get_model()
+ iter = self.fcontextFileTypeCombo.get_active_iter()
+ ftype=list_model.get_value(iter,0)
+ self.fcontext.modify(fspec, type, ftype, mls, "")
+
+ store, iter = self.view.get_selection().get_selected()
+ self.store.set_value(iter, 0, fspec)
+ self.store.set_value(iter, 2, ftype)
+ self.store.set_value(iter, 1, "system_u:object_r:%s:%s" % (type, mls))
diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/loginsPage.py policycoreutils-1.33.7/gui/loginsPage.py
--- nsapolicycoreutils/gui/loginsPage.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-1.33.7/gui/loginsPage.py 2007-01-04 16:24:30.000000000 -0500
@@ -0,0 +1,161 @@
+## loginsPage.py - show selinux mappings
+## Copyright (C) 2006 Red Hat, Inc.
+
+## This program is free software; you can redistribute it and/or modify
+## it under the terms of the GNU General Public License as published by
+## the Free Software Foundation; either version 2 of the License, or
+## (at your option) any later version.
+
+## This program is distributed in the hope that it will be useful,
+## but WITHOUT ANY WARRANTY; without even the implied warranty of
+## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+## GNU General Public License for more details.
+
+## You should have received a copy of the GNU General Public License
+## along with this program; if not, write to the Free Software
+## Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+
+## Author: Dan Walsh
+import string
+import gtk
+import gtk.glade
+import os
+import libxml2
+import gobject
+import sys
+import seobject
+from semanagePage import *;
+
+##
+## I18N
+##
+PROGNAME="policycoreutils"
+import gettext
+gettext.bindtextdomain(PROGNAME, "/usr/share/locale")
+gettext.textdomain(PROGNAME)
+try:
+ gettext.install(PROGNAME, localedir="/usr/share/locale", unicode=1)
+except IOError:
+ import __builtin__
+ __builtin__.__dict__['_'] = unicode
+
+class loginsPage(semanagePage):
+ def __init__(self, xml):
+ self.firstTime = False
+ semanagePage.__init__(self, xml, "logins", _("User Mapping"))
+ self.store = gtk.ListStore(gobject.TYPE_STRING, gobject.TYPE_STRING, gobject.TYPE_STRING)
+ self.view.set_model(self.store)
+ self.store.set_sort_column_id(0, gtk.SORT_ASCENDING)
+ col = gtk.TreeViewColumn(_("Login\nName"), gtk.CellRendererText(), text = 0)
+ col.set_sort_column_id(0)
+ col.set_resizable(True)
+ self.view.append_column(col)
+ col = gtk.TreeViewColumn(_("SELinux\nUser"), gtk.CellRendererText(), text = 1)
+ col.set_resizable(True)
+ self.view.append_column(col)
+ col = gtk.TreeViewColumn(_("MLS/\nMCS Range"), gtk.CellRendererText(), text = 2)
+ col.set_resizable(True)
+ self.view.append_column(col)
+ self.load()
+ self.loginsNameEntry = xml.get_widget("loginsNameEntry")
+ self.loginsSelinuxUserCombo = xml.get_widget("loginsSelinuxUserCombo")
+ self.loginsMLSEntry = xml.get_widget("loginsMLSEntry")
+
+ def load(self):
+ self.login = seobject.loginRecords()
+ dict = self.login.get_all()
+ keys = dict.keys()
+ keys.sort()
+ self.store.clear()
+ for k in keys:
+ iter = self.store.append()
+ self.store.set_value(iter, 0, k)
+ self.store.set_value(iter, 1, dict[k][0])
+ self.store.set_value(iter, 2, seobject.translate(dict[k][1]))
+ self.view.get_selection().select_path ((0,))
+
+ def __dialogSetup(self):
+ if self.firstTime == True:
+ return
+ self.firstTime = True
+ liststore = gtk.ListStore(gobject.TYPE_STRING)
+ self.loginsSelinuxUserCombo.set_model(liststore)
+ cell = gtk.CellRendererText()
+ self.loginsSelinuxUserCombo.pack_start(cell, True)
+ self.loginsSelinuxUserCombo.add_attribute(cell, 'text', 0)
+
+ selusers = seobject.seluserRecords().get_all()
+ keys = selusers.keys()
+ keys.sort()
+ for k in keys:
+ if k != "system_u":
+ self.loginsSelinuxUserCombo.append_text(k)
+
+ iter = liststore.get_iter_first()
+ while liststore.get_value(iter,0) != "user_u":
+ iter = liststore.iter_next(iter)
+ self.loginsSelinuxUserCombo.set_active_iter(iter)
+
+ def dialogInit(self):
+ self.__dialogSetup()
+ store, iter = self.view.get_selection().get_selected()
+ self.loginsNameEntry.set_text(store.get_value(iter, 0))
+ self.loginsNameEntry.set_sensitive(False)
+
+ self.loginsMLSEntry.set_text(store.get_value(iter, 2))
+ seuser = store.get_value(iter, 1)
+ liststore = self.loginsSelinuxUserCombo.get_model()
+ iter = liststore.get_iter_first()
+ while iter != None and liststore.get_value(iter,0) != seuser:
+ iter = liststore.iter_next(iter)
+ if iter != None:
+ self.loginsSelinuxUserCombo.set_active_iter(iter)
+
+
+ def dialogClear(self):
+ self.__dialogSetup()
+ self.loginsNameEntry.set_text("")
+ self.loginsNameEntry.set_sensitive(True)
+ self.loginsMLSEntry.set_text("s0")
+
+ def delete(self):
+ store, iter = self.view.get_selection().get_selected()
+ try:
+ login=store.get_value(iter, 0)
+ if login == "root" or login == "__default__":
+ raise ValueError(_("Login '%s' is required") % login)
+
+ self.login.delete(login)
+ store.remove(iter)
+ self.view.get_selection().select_path ((0,))
+ except ValueError, e:
+ self.error(e.args[0])
+
+ def add(self):
+ target=self.loginsNameEntry.get_text().strip()
+ serange=self.loginsMLSEntry.get_text().strip()
+ if serange == "":
+ serange="s0"
+ list_model=self.loginsSelinuxUserCombo.get_model()
+ iter = self.loginsSelinuxUserCombo.get_active_iter()
+ seuser = list_model.get_value(iter,0)
+ self.login.add(target, seuser, serange)
+ iter = self.store.append()
+ self.store.set_value(iter, 0, target)
+ self.store.set_value(iter, 1, seuser)
+ self.store.set_value(iter, 2, seobject.translate(serange))
+
+ def modify(self):
+ target=self.loginsNameEntry.get_text().strip()
+ serange=self.loginsMLSEntry.get_text().strip()
+ if serange == "":
+ serange = "s0"
+ list_model = self.loginsSelinuxUserCombo.get_model()
+ iter = self.loginsSelinuxUserCombo.get_active_iter()
+ seuser=list_model.get_value(iter,0)
+ self.login.modify(target, seuser, serange)
+ store, iter = self.view.get_selection().get_selected()
+ self.store.set_value(iter, 0, target)
+ self.store.set_value(iter, 1, seuser)
+ self.store.set_value(iter, 2, seobject.translate(serange))
+
diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/Makefile policycoreutils-1.33.7/gui/Makefile
--- nsapolicycoreutils/gui/Makefile 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-1.33.7/gui/Makefile 2007-01-04 16:24:30.000000000 -0500
@@ -0,0 +1,30 @@
+# Installation directories.
+PREFIX ?= ${DESTDIR}/usr
+SHAREDIR ?= $(PREFIX)/share/system-config-selinux
+
+TARGETS= \
+booleansPage.py \
+fcontextPage.py \
+loginsPage.py \
+mappingsPage.py \
+modulesPage.py \
+portsPage.py \
+semanagePage.py \
+statusPage.py \
+system-config-selinux.glade \
+translationsPage.py \
+usersPage.py \
+selinux.tbl
+
+all: $(TARGETS) system-config-selinux.py
+
+install: all
+ -mkdir -p $(SHAREDIR)
+ install -m 755 system-config-selinux.py $(SHAREDIR)
+ install -m 644 $(TARGETS) $(SHAREDIR)
+
+clean:
+
+indent:
+
+relabel:
diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/mappingsPage.py policycoreutils-1.33.7/gui/mappingsPage.py
--- nsapolicycoreutils/gui/mappingsPage.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-1.33.7/gui/mappingsPage.py 2007-01-04 16:24:30.000000000 -0500
@@ -0,0 +1,54 @@
+## mappingsPage.py - show selinux mappings
+## Copyright (C) 2006 Red Hat, Inc.
+
+## This program is free software; you can redistribute it and/or modify
+## it under the terms of the GNU General Public License as published by
+## the Free Software Foundation; either version 2 of the License, or
+## (at your option) any later version.
+
+## This program is distributed in the hope that it will be useful,
+## but WITHOUT ANY WARRANTY; without even the implied warranty of
+## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+## GNU General Public License for more details.
+
+## You should have received a copy of the GNU General Public License
+## along with this program; if not, write to the Free Software
+## Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+
+## Author: Dan Walsh
+import string
+import gtk
+import gtk.glade
+import os
+import libxml2
+import gobject
+import sys
+import seobject
+
+##
+## I18N
+##
+PROGNAME="policycoreutils"
+import gettext
+gettext.bindtextdomain(PROGNAME, "/usr/share/locale")
+gettext.textdomain(PROGNAME)
+try:
+ gettext.install(PROGNAME, localedir="/usr/share/locale", unicode=1)
+except IOError:
+ import __builtin__
+ __builtin__.__dict__['_'] = unicode
+
+class loginsPage:
+ def __init__(self, xml):
+ self.xml = xml
+ self.view = xml.get_widget("mappingsView")
+ self.store = gtk.ListStore(gobject.TYPE_STRING, gobject.TYPE_STRING, gobject.TYPE_STRING)
+ self.store.set_sort_column_id(0, gtk.SORT_ASCENDING)
+ self.view.set_model(self.store)
+ self.login = loginRecords()
+ dict = self.login.get_all()
+ keys = dict.keys()
+ keys.sort()
+ for k in keys:
+ print "%-25s %-25s %-25s" % (k, dict[k][0], translate(dict[k][1]))
+
diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/modulesPage.py policycoreutils-1.33.7/gui/modulesPage.py
--- nsapolicycoreutils/gui/modulesPage.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-1.33.7/gui/modulesPage.py 2007-01-04 16:24:30.000000000 -0500
@@ -0,0 +1,161 @@
+## modulesPage.py - show selinux mappings
+## Copyright (C) 2006 Red Hat, Inc.
+
+## This program is free software; you can redistribute it and/or modify
+## it under the terms of the GNU General Public License as published by
+## the Free Software Foundation; either version 2 of the License, or
+## (at your option) any later version.
+
+## This program is distributed in the hope that it will be useful,
+## but WITHOUT ANY WARRANTY; without even the implied warranty of
+## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+## GNU General Public License for more details.
+
+## You should have received a copy of the GNU General Public License
+## along with this program; if not, write to the Free Software
+## Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+
+## Author: Dan Walsh
+import string
+import gtk
+import gtk.glade
+import os
+import commands
+import libxml2
+import gobject
+import sys
+import seobject
+import selinux
+from semanagePage import *;
+
+##
+## I18N
+##
+PROGNAME="policycoreutils"
+import gettext
+gettext.bindtextdomain(PROGNAME, "/usr/share/locale")
+gettext.textdomain(PROGNAME)
+try:
+ gettext.install(PROGNAME, localedir="/usr/share/locale", unicode=1)
+except IOError:
+ import __builtin__
+ __builtin__.__dict__['_'] = unicode
+
+class modulesPage(semanagePage):
+ def __init__(self, xml):
+ semanagePage.__init__(self, xml, "modules", _("Policy Module"))
+ self.store = gtk.ListStore(gobject.TYPE_STRING, gobject.TYPE_STRING)
+ self.view.set_model(self.store)
+ self.store.set_sort_column_id(0, gtk.SORT_ASCENDING)
+ col = gtk.TreeViewColumn(_("Module Name"), gtk.CellRendererText(), text = 0)
+ col.set_sort_column_id(0)
+ col.set_resizable(True)
+ self.view.append_column(col)
+ self.store.set_sort_column_id(0, gtk.SORT_ASCENDING)
+ col = gtk.TreeViewColumn(_("Version"), gtk.CellRendererText(), text = 1)
+ self.enable_audit_button = xml.get_widget("enableAuditButton")
+ self.enable_audit_button.connect("clicked", self.enable_audit)
+ self.disable_audit_button = xml.get_widget("disableAuditButton")
+ self.disable_audit_button.connect("clicked", self.disable_audit)
+ col.set_sort_column_id(1)
+ col.set_resizable(True)
+ self.view.append_column(col)
+ self.store.set_sort_func(1,self.sort_int, "")
+ status, self.policy_type = selinux.selinux_getpolicytype()
+
+ self.load()
+
+ def sort_int(self, treemodel, iter1, iter2, user_data):
+ try:
+ p1 = int(treemodel.get_value(iter1,1))
+ p2 = int(treemodel.get_value(iter1,1))
+ if p1 > p2:
+ return 1
+ if p1 == p2:
+ return 0
+ return -1
+ except:
+ return 0
+
+ def load(self):
+ self.store.clear()
+ fd=os.popen("semodule -l")
+ l = fd.readlines()
+ fd.close()
+ for i in l:
+ module, ver = i.split('\t')
+ iter = self.store.append()
+ self.store.set_value(iter, 0, module.strip())
+ self.store.set_value(iter, 1, ver.strip())
+
+ self.view.get_selection().select_path ((0,))
+
+ def delete(self):
+ store, iter = self.view.get_selection().get_selected()
+ module = store.get_value(iter, 0)
+ try:
+ status, output =commands.getstatusoutput("semodule -r %s" % module)
+ if status != 0:
+ self.error(output)
+ else:
+ store.remove(iter)
+ self.view.get_selection().select_path ((0,))
+
+ except ValueError, e:
+ self.error(e.args[0])
+
+ def enable_audit(self, button):
+ try:
+ status, output =commands.getstatusoutput("semodule -b /usr/share/selinux/%s/enableaudit.pp" % self.policy_type)
+ if status != 0:
+ self.error(output)
+
+ except ValueError, e:
+ self.error(e.args[0])
+
+ def disable_audit(self, button):
+ try:
+ status, output =commands.getstatusoutput("semodule -b /usr/share/selinux/%s/base.pp" % self.policy_type)
+ if status != 0:
+ self.error(output)
+
+ except ValueError, e:
+ self.error(e.args[0])
+
+ def propertiesDialog(self):
+ # Do nothing
+ return
+
+ def addDialog(self):
+ dialog = gtk.FileChooserDialog(_("Load Policy Module"),
+ None,
+ gtk.FILE_CHOOSER_ACTION_OPEN,
+ (gtk.STOCK_CANCEL, gtk.RESPONSE_CANCEL,
+ gtk.STOCK_OPEN, gtk.RESPONSE_OK))
+ dialog.set_default_response(gtk.RESPONSE_OK)
+
+ filter = gtk.FileFilter()
+ filter.set_name("Policy Files")
+ filter.add_pattern("*.pp")
+ dialog.add_filter(filter)
+
+ response = dialog.run()
+ if response == gtk.RESPONSE_OK:
+ self.add(dialog.get_filename())
+ dialog.destroy()
+
+ def add(self, file):
+ try:
+ status, output =commands.getstatusoutput("semodule -i %s" % file)
+ if status != 0:
+ self.error(output)
+ else:
+ self.load()
+
+ except ValueError, e:
+ self.error(e.args[0])
+
+
+
+
+
diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/portsPage.py policycoreutils-1.33.7/gui/portsPage.py
--- nsapolicycoreutils/gui/portsPage.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-1.33.7/gui/portsPage.py 2007-01-04 16:24:30.000000000 -0500
@@ -0,0 +1,214 @@
+## portsPage.py - show selinux mappings
+## Copyright (C) 2006 Red Hat, Inc.
+
+## This program is free software; you can redistribute it and/or modify
+## it under the terms of the GNU General Public License as published by
+## the Free Software Foundation; either version 2 of the License, or
+## (at your option) any later version.
+
+## This program is distributed in the hope that it will be useful,
+## but WITHOUT ANY WARRANTY; without even the implied warranty of
+## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+## GNU General Public License for more details.
+
+## You should have received a copy of the GNU General Public License
+## along with this program; if not, write to the Free Software
+## Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+
+## Author: Dan Walsh
+import string
+import gtk
+import gtk.glade
+import os
+import libxml2
+import gobject
+import sys
+import seobject
+from semanagePage import *;
+
+##
+## I18N
+##
+PROGNAME = "policycoreutils"
+import gettext
+gettext.bindtextdomain(PROGNAME, "/usr/share/locale")
+gettext.textdomain(PROGNAME)
+TYPE_COL = 0
+PROTOCOL_COL = 1
+MLS_COL = 2
+PORT_COL = 3
+try:
+ gettext.install(PROGNAME, localedir = "/usr/share/locale", unicode = 1)
+except IOError:
+ import __builtin__
+ __builtin__.__dict__['_'] = unicode
+
+class portsPage(semanagePage):
+ def __init__(self, xml):
+ semanagePage.__init__(self, xml, "ports", "Network Port")
+ self.ports_name_entry = xml.get_widget("portsNameEntry")
+ self.ports_protocol_combo = xml.get_widget("portsProtocolCombo")
+ self.ports_number_entry = xml.get_widget("portsNumberEntry")
+ self.ports_mls_entry = xml.get_widget("portsMLSEntry")
+ self.ports_add_button = xml.get_widget("portsAddButton")
+ self.ports_properties_button = xml.get_widget("portsPropertiesButton")
+ self.ports_delete_button = xml.get_widget("portsDeleteButton")
+ self.ports_group_togglebutton = xml.get_widget("portsGroupTogglebutton")
+ self.ports_group_togglebutton.connect("toggled", self.group_toggle)
+ liststore = self.ports_protocol_combo.get_model()
+ iter = liststore.get_iter_first()
+ self.ports_protocol_combo.set_active_iter(iter)
+ self.init_store()
+ self.edit = True
+ self.load()
+
+ def init_store(self):
+ self.store = gtk.ListStore(gobject.TYPE_STRING, gobject.TYPE_STRING, gobject.TYPE_STRING , gobject.TYPE_STRING)
+ self.view.set_model(self.store)
+ self.store.set_sort_column_id(0, gtk.SORT_ASCENDING)
+
+ col = gtk.TreeViewColumn(_("SELinux Port\nType"), gtk.CellRendererText(), text = TYPE_COL)
+ col.set_sort_column_id(TYPE_COL)
+ col.set_resizable(True)
+ self.view.append_column(col)
+ self.store.set_sort_column_id(TYPE_COL, gtk.SORT_ASCENDING)
+
+ col = gtk.TreeViewColumn(_("Protocol"), gtk.CellRendererText(), text = PROTOCOL_COL)
+ col.set_sort_column_id(PROTOCOL_COL)
+ col.set_resizable(True)
+ self.view.append_column(col)
+
+ self.mls_col = gtk.TreeViewColumn(_("MLS/MCS\nLevel"), gtk.CellRendererText(), text = MLS_COL)
+ self.mls_col.set_resizable(True)
+ self.mls_col.set_sort_column_id(MLS_COL)
+ self.view.append_column(self.mls_col)
+
+ col = gtk.TreeViewColumn(_("Port"), gtk.CellRendererText(), text = PORT_COL)
+ col.set_sort_column_id(PORT_COL)
+ col.set_resizable(True)
+ self.view.append_column(col)
+ self.store.set_sort_func(1,self.sort_int, "")
+
+ def group_toggle(self, button):
+ self.edit = not button.get_active()
+ self.ports_add_button.set_sensitive(self.edit)
+ self.ports_properties_button.set_sensitive(self.edit)
+ self.ports_delete_button.set_sensitive(self.edit)
+ self.mls_col.set_visible(self.edit)
+ if on:
+ self.load()
+ else:
+ self.group_load()
+
+ def sort_int(self, treemodel, iter1, iter2, user_data):
+ try:
+ p1 = int(treemodel.get_value(iter1,2))
+ p2 = int(treemodel.get_value(iter1,2))
+ if p1 > p2:
+ return 1
+ if p1 == p2:
+ return 0
+ return -1
+ except:
+ return 0
+
+ def load(self):
+ self.port = seobject.portRecords()
+ dict = self.port.get_all()
+ keys = dict.keys()
+ keys.sort()
+ self.store.clear()
+ for k in keys:
+ iter = self.store.append()
+ if k[0] == k[1]:
+ self.store.set_value(iter, PORT_COL, k[0])
+ else:
+ rec = "%s-%s" % k
+ self.store.set_value(iter, PORT_COL, rec)
+ self.store.set_value(iter, TYPE_COL, dict[k][0])
+ self.store.set_value(iter, PROTOCOL_COL, dict[k][1])
+ self.store.set_value(iter, MLS_COL, dict[k][2])
+ self.view.get_selection().select_path ((0,))
+
+ def group_load(self):
+ self.port = seobject.portRecords()
+ dict = self.port.get_all_by_type()
+ keys = dict.keys()
+ keys.sort()
+ self.store.clear()
+ for k in keys:
+ iter = self.store.append()
+ self.store.set_value(iter, TYPE_COL, k[0])
+ self.store.set_value(iter, PROTOCOL_COL, k[1])
+ self.store.set_value(iter, PORT_COL, ", ".join(dict[k]))
+ self.store.set_value(iter, MLS_COL, "")
+ self.view.get_selection().select_path ((0,))
+
+ def propertiesDialog(self):
+ if self.edit:
+ semanagePage.propertiesDialog(self)
+
+ def dialogInit(self):
+ store, iter = self.view.get_selection().get_selected()
+ self.ports_number_entry.set_text(store.get_value(iter, PORT_COL))
+ self.ports_number_entry.set_sensitive(False)
+ self.ports_protocol_combo.set_sensitive(False)
+ self.ports_name_entry.set_text(store.get_value(iter, TYPE_COL))
+ self.ports_mls_entry.set_text(store.get_value(iter, MLS_COL))
+ protocol = store.get_value(iter, PROTOCOL_COL)
+ liststore = self.ports_protocol_combo.get_model()
+ iter = liststore.get_iter_first()
+ while iter != None and liststore.get_value(iter,0) != protocol:
+ iter = liststore.iter_next(iter)
+ if iter != None:
+ self.ports_protocol_combo.set_active_iter(iter)
+
+ def dialogClear(self):
+ self.ports_number_entry.set_text("")
+ self.ports_number_entry.set_sensitive(True)
+ self.ports_protocol_combo.set_sensitive(True)
+ self.ports_name_entry.set_text("")
+ self.ports_mls_entry.set_text("s0")
+
+ def delete(self):
+ store, iter = self.view.get_selection().get_selected()
+ port = store.get_value(iter, PORT_COL)
+ protocol = store.get_value(iter, 1)
+ try:
+ self.port.delete(port, protocol)
+ store.remove(iter)
+ self.view.get_selection().select_path ((0,))
+ except ValueError, e:
+ self.error(e.args[0])
+
+ def add(self):
+ target = self.ports_name_entry.get_text().strip()
+ mls = self.ports_mls_entry.get_text().strip()
+ port_number = self.ports_number_entry.get_text().strip()
+ if port_number == "":
+ port_number = "1"
+ list_model = self.ports_protocol_combo.get_model()
+ iter = self.ports_protocol_combo.get_active_iter()
+ protocol = list_model.get_value(iter,0)
+ self.port.add(port_number, protocol, mls, target)
+ iter = self.store.append()
+ self.store.set_value(iter, TYPE_COL, target)
+ self.store.set_value(iter, PORT_COL, port_number)
+ self.store.set_value(iter, PROTOCOL_COL, protocol)
+ self.store.set_value(iter, MLS_COL, mls)
+
+ def modify(self):
+ target = self.ports_name_entry.get_text().strip()
+ mls = self.ports_mls_entry.get_text().strip()
+ port_number = self.ports_number_entry.get_text().strip()
+ list_model = self.ports_protocol_combo.get_model()
+ iter = self.ports_protocol_combo.get_active_iter()
+ protocol = list_model.get_value(iter,0)
+ self.port.modify(port_number, protocol, mls, target)
+ store, iter = self.view.get_selection().get_selected()
+ self.store.set_value(iter, TYPE_COL, target)
+ self.store.set_value(iter, PORT_COL, port_number)
+ self.store.set_value(iter, PROTOCOL_COL, protocol)
+ self.store.set_value(iter, MLS_COL, mls)
+
+
diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/selinux.tbl policycoreutils-1.33.7/gui/selinux.tbl
--- nsapolicycoreutils/gui/selinux.tbl 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-1.33.7/gui/selinux.tbl 2007-01-04 16:24:30.000000000 -0500
@@ -0,0 +1,265 @@
+acct_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for acct daemon")
+allow_cvs_read_shadow _("CVS") _("Allow cvs daemon to read shadow")
+allow_daemons_dump_core _("Admin") _("Allow all daemons to write corefiles to /.")
+allow_daemons_use_tty _("Admin") _("Allow all daemons the ability to use unallocated ttys.")
+allow_execheap _("Memory Protection") _("Allow unconfined executables to make their heap memory executable. Doing this is a really bad idea. Probably indicates a badly coded executable, but could indicate an attack. This executable should be reported in bugzilla")
+allow_execmem _("Memory Protection") _("Allow unconfined executables to map a memory region as both executable and writable, this is dangerous and the executable should be reported in bugzilla")
+allow_execmod _("Memory Protection") _("Allow all unconfined executables to use libraries requiring text relocation that are not labeled textrel_shlib_t")
+allow_execstack _("Memory Protection") _("Allow unconfined executables to make their stack executable. This should never, ever be neessary. Probably indicates a badly coded executable, but could indicate an attack. This executable should be reported in bugzilla")
+allow_ftpd_anon_write _("FTP") _("Allow ftpd to upload files to directories labeled public_content_rw_t")
+allow_ftpd_use_cifs _("FTP") _("Allow ftp servers to use cifs used for public file transfer services.")
+allow_ftpd_use_nfs _("FTP") _("Allow ftp servers to use nfs used for public file transfer services.")
+allow_gpg_execstack _("Memory Protection") _("Allow gpg executable stack")
+allow_gssd_read_tmp _("NFS") _("Allow gssd to read temp directory.")
+allow_httpd_anon_write _("HTTPD Service") _("Allow httpd daemon to write files in directories labeled public_content_rw_t")
+allow_httpd_mod_auth_pam _("HTTPD Service") _("Allow Apache to use mod_auth_pam.")
+allow_httpd_sys_script_anon_write _("HTTPD Service") _("Allow httpd scripts to write files in directories labeled public_content_rw_t")
+allow_java_execstack _("Memory Protection") _("Allow java executable stack")
+allow_kerberos _("Kerberos") _("Allow daemons to use kerberos files")
+allow_mount_anyfile _("Mount") _("Allow mount to mount any file")
+allow_mounton_anydir _("Mount") _("Allow mount to mount any dir")
+allow_mplayer_execstack _("Memory Protection") _("Allow mplayer executable stack")
+allow_nfsd_anon_write _("NFS") _("Allow nfs servers to modify public files used for public file transfer services.")
+allow_polyinstantiation _("Polyinstatiation") _("Enable polyinstantiated directory support.")
+allow_ptrace _("Compatibility") _("Allow sysadm_t to debug or ptrace applications)
+allow_rsync_anon_write _("rsync") _("Allow rsync to write files in directories labeled public_content_rw_t")
+allow_saslauthd_read_shadow _("sasl authentication server") _("Allow sasl authentication server to read /etc/shadow")
+allow_smbd_anon_write _("Samba") _("Allow Samba to write files in directories labeled public_content_rw_t")
+allow_ssh_keysign _("SSH") _("Allow ssh to run ssh-keysign")
+allow_unconfined_execmem_dyntrans _("Memory Protection") _("Allow unconfined to dyntrans to unconfined_execmem")
+allow_user_mysql_connect _("Databases") _("Allow user to connect to mysql socket")
+allow_user_postgresql_connect _("Databases") _("Allow user to connect to postgres socket")
+allow_write_xshm _("XServer") _("Allow clients to write to X shared memory")
+allow_ypbind _("NIS") _("Allow daemons to run with NIS")
+allow_zebra_write_config _("Zebra") _("Allow zebra daemon to write it configuration files")
+amanda_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for amanda")
+amavis_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for amavis")
+apmd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for apmd daemon")
+arpwatch_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for arpwatch daemon")
+auditd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for auditd daemon")
+automount_disable_trans _("Mount") _("Disable SELinux protection for automount daemon")
+avahi_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for avahi")
+bluetooth_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for bluetooth daemon")
+canna_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for canna daemon")
+cardmgr_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for cardmgr daemon")
+ccs_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for Cluster Server")
+cdrecord_read_content _("User Privs") _("Allow cdrecord to read various content. nfs, samba, removable devices, user temp and untrusted content files")
+ciped_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for ciped daemon")
+clamd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for clamd daemon")
+clamscan_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for clamscan")
+clvmd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for clvmd")
+comsat_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for comsat daemon")
+courier_authdaemon_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for courier daemon")
+courier_pcp_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for courier daemon")
+courier_pop_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for courier daemon")
+courier_sqwebmail_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for courier daemon")
+courier_tcpd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for courier daemon")
+cpucontrol_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for cpucontrol daemon")
+cpuspeed_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for cpuspeed daemon")
+cron_can_relabel _("Cron") _("Allow system cron jobs to relabel filesystem for restoring file contexts.")
+crond_disable_trans _("Cron") _("Disable SELinux protection for crond daemon")
+cupsd_config_disable_trans _("Printing") _("Disable SELinux protection for cupsd backend server")
+cupsd_disable_trans _("Printing") _("Disable SELinux protection for cupsd daemon")
+cupsd_lpd_disable_trans _("Printing") _("Disable SELinux protection for cupsd_lpd")
+cvs_disable_trans _("CVS") _("Disable SELinux protection for cvs daemon")
+cyrus_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for cyrus daemon")
+dbskkd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for dbskkd daemon")
+dbusd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for dbusd daemon")
+dccd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for dccd")
+dccifd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for dccifd")
+dccm_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for dccm")
+ddt_client_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for ddt daemon")
+devfsd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for devfsd daemon")
+dhcpc_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for dhcpc daemon")
+dhcpd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for dhcpd daemon")
+dictd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for dictd daemon")
+direct_sysadm_daemon _("Admin") _("Allow sysadm_t to directly start daemons")
+disable_evolution_trans _("Web Applications") _("Disable SELinux protection for Evolution")
+disable_games_trans _("Games") _("Disable SELinux protection for games")
+disable_mozilla_trans _("Web Applications") _("Disable SELinux protection for the web browsers")
+disable_thunderbird_trans _("Web Applications") _("Disable SELinux protection for Thunderbird")
+distccd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for distccd daemon")
+dmesg_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for dmesg daemon")
+dnsmasq_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for dnsmasq daemon")
+dovecot_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for dovecot daemon")
+entropyd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for entropyd daemon")
+fcron_crond _("Cron") _("Enable extra rules in the cron domain to support fcron.")
+fetchmail_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for fetchmail")
+fingerd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for fingerd daemon")
+freshclam_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for freshclam daemon")
+fsdaemon_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for fsdaemon daemon")
+ftpd_disable_trans _("FTP") _("Disable SELinux protection for ftpd daemon")
+ftpd_is_daemon _("FTP") _("Allow ftpd to run directly without inetd")
+ftp_home_dir _("FTP") _("Allow ftp to read/write files in the user home directories")
+global_ssp _("Admin") _("This should be enabled when all programs are compiled with ProPolice/SSP stack smashing protection. All domains will be allowed to read from /dev/urandom.")
+gpm_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for gpm daemon")
+gssd_disable_trans _("NFS") _("Disable SELinux protection for gss daemon")
+hald_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for hal daemon")
+hide_broken_symptoms _("Compatibility") _("Do not audit things that we know to be broken but which are not security risks")
+hostname_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for hostname daemon")
+hotplug_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for hotplug daemon")
+howl_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for howl daemon")
+hplip_disable_trans _("Printing") _("Disable SELinux protection for cups hplip daemon")
+httpd_builtin_scripting _("HTTPD Service") _("Allow HTTPD to support built-in scripting")
+httpd_can_network_connect_db _("HTTPD Service") _("Allow HTTPD scripts and modules to network connect to databases.")
+httpd_can_network_connect _("HTTPD Service") _("Allow HTTPD scripts and modules to connect to the network.")
+httpd_can_network_relay _("HTTPD Service") _("Allow httpd to act as a relay.")
+httpd_disable_trans _("HTTPD Service") _("Disable SELinux protection for httpd daemon")
+httpd_enable_cgi _("HTTPD Service") _("Allow HTTPD cgi support")
+httpd_enable_ftp_server _("HTTPD Service") _("Allow HTTPD to run as a ftp server")
+httpd_enable_homedirs _("HTTPD Service") _("Allow HTTPD to read home directories")
+httpd_rotatelogs_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for httpd rotatelogs")
+httpd_ssi_exec _("HTTPD Service") _("Allow HTTPD to run SSI executables in the same domain as system CGI scripts.")
+httpd_suexec_disable_trans _("HTTPD Service") _("Disable SELinux protection for http suexec")
+httpd_tty_comm _("HTTPD Service") _("Unify HTTPD to communicate with the terminal. Needed for handling certificates.")
+httpd_unified _("HTTPD Service") _("Unify HTTPD handling of all content files.")
+hwclock_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for hwclock daemon")
+i18n_input_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for i18n daemon")
+imazesrv_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for imazesrv daemon")
+inetd_child_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for inetd child daemons")
+inetd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for inetd daemon")
+innd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for innd daemon")
+iptables_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for iptables daemon")
+ircd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for ircd daemon")
+irqbalance_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for irqbalance daemon")
+iscsid_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for iscsi daemon")
+jabberd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for jabberd daemon")
+kadmind_disable_trans _("Kerberos") _("Disable SELinux protection for kadmind daemon")
+klogd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for klogd daemon")
+krb5kdc_disable_trans _("Kerberos") _("Disable SELinux protection for krb5kdc daemon")
+ktalkd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for ktalk daemons")
+kudzu_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for kudzu daemon")
+locate_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for locate daemon")
+lpd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for lpd daemon")
+lrrd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for lrrd daemon")
+lvm_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for lvm daemon")
+mailman_mail_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for mailman")
+mail_read_content _("Web Applications") _("Allow evolution and thunderbird to read user files")
+mdadm_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for mdadm daemon")
+monopd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for monopd daemon")
+mozilla_read_content _("Web Applications") _("Allow the mozilla browser to read user files")
+mrtg_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for mrtg daemon")
+mysqld_disable_trans _("Databases") _("Disable SELinux protection for mysqld daemon")
+nagios_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for nagios daemon")
+named_disable_trans _("Name Service") _("Disable SELinux protection for named daemon")
+named_write_master_zones _("Name Service") _("Allow named to overwrite master zone files")
+nessusd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for nessusd daemon")
+NetworkManager_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for NetworkManager")
+nfsd_disable_trans _("NFS") _("Disable SELinux protection for nfsd daemon")
+nfs_export_all_ro _("NFS") _("Allow the reading on any NFS file system")
+nfs_export_all_rw _("NFS") _("Allow the read/write/create on any NFS file system")
+nmbd_disable_trans _("Samba") _("Disable SELinux protection for nmbd daemon")
+nrpe_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for nrpe daemon")
+nscd_disable_trans _("Name Service") _("Disable SELinux protection for nscd daemon")
+nsd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for nsd daemon")
+ntpd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for ntpd daemon")
+oddjob_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for oddjob")
+oddjob_mkhomedir_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for oddjob_mkhomedir")
+openvpn_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for openvpn daemon")
+pam_console_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for pam daemon")
+pegasus_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for pegasus")
+perdition_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for perdition daemon")
+portmap_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for portmap daemon")
+portslave_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for portslave daemon")
+postfix_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for postfix")
+postgresql_disable_trans _("Databases") _("Disable SELinux protection for postgresql daemon")
+pppd_can_insmod _("pppd") _("Allow pppd daemon to insert modules into the kernel")
+pppd_disable_trans _("pppd") _("Disable SELinux protection for pppd daemon")
+pppd_disable_trans _("pppd") _("Disable SELinux protection for the mozilla ppp daemon")
+pppd_for_user _("pppd") _("Allow pppd to be run for a regular user.")
+pptp_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for pptp")
+prelink_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for prelink daemon")
+privoxy_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for privoxy daemon")
+ptal_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for ptal daemon")
+pxe_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for pxe daemon")
+pyzord_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for pyzord")
+quota_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for quota daemon")
+radiusd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for radiusd daemon")
+radvd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for radvd daemon")
+rdisc_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for rdisc")
+readahead_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for readahead")
+read_default_t _("Admin") _("Allow programs to read files in non-standard locations (default_t)")
+read_untrusted_content _("Web Applications") _("Allow programs to read untrusted content without relabel")
+restorecond_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for restorecond")
+rhgb_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for rhgb daemon")
+ricci_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for ricci")
+ricci_modclusterd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for ricci_modclusterd")
+rlogind_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for rlogind daemon")
+rpcd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for rpcd daemon")
+rshd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for rshd")
+rsync_disable_trans _("rsync") _("Disable SELinux protection for rsync daemon")
+run_ssh_inetd _("SSH") _("Allow ssh to run from inetd instead of as a daemon")
+samba_enable_home_dirs _("Samba") _("Allow Samba to share users home directories")
+samba_share_nfs _("Samba") _("Allow Samba to share nfs directories")
+saslauthd_disable_trans _("sasl authentications server") _("Disable SELinux protection for saslauthd daemon")
+scannerdaemon_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for scannerdaemon daemon")
+secure_mode _("Admin") _("Do not allow transition to sysadm_t, sudo and su effected")
+secure_mode_insmod _("Admin") _("Do not allow any processes to load kernel modules")
+secure_mode_policyload _("Admin") _("Do not allow any processes to modify kernel SELinux policy")
+sendmail_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for sendmail daemon")
+setrans_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for setrans")
+setroubleshootd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for setroublesoot daemon")
+slapd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for slapd daemon")
+slrnpull_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for slrnpull daemon")
+smbd_disable_trans _("Samba") _("Disable SELinux protection for smbd daemon")
+snmpd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for snmpd daemon")
+snort_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for snort daemon")
+soundd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for soundd daemon")
+sound_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for sound daemon")
+spamassasin_can_network _("Spam Assassin") _("Allow Spam Assasin daemon network access")
+spamd_disable_trans _("spam Protection") _("Disable SELinux protection for spamd daemon")
+spamd_enable_home_dirs _("spam Protection") _("Allow spamd to access home directories")
+spammassasin_can_network _("spam Protection") _("Allow spammassasin to access the network")
+speedmgmt_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for speedmgmt daemon")
+squid_connect_any _("Squid") _("Allow squid daemon to connect to the network")
+squid_disable_trans _("Squid") _("Disable SELinux protection for squid daemon")
+ssh_keygen_disable_trans _("SSH") _("Disable SELinux protection for ssh daemon")
+ssh_sysadm_login _("SSH") _("Allow ssh logins as sysadm_r:sysadm_t")
+staff_read_sysadm_file _("Admin") _("Allow staff_r users to search the sysadm home dir and read files (such as ~/.bashrc)")
+stunnel_disable_trans _("Universal SSL tunnel") _("Disable SELinux protection for stunnel daemon")
+stunnel_is_daemon _("Universal SSL tunnel") _("Allow stunnel daemon to run as standalone, outside of xinetd")
+swat_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for swat daemon")
+sxid_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for sxid daemon")
+syslogd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for syslogd daemon")
+system_crond_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for system cron jobs")
+tcpd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for tcp daemon")
+telnetd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for telnet daemon")
+tftpd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for tftpd daemon")
+transproxy_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for transproxy daemon")
+udev_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for udev daemon")
+uml_switch_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for uml daemon")
+unlimitedInetd _("Admin") _("Allow xinetd to run unconfined, including any services it starts that do not have a domain transition explicitly defined.")
+unlimitedRC _("Admin") _("Allow rc scripts to run unconfined, including any daemon started by an rc script that does not have a domain transition explicitly defined.")
+unlimitedRPM _("Admin") _("Allow rpm to run unconfined.")
+unlimitedUtils _("Admin") _("Allow privileged utilities like hotplug and insmod to run unconfined.")
+updfstab_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for updfstab daemon")
+uptimed_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for uptimed daemon")
+use_lpd_server _("Printing") _("Use lpd server instead of cups")
+use_nfs_home_dirs _("NFS") _("Support NFS home directories")
+user_canbe_sysadm _("User Privs") _("Allow user_r to reach sysadm_r via su, sudo, or userhelper. Otherwise, only staff_r can do so.")
+user_can_mount _("Mount") _("Allow users to execute the mount command")
+user_direct_mouse _("User Privs") _("Allow regular users direct mouse access (only allow the X server)")
+user_dmesg _("User Privs") _("Allow users to run the dmesg command")
+user_net_control _("User Privs") _("Allow users to control network interfaces (also needs USERCTL=true)")
+user_ping _("User Privs") _("Allow normal user to execute ping")
+user_rw_noexattrfile _("User Privs") _("Allow user to r/w noextattrfile (FAT, CDROM, FLOPPY)")
+user_rw_usb _("User Privs") _("Allow users to rw usb devices")
+user_tcp_server _("User Privs") _("Allow users to run TCP servers (bind to ports and accept connection from the same domain and outside users) disabling this forces FTP passive mode and may change other protocols")
+user_ttyfile_stat _("User Privs") _("Allow user to stat ttyfiles")
+use_samba_home_dirs _("Samba") _("Allow users to login with CIFS home directories")
+uucpd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for uucpd daemon")
+vmware_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for vmware daemon")
+watchdog_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for watchdog daemon")
+winbind_disable_trans _("Samba") _("Disable SELinux protection for winbind daemon")
+write_untrusted_content _("Web Applications") _("Allow web applications to write untrusted content to disk (implies read)")
+xdm_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for xdm daemon")
+xdm_sysadm_login _("XServer") _("Allow xdm logins as sysadm_r:sysadm_t")
+xend_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for xen daemon")
+xen_use_raw_disk _("XEN") _("Allow xen to read/write physical disk devices")
+xfs_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for xfs daemon")
+xm_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for xen constrol")
+ypbind_disable_trans _("NIS") _("Disable SELinux protection for ypbind daemon")
+yppasswdd_disable_trans _("NIS") _("Disable SELinux protection for NIS Password Daemon")
+ypserv_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for ypserv daemon")
+ypxfr_disable_trans _("NIS") _("Disable SELinux protection for NIS Transfer Daemon")
+zebra_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for zebra daemon")
diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/semanagePage.py policycoreutils-1.33.7/gui/semanagePage.py
--- nsapolicycoreutils/gui/semanagePage.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-1.33.7/gui/semanagePage.py 2007-01-04 16:24:30.000000000 -0500
@@ -0,0 +1,109 @@
+## semanagePage.py - show selinux mappings
+## Copyright (C) 2006 Red Hat, Inc.
+
+## This program is free software; you can redistribute it and/or modify
+## it under the terms of the GNU General Public License as published by
+## the Free Software Foundation; either version 2 of the License, or
+## (at your option) any later version.
+
+## This program is distributed in the hope that it will be useful,
+## but WITHOUT ANY WARRANTY; without even the implied warranty of
+## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+## GNU General Public License for more details.
+
+## You should have received a copy of the GNU General Public License
+## along with this program; if not, write to the Free Software
+## Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+
+## Author: Dan Walsh
+import string
+import gtk
+import gtk.glade
+import os
+import libxml2
+import gobject
+import sys
+import seobject
+
+##
+## I18N
+##
+PROGNAME="policycoreutils"
+import gettext
+gettext.bindtextdomain(PROGNAME, "/usr/share/locale")
+gettext.textdomain(PROGNAME)
+try:
+ gettext.install(PROGNAME, localedir="/usr/share/locale", unicode=1)
+except IOError:
+ import __builtin__
+ __builtin__.__dict__['_'] = unicode
+
+class semanagePage:
+ def __init__(self, xml, name, description):
+ self.xml = xml
+ self.view = xml.get_widget("%sView" % name)
+ self.dialog = xml.get_widget("%sDialog" % name)
+ self.view.connect("row_activated", self.rowActivated)
+ self.view.get_selection().connect("changed", self.itemSelected)
+ self.description = description;
+
+ def get_description(self):
+ return self.description
+
+ def itemSelected(self, args):
+ return
+
+ def rowActivated(self, view, row, Column):
+ self.propertiesDialog()
+
+ def verify(self, message, title="" ):
+ dlg = gtk.MessageDialog(None, 0, gtk.MESSAGE_INFO,
+ gtk.BUTTONS_YES_NO,
+ message)
+ dlg.set_title(title)
+ dlg.set_position(gtk.WIN_POS_MOUSE)
+ dlg.show_all()
+ rc = dlg.run()
+ dlg.destroy()
+ return rc
+
+ def error(self, message):
+ dlg = gtk.MessageDialog(None, 0, gtk.MESSAGE_ERROR,
+ gtk.BUTTONS_CLOSE,
+ message)
+ dlg.set_position(gtk.WIN_POS_MOUSE)
+ dlg.show_all()
+ dlg.run()
+ dlg.destroy()
+
+ def deleteDialog(self):
+ store, iter = self.view.get_selection().get_selected()
+ if self.verify(_("Are you sure you want to delete %s '%s'?" % (self.description, store.get_value(iter, 0))), _("Delete %s" % self.description)) == gtk.RESPONSE_YES:
+ self.delete()
+
+ def addDialog(self):
+ self.dialogClear()
+ self.dialog.set_title(_("Add %s" % self.description))
+ self.dialog.set_position(gtk.WIN_POS_MOUSE)
+
+ while self.dialog.run() == gtk.RESPONSE_OK:
+ try:
+ self.add()
+ break;
+ except ValueError, e:
+ self.error(e.args[0])
+ self.dialog.hide()
+
+ def propertiesDialog(self):
+ self.dialogInit()
+ self.dialog.set_title(_("Modify %s" % self.description))
+ self.dialog.set_position(gtk.WIN_POS_MOUSE)
+ while self.dialog.run() == gtk.RESPONSE_OK:
+ try:
+ self.modify()
+ break;
+ except ValueError, e:
+ self.error(e.args[0])
+ self.dialog.hide()
+
+
diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/statusPage.py policycoreutils-1.33.7/gui/statusPage.py
--- nsapolicycoreutils/gui/statusPage.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-1.33.7/gui/statusPage.py 2007-01-04 16:24:30.000000000 -0500
@@ -0,0 +1,213 @@
+## statusPage.py - show selinux status
+## Copyright (C) 2006 Red Hat, Inc.
+
+## This program is free software; you can redistribute it and/or modify
+## it under the terms of the GNU General Public License as published by
+## the Free Software Foundation; either version 2 of the License, or
+## (at your option) any later version.
+
+## This program is distributed in the hope that it will be useful,
+## but WITHOUT ANY WARRANTY; without even the implied warranty of
+## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+## GNU General Public License for more details.
+
+## You should have received a copy of the GNU General Public License
+## along with this program; if not, write to the Free Software
+## Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+
+## Author: Dan Walsh
+import string
+import gtk
+import gtk.glade
+import os
+import libxml2
+import gobject
+import sys
+import tempfile
+
+INSTALLPATH = '/usr/share/system-config-selinux'
+sys.path.append(INSTALLPATH)
+
+rhplPath = "/usr/lib/python%d.%d/site-packages/rhpl" % (sys.version_info[0], sys.version_info[1])
+if not rhplPath in sys.path:
+ sys.path.append(rhplPath)
+
+rhplPath = "/usr/lib64/python%d.%d/site-packages/rhpl" % (sys.version_info[0], sys.version_info[1])
+if not rhplPath in sys.path:
+ sys.path.append(rhplPath)
+
+from Conf import *
+import commands
+ENFORCING = 0
+PERMISSIVE = 1
+DISABLED = 2
+modearray = ( "enforcing", "permissive", "disabled" )
+
+SELINUXDIR = "/etc/selinux/"
+RELABELFILE = "/.autorelabel"
+
+##
+## I18N
+##
+PROGNAME="policycoreutils"
+import gettext
+gettext.bindtextdomain(PROGNAME, "/usr/share/locale")
+gettext.textdomain(PROGNAME)
+import selinux
+try:
+ gettext.install(PROGNAME, localedir="/usr/share/locale", unicode=1)
+except IOError:
+ import __builtin__
+ __builtin__.__dict__['_'] = unicode
+
+class statusPage:
+ def __init__(self, xml):
+ self.xml = xml
+ self.needRelabel = False
+
+ self.type = selinux.selinux_getpolicytype()
+ # Bring in widgets from glade file.
+ self.typeHBox = xml.get_widget("typeHBox")
+ self.selinuxTypeOptionMenu = xml.get_widget("selinuxTypeOptionMenu")
+ self.typeLabel = xml.get_widget("typeLabel")
+ self.enabledOptionMenu = xml.get_widget("enabledOptionMenu")
+ self.currentOptionMenu = xml.get_widget("currentOptionMenu")
+ self.relabel_checkbutton = xml.get_widget("relabelCheckbutton")
+ self.relabel_checkbutton.set_active(self.is_relabel())
+ self.relabel_checkbutton.connect("toggled", self.on_relabel_toggle)
+ if self.get_current_mode() == ENFORCING or self.get_current_mode() == PERMISSIVE:
+ self.currentOptionMenu.append_text(_("Enforcing"))
+ self.currentOptionMenu.append_text(_("Permissive"))
+ self.currentOptionMenu.set_active(self.get_current_mode())
+ self.currentOptionMenu.connect("changed", self.set_current_mode)
+ self.currentOptionMenu.set_sensitive(True)
+ else:
+ self.currentOptionMenu.append_text(_("Disabled"))
+ self.currentOptionMenu.set_sensitive(False)
+
+
+ if self.read_selinux_config() == None:
+ self.selinuxsupport = False
+ else:
+ self.enabledOptionMenu.connect("changed", self.enabled_changed)
+ #
+ # This line must come after read_selinux_config
+ #
+ self.selinuxTypeOptionMenu.connect("changed", self.typemenu_changed)
+
+ self.typeLabel.set_mnemonic_widget(self.selinuxTypeOptionMenu)
+
+ def get_description(self):
+ return _("Status")
+
+ def get_current_mode(self):
+ if selinux.is_selinux_enabled():
+ if selinux.security_getenforce() > 0:
+ return ENFORCING
+ else:
+ return PERMISSIVE
+ else:
+ return DISABLED
+
+ def set_current_mode(self,menu):
+ selinux.security_setenforce(menu.get_active() == 0)
+
+ def is_relabel(self):
+ return os.access(RELABELFILE, os.F_OK) != 0
+
+ def on_relabel_toggle(self,button):
+ if button.get_active():
+ fd = open(RELABELFILE,"w")
+ fd.close()
+ else:
+ if os.access(RELABELFILE, os.F_OK) != 0:
+ os.unlink(RELABELFILE)
+
+ def verify(self, message):
+ dlg = gtk.MessageDialog(None, 0, gtk.MESSAGE_INFO,
+ gtk.BUTTONS_YES_NO,
+ message)
+ dlg.set_position(gtk.WIN_POS_MOUSE)
+ dlg.show_all()
+ rc = dlg.run()
+ dlg.destroy()
+ return rc
+
+ def typemenu_changed(self, menu):
+ type = self.get_type()
+ enabled = self.enabledOptionMenu.get_active()
+ if self.initialtype != type:
+ if self.verify(_("Changing the policy type will cause a relabel of the entire file system on the next boot. Relabeling takes a long time depending on the size of the file system. Do you wish to continue?")) == gtk.RESPONSE_NO:
+ menu.set_active(self.typeHistory)
+ return None
+
+ self.relabel_checkbutton.set_active(True)
+ self.conf["SELINUX"] = modearray[enabled]
+ self.conf["SELINUXTYPE"]=type
+ self.conf.write()
+ self.typeHistory = menu.get_active()
+
+ def enabled_changed(self, combo):
+ enabled = combo.get_active()
+ type = self.get_type()
+
+ if self.initEnabled == DISABLED and enabled < 2:
+ if self.verify(_("Changing to SELinux enabled will cause a relabel of the entire file system on the next boot. Relabeling takes a long time depending on the size of the file system. Do you wish to continue?")) == gtk.RESPONSE_NO:
+ return None
+
+ self.relabel_checkbutton.set_active(True)
+
+ self.conf["SELINUX"] = modearray[enabled]
+ self.conf["SELINUXTYPE"]=type
+ self.conf.write()
+
+ def read_selinux_config(self):
+ self.initialtype = "targeted"
+ self.initEnabled = DISABLED
+ self.types = []
+ if os.access(SELINUXDIR, os.F_OK) == 0:
+ #File doesn't exist. return
+ return None
+
+ self.conf = ConfShellVar(SELINUXDIR+"config")
+ self.conf.rcs = 1
+ if self.conf.has_key("SELINUX"):
+ value = self.conf.vars["SELINUX"].upper().strip()
+ else:
+ value = "ENFORCING"
+ self.conf.vars["SELINUX"] = value
+
+ if value == "ENFORCING":
+ self.initEnabled = ENFORCING
+ self.enabledOptionMenu.set_active(ENFORCING)
+ elif value == "PERMISSIVE":
+ self.initEnabled = PERMISSIVE
+ self.enabledOptionMenu.set_active(PERMISSIVE)
+ elif value == "DISABLED":
+ self.initEnabled = DISABLED
+ self.enabledOptionMenu.set_active(DISABLED)
+
+ if self.conf.has_key("SELINUXTYPE"):
+ self.initialtype = self.conf.vars["SELINUXTYPE"].strip()
+ else:
+ self.conf.vars["SELINUXTYPE"] = self.initialtype
+
+ n = 0
+ current = n
+
+ for i in os.listdir(SELINUXDIR):
+ if os.path.isdir(SELINUXDIR+i) and os.path.isdir(SELINUXDIR+i+"/policy"):
+ self.types.append(i)
+ self.selinuxTypeOptionMenu.append_text(i)
+ if i == self.initialtype:
+ current = n
+ n = n+1
+ self.selinuxTypeOptionMenu.set_active(current)
+ self.typeHistory = current
+
+ return 0
+
+ def get_type(self):
+ return self.types[self.selinuxTypeOptionMenu.get_active()]
+
+
diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/system-config-selinux.glade policycoreutils-1.33.7/gui/system-config-selinux.glade
--- nsapolicycoreutils/gui/system-config-selinux.glade 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-1.33.7/gui/system-config-selinux.glade 2007-01-04 16:24:30.000000000 -0500
@@ -0,0 +1,2803 @@
+<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*-->
+<!DOCTYPE glade-interface SYSTEM "http://glade.gnome.org/glade-2.0.dtd">
+
+<glade-interface>
+<requires lib="gnome"/>
+<requires lib="bonobo"/>
+
+<widget class="GtkAboutDialog" id="aboutWindow">
+ <property name="destroy_with_parent">False</property>
+ <property name="name" translatable="yes">system-config-selinux</property>
+ <property name="copyright" translatable="yes">Copyright (c)2006 Red Hat, Inc.
+Copyright (c) 2006 Dan Walsh &lt;dwalsh@redhat.com&gt;</property>
+ <property name="wrap_license">False</property>
+ <property name="authors">Daniel Walsh &lt;dwalsh@redhat.com&gt;
+</property>
+ <property name="translator_credits" translatable="yes" comments="TRANSLATORS: Replace this string with your names, one name per line.">translator-credits</property>
+ <property name="logo">system-config-selinux.png</property>
+</widget>
+
+<widget class="GtkDialog" id="loginsDialog">
+ <property name="title" translatable="yes">Add SELinux Login Mapping</property>
+ <property name="type">GTK_WINDOW_TOPLEVEL</property>
+ <property name="window_position">GTK_WIN_POS_NONE</property>
+ <property name="modal">False</property>
+ <property name="resizable">True</property>
+ <property name="destroy_with_parent">False</property>
+ <property name="decorated">True</property>
+ <property name="skip_taskbar_hint">False</property>
+ <property name="skip_pager_hint">False</property>
+ <property name="type_hint">GDK_WINDOW_TYPE_HINT_DIALOG</property>
+ <property name="gravity">GDK_GRAVITY_NORTH_WEST</property>
+ <property name="focus_on_map">True</property>
+ <property name="urgency_hint">False</property>
+ <property name="has_separator">True</property>
+
+ <child internal-child="vbox">
+ <widget class="GtkVBox" id="dialog-vbox1">
+ <property name="visible">True</property>
+ <property name="homogeneous">False</property>
+ <property name="spacing">0</property>
+
+ <child internal-child="action_area">
+ <widget class="GtkHButtonBox" id="dialog-action_area1">
+ <property name="visible">True</property>
+ <property name="layout_style">GTK_BUTTONBOX_END</property>
+
+ <child>
+ <widget class="GtkButton" id="cancelbutton1">
+ <property name="visible">True</property>
+ <property name="can_default">True</property>
+ <property name="can_focus">True</property>
+ <property name="label">gtk-cancel</property>
+ <property name="use_stock">True</property>
+ <property name="relief">GTK_RELIEF_NORMAL</property>
+ <property name="focus_on_click">True</property>
+ <property name="response_id">-6</property>
+ </widget>
+ </child>
+
+ <child>
+ <widget class="GtkButton" id="okbutton1">
+ <property name="visible">True</property>
+ <property name="can_default">True</property>
+ <property name="can_focus">True</property>
+ <property name="label">gtk-ok</property>
+ <property name="use_stock">True</property>
+ <property name="relief">GTK_RELIEF_NORMAL</property>
+ <property name="focus_on_click">True</property>
+ <property name="response_id">-5</property>
+ </widget>
+ </child>
+ </widget>
+ <packing>
+ <property name="padding">0</property>
+ <property name="expand">False</property>
+ <property name="fill">True</property>
+ <property name="pack_type">GTK_PACK_END</property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkVBox" id="vbox2">
+ <property name="visible">True</property>
+ <property name="homogeneous">False</property>
+ <property name="spacing">0</property>
+
+ <child>
+ <widget class="GtkTable" id="table1">
+ <property name="visible">True</property>
+ <property name="n_rows">3</property>
+ <property name="n_columns">2</property>
+ <property name="homogeneous">False</property>
+ <property name="row_spacing">4</property>
+ <property name="column_spacing">6</property>
+
+ <child>
+ <widget class="GtkLabel" id="label15">
+ <property name="visible">True</property>
+ <property name="label" translatable="yes">Login Name</property>
+ <property name="use_underline">False</property>
+ <property name="use_markup">False</property>
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
+ <property name="wrap">False</property>
+ <property name="selectable">False</property>
+ <property name="xalign">0</property>
+ <property name="yalign">0.5</property>
+ <property name="xpad">0</property>
+ <property name="ypad">0</property>
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
+ <property name="width_chars">-1</property>
+ <property name="single_line_mode">False</property>
+ <property name="angle">0</property>
+ </widget>
+ <packing>
+ <property name="left_attach">0</property>
+ <property name="right_attach">1</property>
+ <property name="top_attach">0</property>
+ <property name="bottom_attach">1</property>
+ <property name="x_options">fill</property>
+ <property name="y_options"></property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkLabel" id="label16">
+ <property name="visible">True</property>
+ <property name="label" translatable="yes">SELinux User</property>
+ <property name="use_underline">False</property>
+ <property name="use_markup">False</property>
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
+ <property name="wrap">False</property>
+ <property name="selectable">False</property>
+ <property name="xalign">0</property>
+ <property name="yalign">0.5</property>
+ <property name="xpad">0</property>
+ <property name="ypad">0</property>
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
+ <property name="width_chars">-1</property>
+ <property name="single_line_mode">False</property>
+ <property name="angle">0</property>
+ </widget>
+ <packing>
+ <property name="left_attach">0</property>
+ <property name="right_attach">1</property>
+ <property name="top_attach">1</property>
+ <property name="bottom_attach">2</property>
+ <property name="x_options">fill</property>
+ <property name="y_options"></property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkLabel" id="label17">
+ <property name="visible">True</property>
+ <property name="label" translatable="yes">MLS/MCS Range</property>
+ <property name="use_underline">False</property>
+ <property name="use_markup">False</property>
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
+ <property name="wrap">False</property>
+ <property name="selectable">False</property>
+ <property name="xalign">0</property>
+ <property name="yalign">0.5</property>
+ <property name="xpad">0</property>
+ <property name="ypad">0</property>
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
+ <property name="width_chars">-1</property>
+ <property name="single_line_mode">False</property>
+ <property name="angle">0</property>
+ </widget>
+ <packing>
+ <property name="left_attach">0</property>
+ <property name="right_attach">1</property>
+ <property name="top_attach">2</property>
+ <property name="bottom_attach">3</property>
+ <property name="x_options">fill</property>
+ <property name="y_options"></property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkEntry" id="loginsNameEntry">
+ <property name="visible">True</property>
+ <property name="can_focus">True</property>
+ <property name="editable">True</property>
+ <property name="visibility">True</property>
+ <property name="max_length">0</property>
+ <property name="text" translatable="yes"></property>
+ <property name="has_frame">True</property>
+ <property name="invisible_char">*</property>
+ <property name="activates_default">False</property>
+ </widget>
+ <packing>
+ <property name="left_attach">1</property>
+ <property name="right_attach">2</property>
+ <property name="top_attach">0</property>
+ <property name="bottom_attach">1</property>
+ <property name="y_options"></property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkComboBox" id="loginsSelinuxUserCombo">
+ <property name="visible">True</property>
+ <property name="add_tearoffs">False</property>
+ <property name="focus_on_click">True</property>
+ </widget>
+ <packing>
+ <property name="left_attach">1</property>
+ <property name="right_attach">2</property>
+ <property name="top_attach">1</property>
+ <property name="bottom_attach">2</property>
+ <property name="x_options">fill</property>
+ <property name="y_options">fill</property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkEntry" id="loginsMLSEntry">
+ <property name="visible">True</property>
+ <property name="can_focus">True</property>
+ <property name="editable">True</property>
+ <property name="visibility">True</property>
+ <property name="max_length">0</property>
+ <property name="text" translatable="yes"></property>
+ <property name="has_frame">True</property>
+ <property name="invisible_char">*</property>
+ <property name="activates_default">False</property>
+ </widget>
+ <packing>
+ <property name="left_attach">1</property>
+ <property name="right_attach">2</property>
+ <property name="top_attach">2</property>
+ <property name="bottom_attach">3</property>
+ <property name="y_options"></property>
+ </packing>
+ </child>
+ </widget>
+ <packing>
+ <property name="padding">5</property>
+ <property name="expand">True</property>
+ <property name="fill">True</property>
+ </packing>
+ </child>
+ </widget>
+ <packing>
+ <property name="padding">0</property>
+ <property name="expand">True</property>
+ <property name="fill">True</property>
+ </packing>
+ </child>
+ </widget>
+ </child>
+</widget>
+
+<widget class="GtkDialog" id="portsDialog">
+ <property name="title" translatable="yes">Add SELinux Network Ports</property>
+ <property name="type">GTK_WINDOW_TOPLEVEL</property>
+ <property name="window_position">GTK_WIN_POS_NONE</property>
+ <property name="modal">False</property>
+ <property name="resizable">True</property>
+ <property name="destroy_with_parent">False</property>
+ <property name="decorated">True</property>
+ <property name="skip_taskbar_hint">False</property>
+ <property name="skip_pager_hint">False</property>
+ <property name="type_hint">GDK_WINDOW_TYPE_HINT_DIALOG</property>
+ <property name="gravity">GDK_GRAVITY_NORTH_WEST</property>
+ <property name="focus_on_map">True</property>
+ <property name="urgency_hint">False</property>
+ <property name="has_separator">True</property>
+
+ <child internal-child="vbox">
+ <widget class="GtkVBox" id="vbox3">
+ <property name="visible">True</property>
+ <property name="homogeneous">False</property>
+ <property name="spacing">0</property>
+
+ <child internal-child="action_area">
+ <widget class="GtkHButtonBox" id="hbuttonbox1">
+ <property name="visible">True</property>
+ <property name="layout_style">GTK_BUTTONBOX_END</property>
+
+ <child>
+ <widget class="GtkButton" id="button1">
+ <property name="visible">True</property>
+ <property name="can_default">True</property>
+ <property name="can_focus">True</property>
+ <property name="label">gtk-cancel</property>
+ <property name="use_stock">True</property>
+ <property name="relief">GTK_RELIEF_NORMAL</property>
+ <property name="focus_on_click">True</property>
+ <property name="response_id">-6</property>
+ </widget>
+ </child>
+
+ <child>
+ <widget class="GtkButton" id="button2">
+ <property name="visible">True</property>
+ <property name="can_default">True</property>
+ <property name="can_focus">True</property>
+ <property name="label">gtk-ok</property>
+ <property name="use_stock">True</property>
+ <property name="relief">GTK_RELIEF_NORMAL</property>
+ <property name="focus_on_click">True</property>
+ <property name="response_id">-5</property>
+ </widget>
+ </child>
+ </widget>
+ <packing>
+ <property name="padding">0</property>
+ <property name="expand">False</property>
+ <property name="fill">True</property>
+ <property name="pack_type">GTK_PACK_END</property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkVBox" id="vbox4">
+ <property name="visible">True</property>
+ <property name="homogeneous">False</property>
+ <property name="spacing">0</property>
+
+ <child>
+ <widget class="GtkTable" id="table2">
+ <property name="visible">True</property>
+ <property name="n_rows">4</property>
+ <property name="n_columns">2</property>
+ <property name="homogeneous">False</property>
+ <property name="row_spacing">4</property>
+ <property name="column_spacing">6</property>
+
+ <child>
+ <widget class="GtkLabel" id="label18">
+ <property name="visible">True</property>
+ <property name="label" translatable="yes">Port Number</property>
+ <property name="use_underline">False</property>
+ <property name="use_markup">False</property>
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
+ <property name="wrap">False</property>
+ <property name="selectable">False</property>
+ <property name="xalign">0</property>
+ <property name="yalign">0.5</property>
+ <property name="xpad">0</property>
+ <property name="ypad">0</property>
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
+ <property name="width_chars">-1</property>
+ <property name="single_line_mode">False</property>
+ <property name="angle">0</property>
+ </widget>
+ <packing>
+ <property name="left_attach">0</property>
+ <property name="right_attach">1</property>
+ <property name="top_attach">0</property>
+ <property name="bottom_attach">1</property>
+ <property name="x_options">fill</property>
+ <property name="y_options"></property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkLabel" id="label19">
+ <property name="visible">True</property>
+ <property name="label" translatable="yes">Protocol</property>
+ <property name="use_underline">False</property>
+ <property name="use_markup">False</property>
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
+ <property name="wrap">False</property>
+ <property name="selectable">False</property>
+ <property name="xalign">0</property>
+ <property name="yalign">0.5</property>
+ <property name="xpad">0</property>
+ <property name="ypad">0</property>
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
+ <property name="width_chars">-1</property>
+ <property name="single_line_mode">False</property>
+ <property name="angle">0</property>
+ </widget>
+ <packing>
+ <property name="left_attach">0</property>
+ <property name="right_attach">1</property>
+ <property name="top_attach">1</property>
+ <property name="bottom_attach">2</property>
+ <property name="x_options">fill</property>
+ <property name="y_options"></property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkLabel" id="label20">
+ <property name="visible">True</property>
+ <property name="label" translatable="yes">SELinux Type</property>
+ <property name="use_underline">False</property>
+ <property name="use_markup">False</property>
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
+ <property name="wrap">False</property>
+ <property name="selectable">False</property>
+ <property name="xalign">0</property>
+ <property name="yalign">0.5</property>
+ <property name="xpad">0</property>
+ <property name="ypad">0</property>
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
+ <property name="width_chars">-1</property>
+ <property name="single_line_mode">False</property>
+ <property name="angle">0</property>
+ </widget>
+ <packing>
+ <property name="left_attach">0</property>
+ <property name="right_attach">1</property>
+ <property name="top_attach">2</property>
+ <property name="bottom_attach">3</property>
+ <property name="x_options">fill</property>
+ <property name="y_options"></property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkEntry" id="portsNumberEntry">
+ <property name="visible">True</property>
+ <property name="can_focus">True</property>
+ <property name="editable">True</property>
+ <property name="visibility">True</property>
+ <property name="max_length">0</property>
+ <property name="text" translatable="yes"></property>
+ <property name="has_frame">True</property>
+ <property name="invisible_char">*</property>
+ <property name="activates_default">False</property>
+ </widget>
+ <packing>
+ <property name="left_attach">1</property>
+ <property name="right_attach">2</property>
+ <property name="top_attach">0</property>
+ <property name="bottom_attach">1</property>
+ <property name="y_options"></property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkComboBox" id="portsProtocolCombo">
+ <property name="visible">True</property>
+ <property name="items" translatable="yes">tcp
+udp</property>
+ <property name="add_tearoffs">False</property>
+ <property name="focus_on_click">True</property>
+ </widget>
+ <packing>
+ <property name="left_attach">1</property>
+ <property name="right_attach">2</property>
+ <property name="top_attach">1</property>
+ <property name="bottom_attach">2</property>
+ <property name="x_options">fill</property>
+ <property name="y_options">fill</property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkEntry" id="portsNameEntry">
+ <property name="visible">True</property>
+ <property name="can_focus">True</property>
+ <property name="editable">True</property>
+ <property name="visibility">True</property>
+ <property name="max_length">0</property>
+ <property name="text" translatable="yes"></property>
+ <property name="has_frame">True</property>
+ <property name="invisible_char">*</property>
+ <property name="activates_default">False</property>
+ </widget>
+ <packing>
+ <property name="left_attach">1</property>
+ <property name="right_attach">2</property>
+ <property name="top_attach">2</property>
+ <property name="bottom_attach">3</property>
+ <property name="y_options"></property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkLabel" id="label21">
+ <property name="visible">True</property>
+ <property name="label" translatable="yes">MLS/MCS
+Level</property>
+ <property name="use_underline">False</property>
+ <property name="use_markup">False</property>
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
+ <property name="wrap">False</property>
+ <property name="selectable">False</property>
+ <property name="xalign">0</property>
+ <property name="yalign">0.5</property>
+ <property name="xpad">0</property>
+ <property name="ypad">0</property>
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
+ <property name="width_chars">-1</property>
+ <property name="single_line_mode">False</property>
+ <property name="angle">0</property>
+ </widget>
+ <packing>
+ <property name="left_attach">0</property>
+ <property name="right_attach">1</property>
+ <property name="top_attach">3</property>
+ <property name="bottom_attach">4</property>
+ <property name="x_options">fill</property>
+ <property name="y_options"></property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkEntry" id="portsMLSEntry">
+ <property name="visible">True</property>
+ <property name="can_focus">True</property>
+ <property name="editable">True</property>
+ <property name="visibility">True</property>
+ <property name="max_length">0</property>
+ <property name="text" translatable="yes"></property>
+ <property name="has_frame">True</property>
+ <property name="invisible_char">*</property>
+ <property name="activates_default">False</property>
+ </widget>
+ <packing>
+ <property name="left_attach">1</property>
+ <property name="right_attach">2</property>
+ <property name="top_attach">3</property>
+ <property name="bottom_attach">4</property>
+ <property name="y_options"></property>
+ </packing>
+ </child>
+ </widget>
+ <packing>
+ <property name="padding">5</property>
+ <property name="expand">True</property>
+ <property name="fill">True</property>
+ </packing>
+ </child>
+ </widget>
+ <packing>
+ <property name="padding">0</property>
+ <property name="expand">True</property>
+ <property name="fill">True</property>
+ </packing>
+ </child>
+ </widget>
+ </child>
+</widget>
+
+<widget class="GtkDialog" id="translationsDialog">
+ <property name="title" translatable="yes">Add SELinux Login Mapping</property>
+ <property name="type">GTK_WINDOW_TOPLEVEL</property>
+ <property name="window_position">GTK_WIN_POS_NONE</property>
+ <property name="modal">False</property>
+ <property name="resizable">True</property>
+ <property name="destroy_with_parent">False</property>
+ <property name="decorated">True</property>
+ <property name="skip_taskbar_hint">False</property>
+ <property name="skip_pager_hint">False</property>
+ <property name="type_hint">GDK_WINDOW_TYPE_HINT_DIALOG</property>
+ <property name="gravity">GDK_GRAVITY_NORTH_WEST</property>
+ <property name="focus_on_map">True</property>
+ <property name="urgency_hint">False</property>
+ <property name="has_separator">True</property>
+
+ <child internal-child="vbox">
+ <widget class="GtkVBox" id="vbox5">
+ <property name="visible">True</property>
+ <property name="homogeneous">False</property>
+ <property name="spacing">0</property>
+
+ <child internal-child="action_area">
+ <widget class="GtkHButtonBox" id="hbuttonbox2">
+ <property name="visible">True</property>
+ <property name="layout_style">GTK_BUTTONBOX_END</property>
+
+ <child>
+ <widget class="GtkButton" id="button3">
+ <property name="visible">True</property>
+ <property name="can_default">True</property>
+ <property name="can_focus">True</property>
+ <property name="label">gtk-cancel</property>
+ <property name="use_stock">True</property>
+ <property name="relief">GTK_RELIEF_NORMAL</property>
+ <property name="focus_on_click">True</property>
+ <property name="response_id">-6</property>
+ </widget>
+ </child>
+
+ <child>
+ <widget class="GtkButton" id="button4">
+ <property name="visible">True</property>
+ <property name="can_default">True</property>
+ <property name="can_focus">True</property>
+ <property name="label">gtk-ok</property>
+ <property name="use_stock">True</property>
+ <property name="relief">GTK_RELIEF_NORMAL</property>
+ <property name="focus_on_click">True</property>
+ <property name="response_id">-5</property>
+ </widget>
+ </child>
+ </widget>
+ <packing>
+ <property name="padding">0</property>
+ <property name="expand">False</property>
+ <property name="fill">True</property>
+ <property name="pack_type">GTK_PACK_END</property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkVBox" id="vbox6">
+ <property name="visible">True</property>
+ <property name="homogeneous">False</property>
+ <property name="spacing">0</property>
+
+ <child>
+ <widget class="GtkTable" id="table3">
+ <property name="visible">True</property>
+ <property name="n_rows">2</property>
+ <property name="n_columns">2</property>
+ <property name="homogeneous">False</property>
+ <property name="row_spacing">4</property>
+ <property name="column_spacing">6</property>
+
+ <child>
+ <widget class="GtkLabel" id="label22">
+ <property name="visible">True</property>
+ <property name="label" translatable="yes">SELinux MLS/MCS
+Level</property>
+ <property name="use_underline">False</property>
+ <property name="use_markup">False</property>
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
+ <property name="wrap">False</property>
+ <property name="selectable">False</property>
+ <property name="xalign">0</property>
+ <property name="yalign">0.5</property>
+ <property name="xpad">0</property>
+ <property name="ypad">0</property>
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
+ <property name="width_chars">-1</property>
+ <property name="single_line_mode">False</property>
+ <property name="angle">0</property>
+ </widget>
+ <packing>
+ <property name="left_attach">0</property>
+ <property name="right_attach">1</property>
+ <property name="top_attach">0</property>
+ <property name="bottom_attach">1</property>
+ <property name="x_options">fill</property>
+ <property name="y_options"></property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkLabel" id="label24">
+ <property name="visible">True</property>
+ <property name="label" translatable="yes">Translation</property>
+ <property name="use_underline">False</property>
+ <property name="use_markup">False</property>
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
+ <property name="wrap">False</property>
+ <property name="selectable">False</property>
+ <property name="xalign">0</property>
+ <property name="yalign">0.5</property>
+ <property name="xpad">0</property>
+ <property name="ypad">0</property>
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
+ <property name="width_chars">-1</property>
+ <property name="single_line_mode">False</property>
+ <property name="angle">0</property>
+ </widget>
+ <packing>
+ <property name="left_attach">0</property>
+ <property name="right_attach">1</property>
+ <property name="top_attach">1</property>
+ <property name="bottom_attach">2</property>
+ <property name="x_options">fill</property>
+ <property name="y_options"></property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkEntry" id="translationsLevelEntry">
+ <property name="visible">True</property>
+ <property name="can_focus">True</property>
+ <property name="editable">True</property>
+ <property name="visibility">True</property>
+ <property name="max_length">0</property>
+ <property name="text" translatable="yes"></property>
+ <property name="has_frame">True</property>
+ <property name="invisible_char">*</property>
+ <property name="activates_default">False</property>
+ </widget>
+ <packing>
+ <property name="left_attach">1</property>
+ <property name="right_attach">2</property>
+ <property name="top_attach">0</property>
+ <property name="bottom_attach">1</property>
+ <property name="y_options"></property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkEntry" id="translationsEntry">
+ <property name="visible">True</property>
+ <property name="can_focus">True</property>
+ <property name="editable">True</property>
+ <property name="visibility">True</property>
+ <property name="max_length">0</property>
+ <property name="text" translatable="yes"></property>
+ <property name="has_frame">True</property>
+ <property name="invisible_char">*</property>
+ <property name="activates_default">False</property>
+ </widget>
+ <packing>
+ <property name="left_attach">1</property>
+ <property name="right_attach">2</property>
+ <property name="top_attach">1</property>
+ <property name="bottom_attach">2</property>
+ <property name="y_options"></property>
+ </packing>
+ </child>
+ </widget>
+ <packing>
+ <property name="padding">5</property>
+ <property name="expand">True</property>
+ <property name="fill">True</property>
+ </packing>
+ </child>
+ </widget>
+ <packing>
+ <property name="padding">0</property>
+ <property name="expand">True</property>
+ <property name="fill">True</property>
+ </packing>
+ </child>
+ </widget>
+ </child>
+</widget>
+
+<widget class="GtkDialog" id="fcontextDialog">
+ <property name="title" translatable="yes">Add SELinux Login Mapping</property>
+ <property name="type">GTK_WINDOW_TOPLEVEL</property>
+ <property name="window_position">GTK_WIN_POS_NONE</property>
+ <property name="modal">False</property>
+ <property name="resizable">True</property>
+ <property name="destroy_with_parent">False</property>
+ <property name="decorated">True</property>
+ <property name="skip_taskbar_hint">False</property>
+ <property name="skip_pager_hint">False</property>
+ <property name="type_hint">GDK_WINDOW_TYPE_HINT_DIALOG</property>
+ <property name="gravity">GDK_GRAVITY_NORTH_WEST</property>
+ <property name="focus_on_map">True</property>
+ <property name="urgency_hint">False</property>
+ <property name="has_separator">True</property>
+
+ <child internal-child="vbox">
+ <widget class="GtkVBox" id="vbox7">
+ <property name="visible">True</property>
+ <property name="homogeneous">False</property>
+ <property name="spacing">0</property>
+
+ <child internal-child="action_area">
+ <widget class="GtkHButtonBox" id="hbuttonbox3">
+ <property name="visible">True</property>
+ <property name="layout_style">GTK_BUTTONBOX_END</property>
+
+ <child>
+ <widget class="GtkButton" id="button5">
+ <property name="visible">True</property>
+ <property name="can_default">True</property>
+ <property name="can_focus">True</property>
+ <property name="label">gtk-cancel</property>
+ <property name="use_stock">True</property>
+ <property name="relief">GTK_RELIEF_NORMAL</property>
+ <property name="focus_on_click">True</property>
+ <property name="response_id">-6</property>
+ </widget>
+ </child>
+
+ <child>
+ <widget class="GtkButton" id="button6">
+ <property name="visible">True</property>
+ <property name="can_default">True</property>
+ <property name="can_focus">True</property>
+ <property name="label">gtk-ok</property>
+ <property name="use_stock">True</property>
+ <property name="relief">GTK_RELIEF_NORMAL</property>
+ <property name="focus_on_click">True</property>
+ <property name="response_id">-5</property>
+ </widget>
+ </child>
+ </widget>
+ <packing>
+ <property name="padding">0</property>
+ <property name="expand">False</property>
+ <property name="fill">True</property>
+ <property name="pack_type">GTK_PACK_END</property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkVBox" id="vbox8">
+ <property name="visible">True</property>
+ <property name="homogeneous">False</property>
+ <property name="spacing">0</property>
+
+ <child>
+ <widget class="GtkTable" id="table4">
+ <property name="visible">True</property>
+ <property name="n_rows">4</property>
+ <property name="n_columns">2</property>
+ <property name="homogeneous">False</property>
+ <property name="row_spacing">4</property>
+ <property name="column_spacing">6</property>
+
+ <child>
+ <widget class="GtkLabel" id="label25">
+ <property name="visible">True</property>
+ <property name="label" translatable="yes">File Specification</property>
+ <property name="use_underline">False</property>
+ <property name="use_markup">False</property>
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
+ <property name="wrap">False</property>
+ <property name="selectable">False</property>
+ <property name="xalign">0</property>
+ <property name="yalign">0.5</property>
+ <property name="xpad">0</property>
+ <property name="ypad">0</property>
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
+ <property name="width_chars">-1</property>
+ <property name="single_line_mode">False</property>
+ <property name="angle">0</property>
+ </widget>
+ <packing>
+ <property name="left_attach">0</property>
+ <property name="right_attach">1</property>
+ <property name="top_attach">0</property>
+ <property name="bottom_attach">1</property>
+ <property name="x_options">fill</property>
+ <property name="y_options"></property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkLabel" id="label26">
+ <property name="visible">True</property>
+ <property name="label" translatable="yes">File Type</property>
+ <property name="use_underline">False</property>
+ <property name="use_markup">False</property>
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
+ <property name="wrap">False</property>
+ <property name="selectable">False</property>
+ <property name="xalign">0</property>
+ <property name="yalign">0.5</property>
+ <property name="xpad">0</property>
+ <property name="ypad">0</property>
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
+ <property name="width_chars">-1</property>
+ <property name="single_line_mode">False</property>
+ <property name="angle">0</property>
+ </widget>
+ <packing>
+ <property name="left_attach">0</property>
+ <property name="right_attach">1</property>
+ <property name="top_attach">1</property>
+ <property name="bottom_attach">2</property>
+ <property name="x_options">fill</property>
+ <property name="y_options"></property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkLabel" id="label27">
+ <property name="visible">True</property>
+ <property name="label" translatable="yes">SELinux Type</property>
+ <property name="use_underline">False</property>
+ <property name="use_markup">False</property>
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
+ <property name="wrap">False</property>
+ <property name="selectable">False</property>
+ <property name="xalign">0</property>
+ <property name="yalign">0.5</property>
+ <property name="xpad">0</property>
+ <property name="ypad">0</property>
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
+ <property name="width_chars">-1</property>
+ <property name="single_line_mode">False</property>
+ <property name="angle">0</property>
+ </widget>
+ <packing>
+ <property name="left_attach">0</property>
+ <property name="right_attach">1</property>
+ <property name="top_attach">2</property>
+ <property name="bottom_attach">3</property>
+ <property name="x_options">fill</property>
+ <property name="y_options"></property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkEntry" id="fcontextEntry">
+ <property name="visible">True</property>
+ <property name="can_focus">True</property>
+ <property name="editable">True</property>
+ <property name="visibility">True</property>
+ <property name="max_length">0</property>
+ <property name="text" translatable="yes"></property>
+ <property name="has_frame">True</property>
+ <property name="invisible_char">*</property>
+ <property name="activates_default">False</property>
+ </widget>
+ <packing>
+ <property name="left_attach">1</property>
+ <property name="right_attach">2</property>
+ <property name="top_attach">0</property>
+ <property name="bottom_attach">1</property>
+ <property name="y_options"></property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkComboBox" id="fcontextFileTypeCombo">
+ <property name="visible">True</property>
+ <property name="items" translatable="yes">all files
+regular file
+directory
+character device
+block device
+socket
+symbolic link
+named pipe
+</property>
+ <property name="add_tearoffs">False</property>
+ <property name="focus_on_click">True</property>
+ </widget>
+ <packing>
+ <property name="left_attach">1</property>
+ <property name="right_attach">2</property>
+ <property name="top_attach">1</property>
+ <property name="bottom_attach">2</property>
+ <property name="x_options">fill</property>
+ <property name="y_options">fill</property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkEntry" id="fcontextTypeEntry">
+ <property name="visible">True</property>
+ <property name="can_focus">True</property>
+ <property name="editable">True</property>
+ <property name="visibility">True</property>
+ <property name="max_length">0</property>
+ <property name="text" translatable="yes"></property>
+ <property name="has_frame">True</property>
+ <property name="invisible_char">*</property>
+ <property name="activates_default">False</property>
+ </widget>
+ <packing>
+ <property name="left_attach">1</property>
+ <property name="right_attach">2</property>
+ <property name="top_attach">2</property>
+ <property name="bottom_attach">3</property>
+ <property name="y_options"></property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkLabel" id="label31">
+ <property name="visible">True</property>
+ <property name="label" translatable="yes">MLS</property>
+ <property name="use_underline">False</property>
+ <property name="use_markup">False</property>
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
+ <property name="wrap">False</property>
+ <property name="selectable">False</property>
+ <property name="xalign">0</property>
+ <property name="yalign">0.5</property>
+ <property name="xpad">0</property>
+ <property name="ypad">0</property>
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
+ <property name="width_chars">-1</property>
+ <property name="single_line_mode">False</property>
+ <property name="angle">0</property>
+ </widget>
+ <packing>
+ <property name="left_attach">0</property>
+ <property name="right_attach">1</property>
+ <property name="top_attach">3</property>
+ <property name="bottom_attach">4</property>
+ <property name="x_options">fill</property>
+ <property name="y_options"></property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkEntry" id="fcontextMLSEntry">
+ <property name="visible">True</property>
+ <property name="can_focus">True</property>
+ <property name="editable">True</property>
+ <property name="visibility">True</property>
+ <property name="max_length">0</property>
+ <property name="text" translatable="yes"></property>
+ <property name="has_frame">True</property>
+ <property name="invisible_char">*</property>
+ <property name="activates_default">False</property>
+ </widget>
+ <packing>
+ <property name="left_attach">1</property>
+ <property name="right_attach">2</property>
+ <property name="top_attach">3</property>
+ <property name="bottom_attach">4</property>
+ <property name="y_options"></property>
+ </packing>
+ </child>
+ </widget>
+ <packing>
+ <property name="padding">5</property>
+ <property name="expand">True</property>
+ <property name="fill">True</property>
+ </packing>
+ </child>
+ </widget>
+ <packing>
+ <property name="padding">0</property>
+ <property name="expand">True</property>
+ <property name="fill">True</property>
+ </packing>
+ </child>
+ </widget>
+ </child>
+</widget>
+
+<widget class="GtkDialog" id="usersDialog">
+ <property name="title" translatable="yes">Add SELinux User</property>
+ <property name="type">GTK_WINDOW_TOPLEVEL</property>
+ <property name="window_position">GTK_WIN_POS_NONE</property>
+ <property name="modal">False</property>
+ <property name="resizable">True</property>
+ <property name="destroy_with_parent">False</property>
+ <property name="decorated">True</property>
+ <property name="skip_taskbar_hint">False</property>
+ <property name="skip_pager_hint">False</property>
+ <property name="type_hint">GDK_WINDOW_TYPE_HINT_DIALOG</property>
+ <property name="gravity">GDK_GRAVITY_NORTH_WEST</property>
+ <property name="focus_on_map">True</property>
+ <property name="urgency_hint">False</property>
+ <property name="has_separator">True</property>
+
+ <child internal-child="vbox">
+ <widget class="GtkVBox" id="vbox9">
+ <property name="visible">True</property>
+ <property name="homogeneous">False</property>
+ <property name="spacing">0</property>
+
+ <child internal-child="action_area">
+ <widget class="GtkHButtonBox" id="hbuttonbox4">
+ <property name="visible">True</property>
+ <property name="layout_style">GTK_BUTTONBOX_END</property>
+
+ <child>
+ <widget class="GtkButton" id="button7">
+ <property name="visible">True</property>
+ <property name="can_default">True</property>
+ <property name="can_focus">True</property>
+ <property name="label">gtk-cancel</property>
+ <property name="use_stock">True</property>
+ <property name="relief">GTK_RELIEF_NORMAL</property>
+ <property name="focus_on_click">True</property>
+ <property name="response_id">-6</property>
+ </widget>
+ </child>
+
+ <child>
+ <widget class="GtkButton" id="button8">
+ <property name="visible">True</property>
+ <property name="can_default">True</property>
+ <property name="can_focus">True</property>
+ <property name="label">gtk-ok</property>
+ <property name="use_stock">True</property>
+ <property name="relief">GTK_RELIEF_NORMAL</property>
+ <property name="focus_on_click">True</property>
+ <property name="response_id">-5</property>
+ </widget>
+ </child>
+ </widget>
+ <packing>
+ <property name="padding">0</property>
+ <property name="expand">False</property>
+ <property name="fill">True</property>
+ <property name="pack_type">GTK_PACK_END</property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkVBox" id="vbox10">
+ <property name="visible">True</property>
+ <property name="homogeneous">False</property>
+ <property name="spacing">0</property>
+
+ <child>
+ <widget class="GtkTable" id="table5">
+ <property name="visible">True</property>
+ <property name="n_rows">5</property>
+ <property name="n_columns">2</property>
+ <property name="homogeneous">False</property>
+ <property name="row_spacing">4</property>
+ <property name="column_spacing">6</property>
+
+ <child>
+ <widget class="GtkLabel" id="label32">
+ <property name="visible">True</property>
+ <property name="label" translatable="yes">SELinux User</property>
+ <property name="use_underline">False</property>
+ <property name="use_markup">False</property>
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
+ <property name="wrap">False</property>
+ <property name="selectable">False</property>
+ <property name="xalign">0</property>
+ <property name="yalign">0.5</property>
+ <property name="xpad">0</property>
+ <property name="ypad">0</property>
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
+ <property name="width_chars">-1</property>
+ <property name="single_line_mode">False</property>
+ <property name="angle">0</property>
+ </widget>
+ <packing>
+ <property name="left_attach">0</property>
+ <property name="right_attach">1</property>
+ <property name="top_attach">0</property>
+ <property name="bottom_attach">1</property>
+ <property name="x_options">fill</property>
+ <property name="y_options"></property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkLabel" id="label33">
+ <property name="visible">True</property>
+ <property name="label" translatable="yes">Label Prefix</property>
+ <property name="use_underline">False</property>
+ <property name="use_markup">False</property>
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
+ <property name="wrap">False</property>
+ <property name="selectable">False</property>
+ <property name="xalign">0</property>
+ <property name="yalign">0.5</property>
+ <property name="xpad">0</property>
+ <property name="ypad">0</property>
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
+ <property name="width_chars">-1</property>
+ <property name="single_line_mode">False</property>
+ <property name="angle">0</property>
+ </widget>
+ <packing>
+ <property name="left_attach">0</property>
+ <property name="right_attach">1</property>
+ <property name="top_attach">1</property>
+ <property name="bottom_attach">2</property>
+ <property name="x_options">fill</property>
+ <property name="y_options"></property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkLabel" id="label34">
+ <property name="visible">True</property>
+ <property name="label" translatable="yes">MLS/MCS Range</property>
+ <property name="use_underline">False</property>
+ <property name="use_markup">False</property>
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
+ <property name="wrap">False</property>
+ <property name="selectable">False</property>
+ <property name="xalign">0</property>
+ <property name="yalign">0.5</property>
+ <property name="xpad">0</property>
+ <property name="ypad">0</property>
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
+ <property name="width_chars">-1</property>
+ <property name="single_line_mode">False</property>
+ <property name="angle">0</property>
+ </widget>
+ <packing>
+ <property name="left_attach">0</property>
+ <property name="right_attach">1</property>
+ <property name="top_attach">3</property>
+ <property name="bottom_attach">4</property>
+ <property name="x_options">fill</property>
+ <property name="y_options"></property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkEntry" id="mlsRangeEntry">
+ <property name="visible">True</property>
+ <property name="can_focus">True</property>
+ <property name="editable">True</property>
+ <property name="visibility">True</property>
+ <property name="max_length">0</property>
+ <property name="text" translatable="yes"></property>
+ <property name="has_frame">True</property>
+ <property name="invisible_char">*</property>
+ <property name="activates_default">False</property>
+ </widget>
+ <packing>
+ <property name="left_attach">1</property>
+ <property name="right_attach">2</property>
+ <property name="top_attach">3</property>
+ <property name="bottom_attach">4</property>
+ <property name="y_options"></property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkLabel" id="label35">
+ <property name="visible">True</property>
+ <property name="label" translatable="yes">MLS/MCS Level</property>
+ <property name="use_underline">False</property>
+ <property name="use_markup">False</property>
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
+ <property name="wrap">False</property>
+ <property name="selectable">False</property>
+ <property name="xalign">0</property>
+ <property name="yalign">0.5</property>
+ <property name="xpad">0</property>
+ <property name="ypad">0</property>
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
+ <property name="width_chars">-1</property>
+ <property name="single_line_mode">False</property>
+ <property name="angle">0</property>
+ </widget>
+ <packing>
+ <property name="left_attach">0</property>
+ <property name="right_attach">1</property>
+ <property name="top_attach">2</property>
+ <property name="bottom_attach">3</property>
+ <property name="x_options">fill</property>
+ <property name="y_options"></property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkEntry" id="mlsLevelEntry">
+ <property name="visible">True</property>
+ <property name="can_focus">True</property>
+ <property name="editable">True</property>
+ <property name="visibility">True</property>
+ <property name="max_length">0</property>
+ <property name="text" translatable="yes"></property>
+ <property name="has_frame">True</property>
+ <property name="invisible_char">*</property>
+ <property name="activates_default">False</property>
+ </widget>
+ <packing>
+ <property name="left_attach">1</property>
+ <property name="right_attach">2</property>
+ <property name="top_attach">2</property>
+ <property name="bottom_attach">3</property>
+ <property name="y_options"></property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkLabel" id="label36">
+ <property name="visible">True</property>
+ <property name="label" translatable="yes">SELinux Roles</property>
+ <property name="use_underline">False</property>
+ <property name="use_markup">False</property>
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
+ <property name="wrap">False</property>
+ <property name="selectable">False</property>
+ <property name="xalign">0</property>
+ <property name="yalign">0.5</property>
+ <property name="xpad">0</property>
+ <property name="ypad">0</property>
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
+ <property name="width_chars">-1</property>
+ <property name="single_line_mode">False</property>
+ <property name="angle">0</property>
+ </widget>
+ <packing>
+ <property name="left_attach">0</property>
+ <property name="right_attach">1</property>
+ <property name="top_attach">4</property>
+ <property name="bottom_attach">5</property>
+ <property name="x_options">fill</property>
+ <property name="y_options"></property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkEntry" id="selinuxRolesEntry">
+ <property name="visible">True</property>
+ <property name="can_focus">True</property>
+ <property name="editable">True</property>
+ <property name="visibility">True</property>
+ <property name="max_length">0</property>
+ <property name="text" translatable="yes"></property>
+ <property name="has_frame">True</property>
+ <property name="invisible_char">*</property>
+ <property name="activates_default">False</property>
+ </widget>
+ <packing>
+ <property name="left_attach">1</property>
+ <property name="right_attach">2</property>
+ <property name="top_attach">4</property>
+ <property name="bottom_attach">5</property>
+ <property name="y_options"></property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkEntry" id="selinuxUserEntry">
+ <property name="visible">True</property>
+ <property name="can_focus">True</property>
+ <property name="editable">True</property>
+ <property name="visibility">True</property>
+ <property name="max_length">0</property>
+ <property name="text" translatable="yes"></property>
+ <property name="has_frame">True</property>
+ <property name="invisible_char">*</property>
+ <property name="activates_default">False</property>
+ </widget>
+ <packing>
+ <property name="left_attach">1</property>
+ <property name="right_attach">2</property>
+ <property name="top_attach">0</property>
+ <property name="bottom_attach">1</property>
+ <property name="y_options"></property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkEntry" id="labelPrefixEntry">
+ <property name="visible">True</property>
+ <property name="can_focus">True</property>
+ <property name="editable">True</property>
+ <property name="visibility">True</property>
+ <property name="max_length">0</property>
+ <property name="text" translatable="yes"></property>
+ <property name="has_frame">True</property>
+ <property name="invisible_char">*</property>
+ <property name="activates_default">False</property>
+ </widget>
+ <packing>
+ <property name="left_attach">1</property>
+ <property name="right_attach">2</property>
+ <property name="top_attach">1</property>
+ <property name="bottom_attach">2</property>
+ <property name="y_options"></property>
+ </packing>
+ </child>
+ </widget>
+ <packing>
+ <property name="padding">5</property>
+ <property name="expand">True</property>
+ <property name="fill">True</property>
+ </packing>
+ </child>
+ </widget>
+ <packing>
+ <property name="padding">0</property>
+ <property name="expand">True</property>
+ <property name="fill">True</property>
+ </packing>
+ </child>
+ </widget>
+ </child>
+</widget>
+
+<widget class="GnomeApp" id="mainWindow">
+ <property name="width_request">800</property>
+ <property name="height_request">500</property>
+ <property name="type">GTK_WINDOW_TOPLEVEL</property>
+ <property name="window_position">GTK_WIN_POS_NONE</property>
+ <property name="modal">False</property>
+ <property name="resizable">True</property>
+ <property name="destroy_with_parent">False</property>
+ <property name="icon">system-config-selinux.png</property>
+ <property name="decorated">True</property>
+ <property name="skip_taskbar_hint">False</property>
+ <property name="skip_pager_hint">False</property>
+ <property name="type_hint">GDK_WINDOW_TYPE_HINT_NORMAL</property>
+ <property name="gravity">GDK_GRAVITY_NORTH_WEST</property>
+ <property name="focus_on_map">True</property>
+ <property name="urgency_hint">False</property>
+ <property name="enable_layout_config">True</property>
+
+ <child internal-child="dock">
+ <widget class="BonoboDock" id="bonobodock2">
+ <property name="visible">True</property>
+ <property name="allow_floating">True</property>
+
+ <child>
+ <widget class="BonoboDockItem" id="bonobodockitem3">
+ <property name="visible">True</property>
+ <property name="shadow_type">GTK_SHADOW_NONE</property>
+
+ <child>
+ <widget class="GtkMenuBar" id="menubar1">
+ <property name="visible">True</property>
+ <property name="pack_direction">GTK_PACK_DIRECTION_LTR</property>
+ <property name="child_pack_direction">GTK_PACK_DIRECTION_LTR</property>
+
+ <child>
+ <widget class="GtkMenuItem" id="file1">
+ <property name="visible">True</property>
+ <property name="stock_item">GNOMEUIINFO_MENU_FILE_TREE</property>
+
+ <child>
+ <widget class="GtkMenu" id="file1_menu">
+
+ <child>
+ <widget class="GtkImageMenuItem" id="quit">
+ <property name="visible">True</property>
+ <property name="stock_item">GNOMEUIINFO_MENU_EXIT_ITEM</property>
+ <signal name="activate" handler="on_quit_activate" last_modification_time="Fri, 06 Oct 2006 13:58:19 GMT"/>
+ </widget>
+ </child>
+ </widget>
+ </child>
+ </widget>
+ </child>
+
+ <child>
+ <widget class="GtkMenuItem" id="help1">
+ <property name="visible">True</property>
+ <property name="stock_item">GNOMEUIINFO_MENU_HELP_TREE</property>
+
+ <child>
+ <widget class="GtkMenu" id="help1_menu">
+
+ <child>
+ <widget class="GtkImageMenuItem" id="about">
+ <property name="visible">True</property>
+ <property name="stock_item">GNOMEUIINFO_MENU_ABOUT_ITEM</property>
+ <signal name="activate" handler="on_about_activate" last_modification_time="Fri, 06 Oct 2006 13:58:02 GMT"/>
+ </widget>
+ </child>
+ </widget>
+ </child>
+ </widget>
+ </child>
+ </widget>
+ </child>
+ </widget>
+ <packing>
+ <property name="placement">BONOBO_DOCK_TOP</property>
+ <property name="band">0</property>
+ <property name="position">0</property>
+ <property name="offset">0</property>
+ <property name="behavior">BONOBO_DOCK_ITEM_BEH_EXCLUSIVE|BONOBO_DOCK_ITEM_BEH_NEVER_VERTICAL|BONOBO_DOCK_ITEM_BEH_LOCKED</property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkHPaned" id="hpaned1">
+ <property name="visible">True</property>
+ <property name="can_focus">True</property>
+ <property name="position">0</property>
+
+ <child>
+ <widget class="GtkFrame" id="frame1">
+ <property name="border_width">5</property>
+ <property name="visible">True</property>
+ <property name="label_xalign">0</property>
+ <property name="label_yalign">0.5</property>
+ <property name="shadow_type">GTK_SHADOW_NONE</property>
+
+ <child>
+ <widget class="GtkAlignment" id="alignment1">
+ <property name="visible">True</property>
+ <property name="xalign">0.5</property>
+ <property name="yalign">0.5</property>
+ <property name="xscale">1</property>
+ <property name="yscale">1</property>
+ <property name="top_padding">0</property>
+ <property name="bottom_padding">0</property>
+ <property name="left_padding">12</property>
+ <property name="right_padding">0</property>
+
+ <child>
+ <widget class="GtkTreeView" id="selectView">
+ <property name="visible">True</property>
+ <property name="tooltip" translatable="yes">Select Managment Object</property>
+ <property name="can_focus">True</property>
+ <property name="headers_visible">False</property>
+ <property name="rules_hint">False</property>
+ <property name="reorderable">False</property>
+ <property name="enable_search">True</property>
+ <property name="fixed_height_mode">False</property>
+ <property name="hover_selection">False</property>
+ <property name="hover_expand">False</property>
+ </widget>
+ </child>
+ </widget>
+ </child>
+
+ <child>
+ <widget class="GtkLabel" id="label45">
+ <property name="visible">True</property>
+ <property name="label" translatable="yes">&lt;b&gt;Select:&lt;/b&gt;</property>
+ <property name="use_underline">False</property>
+ <property name="use_markup">True</property>
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
+ <property name="wrap">False</property>
+ <property name="selectable">False</property>
+ <property name="xalign">0.5</property>
+ <property name="yalign">0.5</property>
+ <property name="xpad">0</property>
+ <property name="ypad">0</property>
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
+ <property name="width_chars">-1</property>
+ <property name="single_line_mode">False</property>
+ <property name="angle">0</property>
+ </widget>
+ <packing>
+ <property name="type">label_item</property>
+ </packing>
+ </child>
+ </widget>
+ <packing>
+ <property name="shrink">False</property>
+ <property name="resize">True</property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkNotebook" id="notebook">
+ <property name="visible">True</property>
+ <property name="show_tabs">False</property>
+ <property name="show_border">True</property>
+ <property name="tab_pos">GTK_POS_TOP</property>
+ <property name="scrollable">False</property>
+ <property name="enable_popup">False</property>
+
+ <child>
+ <widget class="GtkVBox" id="vbox1">
+ <property name="visible">True</property>
+ <property name="homogeneous">False</property>
+ <property name="spacing">0</property>
+
+ <child>
+ <widget class="GtkTable" id="table6">
+ <property name="visible">True</property>
+ <property name="n_rows">4</property>
+ <property name="n_columns">2</property>
+ <property name="homogeneous">False</property>
+ <property name="row_spacing">5</property>
+ <property name="column_spacing">5</property>
+
+ <child>
+ <widget class="GtkLabel" id="label29">
+ <property name="visible">True</property>
+ <property name="label" translatable="yes">System Default Enforcing Mode</property>
+ <property name="use_underline">False</property>
+ <property name="use_markup">False</property>
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
+ <property name="wrap">False</property>
+ <property name="selectable">False</property>
+ <property name="xalign">0.5</property>
+ <property name="yalign">0.5</property>
+ <property name="xpad">0</property>
+ <property name="ypad">0</property>
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
+ <property name="width_chars">-1</property>
+ <property name="single_line_mode">False</property>
+ <property name="angle">0</property>
+ </widget>
+ <packing>
+ <property name="left_attach">0</property>
+ <property name="right_attach">1</property>
+ <property name="top_attach">0</property>
+ <property name="bottom_attach">1</property>
+ <property name="x_options">fill</property>
+ <property name="y_options"></property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkComboBox" id="enabledOptionMenu">
+ <property name="visible">True</property>
+ <property name="items" translatable="yes">Enforcing
+Permissive
+Disabled
+</property>
+ <property name="add_tearoffs">False</property>
+ <property name="focus_on_click">True</property>
+ </widget>
+ <packing>
+ <property name="left_attach">1</property>
+ <property name="right_attach">2</property>
+ <property name="top_attach">0</property>
+ <property name="bottom_attach">1</property>
+ <property name="y_options">fill</property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkLabel" id="label48">
+ <property name="visible">True</property>
+ <property name="label" translatable="yes">Current Enforcing Mode</property>
+ <property name="use_underline">False</property>
+ <property name="use_markup">False</property>
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
+ <property name="wrap">False</property>
+ <property name="selectable">False</property>
+ <property name="xalign">0.5</property>
+ <property name="yalign">0.5</property>
+ <property name="xpad">0</property>
+ <property name="ypad">0</property>
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
+ <property name="width_chars">-1</property>
+ <property name="single_line_mode">False</property>
+ <property name="angle">0</property>
+ </widget>
+ <packing>
+ <property name="left_attach">0</property>
+ <property name="right_attach">1</property>
+ <property name="top_attach">1</property>
+ <property name="bottom_attach">2</property>
+ <property name="x_options">fill</property>
+ <property name="y_options"></property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkComboBox" id="currentOptionMenu">
+ <property name="visible">True</property>
+ <property name="items" translatable="yes"></property>
+ <property name="add_tearoffs">False</property>
+ <property name="focus_on_click">True</property>
+ </widget>
+ <packing>
+ <property name="left_attach">1</property>
+ <property name="right_attach">2</property>
+ <property name="top_attach">1</property>
+ <property name="bottom_attach">2</property>
+ <property name="x_options">fill</property>
+ <property name="y_options">fill</property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkLabel" id="typeLabel">
+ <property name="visible">True</property>
+ <property name="label" translatable="yes">System Default Policy Type: </property>
+ <property name="use_underline">False</property>
+ <property name="use_markup">False</property>
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
+ <property name="wrap">False</property>
+ <property name="selectable">False</property>
+ <property name="xalign">0.5</property>
+ <property name="yalign">0.5</property>
+ <property name="xpad">0</property>
+ <property name="ypad">0</property>
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
+ <property name="width_chars">-1</property>
+ <property name="single_line_mode">False</property>
+ <property name="angle">0</property>
+ </widget>
+ <packing>
+ <property name="left_attach">0</property>
+ <property name="right_attach">1</property>
+ <property name="top_attach">2</property>
+ <property name="bottom_attach">3</property>
+ <property name="x_options">fill</property>
+ <property name="y_options"></property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkComboBox" id="selinuxTypeOptionMenu">
+ <property name="visible">True</property>
+ <property name="items" translatable="yes"></property>
+ <property name="add_tearoffs">False</property>
+ <property name="focus_on_click">True</property>
+ </widget>
+ <packing>
+ <property name="left_attach">1</property>
+ <property name="right_attach">2</property>
+ <property name="top_attach">2</property>
+ <property name="bottom_attach">3</property>
+ <property name="x_options">fill</property>
+ <property name="y_options">fill</property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkCheckButton" id="relabelCheckbutton">
+ <property name="visible">True</property>
+ <property name="tooltip" translatable="yes">Select if you wish to relabel then entire file system on next reboot. Relabeling can take a very long time, depending on the size of the system. If you are changing policy types or going from disabled to enforing, a relabel is required.</property>
+ <property name="can_focus">True</property>
+ <property name="relief">GTK_RELIEF_NORMAL</property>
+ <property name="focus_on_click">True</property>
+ <property name="active">False</property>
+ <property name="inconsistent">False</property>
+ <property name="draw_indicator">True</property>
+
+ <child>
+ <widget class="GtkAlignment" id="alignment4">
+ <property name="visible">True</property>
+ <property name="xalign">0.5</property>
+ <property name="yalign">0.5</property>
+ <property name="xscale">0</property>
+ <property name="yscale">0</property>
+ <property name="top_padding">0</property>
+ <property name="bottom_padding">0</property>
+ <property name="left_padding">0</property>
+ <property name="right_padding">0</property>
+
+ <child>
+ <widget class="GtkHBox" id="hbox6">
+ <property name="visible">True</property>
+ <property name="homogeneous">False</property>
+ <property name="spacing">2</property>
+
+ <child>
+ <widget class="GtkImage" id="image2">
+ <property name="visible">True</property>
+ <property name="stock">gtk-refresh</property>
+ <property name="icon_size">4</property>
+ <property name="xalign">0.5</property>
+ <property name="yalign">0.5</property>
+ <property name="xpad">0</property>
+ <property name="ypad">0</property>
+ </widget>
+ <packing>
+ <property name="padding">0</property>
+ <property name="expand">False</property>
+ <property name="fill">False</property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkLabel" id="label49">
+ <property name="visible">True</property>
+ <property name="label" translatable="yes">Relabel on next reboot.</property>
+ <property name="use_underline">True</property>
+ <property name="use_markup">False</property>
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
+ <property name="wrap">False</property>
+ <property name="selectable">False</property>
+ <property name="xalign">0.5</property>
+ <property name="yalign">0.5</property>
+ <property name="xpad">0</property>
+ <property name="ypad">0</property>
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
+ <property name="width_chars">-1</property>
+ <property name="single_line_mode">False</property>
+ <property name="angle">0</property>
+ </widget>
+ <packing>
+ <property name="padding">0</property>
+ <property name="expand">False</property>
+ <property name="fill">False</property>
+ </packing>
+ </child>
+ </widget>
+ </child>
+ </widget>
+ </child>
+ </widget>
+ <packing>
+ <property name="left_attach">0</property>
+ <property name="right_attach">2</property>
+ <property name="top_attach">3</property>
+ <property name="bottom_attach">4</property>
+ <property name="x_options">fill</property>
+ <property name="y_options">fill</property>
+ </packing>
+ </child>
+ </widget>
+ <packing>
+ <property name="padding">0</property>
+ <property name="expand">True</property>
+ <property name="fill">True</property>
+ </packing>
+ </child>
+ </widget>
+ <packing>
+ <property name="tab_expand">False</property>
+ <property name="tab_fill">True</property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkLabel" id="label37">
+ <property name="visible">True</property>
+ <property name="label" translatable="yes">label37</property>
+ <property name="use_underline">False</property>
+ <property name="use_markup">False</property>
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
+ <property name="wrap">False</property>
+ <property name="selectable">False</property>
+ <property name="xalign">0.5</property>
+ <property name="yalign">0.5</property>
+ <property name="xpad">0</property>
+ <property name="ypad">0</property>
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
+ <property name="width_chars">-1</property>
+ <property name="single_line_mode">False</property>
+ <property name="angle">0</property>
+ </widget>
+ <packing>
+ <property name="type">tab</property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkScrolledWindow" id="scrolledwindow18">
+ <property name="visible">True</property>
+ <property name="can_focus">True</property>
+ <property name="hscrollbar_policy">GTK_POLICY_ALWAYS</property>
+ <property name="vscrollbar_policy">GTK_POLICY_ALWAYS</property>
+ <property name="shadow_type">GTK_SHADOW_NONE</property>
+ <property name="window_placement">GTK_CORNER_TOP_LEFT</property>
+
+ <child>
+ <widget class="GtkTreeView" id="booleansView">
+ <property name="visible">True</property>
+ <property name="can_focus">True</property>
+ <property name="headers_visible">False</property>
+ <property name="rules_hint">False</property>
+ <property name="reorderable">False</property>
+ <property name="enable_search">True</property>
+ <property name="fixed_height_mode">False</property>
+ <property name="hover_selection">False</property>
+ <property name="hover_expand">False</property>
+ </widget>
+ </child>
+ </widget>
+ <packing>
+ <property name="tab_expand">False</property>
+ <property name="tab_fill">True</property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkLabel" id="label50">
+ <property name="visible">True</property>
+ <property name="label" translatable="yes">label50</property>
+ <property name="use_underline">False</property>
+ <property name="use_markup">False</property>
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
+ <property name="wrap">False</property>
+ <property name="selectable">False</property>
+ <property name="xalign">0.5</property>
+ <property name="yalign">0.5</property>
+ <property name="xpad">0</property>
+ <property name="ypad">0</property>
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
+ <property name="width_chars">-1</property>
+ <property name="single_line_mode">False</property>
+ <property name="angle">0</property>
+ </widget>
+ <packing>
+ <property name="type">tab</property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkVBox" id="vbox11">
+ <property name="visible">True</property>
+ <property name="homogeneous">False</property>
+ <property name="spacing">0</property>
+
+ <child>
+ <widget class="GtkToolbar" id="toolbar2">
+ <property name="visible">True</property>
+ <property name="orientation">GTK_ORIENTATION_HORIZONTAL</property>
+ <property name="toolbar_style">GTK_TOOLBAR_BOTH</property>
+ <property name="tooltips">True</property>
+ <property name="show_arrow">True</property>
+
+ <child>
+ <widget class="GtkToolButton" id="toolbutton5">
+ <property name="visible">True</property>
+ <property name="tooltip" translatable="yes">Add File Context</property>
+ <property name="stock_id">gtk-add</property>
+ <property name="visible_horizontal">True</property>
+ <property name="visible_vertical">True</property>
+ <property name="is_important">False</property>
+ <signal name="clicked" handler="on_add_clicked" last_modification_time="Mon, 16 Jan 2006 18:27:03 GMT"/>
+ </widget>
+ <packing>
+ <property name="expand">False</property>
+ <property name="homogeneous">True</property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkToolButton" id="toolbutton6">
+ <property name="visible">True</property>
+ <property name="tooltip" translatable="yes">Modify File Context</property>
+ <property name="stock_id">gtk-properties</property>
+ <property name="visible_horizontal">True</property>
+ <property name="visible_vertical">True</property>
+ <property name="is_important">False</property>
+ <signal name="clicked" handler="on_properties_clicked" last_modification_time="Mon, 16 Jan 2006 18:26:51 GMT"/>
+ </widget>
+ <packing>
+ <property name="expand">False</property>
+ <property name="homogeneous">True</property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkToolButton" id="toolbutton7">
+ <property name="visible">True</property>
+ <property name="tooltip" translatable="yes">Delete File Context</property>
+ <property name="stock_id">gtk-delete</property>
+ <property name="visible_horizontal">True</property>
+ <property name="visible_vertical">True</property>
+ <property name="is_important">False</property>
+ <signal name="clicked" handler="on_delete_clicked" last_modification_time="Mon, 16 Jan 2006 18:26:29 GMT"/>
+ </widget>
+ <packing>
+ <property name="expand">False</property>
+ <property name="homogeneous">True</property>
+ </packing>
+ </child>
+ </widget>
+ <packing>
+ <property name="padding">0</property>
+ <property name="expand">False</property>
+ <property name="fill">False</property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkScrolledWindow" id="scrolledwindow17">
+ <property name="visible">True</property>
+ <property name="can_focus">True</property>
+ <property name="hscrollbar_policy">GTK_POLICY_ALWAYS</property>
+ <property name="vscrollbar_policy">GTK_POLICY_ALWAYS</property>
+ <property name="shadow_type">GTK_SHADOW_NONE</property>
+ <property name="window_placement">GTK_CORNER_TOP_LEFT</property>
+
+ <child>
+ <widget class="GtkTreeView" id="fcontextView">
+ <property name="visible">True</property>
+ <property name="can_focus">True</property>
+ <property name="headers_visible">True</property>
+ <property name="rules_hint">False</property>
+ <property name="reorderable">False</property>
+ <property name="enable_search">True</property>
+ <property name="fixed_height_mode">False</property>
+ <property name="hover_selection">False</property>
+ <property name="hover_expand">False</property>
+ </widget>
+ </child>
+ </widget>
+ <packing>
+ <property name="padding">0</property>
+ <property name="expand">True</property>
+ <property name="fill">True</property>
+ </packing>
+ </child>
+ </widget>
+ <packing>
+ <property name="tab_expand">False</property>
+ <property name="tab_fill">True</property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkLabel" id="label38">
+ <property name="visible">True</property>
+ <property name="label" translatable="yes">label38</property>
+ <property name="use_underline">False</property>
+ <property name="use_markup">False</property>
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
+ <property name="wrap">False</property>
+ <property name="selectable">False</property>
+ <property name="xalign">0.5</property>
+ <property name="yalign">0.5</property>
+ <property name="xpad">0</property>
+ <property name="ypad">0</property>
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
+ <property name="width_chars">-1</property>
+ <property name="single_line_mode">False</property>
+ <property name="angle">0</property>
+ </widget>
+ <packing>
+ <property name="type">tab</property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkVBox" id="vbox12">
+ <property name="visible">True</property>
+ <property name="homogeneous">False</property>
+ <property name="spacing">0</property>
+
+ <child>
+ <widget class="GtkToolbar" id="toolbar3">
+ <property name="visible">True</property>
+ <property name="orientation">GTK_ORIENTATION_HORIZONTAL</property>
+ <property name="toolbar_style">GTK_TOOLBAR_BOTH</property>
+ <property name="tooltips">True</property>
+ <property name="show_arrow">True</property>
+
+ <child>
+ <widget class="GtkToolButton" id="toolbutton8">
+ <property name="visible">True</property>
+ <property name="tooltip" translatable="yes">Add SELinux User Mapping</property>
+ <property name="stock_id">gtk-add</property>
+ <property name="visible_horizontal">True</property>
+ <property name="visible_vertical">True</property>
+ <property name="is_important">False</property>
+ <signal name="clicked" handler="on_add_clicked" last_modification_time="Mon, 16 Jan 2006 18:27:03 GMT"/>
+ </widget>
+ <packing>
+ <property name="expand">False</property>
+ <property name="homogeneous">True</property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkToolButton" id="toolbutton29">
+ <property name="visible">True</property>
+ <property name="tooltip" translatable="yes">Modify SELinux User Mapping</property>
+ <property name="stock_id">gtk-properties</property>
+ <property name="visible_horizontal">True</property>
+ <property name="visible_vertical">True</property>
+ <property name="is_important">False</property>
+ <signal name="clicked" handler="on_properties_clicked" last_modification_time="Wed, 15 Nov 2006 16:38:33 GMT"/>
+ </widget>
+ <packing>
+ <property name="expand">False</property>
+ <property name="homogeneous">True</property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkToolButton" id="toolbutton10">
+ <property name="visible">True</property>
+ <property name="tooltip" translatable="yes">Delete SELinux User Mapping</property>
+ <property name="stock_id">gtk-delete</property>
+ <property name="visible_horizontal">True</property>
+ <property name="visible_vertical">True</property>
+ <property name="is_important">False</property>
+ <signal name="clicked" handler="on_delete_clicked" last_modification_time="Mon, 16 Jan 2006 18:26:29 GMT"/>
+ </widget>
+ <packing>
+ <property name="expand">False</property>
+ <property name="homogeneous">True</property>
+ </packing>
+ </child>
+ </widget>
+ <packing>
+ <property name="padding">0</property>
+ <property name="expand">False</property>
+ <property name="fill">False</property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkScrolledWindow" id="scrolledwindow16">
+ <property name="visible">True</property>
+ <property name="can_focus">True</property>
+ <property name="hscrollbar_policy">GTK_POLICY_ALWAYS</property>
+ <property name="vscrollbar_policy">GTK_POLICY_ALWAYS</property>
+ <property name="shadow_type">GTK_SHADOW_NONE</property>
+ <property name="window_placement">GTK_CORNER_TOP_LEFT</property>
+
+ <child>
+ <widget class="GtkTreeView" id="loginsView">
+ <property name="visible">True</property>
+ <property name="can_focus">True</property>
+ <property name="headers_visible">True</property>
+ <property name="rules_hint">False</property>
+ <property name="reorderable">False</property>
+ <property name="enable_search">True</property>
+ <property name="fixed_height_mode">False</property>
+ <property name="hover_selection">False</property>
+ <property name="hover_expand">False</property>
+ </widget>
+ </child>
+ </widget>
+ <packing>
+ <property name="padding">0</property>
+ <property name="expand">True</property>
+ <property name="fill">True</property>
+ </packing>
+ </child>
+ </widget>
+ <packing>
+ <property name="tab_expand">False</property>
+ <property name="tab_fill">True</property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkLabel" id="label39">
+ <property name="visible">True</property>
+ <property name="label" translatable="yes">label39</property>
+ <property name="use_underline">False</property>
+ <property name="use_markup">False</property>
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
+ <property name="wrap">False</property>
+ <property name="selectable">False</property>
+ <property name="xalign">0.5</property>
+ <property name="yalign">0.5</property>
+ <property name="xpad">0</property>
+ <property name="ypad">0</property>
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
+ <property name="width_chars">-1</property>
+ <property name="single_line_mode">False</property>
+ <property name="angle">0</property>
+ </widget>
+ <packing>
+ <property name="type">tab</property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkVBox" id="vbox14">
+ <property name="visible">True</property>
+ <property name="homogeneous">False</property>
+ <property name="spacing">0</property>
+
+ <child>
+ <widget class="GtkToolbar" id="toolbar5">
+ <property name="visible">True</property>
+ <property name="orientation">GTK_ORIENTATION_HORIZONTAL</property>
+ <property name="toolbar_style">GTK_TOOLBAR_BOTH</property>
+ <property name="tooltips">True</property>
+ <property name="show_arrow">True</property>
+
+ <child>
+ <widget class="GtkToolButton" id="toolbutton14">
+ <property name="visible">True</property>
+ <property name="tooltip" translatable="yes">Add Translation</property>
+ <property name="stock_id">gtk-add</property>
+ <property name="visible_horizontal">True</property>
+ <property name="visible_vertical">True</property>
+ <property name="is_important">False</property>
+ <signal name="clicked" handler="on_add_clicked" last_modification_time="Mon, 16 Jan 2006 18:27:03 GMT"/>
+ </widget>
+ <packing>
+ <property name="expand">False</property>
+ <property name="homogeneous">True</property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkToolButton" id="toolbutton15">
+ <property name="visible">True</property>
+ <property name="tooltip" translatable="yes">Modify Translation</property>
+ <property name="stock_id">gtk-properties</property>
+ <property name="visible_horizontal">True</property>
+ <property name="visible_vertical">True</property>
+ <property name="is_important">False</property>
+ <signal name="clicked" handler="on_properties_clicked" last_modification_time="Mon, 16 Jan 2006 18:26:51 GMT"/>
+ </widget>
+ <packing>
+ <property name="expand">False</property>
+ <property name="homogeneous">True</property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkToolButton" id="toolbutton16">
+ <property name="visible">True</property>
+ <property name="tooltip" translatable="yes">Delete Translation</property>
+ <property name="stock_id">gtk-delete</property>
+ <property name="visible_horizontal">True</property>
+ <property name="visible_vertical">True</property>
+ <property name="is_important">False</property>
+ <signal name="clicked" handler="on_delete_clicked" last_modification_time="Mon, 16 Jan 2006 18:26:29 GMT"/>
+ </widget>
+ <packing>
+ <property name="expand">False</property>
+ <property name="homogeneous">True</property>
+ </packing>
+ </child>
+ </widget>
+ <packing>
+ <property name="padding">0</property>
+ <property name="expand">False</property>
+ <property name="fill">False</property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkScrolledWindow" id="scrolledwindow11">
+ <property name="visible">True</property>
+ <property name="can_focus">True</property>
+ <property name="hscrollbar_policy">GTK_POLICY_ALWAYS</property>
+ <property name="vscrollbar_policy">GTK_POLICY_ALWAYS</property>
+ <property name="shadow_type">GTK_SHADOW_NONE</property>
+ <property name="window_placement">GTK_CORNER_TOP_LEFT</property>
+
+ <child>
+ <widget class="GtkTreeView" id="usersView">
+ <property name="visible">True</property>
+ <property name="can_focus">True</property>
+ <property name="headers_visible">True</property>
+ <property name="rules_hint">False</property>
+ <property name="reorderable">False</property>
+ <property name="enable_search">True</property>
+ <property name="fixed_height_mode">False</property>
+ <property name="hover_selection">False</property>
+ <property name="hover_expand">False</property>
+ </widget>
+ </child>
+ </widget>
+ <packing>
+ <property name="padding">0</property>
+ <property name="expand">True</property>
+ <property name="fill">True</property>
+ </packing>
+ </child>
+ </widget>
+ <packing>
+ <property name="tab_expand">False</property>
+ <property name="tab_fill">True</property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkLabel" id="label41">
+ <property name="visible">True</property>
+ <property name="label" translatable="yes">label41</property>
+ <property name="use_underline">False</property>
+ <property name="use_markup">False</property>
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
+ <property name="wrap">False</property>
+ <property name="selectable">False</property>
+ <property name="xalign">0.5</property>
+ <property name="yalign">0.5</property>
+ <property name="xpad">0</property>
+ <property name="ypad">0</property>
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
+ <property name="width_chars">-1</property>
+ <property name="single_line_mode">False</property>
+ <property name="angle">0</property>
+ </widget>
+ <packing>
+ <property name="type">tab</property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkVBox" id="vbox13">
+ <property name="visible">True</property>
+ <property name="homogeneous">False</property>
+ <property name="spacing">0</property>
+
+ <child>
+ <widget class="GtkToolbar" id="toolbar4">
+ <property name="visible">True</property>
+ <property name="orientation">GTK_ORIENTATION_HORIZONTAL</property>
+ <property name="toolbar_style">GTK_TOOLBAR_BOTH</property>
+ <property name="tooltips">True</property>
+ <property name="show_arrow">True</property>
+
+ <child>
+ <widget class="GtkToolButton" id="toolbutton11">
+ <property name="visible">True</property>
+ <property name="tooltip" translatable="yes">Add SELinux User</property>
+ <property name="stock_id">gtk-add</property>
+ <property name="visible_horizontal">True</property>
+ <property name="visible_vertical">True</property>
+ <property name="is_important">False</property>
+ <signal name="clicked" handler="on_add_clicked" last_modification_time="Mon, 16 Jan 2006 18:27:03 GMT"/>
+ </widget>
+ <packing>
+ <property name="expand">False</property>
+ <property name="homogeneous">True</property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkToolButton" id="toolbutton12">
+ <property name="visible">True</property>
+ <property name="tooltip" translatable="yes">Modify SELinux User</property>
+ <property name="stock_id">gtk-properties</property>
+ <property name="visible_horizontal">True</property>
+ <property name="visible_vertical">True</property>
+ <property name="is_important">False</property>
+ <signal name="clicked" handler="on_properties_clicked" last_modification_time="Mon, 16 Jan 2006 18:26:51 GMT"/>
+ </widget>
+ <packing>
+ <property name="expand">False</property>
+ <property name="homogeneous">True</property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkToolButton" id="toolbutton13">
+ <property name="visible">True</property>
+ <property name="tooltip" translatable="yes">Add SELinux User</property>
+ <property name="stock_id">gtk-delete</property>
+ <property name="visible_horizontal">True</property>
+ <property name="visible_vertical">True</property>
+ <property name="is_important">False</property>
+ <signal name="clicked" handler="on_delete_clicked" last_modification_time="Mon, 16 Jan 2006 18:26:29 GMT"/>
+ </widget>
+ <packing>
+ <property name="expand">False</property>
+ <property name="homogeneous">True</property>
+ </packing>
+ </child>
+ </widget>
+ <packing>
+ <property name="padding">0</property>
+ <property name="expand">False</property>
+ <property name="fill">False</property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkScrolledWindow" id="scrolledwindow12">
+ <property name="visible">True</property>
+ <property name="can_focus">True</property>
+ <property name="hscrollbar_policy">GTK_POLICY_ALWAYS</property>
+ <property name="vscrollbar_policy">GTK_POLICY_ALWAYS</property>
+ <property name="shadow_type">GTK_SHADOW_NONE</property>
+ <property name="window_placement">GTK_CORNER_TOP_LEFT</property>
+
+ <child>
+ <widget class="GtkTreeView" id="translationsView">
+ <property name="visible">True</property>
+ <property name="can_focus">True</property>
+ <property name="headers_visible">True</property>
+ <property name="rules_hint">False</property>
+ <property name="reorderable">False</property>
+ <property name="enable_search">True</property>
+ <property name="fixed_height_mode">False</property>
+ <property name="hover_selection">False</property>
+ <property name="hover_expand">False</property>
+ </widget>
+ </child>
+ </widget>
+ <packing>
+ <property name="padding">0</property>
+ <property name="expand">True</property>
+ <property name="fill">True</property>
+ </packing>
+ </child>
+ </widget>
+ <packing>
+ <property name="tab_expand">False</property>
+ <property name="tab_fill">True</property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkLabel" id="label40">
+ <property name="visible">True</property>
+ <property name="label" translatable="yes">label40</property>
+ <property name="use_underline">False</property>
+ <property name="use_markup">False</property>
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
+ <property name="wrap">False</property>
+ <property name="selectable">False</property>
+ <property name="xalign">0.5</property>
+ <property name="yalign">0.5</property>
+ <property name="xpad">0</property>
+ <property name="ypad">0</property>
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
+ <property name="width_chars">-1</property>
+ <property name="single_line_mode">False</property>
+ <property name="angle">0</property>
+ </widget>
+ <packing>
+ <property name="type">tab</property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkVBox" id="vbox15">
+ <property name="visible">True</property>
+ <property name="homogeneous">False</property>
+ <property name="spacing">0</property>
+
+ <child>
+ <widget class="GtkToolbar" id="toolbar6">
+ <property name="visible">True</property>
+ <property name="orientation">GTK_ORIENTATION_HORIZONTAL</property>
+ <property name="toolbar_style">GTK_TOOLBAR_BOTH</property>
+ <property name="tooltips">False</property>
+ <property name="show_arrow">True</property>
+
+ <child>
+ <widget class="GtkToolButton" id="portsAddButton">
+ <property name="visible">True</property>
+ <property name="tooltip" translatable="yes">Add Network Port</property>
+ <property name="stock_id">gtk-add</property>
+ <property name="visible_horizontal">True</property>
+ <property name="visible_vertical">True</property>
+ <property name="is_important">False</property>
+ <signal name="clicked" handler="on_add_clicked" last_modification_time="Mon, 16 Jan 2006 18:27:03 GMT"/>
+ </widget>
+ <packing>
+ <property name="expand">False</property>
+ <property name="homogeneous">True</property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkToolButton" id="portsPropertiesButton">
+ <property name="visible">True</property>
+ <property name="tooltip" translatable="yes">Edit Network Port</property>
+ <property name="stock_id">gtk-properties</property>
+ <property name="visible_horizontal">True</property>
+ <property name="visible_vertical">True</property>
+ <property name="is_important">False</property>
+ <signal name="clicked" handler="on_properties_clicked" last_modification_time="Mon, 16 Jan 2006 18:26:51 GMT"/>
+ </widget>
+ <packing>
+ <property name="expand">False</property>
+ <property name="homogeneous">True</property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkToolButton" id="portsDeleteButton">
+ <property name="visible">True</property>
+ <property name="tooltip" translatable="yes">Delete Network Port</property>
+ <property name="stock_id">gtk-delete</property>
+ <property name="visible_horizontal">True</property>
+ <property name="visible_vertical">True</property>
+ <property name="is_important">False</property>
+ <signal name="clicked" handler="on_delete_clicked" last_modification_time="Mon, 16 Jan 2006 18:26:29 GMT"/>
+ </widget>
+ <packing>
+ <property name="expand">False</property>
+ <property name="homogeneous">True</property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkToolItem" id="toolitem2">
+ <property name="visible">True</property>
+ <property name="visible_horizontal">True</property>
+ <property name="visible_vertical">True</property>
+ <property name="is_important">False</property>
+
+ <child>
+ <widget class="GtkVSeparator" id="vseparator1">
+ <property name="width_request">32</property>
+ <property name="visible">True</property>
+ </widget>
+ </child>
+ </widget>
+ <packing>
+ <property name="expand">False</property>
+ <property name="homogeneous">False</property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkToolItem" id="toolitem1">
+ <property name="visible">True</property>
+ <property name="visible_horizontal">True</property>
+ <property name="visible_vertical">True</property>
+ <property name="is_important">False</property>
+
+ <child>
+ <widget class="GtkToggleButton" id="portsGroupTogglebutton">
+ <property name="visible">True</property>
+ <property name="tooltip" translatable="yes">Group/ungroup network ports by SELinux type.</property>
+ <property name="can_focus">True</property>
+ <property name="relief">GTK_RELIEF_NORMAL</property>
+ <property name="focus_on_click">True</property>
+ <property name="active">False</property>
+ <property name="inconsistent">False</property>
+ <signal name="toggled" handler="on_groupview_toggled" last_modification_time="Wed, 15 Nov 2006 16:55:38 GMT"/>
+
+ <child>
+ <widget class="GtkAlignment" id="alignment3">
+ <property name="visible">True</property>
+ <property name="xalign">0.5</property>
+ <property name="yalign">0.5</property>
+ <property name="xscale">0</property>
+ <property name="yscale">0</property>
+ <property name="top_padding">0</property>
+ <property name="bottom_padding">0</property>
+ <property name="left_padding">0</property>
+ <property name="right_padding">0</property>
+
+ <child>
+ <widget class="GtkHBox" id="hbox5">
+ <property name="visible">True</property>
+ <property name="homogeneous">False</property>
+ <property name="spacing">2</property>
+
+ <child>
+ <widget class="GtkImage" id="image1">
+ <property name="visible">True</property>
+ <property name="stock">gtk-indent</property>
+ <property name="icon_size">4</property>
+ <property name="xalign">0.5</property>
+ <property name="yalign">0.5</property>
+ <property name="xpad">0</property>
+ <property name="ypad">0</property>
+ </widget>
+ <packing>
+ <property name="padding">0</property>
+ <property name="expand">False</property>
+ <property name="fill">False</property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkLabel" id="label46">
+ <property name="visible">True</property>
+ <property name="label" translatable="yes">Group View</property>
+ <property name="use_underline">True</property>
+ <property name="use_markup">False</property>
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
+ <property name="wrap">False</property>
+ <property name="selectable">False</property>
+ <property name="xalign">0.5</property>
+ <property name="yalign">0.5</property>
+ <property name="xpad">0</property>
+ <property name="ypad">0</property>
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
+ <property name="width_chars">-1</property>
+ <property name="single_line_mode">False</property>
+ <property name="angle">0</property>
+ </widget>
+ <packing>
+ <property name="padding">0</property>
+ <property name="expand">False</property>
+ <property name="fill">False</property>
+ </packing>
+ </child>
+ </widget>
+ </child>
+ </widget>
+ </child>
+ </widget>
+ </child>
+ </widget>
+ <packing>
+ <property name="expand">False</property>
+ <property name="homogeneous">False</property>
+ </packing>
+ </child>
+ </widget>
+ <packing>
+ <property name="padding">0</property>
+ <property name="expand">False</property>
+ <property name="fill">False</property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkScrolledWindow" id="scrolledwindow13">
+ <property name="visible">True</property>
+ <property name="can_focus">True</property>
+ <property name="hscrollbar_policy">GTK_POLICY_ALWAYS</property>
+ <property name="vscrollbar_policy">GTK_POLICY_ALWAYS</property>
+ <property name="shadow_type">GTK_SHADOW_NONE</property>
+ <property name="window_placement">GTK_CORNER_TOP_LEFT</property>
+
+ <child>
+ <widget class="GtkTreeView" id="portsView">
+ <property name="visible">True</property>
+ <property name="can_focus">True</property>
+ <property name="headers_visible">True</property>
+ <property name="rules_hint">False</property>
+ <property name="reorderable">False</property>
+ <property name="enable_search">True</property>
+ <property name="fixed_height_mode">False</property>
+ <property name="hover_selection">False</property>
+ <property name="hover_expand">False</property>
+ </widget>
+ </child>
+ </widget>
+ <packing>
+ <property name="padding">0</property>
+ <property name="expand">True</property>
+ <property name="fill">True</property>
+ </packing>
+ </child>
+ </widget>
+ <packing>
+ <property name="tab_expand">False</property>
+ <property name="tab_fill">True</property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkLabel" id="label42">
+ <property name="visible">True</property>
+ <property name="label" translatable="yes">label42</property>
+ <property name="use_underline">False</property>
+ <property name="use_markup">False</property>
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
+ <property name="wrap">False</property>
+ <property name="selectable">False</property>
+ <property name="xalign">0.5</property>
+ <property name="yalign">0.5</property>
+ <property name="xpad">0</property>
+ <property name="ypad">0</property>
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
+ <property name="width_chars">-1</property>
+ <property name="single_line_mode">False</property>
+ <property name="angle">0</property>
+ </widget>
+ <packing>
+ <property name="type">tab</property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkVBox" id="vbox17">
+ <property name="visible">True</property>
+ <property name="homogeneous">False</property>
+ <property name="spacing">0</property>
+
+ <child>
+ <widget class="GtkToolbar" id="toolbar8">
+ <property name="visible">True</property>
+ <property name="orientation">GTK_ORIENTATION_HORIZONTAL</property>
+ <property name="toolbar_style">GTK_TOOLBAR_BOTH</property>
+ <property name="tooltips">True</property>
+ <property name="show_arrow">True</property>
+
+ <child>
+ <widget class="GtkToolButton" id="toolbutton23">
+ <property name="visible">True</property>
+ <property name="tooltip" translatable="yes">Load policy module</property>
+ <property name="stock_id">gtk-add</property>
+ <property name="visible_horizontal">True</property>
+ <property name="visible_vertical">True</property>
+ <property name="is_important">False</property>
+ <signal name="clicked" handler="on_add_clicked" last_modification_time="Mon, 16 Jan 2006 18:27:03 GMT"/>
+ </widget>
+ <packing>
+ <property name="expand">False</property>
+ <property name="homogeneous">True</property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkToolButton" id="toolbutton25">
+ <property name="visible">True</property>
+ <property name="tooltip" translatable="yes">Remove loadable policy module</property>
+ <property name="stock_id">gtk-remove</property>
+ <property name="visible_horizontal">True</property>
+ <property name="visible_vertical">True</property>
+ <property name="is_important">False</property>
+ <signal name="clicked" handler="on_delete_clicked" last_modification_time="Mon, 16 Jan 2006 18:26:29 GMT"/>
+ </widget>
+ <packing>
+ <property name="expand">False</property>
+ <property name="homogeneous">True</property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkToolItem" id="toolitem3">
+ <property name="visible">True</property>
+ <property name="visible_horizontal">True</property>
+ <property name="visible_vertical">True</property>
+ <property name="is_important">False</property>
+
+ <child>
+ <widget class="GtkVSeparator" id="vseparator2">
+ <property name="width_request">10</property>
+ <property name="visible">True</property>
+ </widget>
+ </child>
+ </widget>
+ <packing>
+ <property name="expand">False</property>
+ <property name="homogeneous">False</property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkToolButton" id="enableAuditButton">
+ <property name="visible">True</property>
+ <property name="tooltip" translatable="yes">Enable additional audit rules, that are normally not reported in the log files.</property>
+ <property name="label" translatable="yes">Enable Audit</property>
+ <property name="use_underline">True</property>
+ <property name="stock_id">gtk-zoom-in</property>
+ <property name="visible_horizontal">True</property>
+ <property name="visible_vertical">True</property>
+ <property name="is_important">False</property>
+ <signal name="clicked" handler="on_disable_audit_clicked" last_modification_time="Wed, 15 Nov 2006 16:29:34 GMT"/>
+ </widget>
+ <packing>
+ <property name="expand">False</property>
+ <property name="homogeneous">True</property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkToolButton" id="disableAuditButton">
+ <property name="visible">True</property>
+ <property name="tooltip" translatable="yes">Disable additional audit rules, that are normally not reported in the log files.</property>
+ <property name="label" translatable="yes">Disable Audit</property>
+ <property name="use_underline">True</property>
+ <property name="stock_id">gtk-zoom-out</property>
+ <property name="visible_horizontal">True</property>
+ <property name="visible_vertical">True</property>
+ <property name="is_important">False</property>
+ <signal name="clicked" handler="on_disable_audit_clicked" last_modification_time="Wed, 15 Nov 2006 16:29:34 GMT"/>
+ </widget>
+ <packing>
+ <property name="expand">False</property>
+ <property name="homogeneous">True</property>
+ </packing>
+ </child>
+ </widget>
+ <packing>
+ <property name="padding">0</property>
+ <property name="expand">False</property>
+ <property name="fill">False</property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkScrolledWindow" id="scrolledwindow15">
+ <property name="visible">True</property>
+ <property name="can_focus">True</property>
+ <property name="hscrollbar_policy">GTK_POLICY_ALWAYS</property>
+ <property name="vscrollbar_policy">GTK_POLICY_ALWAYS</property>
+ <property name="shadow_type">GTK_SHADOW_NONE</property>
+ <property name="window_placement">GTK_CORNER_TOP_LEFT</property>
+
+ <child>
+ <widget class="GtkTreeView" id="modulesView">
+ <property name="visible">True</property>
+ <property name="can_focus">True</property>
+ <property name="headers_visible">True</property>
+ <property name="rules_hint">False</property>
+ <property name="reorderable">False</property>
+ <property name="enable_search">True</property>
+ <property name="fixed_height_mode">False</property>
+ <property name="hover_selection">False</property>
+ <property name="hover_expand">False</property>
+ </widget>
+ </child>
+ </widget>
+ <packing>
+ <property name="padding">0</property>
+ <property name="expand">True</property>
+ <property name="fill">True</property>
+ </packing>
+ </child>
+ </widget>
+ <packing>
+ <property name="tab_expand">False</property>
+ <property name="tab_fill">True</property>
+ </packing>
+ </child>
+
+ <child>
+ <widget class="GtkLabel" id="label44">
+ <property name="visible">True</property>
+ <property name="label" translatable="yes">label44</property>
+ <property name="use_underline">False</property>
+ <property name="use_markup">False</property>
+ <property name="justify">GTK_JUSTIFY_LEFT</property>
+ <property name="wrap">False</property>
+ <property name="selectable">False</property>
+ <property name="xalign">0.5</property>
+ <property name="yalign">0.5</property>
+ <property name="xpad">0</property>
+ <property name="ypad">0</property>
+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
+ <property name="width_chars">-1</property>
+ <property name="single_line_mode">False</property>
+ <property name="angle">0</property>
+ </widget>
+ <packing>
+ <property name="type">tab</property>
+ </packing>
+ </child>
+ </widget>
+ <packing>
+ <property name="shrink">True</property>
+ <property name="resize">True</property>
+ </packing>
+ </child>
+ </widget>
+ </child>
+ </widget>
+ <packing>
+ <property name="padding">0</property>
+ <property name="expand">True</property>
+ <property name="fill">True</property>
+ </packing>
+ </child>
+
+ <child internal-child="appbar">
+ <widget class="GnomeAppBar" id="appbar2">
+ <property name="visible">True</property>
+ <property name="has_progress">True</property>
+ <property name="has_status">True</property>
+ </widget>
+ <packing>
+ <property name="padding">0</property>
+ <property name="expand">True</property>
+ <property name="fill">True</property>
+ </packing>
+ </child>
+</widget>
+
+</glade-interface>
diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/system-config-selinux.py policycoreutils-1.33.7/gui/system-config-selinux.py
--- nsapolicycoreutils/gui/system-config-selinux.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-1.33.7/gui/system-config-selinux.py 2007-01-04 16:24:30.000000000 -0500
@@ -0,0 +1,156 @@
+#!/usr/bin/python
+#
+# system-config-selinux.py - GUI for SELinux Config tool in system-config-selinux
+#
+# Dan Walsh <dwalsh@redhat.com>
+#
+# Copyright 2006 Red Hat, Inc.
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+#
+import signal
+import string
+import gtk
+import gtk.glade
+import os
+import libxml2
+import gobject
+import gnome
+import sys
+import statusPage
+import booleansPage
+import loginsPage
+import usersPage
+import portsPage
+import modulesPage
+import fcontextPage
+import translationsPage
+##
+## I18N
+##
+PROGNAME="system-config-selinux"
+
+import gettext
+gettext.bindtextdomain(PROGNAME, "/usr/share/locale")
+gettext.textdomain(PROGNAME)
+try:
+ gettext.install(PROGNAME, localedir="/usr/share/locale", unicode=1)
+except IOError:
+ import __builtin__
+ __builtin__.__dict__['_'] = unicode
+
+gnome.program_init("SELinux Management Tool", "5")
+
+version = "1.0"
+
+sys.path.append('/usr/share/system-config-selinux')
+
+
+
+##
+## Pull in the Glade file
+##
+if os.access("system-config-selinux.glade", os.F_OK):
+ xml = gtk.glade.XML ("system-config-selinux.glade", domain=PROGNAME)
+else:
+ xml = gtk.glade.XML ("/usr/share/system-config-selinux/system-config-selinux.glade", domain=PROGNAME)
+
+class childWindow:
+ def __init__(self):
+ self.tabs=[]
+ self.xml = xml
+ xml.signal_connect("on_quit_activate", self.destroy)
+ xml.signal_connect("on_delete_clicked", self.delete)
+ xml.signal_connect("on_add_clicked", self.add)
+ xml.signal_connect("on_properties_clicked", self.properties)
+ self.add_page(statusPage.statusPage(xml))
+ self.add_page(booleansPage.booleansPage(xml))
+ self.add_page(fcontextPage.fcontextPage(xml))
+ self.add_page(loginsPage.loginsPage(xml))
+ self.add_page(usersPage.usersPage(xml))
+ self.add_page(translationsPage.translationsPage(xml))
+ self.add_page(portsPage.portsPage(xml))
+ self.add_page(modulesPage.modulesPage(xml)) # modules
+
+ xml.signal_connect("on_quit_activate", self.destroy)
+ xml.signal_connect("on_policy_activate", self.policy)
+ xml.signal_connect("on_logging_activate", self.logging)
+ xml.signal_connect("on_about_activate", self.on_about_activate)
+
+ def add_page(self, page):
+ self.tabs.append(page)
+
+ def policy(self, args):
+ os.spawnl(os.P_NOWAIT, "/usr/share/system-config-selinux/semanagegui.py")
+ def logging(self, args):
+ os.spawnl(os.P_NOWAIT, "/usr/bin/seaudit")
+
+ def delete(self, args):
+ self.tabs[self.notebook.get_current_page()].deleteDialog()
+
+ def add(self, args):
+ self.tabs[self.notebook.get_current_page()].addDialog()
+
+ def properties(self, args):
+ self.tabs[self.notebook.get_current_page()].propertiesDialog()
+
+ def on_about_activate(self, args):
+ dlg = xml.get_widget ("aboutWindow")
+ dlg.run ()
+ dlg.hide ()
+
+ def destroy(self, args):
+ gtk.main_quit()
+
+ def itemSelected(self, selection):
+ store, rows = selection.get_selected_rows()
+ if store != None and len(rows) > 0:
+ self.notebook.set_current_page(rows[0][0])
+ else:
+ self.notebook.set_current_page(0)
+
+
+ def setupScreen(self):
+ # Bring in widgets from glade file.
+ self.mainWindow = self.xml.get_widget("mainWindow")
+ self.notebook = self.xml.get_widget("notebook")
+ self.view = self.xml.get_widget("selectView")
+ self.view.get_selection().connect("changed", self.itemSelected)
+ self.store = gtk.ListStore(gobject.TYPE_STRING)
+ self.view.set_model(self.store)
+ col = gtk.TreeViewColumn("", gtk.CellRendererText(), text = 0)
+ col.set_resizable(True)
+ self.view.append_column(col)
+
+ for page in self.tabs:
+ iter = self.store.append()
+ self.store.set_value(iter, 0, page.get_description())
+ self.view.get_selection().select_path ((0,))
+
+ def stand_alone(self):
+ desktopName = _("Configue SELinux")
+
+ self.setupScreen()
+
+ self.mainWindow.connect("destroy", self.destroy)
+
+ self.mainWindow.show_all()
+ gtk.main()
+
+if __name__ == "__main__":
+ signal.signal (signal.SIGINT, signal.SIG_DFL)
+
+ app = childWindow()
+ app.stand_alone()
diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/translationsPage.py policycoreutils-1.33.7/gui/translationsPage.py
--- nsapolicycoreutils/gui/translationsPage.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-1.33.7/gui/translationsPage.py 2007-01-04 16:24:30.000000000 -0500
@@ -0,0 +1,109 @@
+## translationsPage.py - show selinux translations
+## Copyright (C) 2006 Red Hat, Inc.
+
+## This program is free software; you can redistribute it and/or modify
+## it under the terms of the GNU General Public License as published by
+## the Free Software Foundation; either version 2 of the License, or
+## (at your option) any later version.
+
+## This program is distributed in the hope that it will be useful,
+## but WITHOUT ANY WARRANTY; without even the implied warranty of
+## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+## GNU General Public License for more details.
+
+## You should have received a copy of the GNU General Public License
+## along with this program; if not, write to the Free Software
+## Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+
+## Author: Dan Walsh
+import string
+import gtk
+import gtk.glade
+import os
+import libxml2
+import gobject
+import sys
+import seobject
+from semanagePage import *;
+
+##
+## I18N
+##
+PROGNAME="policycoreutils"
+import gettext
+gettext.bindtextdomain(PROGNAME, "/usr/share/locale")
+gettext.textdomain(PROGNAME)
+try:
+ gettext.install(PROGNAME, localedir="/usr/share/locale", unicode=1)
+except IOError:
+ import __builtin__
+ __builtin__.__dict__['_'] = unicode
+
+class translationsPage(semanagePage):
+ def __init__(self, xml):
+ self.firstTime = False
+ semanagePage.__init__(self, xml, "translations", _("Translation"))
+ self.store = gtk.ListStore(gobject.TYPE_STRING, gobject.TYPE_STRING)
+ self.view.set_model(self.store)
+ self.store.set_sort_column_id(0, gtk.SORT_ASCENDING)
+ col = gtk.TreeViewColumn(_("Sensitvity Level"), gtk.CellRendererText(), text = 0)
+ col.set_sort_column_id(0)
+ col.set_resizable(True)
+ self.view.append_column(col)
+ col = gtk.TreeViewColumn(_("Translation"), gtk.CellRendererText(), text = 1)
+ col.set_sort_column_id(1)
+ col.set_resizable(True)
+ self.view.append_column(col)
+
+ self.load()
+ self.translationsLevelEntry = xml.get_widget("translationsLevelEntry")
+ self.translationsEntry = xml.get_widget("translationsEntry")
+
+ def load(self):
+ self.translation = seobject.setransRecords()
+ dict = self.translation.get_all()
+ keys = dict.keys()
+ keys.sort()
+ self.store.clear()
+ for k in keys:
+ iter = self.store.append()
+ self.store.set_value(iter, 0, k)
+ self.store.set_value(iter, 1, dict[k])
+ self.view.get_selection().select_path ((0,))
+
+ def dialogInit(self):
+ store, iter = self.view.get_selection().get_selected()
+ self.translationsLevelEntry.set_text(store.get_value(iter, 0))
+ self.translationsLevelEntry.set_sensitive(False)
+ self.translationsEntry.set_text(store.get_value(iter, 1))
+
+ def dialogClear(self):
+ self.translationsLevelEntry.set_text("")
+ self.translationsLevelEntry.set_sensitive(True)
+ self.translationsEntry.set_text("")
+
+ def delete(self):
+ store, iter = self.view.get_selection().get_selected()
+ try:
+ level = store.get_value(iter, 0)
+ self.translation.delete(level)
+ store.remove(iter)
+ self.view.get_selection().select_path ((0,))
+ except ValueError, e:
+ self.error(e.args[0])
+
+ def add(self):
+ level = self.translationsLevelEntry.get_text().strip()
+ translation = self.translationsEntry.get_text().strip()
+ self.translation.add(level, translation)
+ iter = self.store.append()
+ self.store.set_value(iter, 0, level)
+ self.store.set_value(iter, 1, translation)
+
+ def modify(self):
+ level = self.translationsLevelEntry.get_text().strip()
+ translation = self.translationsEntry.get_text().strip()
+ self.translation.modify(level, translation)
+ store, iter = self.view.get_selection().get_selected()
+ self.store.set_value(iter, 0, level)
+ self.store.set_value(iter, 1, translation)
diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/usersPage.py policycoreutils-1.33.7/gui/usersPage.py
--- nsapolicycoreutils/gui/usersPage.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-1.33.7/gui/usersPage.py 2007-01-04 16:24:30.000000000 -0500
@@ -0,0 +1,155 @@
+## usersPage.py - show selinux mappings
+## Copyright (C) 2006 Red Hat, Inc.
+
+## This program is free software; you can redistribute it and/or modify
+## it under the terms of the GNU General Public License as published by
+## the Free Software Foundation; either version 2 of the License, or
+## (at your option) any later version.
+
+## This program is distributed in the hope that it will be useful,
+## but WITHOUT ANY WARRANTY; without even the implied warranty of
+## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+## GNU General Public License for more details.
+
+## You should have received a copy of the GNU General Public License
+## along with this program; if not, write to the Free Software
+## Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+
+## Author: Dan Walsh
+import string
+import gtk
+import gtk.glade
+import os
+import libxml2
+import gobject
+import sys
+import seobject
+from semanagePage import *;
+
+##
+## I18N
+##
+PROGNAME="policycoreutils"
+import gettext
+gettext.bindtextdomain(PROGNAME, "/usr/share/locale")
+gettext.textdomain(PROGNAME)
+try:
+ gettext.install(PROGNAME, localedir="/usr/share/locale", unicode=1)
+except IOError:
+ import __builtin__
+ __builtin__.__dict__['_'] = unicode
+
+class usersPage(semanagePage):
+ def __init__(self, xml):
+ semanagePage.__init__(self, xml, "users", "SELinux User")
+ self.store = gtk.ListStore(gobject.TYPE_STRING, gobject.TYPE_STRING, gobject.TYPE_STRING, gobject.TYPE_STRING, gobject.TYPE_STRING)
+ self.view.set_model(self.store)
+ self.store.set_sort_column_id(0, gtk.SORT_ASCENDING)
+
+ col = gtk.TreeViewColumn(_("SELinux\nUser"), gtk.CellRendererText(), text = 0)
+ col.set_sort_column_id(0)
+ col.set_resizable(True)
+ self.view.append_column(col)
+
+ col = gtk.TreeViewColumn(_("Labeling\nPrefix"), gtk.CellRendererText(), text = 1)
+ col.set_resizable(True)
+ self.view.append_column(col)
+ col = gtk.TreeViewColumn(_("MLS/\nMCS Level"), gtk.CellRendererText(), text = 2)
+ col.set_resizable(True)
+ self.view.append_column(col)
+ col = gtk.TreeViewColumn(_("MLS/\nMCS Range"), gtk.CellRendererText(), text = 3)
+ col.set_resizable(True)
+ self.view.append_column(col)
+
+ col = gtk.TreeViewColumn(_("SELinux Roles"), gtk.CellRendererText(), text = 4)
+ col.set_resizable(True)
+ self.view.append_column(col)
+
+ self.load()
+ self.selinuxUserEntry = xml.get_widget("selinuxUserEntry")
+ self.labelPrefixEntry = xml.get_widget("labelPrefixEntry")
+ self.mlsLevelEntry = xml.get_widget("mlsLevelEntry")
+ self.mlsRangeEntry = xml.get_widget("mlsRangeEntry")
+ self.selinuxRolesEntry = xml.get_widget("selinuxRolesEntry")
+
+ def load(self):
+ self.user = seobject.seluserRecords()
+ dict = self.user.get_all()
+ keys = dict.keys()
+ keys.sort()
+ self.store.clear()
+ for k in keys:
+ iter = self.store.append()
+ self.store.set_value(iter, 0, k)
+ self.store.set_value(iter, 1, dict[k][0])
+ self.store.set_value(iter, 2, seobject.translate(dict[k][1]))
+ self.store.set_value(iter, 3, seobject.translate(dict[k][2]))
+ self.store.set_value(iter, 4, dict[k][3])
+ self.view.get_selection().select_path ((0,))
+
+ def delete(self):
+ if semanagePage.delete(self) == gtk.RESPONSE_NO:
+ return None
+
+ def dialogInit(self):
+ store, iter = self.view.get_selection().get_selected()
+ self.selinuxUserEntry.set_text(store.get_value(iter, 0))
+ self.selinuxUserEntry.set_sensitive(False)
+ self.labelPrefixEntry.set_text(store.get_value(iter, 1))
+ self.mlsLevelEntry.set_text(store.get_value(iter, 2))
+ self.mlsRangeEntry.set_text(store.get_value(iter, 3))
+ self.selinuxRolesEntry.set_text(store.get_value(iter, 4))
+ protocol=store.get_value(iter, 2)
+
+ def dialogClear(self):
+ self.selinuxUserEntry.set_text("")
+ self.selinuxUserEntry.set_sensitive(True)
+ self.labelPrefixEntry.set_text("")
+ self.mlsLevelEntry.set_text("s0")
+ self.mlsRangeEntry.set_text("s0")
+ self.selinuxRolesEntry.set_text("")
+
+ def add(self):
+ user = self.selinuxUserEntry.get_text()
+ prefix = self.labelPrefixEntry.get_text()
+ level = self.mlsLevelEntry.get_text()
+ range = self.mlsRangeEntry.get_text()
+ roles = self.selinuxRolesEntry.get_text()
+
+ self.user.add(user, roles.split(), level, range, prefix)
+ iter = self.store.append()
+ self.store.set_value(iter, 0, user)
+ self.store.set_value(iter, 1, prefix)
+ self.store.set_value(iter, 2, level)
+ self.store.set_value(iter, 3, range)
+ self.store.set_value(iter, 4, roles)
+
+ def modify(self):
+ user = self.selinuxUserEntry.get_text()
+ prefix = self.labelPrefixEntry.get_text()
+ level = self.mlsLevelEntry.get_text()
+ range = self.mlsRangeEntry.get_text()
+ roles = self.selinuxRolesEntry.get_text()
+
+ self.user.modify(user, roles.split(), level, range, prefix)
+ store, iter = self.view.get_selection().get_selected()
+ iter = self.store.append()
+ self.store.set_value(iter, 0, user)
+ self.store.set_value(iter, 1, prefix)
+ self.store.set_value(iter, 2, level)
+ self.store.set_value(iter, 3, range)
+ self.store.set_value(iter, 4, roles)
+
+ def delete(self):
+ store, iter = self.view.get_selection().get_selected()
+ try:
+ user=store.get_value(iter, 0)
+ if user == "root" or user == "user_u":
+ raise ValueError(_("SELinux user '%s' is required") % user)
+
+ self.user.delete(user)
+ store.remove(iter)
+ self.view.get_selection().select_path ((0,))
+ except ValueError, e:
+ self.error(e.args[0])
+
diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/Makefile policycoreutils-1.33.7/Makefile
--- nsapolicycoreutils/Makefile 2006-11-16 17:15:00.000000000 -0500
+++ policycoreutils-1.33.7/Makefile 2007-01-04 16:24:30.000000000 -0500
@@ -1,4 +1,4 @@
-SUBDIRS=setfiles semanage load_policy newrole run_init restorecon restorecond secon audit2allow audit2why scripts sestatus semodule_package semodule semodule_link semodule_expand semodule_deps setsebool po
+SUBDIRS=setfiles semanage load_policy newrole run_init restorecon restorecond secon audit2allow audit2why scripts sestatus semodule_package semodule semodule_link semodule_expand semodule_deps setsebool po gui
all install relabel clean indent:
@for subdir in $(SUBDIRS); do \
diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/newrole/newrole.c policycoreutils-1.33.7/newrole/newrole.c
--- nsapolicycoreutils/newrole/newrole.c 2007-01-04 17:01:41.000000000 -0500
+++ policycoreutils-1.33.7/newrole/newrole.c 2007-01-04 16:24:47.000000000 -0500
@@ -67,6 +67,7 @@
#include <selinux/get_context_list.h> /* for SELINUX_DEFAULTUSER */
#include <signal.h>
#include <unistd.h> /* for getuid(), exit(), getopt() */
+#include <sys/stat.h>
#ifdef USE_AUDIT
#include <libaudit.h>
#endif
@@ -93,6 +94,19 @@
extern char **environ;
+static int check_isapty(int fd) {
+ struct stat buf;
+ if ((isatty(fd)) && (fstat(fd, &buf) == 0)) {
+ int dev=major(buf.st_rdev);
+ if (dev > 135 && dev < 144) {
+ return 1;
+ } else {
+ return 0;
+ }
+ }
+ return 0;
+}
+
/**
* Construct from the current range and specified desired level a resulting
* range. If the specified level is a range, return that. If it is not, then
@@ -733,6 +747,7 @@
security_context_t *new_context,
int *preserve_environment)
{
+ int i; /* index for open file descriptors */
int flag_index; /* flag index in argv[] */
int clflag; /* holds codes for command line flags */
char *role_s = NULL; /* role spec'd by user in argv[] */
@@ -793,6 +808,13 @@
"specified\n"));
return -1;
}
+ for (i=0; i < 3; i++) {
+ if (check_isapty(i)) {
+ fprintf(stderr, "Error: you are not allowed to change levels on pseudo terminals\n");
+ return -1;
+ }
+ }
+
level_s = optarg;
break;
default:
diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/restorecond/restorecond.c policycoreutils-1.33.7/restorecond/restorecond.c
--- nsapolicycoreutils/restorecond/restorecond.c 2006-11-16 17:14:28.000000000 -0500
+++ policycoreutils-1.33.7/restorecond/restorecond.c 2007-01-04 16:24:30.000000000 -0500
@@ -210,9 +210,10 @@
}
if (fsetfilecon(fd, scontext) < 0) {
- syslog(LOG_ERR,
- "set context %s->%s failed:'%s'\n",
- filename, scontext, strerror(errno));
+ if (errno != EOPNOTSUPP)
+ syslog(LOG_ERR,
+ "set context %s->%s failed:'%s'\n",
+ filename, scontext, strerror(errno));
if (retcontext >= 0)
free(prev_context);
free(scontext);
@@ -225,8 +226,9 @@
if (retcontext >= 0)
free(prev_context);
} else {
- syslog(LOG_ERR, "get context on %s failed: '%s'\n",
- filename, strerror(errno));
+ if (errno != EOPNOTSUPP)
+ syslog(LOG_ERR, "get context on %s failed: '%s'\n",
+ filename, strerror(errno));
}
free(scontext);
close(fd);
diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/restorecond/restorecond.conf policycoreutils-1.33.7/restorecond/restorecond.conf
--- nsapolicycoreutils/restorecond/restorecond.conf 2006-11-20 12:19:55.000000000 -0500
+++ policycoreutils-1.33.7/restorecond/restorecond.conf 2007-01-04 16:24:30.000000000 -0500
@@ -1,4 +1,5 @@
/etc/resolv.conf
+/etc/localtime
/etc/samba/secrets.tdb
/etc/mtab
/var/run/utmp
diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/scripts/fixfiles policycoreutils-1.33.7/scripts/fixfiles
--- nsapolicycoreutils/scripts/fixfiles 2006-11-16 17:14:27.000000000 -0500
+++ policycoreutils-1.33.7/scripts/fixfiles 2007-01-04 16:24:30.000000000 -0500
@@ -29,6 +29,9 @@
RPMILES=""
OUTFILES=""
LOGFILE=`tty`
+if [ $? != 0 ]; then
+ LOGFILE="/dev/null"
+fi
SYSLOGFLAG="-l"
LOGGER=/usr/sbin/logger
SETFILES=/sbin/setfiles
diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/semanage/seobject.py policycoreutils-1.33.7/semanage/seobject.py
--- nsapolicycoreutils/semanage/seobject.py 2006-11-16 17:14:26.000000000 -0500
+++ policycoreutils-1.33.7/semanage/seobject.py 2007-01-04 16:24:30.000000000 -0500
@@ -94,23 +94,25 @@
return re.search("^" + reg +"$",raw)
def translate(raw, prepend = 1):
- if prepend == 1:
- context = "a:b:c:%s" % raw
+ filler="a:b:c:"
+ if prepend == 1:
+ context = "%s%s" % (filler,raw)
else:
context = raw
- (rc, trans) = selinux.selinux_raw_to_trans_context(context)
+ (rc, trans) = selinux.selinux_raw_to_trans_context(context)
if rc != 0:
return raw
if prepend:
- trans = trans.strip("a:b:c")
+ trans = trans[len(filler):]
if trans == "":
return raw
else:
return trans
def untranslate(trans, prepend = 1):
+ filler="a:b:c:"
if prepend == 1:
- context = "a:b:c:%s" % trans
+ context = "%s%s" % (filler,trans)
else:
context = trans
@@ -118,7 +120,7 @@
if rc != 0:
return trans
if prepend:
- raw = raw.strip("a:b:c")
+ raw = raw[len(filler):]
if raw == "":
return trans
else:
@@ -157,7 +159,7 @@
def out(self):
rec = ""
for c in self.comments:
- rec += c +"\n"
+ rec += c
keys = self.ddict.keys()
keys.sort()
for k in keys:
@@ -204,7 +206,8 @@
os.write(fd, self.out())
os.close(fd)
os.rename(newfilename, self.filename)
-
+ os.system("/sbin/service mcstrans reload > /dev/null")
+
class semanageRecords:
def __init__(self):
self.sh = semanage_handle_create()
@@ -456,7 +459,8 @@
rc = semanage_user_set_mlslevel(self.sh, u, selevel)
if rc < 0:
raise ValueError(_("Could not set MLS level for %s") % name)
-
+ if selinux.security_check_context("system_u:object_r:%s_home_t:s0" % prefix) != 0:
+ raise ValueError(_("Invalid prefix %s") % prefix)
rc = semanage_user_set_prefix(self.sh, u, prefix)
if rc < 0:
raise ValueError(_("Could not add prefix %s for %s") % (r, prefix))
@@ -522,11 +526,17 @@
semanage_user_set_mlslevel(self.sh, u, untranslate(selevel))
if prefix != "":
- semanage_user_set_prefix(self.sh, u, prefix)
+ if selinux.security_check_context("system_u:object_r:%s_home_t" % prefix) != 0:
+ raise ValueError(_("Invalid prefix %s") % prefix)
+ semanage_user_set_prefix(self.sh, u, prefix)
if len(roles) != 0:
- for r in roles:
- semanage_user_add_role(self.sh, u, r)
+ for r in rlist:
+ if r not in roles:
+ semanage_user_del_role(u, r)
+ for r in roles:
+ if r not in rlist:
+ semanage_user_add_role(self.sh, u, r)
rc = semanage_begin_transaction(self.sh)
if rc < 0: