diff --git a/policycoreutils-gui.patch b/policycoreutils-gui.patch
index 08b053d..a1ed498 100644
--- a/policycoreutils-gui.patch
+++ b/policycoreutils-gui.patch
@@ -1,7 +1,47 @@
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/booleansPage.py policycoreutils-2.0.50/gui/booleansPage.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/Makefile policycoreutils-2.0.52/gui/Makefile
+--- nsapolicycoreutils/gui/Makefile 1969-12-31 19:00:00.000000000 -0500
++++ policycoreutils-2.0.52/gui/Makefile 2008-07-03 13:15:10.000000000 -0400
+@@ -0,0 +1,36 @@
++# Installation directories.
++PREFIX ?= ${DESTDIR}/usr
++SHAREDIR ?= $(PREFIX)/share/system-config-selinux
++
++TARGETS= \
++booleansPage.py \
++fcontextPage.py \
++loginsPage.py \
++mappingsPage.py \
++modulesPage.py \
++polgen.py \
++polgen.glade \
++portsPage.py \
++lockdown.glade \
++semanagePage.py \
++statusPage.py \
++system-config-selinux.glade \
++translationsPage.py \
++usersPage.py \
++selinux.tbl
++
++all: $(TARGETS) system-config-selinux.py polgengui.py templates lockdown.py
++
++install: all
++ -mkdir -p $(SHAREDIR)/templates
++ install -m 755 system-config-selinux.py $(SHAREDIR)
++ install -m 755 polgengui.py $(SHAREDIR)
++ install -m 755 lockdown.py $(SHAREDIR)
++ install -m 644 $(TARGETS) $(SHAREDIR)
++ install -m 644 templates/*.py $(SHAREDIR)/templates/
++
++clean:
++
++indent:
++
++relabel:
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/booleansPage.py policycoreutils-2.0.52/gui/booleansPage.py
--- nsapolicycoreutils/gui/booleansPage.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.50/gui/booleansPage.py 2008-07-01 14:59:58.000000000 -0400
-@@ -0,0 +1,230 @@
++++ policycoreutils-2.0.52/gui/booleansPage.py 2008-07-03 13:08:37.000000000 -0400
+@@ -0,0 +1,237 @@
+#
+# booleansPage.py - GUI for Booleans page in system-config-securitylevel
+#
@@ -84,6 +124,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/booleansPage.py poli
+class booleansPage:
+ def __init__(self, xml, doDebug=None):
+ self.xml = xml
++ xml.signal_connect("on_lockdown_clicked", self.on_lockdown_clicked)
+ self.window = self.xml.get_widget("mainWindow").get_root_window()
+ self.local = False
+ self.types=[]
@@ -220,6 +261,12 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/booleansPage.py poli
+ commands.getstatusoutput(setsebool)
+ self.ready()
+
++ def on_lockdown_clicked(self, button):
++ try:
++ os.spawnl(os.P_NOWAIT, "/usr/share/system-config-selinux/lockdown.py")
++ except ValueError, e:
++ self.error(e.args[0])
++
+ def on_local_clicked(self, button):
+ self.local = not self.local
+ self.revertButton.set_sensitive(self.local)
@@ -232,9 +279,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/booleansPage.py poli
+ self.load(self.filter)
+ return True
+
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/fcontextPage.py policycoreutils-2.0.50/gui/fcontextPage.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/fcontextPage.py policycoreutils-2.0.52/gui/fcontextPage.py
--- nsapolicycoreutils/gui/fcontextPage.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.50/gui/fcontextPage.py 2008-07-01 14:59:58.000000000 -0400
++++ policycoreutils-2.0.52/gui/fcontextPage.py 2008-07-02 13:43:21.000000000 -0400
@@ -0,0 +1,217 @@
+## fcontextPage.py - show selinux mappings
+## Copyright (C) 2006 Red Hat, Inc.
@@ -453,10 +500,10 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/fcontextPage.py poli
+ self.store.set_value(iter, SPEC_COL, fspec)
+ self.store.set_value(iter, FTYPE_COL, ftype)
+ self.store.set_value(iter, TYPE_COL, "%s:%s" % (type, mls))
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.glade policycoreutils-2.0.50/gui/lockdown.glade
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.glade policycoreutils-2.0.52/gui/lockdown.glade
--- nsapolicycoreutils/gui/lockdown.glade 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.50/gui/lockdown.glade 2008-07-01 14:59:58.000000000 -0400
-@@ -0,0 +1,2065 @@
++++ policycoreutils-2.0.52/gui/lockdown.glade 2008-07-03 12:38:35.000000000 -0400
+@@ -0,0 +1,771 @@
+
+
+
@@ -529,7 +576,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.glade polic
+
+
+
-+
++
+ True
+ gtk-media-next
+ 1
@@ -551,7 +598,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.glade polic
+
+
+
-+
++
+ True
+ gtk-media-previous
+ 1
@@ -565,17 +612,23 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.glade polic
+
+
+
-+
++
++
++
+
++
++
++
++
++
++
++
++
+
+
+
@@ -706,347 +789,316 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.glade polic
+
+
+
-+
-+ True
-+ False
-+ True
-+ GTK_POS_TOP
-+ False
-+ False
++
++ False
++ 0
+
+
-+
++
+ True
+ False
+ 0
+
+
-+
++
+ True
-+ False
++ True
++ GTK_POLICY_ALWAYS
++ GTK_POLICY_ALWAYS
++ GTK_SHADOW_NONE
++ GTK_CORNER_TOP_LEFT
++
++
++
++
++
++
++ 0
++ True
++ True
++
++
++
++
++
++ True
++ GTK_BUTTONBOX_END
+ 0
+
+
-+
++
+ True
++ True
+ True
-+ GTK_POLICY_ALWAYS
-+ GTK_POLICY_ALWAYS
-+ GTK_SHADOW_NONE
-+ GTK_CORNER_TOP_LEFT
-+
-+
-+
-+
++ gtk-apply
++ True
++ GTK_RELIEF_NORMAL
++ True
++
+
-+
-+ 0
-+ True
-+ True
-+
+
+
+
-+
++
+ True
-+ True
-+ 0
++ True
++ True
++ gtk-save-as
++ True
++ GTK_RELIEF_NORMAL
++ True
++
++
++
++
++
++ 0
++ False
++ False
++ GTK_PACK_END
++
++
++
++
++
++ True
++ 0
++
++
++
++ True
++ True
++ GTK_RELIEF_NORMAL
++ True
++ False
++ False
++ True
+
+
-+
++
+ True
-+ True
-+ GTK_RELIEF_NORMAL
-+ True
-+ False
-+ False
-+ True
++ 0.5
++ 0.5
++ 0
++ 0
++ 0
++ 0
++ 0
++ 0
+
+
-+
++
+ True
-+ 0.5
-+ 0.5
-+ 0
-+ 0
-+ 0
-+ 0
-+ 0
-+ 0
++ False
++ 2
+
+
-+
++
+ True
-+ False
-+ 2
-+
-+
-+
-+ True
-+ gtk-yes
-+ 4
-+ 0.5
-+ 0.5
-+ 0
-+ 0
-+
-+
-+ 0
-+ False
-+ False
-+
-+
-+
-+
-+
-+ True
-+ Enable
-+ True
-+ False
-+ GTK_JUSTIFY_LEFT
-+ False
-+ False
-+ 0.5
-+ 0.5
-+ 0
-+ 0
-+ PANGO_ELLIPSIZE_NONE
-+ -1
-+ False
-+ 0
-+
-+
-+ 0
-+ False
-+ False
-+
-+
++ gtk-yes
++ 4
++ 0.5
++ 0.5
++ 0
++ 0
+
++
++ 0
++ False
++ False
++
++
++
++
++
++ Enable
++ True
++ False
++ GTK_JUSTIFY_LEFT
++ False
++ False
++ 0.5
++ 0.5
++ 0
++ 0
++ PANGO_ELLIPSIZE_NONE
++ -1
++ False
++ 0
++
++
++ 0
++ False
++ False
++
+
+
+
+
-+
-+ 0
-+ False
-+ False
-+
+
++
++
++ 0
++ False
++ False
++
++
++
++
++
++ True
++ True
++ GTK_RELIEF_NORMAL
++ True
++ False
++ False
++ True
++ enable_radiobutton
+
+
-+
++
+ True
-+ True
-+ GTK_RELIEF_NORMAL
-+ True
-+ False
-+ False
-+ True
-+ enable_radiobutton
++ 0.5
++ 0.5
++ 0
++ 0
++ 0
++ 0
++ 0
++ 0
+
+
-+
++
+ True
-+ 0.5
-+ 0.5
-+ 0
-+ 0
-+ 0
-+ 0
-+ 0
-+ 0
++ False
++ 2
+
+
-+
++
+ True
-+ False
-+ 2
-+
-+
-+
-+ True
-+ gtk-no
-+ 4
-+ 0.5
-+ 0.5
-+ 0
-+ 0
-+
-+
-+ 0
-+ False
-+ False
-+
-+
-+
-+
-+
-+ True
-+ Disable
-+ True
-+ False
-+ GTK_JUSTIFY_LEFT
-+ False
-+ False
-+ 0.5
-+ 0.5
-+ 0
-+ 0
-+ PANGO_ELLIPSIZE_NONE
-+ -1
-+ False
-+ 0
-+
-+
-+ 0
-+ False
-+ False
-+
-+
++ gtk-no
++ 4
++ 0.5
++ 0.5
++ 0
++ 0
+
++
++ 0
++ False
++ False
++
++
++
++
++
++ True
++ Disable
++ True
++ False
++ GTK_JUSTIFY_LEFT
++ False
++ False
++ 0.5
++ 0.5
++ 0
++ 0
++ PANGO_ELLIPSIZE_NONE
++ -1
++ False
++ 0
++
++
++ 0
++ False
++ False
++
+
+
+
+
-+
-+ 0
-+ False
-+ False
-+
+
++
++
++ 0
++ False
++ False
++
++
++
++
++
++ True
++ True
++ GTK_RELIEF_NORMAL
++ True
++ False
++ False
++ True
++ enable_radiobutton
+
+
-+
++
+ True
-+ True
-+ GTK_RELIEF_NORMAL
-+ True
-+ False
-+ False
-+ True
-+ enable_radiobutton
++ 0.5
++ 0.5
++ 0
++ 0
++ 0
++ 0
++ 0
++ 0
+
+
-+
++
+ True
-+ 0.5
-+ 0.5
-+ 0
-+ 0
-+ 0
-+ 0
-+ 0
-+ 0
++ False
++ 2
+
+
-+
++
+ True
-+ False
-+ 2
-+
-+
-+
-+ True
-+ gtk-undo
-+ 4
-+ 0.5
-+ 0.5
-+ 0
-+ 0
-+
-+
-+ 0
-+ False
-+ False
-+
-+
-+
-+
-+
-+ True
-+ Default
-+ True
-+ False
-+ GTK_JUSTIFY_LEFT
-+ False
-+ False
-+ 0.5
-+ 0.5
-+ 0
-+ 0
-+ PANGO_ELLIPSIZE_NONE
-+ -1
-+ False
-+ 0
-+
-+
-+ 0
-+ False
-+ False
-+
-+
++ gtk-undo
++ 4
++ 0.5
++ 0.5
++ 0
++ 0
+
++
++ 0
++ False
++ False
++
++
++
++
++
++ True
++ Default
++ True
++ False
++ GTK_JUSTIFY_LEFT
++ False
++ False
++ 0.5
++ 0.5
++ 0
++ 0
++ PANGO_ELLIPSIZE_NONE
++ -1
++ False
++ 0
++
++
++ 0
++ False
++ False
++
+
+
+
+
-+
-+ 0
-+ False
-+ False
-+
-+
-+
-+
-+ 11
-+ False
-+ False
-+
-+
-+
-+
-+
-+ True
-+ GTK_BUTTONBOX_END
-+ 0
-+
-+
-+
-+ True
-+ True
-+ True
-+ gtk-cancel
-+ True
-+ GTK_RELIEF_NORMAL
-+ True
-+
-+
-+
-+
-+
-+
-+ True
-+ True
-+ True
-+ gtk-media-previous
-+ True
-+ GTK_RELIEF_NORMAL
-+ True
-+
-+
-+
-+
-+
-+
-+ True
-+ True
-+ True
-+ gtk-media-forward
-+ True
-+ GTK_RELIEF_NORMAL
-+ True
-+
-+
+
+
+
@@ -1057,291 +1109,55 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.glade polic
+
+
+
-+ 0
-+ True
-+ True
-+
-+
-+
-+
-+ False
-+ True
-+
-+
-+
-+
-+
-+ True
-+ label37
-+ False
-+ False
-+ GTK_JUSTIFY_LEFT
-+ False
-+ False
-+ 0.5
-+ 0.5
-+ 0
-+ 0
-+ PANGO_ELLIPSIZE_NONE
-+ -1
-+ False
-+ 0
-+
-+
-+ tab
-+
-+
-+
-+
-+
-+ True
-+ False
-+ 0
-+
-+
-+
-+ True
-+ GTK_ORIENTATION_HORIZONTAL
-+ GTK_TOOLBAR_BOTH
-+ True
-+ True
-+
-+
-+
-+ True
-+ Revert boolean setting to system default
-+ gtk-revert-to-saved
-+ True
-+ True
-+ False
-+
-+
-+
-+ False
-+ True
-+
-+
-+
-+
-+
-+ True
-+ Toggle between Customized and All Booleans
-+ Customized
-+ True
-+ gtk-find
-+ True
-+ True
-+ False
-+
-+
-+
-+ False
-+ True
-+
-+
-+
-+
-+ 0
++ 11
+ False
+ False
+
+
+
+
-+
++
+ True
-+ False
++ GTK_BUTTONBOX_END
+ 0
+
+
-+
-+ True
-+ Filter
-+ False
-+ False
-+ GTK_JUSTIFY_LEFT
-+ False
-+ False
-+ 0.5
-+ 0.5
-+ 0
-+ 0
-+ PANGO_ELLIPSIZE_NONE
-+ -1
-+ False
-+ 0
-+
-+
-+ 10
-+ False
-+ False
-+
-+
-+
-+
-+
++
+ True
++ True
+ True
-+ True
-+ True
-+ 0
-+
-+ True
-+ •
-+ False
-+
++ gtk-quit
++ True
++ GTK_RELIEF_NORMAL
++ True
++
+
-+
-+ 0
-+ True
-+ True
-+
+
-+
-+
-+ 10
-+ False
-+ True
-+
-+
-+
-+
-+
-+ True
-+ True
-+ GTK_POLICY_ALWAYS
-+ GTK_POLICY_ALWAYS
-+ GTK_SHADOW_NONE
-+ GTK_CORNER_TOP_LEFT
+
+
-+
++
+ True
++ True
+ True
-+ True
-+ False
-+ False
-+ True
-+ False
-+ False
-+ False
++ gtk-media-previous
++ True
++ GTK_RELIEF_NORMAL
++ True
++
+
+
-+
-+
-+ 0
-+ True
-+ True
-+
-+
-+
-+
-+ False
-+ True
-+
-+
-+
-+
-+
-+ True
-+ label50
-+ False
-+ False
-+ GTK_JUSTIFY_LEFT
-+ False
-+ False
-+ 0.5
-+ 0.5
-+ 0
-+ 0
-+ PANGO_ELLIPSIZE_NONE
-+ -1
-+ False
-+ 0
-+
-+
-+ tab
-+
-+
-+
-+
-+
-+ True
-+ False
-+ 0
-+
-+
-+
-+ True
-+ GTK_ORIENTATION_HORIZONTAL
-+ GTK_TOOLBAR_BOTH
-+ True
-+ True
-+
-+
-+
-+ True
-+ Add File Context
-+ gtk-add
-+ True
-+ True
-+ False
-+
-+
-+
-+ False
-+ True
-+
-+
+
+
-+
++
+ True
-+ Modify File Context
-+ gtk-properties
-+ True
-+ True
-+ False
-+
++ True
++ True
++ gtk-media-forward
++ True
++ GTK_RELIEF_NORMAL
++ True
++
+
-+
-+ False
-+ True
-+
-+
-+
-+
-+
-+ True
-+ Delete File Context
-+ gtk-delete
-+ True
-+ True
-+ False
-+
-+
-+
-+ False
-+ True
-+
-+
-+
-+
-+
-+ True
-+ Toggle between all and customized file context
-+ Customized
-+ True
-+ gtk-find
-+ True
-+ True
-+ False
-+
-+
-+
-+ False
-+ True
-+
+
+
+
@@ -1350,1145 +1166,11 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.glade polic
+ False
+
+
-+
-+
-+
-+ True
-+ False
-+ 0
-+
-+
-+
-+ True
-+ Filter
-+ False
-+ False
-+ GTK_JUSTIFY_LEFT
-+ False
-+ False
-+ 0.5
-+ 0.5
-+ 0
-+ 0
-+ PANGO_ELLIPSIZE_NONE
-+ -1
-+ False
-+ 0
-+
-+
-+ 10
-+ False
-+ False
-+
-+
-+
-+
-+
-+ True
-+ True
-+ True
-+ True
-+ 0
-+
-+ True
-+ •
-+ False
-+
-+
-+
-+ 0
-+ True
-+ True
-+
-+
-+
-+
-+ 0
-+ False
-+ False
-+
-+
-+
-+
-+
-+ True
-+ True
-+ GTK_POLICY_ALWAYS
-+ GTK_POLICY_ALWAYS
-+ GTK_SHADOW_NONE
-+ GTK_CORNER_TOP_LEFT
-+
-+
-+
-+ True
-+ True
-+ True
-+ False
-+ False
-+ True
-+ False
-+ False
-+ False
-+
-+
-+
-+
-+ 0
-+ True
-+ True
-+
-+
+
+
-+ False
-+ True
-+
-+
-+
-+
-+
-+ True
-+ label38
-+ False
-+ False
-+ GTK_JUSTIFY_LEFT
-+ False
-+ False
-+ 0.5
-+ 0.5
-+ 0
-+ 0
-+ PANGO_ELLIPSIZE_NONE
-+ -1
-+ False
-+ 0
-+
-+
-+ tab
-+
-+
-+
-+
-+
-+ True
-+ False
-+ 0
-+
-+
-+
-+ True
-+ GTK_ORIENTATION_HORIZONTAL
-+ GTK_TOOLBAR_BOTH
-+ True
-+ True
-+
-+
-+
-+ True
-+ Add SELinux User Mapping
-+ gtk-add
-+ True
-+ True
-+ False
-+
-+
-+
-+ False
-+ True
-+
-+
-+
-+
-+
-+ True
-+ Modify SELinux User Mapping
-+ gtk-properties
-+ True
-+ True
-+ False
-+
-+
-+
-+ False
-+ True
-+
-+
-+
-+
-+
-+ True
-+ Delete SELinux User Mapping
-+ gtk-delete
-+ True
-+ True
-+ False
-+
-+
-+
-+ False
-+ True
-+
-+
-+
-+
-+ 0
-+ False
-+ False
-+
-+
-+
-+
-+
-+ True
-+ False
-+ 0
-+
-+
-+
-+ True
-+ Filter
-+ False
-+ False
-+ GTK_JUSTIFY_LEFT
-+ False
-+ False
-+ 0.5
-+ 0.5
-+ 0
-+ 0
-+ PANGO_ELLIPSIZE_NONE
-+ -1
-+ False
-+ 0
-+
-+
-+ 10
-+ False
-+ False
-+
-+
-+
-+
-+
-+ True
-+ True
-+ True
-+ True
-+ 0
-+
-+ True
-+ •
-+ False
-+
-+
-+
-+ 0
-+ True
-+ True
-+
-+
-+
-+
-+ 5
-+ False
-+ True
-+
-+
-+
-+
-+
-+ True
-+ True
-+ GTK_POLICY_ALWAYS
-+ GTK_POLICY_ALWAYS
-+ GTK_SHADOW_NONE
-+ GTK_CORNER_TOP_LEFT
-+
-+
-+
-+ True
-+ True
-+ True
-+ False
-+ False
-+ True
-+ False
-+ False
-+ False
-+
-+
-+
-+
-+ 0
-+ True
-+ True
-+
-+
-+
-+
-+ False
-+ True
-+
-+
-+
-+
-+
-+ True
-+ label39
-+ False
-+ False
-+ GTK_JUSTIFY_LEFT
-+ False
-+ False
-+ 0.5
-+ 0.5
-+ 0
-+ 0
-+ PANGO_ELLIPSIZE_NONE
-+ -1
-+ False
-+ 0
-+
-+
-+ tab
-+
-+
-+
-+
-+
-+ True
-+ False
-+ 0
-+
-+
-+
-+ True
-+ GTK_ORIENTATION_HORIZONTAL
-+ GTK_TOOLBAR_BOTH
-+ True
-+ True
-+
-+
-+
-+ True
-+ Add Translation
-+ gtk-add
-+ True
-+ True
-+ False
-+
-+
-+
-+ False
-+ True
-+
-+
-+
-+
-+
-+ True
-+ Modify Translation
-+ gtk-properties
-+ True
-+ True
-+ False
-+
-+
-+
-+ False
-+ True
-+
-+
-+
-+
-+
-+ True
-+ Delete Translation
-+ gtk-delete
-+ True
-+ True
-+ False
-+
-+
-+
-+ False
-+ True
-+
-+
-+
-+
-+ 0
-+ False
-+ False
-+
-+
-+
-+
-+
-+ True
-+ False
-+ 0
-+
-+
-+
-+ True
-+ Filter
-+ False
-+ False
-+ GTK_JUSTIFY_LEFT
-+ False
-+ False
-+ 0.5
-+ 0.5
-+ 0
-+ 0
-+ PANGO_ELLIPSIZE_NONE
-+ -1
-+ False
-+ 0
-+
-+
-+ 10
-+ False
-+ False
-+
-+
-+
-+
-+
-+ True
-+ True
-+ True
-+ True
-+ 0
-+
-+ True
-+ •
-+ False
-+
-+
-+
-+ 0
-+ True
-+ True
-+
-+
-+
-+
-+ 5
-+ False
-+ True
-+
-+
-+
-+
-+
-+ True
-+ True
-+ GTK_POLICY_ALWAYS
-+ GTK_POLICY_ALWAYS
-+ GTK_SHADOW_NONE
-+ GTK_CORNER_TOP_LEFT
-+
-+
-+
-+ True
-+ True
-+ True
-+ False
-+ False
-+ True
-+ False
-+ False
-+ False
-+
-+
-+
-+
-+ 0
-+ True
-+ True
-+
-+
-+
-+
-+ False
-+ True
-+
-+
-+
-+
-+
-+ True
-+ label41
-+ False
-+ False
-+ GTK_JUSTIFY_LEFT
-+ False
-+ False
-+ 0.5
-+ 0.5
-+ 0
-+ 0
-+ PANGO_ELLIPSIZE_NONE
-+ -1
-+ False
-+ 0
-+
-+
-+ tab
-+
-+
-+
-+
-+
-+ True
-+ False
-+ 0
-+
-+
-+
-+ True
-+ GTK_ORIENTATION_HORIZONTAL
-+ GTK_TOOLBAR_BOTH
-+ True
-+ True
-+
-+
-+
-+ True
-+ Add SELinux User
-+ gtk-add
-+ True
-+ True
-+ False
-+
-+
-+
-+ False
-+ True
-+
-+
-+
-+
-+
-+ True
-+ Modify SELinux User
-+ gtk-properties
-+ True
-+ True
-+ False
-+
-+
-+
-+ False
-+ True
-+
-+
-+
-+
-+
-+ True
-+ Add SELinux User
-+ gtk-delete
-+ True
-+ True
-+ False
-+
-+
-+
-+ False
-+ True
-+
-+
-+
-+
-+ 0
-+ False
-+ False
-+
-+
-+
-+
-+
-+ True
-+ False
-+ 0
-+
-+
-+
-+ True
-+ Filter
-+ False
-+ False
-+ GTK_JUSTIFY_LEFT
-+ False
-+ False
-+ 0.5
-+ 0.5
-+ 0
-+ 0
-+ PANGO_ELLIPSIZE_NONE
-+ -1
-+ False
-+ 0
-+
-+
-+ 10
-+ False
-+ False
-+
-+
-+
-+
-+
-+ True
-+ True
-+ True
-+ True
-+ 0
-+
-+ True
-+ •
-+ False
-+
-+
-+
-+ 0
-+ True
-+ True
-+
-+
-+
-+
-+ 5
-+ False
-+ True
-+
-+
-+
-+
-+
-+ True
-+ True
-+ GTK_POLICY_ALWAYS
-+ GTK_POLICY_ALWAYS
-+ GTK_SHADOW_NONE
-+ GTK_CORNER_TOP_LEFT
-+
-+
-+
-+ True
-+ True
-+ True
-+ False
-+ False
-+ True
-+ False
-+ False
-+ False
-+
-+
-+
-+
-+ 0
-+ True
-+ True
-+
-+
-+
-+
-+ False
-+ True
-+
-+
-+
-+
-+
-+ True
-+ label40
-+ False
-+ False
-+ GTK_JUSTIFY_LEFT
-+ False
-+ False
-+ 0.5
-+ 0.5
-+ 0
-+ 0
-+ PANGO_ELLIPSIZE_NONE
-+ -1
-+ False
-+ 0
-+
-+
-+ tab
-+
-+
-+
-+
-+
-+ True
-+ False
-+ 0
-+
-+
-+
-+ True
-+ GTK_ORIENTATION_HORIZONTAL
-+ GTK_TOOLBAR_BOTH
-+ False
-+ True
-+
-+
-+
-+ True
-+ Add Network Port
-+ gtk-add
-+ True
-+ True
-+ False
-+
-+
-+
-+ False
-+ True
-+
-+
-+
-+
-+
-+ True
-+ Edit Network Port
-+ gtk-properties
-+ True
-+ True
-+ False
-+
-+
-+
-+ False
-+ True
-+
-+
-+
-+
-+
-+ True
-+ Delete Network Port
-+ gtk-delete
-+ True
-+ True
-+ False
-+
-+
-+
-+ False
-+ True
-+
-+
-+
-+
-+
-+ True
-+ True
-+ True
-+ False
-+
-+
-+
-+ 32
-+ True
-+
-+
-+
-+
-+ False
-+ False
-+
-+
-+
-+
-+
-+ True
-+ Toggle between Customized and All Ports
-+ Group View
-+ True
-+ gtk-indent
-+ True
-+ True
-+ False
-+
-+
-+
-+ False
-+ True
-+
-+
-+
-+
-+
-+ True
-+ Toggle between Customized and All Ports
-+ Customized
-+ True
-+ gtk-find
-+ True
-+ True
-+ False
-+
-+
-+
-+ False
-+ True
-+
-+
-+
-+
-+ 0
-+ False
-+ False
-+
-+
-+
-+
-+
-+ True
-+ False
-+ 0
-+
-+
-+
-+ True
-+ Filter
-+ False
-+ False
-+ GTK_JUSTIFY_LEFT
-+ False
-+ False
-+ 0.5
-+ 0.5
-+ 0
-+ 0
-+ PANGO_ELLIPSIZE_NONE
-+ -1
-+ False
-+ 0
-+
-+
-+ 10
-+ False
-+ False
-+
-+
-+
-+
-+
-+ True
-+ True
-+ True
-+ True
-+ 0
-+
-+ True
-+ •
-+ False
-+
-+
-+
-+ 0
-+ True
-+ True
-+
-+
-+
-+
-+ 5
-+ False
-+ True
-+
-+
-+
-+
-+
-+ True
-+ True
-+ GTK_POLICY_ALWAYS
-+ GTK_POLICY_ALWAYS
-+ GTK_SHADOW_NONE
-+ GTK_CORNER_TOP_LEFT
-+
-+
-+
-+ True
-+ True
-+ True
-+ False
-+ False
-+ True
-+ False
-+ False
-+ False
-+
-+
-+
-+
-+ 0
-+ True
-+ True
-+
-+
-+
-+
-+ False
-+ True
-+
-+
-+
-+
-+
-+ True
-+ label42
-+ False
-+ False
-+ GTK_JUSTIFY_LEFT
-+ False
-+ False
-+ 0.5
-+ 0.5
-+ 0
-+ 0
-+ PANGO_ELLIPSIZE_NONE
-+ -1
-+ False
-+ 0
-+
-+
-+ tab
-+
-+
-+
-+
-+
-+ True
-+ False
-+ 0
-+
-+
-+
-+ True
-+ GTK_ORIENTATION_HORIZONTAL
-+ GTK_TOOLBAR_BOTH
-+ True
-+ True
-+
-+
-+
-+ True
-+ Generate new policy module
-+ gtk-new
-+ True
-+ True
-+ False
-+
-+
-+
-+ False
-+ True
-+
-+
-+
-+
-+
-+ True
-+ Load policy module
-+ gtk-add
-+ True
-+ True
-+ False
-+
-+
-+
-+ False
-+ True
-+
-+
-+
-+
-+
-+ True
-+ Remove loadable policy module
-+ gtk-remove
-+ True
-+ True
-+ False
-+
-+
-+
-+ False
-+ True
-+
-+
-+
-+
-+
-+ True
-+ True
-+ True
-+ False
-+
-+
-+
-+ 10
-+ True
-+
-+
-+
-+
-+ False
-+ False
-+
-+
-+
-+
-+
-+ True
-+ Enable/Disable additional audit rules, that are normally not reported in the log files.
-+ Enable Audit
-+ True
-+ gtk-zoom-in
-+ True
-+ True
-+ False
-+
-+
-+
-+ False
-+ True
-+
-+
-+
-+
-+ 0
-+ False
-+ False
-+
-+
-+
-+
-+
-+ True
-+ False
-+ 0
-+
-+
-+
-+ True
-+ Filter
-+ False
-+ False
-+ GTK_JUSTIFY_LEFT
-+ False
-+ False
-+ 0.5
-+ 0.5
-+ 0
-+ 0
-+ PANGO_ELLIPSIZE_NONE
-+ -1
-+ False
-+ 0
-+
-+
-+ 10
-+ False
-+ False
-+
-+
-+
-+
-+
-+ True
-+ True
-+ True
-+ True
-+ 0
-+
-+ True
-+ •
-+ False
-+
-+
-+
-+ 0
-+ True
-+ True
-+
-+
-+
-+
-+ 5
-+ False
-+ True
-+
-+
-+
-+
-+
-+ True
-+ True
-+ GTK_POLICY_ALWAYS
-+ GTK_POLICY_ALWAYS
-+ GTK_SHADOW_NONE
-+ GTK_CORNER_TOP_LEFT
-+
-+
-+
-+ True
-+ True
-+ True
-+ False
-+ False
-+ True
-+ False
-+ False
-+ False
-+
-+
-+
-+
-+ 0
-+ True
-+ True
-+
-+
-+
-+
-+ False
-+ True
-+
-+
-+
-+
-+
-+ True
-+ label44
-+ False
-+ False
-+ GTK_JUSTIFY_LEFT
-+ False
-+ False
-+ 0.5
-+ 0.5
-+ 0
-+ 0
-+ PANGO_ELLIPSIZE_NONE
-+ -1
-+ False
-+ 0
-+
-+
-+ tab
++ 0
++ True
++ True
+
+
+
@@ -2521,2079 +1203,81 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.glade polic
+
+
+
-+
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.glade.bak policycoreutils-2.0.50/gui/lockdown.glade.bak
---- nsapolicycoreutils/gui/lockdown.glade.bak 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.50/gui/lockdown.glade.bak 2008-07-01 14:59:58.000000000 -0400
-@@ -0,0 +1,2065 @@
-+
-+
-+
-+
-+
-+
-+
-+
++
+ 5
-+ False
-+ system-config-selinux
-+ Copyright (c)2006 Red Hat, Inc.
-+Copyright (c) 2006 Dan Walsh <dwalsh@redhat.com>
-+ False
-+ Daniel Walsh <dwalsh@redhat.com>
-+
-+ translator-credits
-+ system-config-selinux.png
-+
-+
-+
-+ 800
-+ 500
-+ SELinux Boolean Lockdown
++ Select file name to save boolean settings.
++ GTK_FILE_CHOOSER_ACTION_SAVE
++ True
++ False
++ False
++ False
++ Save Boolean Configuration File
+ GTK_WINDOW_TOPLEVEL
-+ GTK_WIN_POS_NONE
++ GTK_WIN_POS_MOUSE
+ False
+ True
+ False
-+ system-config-selinux.png
+ True
+ False
+ False
-+ GDK_WINDOW_TYPE_HINT_NORMAL
++ GDK_WINDOW_TYPE_HINT_DIALOG
+ GDK_GRAVITY_NORTH_WEST
+ True
+ False
-+ True
+
-+
-+
++
++
+ True
-+ True
++ False
++ 2
+
-+
-+
++
++
+ True
-+ GTK_SHADOW_NONE
++ GTK_BUTTONBOX_END
+
+
-+
+
-+
-+
-+
-+
-+
-+
-+
++
++
++ True
++ True
++ True
++ True
++ gtk-save
++ True
++ GTK_RELIEF_NORMAL
++ True
++ -5
+
+
+
+
-+ BONOBO_DOCK_TOP
-+ 0
-+ 0
-+ 0
-+ BONOBO_DOCK_ITEM_BEH_EXCLUSIVE|BONOBO_DOCK_ITEM_BEH_NEVER_VERTICAL|BONOBO_DOCK_ITEM_BEH_LOCKED
++ 0
++ False
++ True
++ GTK_PACK_END
+
+
-+
-+
-+
-+ True
-+ True
-+ 0
-+
-+
-+
-+ 5
-+ True
-+ 0
-+ 0.5
-+ GTK_SHADOW_NONE
-+
-+
-+
-+ True
-+ 0.5
-+ 0.5
-+ 1
-+ 1
-+ 0
-+ 0
-+ 12
-+ 0
-+
-+
-+
-+ True
-+ True
-+ GTK_POLICY_ALWAYS
-+ GTK_POLICY_ALWAYS
-+ GTK_SHADOW_NONE
-+ GTK_CORNER_TOP_LEFT
-+
-+
-+
-+ 300
-+ True
-+ Select Management Object
-+ True
-+ False
-+ False
-+ False
-+ True
-+ False
-+ False
-+ False
-+
-+
-+
-+
-+
-+
-+
-+
-+
-+ True
-+ <b>Select:</b>
-+ False
-+ True
-+ GTK_JUSTIFY_LEFT
-+ False
-+ False
-+ 0.5
-+ 0.5
-+ 0
-+ 0
-+ PANGO_ELLIPSIZE_NONE
-+ -1
-+ False
-+ 0
-+
-+
-+ label_item
-+
-+
-+
-+
-+ False
-+ False
-+
-+
-+
-+
-+
-+ True
-+ False
-+ True
-+ GTK_POS_TOP
-+ False
-+ False
-+
-+
-+
-+ True
-+ False
-+ 0
-+
-+
-+
-+ True
-+ False
-+ 0
-+
-+
-+
-+ True
-+ True
-+ GTK_POLICY_ALWAYS
-+ GTK_POLICY_ALWAYS
-+ GTK_SHADOW_NONE
-+ GTK_CORNER_TOP_LEFT
-+
-+
-+
-+
-+
-+
-+ 0
-+ True
-+ True
-+
-+
-+
-+
-+
-+ True
-+ True
-+ 0
-+
-+
-+
-+ True
-+ True
-+ GTK_RELIEF_NORMAL
-+ True
-+ False
-+ False
-+ True
-+
-+
-+
-+ True
-+ 0.5
-+ 0.5
-+ 0
-+ 0
-+ 0
-+ 0
-+ 0
-+ 0
-+
-+
-+
-+ True
-+ False
-+ 2
-+
-+
-+
-+ True
-+ gtk-yes
-+ 4
-+ 0.5
-+ 0.5
-+ 0
-+ 0
-+
-+
-+ 0
-+ False
-+ False
-+
-+
-+
-+
-+
-+ True
-+ Enable
-+ True
-+ False
-+ GTK_JUSTIFY_LEFT
-+ False
-+ False
-+ 0.5
-+ 0.5
-+ 0
-+ 0
-+ PANGO_ELLIPSIZE_NONE
-+ -1
-+ False
-+ 0
-+
-+
-+ 0
-+ False
-+ False
-+
-+
-+
-+
-+
-+
-+
-+
-+ 0
-+ False
-+ False
-+
-+
-+
-+
-+
-+ True
-+ True
-+ GTK_RELIEF_NORMAL
-+ True
-+ False
-+ False
-+ True
-+ enable_radiobutton
-+
-+
-+
-+ True
-+ 0.5
-+ 0.5
-+ 0
-+ 0
-+ 0
-+ 0
-+ 0
-+ 0
-+
-+
-+
-+ True
-+ False
-+ 2
-+
-+
-+
-+ True
-+ gtk-no
-+ 4
-+ 0.5
-+ 0.5
-+ 0
-+ 0
-+
-+
-+ 0
-+ False
-+ False
-+
-+
-+
-+
-+
-+ True
-+ Disable
-+ True
-+ False
-+ GTK_JUSTIFY_LEFT
-+ False
-+ False
-+ 0.5
-+ 0.5
-+ 0
-+ 0
-+ PANGO_ELLIPSIZE_NONE
-+ -1
-+ False
-+ 0
-+
-+
-+ 0
-+ False
-+ False
-+
-+
-+
-+
-+
-+
-+
-+
-+ 0
-+ False
-+ False
-+
-+
-+
-+
-+
-+ True
-+ True
-+ GTK_RELIEF_NORMAL
-+ True
-+ False
-+ False
-+ True
-+ enable_radiobutton
-+
-+
-+
-+ True
-+ 0.5
-+ 0.5
-+ 0
-+ 0
-+ 0
-+ 0
-+ 0
-+ 0
-+
-+
-+
-+ True
-+ False
-+ 2
-+
-+
-+
-+ True
-+ gtk-undo
-+ 4
-+ 0.5
-+ 0.5
-+ 0
-+ 0
-+
-+
-+ 0
-+ False
-+ False
-+
-+
-+
-+
-+
-+ True
-+ Default
-+ True
-+ False
-+ GTK_JUSTIFY_LEFT
-+ False
-+ False
-+ 0.5
-+ 0.5
-+ 0
-+ 0
-+ PANGO_ELLIPSIZE_NONE
-+ -1
-+ False
-+ 0
-+
-+
-+ 0
-+ False
-+ False
-+
-+
-+
-+
-+
-+
-+
-+
-+ 0
-+ False
-+ False
-+
-+
-+
-+
-+ 11
-+ False
-+ False
-+
-+
-+
-+
-+
-+ True
-+ GTK_BUTTONBOX_END
-+ 0
-+
-+
-+
-+ True
-+ True
-+ True
-+ gtk-cancel
-+ True
-+ GTK_RELIEF_NORMAL
-+ True
-+
-+
-+
-+
-+
-+
-+ True
-+ True
-+ True
-+ gtk-media-previous
-+ True
-+ GTK_RELIEF_NORMAL
-+ True
-+
-+
-+
-+
-+
-+
-+ True
-+ True
-+ True
-+ gtk-media-forward
-+ True
-+ GTK_RELIEF_NORMAL
-+ True
-+
-+
-+
-+
-+
-+ 0
-+ False
-+ False
-+
-+
-+
-+
-+ 0
-+ True
-+ True
-+
-+
-+
-+
-+ False
-+ True
-+
-+
-+
-+
-+
-+ True
-+ label37
-+ False
-+ False
-+ GTK_JUSTIFY_LEFT
-+ False
-+ False
-+ 0.5
-+ 0.5
-+ 0
-+ 0
-+ PANGO_ELLIPSIZE_NONE
-+ -1
-+ False
-+ 0
-+
-+
-+ tab
-+
-+
-+
-+
-+
-+ True
-+ False
-+ 0
-+
-+
-+
-+ True
-+ GTK_ORIENTATION_HORIZONTAL
-+ GTK_TOOLBAR_BOTH
-+ True
-+ True
-+
-+
-+
-+ True
-+ Revert boolean setting to system default
-+ gtk-revert-to-saved
-+ True
-+ True
-+ False
-+
-+
-+
-+ False
-+ True
-+
-+
-+
-+
-+
-+ True
-+ Toggle between Customized and All Booleans
-+ Customized
-+ True
-+ gtk-find
-+ True
-+ True
-+ False
-+
-+
-+
-+ False
-+ True
-+
-+
-+
-+
-+ 0
-+ False
-+ False
-+
-+
-+
-+
-+
-+ True
-+ False
-+ 0
-+
-+
-+
-+ True
-+ Filter
-+ False
-+ False
-+ GTK_JUSTIFY_LEFT
-+ False
-+ False
-+ 0.5
-+ 0.5
-+ 0
-+ 0
-+ PANGO_ELLIPSIZE_NONE
-+ -1
-+ False
-+ 0
-+
-+
-+ 10
-+ False
-+ False
-+
-+
-+
-+
-+
-+ True
-+ True
-+ True
-+ True
-+ 0
-+
-+ True
-+ •
-+ False
-+
-+
-+
-+ 0
-+ True
-+ True
-+
-+
-+
-+
-+ 10
-+ False
-+ True
-+
-+
-+
-+
-+
-+ True
-+ True
-+ GTK_POLICY_ALWAYS
-+ GTK_POLICY_ALWAYS
-+ GTK_SHADOW_NONE
-+ GTK_CORNER_TOP_LEFT
-+
-+
-+
-+ True
-+ True
-+ True
-+ False
-+ False
-+ True
-+ False
-+ False
-+ False
-+
-+
-+
-+
-+ 0
-+ True
-+ True
-+
-+
-+
-+
-+ False
-+ True
-+
-+
-+
-+
-+
-+ True
-+ label50
-+ False
-+ False
-+ GTK_JUSTIFY_LEFT
-+ False
-+ False
-+ 0.5
-+ 0.5
-+ 0
-+ 0
-+ PANGO_ELLIPSIZE_NONE
-+ -1
-+ False
-+ 0
-+
-+
-+ tab
-+
-+
-+
-+
-+
-+ True
-+ False
-+ 0
-+
-+
-+
-+ True
-+ GTK_ORIENTATION_HORIZONTAL
-+ GTK_TOOLBAR_BOTH
-+ True
-+ True
-+
-+
-+
-+ True
-+ Add File Context
-+ gtk-add
-+ True
-+ True
-+ False
-+
-+
-+
-+ False
-+ True
-+
-+
-+
-+
-+
-+ True
-+ Modify File Context
-+ gtk-properties
-+ True
-+ True
-+ False
-+
-+
-+
-+ False
-+ True
-+
-+
-+
-+
-+
-+ True
-+ Delete File Context
-+ gtk-delete
-+ True
-+ True
-+ False
-+
-+
-+
-+ False
-+ True
-+
-+
-+
-+
-+
-+ True
-+ Toggle between all and customized file context
-+ Customized
-+ True
-+ gtk-find
-+ True
-+ True
-+ False
-+
-+
-+
-+ False
-+ True
-+
-+
-+
-+
-+ 0
-+ False
-+ False
-+
-+
-+
-+
-+
-+ True
-+ False
-+ 0
-+
-+
-+
-+ True
-+ Filter
-+ False
-+ False
-+ GTK_JUSTIFY_LEFT
-+ False
-+ False
-+ 0.5
-+ 0.5
-+ 0
-+ 0
-+ PANGO_ELLIPSIZE_NONE
-+ -1
-+ False
-+ 0
-+
-+
-+ 10
-+ False
-+ False
-+
-+
-+
-+
-+
-+ True
-+ True
-+ True
-+ True
-+ 0
-+
-+ True
-+ •
-+ False
-+
-+
-+
-+ 0
-+ True
-+ True
-+
-+
-+
-+
-+ 0
-+ False
-+ False
-+
-+
-+
-+
-+
-+ True
-+ True
-+ GTK_POLICY_ALWAYS
-+ GTK_POLICY_ALWAYS
-+ GTK_SHADOW_NONE
-+ GTK_CORNER_TOP_LEFT
-+
-+
-+
-+ True
-+ True
-+ True
-+ False
-+ False
-+ True
-+ False
-+ False
-+ False
-+
-+
-+
-+
-+ 0
-+ True
-+ True
-+
-+
-+
-+
-+ False
-+ True
-+
-+
-+
-+
-+
-+ True
-+ label38
-+ False
-+ False
-+ GTK_JUSTIFY_LEFT
-+ False
-+ False
-+ 0.5
-+ 0.5
-+ 0
-+ 0
-+ PANGO_ELLIPSIZE_NONE
-+ -1
-+ False
-+ 0
-+
-+
-+ tab
-+
-+
-+
-+
-+
-+ True
-+ False
-+ 0
-+
-+
-+
-+ True
-+ GTK_ORIENTATION_HORIZONTAL
-+ GTK_TOOLBAR_BOTH
-+ True
-+ True
-+
-+
-+
-+ True
-+ Add SELinux User Mapping
-+ gtk-add
-+ True
-+ True
-+ False
-+
-+
-+
-+ False
-+ True
-+
-+
-+
-+
-+
-+ True
-+ Modify SELinux User Mapping
-+ gtk-properties
-+ True
-+ True
-+ False
-+
-+
-+
-+ False
-+ True
-+
-+
-+
-+
-+
-+ True
-+ Delete SELinux User Mapping
-+ gtk-delete
-+ True
-+ True
-+ False
-+
-+
-+
-+ False
-+ True
-+
-+
-+
-+
-+ 0
-+ False
-+ False
-+
-+
-+
-+
-+
-+ True
-+ False
-+ 0
-+
-+
-+
-+ True
-+ Filter
-+ False
-+ False
-+ GTK_JUSTIFY_LEFT
-+ False
-+ False
-+ 0.5
-+ 0.5
-+ 0
-+ 0
-+ PANGO_ELLIPSIZE_NONE
-+ -1
-+ False
-+ 0
-+
-+
-+ 10
-+ False
-+ False
-+
-+
-+
-+
-+
-+ True
-+ True
-+ True
-+ True
-+ 0
-+
-+ True
-+ •
-+ False
-+
-+
-+
-+ 0
-+ True
-+ True
-+
-+
-+
-+
-+ 5
-+ False
-+ True
-+
-+
-+
-+
-+
-+ True
-+ True
-+ GTK_POLICY_ALWAYS
-+ GTK_POLICY_ALWAYS
-+ GTK_SHADOW_NONE
-+ GTK_CORNER_TOP_LEFT
-+
-+
-+
-+ True
-+ True
-+ True
-+ False
-+ False
-+ True
-+ False
-+ False
-+ False
-+
-+
-+
-+
-+ 0
-+ True
-+ True
-+
-+
-+
-+
-+ False
-+ True
-+
-+
-+
-+
-+
-+ True
-+ label39
-+ False
-+ False
-+ GTK_JUSTIFY_LEFT
-+ False
-+ False
-+ 0.5
-+ 0.5
-+ 0
-+ 0
-+ PANGO_ELLIPSIZE_NONE
-+ -1
-+ False
-+ 0
-+
-+
-+ tab
-+
-+
-+
-+
-+
-+ True
-+ False
-+ 0
-+
-+
-+
-+ True
-+ GTK_ORIENTATION_HORIZONTAL
-+ GTK_TOOLBAR_BOTH
-+ True
-+ True
-+
-+
-+
-+ True
-+ Add Translation
-+ gtk-add
-+ True
-+ True
-+ False
-+
-+
-+
-+ False
-+ True
-+
-+
-+
-+
-+
-+ True
-+ Modify Translation
-+ gtk-properties
-+ True
-+ True
-+ False
-+
-+
-+
-+ False
-+ True
-+
-+
-+
-+
-+
-+ True
-+ Delete Translation
-+ gtk-delete
-+ True
-+ True
-+ False
-+
-+
-+
-+ False
-+ True
-+
-+
-+
-+
-+ 0
-+ False
-+ False
-+
-+
-+
-+
-+
-+ True
-+ False
-+ 0
-+
-+
-+
-+ True
-+ Filter
-+ False
-+ False
-+ GTK_JUSTIFY_LEFT
-+ False
-+ False
-+ 0.5
-+ 0.5
-+ 0
-+ 0
-+ PANGO_ELLIPSIZE_NONE
-+ -1
-+ False
-+ 0
-+
-+
-+ 10
-+ False
-+ False
-+
-+
-+
-+
-+
-+ True
-+ True
-+ True
-+ True
-+ 0
-+
-+ True
-+ •
-+ False
-+
-+
-+
-+ 0
-+ True
-+ True
-+
-+
-+
-+
-+ 5
-+ False
-+ True
-+
-+
-+
-+
-+
-+ True
-+ True
-+ GTK_POLICY_ALWAYS
-+ GTK_POLICY_ALWAYS
-+ GTK_SHADOW_NONE
-+ GTK_CORNER_TOP_LEFT
-+
-+
-+
-+ True
-+ True
-+ True
-+ False
-+ False
-+ True
-+ False
-+ False
-+ False
-+
-+
-+
-+
-+ 0
-+ True
-+ True
-+
-+
-+
-+
-+ False
-+ True
-+
-+
-+
-+
-+
-+ True
-+ label41
-+ False
-+ False
-+ GTK_JUSTIFY_LEFT
-+ False
-+ False
-+ 0.5
-+ 0.5
-+ 0
-+ 0
-+ PANGO_ELLIPSIZE_NONE
-+ -1
-+ False
-+ 0
-+
-+
-+ tab
-+
-+
-+
-+
-+
-+ True
-+ False
-+ 0
-+
-+
-+
-+ True
-+ GTK_ORIENTATION_HORIZONTAL
-+ GTK_TOOLBAR_BOTH
-+ True
-+ True
-+
-+
-+
-+ True
-+ Add SELinux User
-+ gtk-add
-+ True
-+ True
-+ False
-+
-+
-+
-+ False
-+ True
-+
-+
-+
-+
-+
-+ True
-+ Modify SELinux User
-+ gtk-properties
-+ True
-+ True
-+ False
-+
-+
-+
-+ False
-+ True
-+
-+
-+
-+
-+
-+ True
-+ Add SELinux User
-+ gtk-delete
-+ True
-+ True
-+ False
-+
-+
-+
-+ False
-+ True
-+
-+
-+
-+
-+ 0
-+ False
-+ False
-+
-+
-+
-+
-+
-+ True
-+ False
-+ 0
-+
-+
-+
-+ True
-+ Filter
-+ False
-+ False
-+ GTK_JUSTIFY_LEFT
-+ False
-+ False
-+ 0.5
-+ 0.5
-+ 0
-+ 0
-+ PANGO_ELLIPSIZE_NONE
-+ -1
-+ False
-+ 0
-+
-+
-+ 10
-+ False
-+ False
-+
-+
-+
-+
-+
-+ True
-+ True
-+ True
-+ True
-+ 0
-+
-+ True
-+ •
-+ False
-+
-+
-+
-+ 0
-+ True
-+ True
-+
-+
-+
-+
-+ 5
-+ False
-+ True
-+
-+
-+
-+
-+
-+ True
-+ True
-+ GTK_POLICY_ALWAYS
-+ GTK_POLICY_ALWAYS
-+ GTK_SHADOW_NONE
-+ GTK_CORNER_TOP_LEFT
-+
-+
-+
-+ True
-+ True
-+ True
-+ False
-+ False
-+ True
-+ False
-+ False
-+ False
-+
-+
-+
-+
-+ 0
-+ True
-+ True
-+
-+
-+
-+
-+ False
-+ True
-+
-+
-+
-+
-+
-+ True
-+ label40
-+ False
-+ False
-+ GTK_JUSTIFY_LEFT
-+ False
-+ False
-+ 0.5
-+ 0.5
-+ 0
-+ 0
-+ PANGO_ELLIPSIZE_NONE
-+ -1
-+ False
-+ 0
-+
-+
-+ tab
-+
-+
-+
-+
-+
-+ True
-+ False
-+ 0
-+
-+
-+
-+ True
-+ GTK_ORIENTATION_HORIZONTAL
-+ GTK_TOOLBAR_BOTH
-+ False
-+ True
-+
-+
-+
-+ True
-+ Add Network Port
-+ gtk-add
-+ True
-+ True
-+ False
-+
-+
-+
-+ False
-+ True
-+
-+
-+
-+
-+
-+ True
-+ Edit Network Port
-+ gtk-properties
-+ True
-+ True
-+ False
-+
-+
-+
-+ False
-+ True
-+
-+
-+
-+
-+
-+ True
-+ Delete Network Port
-+ gtk-delete
-+ True
-+ True
-+ False
-+
-+
-+
-+ False
-+ True
-+
-+
-+
-+
-+
-+ True
-+ True
-+ True
-+ False
-+
-+
-+
-+ 32
-+ True
-+
-+
-+
-+
-+ False
-+ False
-+
-+
-+
-+
-+
-+ True
-+ Toggle between Customized and All Ports
-+ Group View
-+ True
-+ gtk-indent
-+ True
-+ True
-+ False
-+
-+
-+
-+ False
-+ True
-+
-+
-+
-+
-+
-+ True
-+ Toggle between Customized and All Ports
-+ Customized
-+ True
-+ gtk-find
-+ True
-+ True
-+ False
-+
-+
-+
-+ False
-+ True
-+
-+
-+
-+
-+ 0
-+ False
-+ False
-+
-+
-+
-+
-+
-+ True
-+ False
-+ 0
-+
-+
-+
-+ True
-+ Filter
-+ False
-+ False
-+ GTK_JUSTIFY_LEFT
-+ False
-+ False
-+ 0.5
-+ 0.5
-+ 0
-+ 0
-+ PANGO_ELLIPSIZE_NONE
-+ -1
-+ False
-+ 0
-+
-+
-+ 10
-+ False
-+ False
-+
-+
-+
-+
-+
-+ True
-+ True
-+ True
-+ True
-+ 0
-+
-+ True
-+ •
-+ False
-+
-+
-+
-+ 0
-+ True
-+ True
-+
-+
-+
-+
-+ 5
-+ False
-+ True
-+
-+
-+
-+
-+
-+ True
-+ True
-+ GTK_POLICY_ALWAYS
-+ GTK_POLICY_ALWAYS
-+ GTK_SHADOW_NONE
-+ GTK_CORNER_TOP_LEFT
-+
-+
-+
-+ True
-+ True
-+ True
-+ False
-+ False
-+ True
-+ False
-+ False
-+ False
-+
-+
-+
-+
-+ 0
-+ True
-+ True
-+
-+
-+
-+
-+ False
-+ True
-+
-+
-+
-+
-+
-+ True
-+ label42
-+ False
-+ False
-+ GTK_JUSTIFY_LEFT
-+ False
-+ False
-+ 0.5
-+ 0.5
-+ 0
-+ 0
-+ PANGO_ELLIPSIZE_NONE
-+ -1
-+ False
-+ 0
-+
-+
-+ tab
-+
-+
-+
-+
-+
-+ True
-+ False
-+ 0
-+
-+
-+
-+ True
-+ GTK_ORIENTATION_HORIZONTAL
-+ GTK_TOOLBAR_BOTH
-+ True
-+ True
-+
-+
-+
-+ True
-+ Generate new policy module
-+ gtk-new
-+ True
-+ True
-+ False
-+
-+
-+
-+ False
-+ True
-+
-+
-+
-+
-+
-+ True
-+ Load policy module
-+ gtk-add
-+ True
-+ True
-+ False
-+
-+
-+
-+ False
-+ True
-+
-+
-+
-+
-+
-+ True
-+ Remove loadable policy module
-+ gtk-remove
-+ True
-+ True
-+ False
-+
-+
-+
-+ False
-+ True
-+
-+
-+
-+
-+
-+ True
-+ True
-+ True
-+ False
-+
-+
-+
-+ 10
-+ True
-+
-+
-+
-+
-+ False
-+ False
-+
-+
-+
-+
-+
-+ True
-+ Enable/Disable additional audit rules, that are normally not reported in the log files.
-+ Enable Audit
-+ True
-+ gtk-zoom-in
-+ True
-+ True
-+ False
-+
-+
-+
-+ False
-+ True
-+
-+
-+
-+
-+ 0
-+ False
-+ False
-+
-+
-+
-+
-+
-+ True
-+ False
-+ 0
-+
-+
-+
-+ True
-+ Filter
-+ False
-+ False
-+ GTK_JUSTIFY_LEFT
-+ False
-+ False
-+ 0.5
-+ 0.5
-+ 0
-+ 0
-+ PANGO_ELLIPSIZE_NONE
-+ -1
-+ False
-+ 0
-+
-+
-+ 10
-+ False
-+ False
-+
-+
-+
-+
-+
-+ True
-+ True
-+ True
-+ True
-+ 0
-+
-+ True
-+ •
-+ False
-+
-+
-+
-+ 0
-+ True
-+ True
-+
-+
-+
-+
-+ 5
-+ False
-+ True
-+
-+
-+
-+
-+
-+ True
-+ True
-+ GTK_POLICY_ALWAYS
-+ GTK_POLICY_ALWAYS
-+ GTK_SHADOW_NONE
-+ GTK_CORNER_TOP_LEFT
-+
-+
-+
-+ True
-+ True
-+ True
-+ False
-+ False
-+ True
-+ False
-+ False
-+ False
-+
-+
-+
-+
-+ 0
-+ True
-+ True
-+
-+
-+
-+
-+ False
-+ True
-+
-+
-+
-+
-+
-+ True
-+ label44
-+ False
-+ False
-+ GTK_JUSTIFY_LEFT
-+ False
-+ False
-+ 0.5
-+ 0.5
-+ 0
-+ 0
-+ PANGO_ELLIPSIZE_NONE
-+ -1
-+ False
-+ 0
-+
-+
-+ tab
-+
-+
-+
-+
-+ True
-+ True
-+
-+
-+
-+
+
-+
-+ 0
-+ True
-+ True
-+
-+
-+
-+
-+
-+ True
-+ True
-+ True
-+
-+
-+ 0
-+ True
-+ True
-+
+
+
+
+
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.gladep policycoreutils-2.0.50/gui/lockdown.gladep
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.gladep policycoreutils-2.0.52/gui/lockdown.gladep
--- nsapolicycoreutils/gui/lockdown.gladep 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.50/gui/lockdown.gladep 2008-07-01 14:59:58.000000000 -0400
++++ policycoreutils-2.0.52/gui/lockdown.gladep 2008-07-02 13:43:21.000000000 -0400
@@ -0,0 +1,7 @@
+
+
@@ -4602,21 +1286,10 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.gladep poli
+
+
+
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.gladep.bak policycoreutils-2.0.50/gui/lockdown.gladep.bak
---- nsapolicycoreutils/gui/lockdown.gladep.bak 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.50/gui/lockdown.gladep.bak 2008-07-01 14:59:58.000000000 -0400
-@@ -0,0 +1,7 @@
-+
-+
-+
-+
-+
-+
-+
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.py policycoreutils-2.0.50/gui/lockdown.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.py policycoreutils-2.0.52/gui/lockdown.py
--- nsapolicycoreutils/gui/lockdown.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.50/gui/lockdown.py 2008-07-01 14:59:58.000000000 -0400
-@@ -0,0 +1,331 @@
++++ policycoreutils-2.0.52/gui/lockdown.py 2008-07-03 12:38:24.000000000 -0400
+@@ -0,0 +1,382 @@
+#!/usr/bin/python
+#
+# lockdown.py - GUI for Booleans page in system-config-securitylevel
@@ -4649,6 +1322,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.py policyco
+import selinux
+import seobject
+import gtkhtml2
++import commands
++import tempfile
++
+from html_util import *
+
+gnome.program_init("SELinux Boolean Lockdown Tool", "5")
@@ -4706,13 +1382,17 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.py policyco
+ xml.signal_connect("on_cancel_clicked", self.cancel)
+ xml.signal_connect("on_forward_clicked", self.forward)
+ xml.signal_connect("on_previous_clicked", self.previous)
++ xml.signal_connect("on_save_clicked", self.save)
++ xml.signal_connect("on_apply_clicked", self.apply)
+ self.xml = xml
+ self.mainWindow = self.xml.get_widget("mainWindow")
++ self.forwardbutton = self.xml.get_widget("forwardButton")
+ self.window = self.xml.get_widget("mainWindow").get_root_window()
+ self.busy_cursor = gtk.gdk.Cursor(gtk.gdk.WATCH)
+ self.ready_cursor = gtk.gdk.Cursor(gtk.gdk.LEFT_PTR)
+ self.radiobox = self.xml.get_widget("radiobox")
-+
++ self.savebox = self.xml.get_widget("savebox")
++ self.file_dialog = self.xml.get_widget("filechooserdialog")
+ self.vbox = self.xml.get_widget("vbox")
+ self.enable_radiobutton = self.xml.get_widget("enable_radiobutton")
+ self.enable_radiobutton.connect("toggled", self.toggled)
@@ -4721,7 +1401,6 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.py policyco
+ self.default_radiobutton = self.xml.get_widget("default_radiobutton")
+ self.default_radiobutton.connect("toggled", self.toggled)
+ self.html_scrolledwindow = self.xml.get_widget("html_scrolledwindow")
-+
+ self.view = xml.get_widget("booleanView")
+ self.view.get_selection().connect("changed", self.itemSelected)
+
@@ -4792,6 +1471,46 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.py policyco
+ def cancel(self, args):
+ gtk.main_quit()
+
++ def error(self, message):
++ dlg = gtk.MessageDialog(None, 0, gtk.MESSAGE_ERROR,
++ gtk.BUTTONS_CLOSE,
++ message)
++ dlg.set_position(gtk.WIN_POS_MOUSE)
++ dlg.show_all()
++ dlg.run()
++ dlg.destroy()
++
++ def __out(self):
++ out = ''
++ for c in self.booldict.keys():
++ for b in self.booldict[c]:
++ out += "%s=%s\n" % (b, self.booldict[c][b][0])
++ return out
++
++ def save(self, args):
++ self.file_dialog.set_action(gtk.FILE_CHOOSER_ACTION_SAVE)
++ rc = self.file_dialog.run()
++ self.file_dialog.hide()
++ if rc == gtk.RESPONSE_OK:
++ try:
++ fd = open(self.file_dialog.get_filename(), "w")
++ fd.write(self.__out())
++ fd.close()
++
++ except IOError, e:
++ self.error(e)
++
++ def apply(self, args):
++ fd = tempfile.NamedTemporaryFile(dir = "/var/lib/selinux")
++ fd.write(self.__out())
++ fd.flush()
++ self.wait()
++ rc, err = commands.getstatusoutput("semanage boolean -m -F %s" % fd.name)
++ self.ready()
++ fd.close()
++ if rc != 0:
++ self.error(err)
++
+ def forward(self, args):
+ selection = self.view.get_selection()
+ store, iter = selection.get_selected()
@@ -4886,7 +1605,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.py policyco
+ cats = self.booldict.keys()
+ cats.sort()
+ for cat in cats:
-+ html += self.html_table((_("Category: ") + cat), self.html_cat(cat))
++ html += self.html_table((_("Category: %s
") % cat), self.html_cat(cat))
+ return html
+
+ def itemSelected(self, selection):
@@ -4907,23 +1626,26 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.py policyco
+ html = ''
+
+ self.radiobox.hide()
++ self.savebox.hide()
++
+ if self.name == _("Begin"):
-+ html += self.html_head(_("Welcome to the SELinux Lockdown Tool, Blah Blah, Blah"))
++ html += self.html_head(_("Welcome to the SELinux Lockdown Tool.
This tool can be used to lockdown SELinux booleans.The tool will generate a configuration file which can be used to lockdown this system or other SELinux systems.
"))
+ html += self.html_all()
+ else:
+ if self.name == _("Finish"):
+ if self.cat != None:
-+ cat_finish="%s %s %s" % (_("Categories: "),self.cat,_("Finish"))
-+ html += self.html_all(cat_finish, self.html_cat(self.cat))
++ html += self.html_head(_("Category %s booleans completed
") % self.cat)
++ html += self.html_table(_("Current settings:
"), self.html_cat(self.cat))
+ else:
-+ html += self.html_head(self.name)
++ html += self.html_head(_("Finish:
"))
+ html += self.html_all()
++ self.savebox.show()
+ else:
+ if self.store.iter_has_child(iter):
-+ html += self.html_table(_("Category: ") + self.name, self.html_cat(self.name))
++ html += self.html_table(_("Category: %s
Current Settings
") % self.name, self.html_cat(self.name))
+ else:
+ self.radiobox.show()
-+ html += self.html_table(_("Boolean: ") + self.name, tr_fmt % td_fmt(self.booleans.get_desc(self.name)))
++ html += self.html_table(_("Boolean: %s
") % self.name, tr_fmt % td_fmt(self.booleans.get_desc(self.name)))
+ if self.booldict[self.cat][self.name][0] == ENABLE:
+ self.enable_radiobutton.set_active(True)
+ if self.booldict[self.cat][self.name][0] == DISABLE:
@@ -4941,6 +1663,8 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.py policyco
+ self.mainWindow.connect("destroy", self.cancel)
+
+ self.mainWindow.show_all()
++ self.radiobox.hide()
++ self.savebox.hide()
+ gtk.main()
+
+if __name__ == "__main__":
@@ -4948,9 +1672,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.py policyco
+
+ app = booleanWindow()
+ app.stand_alone()
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/loginsPage.py policycoreutils-2.0.50/gui/loginsPage.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/loginsPage.py policycoreutils-2.0.52/gui/loginsPage.py
--- nsapolicycoreutils/gui/loginsPage.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.50/gui/loginsPage.py 2008-07-01 14:59:58.000000000 -0400
++++ policycoreutils-2.0.52/gui/loginsPage.py 2008-07-02 13:43:21.000000000 -0400
@@ -0,0 +1,185 @@
+## loginsPage.py - show selinux mappings
+## Copyright (C) 2006 Red Hat, Inc.
@@ -5137,50 +1861,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/loginsPage.py policy
+ self.store.set_value(iter, 1, seuser)
+ self.store.set_value(iter, 2, seobject.translate(serange))
+
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/Makefile policycoreutils-2.0.50/gui/Makefile
---- nsapolicycoreutils/gui/Makefile 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.50/gui/Makefile 2008-07-01 21:56:24.000000000 -0400
-@@ -0,0 +1,37 @@
-+# Installation directories.
-+PREFIX ?= ${DESTDIR}/usr
-+SHAREDIR ?= $(PREFIX)/share/system-config-selinux
-+
-+TARGETS= \
-+booleansPage.py \
-+fcontextPage.py \
-+loginsPage.py \
-+mappingsPage.py \
-+modulesPage.py \
-+polgen.py \
-+polgen.glade \
-+portsPage.py \
-+lockdown.py \
-+lockdown.glade \
-+semanagePage.py \
-+statusPage.py \
-+system-config-selinux.glade \
-+translationsPage.py \
-+usersPage.py \
-+selinux.tbl
-+
-+all: $(TARGETS) system-config-selinux.py polgengui.py templates
-+
-+install: all
-+ -mkdir -p $(SHAREDIR)/templates
-+ install -m 755 system-config-selinux.py $(SHAREDIR)
-+ install -m 755 polgengui.py $(SHAREDIR)
-+ install -m 755 lockdown.py $(SHAREDIR)
-+ install -m 644 $(TARGETS) $(SHAREDIR)
-+ install -m 644 templates/*.py $(SHAREDIR)/templates/
-+
-+clean:
-+
-+indent:
-+
-+relabel:
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/mappingsPage.py policycoreutils-2.0.50/gui/mappingsPage.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/mappingsPage.py policycoreutils-2.0.52/gui/mappingsPage.py
--- nsapolicycoreutils/gui/mappingsPage.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.50/gui/mappingsPage.py 2008-07-01 14:59:58.000000000 -0400
++++ policycoreutils-2.0.52/gui/mappingsPage.py 2008-07-02 13:43:21.000000000 -0400
@@ -0,0 +1,56 @@
+## mappingsPage.py - show selinux mappings
+## Copyright (C) 2006 Red Hat, Inc.
@@ -5238,9 +1921,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/mappingsPage.py poli
+ for k in keys:
+ print "%-25s %-25s %-25s" % (k, dict[k][0], translate(dict[k][1]))
+
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/modulesPage.py policycoreutils-2.0.50/gui/modulesPage.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/modulesPage.py policycoreutils-2.0.52/gui/modulesPage.py
--- nsapolicycoreutils/gui/modulesPage.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.50/gui/modulesPage.py 2008-07-01 14:59:58.000000000 -0400
++++ policycoreutils-2.0.52/gui/modulesPage.py 2008-07-02 13:43:21.000000000 -0400
@@ -0,0 +1,195 @@
+## modulesPage.py - show selinux mappings
+## Copyright (C) 2006 Red Hat, Inc.
@@ -5437,9 +2120,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/modulesPage.py polic
+
+
+
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.glade policycoreutils-2.0.50/gui/polgen.glade
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.glade policycoreutils-2.0.52/gui/polgen.glade
--- nsapolicycoreutils/gui/polgen.glade 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.50/gui/polgen.glade 2008-07-01 14:59:58.000000000 -0400
++++ policycoreutils-2.0.52/gui/polgen.glade 2008-07-02 13:43:21.000000000 -0400
@@ -0,0 +1,3284 @@
+
+
@@ -8725,636 +5408,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.glade policyc
+
+
+
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgengui.py policycoreutils-2.0.50/gui/polgengui.py
---- nsapolicycoreutils/gui/polgengui.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.50/gui/polgengui.py 2008-07-01 14:59:58.000000000 -0400
-@@ -0,0 +1,623 @@
-+#!/usr/bin/python -E
-+#
-+# polgengui.py - GUI for SELinux Config tool in system-config-selinux
-+#
-+# Dan Walsh
-+#
-+# Copyright 2007, 2008 Red Hat, Inc.
-+#
-+# This program is free software; you can redistribute it and/or modify
-+# it under the terms of the GNU General Public License as published by
-+# the Free Software Foundation; either version 2 of the License, or
-+# (at your option) any later version.
-+#
-+# This program is distributed in the hope that it will be useful,
-+# but WITHOUT ANY WARRANTY; without even the implied warranty of
-+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-+# GNU General Public License for more details.
-+#
-+# You should have received a copy of the GNU General Public License
-+# along with this program; if not, write to the Free Software
-+# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
-+#
-+import signal
-+import string
-+import gtk
-+import gtk.glade
-+import os
-+import gobject
-+import gnome
-+import sys
-+import polgen
-+import re
-+import commands
-+
-+
-+##
-+## I18N
-+##
-+PROGNAME="system-config-selinux"
-+
-+import gettext
-+gettext.bindtextdomain(PROGNAME, "/usr/share/locale")
-+gettext.textdomain(PROGNAME)
-+try:
-+ gettext.install(PROGNAME,
-+ localedir="/usr/share/locale",
-+ unicode=False,
-+ codeset = 'utf-8')
-+except IOError:
-+ import __builtin__
-+ __builtin__.__dict__['_'] = unicode
-+
-+gnome.program_init("SELinux Policy Generation Tool", "5")
-+
-+version = "1.0"
-+
-+sys.path.append('/usr/share/system-config-selinux')
-+sys.path.append('.')
-+
-+# From John Hunter http://www.daa.com.au/pipermail/pygtk/2003-February/004454.html
-+def foreach(model, path, iter, selected):
-+ selected.append(model.get_value(iter, 0))
-+
-+##
-+## Pull in the Glade file
-+##
-+if os.access("polgen.glade", os.F_OK):
-+ xml = gtk.glade.XML ("polgen.glade", domain=PROGNAME)
-+else:
-+ xml = gtk.glade.XML ("/usr/share/system-config-selinux/polgen.glade", domain=PROGNAME)
-+
-+FILE = 1
-+DIR = 2
-+
-+class childWindow:
-+ START_PAGE = 0
-+ SELECT_TYPE_PAGE = 1
-+ APP_PAGE = 2
-+ EXISTING_USER_PAGE = 3
-+ TRANSITION_PAGE = 4
-+ USER_TRANSITION_PAGE = 5
-+ ADMIN_PAGE = 6
-+ ROLE_PAGE = 7
-+ IN_NET_PAGE = 8
-+ OUT_NET_PAGE = 9
-+ COMMON_APPS_PAGE = 10
-+ FILES_PAGE = 11
-+ BOOLEAN_PAGE = 12
-+ SELECT_DIR_PAGE = 13
-+ GEN_POLICY_PAGE = 14
-+ GEN_USER_POLICY_PAGE = 15
-+
-+ def __init__(self):
-+ self.xml = xml
-+ self.all_types=polgen.get_all_types()
-+ self.all_modules=polgen.get_all_modules()
-+ self.name=""
-+ xml.signal_connect("on_delete_clicked", self.delete)
-+ xml.signal_connect("on_delete_boolean_clicked", self.delete_boolean)
-+ xml.signal_connect("on_exec_select_clicked", self.exec_select)
-+ xml.signal_connect("on_init_script_select_clicked", self.init_script_select)
-+ xml.signal_connect("on_add_clicked", self.add)
-+ xml.signal_connect("on_add_boolean_clicked", self.add_boolean)
-+ xml.signal_connect("on_add_dir_clicked", self.add_dir)
-+ xml.signal_connect("on_about_clicked", self.on_about_clicked)
-+ xml.get_widget ("cancel_button").connect("clicked",self.quit)
-+ self.forward_button = xml.get_widget ("forward_button")
-+ self.forward_button.connect("clicked",self.forward)
-+ self.back_button = xml.get_widget ("back_button")
-+ self.back_button.connect("clicked",self.back)
-+
-+ self.boolean_dialog = xml.get_widget ("boolean_dialog")
-+ self.boolean_name_entry = xml.get_widget ("boolean_name_entry")
-+ self.boolean_description_entry = xml.get_widget ("boolean_description_entry")
-+
-+ self.notebook = xml.get_widget ("notebook1")
-+ self.pages={}
-+ self.finish_page = [ self.GEN_POLICY_PAGE, self.GEN_USER_POLICY_PAGE ]
-+ for i in polgen.USERS:
-+ self.pages[i] = [ self.START_PAGE, self.SELECT_TYPE_PAGE, self.APP_PAGE, self.TRANSITION_PAGE, self.ROLE_PAGE, self.IN_NET_PAGE, self.OUT_NET_PAGE, self.BOOLEAN_PAGE, self.SELECT_DIR_PAGE, self.GEN_USER_POLICY_PAGE]
-+ self.pages[polgen.RUSER] = [ self.START_PAGE, self.SELECT_TYPE_PAGE, self.APP_PAGE, self.ADMIN_PAGE, self.USER_TRANSITION_PAGE, self.IN_NET_PAGE, self.OUT_NET_PAGE, self.BOOLEAN_PAGE, self.SELECT_DIR_PAGE, self.GEN_USER_POLICY_PAGE]
-+ self.pages[polgen.LUSER] = [ self.START_PAGE, self.SELECT_TYPE_PAGE, self.APP_PAGE, self.TRANSITION_PAGE, self.IN_NET_PAGE, self.OUT_NET_PAGE, self.BOOLEAN_PAGE, self.SELECT_DIR_PAGE, self.GEN_USER_POLICY_PAGE]
-+
-+ self.pages[polgen.EUSER] = [ self.START_PAGE, self.SELECT_TYPE_PAGE, self.EXISTING_USER_PAGE, self.TRANSITION_PAGE, self.ROLE_PAGE, self.IN_NET_PAGE, self.OUT_NET_PAGE, self.BOOLEAN_PAGE, self.SELECT_DIR_PAGE, self.GEN_USER_POLICY_PAGE]
-+
-+ for i in polgen.APPLICATIONS:
-+ self.pages[i] = [ self.START_PAGE, self.SELECT_TYPE_PAGE, self.APP_PAGE, self.IN_NET_PAGE, self.OUT_NET_PAGE, self.COMMON_APPS_PAGE, self.FILES_PAGE, self.BOOLEAN_PAGE, self.SELECT_DIR_PAGE, self.GEN_POLICY_PAGE]
-+ self.pages[polgen.USER] = [ self.START_PAGE, self.SELECT_TYPE_PAGE, self.APP_PAGE, self.USER_TRANSITION_PAGE, self.IN_NET_PAGE, self.OUT_NET_PAGE, self.COMMON_APPS_PAGE, self.FILES_PAGE, self.BOOLEAN_PAGE, self.SELECT_DIR_PAGE, self.GEN_POLICY_PAGE]
-+
-+ self.current_page = 0
-+ self.back_button.set_sensitive(0)
-+
-+ self.network_buttons = {}
-+
-+ self.in_tcp_all_checkbutton = xml.get_widget ("in_tcp_all_checkbutton")
-+ self.in_tcp_reserved_checkbutton = xml.get_widget ("in_tcp_reserved_checkbutton")
-+ self.in_tcp_unreserved_checkbutton = xml.get_widget ("in_tcp_unreserved_checkbutton")
-+ self.in_tcp_entry = self.xml.get_widget("in_tcp_entry")
-+ self.network_buttons[self.in_tcp_all_checkbutton] = [ self.in_tcp_reserved_checkbutton, self.in_tcp_unreserved_checkbutton, self.in_tcp_entry ]
-+
-+
-+ self.out_tcp_all_checkbutton = xml.get_widget ("out_tcp_all_checkbutton")
-+ self.out_tcp_reserved_checkbutton = xml.get_widget ("out_tcp_reserved_checkbutton")
-+ self.out_tcp_unreserved_checkbutton = xml.get_widget ("out_tcp_unreserved_checkbutton")
-+ self.out_tcp_entry = self.xml.get_widget("out_tcp_entry")
-+
-+ self.network_buttons[self.out_tcp_all_checkbutton] = [ self.out_tcp_entry ]
-+
-+ self.in_udp_all_checkbutton = xml.get_widget ("in_udp_all_checkbutton")
-+ self.in_udp_reserved_checkbutton = xml.get_widget ("in_udp_reserved_checkbutton")
-+ self.in_udp_unreserved_checkbutton = xml.get_widget ("in_udp_unreserved_checkbutton")
-+ self.in_udp_entry = self.xml.get_widget("in_udp_entry")
-+
-+ self.network_buttons[self.in_udp_all_checkbutton] = [ self.in_udp_reserved_checkbutton, self.in_udp_unreserved_checkbutton, self.in_udp_entry ]
-+
-+ self.out_udp_all_checkbutton = xml.get_widget ("out_udp_all_checkbutton")
-+ self.out_udp_entry = self.xml.get_widget("out_udp_entry")
-+ self.network_buttons[self.out_udp_all_checkbutton] = [ self.out_udp_entry ]
-+
-+ for b in self.network_buttons.keys():
-+ b.connect("clicked",self.network_all_clicked)
-+
-+ self.boolean_treeview = self.xml.get_widget("boolean_treeview")
-+ self.boolean_store = gtk.ListStore(gobject.TYPE_STRING,gobject.TYPE_STRING)
-+ self.boolean_treeview.set_model(self.boolean_store)
-+ self.boolean_store.set_sort_column_id(0, gtk.SORT_ASCENDING)
-+ col = gtk.TreeViewColumn(_("Name"), gtk.CellRendererText(), text = 0)
-+ self.boolean_treeview.append_column(col)
-+ col = gtk.TreeViewColumn(_("Description"), gtk.CellRendererText(), text = 1)
-+ self.boolean_treeview.append_column(col)
-+
-+ self.role_treeview = self.xml.get_widget("role_treeview")
-+ self.role_store = gtk.ListStore(gobject.TYPE_STRING)
-+ self.role_treeview.set_model(self.role_store)
-+ self.role_treeview.get_selection().set_mode(gtk.SELECTION_MULTIPLE)
-+ self.role_store.set_sort_column_id(0, gtk.SORT_ASCENDING)
-+ col = gtk.TreeViewColumn(_("Role"), gtk.CellRendererText(), text = 0)
-+ self.role_treeview.append_column(col)
-+
-+ self.existing_user_treeview = self.xml.get_widget("existing_user_treeview")
-+ self.existing_user_store = gtk.ListStore(gobject.TYPE_STRING)
-+ self.existing_user_treeview.set_model(self.existing_user_store)
-+ self.existing_user_store.set_sort_column_id(0, gtk.SORT_ASCENDING)
-+ col = gtk.TreeViewColumn(_("Existing_User"), gtk.CellRendererText(), text = 0)
-+ self.existing_user_treeview.append_column(col)
-+
-+ roles = polgen.get_all_roles()
-+ for i in roles:
-+ iter = self.role_store.append()
-+ self.role_store.set_value(iter, 0, i[:-2])
-+
-+ self.types = polgen.get_all_types()
-+
-+ self.transition_treeview = self.xml.get_widget("transition_treeview")
-+ self.transition_store = gtk.ListStore(gobject.TYPE_STRING)
-+ self.transition_treeview.set_model(self.transition_store)
-+ self.transition_treeview.get_selection().set_mode(gtk.SELECTION_MULTIPLE)
-+ self.transition_store.set_sort_column_id(0, gtk.SORT_ASCENDING)
-+ col = gtk.TreeViewColumn(_("Application"), gtk.CellRendererText(), text = 0)
-+ self.transition_treeview.append_column(col)
-+
-+ self.user_transition_treeview = self.xml.get_widget("user_transition_treeview")
-+ self.user_transition_store = gtk.ListStore(gobject.TYPE_STRING)
-+ self.user_transition_treeview.set_model(self.user_transition_store)
-+ self.user_transition_treeview.get_selection().set_mode(gtk.SELECTION_MULTIPLE)
-+ self.user_transition_store.set_sort_column_id(0, gtk.SORT_ASCENDING)
-+ col = gtk.TreeViewColumn(_("Application"), gtk.CellRendererText(), text = 0)
-+ self.user_transition_treeview.append_column(col)
-+
-+ for i in polgen.get_all_users():
-+ iter = self.user_transition_store.append()
-+ self.user_transition_store.set_value(iter, 0, i)
-+ iter = self.existing_user_store.append()
-+ self.existing_user_store.set_value(iter, 0, i)
-+
-+ self.admin_treeview = self.xml.get_widget("admin_treeview")
-+ self.admin_store = gtk.ListStore(gobject.TYPE_STRING)
-+ self.admin_treeview.set_model(self.admin_store)
-+ self.admin_treeview.get_selection().set_mode(gtk.SELECTION_MULTIPLE)
-+ self.admin_store.set_sort_column_id(0, gtk.SORT_ASCENDING)
-+ col = gtk.TreeViewColumn(_("Application"), gtk.CellRendererText(), text = 0)
-+ self.admin_treeview.append_column(col)
-+
-+ for i in polgen.methods:
-+ m = re.findall("(.*)%s" % polgen.USER_TRANSITION_INTERFACE, i)
-+ if len(m) > 0:
-+ if "%s_exec" % m[0] in self.types:
-+ iter = self.transition_store.append()
-+ self.transition_store.set_value(iter, 0, m[0])
-+ continue
-+
-+ m = re.findall("(.*)%s" % polgen.ADMIN_TRANSITION_INTERFACE, i)
-+ if len(m) > 0:
-+ iter = self.admin_store.append()
-+ self.admin_store.set_value(iter, 0, m[0])
-+ continue
-+
-+ def confine_application(self):
-+ return self.get_type() in polgen.APPLICATIONS
-+
-+ def forward(self, arg):
-+ type = self.get_type()
-+ if self.current_page == self.START_PAGE:
-+ self.back_button.set_sensitive(1)
-+
-+ if self.pages[type][self.current_page] == self.SELECT_TYPE_PAGE:
-+ if self.on_select_type_page_next():
-+ return
-+
-+ if self.pages[type][self.current_page] == self.IN_NET_PAGE:
-+ if self.on_in_net_page_next():
-+ return
-+
-+ if self.pages[type][self.current_page] == self.OUT_NET_PAGE:
-+ if self.on_out_net_page_next():
-+ return
-+
-+ if self.pages[type][self.current_page] == self.APP_PAGE:
-+ if self.on_name_page_next():
-+ return
-+
-+ if self.pages[type][self.current_page] == self.EXISTING_USER_PAGE:
-+ if self.on_existing_user_page_next():
-+ return
-+
-+ if self.pages[type][self.current_page] == self.SELECT_DIR_PAGE:
-+ outputdir = self.output_entry.get_text()
-+ if not os.path.isdir(outputdir):
-+ self.error(_("%s must be a directory") % outputdir )
-+ return False
-+
-+ if self.pages[type][self.current_page] in self.finish_page:
-+ self.generate_policy()
-+ else:
-+ self.current_page = self.current_page + 1
-+ self.notebook.set_current_page(self.pages[type][self.current_page])
-+ if self.pages[type][self.current_page] in self.finish_page:
-+ self.forward_button.set_label(gtk.STOCK_APPLY)
-+
-+ def back(self,arg):
-+ type = self.get_type()
-+ if self.pages[type][self.current_page] in self.finish_page:
-+ self.forward_button.set_label(gtk.STOCK_GO_FORWARD)
-+
-+ self.current_page = self.current_page - 1
-+ self.notebook.set_current_page(self.pages[type][self.current_page])
-+ if self.current_page == 0:
-+ self.back_button.set_sensitive(0)
-+
-+ def network_all_clicked(self, button):
-+ active = button.get_active()
-+ for b in self.network_buttons[button]:
-+ b.set_sensitive(not active)
-+
-+ def verify(self, message, title="" ):
-+ dlg = gtk.MessageDialog(None, 0, gtk.MESSAGE_INFO,
-+ gtk.BUTTONS_YES_NO,
-+ message)
-+ dlg.set_title(title)
-+ dlg.set_position(gtk.WIN_POS_MOUSE)
-+ dlg.show_all()
-+ rc = dlg.run()
-+ dlg.destroy()
-+ return rc
-+
-+ def info(self, message):
-+ dlg = gtk.MessageDialog(None, 0, gtk.MESSAGE_INFO,
-+ gtk.BUTTONS_OK,
-+ message)
-+ dlg.set_position(gtk.WIN_POS_MOUSE)
-+ dlg.show_all()
-+ dlg.run()
-+ dlg.destroy()
-+
-+ def error(self, message):
-+ dlg = gtk.MessageDialog(None, 0, gtk.MESSAGE_ERROR,
-+ gtk.BUTTONS_CLOSE,
-+ message)
-+ dlg.set_position(gtk.WIN_POS_MOUSE)
-+ dlg.show_all()
-+ dlg.run()
-+ dlg.destroy()
-+
-+ def get_name(self):
-+ if self.existing_user_radiobutton.get_active():
-+ store, iter = self.existing_user_treeview.get_selection().get_selected()
-+ if iter == None:
-+ raise(_("You must select a user"))
-+ return store.get_value(iter, 0)
-+ else:
-+ return self.name_entry.get_text()
-+
-+ def get_type(self):
-+ if self.cgi_radiobutton.get_active():
-+ return polgen.CGI
-+ if self.user_radiobutton.get_active():
-+ return polgen.USER
-+ if self.init_radiobutton.get_active():
-+ return polgen.DAEMON
-+ if self.inetd_radiobutton.get_active():
-+ return polgen.INETD
-+ if self.login_user_radiobutton.get_active():
-+ return polgen.LUSER
-+ if self.admin_user_radiobutton.get_active():
-+ return polgen.AUSER
-+ if self.xwindows_user_radiobutton.get_active():
-+ return polgen.XUSER
-+ if self.terminal_user_radiobutton.get_active():
-+ return polgen.TUSER
-+ if self.root_user_radiobutton.get_active():
-+ return polgen.RUSER
-+ if self.existing_user_radiobutton.get_active():
-+ return polgen.EUSER
-+
-+ def generate_policy(self, *args):
-+ outputdir = self.output_entry.get_text()
-+ try:
-+ my_policy=polgen.policy(self.get_name(), self.get_type())
-+ my_policy.set_in_tcp(self.in_tcp_all_checkbutton.get_active(), self.in_tcp_reserved_checkbutton.get_active(), self.in_tcp_unreserved_checkbutton.get_active(), self.in_tcp_entry.get_text())
-+ my_policy.set_in_udp(self.in_udp_all_checkbutton.get_active(), self.in_udp_reserved_checkbutton.get_active(), self.in_udp_unreserved_checkbutton.get_active(), self.in_udp_entry.get_text())
-+ my_policy.set_out_tcp(self.out_tcp_all_checkbutton.get_active(), self.out_tcp_entry.get_text())
-+ my_policy.set_out_udp(self.out_udp_all_checkbutton.get_active(), self.out_udp_entry.get_text())
-+
-+ iter= self.boolean_store.get_iter_first()
-+ while(iter):
-+ my_policy.add_boolean(self.boolean_store.get_value(iter, 0), self.boolean_store.get_value(iter, 1))
-+ iter= self.boolean_store.iter_next(iter)
-+
-+ if self.get_type() in polgen.APPLICATIONS:
-+ my_policy.set_program(self.exec_entry.get_text())
-+ my_policy.set_use_syslog(self.syslog_checkbutton.get_active() == 1)
-+ my_policy.set_use_tmp(self.tmp_checkbutton.get_active() == 1)
-+ my_policy.set_use_uid(self.uid_checkbutton.get_active() == 1)
-+ my_policy.set_use_pam(self.pam_checkbutton.get_active() == 1)
-+
-+ my_policy.set_use_dbus(self.dbus_checkbutton.get_active() == 1)
-+ my_policy.set_use_audit(self.audit_checkbutton.get_active() == 1)
-+ my_policy.set_use_terminal(self.terminal_checkbutton.get_active() == 1)
-+ my_policy.set_use_mail(self.mail_checkbutton.get_active() == 1)
-+ if self.get_type() is polgen.DAEMON:
-+ my_policy.set_init_script(self.init_script_entry.get_text())
-+ if self.get_type() == polgen.USER:
-+ selected = []
-+ self.user_transition_treeview.get_selection().selected_foreach(foreach, selected)
-+ my_policy.set_transition_users(selected)
-+ else:
-+ if self.get_type() == polgen.RUSER:
-+ selected = []
-+ self.admin_treeview.get_selection().selected_foreach(foreach, selected)
-+ my_policy.set_admin_domains(selected)
-+ selected = []
-+ self.user_transition_treeview.get_selection().selected_foreach(foreach, selected)
-+ my_policy.set_transition_users(selected)
-+ else:
-+ selected = []
-+ self.transition_treeview.get_selection().selected_foreach(foreach, selected)
-+ my_policy.set_transition_domains(selected)
-+
-+ selected = []
-+ self.role_treeview.get_selection().selected_foreach(foreach, selected)
-+ my_policy.set_admin_roles(selected)
-+
-+ iter= self.store.get_iter_first()
-+ while(iter):
-+ if self.store.get_value(iter, 1) == FILE:
-+ my_policy.add_file(self.store.get_value(iter, 0))
-+ else:
-+ my_policy.add_dir(self.store.get_value(iter, 0))
-+ iter= self.store.iter_next(iter)
-+
-+ self.info(my_policy.generate(outputdir))
-+ return False
-+ except ValueError, e:
-+ self.error(e.message)
-+
-+ def delete(self, args):
-+ store, iter = self.view.get_selection().get_selected()
-+ if iter != None:
-+ store.remove(iter)
-+ self.view.get_selection().select_path ((0,))
-+
-+ def delete_boolean(self, args):
-+ store, iter = self.boolean_treeview.get_selection().get_selected()
-+ if iter != None:
-+ store.remove(iter)
-+ self.boolean_treeview.get_selection().select_path ((0,))
-+
-+ def add_boolean(self,type):
-+ self.boolean_name_entry.set_text("")
-+ self.boolean_description_entry.set_text("")
-+ rc = self.boolean_dialog.run()
-+ self.boolean_dialog.hide()
-+ if rc == gtk.RESPONSE_CANCEL:
-+ return
-+ iter = self.boolean_store.append()
-+ self.boolean_store.set_value(iter, 0, self.boolean_name_entry.get_text())
-+ self.boolean_store.set_value(iter, 1, self.boolean_description_entry.get_text())
-+
-+ def __add(self,type):
-+ rc = self.file_dialog.run()
-+ self.file_dialog.hide()
-+ if rc == gtk.RESPONSE_CANCEL:
-+ return
-+ for i in self.file_dialog.get_filenames():
-+ iter = self.store.append()
-+ self.store.set_value(iter, 0, i)
-+ self.store.set_value(iter, 1, type)
-+
-+ def exec_select(self, args):
-+ self.file_dialog.set_select_multiple(0)
-+ self.file_dialog.set_title(_("Select executable file to be confined."))
-+ self.file_dialog.set_action(gtk.FILE_CHOOSER_ACTION_OPEN)
-+ self.file_dialog.set_current_folder("/usr/sbin")
-+ rc = self.file_dialog.run()
-+ self.file_dialog.hide()
-+ if rc == gtk.RESPONSE_CANCEL:
-+ return
-+ self.exec_entry.set_text(self.file_dialog.get_filename())
-+
-+ def init_script_select(self, args):
-+ self.file_dialog.set_select_multiple(0)
-+ self.file_dialog.set_title(_("Select init script file to be confined."))
-+ self.file_dialog.set_action(gtk.FILE_CHOOSER_ACTION_OPEN)
-+ self.file_dialog.set_current_folder("/etc/rc.d/init.d")
-+ rc = self.file_dialog.run()
-+ self.file_dialog.hide()
-+ if rc == gtk.RESPONSE_CANCEL:
-+ return
-+ self.init_script_entry.set_text(self.file_dialog.get_filename())
-+
-+ def add(self, args):
-+ self.file_dialog.set_title(_("Select file(s) that confined application creates or writes"))
-+ self.file_dialog.set_current_folder("/")
-+ self.file_dialog.set_action(gtk.FILE_CHOOSER_ACTION_OPEN)
-+ self.file_dialog.set_select_multiple(1)
-+ self.__add(FILE)
-+
-+ def add_dir(self, args):
-+ self.file_dialog.set_title(_("Select directory(s) that the confined application owns and writes into"))
-+ self.file_dialog.set_current_folder("/")
-+ self.file_dialog.set_select_multiple(1)
-+ self.file_dialog.set_action(gtk.FILE_CHOOSER_ACTION_SELECT_FOLDER)
-+ self.__add(DIR)
-+
-+ def on_about_clicked(self, args):
-+ dlg = xml.get_widget ("about_dialog")
-+ dlg.run ()
-+ dlg.hide ()
-+
-+ def quit(self, args):
-+ gtk.main_quit()
-+
-+ def setupScreen(self):
-+ # Bring in widgets from glade file.
-+ self.mainWindow = self.xml.get_widget("main_window")
-+ self.druid = self.xml.get_widget("druid")
-+ self.type = 0
-+ self.name_entry = self.xml.get_widget("name_entry")
-+ self.name_entry.connect("focus_out_event",self.on_name_entry_changed)
-+ self.exec_entry = self.xml.get_widget("exec_entry")
-+ self.exec_button = self.xml.get_widget("exec_button")
-+ self.init_script_entry = self.xml.get_widget("init_script_entry")
-+ self.init_script_button = self.xml.get_widget("init_script_button")
-+ self.output_entry = self.xml.get_widget("output_entry")
-+ self.output_entry.set_text(os.getcwd())
-+ self.xml.get_widget("output_button").connect("clicked",self.output_button_clicked)
-+
-+ self.xwindows_user_radiobutton = self.xml.get_widget("xwindows_user_radiobutton")
-+ self.terminal_user_radiobutton = self.xml.get_widget("terminal_user_radiobutton")
-+ self.root_user_radiobutton = self.xml.get_widget("root_user_radiobutton")
-+ self.login_user_radiobutton = self.xml.get_widget("login_user_radiobutton")
-+ self.admin_user_radiobutton = self.xml.get_widget("admin_user_radiobutton")
-+ self.existing_user_radiobutton = self.xml.get_widget("existing_user_radiobutton")
-+
-+ self.user_radiobutton = self.xml.get_widget("user_radiobutton")
-+ self.init_radiobutton = self.xml.get_widget("init_radiobutton")
-+ self.inetd_radiobutton = self.xml.get_widget("inetd_radiobutton")
-+ self.cgi_radiobutton = self.xml.get_widget("cgi_radiobutton")
-+ self.tmp_checkbutton = self.xml.get_widget("tmp_checkbutton")
-+ self.uid_checkbutton = self.xml.get_widget("uid_checkbutton")
-+ self.pam_checkbutton = self.xml.get_widget("pam_checkbutton")
-+ self.dbus_checkbutton = self.xml.get_widget("dbus_checkbutton")
-+ self.audit_checkbutton = self.xml.get_widget("audit_checkbutton")
-+ self.terminal_checkbutton = self.xml.get_widget("terminal_checkbutton")
-+ self.mail_checkbutton = self.xml.get_widget("mail_checkbutton")
-+ self.syslog_checkbutton = self.xml.get_widget("syslog_checkbutton")
-+ self.view = self.xml.get_widget("write_treeview")
-+ self.file_dialog = self.xml.get_widget("filechooserdialog")
-+
-+ self.store = gtk.ListStore(gobject.TYPE_STRING, gobject.TYPE_INT)
-+ self.view.set_model(self.store)
-+ col = gtk.TreeViewColumn("", gtk.CellRendererText(), text = 0)
-+ col.set_resizable(True)
-+ self.view.append_column(col)
-+ self.view.get_selection().select_path ((0,))
-+
-+ def output_button_clicked(self, *args):
-+ self.file_dialog.set_title(_("Select directory to generate policy files in"))
-+ self.file_dialog.set_action(gtk.FILE_CHOOSER_ACTION_SELECT_FOLDER)
-+ self.file_dialog.set_select_multiple(0)
-+ rc = self.file_dialog.run()
-+ self.file_dialog.hide()
-+ if rc == gtk.RESPONSE_CANCEL:
-+ return
-+ self.output_entry.set_text(self.file_dialog.get_filename())
-+
-+ def on_name_entry_changed(self, entry, third):
-+ name = entry.get_text()
-+ if self.name != name:
-+ if name in self.all_types:
-+ if self.verify(_("Type %s_t already defined in current policy.\nDo you want to continue?") % name, _("Verify Name")) == gtk.RESPONSE_NO:
-+ entry.set_text("")
-+ return False
-+ if name in self.all_modules:
-+ if self.verify(_("Module %s.pp already loaded in current policy.\nDo you want to continue?") % name, _("Verify Name")) == gtk.RESPONSE_NO:
-+ entry.set_text("")
-+ return False
-+
-+ file = "/etc/rc.d/init.d/" + name
-+ if os.path.isfile(file) and self.init_script_entry.get_text() == "":
-+ self.init_script_entry.set_text(file)
-+
-+ file = "/usr/sbin/" + name
-+ if os.path.isfile(file) and self.exec_entry.get_text() == "":
-+ self.exec_entry.set_text(file)
-+
-+ self.name = name
-+ return False
-+
-+ def on_in_net_page_next(self, *args):
-+ try:
-+ polgen.verify_ports(self.in_tcp_entry.get_text())
-+ polgen.verify_ports(self.in_udp_entry.get_text())
-+ except ValueError, e:
-+ self.error(e.message)
-+ return True
-+
-+ def on_out_net_page_next(self, *args):
-+ try:
-+ polgen.verify_ports(self.out_tcp_entry.get_text())
-+ polgen.verify_ports(self.out_udp_entry.get_text())
-+ except ValueError, e:
-+ self.error(e.message)
-+ return True
-+
-+ def on_select_type_page_next(self, *args):
-+ self.exec_entry.set_sensitive(self.confine_application())
-+ self.exec_button.set_sensitive(self.confine_application())
-+ self.init_script_entry.set_sensitive(self.init_radiobutton.get_active())
-+ self.init_script_button.set_sensitive(self.init_radiobutton.get_active())
-+
-+ def on_existing_user_page_next(self, *args):
-+ store, iter = self.view.get_selection().get_selected()
-+ if iter != None:
-+ self.error(_("You must select a user"))
-+ return True
-+
-+ def on_name_page_next(self, *args):
-+ name=self.name_entry.get_text()
-+ if name == "":
-+ self.error(_("You must enter a name"))
-+ return True
-+
-+ if self.confine_application():
-+ exe = self.exec_entry.get_text()
-+ if exe == "":
-+ self.error(_("You must enter a executable"))
-+ return True
-+
-+ def stand_alone(self):
-+ desktopName = _("Configue SELinux")
-+
-+ self.setupScreen()
-+ self.mainWindow.connect("destroy", self.quit)
-+
-+ self.mainWindow.show_all()
-+ gtk.main()
-+
-+if __name__ == "__main__":
-+ signal.signal (signal.SIGINT, signal.SIG_DFL)
-+
-+ app = childWindow()
-+ app.stand_alone()
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycoreutils-2.0.50/gui/polgen.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycoreutils-2.0.52/gui/polgen.py
--- nsapolicycoreutils/gui/polgen.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.50/gui/polgen.py 2008-07-01 21:48:14.000000000 -0400
++++ policycoreutils-2.0.52/gui/polgen.py 2008-07-02 13:43:21.000000000 -0400
@@ -0,0 +1,925 @@
+#!/usr/bin/python
+#
@@ -10281,9 +6337,636 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore
+ sys.exit(0)
+
+
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/portsPage.py policycoreutils-2.0.50/gui/portsPage.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgengui.py policycoreutils-2.0.52/gui/polgengui.py
+--- nsapolicycoreutils/gui/polgengui.py 1969-12-31 19:00:00.000000000 -0500
++++ policycoreutils-2.0.52/gui/polgengui.py 2008-07-02 13:43:21.000000000 -0400
+@@ -0,0 +1,623 @@
++#!/usr/bin/python -E
++#
++# polgengui.py - GUI for SELinux Config tool in system-config-selinux
++#
++# Dan Walsh
++#
++# Copyright 2007, 2008 Red Hat, Inc.
++#
++# This program is free software; you can redistribute it and/or modify
++# it under the terms of the GNU General Public License as published by
++# the Free Software Foundation; either version 2 of the License, or
++# (at your option) any later version.
++#
++# This program is distributed in the hope that it will be useful,
++# but WITHOUT ANY WARRANTY; without even the implied warranty of
++# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
++# GNU General Public License for more details.
++#
++# You should have received a copy of the GNU General Public License
++# along with this program; if not, write to the Free Software
++# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
++#
++import signal
++import string
++import gtk
++import gtk.glade
++import os
++import gobject
++import gnome
++import sys
++import polgen
++import re
++import commands
++
++
++##
++## I18N
++##
++PROGNAME="system-config-selinux"
++
++import gettext
++gettext.bindtextdomain(PROGNAME, "/usr/share/locale")
++gettext.textdomain(PROGNAME)
++try:
++ gettext.install(PROGNAME,
++ localedir="/usr/share/locale",
++ unicode=False,
++ codeset = 'utf-8')
++except IOError:
++ import __builtin__
++ __builtin__.__dict__['_'] = unicode
++
++gnome.program_init("SELinux Policy Generation Tool", "5")
++
++version = "1.0"
++
++sys.path.append('/usr/share/system-config-selinux')
++sys.path.append('.')
++
++# From John Hunter http://www.daa.com.au/pipermail/pygtk/2003-February/004454.html
++def foreach(model, path, iter, selected):
++ selected.append(model.get_value(iter, 0))
++
++##
++## Pull in the Glade file
++##
++if os.access("polgen.glade", os.F_OK):
++ xml = gtk.glade.XML ("polgen.glade", domain=PROGNAME)
++else:
++ xml = gtk.glade.XML ("/usr/share/system-config-selinux/polgen.glade", domain=PROGNAME)
++
++FILE = 1
++DIR = 2
++
++class childWindow:
++ START_PAGE = 0
++ SELECT_TYPE_PAGE = 1
++ APP_PAGE = 2
++ EXISTING_USER_PAGE = 3
++ TRANSITION_PAGE = 4
++ USER_TRANSITION_PAGE = 5
++ ADMIN_PAGE = 6
++ ROLE_PAGE = 7
++ IN_NET_PAGE = 8
++ OUT_NET_PAGE = 9
++ COMMON_APPS_PAGE = 10
++ FILES_PAGE = 11
++ BOOLEAN_PAGE = 12
++ SELECT_DIR_PAGE = 13
++ GEN_POLICY_PAGE = 14
++ GEN_USER_POLICY_PAGE = 15
++
++ def __init__(self):
++ self.xml = xml
++ self.all_types=polgen.get_all_types()
++ self.all_modules=polgen.get_all_modules()
++ self.name=""
++ xml.signal_connect("on_delete_clicked", self.delete)
++ xml.signal_connect("on_delete_boolean_clicked", self.delete_boolean)
++ xml.signal_connect("on_exec_select_clicked", self.exec_select)
++ xml.signal_connect("on_init_script_select_clicked", self.init_script_select)
++ xml.signal_connect("on_add_clicked", self.add)
++ xml.signal_connect("on_add_boolean_clicked", self.add_boolean)
++ xml.signal_connect("on_add_dir_clicked", self.add_dir)
++ xml.signal_connect("on_about_clicked", self.on_about_clicked)
++ xml.get_widget ("cancel_button").connect("clicked",self.quit)
++ self.forward_button = xml.get_widget ("forward_button")
++ self.forward_button.connect("clicked",self.forward)
++ self.back_button = xml.get_widget ("back_button")
++ self.back_button.connect("clicked",self.back)
++
++ self.boolean_dialog = xml.get_widget ("boolean_dialog")
++ self.boolean_name_entry = xml.get_widget ("boolean_name_entry")
++ self.boolean_description_entry = xml.get_widget ("boolean_description_entry")
++
++ self.notebook = xml.get_widget ("notebook1")
++ self.pages={}
++ self.finish_page = [ self.GEN_POLICY_PAGE, self.GEN_USER_POLICY_PAGE ]
++ for i in polgen.USERS:
++ self.pages[i] = [ self.START_PAGE, self.SELECT_TYPE_PAGE, self.APP_PAGE, self.TRANSITION_PAGE, self.ROLE_PAGE, self.IN_NET_PAGE, self.OUT_NET_PAGE, self.BOOLEAN_PAGE, self.SELECT_DIR_PAGE, self.GEN_USER_POLICY_PAGE]
++ self.pages[polgen.RUSER] = [ self.START_PAGE, self.SELECT_TYPE_PAGE, self.APP_PAGE, self.ADMIN_PAGE, self.USER_TRANSITION_PAGE, self.IN_NET_PAGE, self.OUT_NET_PAGE, self.BOOLEAN_PAGE, self.SELECT_DIR_PAGE, self.GEN_USER_POLICY_PAGE]
++ self.pages[polgen.LUSER] = [ self.START_PAGE, self.SELECT_TYPE_PAGE, self.APP_PAGE, self.TRANSITION_PAGE, self.IN_NET_PAGE, self.OUT_NET_PAGE, self.BOOLEAN_PAGE, self.SELECT_DIR_PAGE, self.GEN_USER_POLICY_PAGE]
++
++ self.pages[polgen.EUSER] = [ self.START_PAGE, self.SELECT_TYPE_PAGE, self.EXISTING_USER_PAGE, self.TRANSITION_PAGE, self.ROLE_PAGE, self.IN_NET_PAGE, self.OUT_NET_PAGE, self.BOOLEAN_PAGE, self.SELECT_DIR_PAGE, self.GEN_USER_POLICY_PAGE]
++
++ for i in polgen.APPLICATIONS:
++ self.pages[i] = [ self.START_PAGE, self.SELECT_TYPE_PAGE, self.APP_PAGE, self.IN_NET_PAGE, self.OUT_NET_PAGE, self.COMMON_APPS_PAGE, self.FILES_PAGE, self.BOOLEAN_PAGE, self.SELECT_DIR_PAGE, self.GEN_POLICY_PAGE]
++ self.pages[polgen.USER] = [ self.START_PAGE, self.SELECT_TYPE_PAGE, self.APP_PAGE, self.USER_TRANSITION_PAGE, self.IN_NET_PAGE, self.OUT_NET_PAGE, self.COMMON_APPS_PAGE, self.FILES_PAGE, self.BOOLEAN_PAGE, self.SELECT_DIR_PAGE, self.GEN_POLICY_PAGE]
++
++ self.current_page = 0
++ self.back_button.set_sensitive(0)
++
++ self.network_buttons = {}
++
++ self.in_tcp_all_checkbutton = xml.get_widget ("in_tcp_all_checkbutton")
++ self.in_tcp_reserved_checkbutton = xml.get_widget ("in_tcp_reserved_checkbutton")
++ self.in_tcp_unreserved_checkbutton = xml.get_widget ("in_tcp_unreserved_checkbutton")
++ self.in_tcp_entry = self.xml.get_widget("in_tcp_entry")
++ self.network_buttons[self.in_tcp_all_checkbutton] = [ self.in_tcp_reserved_checkbutton, self.in_tcp_unreserved_checkbutton, self.in_tcp_entry ]
++
++
++ self.out_tcp_all_checkbutton = xml.get_widget ("out_tcp_all_checkbutton")
++ self.out_tcp_reserved_checkbutton = xml.get_widget ("out_tcp_reserved_checkbutton")
++ self.out_tcp_unreserved_checkbutton = xml.get_widget ("out_tcp_unreserved_checkbutton")
++ self.out_tcp_entry = self.xml.get_widget("out_tcp_entry")
++
++ self.network_buttons[self.out_tcp_all_checkbutton] = [ self.out_tcp_entry ]
++
++ self.in_udp_all_checkbutton = xml.get_widget ("in_udp_all_checkbutton")
++ self.in_udp_reserved_checkbutton = xml.get_widget ("in_udp_reserved_checkbutton")
++ self.in_udp_unreserved_checkbutton = xml.get_widget ("in_udp_unreserved_checkbutton")
++ self.in_udp_entry = self.xml.get_widget("in_udp_entry")
++
++ self.network_buttons[self.in_udp_all_checkbutton] = [ self.in_udp_reserved_checkbutton, self.in_udp_unreserved_checkbutton, self.in_udp_entry ]
++
++ self.out_udp_all_checkbutton = xml.get_widget ("out_udp_all_checkbutton")
++ self.out_udp_entry = self.xml.get_widget("out_udp_entry")
++ self.network_buttons[self.out_udp_all_checkbutton] = [ self.out_udp_entry ]
++
++ for b in self.network_buttons.keys():
++ b.connect("clicked",self.network_all_clicked)
++
++ self.boolean_treeview = self.xml.get_widget("boolean_treeview")
++ self.boolean_store = gtk.ListStore(gobject.TYPE_STRING,gobject.TYPE_STRING)
++ self.boolean_treeview.set_model(self.boolean_store)
++ self.boolean_store.set_sort_column_id(0, gtk.SORT_ASCENDING)
++ col = gtk.TreeViewColumn(_("Name"), gtk.CellRendererText(), text = 0)
++ self.boolean_treeview.append_column(col)
++ col = gtk.TreeViewColumn(_("Description"), gtk.CellRendererText(), text = 1)
++ self.boolean_treeview.append_column(col)
++
++ self.role_treeview = self.xml.get_widget("role_treeview")
++ self.role_store = gtk.ListStore(gobject.TYPE_STRING)
++ self.role_treeview.set_model(self.role_store)
++ self.role_treeview.get_selection().set_mode(gtk.SELECTION_MULTIPLE)
++ self.role_store.set_sort_column_id(0, gtk.SORT_ASCENDING)
++ col = gtk.TreeViewColumn(_("Role"), gtk.CellRendererText(), text = 0)
++ self.role_treeview.append_column(col)
++
++ self.existing_user_treeview = self.xml.get_widget("existing_user_treeview")
++ self.existing_user_store = gtk.ListStore(gobject.TYPE_STRING)
++ self.existing_user_treeview.set_model(self.existing_user_store)
++ self.existing_user_store.set_sort_column_id(0, gtk.SORT_ASCENDING)
++ col = gtk.TreeViewColumn(_("Existing_User"), gtk.CellRendererText(), text = 0)
++ self.existing_user_treeview.append_column(col)
++
++ roles = polgen.get_all_roles()
++ for i in roles:
++ iter = self.role_store.append()
++ self.role_store.set_value(iter, 0, i[:-2])
++
++ self.types = polgen.get_all_types()
++
++ self.transition_treeview = self.xml.get_widget("transition_treeview")
++ self.transition_store = gtk.ListStore(gobject.TYPE_STRING)
++ self.transition_treeview.set_model(self.transition_store)
++ self.transition_treeview.get_selection().set_mode(gtk.SELECTION_MULTIPLE)
++ self.transition_store.set_sort_column_id(0, gtk.SORT_ASCENDING)
++ col = gtk.TreeViewColumn(_("Application"), gtk.CellRendererText(), text = 0)
++ self.transition_treeview.append_column(col)
++
++ self.user_transition_treeview = self.xml.get_widget("user_transition_treeview")
++ self.user_transition_store = gtk.ListStore(gobject.TYPE_STRING)
++ self.user_transition_treeview.set_model(self.user_transition_store)
++ self.user_transition_treeview.get_selection().set_mode(gtk.SELECTION_MULTIPLE)
++ self.user_transition_store.set_sort_column_id(0, gtk.SORT_ASCENDING)
++ col = gtk.TreeViewColumn(_("Application"), gtk.CellRendererText(), text = 0)
++ self.user_transition_treeview.append_column(col)
++
++ for i in polgen.get_all_users():
++ iter = self.user_transition_store.append()
++ self.user_transition_store.set_value(iter, 0, i)
++ iter = self.existing_user_store.append()
++ self.existing_user_store.set_value(iter, 0, i)
++
++ self.admin_treeview = self.xml.get_widget("admin_treeview")
++ self.admin_store = gtk.ListStore(gobject.TYPE_STRING)
++ self.admin_treeview.set_model(self.admin_store)
++ self.admin_treeview.get_selection().set_mode(gtk.SELECTION_MULTIPLE)
++ self.admin_store.set_sort_column_id(0, gtk.SORT_ASCENDING)
++ col = gtk.TreeViewColumn(_("Application"), gtk.CellRendererText(), text = 0)
++ self.admin_treeview.append_column(col)
++
++ for i in polgen.methods:
++ m = re.findall("(.*)%s" % polgen.USER_TRANSITION_INTERFACE, i)
++ if len(m) > 0:
++ if "%s_exec" % m[0] in self.types:
++ iter = self.transition_store.append()
++ self.transition_store.set_value(iter, 0, m[0])
++ continue
++
++ m = re.findall("(.*)%s" % polgen.ADMIN_TRANSITION_INTERFACE, i)
++ if len(m) > 0:
++ iter = self.admin_store.append()
++ self.admin_store.set_value(iter, 0, m[0])
++ continue
++
++ def confine_application(self):
++ return self.get_type() in polgen.APPLICATIONS
++
++ def forward(self, arg):
++ type = self.get_type()
++ if self.current_page == self.START_PAGE:
++ self.back_button.set_sensitive(1)
++
++ if self.pages[type][self.current_page] == self.SELECT_TYPE_PAGE:
++ if self.on_select_type_page_next():
++ return
++
++ if self.pages[type][self.current_page] == self.IN_NET_PAGE:
++ if self.on_in_net_page_next():
++ return
++
++ if self.pages[type][self.current_page] == self.OUT_NET_PAGE:
++ if self.on_out_net_page_next():
++ return
++
++ if self.pages[type][self.current_page] == self.APP_PAGE:
++ if self.on_name_page_next():
++ return
++
++ if self.pages[type][self.current_page] == self.EXISTING_USER_PAGE:
++ if self.on_existing_user_page_next():
++ return
++
++ if self.pages[type][self.current_page] == self.SELECT_DIR_PAGE:
++ outputdir = self.output_entry.get_text()
++ if not os.path.isdir(outputdir):
++ self.error(_("%s must be a directory") % outputdir )
++ return False
++
++ if self.pages[type][self.current_page] in self.finish_page:
++ self.generate_policy()
++ else:
++ self.current_page = self.current_page + 1
++ self.notebook.set_current_page(self.pages[type][self.current_page])
++ if self.pages[type][self.current_page] in self.finish_page:
++ self.forward_button.set_label(gtk.STOCK_APPLY)
++
++ def back(self,arg):
++ type = self.get_type()
++ if self.pages[type][self.current_page] in self.finish_page:
++ self.forward_button.set_label(gtk.STOCK_GO_FORWARD)
++
++ self.current_page = self.current_page - 1
++ self.notebook.set_current_page(self.pages[type][self.current_page])
++ if self.current_page == 0:
++ self.back_button.set_sensitive(0)
++
++ def network_all_clicked(self, button):
++ active = button.get_active()
++ for b in self.network_buttons[button]:
++ b.set_sensitive(not active)
++
++ def verify(self, message, title="" ):
++ dlg = gtk.MessageDialog(None, 0, gtk.MESSAGE_INFO,
++ gtk.BUTTONS_YES_NO,
++ message)
++ dlg.set_title(title)
++ dlg.set_position(gtk.WIN_POS_MOUSE)
++ dlg.show_all()
++ rc = dlg.run()
++ dlg.destroy()
++ return rc
++
++ def info(self, message):
++ dlg = gtk.MessageDialog(None, 0, gtk.MESSAGE_INFO,
++ gtk.BUTTONS_OK,
++ message)
++ dlg.set_position(gtk.WIN_POS_MOUSE)
++ dlg.show_all()
++ dlg.run()
++ dlg.destroy()
++
++ def error(self, message):
++ dlg = gtk.MessageDialog(None, 0, gtk.MESSAGE_ERROR,
++ gtk.BUTTONS_CLOSE,
++ message)
++ dlg.set_position(gtk.WIN_POS_MOUSE)
++ dlg.show_all()
++ dlg.run()
++ dlg.destroy()
++
++ def get_name(self):
++ if self.existing_user_radiobutton.get_active():
++ store, iter = self.existing_user_treeview.get_selection().get_selected()
++ if iter == None:
++ raise(_("You must select a user"))
++ return store.get_value(iter, 0)
++ else:
++ return self.name_entry.get_text()
++
++ def get_type(self):
++ if self.cgi_radiobutton.get_active():
++ return polgen.CGI
++ if self.user_radiobutton.get_active():
++ return polgen.USER
++ if self.init_radiobutton.get_active():
++ return polgen.DAEMON
++ if self.inetd_radiobutton.get_active():
++ return polgen.INETD
++ if self.login_user_radiobutton.get_active():
++ return polgen.LUSER
++ if self.admin_user_radiobutton.get_active():
++ return polgen.AUSER
++ if self.xwindows_user_radiobutton.get_active():
++ return polgen.XUSER
++ if self.terminal_user_radiobutton.get_active():
++ return polgen.TUSER
++ if self.root_user_radiobutton.get_active():
++ return polgen.RUSER
++ if self.existing_user_radiobutton.get_active():
++ return polgen.EUSER
++
++ def generate_policy(self, *args):
++ outputdir = self.output_entry.get_text()
++ try:
++ my_policy=polgen.policy(self.get_name(), self.get_type())
++ my_policy.set_in_tcp(self.in_tcp_all_checkbutton.get_active(), self.in_tcp_reserved_checkbutton.get_active(), self.in_tcp_unreserved_checkbutton.get_active(), self.in_tcp_entry.get_text())
++ my_policy.set_in_udp(self.in_udp_all_checkbutton.get_active(), self.in_udp_reserved_checkbutton.get_active(), self.in_udp_unreserved_checkbutton.get_active(), self.in_udp_entry.get_text())
++ my_policy.set_out_tcp(self.out_tcp_all_checkbutton.get_active(), self.out_tcp_entry.get_text())
++ my_policy.set_out_udp(self.out_udp_all_checkbutton.get_active(), self.out_udp_entry.get_text())
++
++ iter= self.boolean_store.get_iter_first()
++ while(iter):
++ my_policy.add_boolean(self.boolean_store.get_value(iter, 0), self.boolean_store.get_value(iter, 1))
++ iter= self.boolean_store.iter_next(iter)
++
++ if self.get_type() in polgen.APPLICATIONS:
++ my_policy.set_program(self.exec_entry.get_text())
++ my_policy.set_use_syslog(self.syslog_checkbutton.get_active() == 1)
++ my_policy.set_use_tmp(self.tmp_checkbutton.get_active() == 1)
++ my_policy.set_use_uid(self.uid_checkbutton.get_active() == 1)
++ my_policy.set_use_pam(self.pam_checkbutton.get_active() == 1)
++
++ my_policy.set_use_dbus(self.dbus_checkbutton.get_active() == 1)
++ my_policy.set_use_audit(self.audit_checkbutton.get_active() == 1)
++ my_policy.set_use_terminal(self.terminal_checkbutton.get_active() == 1)
++ my_policy.set_use_mail(self.mail_checkbutton.get_active() == 1)
++ if self.get_type() is polgen.DAEMON:
++ my_policy.set_init_script(self.init_script_entry.get_text())
++ if self.get_type() == polgen.USER:
++ selected = []
++ self.user_transition_treeview.get_selection().selected_foreach(foreach, selected)
++ my_policy.set_transition_users(selected)
++ else:
++ if self.get_type() == polgen.RUSER:
++ selected = []
++ self.admin_treeview.get_selection().selected_foreach(foreach, selected)
++ my_policy.set_admin_domains(selected)
++ selected = []
++ self.user_transition_treeview.get_selection().selected_foreach(foreach, selected)
++ my_policy.set_transition_users(selected)
++ else:
++ selected = []
++ self.transition_treeview.get_selection().selected_foreach(foreach, selected)
++ my_policy.set_transition_domains(selected)
++
++ selected = []
++ self.role_treeview.get_selection().selected_foreach(foreach, selected)
++ my_policy.set_admin_roles(selected)
++
++ iter= self.store.get_iter_first()
++ while(iter):
++ if self.store.get_value(iter, 1) == FILE:
++ my_policy.add_file(self.store.get_value(iter, 0))
++ else:
++ my_policy.add_dir(self.store.get_value(iter, 0))
++ iter= self.store.iter_next(iter)
++
++ self.info(my_policy.generate(outputdir))
++ return False
++ except ValueError, e:
++ self.error(e.message)
++
++ def delete(self, args):
++ store, iter = self.view.get_selection().get_selected()
++ if iter != None:
++ store.remove(iter)
++ self.view.get_selection().select_path ((0,))
++
++ def delete_boolean(self, args):
++ store, iter = self.boolean_treeview.get_selection().get_selected()
++ if iter != None:
++ store.remove(iter)
++ self.boolean_treeview.get_selection().select_path ((0,))
++
++ def add_boolean(self,type):
++ self.boolean_name_entry.set_text("")
++ self.boolean_description_entry.set_text("")
++ rc = self.boolean_dialog.run()
++ self.boolean_dialog.hide()
++ if rc == gtk.RESPONSE_CANCEL:
++ return
++ iter = self.boolean_store.append()
++ self.boolean_store.set_value(iter, 0, self.boolean_name_entry.get_text())
++ self.boolean_store.set_value(iter, 1, self.boolean_description_entry.get_text())
++
++ def __add(self,type):
++ rc = self.file_dialog.run()
++ self.file_dialog.hide()
++ if rc == gtk.RESPONSE_CANCEL:
++ return
++ for i in self.file_dialog.get_filenames():
++ iter = self.store.append()
++ self.store.set_value(iter, 0, i)
++ self.store.set_value(iter, 1, type)
++
++ def exec_select(self, args):
++ self.file_dialog.set_select_multiple(0)
++ self.file_dialog.set_title(_("Select executable file to be confined."))
++ self.file_dialog.set_action(gtk.FILE_CHOOSER_ACTION_OPEN)
++ self.file_dialog.set_current_folder("/usr/sbin")
++ rc = self.file_dialog.run()
++ self.file_dialog.hide()
++ if rc == gtk.RESPONSE_CANCEL:
++ return
++ self.exec_entry.set_text(self.file_dialog.get_filename())
++
++ def init_script_select(self, args):
++ self.file_dialog.set_select_multiple(0)
++ self.file_dialog.set_title(_("Select init script file to be confined."))
++ self.file_dialog.set_action(gtk.FILE_CHOOSER_ACTION_OPEN)
++ self.file_dialog.set_current_folder("/etc/rc.d/init.d")
++ rc = self.file_dialog.run()
++ self.file_dialog.hide()
++ if rc == gtk.RESPONSE_CANCEL:
++ return
++ self.init_script_entry.set_text(self.file_dialog.get_filename())
++
++ def add(self, args):
++ self.file_dialog.set_title(_("Select file(s) that confined application creates or writes"))
++ self.file_dialog.set_current_folder("/")
++ self.file_dialog.set_action(gtk.FILE_CHOOSER_ACTION_OPEN)
++ self.file_dialog.set_select_multiple(1)
++ self.__add(FILE)
++
++ def add_dir(self, args):
++ self.file_dialog.set_title(_("Select directory(s) that the confined application owns and writes into"))
++ self.file_dialog.set_current_folder("/")
++ self.file_dialog.set_select_multiple(1)
++ self.file_dialog.set_action(gtk.FILE_CHOOSER_ACTION_SELECT_FOLDER)
++ self.__add(DIR)
++
++ def on_about_clicked(self, args):
++ dlg = xml.get_widget ("about_dialog")
++ dlg.run ()
++ dlg.hide ()
++
++ def quit(self, args):
++ gtk.main_quit()
++
++ def setupScreen(self):
++ # Bring in widgets from glade file.
++ self.mainWindow = self.xml.get_widget("main_window")
++ self.druid = self.xml.get_widget("druid")
++ self.type = 0
++ self.name_entry = self.xml.get_widget("name_entry")
++ self.name_entry.connect("focus_out_event",self.on_name_entry_changed)
++ self.exec_entry = self.xml.get_widget("exec_entry")
++ self.exec_button = self.xml.get_widget("exec_button")
++ self.init_script_entry = self.xml.get_widget("init_script_entry")
++ self.init_script_button = self.xml.get_widget("init_script_button")
++ self.output_entry = self.xml.get_widget("output_entry")
++ self.output_entry.set_text(os.getcwd())
++ self.xml.get_widget("output_button").connect("clicked",self.output_button_clicked)
++
++ self.xwindows_user_radiobutton = self.xml.get_widget("xwindows_user_radiobutton")
++ self.terminal_user_radiobutton = self.xml.get_widget("terminal_user_radiobutton")
++ self.root_user_radiobutton = self.xml.get_widget("root_user_radiobutton")
++ self.login_user_radiobutton = self.xml.get_widget("login_user_radiobutton")
++ self.admin_user_radiobutton = self.xml.get_widget("admin_user_radiobutton")
++ self.existing_user_radiobutton = self.xml.get_widget("existing_user_radiobutton")
++
++ self.user_radiobutton = self.xml.get_widget("user_radiobutton")
++ self.init_radiobutton = self.xml.get_widget("init_radiobutton")
++ self.inetd_radiobutton = self.xml.get_widget("inetd_radiobutton")
++ self.cgi_radiobutton = self.xml.get_widget("cgi_radiobutton")
++ self.tmp_checkbutton = self.xml.get_widget("tmp_checkbutton")
++ self.uid_checkbutton = self.xml.get_widget("uid_checkbutton")
++ self.pam_checkbutton = self.xml.get_widget("pam_checkbutton")
++ self.dbus_checkbutton = self.xml.get_widget("dbus_checkbutton")
++ self.audit_checkbutton = self.xml.get_widget("audit_checkbutton")
++ self.terminal_checkbutton = self.xml.get_widget("terminal_checkbutton")
++ self.mail_checkbutton = self.xml.get_widget("mail_checkbutton")
++ self.syslog_checkbutton = self.xml.get_widget("syslog_checkbutton")
++ self.view = self.xml.get_widget("write_treeview")
++ self.file_dialog = self.xml.get_widget("filechooserdialog")
++
++ self.store = gtk.ListStore(gobject.TYPE_STRING, gobject.TYPE_INT)
++ self.view.set_model(self.store)
++ col = gtk.TreeViewColumn("", gtk.CellRendererText(), text = 0)
++ col.set_resizable(True)
++ self.view.append_column(col)
++ self.view.get_selection().select_path ((0,))
++
++ def output_button_clicked(self, *args):
++ self.file_dialog.set_title(_("Select directory to generate policy files in"))
++ self.file_dialog.set_action(gtk.FILE_CHOOSER_ACTION_SELECT_FOLDER)
++ self.file_dialog.set_select_multiple(0)
++ rc = self.file_dialog.run()
++ self.file_dialog.hide()
++ if rc == gtk.RESPONSE_CANCEL:
++ return
++ self.output_entry.set_text(self.file_dialog.get_filename())
++
++ def on_name_entry_changed(self, entry, third):
++ name = entry.get_text()
++ if self.name != name:
++ if name in self.all_types:
++ if self.verify(_("Type %s_t already defined in current policy.\nDo you want to continue?") % name, _("Verify Name")) == gtk.RESPONSE_NO:
++ entry.set_text("")
++ return False
++ if name in self.all_modules:
++ if self.verify(_("Module %s.pp already loaded in current policy.\nDo you want to continue?") % name, _("Verify Name")) == gtk.RESPONSE_NO:
++ entry.set_text("")
++ return False
++
++ file = "/etc/rc.d/init.d/" + name
++ if os.path.isfile(file) and self.init_script_entry.get_text() == "":
++ self.init_script_entry.set_text(file)
++
++ file = "/usr/sbin/" + name
++ if os.path.isfile(file) and self.exec_entry.get_text() == "":
++ self.exec_entry.set_text(file)
++
++ self.name = name
++ return False
++
++ def on_in_net_page_next(self, *args):
++ try:
++ polgen.verify_ports(self.in_tcp_entry.get_text())
++ polgen.verify_ports(self.in_udp_entry.get_text())
++ except ValueError, e:
++ self.error(e.message)
++ return True
++
++ def on_out_net_page_next(self, *args):
++ try:
++ polgen.verify_ports(self.out_tcp_entry.get_text())
++ polgen.verify_ports(self.out_udp_entry.get_text())
++ except ValueError, e:
++ self.error(e.message)
++ return True
++
++ def on_select_type_page_next(self, *args):
++ self.exec_entry.set_sensitive(self.confine_application())
++ self.exec_button.set_sensitive(self.confine_application())
++ self.init_script_entry.set_sensitive(self.init_radiobutton.get_active())
++ self.init_script_button.set_sensitive(self.init_radiobutton.get_active())
++
++ def on_existing_user_page_next(self, *args):
++ store, iter = self.view.get_selection().get_selected()
++ if iter != None:
++ self.error(_("You must select a user"))
++ return True
++
++ def on_name_page_next(self, *args):
++ name=self.name_entry.get_text()
++ if name == "":
++ self.error(_("You must enter a name"))
++ return True
++
++ if self.confine_application():
++ exe = self.exec_entry.get_text()
++ if exe == "":
++ self.error(_("You must enter a executable"))
++ return True
++
++ def stand_alone(self):
++ desktopName = _("Configue SELinux")
++
++ self.setupScreen()
++ self.mainWindow.connect("destroy", self.quit)
++
++ self.mainWindow.show_all()
++ gtk.main()
++
++if __name__ == "__main__":
++ signal.signal (signal.SIGINT, signal.SIG_DFL)
++
++ app = childWindow()
++ app.stand_alone()
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/portsPage.py policycoreutils-2.0.52/gui/portsPage.py
--- nsapolicycoreutils/gui/portsPage.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.50/gui/portsPage.py 2008-07-01 14:59:58.000000000 -0400
++++ policycoreutils-2.0.52/gui/portsPage.py 2008-07-02 13:43:21.000000000 -0400
@@ -0,0 +1,258 @@
+## portsPage.py - show selinux mappings
+## Copyright (C) 2006 Red Hat, Inc.
@@ -10543,9 +7226,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/portsPage.py policyc
+
+ return True
+
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/selinux.tbl policycoreutils-2.0.50/gui/selinux.tbl
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/selinux.tbl policycoreutils-2.0.52/gui/selinux.tbl
--- nsapolicycoreutils/gui/selinux.tbl 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.50/gui/selinux.tbl 2008-07-01 14:59:58.000000000 -0400
++++ policycoreutils-2.0.52/gui/selinux.tbl 2008-07-02 13:43:21.000000000 -0400
@@ -0,0 +1,234 @@
+acct_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for acct daemon")
+allow_daemons_dump_core _("Admin") _("Allow all daemons to write corefiles to /")
@@ -10781,10 +7464,10 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/selinux.tbl policyco
+webadm_manage_user_files _("HTTPD Service") _("Allow SELinux webadm user to manage unprivileged users home directories")
+webadm_read_user_files _("HTTPD Service") _("Allow SELinux webadm user to read unprivileged users home directories")
+
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/semanagePage.py policycoreutils-2.0.50/gui/semanagePage.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/semanagePage.py policycoreutils-2.0.52/gui/semanagePage.py
--- nsapolicycoreutils/gui/semanagePage.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.50/gui/semanagePage.py 2008-07-01 14:59:58.000000000 -0400
-@@ -0,0 +1,170 @@
++++ policycoreutils-2.0.52/gui/semanagePage.py 2008-07-03 13:10:29.000000000 -0400
+@@ -0,0 +1,169 @@
+## semanagePage.py - show selinux mappings
+## Copyright (C) 2006 Red Hat, Inc.
+
@@ -10943,7 +7626,6 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/semanagePage.py poli
+ except ValueError, e:
+ self.error(e.args[0])
+ self.dialog.hide()
-+
+
+ def on_local_clicked(self, button):
+ self.local = not self.local
@@ -10955,9 +7637,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/semanagePage.py poli
+ self.load(self.filter)
+ return True
+
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/statusPage.py policycoreutils-2.0.50/gui/statusPage.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/statusPage.py policycoreutils-2.0.52/gui/statusPage.py
--- nsapolicycoreutils/gui/statusPage.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.50/gui/statusPage.py 2008-07-01 14:59:58.000000000 -0400
++++ policycoreutils-2.0.52/gui/statusPage.py 2008-07-02 13:43:21.000000000 -0400
@@ -0,0 +1,191 @@
+# statusPage.py - show selinux status
+## Copyright (C) 2006 Red Hat, Inc.
@@ -11150,10 +7832,10 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/statusPage.py policy
+ return self.types[self.selinuxTypeOptionMenu.get_active()]
+
+
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinux.glade policycoreutils-2.0.50/gui/system-config-selinux.glade
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinux.glade policycoreutils-2.0.52/gui/system-config-selinux.glade
--- nsapolicycoreutils/gui/system-config-selinux.glade 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.50/gui/system-config-selinux.glade 2008-07-01 14:59:58.000000000 -0400
-@@ -0,0 +1,3203 @@
++++ policycoreutils-2.0.52/gui/system-config-selinux.glade 2008-07-03 13:08:31.000000000 -0400
+@@ -0,0 +1,3221 @@
+
+
+
@@ -12974,6 +9656,24 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinu
+ True
+
+
++
++
++
++ True
++ Run booleans lockdown wizard
++ Lockdown...
++ True
++ gtk-print-error
++ True
++ True
++ False
++
++
++
++ False
++ True
++
++
+
+
+ 0
@@ -14357,9 +11057,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinu
+
+
+
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinux.py policycoreutils-2.0.50/gui/system-config-selinux.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinux.py policycoreutils-2.0.52/gui/system-config-selinux.py
--- nsapolicycoreutils/gui/system-config-selinux.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.50/gui/system-config-selinux.py 2008-07-01 14:59:58.000000000 -0400
++++ policycoreutils-2.0.52/gui/system-config-selinux.py 2008-07-02 13:43:21.000000000 -0400
@@ -0,0 +1,187 @@
+#!/usr/bin/python
+#
@@ -14548,9 +11248,31 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinu
+
+ app = childWindow()
+ app.stand_alone()
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/boolean.py policycoreutils-2.0.50/gui/templates/boolean.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/__init__.py policycoreutils-2.0.52/gui/templates/__init__.py
+--- nsapolicycoreutils/gui/templates/__init__.py 1969-12-31 19:00:00.000000000 -0500
++++ policycoreutils-2.0.52/gui/templates/__init__.py 2008-07-02 13:43:21.000000000 -0400
+@@ -0,0 +1,18 @@
++#
++# Copyright (C) 2007 Red Hat, Inc.
++#
++# This program is free software; you can redistribute it and/or modify
++# it under the terms of the GNU General Public License as published by
++# the Free Software Foundation; either version 2 of the License, or
++# (at your option) any later version.
++#
++# This program is distributed in the hope that it will be useful,
++# but WITHOUT ANY WARRANTY; without even the implied warranty of
++# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
++# GNU General Public License for more details.
++#
++# You should have received a copy of the GNU General Public License
++# along with this program; if not, write to the Free Software
++# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
++#
++
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/boolean.py policycoreutils-2.0.52/gui/templates/boolean.py
--- nsapolicycoreutils/gui/templates/boolean.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.50/gui/templates/boolean.py 2008-07-01 14:59:58.000000000 -0400
++++ policycoreutils-2.0.52/gui/templates/boolean.py 2008-07-02 13:43:21.000000000 -0400
@@ -0,0 +1,40 @@
+# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information
@@ -14592,9 +11314,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/boolean.py
+')
+"""
+
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/etc_rw.py policycoreutils-2.0.50/gui/templates/etc_rw.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/etc_rw.py policycoreutils-2.0.52/gui/templates/etc_rw.py
--- nsapolicycoreutils/gui/templates/etc_rw.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.50/gui/templates/etc_rw.py 2008-07-01 14:59:58.000000000 -0400
++++ policycoreutils-2.0.52/gui/templates/etc_rw.py 2008-07-02 13:43:21.000000000 -0400
@@ -0,0 +1,129 @@
+# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information
@@ -14725,9 +11447,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/etc_rw.py
+fc_dir="""\
+FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_etc_rw_t,s0)
+"""
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/executable.py policycoreutils-2.0.50/gui/templates/executable.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/executable.py policycoreutils-2.0.52/gui/templates/executable.py
--- nsapolicycoreutils/gui/templates/executable.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.50/gui/templates/executable.py 2008-07-01 14:59:58.000000000 -0400
++++ policycoreutils-2.0.52/gui/templates/executable.py 2008-07-02 13:43:21.000000000 -0400
@@ -0,0 +1,327 @@
+# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information
@@ -15056,31 +11778,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/executable
+EXECUTABLE -- gen_context(system_u:object_r:TEMPLATETYPE_script_exec_t,s0)
+"""
+
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/__init__.py policycoreutils-2.0.50/gui/templates/__init__.py
---- nsapolicycoreutils/gui/templates/__init__.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.50/gui/templates/__init__.py 2008-07-01 14:59:58.000000000 -0400
-@@ -0,0 +1,18 @@
-+#
-+# Copyright (C) 2007 Red Hat, Inc.
-+#
-+# This program is free software; you can redistribute it and/or modify
-+# it under the terms of the GNU General Public License as published by
-+# the Free Software Foundation; either version 2 of the License, or
-+# (at your option) any later version.
-+#
-+# This program is distributed in the hope that it will be useful,
-+# but WITHOUT ANY WARRANTY; without even the implied warranty of
-+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-+# GNU General Public License for more details.
-+#
-+# You should have received a copy of the GNU General Public License
-+# along with this program; if not, write to the Free Software
-+# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
-+#
-+
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/network.py policycoreutils-2.0.50/gui/templates/network.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/network.py policycoreutils-2.0.52/gui/templates/network.py
--- nsapolicycoreutils/gui/templates/network.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.50/gui/templates/network.py 2008-07-01 14:59:58.000000000 -0400
++++ policycoreutils-2.0.52/gui/templates/network.py 2008-07-02 13:43:21.000000000 -0400
@@ -0,0 +1,80 @@
+te_port_types="""
+type TEMPLATETYPE_port_t;
@@ -15162,9 +11862,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/network.py
+corenet_udp_bind_all_unreserved_ports(TEMPLATETYPE_t)
+"""
+
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/rw.py policycoreutils-2.0.50/gui/templates/rw.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/rw.py policycoreutils-2.0.52/gui/templates/rw.py
--- nsapolicycoreutils/gui/templates/rw.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.50/gui/templates/rw.py 2008-07-01 14:59:58.000000000 -0400
++++ policycoreutils-2.0.52/gui/templates/rw.py 2008-07-02 13:43:21.000000000 -0400
@@ -0,0 +1,128 @@
+# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information
@@ -15294,9 +11994,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/rw.py poli
+fc_dir="""
+FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_rw_t,s0)
+"""
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/script.py policycoreutils-2.0.50/gui/templates/script.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/script.py policycoreutils-2.0.52/gui/templates/script.py
--- nsapolicycoreutils/gui/templates/script.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.50/gui/templates/script.py 2008-07-01 14:59:58.000000000 -0400
++++ policycoreutils-2.0.52/gui/templates/script.py 2008-07-02 13:43:21.000000000 -0400
@@ -0,0 +1,105 @@
+# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information
@@ -15403,9 +12103,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/script.py
+# Adding roles to SELinux user USER
+/usr/sbin/semanage user -m -R +TEMPLATETYPE_r USER
+"""
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/semodule.py policycoreutils-2.0.50/gui/templates/semodule.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/semodule.py policycoreutils-2.0.52/gui/templates/semodule.py
--- nsapolicycoreutils/gui/templates/semodule.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.50/gui/templates/semodule.py 2008-07-01 14:59:58.000000000 -0400
++++ policycoreutils-2.0.52/gui/templates/semodule.py 2008-07-02 13:43:21.000000000 -0400
@@ -0,0 +1,41 @@
+# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information
@@ -15448,9 +12148,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/semodule.p
+semanage ports -a -t TEMPLATETYPE_port_t -p udp PORTNUM
+"""
+
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/tmp.py policycoreutils-2.0.50/gui/templates/tmp.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/tmp.py policycoreutils-2.0.52/gui/templates/tmp.py
--- nsapolicycoreutils/gui/templates/tmp.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.50/gui/templates/tmp.py 2008-07-01 14:59:58.000000000 -0400
++++ policycoreutils-2.0.52/gui/templates/tmp.py 2008-07-02 13:43:21.000000000 -0400
@@ -0,0 +1,97 @@
+# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information
@@ -15549,9 +12249,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/tmp.py pol
+ TEMPLATETYPE_manage_tmp($1)
+"""
+
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/user.py policycoreutils-2.0.50/gui/templates/user.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/user.py policycoreutils-2.0.52/gui/templates/user.py
--- nsapolicycoreutils/gui/templates/user.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.50/gui/templates/user.py 2008-07-01 14:59:58.000000000 -0400
++++ policycoreutils-2.0.52/gui/templates/user.py 2008-07-02 13:43:21.000000000 -0400
@@ -0,0 +1,182 @@
+# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information
@@ -15735,9 +12435,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/user.py po
+te_newrole_rules="""
+seutil_run_newrole(TEMPLATETYPE_t,TEMPLATETYPE_r,{ TEMPLATETYPE_devpts_t TEMPLATETYPE_tty_device_t })
+"""
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_lib.py policycoreutils-2.0.50/gui/templates/var_lib.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_lib.py policycoreutils-2.0.52/gui/templates/var_lib.py
--- nsapolicycoreutils/gui/templates/var_lib.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.50/gui/templates/var_lib.py 2008-07-01 14:59:58.000000000 -0400
++++ policycoreutils-2.0.52/gui/templates/var_lib.py 2008-07-02 13:43:21.000000000 -0400
@@ -0,0 +1,158 @@
+# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information
@@ -15897,9 +12597,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_lib.py
+fc_dir="""\
+FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_var_lib_t,s0)
+"""
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_log.py policycoreutils-2.0.50/gui/templates/var_log.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_log.py policycoreutils-2.0.52/gui/templates/var_log.py
--- nsapolicycoreutils/gui/templates/var_log.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.50/gui/templates/var_log.py 2008-07-01 14:59:58.000000000 -0400
++++ policycoreutils-2.0.52/gui/templates/var_log.py 2008-07-02 13:43:21.000000000 -0400
@@ -0,0 +1,110 @@
+# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information
@@ -16011,9 +12711,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_log.py
+fc_dir="""\
+FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_log_t,s0)
+"""
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_run.py policycoreutils-2.0.50/gui/templates/var_run.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_run.py policycoreutils-2.0.52/gui/templates/var_run.py
--- nsapolicycoreutils/gui/templates/var_run.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.50/gui/templates/var_run.py 2008-07-01 14:59:58.000000000 -0400
++++ policycoreutils-2.0.52/gui/templates/var_run.py 2008-07-02 13:43:21.000000000 -0400
@@ -0,0 +1,118 @@
+# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information
@@ -16133,9 +12833,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_run.py
+FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_var_run_t,s0)
+"""
+
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_spool.py policycoreutils-2.0.50/gui/templates/var_spool.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_spool.py policycoreutils-2.0.52/gui/templates/var_spool.py
--- nsapolicycoreutils/gui/templates/var_spool.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.50/gui/templates/var_spool.py 2008-07-01 14:59:58.000000000 -0400
++++ policycoreutils-2.0.52/gui/templates/var_spool.py 2008-07-02 13:43:21.000000000 -0400
@@ -0,0 +1,129 @@
+# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information
@@ -16266,9 +12966,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_spool.
+fc_dir="""\
+FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_spool_t,s0)
+"""
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/translationsPage.py policycoreutils-2.0.50/gui/translationsPage.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/translationsPage.py policycoreutils-2.0.52/gui/translationsPage.py
--- nsapolicycoreutils/gui/translationsPage.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.50/gui/translationsPage.py 2008-07-01 14:59:58.000000000 -0400
++++ policycoreutils-2.0.52/gui/translationsPage.py 2008-07-02 13:43:21.000000000 -0400
@@ -0,0 +1,118 @@
+## translationsPage.py - show selinux translations
+## Copyright (C) 2006 Red Hat, Inc.
@@ -16388,9 +13088,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/translationsPage.py
+ store, iter = self.view.get_selection().get_selected()
+ self.store.set_value(iter, 0, level)
+ self.store.set_value(iter, 1, translation)
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/usersPage.py policycoreutils-2.0.50/gui/usersPage.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/usersPage.py policycoreutils-2.0.52/gui/usersPage.py
--- nsapolicycoreutils/gui/usersPage.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.50/gui/usersPage.py 2008-07-01 14:59:58.000000000 -0400
++++ policycoreutils-2.0.52/gui/usersPage.py 2008-07-02 13:43:21.000000000 -0400
@@ -0,0 +1,150 @@
+## usersPage.py - show selinux mappings
+## Copyright (C) 2006,2007,2008 Red Hat, Inc.
diff --git a/policycoreutils-rhat.patch b/policycoreutils-rhat.patch
index a82cdf3..c4a56bd 100644
--- a/policycoreutils-rhat.patch
+++ b/policycoreutils-rhat.patch
@@ -7,6 +7,12 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.12 --exclude=gui --exclude=po
INOTIFYH = $(shell ls /usr/include/sys/inotify.h 2>/dev/null)
+diff --exclude-from=exclude --exclude=sepolgen-1.0.12 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/VERSION policycoreutils-2.0.52/VERSION
+--- nsapolicycoreutils/VERSION 2008-07-02 17:19:15.000000000 -0400
++++ policycoreutils-2.0.52/VERSION 2008-07-02 13:42:54.000000000 -0400
+@@ -1 +1 @@
+-2.0.52
++2.0.51
diff --exclude-from=exclude --exclude=sepolgen-1.0.12 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.c policycoreutils-2.0.52/restorecond/restorecond.c
--- nsapolicycoreutils/restorecond/restorecond.c 2008-06-12 23:25:21.000000000 -0400
+++ policycoreutils-2.0.52/restorecond/restorecond.c 2008-07-02 13:43:21.000000000 -0400
@@ -38,34 +44,194 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.12 --exclude=gui --exclude=po
close(fd);
diff --exclude-from=exclude --exclude=sepolgen-1.0.12 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/semanage policycoreutils-2.0.52/semanage/semanage
--- nsapolicycoreutils/semanage/semanage 2008-07-02 17:19:15.000000000 -0400
-+++ policycoreutils-2.0.52/semanage/semanage 2008-07-02 13:43:21.000000000 -0400
-@@ -297,9 +297,10 @@
- if object == "user":
++++ policycoreutils-2.0.52/semanage/semanage 2008-07-03 13:06:55.000000000 -0400
+@@ -51,7 +51,7 @@
+ semanage interface -{a|d|m} [-tr] interface_spec
+ semanage fcontext -{a|d|m} [-frst] file_spec
+ semanage translation -{a|d|m} [-T] level
+-semanage boolean -{d|m} boolean
++semanage boolean -{d|m} [-F] boolean | boolean_file
+ semanage permissive -{d|a} type
+
+ Primary Options:
+@@ -79,6 +79,7 @@
+ -l (symbolic link)
+ -p (named pipe)
+
++ -F, --file Treat target as an input file for command, change multiple settings
+ -p, --proto Port protocol (tcp or udp)
+ -P, --prefix Prefix for home directory labeling
+ -L, --level Default SELinux Level (MLS/MCS Systems only)
+@@ -114,7 +115,7 @@
+ valid_option["translation"] = []
+ valid_option["translation"] += valid_everyone + [ '-T', '--trans' ]
+ valid_option["boolean"] = []
+- valid_option["boolean"] += valid_everyone + [ '--on', "--off", "-1", "-0" ]
++ valid_option["boolean"] += valid_everyone + [ '--on', "--off", "-1", "-0", "-F", "--file"]
+ valid_option["permissive"] = []
+ valid_option["permissive"] += [ '-a', '--add', '-d', '--delete', '-l', '--list', '-h', '--help', '-n', '--noheading', '-D', '--deleteall' ]
+ return valid_option
+@@ -136,13 +137,14 @@
+ seuser = ""
+ prefix = ""
+ heading=1
+- value=0
+- add = 0
+- modify = 0
+- delete = 0
+- deleteall = 0
+- list = 0
+- locallist = 0
++ value = ""
++ add = False
++ modify = False
++ delete = False
++ deleteall = False
++ list = False
++ locallist = False
++ use_file = False
+ store = ""
+ if len(sys.argv) < 3:
+ usage(_("Requires 2 or more arguments"))
+@@ -155,11 +157,12 @@
+ args = sys.argv[2:]
+
+ gopts, cmds = getopt.getopt(args,
+- '01adf:lhmnp:s:CDR:L:r:t:T:P:S:',
++ '01adf:lhmnp:s:FCDR:L:r:t:T:P:S:',
+ ['add',
+ 'delete',
+ 'deleteall',
+ 'ftype=',
++ 'file',
+ 'help',
+ 'list',
+ 'modify',
+@@ -185,18 +188,22 @@
+ if o == "-a" or o == "--add":
+ if modify or delete:
+ usage()
+- add = 1
++ add = True
+
+ if o == "-d" or o == "--delete":
+ if modify or add:
+ usage()
+- delete = 1
++ delete = True
+ if o == "-D" or o == "--deleteall":
+ if modify:
+ usage()
+- deleteall = 1
++ deleteall = True
+ if o == "-f" or o == "--ftype":
+ ftype=a
++
++ if o == "-F" or o == "--file":
++ use_file = True
++
+ if o == "-h" or o == "--help":
+ usage()
+
+@@ -204,12 +211,12 @@
+ heading=0
+
+ if o == "-C" or o == "--locallist":
+- locallist=1
++ locallist = True
+
+ if o == "-m"or o == "--modify":
+ if delete or add:
+ usage()
+- modify = 1
++ modify = True
+
+ if o == "-S" or o == '--store':
+ store = a
+@@ -220,7 +227,7 @@
+ serange = a
+
+ if o == "-l" or o == "--list":
+- list = 1
++ list = True
+
+ if o == "-L" or o == '--level':
+ if is_mls_enabled == 0:
+@@ -246,9 +253,9 @@
+ setrans = a
+
+ if o == "--on" or o == "-1":
+- value = 1
++ value = True
+ if o == "-off" or o == "-0":
+- value = 0
++ value = False
+
+ if object == "login":
+ OBJECT = seobject.loginRecords(store)
+@@ -275,7 +282,10 @@
+ OBJECT = seobject.permissiveRecords(store)
+
+ if list:
+- OBJECT.list(heading, locallist)
++ if object == "boolean":
++ OBJECT.list(heading, locallist, use_file)
++ else:
++ OBJECT.list(heading, locallist)
+ sys.exit(0);
+
+ if deleteall:
+@@ -298,8 +308,6 @@
rlist = roles.split()
if len(rlist) == 0:
-- raise ValueError(_("You must specify a role"))
+ raise ValueError(_("You must specify a role"))
- if prefix == "":
- raise ValueError(_("You must specify a prefix"))
-+ raise ValueError(_("You must specify a role"))
-+ if prefix == "":
-+ prefix = "user"
-+
OBJECT.add(target, rlist, selevel, serange, prefix)
if object == "port":
+@@ -317,7 +325,12 @@
+
+ if modify:
+ if object == "boolean":
+- OBJECT.modify(target, value)
++ if use_file:
++ OBJECT.modify(target, use_file = use_file)
++ else:
++ if value == "":
++ raise ValueError(_("boolean requires value"))
++ OBJECT.modify(target, value)
+
+ if object == "login":
+ OBJECT.modify(target, seuser, serange)
diff --exclude-from=exclude --exclude=sepolgen-1.0.12 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/semanage.8 policycoreutils-2.0.52/semanage/semanage.8
--- nsapolicycoreutils/semanage/semanage.8 2008-07-02 17:19:15.000000000 -0400
-+++ policycoreutils-2.0.52/semanage/semanage.8 2008-07-02 13:43:21.000000000 -0400
-@@ -3,7 +3,7 @@
++++ policycoreutils-2.0.52/semanage/semanage.8 2008-07-03 13:14:31.000000000 -0400
+@@ -3,9 +3,9 @@
semanage \- SELinux Policy Management tool
.SH "SYNOPSIS"
-.B semanage {boolean|login|user|port|interface|fcontext|translation} \-{l|lC|D} [\-n]
+.B semanage {boolean|login|user|port|interface|fcontext|translation} \-{l|D} [\-n] [\-S store]
.br
- .B semanage boolean \-{d|m} [\-\-on|\-\-off|\-1|\-0] boolean
+-.B semanage boolean \-{d|m} [\-\-on|\-\-off|\-1|\-0] boolean
++.B semanage boolean \-{d|m} [\-\-on|\-\-off|\-1|\-0] -F boolean | boolean_file
.br
-@@ -87,6 +87,9 @@
+ .B semanage login \-{a|d|m} [\-sr] login_name
+ .br
+@@ -54,6 +54,11 @@
+ File Type. This is used with fcontext.
+ Requires a file type as shown in the mode field by ls, e.g. use -d to match only directories or -- to match only regular files.
+ .TP
++.I \-F, \-\-file
++Set multiple records from the input file. When used with the \-l \-\-list, it will output the current settings to stdout in the proper format.
++
++Currently booleans only.
++.TP
+ .I \-h, \-\-help
+ display this message
+ .TP
+@@ -87,6 +92,9 @@
.I \-s, \-\-seuser
SELinux user name
.TP
@@ -75,3 +241,124 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.12 --exclude=gui --exclude=po
.I \-t, \-\-type
SELinux Type for the object
.TP
+diff --exclude-from=exclude --exclude=sepolgen-1.0.12 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/seobject.py policycoreutils-2.0.52/semanage/seobject.py
+--- nsapolicycoreutils/semanage/seobject.py 2008-07-02 17:19:15.000000000 -0400
++++ policycoreutils-2.0.52/semanage/seobject.py 2008-07-03 13:07:45.000000000 -0400
+@@ -567,7 +562,7 @@
+ def __init__(self, store = ""):
+ semanageRecords.__init__(self, store)
+
+- def add(self, name, roles, selevel, serange, prefix):
++ def add(self, name, roles, selevel, serange, prefix = "user"):
+ if is_mls_enabled == 1:
+ if serange == "":
+ serange = "s0"
+@@ -1448,53 +1443,58 @@
+ def __init__(self, store = ""):
+ semanageRecords.__init__(self, store)
+
+- def modify(self, name, value = ""):
+- if value == "":
+- raise ValueError(_("Requires value"))
+-
+- (rc,k) = semanage_bool_key_create(self.sh, name)
+- if rc < 0:
+- raise ValueError(_("Could not create a key for %s") % name)
+-
+- (rc,exists) = semanage_bool_exists(self.sh, k)
+- if rc < 0:
+- raise ValueError(_("Could not check if boolean %s is defined") % name)
+- if not exists:
+- raise ValueError(_("Boolean %s is not defined") % name)
+-
+- (rc,b) = semanage_bool_query(self.sh, k)
+- if rc < 0:
+- raise ValueError(_("Could not query file context %s") % name)
++ def __mod(self, name, value):
++ (rc,k) = semanage_bool_key_create(self.sh, name)
++ if rc < 0:
++ raise ValueError(_("Could not create a key for %s") % name)
++ (rc,exists) = semanage_bool_exists(self.sh, k)
++ if rc < 0:
++ raise ValueError(_("Could not check if boolean %s is defined") % name)
++ if not exists:
++ raise ValueError(_("Boolean %s is not defined") % name)
++
++ (rc,b) = semanage_bool_query(self.sh, k)
++ if rc < 0:
++ raise ValueError(_("Could not query file context %s") % name)
+
+- if value != "":
+- nvalue = int(value)
+- semanage_bool_set_value(b, nvalue)
++ if value != "":
++ nvalue = int(value)
++ semanage_bool_set_value(b, nvalue)
+ else:
+ raise ValueError(_("You must specify a value"))
++
++ rc = semanage_bool_set_active(self.sh, k, b)
++ if rc < 0:
++ raise ValueError(_("Could not set active value of boolean %s") % name)
++ rc = semanage_bool_modify_local(self.sh, k, b)
++ if rc < 0:
++ raise ValueError(_("Could not modify boolean %s") % name)
++ semanage_bool_key_free(k)
++ semanage_bool_free(b)
+
++ def modify(self, name, value=False, use_file=False):
++
+ rc = semanage_begin_transaction(self.sh)
+ if rc < 0:
+ raise ValueError(_("Could not start semanage transaction"))
+-
+- rc = semanage_bool_set_active(self.sh, k, b)
+- if rc < 0:
+- raise ValueError(_("Could not set active value of boolean %s") % name)
+- rc = semanage_bool_modify_local(self.sh, k, b)
+- if rc < 0:
+- raise ValueError(_("Could not modify boolean %s") % name)
++ if use_file:
++ fd = open(name)
++ for b in fd.read().split():
++ bool, val = b.split("=")
++ self.__mod(bool, val)
++ fd.close()
++ else:
++ self.__mod(name, value)
+
+ rc = semanage_commit(self.sh)
+ if rc < 0:
+ raise ValueError(_("Could not modify boolean %s") % name)
+
+- semanage_bool_key_free(k)
+- semanage_bool_free(b)
+-
+ def delete(self, name):
+- (rc,k) = semanage_bool_key_create(self.sh, name)
+- if rc < 0:
+- raise ValueError(_("Could not create a key for %s") % name)
+
++ (rc,k) = semanage_bool_key_create(self.sh, name)
++ if rc < 0:
++ raise ValueError(_("Could not create a key for %s") % name)
+ (rc,exists) = semanage_bool_exists(self.sh, k)
+ if rc < 0:
+ raise ValueError(_("Could not check if boolean %s is defined") % name)
+@@ -1571,8 +1571,15 @@
+ else:
+ return _("unknown")
+
+- def list(self, heading = 1, locallist = 0):
++ def list(self, heading = True, locallist = False, use_file = False):
+ on_off = (_("off"),_("on"))
++ if use_file:
++ ddict = self.get_all(locallist)
++ keys = ddict.keys()
++ for k in keys:
++ if ddict[k]:
++ print "%s=%s" % (k, ddict[k][2])
++ return
+ if heading:
+ print "%-40s %s\n" % (_("SELinux boolean"), _("Description"))
+ ddict = self.get_all(locallist)
diff --git a/policycoreutils.spec b/policycoreutils.spec
index 2f1fc99..0576edc 100644
--- a/policycoreutils.spec
+++ b/policycoreutils.spec
@@ -6,7 +6,7 @@
Summary: SELinux policy core utilities
Name: policycoreutils
Version: 2.0.52
-Release: 1%{?dist}
+Release: 2%{?dist}
License: GPLv2+
Group: System Environment/Base
Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz
@@ -192,6 +192,10 @@ if [ "$1" -ge "1" ]; then
fi
%changelog
+* Wed Jul 2 2008 Dan Walsh 2.0.52-2
+- Add lockdown wizard
+- Allow semanage booleans to take an input file an process lots of booleans at once.
+
* Wed Jul 2 2008 Dan Walsh 2.0.52-1
- Default prefix to "user"