diff --git a/policycoreutils-gui.patch b/policycoreutils-gui.patch
index 359fb3b..bb69f0e 100644
--- a/policycoreutils-gui.patch
+++ b/policycoreutils-gui.patch
@@ -1,6 +1,6 @@
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/booleansPage.py policycoreutils-2.0.9/gui/booleansPage.py
--- nsapolicycoreutils/gui/booleansPage.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.9/gui/booleansPage.py 2007-04-16 13:26:34.000000000 -0400
++++ policycoreutils-2.0.9/gui/booleansPage.py 2007-04-18 13:14:57.000000000 -0400
@@ -0,0 +1,224 @@
+#
+# booleansPage.py - GUI for Booleans page in system-config-securitylevel
@@ -228,7 +228,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/booleansPage.py poli
+ commands.getstatusoutput(setsebool)
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/fcontextPage.py policycoreutils-2.0.9/gui/fcontextPage.py
--- nsapolicycoreutils/gui/fcontextPage.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.9/gui/fcontextPage.py 2007-04-16 13:26:34.000000000 -0400
++++ policycoreutils-2.0.9/gui/fcontextPage.py 2007-04-18 13:14:57.000000000 -0400
@@ -0,0 +1,207 @@
+## fcontextPage.py - show selinux mappings
+## Copyright (C) 2006 Red Hat, Inc.
@@ -439,7 +439,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/fcontextPage.py poli
+ self.store.set_value(iter, TYPE_COL, "system_u:object_r:%s:%s" % (type, mls))
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/loginsPage.py policycoreutils-2.0.9/gui/loginsPage.py
--- nsapolicycoreutils/gui/loginsPage.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.9/gui/loginsPage.py 2007-04-16 13:26:34.000000000 -0400
++++ policycoreutils-2.0.9/gui/loginsPage.py 2007-04-18 13:14:57.000000000 -0400
@@ -0,0 +1,173 @@
+## loginsPage.py - show selinux mappings
+## Copyright (C) 2006 Red Hat, Inc.
@@ -654,7 +654,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/Makefile policycoreu
+relabel:
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/mappingsPage.py policycoreutils-2.0.9/gui/mappingsPage.py
--- nsapolicycoreutils/gui/mappingsPage.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.9/gui/mappingsPage.py 2007-04-16 13:26:34.000000000 -0400
++++ policycoreutils-2.0.9/gui/mappingsPage.py 2007-04-18 13:14:57.000000000 -0400
@@ -0,0 +1,54 @@
+## mappingsPage.py - show selinux mappings
+## Copyright (C) 2006 Red Hat, Inc.
@@ -712,7 +712,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/mappingsPage.py poli
+
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/modulesPage.py policycoreutils-2.0.9/gui/modulesPage.py
--- nsapolicycoreutils/gui/modulesPage.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.9/gui/modulesPage.py 2007-04-16 13:26:34.000000000 -0400
++++ policycoreutils-2.0.9/gui/modulesPage.py 2007-04-18 13:14:57.000000000 -0400
@@ -0,0 +1,172 @@
+## modulesPage.py - show selinux mappings
+## Copyright (C) 2006 Red Hat, Inc.
@@ -888,12 +888,13 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/modulesPage.py polic
+
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.glade policycoreutils-2.0.9/gui/polgen.glade
--- nsapolicycoreutils/gui/polgen.glade 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.9/gui/polgen.glade 2007-04-16 13:26:34.000000000 -0400
-@@ -0,0 +1,1127 @@
++++ policycoreutils-2.0.9/gui/polgen.glade 2007-04-18 12:27:57.000000000 -0400
+@@ -0,0 +1,1167 @@
+
+
+
+
++
+
+
+ True
@@ -918,210 +919,300 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.glade policyc
+ 0
+
+
-+
++
++ 4
+ True
-+ 5
-+ 4
-+ False
-+ 0
-+ 0
++ False
+
+
-+
++
+ True
-+ Name
-+ False
-+ False
-+ GTK_JUSTIFY_LEFT
-+ False
-+ False
-+ 0
-+ 0.5
-+ 0
-+ 0
-+ PANGO_ELLIPSIZE_NONE
-+ -1
-+ False
-+ 0
++ GNOME_EDGE_START
++ SELinux Policy Generation Druid
++ This tool can be used to generate a policy framework, to confine an application using SELinux. The tool will generate a Type Enforcement File (te), an interface file (if), a File Context File (fc) and a shell script (sh) used to compile the policy.
+
-+
-+ 0
-+ 1
-+ 0
-+ 1
-+ fill
-+
-+
+
+
+
-+
++
+ True
-+ Executable
-+ False
-+ False
-+ GTK_JUSTIFY_LEFT
-+ False
-+ False
-+ 0
-+ 0.5
-+ 0
-+ 0
-+ PANGO_ELLIPSIZE_NONE
-+ -1
-+ False
-+ 0
-+
-+
-+ 0
-+ 1
-+ 1
-+ 2
-+ 5
-+ fill
-+
-+
-+
++ Name of application to be confined
+
-+
-+
-+ True
-+ Application Type
-+ False
-+ False
-+ GTK_JUSTIFY_LEFT
-+ False
-+ False
-+ 0
-+ 0.5
-+ 0
-+ 0
-+ PANGO_ELLIPSIZE_NONE
-+ -1
-+ False
-+ 0
-+
-+
-+ 0
-+ 1
-+ 2
-+ 3
-+ fill
-+
-+
-+
-+
-+
-+
-+ True
-+ True
-+ ...
-+ True
-+ GTK_RELIEF_NORMAL
-+ True
-+
-+
-+
-+ 3
-+ 4
-+ 1
-+ 2
-+ fill
-+
-+
-+
-+
-+
-+
-+ True
-+ Enter path to executable to be confined.
-+ True
-+ True
-+ True
-+ 0
-+
-+ True
-+ •
-+ False
-+
-+
-+ 1
-+ 3
-+ 1
-+ 2
-+
-+
-+
-+
-+
-+
-+ True
-+ Standard Daemon (init)
-+Internet services daemon (inetd)
-+User Application
-+Web Script (CGI)
-+ False
-+ True
-+
-+
-+ 1
-+ 4
-+ 2
-+ 3
-+ fill
-+ fill
-+
-+
-+
-+
-+
-+ True
-+ Enter unigue policy type name for confined application.
-+ True
-+ True
-+ True
-+ 0
-+
-+ True
-+ •
-+ False
-+
-+
-+ 1
-+ 4
-+ 0
-+ 1
-+
-+
-+
-+
-+
-+
-+ True
-+ 0
-+ 0.5
-+ GTK_SHADOW_NONE
-+
-+
-+
++
++
++ 16
+ True
-+ 0.5
-+ 0.5
-+ 1
-+ 1
-+ 0
-+ 0
-+ 12
-+ 0
++ False
++ 6
+
+
-+
++
++ True
++ 2
++ 3
++ False
++ 0
++ 5
++
++
++
++ True
++ Name
++ False
++ False
++ GTK_JUSTIFY_LEFT
++ False
++ False
++ 0
++ 0.5
++ 0
++ 0
++ PANGO_ELLIPSIZE_NONE
++ -1
++ False
++ 0
++
++
++ 0
++ 1
++ 0
++ 1
++ fill
++
++
++
++
++
++
++ True
++ Enter path to executable to be confined.
++ True
++ True
++ True
++ 0
++
++ True
++ •
++ False
++
++
++ 1
++ 2
++ 1
++ 2
++
++
++
++
++
++
++ True
++ True
++ ...
++ True
++ GTK_RELIEF_NORMAL
++ True
++
++
++
++ 2
++ 3
++ 1
++ 2
++ fill
++
++
++
++
++
++
++ True
++ Enter unigue policy type name for confined application.
++ True
++ True
++ True
++ 0
++
++ True
++ •
++ False
++
++
++ 1
++ 3
++ 0
++ 1
++
++
++
++
++
++
++ True
++ Executable
++ False
++ False
++ GTK_JUSTIFY_LEFT
++ False
++ False
++ 0
++ 0.5
++ 0
++ 0
++ PANGO_ELLIPSIZE_NONE
++ -1
++ False
++ 0
++
++
++ 0
++ 1
++ 1
++ 2
++ fill
++
++
++
++
++
++ 0
++ True
++ True
++
++
++
++
++
++
++
++
++
++ True
++ Application Type
++
++
++
++ 16
++ True
++ False
++ 6
++
++
++
++ True
++ False
++ 0
++
++
++
++ True
++ True
++ Standard Init Daemon
++ True
++ GTK_RELIEF_NORMAL
++ True
++ False
++ False
++ True
++
++
++ 0
++ False
++ False
++
++
++
++
++
++ True
++ True
++ Internet Services Daemon (inetd)
++ True
++ GTK_RELIEF_NORMAL
++ True
++ False
++ False
++ True
++ init_radiobutton
++
++
++ 0
++ False
++ False
++
++
++
++
++
++ True
++ True
++ Web Application/Script (CGI)
++ True
++ GTK_RELIEF_NORMAL
++ True
++ False
++ False
++ True
++ init_radiobutton
++
++
++ 0
++ False
++ False
++
++
++
++
++
++ True
++ True
++ User Application
++ True
++ GTK_RELIEF_NORMAL
++ True
++ False
++ False
++ True
++ init_radiobutton
++
++
++ 0
++ False
++ False
++
++
++
++
++ 0
++ True
++ True
++
++
++
++
++
++
++
++
++
++ True
++ Incoming Network Port Connections
++
++
++
++ 16
++ True
++ False
++ 6
++
++
++
+ True
+ 2
+ 2
+ False
+ 0
-+ 0
++ 5
+
+
+
@@ -1182,7 +1273,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.glade policyc
+
+
+ True
-+ Enter a comma separated list of network ports.
++ Enter a comma separated list of tcp ports that this application binds to.
+ True
+ True
+ True
@@ -1204,7 +1295,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.glade policyc
+
+
+ True
-+ Enter a comma separated list of network ports.
++ Enter a comma separated list of tcp ports that this application binds to.
+ True
+ True
+ True
@@ -1223,69 +1314,37 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.glade policyc
+
+
+
++
++ 0
++ True
++ True
++
+
+
+
-+
-+
-+
-+ True
-+ <b>Incoming Network Connections</b>
-+ False
-+ True
-+ GTK_JUSTIFY_LEFT
-+ False
-+ False
-+ 0.5
-+ 0.5
-+ 0
-+ 0
-+ PANGO_ELLIPSIZE_NONE
-+ -1
-+ False
-+ 0
-+
-+
-+ label_item
-+
-+
+
-+
-+ 0
-+ 4
-+ 3
-+ 4
-+ fill
-+
+
+
+
-+
++
+ True
-+ 0
-+ 0.5
-+ GTK_SHADOW_NONE
++ Outgoing Network Port Connections
+
-+
-+
++
++
++ 16
+ True
-+ 0.5
-+ 0.5
-+ 1
-+ 1
-+ 0
-+ 0
-+ 12
-+ 0
++ False
++ 6
+
+
-+
++
+ True
+ 2
+ 2
+ False
+ 0
-+ 0
++ 5
+
+
+
@@ -1346,7 +1405,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.glade policyc
+
+
+ True
-+ Enter a comma separated list of network ports.
++ Enter a comma separated list of tcp ports that this application connects to.
+ True
+ True
+ True
@@ -1368,7 +1427,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.glade policyc
+
+
+ True
-+ Enter a comma separated list of network ports.
++ Enter a comma separated list of udp ports that this application connects to.
+ True
+ True
+ True
@@ -1387,244 +1446,46 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.glade policyc
+
+
+
++
++ 0
++ True
++ True
++
+
+
+
-+
-+
-+
-+ True
-+ <b>Outgoing Network Connections</b>
-+ False
-+ True
-+ GTK_JUSTIFY_LEFT
-+ False
-+ False
-+ 0.5
-+ 0.5
-+ 0
-+ 0
-+ PANGO_ELLIPSIZE_NONE
-+ -1
-+ False
-+ 0
-+
-+
-+ label_item
-+
-+
+
-+
-+ 0
-+ 4
-+ 4
-+ 5
-+ fill
-+
-+
-+
-+
-+ 2
-+ False
-+ True
-+
-+
-+
-+
-+
-+ True
-+ True
-+ 0
-+
-+
-+
-+ True
-+ Application generates temporary files in /tmp or /var/tmp.
-+ True
-+ Uses syslog
-+ True
-+ GTK_RELIEF_NORMAL
-+ True
-+ False
-+ False
-+ True
-+
-+
-+ 0
-+ False
-+ False
-+
+
+
+
-+
++
+ True
-+ Application generates temporary files in /tmp or /var/tmp.
-+ True
-+ Uses /tmp
-+ True
-+ GTK_RELIEF_NORMAL
-+ True
-+ False
-+ False
-+ True
-+
-+
-+ 0
-+ False
-+ False
-+
-+
++ Common Application Traits
+
-+
-+
-+ True
-+ Application uses pam for authentication.
-+ True
-+ Uses Pam
-+ True
-+ GTK_RELIEF_NORMAL
-+ True
-+ False
-+ False
-+ True
-+
-+
-+ 0
-+ False
-+ False
-+
-+
-+
-+
-+
-+ True
-+ Application uses/translates UIDs or GIDs.
-+ True
-+ Translates UIDs/GIDs
-+ True
-+ GTK_RELIEF_NORMAL
-+ True
-+ False
-+ False
-+ True
-+
-+
-+ 0
-+ False
-+ False
-+
-+
-+
-+
-+ 0
-+ True
-+ True
-+
-+
-+
-+
-+
-+ True
-+ 0
-+ 0.5
-+ GTK_SHADOW_NONE
-+
-+
-+
-+ True
-+ 0.5
-+ 0.5
-+ 1
-+ 1
-+ 0
-+ 0
-+ 12
-+ 0
-+
-+
-+
++
++
++ 16
+ True
+ False
-+ 0
++ 6
+
+
-+
++
+ True
+ False
+ 0
+
+
-+
++
+ True
+ True
++ Application uses syslog to log messages
++ True
+ GTK_RELIEF_NORMAL
+ True
-+
-+
-+
-+
-+ True
-+ 0.5
-+ 0.5
-+ 0
-+ 0
-+ 0
-+ 0
-+ 0
-+ 0
-+
-+
-+
-+ True
-+ False
-+ 2
-+
-+
-+
-+ True
-+ gtk-add
-+ 4
-+ 0.5
-+ 0.5
-+ 0
-+ 0
-+
-+
-+ 0
-+ False
-+ False
-+
-+
-+
-+
-+
-+ True
-+ Add File
-+ True
-+ False
-+ GTK_JUSTIFY_LEFT
-+ False
-+ False
-+ 0.5
-+ 0.5
-+ 0
-+ 0
-+ PANGO_ELLIPSIZE_NONE
-+ -1
-+ False
-+ 0
-+
-+
-+ 0
-+ False
-+ False
-+
-+
-+
-+
-+
-+
++ False
++ False
++ True
+
+
+ 0
@@ -1634,76 +1495,16 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.glade policyc
+
+
+
-+
++
+ True
+ True
++ Applicaiton uses /tmp to Create/Manipulate temporary files
++ True
+ GTK_RELIEF_NORMAL
+ True
-+
-+
-+
-+
-+ True
-+ 0.5
-+ 0.5
-+ 0
-+ 0
-+ 0
-+ 0
-+ 0
-+ 0
-+
-+
-+
-+ True
-+ False
-+ 2
-+
-+
-+
-+ True
-+ gtk-add
-+ 4
-+ 0.5
-+ 0.5
-+ 0
-+ 0
-+
-+
-+ 0
-+ False
-+ False
-+
-+
-+
-+
-+
-+ True
-+ Add Directory
-+ True
-+ False
-+ GTK_JUSTIFY_LEFT
-+ False
-+ False
-+ 0.5
-+ 0.5
-+ 0
-+ 0
-+ PANGO_ELLIPSIZE_NONE
-+ -1
-+ False
-+ 0
-+
-+
-+ 0
-+ False
-+ False
-+
-+
-+
-+
-+
-+
++ False
++ False
++ True
+
+
+ 0
@@ -1713,15 +1514,35 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.glade policyc
+
+
+
-+
++
+ True
+ True
-+ gtk-delete
-+ True
++ Application uses Pam for authentication
++ True
+ GTK_RELIEF_NORMAL
+ True
-+
-+
++ False
++ False
++ True
++
++
++ 0
++ False
++ False
++
++
++
++
++
++ True
++ True
++ Application uses nsswitch or translates UID's (daemons that run as non root)
++ True
++ GTK_RELIEF_NORMAL
++ True
++ False
++ False
++ True
+
+
+ 0
@@ -1731,53 +1552,294 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.glade policyc
+
+
+
-+ 4
-+ False
++ 0
++ True
+ True
+
+
++
++
++
++
++
++
++
++ True
++ Files and Directories that the application Creates/Modifies
++
++
++
++ 16
++ True
++ False
++ 6
+
+
-+
++
+ True
-+ True
-+ GTK_POLICY_NEVER
-+ GTK_POLICY_NEVER
-+ GTK_SHADOW_IN
-+ GTK_CORNER_TOP_LEFT
++ 0
++ 0.5
++ GTK_SHADOW_NONE
+
+
-+
++
+ True
-+ GTK_SHADOW_IN
++ 0.5
++ 0.5
++ 1
++ 1
++ 0
++ 0
++ 12
++ 0
+
+
-+
++
+ True
+ False
+ 0
+
+
-+
++
++ True
++ False
++ 0
++
++
++
++ True
++ True
++ GTK_RELIEF_NORMAL
++ True
++
++
++
++
++ True
++ 0.5
++ 0.5
++ 0
++ 0
++ 0
++ 0
++ 0
++ 0
++
++
++
++ True
++ False
++ 2
++
++
++
++ True
++ gtk-add
++ 4
++ 0.5
++ 0.5
++ 0
++ 0
++
++
++ 0
++ False
++ False
++
++
++
++
++
++ True
++ Add File
++ True
++ False
++ GTK_JUSTIFY_LEFT
++ False
++ False
++ 0.5
++ 0.5
++ 0
++ 0
++ PANGO_ELLIPSIZE_NONE
++ -1
++ False
++ 0
++
++
++ 0
++ False
++ False
++
++
++
++
++
++
++
++
++ 0
++ False
++ False
++
++
++
++
++
++ True
++ True
++ GTK_RELIEF_NORMAL
++ True
++
++
++
++
++ True
++ 0.5
++ 0.5
++ 0
++ 0
++ 0
++ 0
++ 0
++ 0
++
++
++
++ True
++ False
++ 2
++
++
++
++ True
++ gtk-add
++ 4
++ 0.5
++ 0.5
++ 0
++ 0
++
++
++ 0
++ False
++ False
++
++
++
++
++
++ True
++ Add Directory
++ True
++ False
++ GTK_JUSTIFY_LEFT
++ False
++ False
++ 0.5
++ 0.5
++ 0
++ 0
++ PANGO_ELLIPSIZE_NONE
++ -1
++ False
++ 0
++
++
++ 0
++ False
++ False
++
++
++
++
++
++
++
++
++ 0
++ False
++ False
++
++
++
++
++
++ True
++ True
++ gtk-delete
++ True
++ GTK_RELIEF_NORMAL
++ True
++
++
++
++
++ 0
++ False
++ False
++
++
++
++
++ 4
++ False
++ True
++
++
++
++
++
+ True
+ True
-+ GTK_POLICY_ALWAYS
-+ GTK_POLICY_ALWAYS
++ GTK_POLICY_NEVER
++ GTK_POLICY_NEVER
+ GTK_SHADOW_IN
+ GTK_CORNER_TOP_LEFT
+
+
-+
++
+ True
-+ Add Files/Directories that this application will need to "Write" to. Pid Files, Log Files, /var/lib Files ...
-+ True
-+ False
-+ False
-+ False
-+ True
-+ False
-+ False
-+ False
++ GTK_SHADOW_IN
++
++
++
++ True
++ False
++ 0
++
++
++
++ True
++ True
++ GTK_POLICY_ALWAYS
++ GTK_POLICY_ALWAYS
++ GTK_SHADOW_IN
++ GTK_CORNER_TOP_LEFT
++
++
++
++ True
++ Add Files/Directories that this application will need to "Write" to. Pid Files, Log Files, /var/lib Files ...
++ True
++ False
++ False
++ False
++ True
++ False
++ False
++ False
++
++
++
++
++ 0
++ True
++ True
++
++
++
++
+
+
+
@@ -1804,103 +1866,28 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.glade policyc
+
+
+
-+
++
+ True
-+ <b>File/Directories modified by this executable</b>
-+ False
-+ True
-+ GTK_JUSTIFY_LEFT
-+ False
-+ False
-+ 0.5
-+ 0.5
-+ 0
-+ 0
-+ PANGO_ELLIPSIZE_NONE
-+ -1
-+ False
-+ 0
-+
-+
-+ label_item
-+
-+
-+
-+
-+ 0
-+ True
-+ True
-+
-+
++ Generate policy in this directory
+
-+
-+
-+ True
-+ GTK_BUTTONBOX_END
-+ 0
-+
-+
-+
-+ True
-+ True
-+ True
-+ gtk-close
-+ True
-+ GTK_RELIEF_NORMAL
-+ True
-+
-+
-+
-+
-+
-+
-+ True
-+ True
-+ True
-+ GTK_RELIEF_NORMAL
-+ True
-+
-+
-+
-+
++
++
++ 16
+ True
-+ 0.5
-+ 0.5
-+ 0
-+ 0
-+ 0
-+ 0
-+ 0
-+ 0
++ False
++ 5
+
+
-+
++
+ True
+ False
-+ 2
++ 0
+
+
-+
++
+ True
-+ gtk-apply
-+ 4
-+ 0.5
-+ 0.5
-+ 0
-+ 0
-+
-+
-+ 0
-+ False
-+ False
-+
-+
-+
-+
-+
-+ True
-+ Generate
-+ True
++ Policy Directory
++ False
+ False
+ GTK_JUSTIFY_LEFT
+ False
@@ -1915,21 +1902,74 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.glade policyc
+ 0
+
+
++ 5
++ False
++ False
++
++
++
++
++
++ True
++ True
++ True
++ True
++ 0
++
++ True
++ •
++ False
++
++
++ 0
++ True
++ True
++
++
++
++
++
++ True
++ True
++ ...
++ True
++ GTK_RELIEF_NORMAL
++ True
++
++
+ 0
+ False
+ False
+
+
+
++
++ 0
++ False
++ True
++
+
+
+
+
+
++
++
++
++ True
++ GNOME_EDGE_FINISH
++ Generated Policy Files
++ This tool will generate the following: Type Enforcment(te), File Context(fc), Interface(if), Shell Script(sh).
++Execute shell script to compile/install and relabel files/directories. Now you can put the machine in permissive mode (setenforce 0).
++Run/restart the application to generate avc messages.
++Use audit2allow -R to generate additional rules for the te file.
++
++
++
+
+
-+ 7
-+ False
++ 0
++ True
+ True
+
+
@@ -2019,8 +2059,8 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.glade policyc
+
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgengui.py policycoreutils-2.0.9/gui/polgengui.py
--- nsapolicycoreutils/gui/polgengui.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.9/gui/polgengui.py 2007-04-16 13:26:34.000000000 -0400
-@@ -0,0 +1,211 @@
++++ policycoreutils-2.0.9/gui/polgengui.py 2007-04-18 13:14:57.000000000 -0400
+@@ -0,0 +1,253 @@
+#!/usr/bin/python
+#
+# system-config-selinux.py - GUI for SELinux Config tool in system-config-selinux
@@ -2093,7 +2133,6 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgengui.py policyc
+ xml.signal_connect("on_exec_select_clicked", self.exec_select)
+ xml.signal_connect("on_add_clicked", self.add)
+ xml.signal_connect("on_add_dir_clicked", self.add_dir)
-+ xml.signal_connect("on_generate_clicked", self.generate_policy)
+ xml.signal_connect("on_about_clicked", self.on_about_clicked)
+
+ def verify(self, message, title="" ):
@@ -2125,9 +2164,19 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgengui.py policyc
+ dlg.run()
+ dlg.destroy()
+
-+ def generate_policy(self, args):
++ def get_type(self):
++ if self.cgi_radiobutton.get_active():
++ return polgen.policy.CGI
++ if self.user_radiobutton.get_active():
++ return polgen.policy.USER
++ if self.init_radiobutton.get_active():
++ return polgen.policy.Daemon
++ if self.inetd_radiobutton.get_active():
++ return polgen.policy.INETD
++
++ def generate_policy(self, *args):
+ try:
-+ my_policy=polgen.policy(self.name_entry.get_text(), self.exec_entry.get_text(), self.type_combobox.get_active())
++ my_policy=polgen.policy(self.name_entry.get_text(), self.exec_entry.get_text(), self.get_type())
+ my_policy.set_in_tcp(self.in_tcp_entry.get_text())
+ my_policy.set_in_udp(self.in_udp_entry.get_text())
+ my_policy.set_out_tcp(self.out_tcp_entry.get_text())
@@ -2145,7 +2194,8 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgengui.py policyc
+ my_policy.add_dir(self.store.get_value(iter, 0))
+ iter= self.store.iter_next(iter)
+
-+ self.info(my_policy.generate())
++ self.info(my_policy.generate(self.output_entry.get_text()))
++ return False
+ except ValueError, e:
+ self.error(e.message)
+
@@ -2156,7 +2206,6 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgengui.py policyc
+ self.view.get_selection().select_path ((0,))
+
+ def __add(self,type):
-+ self.file_dialog.set_select_multiple(1)
+ rc = self.file_dialog.run()
+ self.file_dialog.hide()
+ if rc == gtk.RESPONSE_CANCEL:
@@ -2178,11 +2227,13 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgengui.py policyc
+
+ def add(self, args):
+ self.file_dialog.set_title(_("Select file(s) that confined application creates or writes"))
-+ self.file_dialog.set_action(gtk.FILE_CHOOSER_ACTION_SAVE)
++ self.file_dialog.set_select_multiple(1)
++ self.file_dialog.set_action(gtk.FILE_CHOOSER_ACTION_OPEN)
+ self.__add(FILE)
+
+ def add_dir(self, args):
+ self.file_dialog.set_title(_("Select directory(s) that the confined application owns and writes into"))
++ self.file_dialog.set_select_multiple(0)
+ self.file_dialog.set_action(gtk.FILE_CHOOSER_ACTION_CREATE_FOLDER)
+ self.__add(DIR)
+
@@ -2197,20 +2248,30 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgengui.py policyc
+ def setupScreen(self):
+ # Bring in widgets from glade file.
+ self.mainWindow = self.xml.get_widget("main_window")
-+ self.type_combobox = self.xml.get_widget("type_combobox")
-+ self.type_combobox.set_active(0)
++ self.type = 0
+ self.name_entry = self.xml.get_widget("name_entry")
+ self.exec_entry = self.xml.get_widget("exec_entry")
+ self.in_tcp_entry = self.xml.get_widget("in_tcp_entry")
+ self.in_udp_entry = self.xml.get_widget("in_udp_entry")
+ self.out_tcp_entry = self.xml.get_widget("out_tcp_entry")
++ self.output_entry = self.xml.get_widget("output_entry")
++ self.output_entry.set_text(os.getcwd())
++ self.xml.get_widget("output_button").connect("clicked",self.output_button_clicked)
++
+ self.out_udp_entry = self.xml.get_widget("out_udp_entry")
++ self.user_radiobutton = self.xml.get_widget("user_radiobutton")
++ self.init_radiobutton = self.xml.get_widget("init_radiobutton")
++ self.inetd_radiobutton = self.xml.get_widget("inetd_radiobutton")
++ self.cgi_radiobutton = self.xml.get_widget("cgi_radiobutton")
+ self.tmp_checkbutton = self.xml.get_widget("tmp_checkbutton")
+ self.uid_checkbutton = self.xml.get_widget("uid_checkbutton")
+ self.pam_checkbutton = self.xml.get_widget("pam_checkbutton")
+ self.syslog_checkbutton = self.xml.get_widget("syslog_checkbutton")
+ self.view = self.xml.get_widget("write_treeview")
+ self.file_dialog = self.xml.get_widget("filechooserdialog")
++ self.xml.get_widget("name_page").connect("next",self.on_name_page_next)
++ self.xml.get_widget("finish_page").connect("finish",self.generate_policy)
++
+ self.store = gtk.ListStore(gobject.TYPE_STRING, gobject.TYPE_INT)
+ self.view.set_model(self.store)
+ col = gtk.TreeViewColumn("", gtk.CellRendererText(), text = 0)
@@ -2218,6 +2279,27 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgengui.py policyc
+ self.view.append_column(col)
+ self.view.get_selection().select_path ((0,))
+
++ def output_button_clicked(self, *args):
++ self.file_dialog.set_title(_("Select directory to generate policy files in"))
++ self.file_dialog.set_action(gtk.FILE_CHOOSER_ACTION_SELECT_FOLDER)
++ self.file_dialog.set_select_multiple(0)
++ rc = self.file_dialog.run()
++ self.file_dialog.hide()
++ if rc == gtk.RESPONSE_CANCEL:
++ return
++ self.output_entry.set_text(self.file_dialog.get_filename())
++
++ def on_name_page_next(self, *args):
++ name=self.name_entry.get_text()
++ if name == "":
++ self.error(_("You must enter a name"))
++ return True
++
++ exe = self.exec_entry.get_text()
++ if exe == "":
++ self.error(_("You must enter a executable"))
++ return True
++
+ def stand_alone(self):
+ desktopName = _("Configue SELinux")
+
@@ -2234,8 +2316,8 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgengui.py policyc
+ app.stand_alone()
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycoreutils-2.0.9/gui/polgen.py
--- nsapolicycoreutils/gui/polgen.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.9/gui/polgen.py 2007-04-16 13:26:34.000000000 -0400
-@@ -0,0 +1,440 @@
++++ policycoreutils-2.0.9/gui/polgen.py 2007-04-18 13:14:57.000000000 -0400
+@@ -0,0 +1,455 @@
+#! /usr/bin/python
+# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information
@@ -2258,7 +2340,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore
+# 02111-1307 USA
+#
+#
-+import os, sys, getopt
++import os, sys, getopt, stat
+import re
+from templates import executable
+from templates import var_spool
@@ -2289,19 +2371,19 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore
+class policy:
+ Daemon = 0
+ INETD = 1
-+ UEER = 2
++ USER = 2
+ CGI = 3
+ def __init__(self, name, program, type):
+ ports = seobject.portRecords()
+ self.dict = ports.get_all()
+
+ self.DEFAULT_DIRS = {}
-+ self.DEFAULT_DIRS["rw"] = ["rw", 0, rw];
-+ self.DEFAULT_DIRS["tmp"] = ["tmp", False, tmp];
-+ self.DEFAULT_DIRS["/var/spool"] = ["var_spool", 0, var_spool];
-+ self.DEFAULT_DIRS["/var/lib"] = ["var_lib", 0, var_lib];
-+ self.DEFAULT_DIRS["/var/log"] = ["var_log", 0, var_log];
-+ self.DEFAULT_DIRS["/var/run"] = ["var_run", 0, var_run];
++ self.DEFAULT_DIRS["rw"] = ["rw", [], rw];
++ self.DEFAULT_DIRS["tmp"] = ["tmp", [], tmp];
++ self.DEFAULT_DIRS["/var/spool"] = ["var_spool", [], var_spool];
++ self.DEFAULT_DIRS["/var/lib"] = ["var_lib", [], var_lib];
++ self.DEFAULT_DIRS["/var/log"] = ["var_log", [], var_log];
++ self.DEFAULT_DIRS["/var/run"] = ["var_run", [], var_run];
+
+ self.DEFAULT_TYPES = (( self.generate_daemon_types, self.generate_daemon_rules), ( self.generate_inetd_types, self.generate_inetd_rules), ( self.generate_userapp_types, self.generate_userapp_rules), ( self.generate_cgi_types, self.generate_cgi_rules))
+ if name == "":
@@ -2376,10 +2458,14 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore
+ self.use_pam = val
+
+ def set_use_tmp(self, val):
-+ if val != True and val != False:
-+ raise ValueError(_("use_tmp must be a boolean value "))
++ if val == True:
++ self.DEFAULT_DIRS["tmp"][1].append("/tmp");
++ return
++ if val != False:
++ self.DEFAULT_DIRS["tmp"][1]=[]
++ return
++ raise ValueError(_("use_tmp must be a boolean value "))
+
-+ self.DEFAULT_DIRS["tmp"][1] = val;
+
+ def set_use_uid(self, val):
+ if val != True and val != False:
@@ -2433,9 +2519,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore
+ def __find_path(self, file):
+ for d in self.DEFAULT_DIRS:
+ if file.find(d) == 0:
-+ self.DEFAULT_DIRS[d][1] = self.DEFAULT_DIRS[d][1] + 1
++ self.DEFAULT_DIRS[d][1].append(file)
+ return self.DEFAULT_DIRS[d]
-+ self.DEFAULT_DIRS["rw"][1] = self.DEFAULT_DIRS["rw"][1] + 1
++ self.DEFAULT_DIRS["rw"][1].append(file)
+ return self.DEFAULT_DIRS["rw"]
+
+ def add_file(self, file):
@@ -2527,7 +2613,10 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore
+ for d in self.DEFAULT_DIRS:
+ if self.DEFAULT_DIRS[d][1] > 0:
+ newif += re.sub("TEMPLATETYPE", self.name, self.DEFAULT_DIRS[d][2].if_rules)
-+
++ for i in self.DEFAULT_DIRS[d][1]:
++ if os.path.exists(i) and stat.S_ISSOCK(os.stat(i)[stat.ST_MODE]):
++ newif += re.sub("TEMPLATETYPE", self.name, self.DEFAULT_DIRS[d][2].if_stream_rules)
++ break
+ return newif
+
+ def generate_default_types(self):
@@ -2539,7 +2628,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore
+ def generate_te(self):
+ newte = self.generate_default_types()
+ for d in self.DEFAULT_DIRS:
-+ if self.DEFAULT_DIRS[d][1] > 0:
++ if len(self.DEFAULT_DIRS[d][1]) > 0:
+ # CGI scripts already have a rw_t
+ if self.type != self.CGI or d != "rw":
+ newte += re.sub("TEMPLATETYPE", self.name, self.DEFAULT_DIRS[d][2].te_types)
@@ -2550,8 +2639,12 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore
+
+ newte += self.generate_default_rules()
+ for d in self.DEFAULT_DIRS:
-+ if self.DEFAULT_DIRS[d][1] > 0:
++ if len(self.DEFAULT_DIRS[d][1]) > 0:
+ newte += re.sub("TEMPLATETYPE", self.name, self.DEFAULT_DIRS[d][2].te_rules)
++ for i in self.DEFAULT_DIRS[d][1]:
++ if os.path.exists(i) and stat.S_ISSOCK(os.stat(i)[stat.ST_MODE]):
++ newte += re.sub("TEMPLATETYPE", self.name, self.DEFAULT_DIRS[d][2].te_stream_rules)
++ break
+
+ newte += self.generate_network_rules()
+ if self.use_tmp:
@@ -2574,7 +2667,10 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore
+ newfc += re.sub("TEMPLATETYPE", self.name, t1)
+
+ for i in self.files.keys():
-+ t1 = re.sub("TEMPLATETYPE", self.name, self.files[i][2].fc_file)
++ if os.path.exists(i) and stat.S_ISSOCK(os.stat(i)[stat.ST_MODE]):
++ t1 = re.sub("TEMPLATETYPE", self.name, self.files[i][2].fc_sock_file)
++ else:
++ t1 = re.sub("TEMPLATETYPE", self.name, self.files[i][2].fc_file)
+ t2 = re.sub("FILENAME", i, t1)
+ newfc += re.sub("FILETYPE", self.files[i][0], t2)
+
@@ -2608,40 +2704,40 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore
+
+ return newsh
+
-+ def write_te(self):
-+ tefile = "%s.te" % self.file_name
++ def write_te(self, out_dir):
++ tefile = "%s/%s.te" % (out_dir, self.file_name)
+ fd = open(tefile, "w")
+ fd.write(self.generate_te())
+ fd.close()
+ return tefile
+
-+ def write_sh(self):
-+ shfile = "%s.sh" % self.file_name
++ def write_sh(self, out_dir):
++ shfile = "%s/%s.sh" % (out_dir, self.file_name)
+ fd = open(shfile, "w")
+ fd.write(self.generate_sh())
+ fd.close()
+ return shfile
+
-+ def write_if(self):
-+ iffile = "%s.if" % self.file_name
++ def write_if(self, out_dir):
++ iffile = "%s/%s.if" % (out_dir, self.file_name)
+ fd = open(iffile, "w")
+ fd.write(self.generate_if())
+ fd.close()
+ return iffile
+
-+ def write_fc(self):
-+ fcfile = "%s.fc" % self.file_name
++ def write_fc(self,out_dir):
++ fcfile = "%s/%s.fc" % (out_dir, self.file_name)
+ fd = open(fcfile, "w")
+ fd.write(self.generate_fc())
+ fd.close()
+ return fcfile
+
-+ def generate(self):
++ def generate(self, out_dir = "."):
+ out = "Created the following files:\n"
-+ out += "%-25s %s\n" % (_("Type Enforcment file"), self.write_te())
-+ out += "%-25s %s\n" % (_("Interface file"), self.write_if())
-+ out += "%-25s %s\n" % (_("File Contexts file"), self.write_fc())
-+ out += "%-25s %s\n" % (_("Setup Script"),self.write_sh())
++ out += "%-25s %s\n" % (_("Type Enforcment file"), self.write_te(out_dir))
++ out += "%-25s %s\n" % (_("Interface file"), self.write_if(out_dir))
++ out += "%-25s %s\n" % (_("File Contexts file"), self.write_fc(out_dir))
++ out += "%-25s %s\n" % (_("Setup Script"),self.write_sh(out_dir))
+ return out
+
+def errorExit(error):
@@ -2659,7 +2755,8 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore
+ mypolicy.set_use_tmp(True)
+ mypolicy.set_use_syslog(True)
+ mypolicy.set_use_pam(True)
-+ mypolicy.add_file("/var/run/daemon.pid")
++ mypolicy.add_file("/var/lib/mysql/mysql.sock")
++ mypolicy.add_file("/var/run/rpcbind.sock")
+ mypolicy.add_file("/var/run/daemon.pub")
+ mypolicy.add_file("/var/log/daemon.log")
+ mypolicy.add_dir("/var/lib/daemon")
@@ -2678,7 +2775,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore
+
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/portsPage.py policycoreutils-2.0.9/gui/portsPage.py
--- nsapolicycoreutils/gui/portsPage.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.9/gui/portsPage.py 2007-04-16 13:26:34.000000000 -0400
++++ policycoreutils-2.0.9/gui/portsPage.py 2007-04-18 13:14:57.000000000 -0400
@@ -0,0 +1,227 @@
+## portsPage.py - show selinux mappings
+## Copyright (C) 2006 Red Hat, Inc.
@@ -3187,7 +3284,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/selinux.tbl policyco
+
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/semanagePage.py policycoreutils-2.0.9/gui/semanagePage.py
--- nsapolicycoreutils/gui/semanagePage.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.9/gui/semanagePage.py 2007-04-16 13:26:34.000000000 -0400
++++ policycoreutils-2.0.9/gui/semanagePage.py 2007-04-18 13:14:57.000000000 -0400
@@ -0,0 +1,115 @@
+## semanagePage.py - show selinux mappings
+## Copyright (C) 2006 Red Hat, Inc.
@@ -3306,7 +3403,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/semanagePage.py poli
+
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/statusPage.py policycoreutils-2.0.9/gui/statusPage.py
--- nsapolicycoreutils/gui/statusPage.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.9/gui/statusPage.py 2007-04-16 13:26:34.000000000 -0400
++++ policycoreutils-2.0.9/gui/statusPage.py 2007-04-18 13:14:57.000000000 -0400
@@ -0,0 +1,220 @@
+## statusPage.py - show selinux status
+## Copyright (C) 2006 Red Hat, Inc.
@@ -6568,7 +6665,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinu
+
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinux.py policycoreutils-2.0.9/gui/system-config-selinux.py
--- nsapolicycoreutils/gui/system-config-selinux.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.9/gui/system-config-selinux.py 2007-04-16 13:26:34.000000000 -0400
++++ policycoreutils-2.0.9/gui/system-config-selinux.py 2007-04-18 13:14:57.000000000 -0400
@@ -0,0 +1,169 @@
+#!/usr/bin/python
+#
@@ -6741,7 +6838,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinu
+ app.stand_alone()
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/executable.py policycoreutils-2.0.9/gui/templates/executable.py
--- nsapolicycoreutils/gui/templates/executable.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.9/gui/templates/executable.py 2007-04-16 13:26:34.000000000 -0400
++++ policycoreutils-2.0.9/gui/templates/executable.py 2007-04-18 13:13:36.000000000 -0400
@@ -0,0 +1,156 @@
+#! /usr/bin/env python
+# Copyright (C) 2007 Red Hat
@@ -6901,7 +6998,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/executable
+
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/__init__.py policycoreutils-2.0.9/gui/templates/__init__.py
--- nsapolicycoreutils/gui/templates/__init__.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.9/gui/templates/__init__.py 2007-04-16 13:26:34.000000000 -0400
++++ policycoreutils-2.0.9/gui/templates/__init__.py 2007-04-18 13:13:36.000000000 -0400
@@ -0,0 +1,18 @@
+#
+# Copyright (C) 2007 Red Hat, Inc.
@@ -6923,16 +7020,14 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/__init__.p
+
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/network.py policycoreutils-2.0.9/gui/templates/network.py
--- nsapolicycoreutils/gui/templates/network.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.9/gui/templates/network.py 2007-04-16 13:26:34.000000000 -0400
-@@ -0,0 +1,46 @@
++++ policycoreutils-2.0.9/gui/templates/network.py 2007-04-18 13:13:36.000000000 -0400
+@@ -0,0 +1,44 @@
+te_port_types="""\
-+# Default Networking
+type TEMPLATETYPE_port_t;
+corenet_port_type(TEMPLATETYPE_port_t)
+"""
+
+te_network="""\
-+# Default Networking
+sysnet_dns_name_resolve(TEMPLATETYPE_t)
+corenet_non_ipsec_sendrecv(TEMPLATETYPE_t)
+"""
@@ -6957,7 +7052,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/network.py
+"""
+
+te_udp="""\
-+allow TEMPLATETYPE_t self:udp_socket create_socket_perms;
++allow TEMPLATETYPE_t self:udp_socket { create_socket_perms listen };
+corenet_udp_sendrecv_all_if(TEMPLATETYPE_t)
+corenet_udp_sendrecv_all_nodes(TEMPLATETYPE_t)
+corenet_udp_sendrecv_all_ports(TEMPLATETYPE_t)
@@ -6973,8 +7068,8 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/network.py
+
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/rw.py policycoreutils-2.0.9/gui/templates/rw.py
--- nsapolicycoreutils/gui/templates/rw.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.9/gui/templates/rw.py 2007-04-16 13:26:34.000000000 -0400
-@@ -0,0 +1,106 @@
++++ policycoreutils-2.0.9/gui/templates/rw.py 2007-04-18 13:13:36.000000000 -0400
+@@ -0,0 +1,104 @@
+# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information
+#
@@ -6999,13 +7094,11 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/rw.py poli
+
+########################### tmp Template File #############################
+te_types="""
-+# log files
+type TEMPLATETYPE_rw_t;
+file_type(TEMPLATETYPE_rw_t)
+"""
+
+te_rules="""
-+# tmp files
+allow TEMPLATETYPE_t TEMPLATETYPE_rw_t:file manage_file_perms;
+allow TEMPLATETYPE_t TEMPLATETYPE_rw_t:dir create_dir_perms;
+files_pid_filetrans(TEMPLATETYPE_t,TEMPLATETYPE_rw_t, { file dir })
@@ -7083,7 +7176,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/rw.py poli
+"""
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/script.py policycoreutils-2.0.9/gui/templates/script.py
--- nsapolicycoreutils/gui/templates/script.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.9/gui/templates/script.py 2007-04-17 08:27:34.000000000 -0400
++++ policycoreutils-2.0.9/gui/templates/script.py 2007-04-18 13:13:36.000000000 -0400
@@ -0,0 +1,42 @@
+# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information
@@ -7129,7 +7222,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/script.py
+
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/semodule.py policycoreutils-2.0.9/gui/templates/semodule.py
--- nsapolicycoreutils/gui/templates/semodule.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.9/gui/templates/semodule.py 2007-04-16 13:26:34.000000000 -0400
++++ policycoreutils-2.0.9/gui/templates/semodule.py 2007-04-18 13:13:36.000000000 -0400
@@ -0,0 +1,41 @@
+# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information
@@ -7174,8 +7267,8 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/semodule.p
+
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/tmp.py policycoreutils-2.0.9/gui/templates/tmp.py
--- nsapolicycoreutils/gui/templates/tmp.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.9/gui/templates/tmp.py 2007-04-16 13:26:34.000000000 -0400
-@@ -0,0 +1,74 @@
++++ policycoreutils-2.0.9/gui/templates/tmp.py 2007-04-18 13:13:36.000000000 -0400
+@@ -0,0 +1,72 @@
+# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information
+#
@@ -7200,13 +7293,11 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/tmp.py pol
+########################### tmp Template File #############################
+
+te_types="""
-+# log files
+type TEMPLATETYPE_tmp_t;
+files_tmp_file(TEMPLATETYPE_tmp_t)
+"""
+
+te_rules="""
-+# tmp files
+allow TEMPLATETYPE_t TEMPLATETYPE_tmp_t:file manage_file_perms;
+allow TEMPLATETYPE_t TEMPLATETYPE_tmp_t:dir create_dir_perms;
+files_pid_filetrans(TEMPLATETYPE_t,TEMPLATETYPE_tmp_t, { file dir })
@@ -7252,8 +7343,8 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/tmp.py pol
+"""
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_lib.py policycoreutils-2.0.9/gui/templates/var_lib.py
--- nsapolicycoreutils/gui/templates/var_lib.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.9/gui/templates/var_lib.py 2007-04-16 13:26:34.000000000 -0400
-@@ -0,0 +1,107 @@
++++ policycoreutils-2.0.9/gui/templates/var_lib.py 2007-04-18 13:13:36.000000000 -0400
+@@ -0,0 +1,137 @@
+# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information
+#
@@ -7279,18 +7370,21 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_lib.py
+
+########################### Type Enforcement File #############################
+te_types="""
-+# var/lib files
+type TEMPLATETYPE_var_lib_t;
+files_type(TEMPLATETYPE_var_lib_t)
+"""
+te_rules="""
-+# var/lib files for TEMPLATETYPE
-+allow TEMPLATETYPE_t TEMPLATETYPE_var_lib_t:file create_file_perms;
-+allow TEMPLATETYPE_t TEMPLATETYPE_var_lib_t:sock_file create_file_perms;
-+allow TEMPLATETYPE_t TEMPLATETYPE_var_lib_t:dir create_dir_perms;
-+files_var_lib_filetrans(TEMPLATETYPE_t,TEMPLATETYPE_var_lib_t, { file dir sock_file })
++allow TEMPLATETYPE_t TEMPLATETYPE_var_lib_t:file manage_file_perms;
++allow TEMPLATETYPE_t TEMPLATETYPE_var_lib_t:dir manage_dir_perms;
++files_var_lib_filetrans(TEMPLATETYPE_t,TEMPLATETYPE_var_lib_t, { file dir })
+"""
+
++te_stream_rules="""\
++allow TEMPLATETYPE_t TEMPLATETYPE_var_lib_t:sock_file manage_file_perms;
++files_pid_filetrans(TEMPLATETYPE_t,TEMPLATETYPE_var_lib_t, sock_file)
++"""
++
++
+########################### Interface File #############################
+if_rules="""
+########################################
@@ -7353,18 +7447,45 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_lib.py
+ files_search_var_lib($1)
+')
+"""
++
++if_stream_rules="""
++########################################
++##
++## Connect to TEMPLATETYPE over an unix stream socket.
++##
++##
++##
++## Domain allowed access.
++##
++##
++#
++interface(`TEMPLATETYPE_stream_connect',`
++ gen_require(`
++ type TEMPLATETYPE_t, TEMPLATETYPE_var_lib_t;
++ ')
++
++ files_search_pids($1)
++ allow $1 TEMPLATETYPE_var_lib_t:sock_file write;
++ allow $1 TEMPLATETYPE_t:unix_stream_socket connectto;
++')
++"""
++
+########################### File Context ##################################
+fc_file="""\
+FILENAME -- gen_context(system_u:object_r:TEMPLATETYPE_var_lib_t,s0)
+"""
+
++fc_sock_file="""\
++FILENAME -s gen_context(system_u:object_r:TEMPLATETYPE_var_lib_t,s0)
++"""
++
+fc_dir="""\
+FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_var_lib_t,s0)
+"""
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_log.py policycoreutils-2.0.9/gui/templates/var_log.py
--- nsapolicycoreutils/gui/templates/var_log.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.9/gui/templates/var_log.py 2007-04-16 13:26:34.000000000 -0400
-@@ -0,0 +1,91 @@
++++ policycoreutils-2.0.9/gui/templates/var_log.py 2007-04-18 13:13:36.000000000 -0400
+@@ -0,0 +1,89 @@
+# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information
+#
@@ -7390,13 +7511,11 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_log.py
+
+########################### Type Enforcement File #############################
+te_types="""
-+# log files
+type TEMPLATETYPE_log_t;
+logging_log_file(TEMPLATETYPE_log_t)
+"""
+
+te_rules="""
-+# log files
+allow TEMPLATETYPE_t TEMPLATETYPE_log_t:file manage_file_perms;
+allow TEMPLATETYPE_t TEMPLATETYPE_log_t:dir { rw_dir_perms setattr };
+logging_log_filetrans(TEMPLATETYPE_t,TEMPLATETYPE_log_t,{ file dir })
@@ -7458,8 +7577,8 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_log.py
+"""
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_run.py policycoreutils-2.0.9/gui/templates/var_run.py
--- nsapolicycoreutils/gui/templates/var_run.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.9/gui/templates/var_run.py 2007-04-16 13:26:34.000000000 -0400
-@@ -0,0 +1,93 @@
++++ policycoreutils-2.0.9/gui/templates/var_run.py 2007-04-18 13:13:36.000000000 -0400
+@@ -0,0 +1,95 @@
+# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information
+#
@@ -7484,16 +7603,14 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_run.py
+########################### var_run Template File #############################
+
+te_types="""
-+# pid files
+type TEMPLATETYPE_var_run_t;
+files_pid_file(TEMPLATETYPE_var_run_t)
+"""
+
+te_rules="""
-+# pid file
+allow TEMPLATETYPE_t TEMPLATETYPE_var_run_t:file manage_file_perms;
-+allow TEMPLATETYPE_t TEMPLATETYPE_var_run_t:dir rw_dir_perms;
-+files_pid_filetrans(TEMPLATETYPE_t,TEMPLATETYPE_var_run_t, file)
++allow TEMPLATETYPE_t TEMPLATETYPE_var_run_t:dir manage_dir_perms;
++files_pid_filetrans(TEMPLATETYPE_t,TEMPLATETYPE_var_run_t, { file dir })
+"""
+
+te_stream_rules="""
@@ -7523,7 +7640,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_run.py
+
+"""
+
-+if_stream_rules="""
++if_stream_rules="""\
+########################################
+##
+## Connect to TEMPLATETYPE over an unix stream socket.
@@ -7549,13 +7666,17 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_run.py
+FILENAME -- gen_context(system_u:object_r:TEMPLATETYPE_var_run_t,s0)
+"""
+
++fc_sock_file="""\
++FILENAME -s gen_context(system_u:object_r:TEMPLATETYPE_var_run_t,s0)
++"""
++
+fc_dir="""\
+FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_var_run_t,s0)
+"""
+
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_spool.py policycoreutils-2.0.9/gui/templates/var_spool.py
--- nsapolicycoreutils/gui/templates/var_spool.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.9/gui/templates/var_spool.py 2007-04-16 13:26:34.000000000 -0400
++++ policycoreutils-2.0.9/gui/templates/var_spool.py 2007-04-18 13:13:36.000000000 -0400
@@ -0,0 +1,107 @@
+# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information
@@ -7666,7 +7787,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_spool.
+"""
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/translationsPage.py policycoreutils-2.0.9/gui/translationsPage.py
--- nsapolicycoreutils/gui/translationsPage.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.9/gui/translationsPage.py 2007-04-16 13:26:34.000000000 -0400
++++ policycoreutils-2.0.9/gui/translationsPage.py 2007-04-18 13:14:57.000000000 -0400
@@ -0,0 +1,111 @@
+## translationsPage.py - show selinux translations
+## Copyright (C) 2006 Red Hat, Inc.
@@ -7781,7 +7902,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/translationsPage.py
+ self.store.set_value(iter, 1, translation)
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/usersPage.py policycoreutils-2.0.9/gui/usersPage.py
--- nsapolicycoreutils/gui/usersPage.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.9/gui/usersPage.py 2007-04-16 13:26:34.000000000 -0400
++++ policycoreutils-2.0.9/gui/usersPage.py 2007-04-18 13:14:57.000000000 -0400
@@ -0,0 +1,166 @@
+## usersPage.py - show selinux mappings
+## Copyright (C) 2006 Red Hat, Inc.
diff --git a/policycoreutils.spec b/policycoreutils.spec
index 646a247..2c2b8dd 100644
--- a/policycoreutils.spec
+++ b/policycoreutils.spec
@@ -6,7 +6,7 @@
Summary: SELinux policy core utilities.
Name: policycoreutils
Version: 2.0.9
-Release: 5%{?dist}
+Release: 6%{?dist}
License: GPL
Group: System Environment/Base
Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz
@@ -192,6 +192,9 @@ if [ "$1" -ge "1" ]; then
fi
%changelog
+* Wed Apr 18 2007 Dan Walsh 2.0.9-6
+- Change polgengui to a druid
+
* Tue Apr 16 2007 Dan Walsh 2.0.9-5
- Fully path script.py