* Mon Apr 9 2007 Dan Walsh <dwalsh@redhat.com> 2.0.7-11

- Don't generate invalid context with genhomedircon

policycoreutils-rhat.patch

@@ -132,6 +132,29 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.7 --exclude=gui --exclude=po
  exit $?
  }
  
+diff --exclude-from=exclude --exclude=sepolgen-1.0.7 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/genhomedircon policycoreutils-2.0.7/scripts/genhomedircon
+--- nsapolicycoreutils/scripts/genhomedircon	2006-11-28 09:24:33.000000000 -0500
++++ policycoreutils-2.0.7/scripts/genhomedircon	2007-04-09 15:44:47.000000000 -0400
+@@ -26,6 +26,7 @@
+ 
+ import sys, os, pwd, string, getopt, re
+ from semanage import *;
++import selinux
+ import gettext
+ gettext.install('policycoreutils')
+ 
+@@ -249,7 +250,10 @@
+ 				i = i.replace("HOME_DIR", home)
+ 				i = i.replace("ROLE", prefix)
+ 				i = i.replace("system_u", seuser)
+-				ret = ret+i
++				# Validate if the generated context exists.  Some user types may not exist
++				scon = i.split()[-1]
++				if selinux.security_check_context(scon) == 0:
++					ret = ret+i
+ 		fd.close()
+ 		return ret
+ 
 diff --exclude-from=exclude --exclude=sepolgen-1.0.7 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/seobject.py policycoreutils-2.0.7/semanage/seobject.py
 --- nsapolicycoreutils/semanage/seobject.py	2007-02-22 08:53:22.000000000 -0500
 +++ policycoreutils-2.0.7/semanage/seobject.py	2007-03-23 09:03:56.000000000 -0400

policycoreutils.spec

@@ -6,7 +6,7 @@
 Summary: SELinux policy core utilities.
 Name: policycoreutils
 Version: 2.0.7
-Release: 10%{?dist}
+Release: 11%{?dist}
 License: GPL
 Group: System Environment/Base
 Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz
@@ -186,6 +186,9 @@ if [ "$1" -ge "1" ]; then
 fi
 
 %changelog
+* Mon Apr 9 2007 Dan Walsh <dwalsh@redhat.com> 2.0.7-11
+- Don't generate invalid context with genhomedircon
+
 * Mon Apr 9 2007 Dan Walsh <dwalsh@redhat.com> 2.0.7-10
 - Add filter to booleans page