* Fri Jan 8 2010 Dan Walsh <dwalsh@redhat.com> 2.0.78-10

- Fix sepolgen to not generate user sh section on non user policy
2010-01-08 15:22:16 +00:00 · 2010-01-08 15:22:16 +00:00 · fc860fa036
parent 6c22c6b1f6
commit fc860fa036
2 changed files with 92 additions and 87 deletions
--- a/policycoreutils-gui.patch
+++ b/policycoreutils-gui.patch
@ -1,6 +1,6 @@
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/booleansPage.py policycoreutils-2.0.74/gui/booleansPage.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/booleansPage.py policycoreutils-2.0.78/gui/booleansPage.py
 --- nsapolicycoreutils/gui/booleansPage.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.74/gui/booleansPage.py	2009-10-15 10:37:42.000000000 -0400
+++ policycoreutils-2.0.78/gui/booleansPage.py	2009-12-08 17:05:49.000000000 -0500
@@ -0,0 +1,247 @@
 +#
 +# booleansPage.py - GUI for Booleans page in system-config-securitylevel
@ -249,9 +249,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/booleansPage.py poli
 +        self.load(self.filter)
 +        return True
 +        
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/domainsPage.py policycoreutils-2.0.74/gui/domainsPage.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/domainsPage.py policycoreutils-2.0.78/gui/domainsPage.py
 --- nsapolicycoreutils/gui/domainsPage.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.74/gui/domainsPage.py	2009-10-15 10:37:42.000000000 -0400
+++ policycoreutils-2.0.78/gui/domainsPage.py	2009-12-08 17:05:49.000000000 -0500
@@ -0,0 +1,154 @@
 +## domainsPage.py - show selinux domains
 +## Copyright (C) 2009 Red Hat, Inc.
@ -407,9 +407,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/domainsPage.py polic
 +                
 +        except ValueError, e:
 +            self.error(e.args[0])
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/fcontextPage.py policycoreutils-2.0.74/gui/fcontextPage.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/fcontextPage.py policycoreutils-2.0.78/gui/fcontextPage.py
 --- nsapolicycoreutils/gui/fcontextPage.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.74/gui/fcontextPage.py	2009-10-15 10:37:42.000000000 -0400
+++ policycoreutils-2.0.78/gui/fcontextPage.py	2009-12-08 17:05:49.000000000 -0500
@@ -0,0 +1,223 @@
 +## fcontextPage.py - show selinux mappings
 +## Copyright (C) 2006 Red Hat, Inc.
@ -634,9 +634,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/fcontextPage.py poli
 +        self.store.set_value(iter, SPEC_COL, fspec)
 +        self.store.set_value(iter, FTYPE_COL, ftype)
 +        self.store.set_value(iter, TYPE_COL, "%s:%s" % (type, mls))
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/html_util.py policycoreutils-2.0.74/gui/html_util.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/html_util.py policycoreutils-2.0.78/gui/html_util.py
 --- nsapolicycoreutils/gui/html_util.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.74/gui/html_util.py	2009-10-15 10:37:42.000000000 -0400
+++ policycoreutils-2.0.78/gui/html_util.py	2009-12-08 17:05:49.000000000 -0500
@@ -0,0 +1,164 @@
 +# Authors: John Dennis <jdennis@redhat.com>
 +#
@ -802,9 +802,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/html_util.py policyc
 +    doc += tail
 +    return doc
 +
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.glade policycoreutils-2.0.74/gui/lockdown.glade
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.glade policycoreutils-2.0.78/gui/lockdown.glade
 --- nsapolicycoreutils/gui/lockdown.glade	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.74/gui/lockdown.glade	2009-10-15 10:37:42.000000000 -0400
+++ policycoreutils-2.0.78/gui/lockdown.glade	2009-12-08 17:05:49.000000000 -0500
@@ -0,0 +1,771 @@
 +<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*-->
 +<!DOCTYPE glade-interface SYSTEM "http://glade.gnome.org/glade-2.0.dtd">
@ -1577,9 +1577,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.glade polic
 +</widget>
 +
 +</glade-interface>
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.gladep policycoreutils-2.0.74/gui/lockdown.gladep
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.gladep policycoreutils-2.0.78/gui/lockdown.gladep
 --- nsapolicycoreutils/gui/lockdown.gladep	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.74/gui/lockdown.gladep	2009-10-15 10:37:42.000000000 -0400
+++ policycoreutils-2.0.78/gui/lockdown.gladep	2009-12-08 17:05:49.000000000 -0500
@@ -0,0 +1,7 @@
 +<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*-->
 +<!DOCTYPE glade-project SYSTEM "http://glade.gnome.org/glade-project-2.0.dtd">
@ -1588,9 +1588,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.gladep poli
 +  <name></name>
 +  <program_name></program_name>
 +</glade-project>
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.py policycoreutils-2.0.74/gui/lockdown.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.py policycoreutils-2.0.78/gui/lockdown.py
 --- nsapolicycoreutils/gui/lockdown.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.74/gui/lockdown.py	2009-10-15 10:37:42.000000000 -0400
+++ policycoreutils-2.0.78/gui/lockdown.py	2009-12-08 17:05:49.000000000 -0500
@@ -0,0 +1,382 @@
 +#!/usr/bin/python
 +#
@ -1974,9 +1974,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/lockdown.py policyco
 +
 +    app = booleanWindow()
 +    app.stand_alone()
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/loginsPage.py policycoreutils-2.0.74/gui/loginsPage.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/loginsPage.py policycoreutils-2.0.78/gui/loginsPage.py
 --- nsapolicycoreutils/gui/loginsPage.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.74/gui/loginsPage.py	2009-10-15 10:37:42.000000000 -0400
+++ policycoreutils-2.0.78/gui/loginsPage.py	2009-12-08 17:05:49.000000000 -0500
@@ -0,0 +1,185 @@
 +## loginsPage.py - show selinux mappings
 +## Copyright (C) 2006 Red Hat, Inc.
@ -2163,9 +2163,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/loginsPage.py policy
 +        self.store.set_value(iter, 1, seuser)
 +        self.store.set_value(iter, 2, seobject.translate(serange))
 +
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/Makefile policycoreutils-2.0.74/gui/Makefile
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/Makefile policycoreutils-2.0.78/gui/Makefile
 --- nsapolicycoreutils/gui/Makefile	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.74/gui/Makefile	2009-10-15 10:50:59.000000000 -0400
+++ policycoreutils-2.0.78/gui/Makefile	2009-12-08 17:05:49.000000000 -0500
@@ -0,0 +1,40 @@
 +# Installation directories.
 +PREFIX ?= ${DESTDIR}/usr
@ -2207,9 +2207,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/Makefile policycoreu
 +indent:
 +
 +relabel:
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/mappingsPage.py policycoreutils-2.0.74/gui/mappingsPage.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/mappingsPage.py policycoreutils-2.0.78/gui/mappingsPage.py
 --- nsapolicycoreutils/gui/mappingsPage.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.74/gui/mappingsPage.py	2009-10-15 10:37:42.000000000 -0400
+++ policycoreutils-2.0.78/gui/mappingsPage.py	2009-12-08 17:05:49.000000000 -0500
@@ -0,0 +1,56 @@
 +## mappingsPage.py - show selinux mappings
 +## Copyright (C) 2006 Red Hat, Inc.
@ -2267,9 +2267,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/mappingsPage.py poli
 +        for k in keys:
 +            print "%-25s %-25s %-25s" % (k, dict[k][0], translate(dict[k][1]))
 +
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/modulesPage.py policycoreutils-2.0.74/gui/modulesPage.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/modulesPage.py policycoreutils-2.0.78/gui/modulesPage.py
 --- nsapolicycoreutils/gui/modulesPage.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.74/gui/modulesPage.py	2009-10-15 10:37:42.000000000 -0400
+++ policycoreutils-2.0.78/gui/modulesPage.py	2009-12-08 17:05:49.000000000 -0500
@@ -0,0 +1,190 @@
 +## modulesPage.py - show selinux mappings
 +## Copyright (C) 2006-2009 Red Hat, Inc.
@ -2461,9 +2461,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/modulesPage.py polic
 +                
 +        except ValueError, e:
 +            self.error(e.args[0])
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.glade policycoreutils-2.0.74/gui/polgen.glade
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.glade policycoreutils-2.0.78/gui/polgen.glade
 --- nsapolicycoreutils/gui/polgen.glade	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.74/gui/polgen.glade	2009-10-15 10:37:42.000000000 -0400
+++ policycoreutils-2.0.78/gui/polgen.glade	2009-12-08 17:05:49.000000000 -0500
@@ -0,0 +1,3305 @@
 +<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*-->
 +<!DOCTYPE glade-interface SYSTEM "http://glade.gnome.org/glade-2.0.dtd">
@ -5770,9 +5770,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.glade policyc
 +</widget>
 +
 +</glade-interface>
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.gladep policycoreutils-2.0.74/gui/polgen.gladep
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.gladep policycoreutils-2.0.78/gui/polgen.gladep
 --- nsapolicycoreutils/gui/polgen.gladep	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.74/gui/polgen.gladep	2009-10-15 10:37:42.000000000 -0400
+++ policycoreutils-2.0.78/gui/polgen.gladep	2009-12-08 17:05:49.000000000 -0500
@@ -0,0 +1,7 @@
 +<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*-->
 +<!DOCTYPE glade-project SYSTEM "http://glade.gnome.org/glade-project-2.0.dtd">
@ -5781,9 +5781,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.gladep policy
 +  <name></name>
 +  <program_name></program_name>
 +</glade-project>
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgengui.py policycoreutils-2.0.74/gui/polgengui.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgengui.py policycoreutils-2.0.78/gui/polgengui.py
 --- nsapolicycoreutils/gui/polgengui.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.74/gui/polgengui.py	2009-10-15 10:37:42.000000000 -0400
+++ policycoreutils-2.0.78/gui/polgengui.py	2009-12-08 17:05:49.000000000 -0500
@@ -0,0 +1,627 @@
 +#!/usr/bin/python -E
 +#
@ -6412,10 +6412,10 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgengui.py policyc
 +
 +    app = childWindow()
 +    app.stand_alone()
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycoreutils-2.0.74/gui/polgen.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycoreutils-2.0.78/gui/polgen.py
 --- nsapolicycoreutils/gui/polgen.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.74/gui/polgen.py	2009-10-19 15:04:09.000000000 -0400
-@@ -0,0 +1,1195 @@
+++ policycoreutils-2.0.78/gui/polgen.py	2010-01-08 10:18:49.000000000 -0500
+@@ -0,0 +1,1197 @@
 +#!/usr/bin/python
 +#
 +# Copyright (C) 2007, 2008, 2009 Red Hat 
@ -7323,17 +7323,19 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore
 +	
 +	def generate_user_sh(self):
 +            newsh = ""
-+            if self.type in ( TUSER, XUSER, AUSER, LUSER, EUSER):
-+                roles = ""
-+                for role in self.roles:
-+                    roles += " %s_r" % role
-+                if roles != "":
-+                    roles += " system_r"
-+                if self.type == EUSER:
-+                    tmp = re.sub("TEMPLATETYPE", self.name, script.eusers)
-+                else:
-+                    tmp = re.sub("TEMPLATETYPE", self.name, script.users)
-+                newsh += re.sub("ROLES", roles, tmp)
+            if self.type not in ( TUSER, XUSER, AUSER, LUSER, EUSER):
+                return newsh
+
+            roles = ""
+            for role in self.roles:
+                roles += " %s_r" % role
+            if roles != "":
+                roles += " system_r"
+            if self.type == EUSER:
+                tmp = re.sub("TEMPLATETYPE", self.name, script.eusers)
+            else:
+                tmp = re.sub("TEMPLATETYPE", self.name, script.users)
+            newsh += re.sub("ROLES", roles, tmp)
 +
 +            if self.type == RUSER:
 +                for u in self.transition_users:
@ -7611,9 +7613,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycore
 +        
 +    print mypolicy.generate()
 +    sys.exit(0)
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/portsPage.py policycoreutils-2.0.74/gui/portsPage.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/portsPage.py policycoreutils-2.0.78/gui/portsPage.py
 --- nsapolicycoreutils/gui/portsPage.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.74/gui/portsPage.py	2009-10-15 10:37:42.000000000 -0400
+++ policycoreutils-2.0.78/gui/portsPage.py	2009-12-08 17:05:49.000000000 -0500
@@ -0,0 +1,259 @@
 +## portsPage.py - show selinux mappings
 +## Copyright (C) 2006 Red Hat, Inc.
@ -7874,9 +7876,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/portsPage.py policyc
 +
 +        return True
 +        
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/selinux.tbl policycoreutils-2.0.74/gui/selinux.tbl
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/selinux.tbl policycoreutils-2.0.78/gui/selinux.tbl
 --- nsapolicycoreutils/gui/selinux.tbl	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.74/gui/selinux.tbl	2009-10-15 10:37:42.000000000 -0400
+++ policycoreutils-2.0.78/gui/selinux.tbl	2009-12-08 17:05:49.000000000 -0500
@@ -0,0 +1,234 @@
 +acct_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for acct daemon")
 +allow_daemons_dump_core _("Admin") _("Allow all daemons to write corefiles to /")
@ -8112,9 +8114,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/selinux.tbl policyco
 +webadm_manage_user_files _("HTTPD Service") _("Allow SELinux webadm user to manage unprivileged users home directories")
 +webadm_read_user_files _("HTTPD Service") _("Allow SELinux webadm user to read unprivileged users home directories")
 +
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/semanagePage.py policycoreutils-2.0.74/gui/semanagePage.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/semanagePage.py policycoreutils-2.0.78/gui/semanagePage.py
 --- nsapolicycoreutils/gui/semanagePage.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.74/gui/semanagePage.py	2009-10-15 10:37:42.000000000 -0400
+++ policycoreutils-2.0.78/gui/semanagePage.py	2009-12-08 17:05:49.000000000 -0500
@@ -0,0 +1,168 @@
 +## semanagePage.py - show selinux mappings
 +## Copyright (C) 2006 Red Hat, Inc.
@ -8284,9 +8286,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/semanagePage.py poli
 +        self.load(self.filter)
 +        return True
 +        
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/statusPage.py policycoreutils-2.0.74/gui/statusPage.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/statusPage.py policycoreutils-2.0.78/gui/statusPage.py
 --- nsapolicycoreutils/gui/statusPage.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.74/gui/statusPage.py	2009-10-15 10:37:42.000000000 -0400
+++ policycoreutils-2.0.78/gui/statusPage.py	2009-12-08 17:05:49.000000000 -0500
@@ -0,0 +1,190 @@
 +# statusPage.py - show selinux status
 +## Copyright (C) 2006-2009 Red Hat, Inc.
@ -8478,9 +8480,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/statusPage.py policy
 +        return self.types[self.selinuxTypeOptionMenu.get_active()]
 +
 +
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinux.glade policycoreutils-2.0.74/gui/system-config-selinux.glade
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinux.glade policycoreutils-2.0.78/gui/system-config-selinux.glade
 --- nsapolicycoreutils/gui/system-config-selinux.glade	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.74/gui/system-config-selinux.glade	2009-10-16 10:44:39.000000000 -0400
+++ policycoreutils-2.0.78/gui/system-config-selinux.glade	2009-12-08 17:05:49.000000000 -0500
@@ -0,0 +1,3024 @@
 +<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*-->
 +<!DOCTYPE glade-interface SYSTEM "http://glade.gnome.org/glade-2.0.dtd">
@ -11506,9 +11508,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinu
 +</widget>
 +
 +</glade-interface>
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinux.gladep policycoreutils-2.0.74/gui/system-config-selinux.gladep
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinux.gladep policycoreutils-2.0.78/gui/system-config-selinux.gladep
 --- nsapolicycoreutils/gui/system-config-selinux.gladep	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.74/gui/system-config-selinux.gladep	2009-10-16 10:44:39.000000000 -0400
+++ policycoreutils-2.0.78/gui/system-config-selinux.gladep	2009-12-08 17:05:49.000000000 -0500
@@ -0,0 +1,7 @@
 +<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*-->
 +<!DOCTYPE glade-project SYSTEM "http://glade.gnome.org/glade-project-2.0.dtd">
@ -11517,9 +11519,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinu
 +  <name></name>
 +  <program_name></program_name>
 +</glade-project>
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinux.py policycoreutils-2.0.74/gui/system-config-selinux.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinux.py policycoreutils-2.0.78/gui/system-config-selinux.py
 --- nsapolicycoreutils/gui/system-config-selinux.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.74/gui/system-config-selinux.py	2009-10-15 10:38:12.000000000 -0400
+++ policycoreutils-2.0.78/gui/system-config-selinux.py	2009-12-08 17:05:49.000000000 -0500
@@ -0,0 +1,187 @@
 +#!/usr/bin/python
 +#
@ -11708,9 +11710,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinu
 +
 +    app = childWindow()
 +    app.stand_alone()
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/boolean.py policycoreutils-2.0.74/gui/templates/boolean.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/boolean.py policycoreutils-2.0.78/gui/templates/boolean.py
 --- nsapolicycoreutils/gui/templates/boolean.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.74/gui/templates/boolean.py	2009-10-15 10:37:42.000000000 -0400
+++ policycoreutils-2.0.78/gui/templates/boolean.py	2009-12-08 17:05:49.000000000 -0500
@@ -0,0 +1,40 @@
 +# Copyright (C) 2007 Red Hat 
 +# see file 'COPYING' for use and warranty information
@ -11752,9 +11754,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/boolean.py
 +')
 +"""
 +
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/etc_rw.py policycoreutils-2.0.74/gui/templates/etc_rw.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/etc_rw.py policycoreutils-2.0.78/gui/templates/etc_rw.py
 --- nsapolicycoreutils/gui/templates/etc_rw.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.74/gui/templates/etc_rw.py	2009-10-15 10:37:42.000000000 -0400
+++ policycoreutils-2.0.78/gui/templates/etc_rw.py	2009-12-08 17:05:49.000000000 -0500
@@ -0,0 +1,129 @@
 +# Copyright (C) 2007 Red Hat 
 +# see file 'COPYING' for use and warranty information
@ -11885,9 +11887,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/etc_rw.py
 +fc_dir="""\
 +FILENAME(/.*)?			gen_context(system_u:object_r:TEMPLATETYPE_etc_rw_t,s0)
 +"""
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/executable.py policycoreutils-2.0.74/gui/templates/executable.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/executable.py policycoreutils-2.0.78/gui/templates/executable.py
 --- nsapolicycoreutils/gui/templates/executable.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.74/gui/templates/executable.py	2009-10-15 10:37:42.000000000 -0400
+++ policycoreutils-2.0.78/gui/templates/executable.py	2009-12-08 17:05:49.000000000 -0500
@@ -0,0 +1,359 @@
 +# Copyright (C) 2007-2009 Red Hat 
 +# see file 'COPYING' for use and warranty information
@ -12248,9 +12250,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/executable
 +EXECUTABLE	--	gen_context(system_u:object_r:TEMPLATETYPE_initrc_exec_t,s0)
 +"""
 +
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/__init__.py policycoreutils-2.0.74/gui/templates/__init__.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/__init__.py policycoreutils-2.0.78/gui/templates/__init__.py
 --- nsapolicycoreutils/gui/templates/__init__.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.74/gui/templates/__init__.py	2009-10-15 10:37:42.000000000 -0400
+++ policycoreutils-2.0.78/gui/templates/__init__.py	2009-12-08 17:05:49.000000000 -0500
@@ -0,0 +1,18 @@
 +#
 +# Copyright (C) 2007 Red Hat, Inc.
@ -12270,9 +12272,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/__init__.p
 +# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
 +#
 +
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/network.py policycoreutils-2.0.74/gui/templates/network.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/network.py policycoreutils-2.0.78/gui/templates/network.py
 --- nsapolicycoreutils/gui/templates/network.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.74/gui/templates/network.py	2009-10-15 10:37:42.000000000 -0400
+++ policycoreutils-2.0.78/gui/templates/network.py	2009-12-08 17:05:49.000000000 -0500
@@ -0,0 +1,80 @@
 +te_port_types="""
 +type TEMPLATETYPE_port_t;
@ -12354,9 +12356,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/network.py
 +corenet_udp_bind_all_unreserved_ports(TEMPLATETYPE_t)
 +"""
 +
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/rw.py policycoreutils-2.0.74/gui/templates/rw.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/rw.py policycoreutils-2.0.78/gui/templates/rw.py
 --- nsapolicycoreutils/gui/templates/rw.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.74/gui/templates/rw.py	2009-10-15 10:37:42.000000000 -0400
+++ policycoreutils-2.0.78/gui/templates/rw.py	2009-12-08 17:05:49.000000000 -0500
@@ -0,0 +1,127 @@
 +# Copyright (C) 2007 Red Hat 
 +# see file 'COPYING' for use and warranty information
@ -12485,9 +12487,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/rw.py poli
 +fc_dir="""
 +FILENAME(/.*)?			gen_context(system_u:object_r:TEMPLATETYPE_rw_t,s0)
 +"""
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/script.py policycoreutils-2.0.74/gui/templates/script.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/script.py policycoreutils-2.0.78/gui/templates/script.py
 --- nsapolicycoreutils/gui/templates/script.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.74/gui/templates/script.py	2009-10-19 15:03:15.000000000 -0400
+++ policycoreutils-2.0.78/gui/templates/script.py	2009-12-08 17:05:49.000000000 -0500
@@ -0,0 +1,126 @@
 +# Copyright (C) 2007 Red Hat 
 +# see file 'COPYING' for use and warranty information
@ -12615,9 +12617,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/script.py
 +_EOF
 +fi
 +"""
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/semodule.py policycoreutils-2.0.74/gui/templates/semodule.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/semodule.py policycoreutils-2.0.78/gui/templates/semodule.py
 --- nsapolicycoreutils/gui/templates/semodule.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.74/gui/templates/semodule.py	2009-10-15 10:37:42.000000000 -0400
+++ policycoreutils-2.0.78/gui/templates/semodule.py	2009-12-08 17:05:49.000000000 -0500
@@ -0,0 +1,41 @@
 +# Copyright (C) 2007 Red Hat 
 +# see file 'COPYING' for use and warranty information
@ -12660,9 +12662,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/semodule.p
 +semanage ports -a -t TEMPLATETYPE_port_t -p udp PORTNUM
 +"""
 +
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/tmp.py policycoreutils-2.0.74/gui/templates/tmp.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/tmp.py policycoreutils-2.0.78/gui/templates/tmp.py
 --- nsapolicycoreutils/gui/templates/tmp.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.74/gui/templates/tmp.py	2009-10-15 10:37:42.000000000 -0400
+++ policycoreutils-2.0.78/gui/templates/tmp.py	2009-12-08 17:05:49.000000000 -0500
@@ -0,0 +1,97 @@
 +# Copyright (C) 2007 Red Hat 
 +# see file 'COPYING' for use and warranty information
@ -12761,9 +12763,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/tmp.py pol
 +	TEMPLATETYPE_manage_tmp($1)
 +"""
 +
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/user.py policycoreutils-2.0.74/gui/templates/user.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/user.py policycoreutils-2.0.78/gui/templates/user.py
 --- nsapolicycoreutils/gui/templates/user.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.74/gui/templates/user.py	2009-10-15 10:37:42.000000000 -0400
+++ policycoreutils-2.0.78/gui/templates/user.py	2009-12-08 17:05:49.000000000 -0500
@@ -0,0 +1,182 @@
 +# Copyright (C) 2007 Red Hat 
 +# see file 'COPYING' for use and warranty information
@ -12947,9 +12949,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/user.py po
 +te_newrole_rules="""
 +seutil_run_newrole(TEMPLATETYPE_t, TEMPLATETYPE_r,{ TEMPLATETYPE_devpts_t TEMPLATETYPE_tty_device_t })
 +"""
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_lib.py policycoreutils-2.0.74/gui/templates/var_lib.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_lib.py policycoreutils-2.0.78/gui/templates/var_lib.py
 --- nsapolicycoreutils/gui/templates/var_lib.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.74/gui/templates/var_lib.py	2009-10-15 10:37:42.000000000 -0400
+++ policycoreutils-2.0.78/gui/templates/var_lib.py	2009-12-08 17:05:49.000000000 -0500
@@ -0,0 +1,158 @@
 +# Copyright (C) 2007 Red Hat 
 +# see file 'COPYING' for use and warranty information
@ -13109,9 +13111,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_lib.py
 +fc_dir="""\
 +FILENAME(/.*)?			gen_context(system_u:object_r:TEMPLATETYPE_var_lib_t,s0)
 +"""
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_log.py policycoreutils-2.0.74/gui/templates/var_log.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_log.py policycoreutils-2.0.78/gui/templates/var_log.py
 --- nsapolicycoreutils/gui/templates/var_log.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.74/gui/templates/var_log.py	2009-10-15 10:37:42.000000000 -0400
+++ policycoreutils-2.0.78/gui/templates/var_log.py	2009-12-08 17:05:49.000000000 -0500
@@ -0,0 +1,110 @@
 +# Copyright (C) 2007 Red Hat 
 +# see file 'COPYING' for use and warranty information
@ -13223,9 +13225,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_log.py
 +fc_dir="""\
 +FILENAME(/.*)?			gen_context(system_u:object_r:TEMPLATETYPE_log_t,s0)
 +"""
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_run.py policycoreutils-2.0.74/gui/templates/var_run.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_run.py policycoreutils-2.0.78/gui/templates/var_run.py
 --- nsapolicycoreutils/gui/templates/var_run.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.74/gui/templates/var_run.py	2009-10-15 10:37:42.000000000 -0400
+++ policycoreutils-2.0.78/gui/templates/var_run.py	2009-12-08 17:05:49.000000000 -0500
@@ -0,0 +1,118 @@
 +# Copyright (C) 2007 Red Hat 
 +# see file 'COPYING' for use and warranty information
@ -13345,9 +13347,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_run.py
 +FILENAME(/.*)?			gen_context(system_u:object_r:TEMPLATETYPE_var_run_t,s0)
 +"""
 +
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_spool.py policycoreutils-2.0.74/gui/templates/var_spool.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_spool.py policycoreutils-2.0.78/gui/templates/var_spool.py
 --- nsapolicycoreutils/gui/templates/var_spool.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.74/gui/templates/var_spool.py	2009-10-15 10:37:42.000000000 -0400
+++ policycoreutils-2.0.78/gui/templates/var_spool.py	2009-12-08 17:05:49.000000000 -0500
@@ -0,0 +1,129 @@
 +# Copyright (C) 2007 Red Hat 
 +# see file 'COPYING' for use and warranty information
@ -13478,9 +13480,9 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_spool.
 +fc_dir="""\
 +FILENAME(/.*)?			gen_context(system_u:object_r:TEMPLATETYPE_spool_t,s0)
 +"""
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/usersPage.py policycoreutils-2.0.74/gui/usersPage.py
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/usersPage.py policycoreutils-2.0.78/gui/usersPage.py
 --- nsapolicycoreutils/gui/usersPage.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.74/gui/usersPage.py	2009-10-15 10:37:42.000000000 -0400
+++ policycoreutils-2.0.78/gui/usersPage.py	2009-12-08 17:05:49.000000000 -0500
@@ -0,0 +1,150 @@
 +## usersPage.py - show selinux mappings
 +## Copyright (C) 2006,2007,2008 Red Hat, Inc.
--- a/policycoreutils.spec
+++ b/policycoreutils.spec
@ -6,7 +6,7 @@
 Summary: SELinux policy core utilities
 Name:	 policycoreutils
 Version: 2.0.78
-Release: 9%{?dist}
+Release: 10%{?dist}
 License: GPLv2+
 Group:	 System Environment/Base
 Source:	 http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz
@ -297,6 +297,9 @@ fi
 exit 0

 %changelog
+* Fri Jan 8 2010 Dan Walsh <dwalsh@redhat.com> 2.0.78-10
+- Fix sepolgen to not generate user sh section on non user policy
+
 * Fri Jan 8 2010 Dan Walsh <dwalsh@redhat.com> 2.0.78-9
 - Add -e to semanage man page
 - Add -D qualifier to audit2allow to generate dontaudit rules