Rewrite seunshare to make sure /tmp is mounted stickybit owned by root

2011-03-03 13:35:37 -05:00 · 2011-03-03 13:35:37 -05:00 · be38aa471e
parent a710a4e711
commit be38aa471e
6 changed files with 913 additions and 625 deletions
--- a/policycoreutils-gui.patch
+++ b/policycoreutils-gui.patch
@ -1,6 +1,6 @@
 diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/booleansPage.py policycoreutils-2.0.85/gui/booleansPage.py
 --- nsapolicycoreutils/gui/booleansPage.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.85/gui/booleansPage.py	2011-01-21 09:25:41.000000000 -0500
+++ policycoreutils-2.0.85/gui/booleansPage.py	2011-02-23 14:40:42.595005090 -0500
@@ -0,0 +1,247 @@
 +#
 +# booleansPage.py - GUI for Booleans page in system-config-securitylevel
@ -251,7 +251,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/booleansPage.py poli
 +        
 diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/domainsPage.py policycoreutils-2.0.85/gui/domainsPage.py
 --- nsapolicycoreutils/gui/domainsPage.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.85/gui/domainsPage.py	2011-01-21 09:25:41.000000000 -0500
+++ policycoreutils-2.0.85/gui/domainsPage.py	2011-02-23 14:40:42.595005090 -0500
@@ -0,0 +1,154 @@
 +## domainsPage.py - show selinux domains
 +## Copyright (C) 2009 Red Hat, Inc.
@ -409,7 +409,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/domainsPage.py polic
 +            self.error(e.args[0])
 diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/fcontextPage.py policycoreutils-2.0.85/gui/fcontextPage.py
 --- nsapolicycoreutils/gui/fcontextPage.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.85/gui/fcontextPage.py	2011-01-21 09:25:41.000000000 -0500
+++ policycoreutils-2.0.85/gui/fcontextPage.py	2011-02-23 14:40:42.596005097 -0500
@@ -0,0 +1,223 @@
 +## fcontextPage.py - show selinux mappings
 +## Copyright (C) 2006 Red Hat, Inc.
@ -636,7 +636,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/fcontextPage.py poli
 +        self.store.set_value(iter, TYPE_COL, "%s:%s" % (type, mls))
 diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/html_util.py policycoreutils-2.0.85/gui/html_util.py
 --- nsapolicycoreutils/gui/html_util.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.85/gui/html_util.py	2011-01-21 09:25:41.000000000 -0500
+++ policycoreutils-2.0.85/gui/html_util.py	2011-02-23 14:40:42.597005104 -0500
@@ -0,0 +1,164 @@
 +# Authors: John Dennis <jdennis@redhat.com>
 +#
@ -804,7 +804,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/html_util.py policyc
 +
 diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.glade policycoreutils-2.0.85/gui/lockdown.glade
 --- nsapolicycoreutils/gui/lockdown.glade	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.85/gui/lockdown.glade	2011-01-21 09:25:41.000000000 -0500
+++ policycoreutils-2.0.85/gui/lockdown.glade	2011-02-23 14:40:42.599005118 -0500
@@ -0,0 +1,771 @@
 +<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*-->
 +<!DOCTYPE glade-interface SYSTEM "http://glade.gnome.org/glade-2.0.dtd">
@ -1579,7 +1579,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.glade polic
 +</glade-interface>
 diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.gladep policycoreutils-2.0.85/gui/lockdown.gladep
 --- nsapolicycoreutils/gui/lockdown.gladep	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.85/gui/lockdown.gladep	2011-01-21 09:25:41.000000000 -0500
+++ policycoreutils-2.0.85/gui/lockdown.gladep	2011-02-23 14:40:42.600005125 -0500
@@ -0,0 +1,7 @@
 +<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*-->
 +<!DOCTYPE glade-project SYSTEM "http://glade.gnome.org/glade-project-2.0.dtd">
@ -1590,7 +1590,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.gladep poli
 +</glade-project>
 diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.py policycoreutils-2.0.85/gui/lockdown.py
 --- nsapolicycoreutils/gui/lockdown.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.85/gui/lockdown.py	2011-01-21 09:25:41.000000000 -0500
+++ policycoreutils-2.0.85/gui/lockdown.py	2011-02-23 14:40:42.601005132 -0500
@@ -0,0 +1,382 @@
 +#!/usr/bin/python -Es
 +#
@ -1976,7 +1976,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.py policyco
 +    app.stand_alone()
 diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/loginsPage.py policycoreutils-2.0.85/gui/loginsPage.py
 --- nsapolicycoreutils/gui/loginsPage.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.85/gui/loginsPage.py	2011-01-21 09:25:41.000000000 -0500
+++ policycoreutils-2.0.85/gui/loginsPage.py	2011-02-23 14:40:42.601005132 -0500
@@ -0,0 +1,185 @@
 +## loginsPage.py - show selinux mappings
 +## Copyright (C) 2006 Red Hat, Inc.
@ -2165,7 +2165,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/loginsPage.py policy
 +
 diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/Makefile policycoreutils-2.0.85/gui/Makefile
 --- nsapolicycoreutils/gui/Makefile	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.85/gui/Makefile	2011-01-21 09:25:41.000000000 -0500
+++ policycoreutils-2.0.85/gui/Makefile	2011-02-23 14:40:42.603005146 -0500
@@ -0,0 +1,40 @@
 +# Installation directories.
 +PREFIX ?= ${DESTDIR}/usr
@ -2209,7 +2209,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/Makefile policycoreu
 +relabel:
 diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/mappingsPage.py policycoreutils-2.0.85/gui/mappingsPage.py
 --- nsapolicycoreutils/gui/mappingsPage.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.85/gui/mappingsPage.py	2011-01-21 09:25:41.000000000 -0500
+++ policycoreutils-2.0.85/gui/mappingsPage.py	2011-02-23 14:40:42.604005153 -0500
@@ -0,0 +1,56 @@
 +## mappingsPage.py - show selinux mappings
 +## Copyright (C) 2006 Red Hat, Inc.
@ -2269,7 +2269,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/mappingsPage.py poli
 +
 diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/modulesPage.py policycoreutils-2.0.85/gui/modulesPage.py
 --- nsapolicycoreutils/gui/modulesPage.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.85/gui/modulesPage.py	2011-01-21 09:25:41.000000000 -0500
+++ policycoreutils-2.0.85/gui/modulesPage.py	2011-02-23 14:40:42.605005160 -0500
@@ -0,0 +1,190 @@
 +## modulesPage.py - show selinux mappings
 +## Copyright (C) 2006-2009 Red Hat, Inc.
@ -2463,7 +2463,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/modulesPage.py polic
 +            self.error(e.args[0])
 diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.glade policycoreutils-2.0.85/gui/polgen.glade
 --- nsapolicycoreutils/gui/polgen.glade	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.85/gui/polgen.glade	2011-02-03 16:11:44.000000000 -0500
+++ policycoreutils-2.0.85/gui/polgen.glade	2011-02-24 13:17:00.341848958 -0500
@@ -0,0 +1,3432 @@
 +<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*-->
 +<!DOCTYPE glade-interface SYSTEM "http://glade.gnome.org/glade-2.0.dtd">
@ -2592,7 +2592,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.glade policyc
 +	      <child>
 +		<widget class="GtkLabel" id="select_type_label">
 +		  <property name="visible">True</property>
-+		  <property name="label" translatable="yes">&lt;b&gt;Select the policy type for the application or user role you wan to confine:&lt;/b&gt;</property>
+		  <property name="label" translatable="yes">&lt;b&gt;Select the policy type for the application or user role you want to confine:&lt;/b&gt;</property>
 +		  <property name="use_underline">False</property>
 +		  <property name="use_markup">True</property>
 +		  <property name="justify">GTK_JUSTIFY_LEFT</property>
@ -5899,7 +5899,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.glade policyc
 +</glade-interface>
 diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.gladep policycoreutils-2.0.85/gui/polgen.gladep
 --- nsapolicycoreutils/gui/polgen.gladep	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.85/gui/polgen.gladep	2011-02-02 16:17:52.000000000 -0500
+++ policycoreutils-2.0.85/gui/polgen.gladep	2011-02-23 14:40:42.613005216 -0500
@@ -0,0 +1,7 @@
 +<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*-->
 +<!DOCTYPE glade-project SYSTEM "http://glade.gnome.org/glade-project-2.0.dtd">
@ -5910,7 +5910,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.gladep policy
 +</glade-project>
 diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgengui.py policycoreutils-2.0.85/gui/polgengui.py
 --- nsapolicycoreutils/gui/polgengui.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.85/gui/polgengui.py	2011-02-03 15:50:31.000000000 -0500
+++ policycoreutils-2.0.85/gui/polgengui.py	2011-02-23 14:40:42.615005230 -0500
@@ -0,0 +1,750 @@
 +#!/usr/bin/python -Es
 +#
@ -6609,8 +6609,8 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgengui.py policyc
 +        
 +    def on_name_page_next(self, *args):
 +        name=self.name_entry.get_text()
-+        if name == "":
-+            self.error(_("You must enter a name"))
+        if not name.isalnum():
+            self.error(_("You must add a name made up of letters and numbers and containing no spaces."))
 +            return True
 +        
 +        for i in self.label_dict:
@ -6664,8 +6664,8 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgengui.py policyc
 +    app.stand_alone()
 diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycoreutils-2.0.85/gui/polgen.py
 --- nsapolicycoreutils/gui/polgen.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.85/gui/polgen.py	2011-02-03 17:03:56.000000000 -0500
-@@ -0,0 +1,1343 @@
+++ policycoreutils-2.0.85/gui/polgen.py	2011-02-23 14:40:42.619005258 -0500
+@@ -0,0 +1,1346 @@
 +#!/usr/bin/python -Es
 +#
 +# Copyright (C) 2007-2010 Red Hat 
@ -6981,6 +6981,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore
 +( self.generate_sandbox_types, self.generate_sandbox_rules))
 +		if name == "":
 +			raise ValueError(_("You must enter a name for your confined process/user"))
+                if not name.isalnum():
+                    raise ValueError(_("Name must be alpha numberic with no spaces."))
+
 +		if type == CGI:
 +			self.name = "httpd_%s_script" % name
 +		else:
@ -8011,7 +8014,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore
 +        usage(e)
 diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/portsPage.py policycoreutils-2.0.85/gui/portsPage.py
 --- nsapolicycoreutils/gui/portsPage.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.85/gui/portsPage.py	2011-01-21 09:25:41.000000000 -0500
+++ policycoreutils-2.0.85/gui/portsPage.py	2011-02-23 14:40:42.620005265 -0500
@@ -0,0 +1,259 @@
 +## portsPage.py - show selinux mappings
 +## Copyright (C) 2006 Red Hat, Inc.
@ -8274,7 +8277,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/portsPage.py policyc
 +        
 diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/selinux.tbl policycoreutils-2.0.85/gui/selinux.tbl
 --- nsapolicycoreutils/gui/selinux.tbl	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.85/gui/selinux.tbl	2011-01-21 09:25:41.000000000 -0500
+++ policycoreutils-2.0.85/gui/selinux.tbl	2011-02-23 14:40:42.622005279 -0500
@@ -0,0 +1,234 @@
 +acct_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for acct daemon")
 +allow_daemons_dump_core _("Admin") _("Allow all daemons to write corefiles to /")
@ -8512,7 +8515,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/selinux.tbl policyco
 +
 diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/semanagePage.py policycoreutils-2.0.85/gui/semanagePage.py
 --- nsapolicycoreutils/gui/semanagePage.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.85/gui/semanagePage.py	2011-01-21 09:25:41.000000000 -0500
+++ policycoreutils-2.0.85/gui/semanagePage.py	2011-02-23 14:40:42.623005286 -0500
@@ -0,0 +1,168 @@
 +## semanagePage.py - show selinux mappings
 +## Copyright (C) 2006 Red Hat, Inc.
@ -8684,7 +8687,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/semanagePage.py poli
 +        
 diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/statusPage.py policycoreutils-2.0.85/gui/statusPage.py
 --- nsapolicycoreutils/gui/statusPage.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.85/gui/statusPage.py	2011-01-21 09:25:41.000000000 -0500
+++ policycoreutils-2.0.85/gui/statusPage.py	2011-02-23 14:40:42.624005292 -0500
@@ -0,0 +1,190 @@
 +# statusPage.py - show selinux status
 +## Copyright (C) 2006-2009 Red Hat, Inc.
@ -8878,7 +8881,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/statusPage.py policy
 +
 diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinux.glade policycoreutils-2.0.85/gui/system-config-selinux.glade
 --- nsapolicycoreutils/gui/system-config-selinux.glade	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.85/gui/system-config-selinux.glade	2011-01-21 09:25:41.000000000 -0500
+++ policycoreutils-2.0.85/gui/system-config-selinux.glade	2011-02-23 14:40:42.629005326 -0500
@@ -0,0 +1,3024 @@
 +<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*-->
 +<!DOCTYPE glade-interface SYSTEM "http://glade.gnome.org/glade-2.0.dtd">
@ -11906,7 +11909,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinu
 +</glade-interface>
 diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinux.gladep policycoreutils-2.0.85/gui/system-config-selinux.gladep
 --- nsapolicycoreutils/gui/system-config-selinux.gladep	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.85/gui/system-config-selinux.gladep	2011-01-21 09:25:41.000000000 -0500
+++ policycoreutils-2.0.85/gui/system-config-selinux.gladep	2011-02-23 14:40:42.631005340 -0500
@@ -0,0 +1,7 @@
 +<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*-->
 +<!DOCTYPE glade-project SYSTEM "http://glade.gnome.org/glade-project-2.0.dtd">
@ -11917,7 +11920,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinu
 +</glade-project>
 diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinux.py policycoreutils-2.0.85/gui/system-config-selinux.py
 --- nsapolicycoreutils/gui/system-config-selinux.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.85/gui/system-config-selinux.py	2011-01-21 09:25:41.000000000 -0500
+++ policycoreutils-2.0.85/gui/system-config-selinux.py	2011-02-23 14:40:42.631005340 -0500
@@ -0,0 +1,187 @@
 +#!/usr/bin/python -Es
 +#
@ -12108,7 +12111,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinu
 +    app.stand_alone()
 diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/boolean.py policycoreutils-2.0.85/gui/templates/boolean.py
 --- nsapolicycoreutils/gui/templates/boolean.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.85/gui/templates/boolean.py	2011-01-21 09:25:41.000000000 -0500
+++ policycoreutils-2.0.85/gui/templates/boolean.py	2011-02-23 14:40:42.633005354 -0500
@@ -0,0 +1,40 @@
 +# Copyright (C) 2007 Red Hat 
 +# see file 'COPYING' for use and warranty information
@ -12152,7 +12155,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/boolean.py
 +
 diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/etc_rw.py policycoreutils-2.0.85/gui/templates/etc_rw.py
 --- nsapolicycoreutils/gui/templates/etc_rw.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.85/gui/templates/etc_rw.py	2011-01-21 09:25:41.000000000 -0500
+++ policycoreutils-2.0.85/gui/templates/etc_rw.py	2011-02-23 14:40:42.633005354 -0500
@@ -0,0 +1,113 @@
 +# Copyright (C) 2007 Red Hat 
 +# see file 'COPYING' for use and warranty information
@ -12269,7 +12272,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/etc_rw.py
 +"""
 diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/executable.py policycoreutils-2.0.85/gui/templates/executable.py
 --- nsapolicycoreutils/gui/templates/executable.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.85/gui/templates/executable.py	2011-01-21 09:25:41.000000000 -0500
+++ policycoreutils-2.0.85/gui/templates/executable.py	2011-02-23 14:40:42.635005368 -0500
@@ -0,0 +1,447 @@
 +# Copyright (C) 2007-2009 Red Hat 
 +# see file 'COPYING' for use and warranty information
@ -12720,7 +12723,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/executable
 +"""
 diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/__init__.py policycoreutils-2.0.85/gui/templates/__init__.py
 --- nsapolicycoreutils/gui/templates/__init__.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.85/gui/templates/__init__.py	2011-01-21 09:25:41.000000000 -0500
+++ policycoreutils-2.0.85/gui/templates/__init__.py	2011-02-23 14:40:42.635005368 -0500
@@ -0,0 +1,18 @@
 +#
 +# Copyright (C) 2007 Red Hat, Inc.
@ -12742,7 +12745,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/__init__.p
 +
 diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/network.py policycoreutils-2.0.85/gui/templates/network.py
 --- nsapolicycoreutils/gui/templates/network.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.85/gui/templates/network.py	2011-01-21 09:25:41.000000000 -0500
+++ policycoreutils-2.0.85/gui/templates/network.py	2011-02-23 14:40:42.636005375 -0500
@@ -0,0 +1,80 @@
 +te_port_types="""
 +type TEMPLATETYPE_port_t;
@ -12826,7 +12829,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/network.py
 +
 diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/rw.py policycoreutils-2.0.85/gui/templates/rw.py
 --- nsapolicycoreutils/gui/templates/rw.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.85/gui/templates/rw.py	2011-01-21 09:25:41.000000000 -0500
+++ policycoreutils-2.0.85/gui/templates/rw.py	2011-02-23 14:40:42.637005382 -0500
@@ -0,0 +1,131 @@
 +# Copyright (C) 2007 Red Hat 
 +# see file 'COPYING' for use and warranty information
@ -12961,7 +12964,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/rw.py poli
 +"""
 diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/script.py policycoreutils-2.0.85/gui/templates/script.py
 --- nsapolicycoreutils/gui/templates/script.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.85/gui/templates/script.py	2011-01-21 09:25:41.000000000 -0500
+++ policycoreutils-2.0.85/gui/templates/script.py	2011-02-23 14:40:42.637005382 -0500
@@ -0,0 +1,126 @@
 +# Copyright (C) 2007 Red Hat 
 +# see file 'COPYING' for use and warranty information
@ -13091,7 +13094,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/script.py
 +"""
 diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/semodule.py policycoreutils-2.0.85/gui/templates/semodule.py
 --- nsapolicycoreutils/gui/templates/semodule.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.85/gui/templates/semodule.py	2011-01-21 09:25:41.000000000 -0500
+++ policycoreutils-2.0.85/gui/templates/semodule.py	2011-02-23 14:40:42.638005389 -0500
@@ -0,0 +1,41 @@
 +# Copyright (C) 2007 Red Hat 
 +# see file 'COPYING' for use and warranty information
@ -13136,7 +13139,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/semodule.p
 +
 diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/tmp.py policycoreutils-2.0.85/gui/templates/tmp.py
 --- nsapolicycoreutils/gui/templates/tmp.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.85/gui/templates/tmp.py	2011-01-21 09:25:41.000000000 -0500
+++ policycoreutils-2.0.85/gui/templates/tmp.py	2011-02-23 14:40:42.639005396 -0500
@@ -0,0 +1,102 @@
 +# Copyright (C) 2007 Red Hat 
 +# see file 'COPYING' for use and warranty information
@ -13242,7 +13245,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/tmp.py pol
 +"""
 diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/user.py policycoreutils-2.0.85/gui/templates/user.py
 --- nsapolicycoreutils/gui/templates/user.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.85/gui/templates/user.py	2011-01-21 09:25:41.000000000 -0500
+++ policycoreutils-2.0.85/gui/templates/user.py	2011-02-23 14:40:42.639005396 -0500
@@ -0,0 +1,205 @@
 +# Copyright (C) 2007 Red Hat 
 +# see file 'COPYING' for use and warranty information
@ -13451,7 +13454,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/user.py po
 +"""
 diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_cache.py policycoreutils-2.0.85/gui/templates/var_cache.py
 --- nsapolicycoreutils/gui/templates/var_cache.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.85/gui/templates/var_cache.py	2011-01-21 09:25:41.000000000 -0500
+++ policycoreutils-2.0.85/gui/templates/var_cache.py	2011-02-23 14:40:42.640005403 -0500
@@ -0,0 +1,133 @@
 +# Copyright (C) 2010 Red Hat 
 +# see file 'COPYING' for use and warranty information
@ -13588,7 +13591,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_cache.
 +"""
 diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_lib.py policycoreutils-2.0.85/gui/templates/var_lib.py
 --- nsapolicycoreutils/gui/templates/var_lib.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.85/gui/templates/var_lib.py	2011-01-21 09:25:41.000000000 -0500
+++ policycoreutils-2.0.85/gui/templates/var_lib.py	2011-02-23 14:40:42.641005410 -0500
@@ -0,0 +1,161 @@
 +# Copyright (C) 2007 Red Hat 
 +# see file 'COPYING' for use and warranty information
@ -13753,7 +13756,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_lib.py
 +"""
 diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_log.py policycoreutils-2.0.85/gui/templates/var_log.py
 --- nsapolicycoreutils/gui/templates/var_log.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.85/gui/templates/var_log.py	2011-01-21 09:25:41.000000000 -0500
+++ policycoreutils-2.0.85/gui/templates/var_log.py	2011-02-23 14:40:42.642005417 -0500
@@ -0,0 +1,116 @@
 +# Copyright (C) 2007,2010 Red Hat 
 +# see file 'COPYING' for use and warranty information
@ -13873,7 +13876,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_log.py
 +
 diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_run.py policycoreutils-2.0.85/gui/templates/var_run.py
 --- nsapolicycoreutils/gui/templates/var_run.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.85/gui/templates/var_run.py	2011-01-21 09:25:41.000000000 -0500
+++ policycoreutils-2.0.85/gui/templates/var_run.py	2011-02-23 14:40:42.642005417 -0500
@@ -0,0 +1,101 @@
 +# Copyright (C) 2007,2010 Red Hat 
 +# see file 'COPYING' for use and warranty information
@ -13978,7 +13981,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_run.py
 +"""
 diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_spool.py policycoreutils-2.0.85/gui/templates/var_spool.py
 --- nsapolicycoreutils/gui/templates/var_spool.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.85/gui/templates/var_spool.py	2011-01-21 09:25:41.000000000 -0500
+++ policycoreutils-2.0.85/gui/templates/var_spool.py	2011-02-23 14:40:42.643005424 -0500
@@ -0,0 +1,133 @@
 +# Copyright (C) 2007 Red Hat 
 +# see file 'COPYING' for use and warranty information
@ -14115,7 +14118,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_spool.
 +"""
 diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/usersPage.py policycoreutils-2.0.85/gui/usersPage.py
 --- nsapolicycoreutils/gui/usersPage.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.85/gui/usersPage.py	2011-01-21 09:25:41.000000000 -0500
+++ policycoreutils-2.0.85/gui/usersPage.py	2011-02-23 14:40:42.644005431 -0500
@@ -0,0 +1,150 @@
 +## usersPage.py - show selinux mappings
 +## Copyright (C) 2006,2007,2008 Red Hat, Inc.
--- a/policycoreutils-po.patch
+++ b/policycoreutils-po.patch
--- a/policycoreutils-rhat.patch
+++ b/policycoreutils-rhat.patch
--- a/policycoreutils.spec
+++ b/policycoreutils.spec
@ -7,7 +7,7 @@
 Summary: SELinux policy core utilities
 Name:	 policycoreutils
 Version: 2.0.85
-Release: 11%{?dist}
+Release: 12%{?dist}
 License: GPLv2
 Group:	 System Environment/Base
 # Based on git repository with tag 20101221
@ -329,6 +329,9 @@ fi
 exit 0

 %changelog
+* Wed Feb 23 2011 Dan Walsh <dwalsh@redhat.com> 2.0.85-12
+- Rewrite seunshare to make sure /tmp is mounted stickybit owned by root
+
 * Thu Feb 3 2011 Dan Walsh <dwalsh@redhat.com> 2.0.85-11
 - Fix sandbox policy creation with udp connect ports

--- a/selinux-polgengui.desktop
+++ b/selinux-polgengui.desktop
@ -2,6 +2,7 @@
 Name=SELinux Policy Generation Tool
 Name[bn_IN]=SELinux Policy নির্মাণের সামগ্রী
 Name[ca]=Eina de generació de polítiques del SELinux
+Name[da]=Regelsætgenereringsværktøj til SELinux
 Name[de]=Tool zur Erstellung von SELinux-Richtlinien
 Name[es]=Generador de Políticas de SELinux
 Name[fi]=SELinux-käytäntöjen generointityökalu
@ -24,12 +25,13 @@ Name[ru]=Средство создания политики SELinux
 Name[sv]=Genereringsverktyg för SELinuxpolicy
 Name[ta]=SELinux பாலிசி உற்பத்தி கருவி
 Name[te]=SELinux నిర్వహణ
-Name[uk]=Утиліта генерації політики SELinux
+Name[uk]=Утиліта генерації правил SELinux
 Name[zh_CN]=SELinux 策略生成工具
 Name[zh_TW]=SELinux 政策產生工具（SELinux Policy Generation Tool）
 Comment=Generate SELinux policy modules
 Comment[bn_IN]=SELinux নিয়মনীতির মডিউল নির্মাণ করুন
 Comment[ca]=Genera els mòduls de les polítiques de SELinux
+Comment[da]=Generér SELinux-regelsætmodul
 Comment[de]=Tool zur Erstellung von SELinux-Richtlinien
 Comment[es]=Generar módulos de política de SELinux
 Comment[fi]=Generoi SELinuxin käytäntömoduuleja
--- a/system-config-selinux.desktop
+++ b/system-config-selinux.desktop
@ -1,6 +1,7 @@
 [Desktop Entry]
 Name=SELinux Management
 Name[bn_IN]=SELinux পরিচালনা
+Name[da]=Håndtering af SELinux
 Name[de]=SELinux-Management
 Name[ca]=Gestió de SELinux
 Name[es]=Administración de SELinux
@ -30,6 +31,7 @@ Name[zh_TW]=SELinux 管理
 Comment=Configure SELinux in a graphical setting
 Comment[bn_IN]=গ্রাফিক্যাল পরিবেশে SELinux কনফিগার করুন
 Comment[ca]=Configura SELinuc an mode de preferències gràfiques
+Comment[da]=Konfigurér SELinux i et grafisk miljø
 Comment[de]=SELinux in einer grafischen Einstellung konfigurieren
 Comment[es]=Defina SELinux en una configuración de interfaz gráfica
 Comment[fi]=Tee SELinuxin asetukset graafisesti