diff --git a/policycoreutils-gui.patch b/policycoreutils-gui.patch
index 0790960..66c64b7 100644
--- a/policycoreutils-gui.patch
+++ b/policycoreutils-gui.patch
@@ -1,7 +1,7 @@
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/booleansPage.py policycoreutils-2.0.7/gui/booleansPage.py
--- nsapolicycoreutils/gui/booleansPage.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.7/gui/booleansPage.py 2007-03-01 17:37:41.000000000 -0500
-@@ -0,0 +1,199 @@
++++ policycoreutils-2.0.7/gui/booleansPage.py 2007-03-17 12:13:24.000000000 -0400
+@@ -0,0 +1,202 @@
+#
+# booleansPage.py - GUI for Booleans page in system-config-securitylevel
+#
@@ -175,6 +175,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/booleansPage.py poli
+ self.booleansView.append_column(col)
+ self.refreshBooleans()
+
++ def use_menus(self):
++ return False
++
+ def get_description(self):
+ return _("Boolean")
+
@@ -203,8 +206,8 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/booleansPage.py poli
+ commands.getstatusoutput(setsebool)
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/fcontextPage.py policycoreutils-2.0.7/gui/fcontextPage.py
--- nsapolicycoreutils/gui/fcontextPage.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.7/gui/fcontextPage.py 2007-03-01 17:37:41.000000000 -0500
-@@ -0,0 +1,172 @@
++++ policycoreutils-2.0.7/gui/fcontextPage.py 2007-03-17 12:13:24.000000000 -0400
+@@ -0,0 +1,185 @@
+## fcontextPage.py - show selinux mappings
+## Copyright (C) 2006 Red Hat, Inc.
+
@@ -229,8 +232,13 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/fcontextPage.py poli
+import libxml2
+import gobject
+import seobject
++import commands
+from semanagePage import *;
+
++SPEC_COL = 0
++TYPE_COL = 1
++FTYPE_COL = 2
++
+class context:
+ def __init__(self, scontext):
+ self.scontext = scontext
@@ -268,22 +276,22 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/fcontextPage.py poli
+ self.view.set_model(self.store)
+# self.store.set_sort_column_id(0, gtk.SORT_ASCENDING)
+
-+ col = gtk.TreeViewColumn(_("File\nSpecification"), gtk.CellRendererText(), text=0)
++ col = gtk.TreeViewColumn(_("File\nSpecification"), gtk.CellRendererText(), text=SPEC_COL)
+ col.set_sizing(gtk.TREE_VIEW_COLUMN_FIXED)
+ col.set_fixed_width(250)
+
-+ col.set_sort_column_id(0)
++ col.set_sort_column_id(SPEC_COL)
+ col.set_resizable(True)
+ self.view.append_column(col)
-+ col = gtk.TreeViewColumn(_("Selinux\nFile Context"), gtk.CellRendererText(), text=1)
++ col = gtk.TreeViewColumn(_("Selinux\nFile Context"), gtk.CellRendererText(), text=TYPE_COL)
+
+ col.set_sizing(gtk.TREE_VIEW_COLUMN_FIXED)
+ col.set_fixed_width(250)
-+ col.set_sort_column_id(1)
++ col.set_sort_column_id(TYPE_COL)
+ col.set_resizable(True)
+ self.view.append_column(col)
+ col = gtk.TreeViewColumn(_("File\nType"), gtk.CellRendererText(), text=2)
-+ col.set_sort_column_id(2)
++ col.set_sort_column_id(FTYPE_COL)
+ col.set_resizable(True)
+ self.view.append_column(col)
+ self.load()
@@ -305,8 +313,8 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/fcontextPage.py poli
+ self.store.clear()
+ for fcon in fcon_list:
+ iter=self.store.append()
-+ self.store.set_value(iter, 0, fcon[0])
-+ self.store.set_value(iter, 2, fcon[1])
++ self.store.set_value(iter, SPEC_COL, fcon[0])
++ self.store.set_value(iter, FTYPE_COL, fcon[1])
+ if len(fcon) > 3:
+ rec="%s:%s:%s:%s " % (fcon[2], fcon[3],fcon[4], seobject.translate(fcon[5],False))
+ else:
@@ -316,13 +324,13 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/fcontextPage.py poli
+
+ def dialogInit(self):
+ store, iter = self.view.get_selection().get_selected()
-+ self.fcontextEntry.set_text(store.get_value(iter, 0))
++ self.fcontextEntry.set_text(store.get_value(iter, SPEC_COL))
+ self.fcontextEntry.set_sensitive(False)
-+ scontext = store.get_value(iter, 1)
++ scontext = store.get_value(iter, TYPE_COL)
+ scon=context(scontext)
+ self.fcontextTypeEntry.set_text(scon.type)
+ self.fcontextMLSEntry.set_text(scon.mls)
-+ type=store.get_value(iter, 2)
++ type=store.get_value(iter, FTYPE_COL)
+ liststore=self.fcontextFileTypeCombo.get_model()
+ iter = liststore.get_iter_first()
+ while iter != None and liststore.get_value(iter,0) != type:
@@ -341,9 +349,12 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/fcontextPage.py poli
+ def delete(self):
+ store, iter = self.view.get_selection().get_selected()
+ try:
-+ fspec=store.get_value(iter, 0)
-+ type=store.get_value(iter, 1)
-+ self.fcontext.delete(fspec, type)
++ fspec=store.get_value(iter, SPEC_COL)
++ ftype=store.get_value(iter, FTYPE_COL)
++ (rc, out) = commands.getstatusoutput("semanage fcontext -d -f '%s' %s" % (ftype, fspec))
++
++ if rc != 0:
++ return self.error(out)
+ store.remove(iter)
+ self.view.get_selection().select_path ((0,))
+ except ValueError, e:
@@ -356,13 +367,15 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/fcontextPage.py poli
+ list_model=self.fcontextFileTypeCombo.get_model()
+ iter = self.fcontextFileTypeCombo.get_active_iter()
+ ftype=list_model.get_value(iter,0)
-+
-+ self.fcontext.add(fspec, type, ftype, mls)
-+
++ (rc, out) = commands.getstatusoutput("semanage fcontext -a -t %s -r %s -f '%s' %s" % (type, mls, ftype, fspec))
++ if rc != 0:
++ self.error(out)
++ return False
++
+ iter=self.store.append()
-+ self.store.set_value(iter, 0, fspec)
-+ self.store.set_value(iter, 2, ftype)
-+ self.store.set_value(iter, 1, "system_u:object_r:%s:%s" % (type, mls))
++ self.store.set_value(iter, SPEC_COL, fspec)
++ self.store.set_value(iter, FTYPE_COL, ftype)
++ self.store.set_value(iter, TYPE_COL, "system_u:object_r:%s:%s" % (type, mls))
+
+ def modify(self):
+ fspec=self.fcontextEntry.get_text().strip()
@@ -371,16 +384,19 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/fcontextPage.py poli
+ list_model=self.fcontextFileTypeCombo.get_model()
+ iter = self.fcontextFileTypeCombo.get_active_iter()
+ ftype=list_model.get_value(iter,0)
-+ self.fcontext.modify(fspec, type, ftype, mls, "")
++ (rc, out) = commands.getstatusoutput("semanage fcontext -m -t %s -r %s -f '%s' %s" % (type, mls, ftype, fspec))
++ if rc != 0:
++ self.error(out)
++ return False
+
+ store, iter = self.view.get_selection().get_selected()
-+ self.store.set_value(iter, 0, fspec)
-+ self.store.set_value(iter, 2, ftype)
-+ self.store.set_value(iter, 1, "system_u:object_r:%s:%s" % (type, mls))
++ self.store.set_value(iter, SPEC_COL, fspec)
++ self.store.set_value(iter, FTYPE_COL, ftype)
++ self.store.set_value(iter, TYPE_COL, "system_u:object_r:%s:%s" % (type, mls))
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/loginsPage.py policycoreutils-2.0.7/gui/loginsPage.py
--- nsapolicycoreutils/gui/loginsPage.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.7/gui/loginsPage.py 2007-03-01 17:37:41.000000000 -0500
-@@ -0,0 +1,161 @@
++++ policycoreutils-2.0.7/gui/loginsPage.py 2007-03-17 12:13:24.000000000 -0400
+@@ -0,0 +1,173 @@
+## loginsPage.py - show selinux mappings
+## Copyright (C) 2006 Red Hat, Inc.
+
@@ -406,6 +422,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/loginsPage.py policy
+import libxml2
+import gobject
+import sys
++import commands
+import seobject
+from semanagePage import *;
+
@@ -508,7 +525,10 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/loginsPage.py policy
+ if login == "root" or login == "__default__":
+ raise ValueError(_("Login '%s' is required") % login)
+
-+ self.login.delete(login)
++ (rc, out) = commands.getstatusoutput("semanage login -d %s" % login)
++ if rc != 0:
++ self.error(out)
++ return False
+ store.remove(iter)
+ self.view.get_selection().select_path ((0,))
+ except ValueError, e:
@@ -522,7 +542,11 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/loginsPage.py policy
+ list_model=self.loginsSelinuxUserCombo.get_model()
+ iter = self.loginsSelinuxUserCombo.get_active_iter()
+ seuser = list_model.get_value(iter,0)
-+ self.login.add(target, seuser, serange)
++ (rc, out) = commands.getstatusoutput("semanage login -a -s %s -r %s %s" % (seuser, serange, target))
++ if rc != 0:
++ self.error(out)
++ return False
++
+ iter = self.store.append()
+ self.store.set_value(iter, 0, target)
+ self.store.set_value(iter, 1, seuser)
@@ -536,7 +560,11 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/loginsPage.py policy
+ list_model = self.loginsSelinuxUserCombo.get_model()
+ iter = self.loginsSelinuxUserCombo.get_active_iter()
+ seuser=list_model.get_value(iter,0)
-+ self.login.modify(target, seuser, serange)
++ (rc, out) = commands.getstatusoutput("semanage login -m -s %s -r %s %s" % (seuser, serange, target))
++ if rc != 0:
++ self.error(out)
++ return False
++
+ store, iter = self.view.get_selection().get_selected()
+ self.store.set_value(iter, 0, target)
+ self.store.set_value(iter, 1, seuser)
@@ -578,7 +606,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/Makefile policycoreu
+relabel:
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/mappingsPage.py policycoreutils-2.0.7/gui/mappingsPage.py
--- nsapolicycoreutils/gui/mappingsPage.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.7/gui/mappingsPage.py 2007-03-01 17:37:41.000000000 -0500
++++ policycoreutils-2.0.7/gui/mappingsPage.py 2007-03-17 12:13:24.000000000 -0400
@@ -0,0 +1,54 @@
+## mappingsPage.py - show selinux mappings
+## Copyright (C) 2006 Red Hat, Inc.
@@ -636,8 +664,8 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/mappingsPage.py poli
+
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/modulesPage.py policycoreutils-2.0.7/gui/modulesPage.py
--- nsapolicycoreutils/gui/modulesPage.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.7/gui/modulesPage.py 2007-03-01 17:37:41.000000000 -0500
-@@ -0,0 +1,161 @@
++++ policycoreutils-2.0.7/gui/modulesPage.py 2007-03-17 12:13:24.000000000 -0400
+@@ -0,0 +1,170 @@
+## modulesPage.py - show selinux mappings
+## Copyright (C) 2006 Red Hat, Inc.
+
@@ -697,6 +725,8 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/modulesPage.py polic
+ self.enable_audit_button.connect("clicked", self.enable_audit)
+ self.disable_audit_button = xml.get_widget("disableAuditButton")
+ self.disable_audit_button.connect("clicked", self.disable_audit)
++ self.new_button = xml.get_widget("newModuleButton")
++ self.new_button.connect("clicked", self.new_module)
+ col.set_sort_column_id(1)
+ col.set_resizable(True)
+ self.view.append_column(col)
@@ -730,11 +760,18 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/modulesPage.py polic
+
+ self.view.get_selection().select_path ((0,))
+
++
++ def new_module(self, args):
++ try:
++ os.spawnl(os.P_NOWAIT, "/usr/share/system-config-selinux/polgengui.py")
++ except ValueError, e:
++ self.error(e.args[0])
++
+ def delete(self):
+ store, iter = self.view.get_selection().get_selected()
+ module = store.get_value(iter, 0)
+ try:
-+ status, output =commands.getstatusoutput("semodule -r %s" % module)
++ status, output = commands.getstatusoutput("semodule -r %s" % module)
+ if status != 0:
+ self.error(output)
+ else:
@@ -799,10 +836,1746 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/modulesPage.py polic
+
+
+
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.glade policycoreutils-2.0.7/gui/polgen.glade
+--- nsapolicycoreutils/gui/polgen.glade 1969-12-31 19:00:00.000000000 -0500
++++ policycoreutils-2.0.7/gui/polgen.glade 2007-03-19 10:45:44.000000000 -0400
+@@ -0,0 +1,1107 @@
++
++
++
++
++
++
++ True
++ Selinux Policy Generation Tool
++ GTK_WINDOW_TOPLEVEL
++ GTK_WIN_POS_MOUSE
++ False
++ True
++ False
++ True
++ False
++ False
++ GDK_WINDOW_TYPE_HINT_NORMAL
++ GDK_GRAVITY_NORTH_WEST
++ True
++ False
++
++
++
++ True
++ False
++ 0
++
++
++
++ True
++ 5
++ 4
++ False
++ 0
++ 0
++
++
++
++ True
++ Name
++ False
++ False
++ GTK_JUSTIFY_LEFT
++ False
++ False
++ 0
++ 0.5
++ 0
++ 0
++ PANGO_ELLIPSIZE_NONE
++ -1
++ False
++ 0
++
++
++ 0
++ 1
++ 0
++ 1
++ fill
++
++
++
++
++
++
++ True
++ Executable
++ False
++ False
++ GTK_JUSTIFY_LEFT
++ False
++ False
++ 0
++ 0.5
++ 0
++ 0
++ PANGO_ELLIPSIZE_NONE
++ -1
++ False
++ 0
++
++
++ 0
++ 1
++ 1
++ 2
++ 5
++ fill
++
++
++
++
++
++
++ True
++ Application Type
++ False
++ False
++ GTK_JUSTIFY_LEFT
++ False
++ False
++ 0
++ 0.5
++ 0
++ 0
++ PANGO_ELLIPSIZE_NONE
++ -1
++ False
++ 0
++
++
++ 0
++ 1
++ 2
++ 3
++ fill
++
++
++
++
++
++
++ True
++ True
++ ...
++ True
++ GTK_RELIEF_NORMAL
++ True
++
++
++
++ 3
++ 4
++ 1
++ 2
++ fill
++
++
++
++
++
++
++ True
++ Enter path to executable to be confined.
++ True
++ True
++ True
++ 0
++
++ True
++ •
++ False
++
++
++ 1
++ 3
++ 1
++ 2
++
++
++
++
++
++
++ True
++ Standard Daemon (init)
++Internet services daemon (inetd)
++User Application
++Web Script (CGI)
++ False
++ True
++
++
++ 1
++ 4
++ 2
++ 3
++ fill
++ fill
++
++
++
++
++
++ True
++ Enter unigue policy type name for confined application.
++ True
++ True
++ True
++ 0
++
++ True
++ •
++ False
++
++
++ 1
++ 4
++ 0
++ 1
++
++
++
++
++
++
++ True
++ 0
++ 0.5
++ GTK_SHADOW_NONE
++
++
++
++ True
++ 0.5
++ 0.5
++ 1
++ 1
++ 0
++ 0
++ 12
++ 0
++
++
++
++ True
++ 2
++ 2
++ False
++ 0
++ 0
++
++
++
++ True
++ TCP Ports
++ False
++ False
++ GTK_JUSTIFY_LEFT
++ False
++ False
++ 0
++ 0.5
++ 0
++ 0
++ PANGO_ELLIPSIZE_NONE
++ -1
++ False
++ 0
++
++
++ 0
++ 1
++ 0
++ 1
++ fill
++
++
++
++
++
++
++ True
++ UDP Ports
++ False
++ False
++ GTK_JUSTIFY_LEFT
++ False
++ False
++ 0
++ 0.5
++ 0
++ 0
++ PANGO_ELLIPSIZE_NONE
++ -1
++ False
++ 0
++
++
++ 0
++ 1
++ 1
++ 2
++ fill
++
++
++
++
++
++
++ True
++ Enter a comma separated list of network ports.
++ True
++ True
++ True
++ 0
++
++ True
++ •
++ False
++
++
++ 1
++ 2
++ 0
++ 1
++
++
++
++
++
++
++ True
++ Enter a comma separated list of network ports.
++ True
++ True
++ True
++ 0
++
++ True
++ •
++ False
++
++
++ 1
++ 2
++ 1
++ 2
++
++
++
++
++
++
++
++
++
++
++ True
++ <b>Incoming Network Connections</b>
++ False
++ True
++ GTK_JUSTIFY_LEFT
++ False
++ False
++ 0.5
++ 0.5
++ 0
++ 0
++ PANGO_ELLIPSIZE_NONE
++ -1
++ False
++ 0
++
++
++ label_item
++
++
++
++
++ 0
++ 4
++ 3
++ 4
++ fill
++
++
++
++
++
++ True
++ 0
++ 0.5
++ GTK_SHADOW_NONE
++
++
++
++ True
++ 0.5
++ 0.5
++ 1
++ 1
++ 0
++ 0
++ 12
++ 0
++
++
++
++ True
++ 2
++ 2
++ False
++ 0
++ 0
++
++
++
++ True
++ TCP Ports
++ False
++ False
++ GTK_JUSTIFY_LEFT
++ False
++ False
++ 0
++ 0.5
++ 0
++ 0
++ PANGO_ELLIPSIZE_NONE
++ -1
++ False
++ 0
++
++
++ 0
++ 1
++ 0
++ 1
++ fill
++
++
++
++
++
++
++ True
++ UDP Ports
++ False
++ False
++ GTK_JUSTIFY_LEFT
++ False
++ False
++ 0
++ 0.5
++ 0
++ 0
++ PANGO_ELLIPSIZE_NONE
++ -1
++ False
++ 0
++
++
++ 0
++ 1
++ 1
++ 2
++ fill
++
++
++
++
++
++
++ True
++ Enter a comma separated list of network ports.
++ True
++ True
++ True
++ 0
++
++ True
++ •
++ False
++
++
++ 1
++ 2
++ 0
++ 1
++
++
++
++
++
++
++ True
++ Enter a comma separated list of network ports.
++ True
++ True
++ True
++ 0
++
++ True
++ •
++ False
++
++
++ 1
++ 2
++ 1
++ 2
++
++
++
++
++
++
++
++
++
++
++ True
++ <b>Outgoing Network Connections</b>
++ False
++ True
++ GTK_JUSTIFY_LEFT
++ False
++ False
++ 0.5
++ 0.5
++ 0
++ 0
++ PANGO_ELLIPSIZE_NONE
++ -1
++ False
++ 0
++
++
++ label_item
++
++
++
++
++ 0
++ 4
++ 4
++ 5
++ fill
++
++
++
++
++ 2
++ False
++ True
++
++
++
++
++
++ True
++ True
++ 0
++
++
++
++ True
++ Generates temporary files in /tmp or /var/tmp.
++ True
++ Uses Tmp Files
++ True
++ GTK_RELIEF_NORMAL
++ True
++ False
++ False
++ True
++
++
++ 0
++ False
++ False
++
++
++
++
++
++ True
++ Check this box if your application uses UIDs or GIDs.
++ True
++ Translates UIDs/GIDs
++ True
++ GTK_RELIEF_NORMAL
++ True
++ False
++ False
++ True
++
++
++ 0
++ False
++ False
++
++
++
++
++
++ True
++ Check this box it your application uses pam for authentication.
++ True
++ Supports Pam
++ True
++ GTK_RELIEF_NORMAL
++ True
++ False
++ False
++ True
++
++
++ 0
++ False
++ False
++
++
++
++
++ 0
++ True
++ True
++
++
++
++
++
++ True
++ 0
++ 0.5
++ GTK_SHADOW_NONE
++
++
++
++ True
++ 0.5
++ 0.5
++ 1
++ 1
++ 0
++ 0
++ 12
++ 0
++
++
++
++ True
++ False
++ 0
++
++
++
++ True
++ False
++ 0
++
++
++
++ True
++ True
++ GTK_RELIEF_NORMAL
++ True
++
++
++
++
++ True
++ 0.5
++ 0.5
++ 0
++ 0
++ 0
++ 0
++ 0
++ 0
++
++
++
++ True
++ False
++ 2
++
++
++
++ True
++ gtk-add
++ 4
++ 0.5
++ 0.5
++ 0
++ 0
++
++
++ 0
++ False
++ False
++
++
++
++
++
++ True
++ Add File
++ True
++ False
++ GTK_JUSTIFY_LEFT
++ False
++ False
++ 0.5
++ 0.5
++ 0
++ 0
++ PANGO_ELLIPSIZE_NONE
++ -1
++ False
++ 0
++
++
++ 0
++ False
++ False
++
++
++
++
++
++
++
++
++ 0
++ False
++ False
++
++
++
++
++
++ True
++ True
++ GTK_RELIEF_NORMAL
++ True
++
++
++
++
++ True
++ 0.5
++ 0.5
++ 0
++ 0
++ 0
++ 0
++ 0
++ 0
++
++
++
++ True
++ False
++ 2
++
++
++
++ True
++ gtk-add
++ 4
++ 0.5
++ 0.5
++ 0
++ 0
++
++
++ 0
++ False
++ False
++
++
++
++
++
++ True
++ Add Directory
++ True
++ False
++ GTK_JUSTIFY_LEFT
++ False
++ False
++ 0.5
++ 0.5
++ 0
++ 0
++ PANGO_ELLIPSIZE_NONE
++ -1
++ False
++ 0
++
++
++ 0
++ False
++ False
++
++
++
++
++
++
++
++
++ 0
++ False
++ False
++
++
++
++
++
++ True
++ True
++ gtk-delete
++ True
++ GTK_RELIEF_NORMAL
++ True
++
++
++
++
++ 0
++ False
++ False
++
++
++
++
++ 4
++ False
++ True
++
++
++
++
++
++ True
++ True
++ GTK_POLICY_NEVER
++ GTK_POLICY_NEVER
++ GTK_SHADOW_IN
++ GTK_CORNER_TOP_LEFT
++
++
++
++ True
++ GTK_SHADOW_IN
++
++
++
++ True
++ False
++ 0
++
++
++
++ True
++ True
++ GTK_POLICY_ALWAYS
++ GTK_POLICY_ALWAYS
++ GTK_SHADOW_IN
++ GTK_CORNER_TOP_LEFT
++
++
++
++ True
++ Add Files/Directories that this application will need to "Write" to. Pid Files, Log Files, /var/lib Files ...
++ True
++ False
++ False
++ False
++ True
++ False
++ False
++ False
++
++
++
++
++ 0
++ True
++ True
++
++
++
++
++
++
++
++
++ 0
++ True
++ True
++
++
++
++
++
++
++
++
++
++ True
++ <b>File/Directories modified by this executable</b>
++ False
++ True
++ GTK_JUSTIFY_LEFT
++ False
++ False
++ 0.5
++ 0.5
++ 0
++ 0
++ PANGO_ELLIPSIZE_NONE
++ -1
++ False
++ 0
++
++
++ label_item
++
++
++
++
++ 0
++ True
++ True
++
++
++
++
++
++ True
++ GTK_BUTTONBOX_END
++ 0
++
++
++
++ True
++ True
++ True
++ gtk-close
++ True
++ GTK_RELIEF_NORMAL
++ True
++
++
++
++
++
++
++ True
++ True
++ True
++ GTK_RELIEF_NORMAL
++ True
++
++
++
++
++ True
++ 0.5
++ 0.5
++ 0
++ 0
++ 0
++ 0
++ 0
++ 0
++
++
++
++ True
++ False
++ 2
++
++
++
++ True
++ gtk-apply
++ 4
++ 0.5
++ 0.5
++ 0
++ 0
++
++
++ 0
++ False
++ False
++
++
++
++
++
++ True
++ Generate
++ True
++ False
++ GTK_JUSTIFY_LEFT
++ False
++ False
++ 0.5
++ 0.5
++ 0
++ 0
++ PANGO_ELLIPSIZE_NONE
++ -1
++ False
++ 0
++
++
++ 0
++ False
++ False
++
++
++
++
++
++
++
++
++
++
++ 7
++ False
++ True
++
++
++
++
++
++
++
++ GTK_FILE_CHOOSER_ACTION_OPEN
++ True
++ True
++ True
++ False
++ GTK_WINDOW_TOPLEVEL
++ GTK_WIN_POS_MOUSE
++ False
++ True
++ False
++ True
++ False
++ False
++ GDK_WINDOW_TYPE_HINT_DIALOG
++ GDK_GRAVITY_NORTH_WEST
++ True
++ False
++
++
++
++ True
++ False
++ 24
++
++
++
++ True
++ GTK_BUTTONBOX_END
++
++
++
++ True
++ True
++ True
++ gtk-cancel
++ True
++ GTK_RELIEF_NORMAL
++ True
++ -6
++
++
++
++
++
++ True
++ True
++ True
++ True
++ gtk-add
++ True
++ GTK_RELIEF_NORMAL
++ True
++ -5
++
++
++
++
++ 0
++ False
++ True
++ GTK_PACK_END
++
++
++
++
++
++
++
++ False
++ Polgen
++ Red Hat 2007
++ GPL
++ False
++ www.redhat.com
++ Daniel Walsh <dwalsh@redhat.com>
++ translator-credits
++
++
++
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgengui.py policycoreutils-2.0.7/gui/polgengui.py
+--- nsapolicycoreutils/gui/polgengui.py 1969-12-31 19:00:00.000000000 -0500
++++ policycoreutils-2.0.7/gui/polgengui.py 2007-03-17 12:13:24.000000000 -0400
+@@ -0,0 +1,207 @@
++#!/usr/bin/python
++#
++# system-config-selinux.py - GUI for SELinux Config tool in system-config-selinux
++#
++# Dan Walsh
++#
++# Copyright 2007 Red Hat, Inc.
++#
++# This program is free software; you can redistribute it and/or modify
++# it under the terms of the GNU General Public License as published by
++# the Free Software Foundation; either version 2 of the License, or
++# (at your option) any later version.
++#
++# This program is distributed in the hope that it will be useful,
++# but WITHOUT ANY WARRANTY; without even the implied warranty of
++# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
++# GNU General Public License for more details.
++#
++# You should have received a copy of the GNU General Public License
++# along with this program; if not, write to the Free Software
++# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
++#
++import signal
++import string
++import gtk
++import gtk.glade
++import os
++import libxml2
++import gobject
++import gnome
++import sys
++import polgen
++
++##
++## I18N
++##
++PROGNAME="system-config-selinux"
++
++import gettext
++gettext.bindtextdomain(PROGNAME, "/usr/share/locale")
++gettext.textdomain(PROGNAME)
++try:
++ gettext.install(PROGNAME, localedir="/usr/share/locale", unicode=1)
++except IOError:
++ import __builtin__
++ __builtin__.__dict__['_'] = unicode
++
++gnome.program_init("SELinux Poligy Generation Tool", "5")
++
++version = "1.0"
++
++sys.path.append('/usr/share/system-config-selinux')
++sys.path.append('.')
++
++##
++## Pull in the Glade file
++##
++if os.access("polgen.glade", os.F_OK):
++ xml = gtk.glade.XML ("polgen.glade", domain=PROGNAME)
++else:
++ xml = gtk.glade.XML ("/usr/share/system-config-selinux/polgen.glade", domain=PROGNAME)
++
++FILE = 1
++DIR = 2
++class childWindow:
++ def __init__(self):
++ self.xml = xml
++ xml.signal_connect("on_close_clicked", self.quit)
++ xml.signal_connect("on_delete_clicked", self.delete)
++ xml.signal_connect("on_exec_select_clicked", self.exec_select)
++ xml.signal_connect("on_add_clicked", self.add)
++ xml.signal_connect("on_add_dir_clicked", self.add_dir)
++ xml.signal_connect("on_generate_clicked", self.generate_policy)
++ xml.signal_connect("on_about_clicked", self.on_about_clicked)
++
++ def verify(self, message, title="" ):
++ dlg = gtk.MessageDialog(None, 0, gtk.MESSAGE_INFO,
++ gtk.BUTTONS_YES_NO,
++ message)
++ dlg.set_title(title)
++ dlg.set_position(gtk.WIN_POS_MOUSE)
++ dlg.show_all()
++ rc = dlg.run()
++ dlg.destroy()
++ return rc
++
++ def info(self, message):
++ dlg = gtk.MessageDialog(None, 0, gtk.MESSAGE_INFO,
++ gtk.BUTTONS_OK,
++ message)
++ dlg.set_position(gtk.WIN_POS_MOUSE)
++ dlg.show_all()
++ dlg.run()
++ dlg.destroy()
++
++ def error(self, message):
++ dlg = gtk.MessageDialog(None, 0, gtk.MESSAGE_ERROR,
++ gtk.BUTTONS_CLOSE,
++ message)
++ dlg.set_position(gtk.WIN_POS_MOUSE)
++ dlg.show_all()
++ dlg.run()
++ dlg.destroy()
++
++ def generate_policy(self, args):
++ try:
++ my_policy=polgen.policy(self.name_entry.get_text(), self.exec_entry.get_text(), self.type_combobox.get_active())
++ my_policy.set_in_tcp(self.in_tcp_entry.get_text())
++ my_policy.set_in_udp(self.in_udp_entry.get_text())
++ my_policy.set_out_tcp(self.out_tcp_entry.get_text())
++ my_policy.set_out_udp(self.out_udp_entry.get_text())
++ my_policy.set_use_tmp(self.tmp_checkbutton.get_active() == 1)
++ my_policy.set_use_uid(self.uid_checkbutton.get_active() == 1)
++
++ iter= self.store.get_iter_first()
++ while(iter):
++ if self.store.get_value(iter, 1) == FILE:
++ my_policy.add_file(self.store.get_value(iter, 0))
++ else:
++ my_policy.add_dir(self.store.get_value(iter, 0))
++ iter= self.store.iter_next(iter)
++
++ self.info(my_policy.generate())
++ except ValueError, e:
++ self.error(e.message)
++
++ def delete(self, args):
++ store, iter = self.view.get_selection().get_selected()
++ if iter != None:
++ store.remove(iter)
++ self.view.get_selection().select_path ((0,))
++
++ def __add(self,type):
++ self.file_dialog.set_select_multiple(1)
++ rc = self.file_dialog.run()
++ self.file_dialog.hide()
++ if rc == gtk.RESPONSE_CANCEL:
++ return
++ for i in self.file_dialog.get_filenames():
++ iter = self.store.append()
++ self.store.set_value(iter, 0, i)
++ self.store.set_value(iter, 1, type)
++
++ def exec_select(self, args):
++ self.file_dialog.set_select_multiple(0)
++ self.file_dialog.set_title(_("Select executable file to be confined."))
++ self.file_dialog.set_action(gtk.FILE_CHOOSER_ACTION_SAVE)
++ rc = self.file_dialog.run()
++ self.file_dialog.hide()
++ if rc == gtk.RESPONSE_CANCEL:
++ return
++ self.exec_entry.set_text(self.file_dialog.get_filename())
++
++ def add(self, args):
++ self.file_dialog.set_title(_("Select file(s) that confined application creates or writes"))
++ self.file_dialog.set_action(gtk.FILE_CHOOSER_ACTION_SAVE)
++ self.__add(FILE)
++
++ def add_dir(self, args):
++ self.file_dialog.set_title(_("Select directory(s) that the confined application owns and writes into"))
++ self.file_dialog.set_action(gtk.FILE_CHOOSER_ACTION_CREATE_FOLDER)
++ self.__add(DIR)
++
++ def on_about_clicked(self, args):
++ dlg = xml.get_widget ("about_dialog")
++ dlg.run ()
++ dlg.hide ()
++
++ def quit(self, args):
++ gtk.main_quit()
++
++ def setupScreen(self):
++ # Bring in widgets from glade file.
++ self.mainWindow = self.xml.get_widget("main_window")
++ self.type_combobox = self.xml.get_widget("type_combobox")
++ self.type_combobox.set_active(0)
++ self.name_entry = self.xml.get_widget("name_entry")
++ self.exec_entry = self.xml.get_widget("exec_entry")
++ self.in_tcp_entry = self.xml.get_widget("in_tcp_entry")
++ self.in_udp_entry = self.xml.get_widget("in_udp_entry")
++ self.out_tcp_entry = self.xml.get_widget("out_tcp_entry")
++ self.out_udp_entry = self.xml.get_widget("out_udp_entry")
++ self.tmp_checkbutton = self.xml.get_widget("tmp_checkbutton")
++ self.uid_checkbutton = self.xml.get_widget("uid_checkbutton")
++ self.view = self.xml.get_widget("write_treeview")
++ self.file_dialog = self.xml.get_widget("filechooserdialog")
++ self.store = gtk.ListStore(gobject.TYPE_STRING, gobject.TYPE_INT)
++ self.view.set_model(self.store)
++ col = gtk.TreeViewColumn("", gtk.CellRendererText(), text = 0)
++ col.set_resizable(True)
++ self.view.append_column(col)
++ self.view.get_selection().select_path ((0,))
++
++ def stand_alone(self):
++ desktopName = _("Configue SELinux")
++
++ self.setupScreen()
++ self.mainWindow.connect("destroy", self.quit)
++
++ self.mainWindow.show_all()
++ gtk.main()
++
++if __name__ == "__main__":
++ signal.signal (signal.SIGINT, signal.SIG_DFL)
++
++ app = childWindow()
++ app.stand_alone()
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycoreutils-2.0.7/gui/polgen.py
+--- nsapolicycoreutils/gui/polgen.py 1969-12-31 19:00:00.000000000 -0500
++++ policycoreutils-2.0.7/gui/polgen.py 2007-03-17 12:13:24.000000000 -0400
+@@ -0,0 +1,410 @@
++#! /usr/bin/python
++# Copyright (C) 2007 Red Hat
++# see file 'COPYING' for use and warranty information
++#
++# policygentool is a tool for the initial generation of SELinux policy
++#
++# This program is free software; you can redistribute it and/or
++# modify it under the terms of the GNU General Public License as
++# published by the Free Software Foundation; either version 2 of
++# the License, or (at your option) any later version.
++#
++# This program is distributed in the hope that it will be useful,
++# but WITHOUT ANY WARRANTY; without even the implied warranty of
++# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
++# GNU General Public License for more details.
++#
++# You should have received a copy of the GNU General Public License
++# along with this program; if not, write to the Free Software
++# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
++# 02111-1307 USA
++#
++#
++import os, sys, getopt
++import re
++from templates import executable
++from templates import var_spool
++from templates import var_lib
++from templates import var_log
++from templates import var_run
++from templates import tmp
++from templates import rw
++from templates import network
++from templates import script
++import seobject
++
++##
++## I18N
++##
++PROGNAME="system-config-selinux"
++
++import gettext
++gettext.bindtextdomain(PROGNAME, "/usr/share/locale")
++gettext.textdomain(PROGNAME)
++try:
++ gettext.install(PROGNAME, localedir="/usr/share/locale", unicode=1)
++except IOError:
++ import __builtin__
++ __builtin__.__dict__['_'] = unicode
++
++
++class policy:
++ Daemon = 0
++ INETD = 1
++ UEER = 2
++ CGI = 3
++ def __init__(self, name, program, type):
++ ports = seobject.portRecords()
++ self.dict = ports.get_all()
++
++ self.DEFAULT_DIRS = {}
++ self.DEFAULT_DIRS["rw"] = ["rw", 0, rw];
++ self.DEFAULT_DIRS["tmp"] = ["tmp", False, tmp];
++ self.DEFAULT_DIRS["/var/spool"] = ["var_spool", 0, var_spool];
++ self.DEFAULT_DIRS["/var/lib"] = ["var_lib", 0, var_lib];
++ self.DEFAULT_DIRS["/var/log"] = ["var_log", 0, var_log];
++ self.DEFAULT_DIRS["/var/run"] = ["var_run", 0, var_run];
++
++ self.DEFAULT_TYPES = (( self.generate_daemon_types, self.generate_daemon_rules), ( self.generate_inetd_types, self.generate_inetd_rules), ( self.generate_userapp_types, self.generate_userapp_rules), ( self.generate_cgi_types, self.generate_cgi_rules))
++ if name == "":
++ raise ValueError(_("You must enter a name for your confined process"))
++ if type == self.CGI:
++ self.name = "httpd_%s_script" % name
++ else:
++ self.name = name
++ self.file_name = name
++ if program == "":
++ raise ValueError(_("You must enter the executable path for your confined process"))
++ self.program = program
++ self.type = type
++ self.in_tcp = []
++ self.in_udp = []
++ self.out_tcp = []
++ self.out_udp = []
++ self.use_tmp = False
++ self.use_uid = False
++ self.files = {}
++ self.dirs = {}
++ self.found_tcp_ports=[]
++ self.found_udp_ports=[]
++ self.need_tcp_type=False
++ self.need_udp_type=False
++
++ def find_port(self, port):
++ for begin,end in self.dict.keys():
++ if port >= begin and port <= end:
++ return self.dict[begin,end]
++ return None
++
++ def __verify_ports(self, ports):
++ if ports == "":
++ return []
++ max_port=2**16
++ try:
++ temp = []
++ for p in ports.split(","):
++ i = int(p.strip())
++ if i < 1 or i > max_port:
++ raise ValueError()
++ temp.append(i)
++ return temp
++ except ValueError:
++ raise ValueError(_("Ports must be be numbers from 1 to %d " % max_port ))
++
++ def set_in_tcp(self, ports):
++ self.in_tcp = self.__verify_ports(ports)
++
++ def set_in_udp(self, ports):
++ self.in_udp = self.__verify_ports(ports)
++
++ def set_out_tcp(self, ports):
++ self.out_tcp = self.__verify_ports(ports)
++
++ def set_out_udp(self, ports):
++ self.out_udp = self.__verify_ports(ports)
++
++ def set_use_tmp(self, val):
++ if val != True and val != False:
++ raise ValueError(_("use_uid must be a boolean value "))
++
++ self.DEFAULT_DIRS["tmp"][1] = val;
++
++ def set_use_uid(self, val):
++ if val != True and val != False:
++ raise ValueError(_("use_uid must be a boolean value "))
++
++ self.use_uid = val
++
++ def generate_uid_rules(self):
++ return re.sub("TEMPLATETYPE", self.name, executbale.te_uid_rules)
++ def generate_network_types(self):
++ for i in self.in_tcp:
++ rec = self.find_port(int(i))
++ if rec == None:
++ self.need_tcp_type = True;
++ else:
++ port_name = rec[0][:-2]
++ line = "corenet_tcp_bind_%s(%s)\n" % (port_name, self.name)
++ if line not in self.found_tcp_ports:
++ self.found_tcp_ports.append(line)
++
++ for i in self.out_tcp:
++ rec = self.find_port(int(i))
++ if rec == None:
++ self.need_tcp_type = True;
++ else:
++ port_name = rec[0][:-2]
++ line = "corenet_tcp_connect_%s(%s)\n" % (port_name, self.name)
++ if line not in self.found_tcp_ports:
++ self.found_tcp_ports.append(line)
++
++ for i in self.in_udp:
++ rec = self.find_port(int(i))
++ print i, rec
++ if rec == None:
++ self.need_udp_type = True;
++ else:
++ port_name = rec[0][:-2]
++ line = "corenet_udp_bind_%s(%s)\n" % (port_name, self.name)
++ if line not in self.found_udp_ports:
++ self.found_udp_ports.append(line)
++
++ if self.need_udp_type == True or self.need_tcp_type == True:
++ return re.sub("TEMPLATETYPE", self.name, network.te_port_types)
++ return ""
++
++ def __find_path(self, file):
++ for d in self.DEFAULT_DIRS:
++ if file.find(d) == 0:
++ self.DEFAULT_DIRS[d][1] = self.DEFAULT_DIRS[d][1] + 1
++ return self.DEFAULT_DIRS[d]
++ self.DEFAULT_DIRS["rw"][1] = self.DEFAULT_DIRS["rw"][1] + 1
++ return self.DEFAULT_DIRS["rw"]
++
++ def add_file(self, file):
++ self.files[file] = self.__find_path(file)
++
++ def add_dir(self, file):
++ self.dirs[file] = self.__find_path(file)
++
++ def generate_network_rules(self):
++ newte = ""
++ tcp = len(self.in_tcp) + len(self.out_tcp)
++ udp = len(self.in_tcp) + len(self.out_tcp)
++
++ if tcp > 0 or udp > 0:
++ newte = "\n"
++
++ newte += re.sub("TEMPLATETYPE", self.name, network.te_network)
++
++ if tcp > 0:
++ newte += "\n"
++ if self.need_tcp_type:
++ newte += re.sub("TEMPLATETYPE", self.name, network.te_in_need_port_tcp)
++ newte += re.sub("TEMPLATETYPE", self.name, network.te_tcp)
++ if len(self.in_tcp) > 0:
++ newte += re.sub("TEMPLATETYPE", self.name, network.te_in_tcp)
++ for i in self.found_tcp_ports:
++ newte += i
++
++ if udp > 0:
++ newte += "\n"
++ if self.need_udp_type:
++ newte += re.sub("TEMPLATETYPE", self.name, network.te_in_need_port_udp)
++ newte += re.sub("TEMPLATETYPE", self.name, network.te_udp)
++ if len(self.in_udp) > 0:
++ newte += re.sub("TEMPLATETYPE", self.name, network.te_in_udp)
++ for i in self.found_udp_ports:
++ newte += i
++ return newte
++
++ def generate_cgi_types(self):
++ newte = ""
++ newte += re.sub("TEMPLATETYPE", self.file_name, executable.te_cgi_types)
++ return newte
++
++ def generate_userapp_types(self):
++ newte = ""
++ newte += re.sub("TEMPLATETYPE", self.name, executable.te_userapp_types)
++ return newte
++
++ def generate_inetd_types(self):
++ newte = ""
++ newte += re.sub("TEMPLATETYPE", self.name, executable.te_inetd_types)
++ return newte
++
++ def generate_daemon_types(self):
++ newte = ""
++ newte += re.sub("TEMPLATETYPE", self.name, executable.te_daemon_types)
++ return newte
++
++ def generate_cgi_te(self):
++ newte = ""
++ newte += re.sub("TEMPLATETYPE", self.name, executable.te_cgi_types)
++ return newte
++
++ def generate_daemon_rules(self):
++ newte = ""
++ newte += re.sub("TEMPLATETYPE", self.name, executable.te_daemon_rules)
++ return newte
++
++ def generate_userapp_rules(self):
++ newte = ""
++ newte += re.sub("TEMPLATETYPE", self.name, executable.te_userapp_rules)
++ return newte
++
++ def generate_inetd_rules(self):
++ newte = ""
++ newte += re.sub("TEMPLATETYPE", self.name, executable.te_inetd_rules)
++ return newte
++
++ def generate_cgi_rules(self):
++ newte = ""
++ newte += re.sub("TEMPLATETYPE", self.name, executable.te_cgi_rules)
++ return newte
++
++ def generate_if(self):
++ newif = re.sub("TEMPLATETYPE", self.name, executable.if_rules)
++
++ for d in self.DEFAULT_DIRS:
++ if self.DEFAULT_DIRS[d][1] > 0:
++ newif += re.sub("TEMPLATETYPE", self.name, self.DEFAULT_DIRS[d][2].if_rules)
++
++ return newif
++ if self.use_uid:
++ newte += self.generate_uid_rules()
++ newte += re.sub("TEMPLATETYPE", self.name, executbale.te_daemon_rules)
++
++ def generate_default_types(self):
++ return self.DEFAULT_TYPES[self.type][0]()
++
++ def generate_default_rules(self):
++ return self.DEFAULT_TYPES[self.type][1]()
++
++ def generate_te(self):
++ newte = self.generate_default_types()
++ for d in self.DEFAULT_DIRS:
++ if self.DEFAULT_DIRS[d][1] > 0:
++ # CGI scripts already have a rw_t
++ if self.type != self.CGI or d != "rw":
++ newte += re.sub("TEMPLATETYPE", self.name, self.DEFAULT_DIRS[d][2].te_types)
++
++ newte += self.generate_network_types()
++ if self.use_tmp:
++ newte += self.generate_tmp_types()
++
++ newte += self.generate_default_rules()
++ for d in self.DEFAULT_DIRS:
++ if self.DEFAULT_DIRS[d][1] > 0:
++ newte += re.sub("TEMPLATETYPE", self.name, self.DEFAULT_DIRS[d][2].te_rules)
++
++ newte += self.generate_network_rules()
++ if self.use_tmp:
++ newte += self.generate_tmp_rules()
++
++ return newte
++
++ def generate_fc(self):
++ newfc = ""
++ t1 = re.sub("EXECUTABLE", self.program, executable.fc_file)
++ newfc += re.sub("TEMPLATETYPE", self.name, t1)
++
++ for i in self.files.keys():
++ t1 = re.sub("TEMPLATETYPE", self.name, self.files[i][2].fc_file)
++ t2 = re.sub("FILENAME", i, t1)
++ newfc += re.sub("FILETYPE", self.files[i][0], t2)
++
++ for i in self.dirs.keys():
++ t1 = re.sub("TEMPLATETYPE", self.name, self.dirs[i][2].fc_dir)
++ t2 = re.sub("FILENAME", i, t1)
++ newfc += re.sub("FILETYPE", self.dirs[i][0], t2)
++
++ return newfc
++
++ def generate_sh(self):
++ newsh = re.sub("TEMPLATETYPE", self.name, script.compile)
++ newsh = re.sub("PACKAGEFILENAME", self.file_name, newsh)
++ newsh += re.sub("FILENAME", self.program, script.restorecon)
++
++ for i in self.files.keys():
++ newsh += re.sub("FILENAME", i, script.restorecon)
++
++ for i in self.dirs.keys():
++ newsh += re.sub("FILENAME", i, script.restorecon)
++ for i in self.in_tcp + self.out_tcp:
++ t1 = re.sub("PORTNUM", "%d" % i, script.tcp_ports)
++ newsh += re.sub("TEMPLATETYPE", self.name, t1)
++
++ for i in self.in_udp + self.out_udp:
++ t1 = re.sub("PORTNUM", "%d" % i, script.udp_ports)
++ newsh += re.sub("TEMPLATETYPE", self.name, t1)
++
++ return newsh
++
++ def write_te(self):
++ tefile = "%s.te" % self.file_name
++ fd = open(tefile, "w")
++ fd.write(self.generate_te())
++ fd.close()
++ return tefile
++
++ def write_sh(self):
++ shfile = "%s.sh" % self.file_name
++ fd = open(shfile, "w")
++ fd.write(self.generate_sh())
++ fd.close()
++ return shfile
++
++ def write_if(self):
++ iffile = "%s.if" % self.file_name
++ fd = open(iffile, "w")
++ fd.write(self.generate_if())
++ fd.close()
++ return iffile
++
++ def write_fc(self):
++ fcfile = "%s.fc" % self.file_name
++ fd = open(fcfile, "w")
++ fd.write(self.generate_fc())
++ fd.close()
++ return fcfile
++
++ def generate(self):
++ out = "Created the following files:\n"
++ out += "%-25s %s\n" % (_("Type Enforcment file"), self.write_te())
++ out += "%-25s %s\n" % (_("Interface file"), self.write_if())
++ out += "%-25s %s\n" % (_("File Contexts file"), self.write_fc())
++ out += "%-25s %s\n" % (_("Setup Script"),self.write_sh())
++ return out
++
++def errorExit(error):
++ sys.stderr.write("%s: " % sys.argv[0])
++ sys.stderr.write("%s\n" % error)
++ sys.stderr.flush()
++ sys.exit(1)
++
++
++if __name__ == '__main__':
++ mypolicy = policy("cgi", "/var/www/cgi-bin/cgi", 3)
++ mypolicy.set_out_udp("80")
++ mypolicy.set_in_udp("80, 81")
++ mypolicy.set_out_tcp("881")
++ mypolicy.set_in_tcp("8810")
++ mypolicy.set_use_uid(True)
++ mypolicy.set_use_tmp(True)
++ mypolicy.add_file("/var/run/daemon.pid")
++ mypolicy.add_file("/var/run/daemon.pub")
++ mypolicy.add_file("/var/log/daemon.log")
++ mypolicy.add_dir("/var/lib/daemon")
++ mypolicy.add_dir("/etc/daemon")
++ mypolicy.add_dir("/etc/daemon/special")
++ print mypolicy.generate()
++# mypolicy = policy("inetd", "/usr/sbin/inetd", 1)
++# mypolicy.generate()
++# mypolicy = policy("userapp", "/usr/sbin/userapp", 2)
++# mypolicy.generate()
++# mypolicy = policy("cgi", "cgi", 3)
++# mypolicy.generate()
++ sys.exit(0)
++
++
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/portsPage.py policycoreutils-2.0.7/gui/portsPage.py
--- nsapolicycoreutils/gui/portsPage.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.7/gui/portsPage.py 2007-03-01 17:37:41.000000000 -0500
-@@ -0,0 +1,214 @@
++++ policycoreutils-2.0.7/gui/portsPage.py 2007-03-17 12:13:24.000000000 -0400
+@@ -0,0 +1,227 @@
+## portsPage.py - show selinux mappings
+## Copyright (C) 2006 Red Hat, Inc.
+
@@ -829,6 +2602,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/portsPage.py policyc
+import gobject
+import sys
+import seobject
++import commands
+from semanagePage import *;
+
+##
@@ -892,7 +2666,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/portsPage.py policyc
+ col.set_sort_column_id(PORT_COL)
+ col.set_resizable(True)
+ self.view.append_column(col)
-+ self.store.set_sort_func(1,self.sort_int, "")
++ self.store.set_sort_func(PORT_COL,self.sort_int, "")
+
+ def group_toggle(self, button):
+ self.edit = not button.get_active()
@@ -908,7 +2682,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/portsPage.py policyc
+ def sort_int(self, treemodel, iter1, iter2, user_data):
+ try:
+ p1 = int(treemodel.get_value(iter1,2))
-+ p2 = int(treemodel.get_value(iter1,2))
++ p2 = int(treemodel.get_value(iter2,2))
+ if p1 > p2:
+ return 1
+ if p1 == p2:
@@ -980,7 +2754,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/portsPage.py policyc
+ port = store.get_value(iter, PORT_COL)
+ protocol = store.get_value(iter, 1)
+ try:
-+ self.port.delete(port, protocol)
++ (rc, out) = commands.getstatusoutput("semanage port -d -p %s %s" % (protocol, port))
++ if rc != 0:
++ return self.error(out)
+ store.remove(iter)
+ self.view.get_selection().select_path ((0,))
+ except ValueError, e:
@@ -992,11 +2768,18 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/portsPage.py policyc
+ port_number = self.ports_number_entry.get_text().strip()
+ if port_number == "":
+ port_number = "1"
++ if not port_number.isdigit():
++ self.error(_("Port number \"%s\" is not valid. 0 < PORT_NUMBER < 65536 ") % port_number )
++ return False
+ list_model = self.ports_protocol_combo.get_model()
+ iter = self.ports_protocol_combo.get_active_iter()
+ protocol = list_model.get_value(iter,0)
-+ self.port.add(port_number, protocol, mls, target)
++ (rc, out) = commands.getstatusoutput("semanage port -a -p %s -r %s -t %s %s" % (protocol, mls, target, port_number))
++ if rc != 0:
++ self.error(out)
++ return False
+ iter = self.store.append()
++
+ self.store.set_value(iter, TYPE_COL, target)
+ self.store.set_value(iter, PORT_COL, port_number)
+ self.store.set_value(iter, PROTOCOL_COL, protocol)
@@ -1009,7 +2792,10 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/portsPage.py policyc
+ list_model = self.ports_protocol_combo.get_model()
+ iter = self.ports_protocol_combo.get_active_iter()
+ protocol = list_model.get_value(iter,0)
-+ self.port.modify(port_number, protocol, mls, target)
++ (rc, out) = commands.getstatusoutput("semanage port -m -p %s -r %s -t %s %s" % (protocol, mls, target, port_number))
++ if rc != 0:
++ self.error(out)
++ return False
+ store, iter = self.view.get_selection().get_selected()
+ self.store.set_value(iter, TYPE_COL, target)
+ self.store.set_value(iter, PORT_COL, port_number)
@@ -1288,8 +3074,8 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/selinux.tbl policyco
+zebra_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for zebra daemon")
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/semanagePage.py policycoreutils-2.0.7/gui/semanagePage.py
--- nsapolicycoreutils/gui/semanagePage.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.7/gui/semanagePage.py 2007-03-01 17:37:41.000000000 -0500
-@@ -0,0 +1,109 @@
++++ policycoreutils-2.0.7/gui/semanagePage.py 2007-03-17 12:13:24.000000000 -0400
+@@ -0,0 +1,115 @@
+## semanagePage.py - show selinux mappings
+## Copyright (C) 2006 Red Hat, Inc.
+
@@ -1373,6 +3159,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/semanagePage.py poli
+ if self.verify(_("Are you sure you want to delete %s '%s'?" % (self.description, store.get_value(iter, 0))), _("Delete %s" % self.description)) == gtk.RESPONSE_YES:
+ self.delete()
+
++ def use_menus(self):
++ return True
++
+ def addDialog(self):
+ self.dialogClear()
+ self.dialog.set_title(_("Add %s" % self.description))
@@ -1380,10 +3169,12 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/semanagePage.py poli
+
+ while self.dialog.run() == gtk.RESPONSE_OK:
+ try:
-+ self.add()
++ if self.add() == False:
++ continue
+ break;
+ except ValueError, e:
+ self.error(e.args[0])
++ print
+ self.dialog.hide()
+
+ def propertiesDialog(self):
@@ -1392,7 +3183,8 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/semanagePage.py poli
+ self.dialog.set_position(gtk.WIN_POS_MOUSE)
+ while self.dialog.run() == gtk.RESPONSE_OK:
+ try:
-+ self.modify()
++ if self.modify() == False:
++ continue
+ break;
+ except ValueError, e:
+ self.error(e.args[0])
@@ -1401,8 +3193,8 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/semanagePage.py poli
+
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/statusPage.py policycoreutils-2.0.7/gui/statusPage.py
--- nsapolicycoreutils/gui/statusPage.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.7/gui/statusPage.py 2007-03-01 17:37:41.000000000 -0500
-@@ -0,0 +1,213 @@
++++ policycoreutils-2.0.7/gui/statusPage.py 2007-03-17 12:13:24.000000000 -0400
+@@ -0,0 +1,219 @@
+## statusPage.py - show selinux status
+## Copyright (C) 2006 Red Hat, Inc.
+
@@ -1502,6 +3294,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/statusPage.py policy
+
+ self.typeLabel.set_mnemonic_widget(self.selinuxTypeOptionMenu)
+
++ def use_menus(self):
++ return False
++
+ def get_description(self):
+ return _("Status")
+
@@ -1559,9 +3354,12 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/statusPage.py policy
+ if self.initEnabled == DISABLED and enabled < 2:
+ if self.verify(_("Changing to SELinux enabled will cause a relabel of the entire file system on the next boot. Relabeling takes a long time depending on the size of the file system. Do you wish to continue?")) == gtk.RESPONSE_NO:
+ return None
-+
+ self.relabel_checkbutton.set_active(True)
+
++ if self.initEnabled != DISABLED and enabled == DISABLED:
++ if self.verify(_("Changing to SELinux disabled requires a reboot. It is not recommended. If you later decide to turn SELinux back on, the system will be required to relabel. If you just want to see if SELinux is causing a problem on your system, you can go to permissive mode which will only log errors and not enforce SELinux policy. Permissive mode does not require a reboot Do you wish to continue?")) == gtk.RESPONSE_NO:
++ return None
++
+ self.conf["SELINUX"] = modearray[enabled]
+ self.conf["SELINUXTYPE"]=type
+ self.conf.write()
@@ -1618,8 +3416,8 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/statusPage.py policy
+
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinux.glade policycoreutils-2.0.7/gui/system-config-selinux.glade
--- nsapolicycoreutils/gui/system-config-selinux.glade 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.7/gui/system-config-selinux.glade 2007-03-01 17:37:41.000000000 -0500
-@@ -0,0 +1,2803 @@
++++ policycoreutils-2.0.7/gui/system-config-selinux.glade 2007-03-17 12:12:49.000000000 -0400
+@@ -0,0 +1,2885 @@
+
+
+
@@ -3027,6 +4825,72 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinu
+