Fix post install scripts to not use systemd macros

2013-02-08 13:32:54 -05:00 · 2013-01-24 17:39:07 -05:00 · 2013-01-24 17:38:29 -05:00 · 2012-12-17 15:34:20 -05:00 · 2012-11-07 16:32:05 -05:00 · 2012-10-26 14:24:28 -04:00
11 changed files with 344263 additions and 1629 deletions
--- a/policycoreutils-gui.patch
+++ b/policycoreutils-gui.patch
@ -1,6 +1,6 @@
-diff -up policycoreutils-2.1.10/gui/booleansPage.py.gui policycoreutils-2.1.10/gui/booleansPage.py
--- policycoreutils-2.1.10/gui/booleansPage.py.gui	2012-02-01 08:39:50.132218033 -0500
-+++ policycoreutils-2.1.10/gui/booleansPage.py	2012-02-01 08:39:50.132218033 -0500
+diff -up policycoreutils-2.1.11/gui/booleansPage.py.gui policycoreutils-2.1.11/gui/booleansPage.py
+--- policycoreutils-2.1.11/gui/booleansPage.py.gui	2012-04-05 10:13:37.905837243 -0400
+++ policycoreutils-2.1.11/gui/booleansPage.py	2012-04-05 10:13:37.905837243 -0400
@@ -0,0 +1,247 @@
 +#
 +# booleansPage.py - GUI for Booleans page in system-config-securitylevel
@ -249,9 +249,9 @@ diff -up policycoreutils-2.1.10/gui/booleansPage.py.gui policycoreutils-2.1.10/g
 +        self.load(self.filter)
 +        return True
 +        
-diff -up policycoreutils-2.1.10/gui/domainsPage.py.gui policycoreutils-2.1.10/gui/domainsPage.py
--- policycoreutils-2.1.10/gui/domainsPage.py.gui	2012-02-01 08:39:50.132218033 -0500
-+++ policycoreutils-2.1.10/gui/domainsPage.py	2012-02-01 08:39:50.132218033 -0500
+diff -up policycoreutils-2.1.11/gui/domainsPage.py.gui policycoreutils-2.1.11/gui/domainsPage.py
+--- policycoreutils-2.1.11/gui/domainsPage.py.gui	2012-04-05 10:13:37.905837243 -0400
+++ policycoreutils-2.1.11/gui/domainsPage.py	2012-04-05 10:13:37.905837243 -0400
@@ -0,0 +1,154 @@
 +## domainsPage.py - show selinux domains
 +## Copyright (C) 2009 Red Hat, Inc.
@ -407,9 +407,9 @@ diff -up policycoreutils-2.1.10/gui/domainsPage.py.gui policycoreutils-2.1.10/gu
 +                
 +        except ValueError, e:
 +            self.error(e.args[0])
-diff -up policycoreutils-2.1.10/gui/fcontextPage.py.gui policycoreutils-2.1.10/gui/fcontextPage.py
--- policycoreutils-2.1.10/gui/fcontextPage.py.gui	2012-02-01 08:39:50.133218034 -0500
-+++ policycoreutils-2.1.10/gui/fcontextPage.py	2012-02-01 08:39:50.133218034 -0500
+diff -up policycoreutils-2.1.11/gui/fcontextPage.py.gui policycoreutils-2.1.11/gui/fcontextPage.py
+--- policycoreutils-2.1.11/gui/fcontextPage.py.gui	2012-04-05 10:13:37.905837243 -0400
+++ policycoreutils-2.1.11/gui/fcontextPage.py	2012-04-05 10:13:37.905837243 -0400
@@ -0,0 +1,223 @@
 +## fcontextPage.py - show selinux mappings
 +## Copyright (C) 2006 Red Hat, Inc.
@ -634,9 +634,9 @@ diff -up policycoreutils-2.1.10/gui/fcontextPage.py.gui policycoreutils-2.1.10/g
 +        self.store.set_value(iter, SPEC_COL, fspec)
 +        self.store.set_value(iter, FTYPE_COL, ftype)
 +        self.store.set_value(iter, TYPE_COL, "%s:%s" % (type, mls))
-diff -up policycoreutils-2.1.10/gui/html_util.py.gui policycoreutils-2.1.10/gui/html_util.py
--- policycoreutils-2.1.10/gui/html_util.py.gui	2012-02-01 08:39:50.134218035 -0500
-+++ policycoreutils-2.1.10/gui/html_util.py	2012-02-01 08:39:50.134218035 -0500
+diff -up policycoreutils-2.1.11/gui/html_util.py.gui policycoreutils-2.1.11/gui/html_util.py
+--- policycoreutils-2.1.11/gui/html_util.py.gui	2012-04-05 10:13:37.905837243 -0400
+++ policycoreutils-2.1.11/gui/html_util.py	2012-04-05 10:13:37.906837244 -0400
@@ -0,0 +1,164 @@
 +# Authors: John Dennis <jdennis@redhat.com>
 +#
@ -802,9 +802,9 @@ diff -up policycoreutils-2.1.10/gui/html_util.py.gui policycoreutils-2.1.10/gui/
 +    doc += tail
 +    return doc
 +
-diff -up policycoreutils-2.1.10/gui/lockdown.glade.gui policycoreutils-2.1.10/gui/lockdown.glade
--- policycoreutils-2.1.10/gui/lockdown.glade.gui	2012-02-01 08:39:50.135218036 -0500
-+++ policycoreutils-2.1.10/gui/lockdown.glade	2012-02-01 08:39:50.135218036 -0500
+diff -up policycoreutils-2.1.11/gui/lockdown.glade.gui policycoreutils-2.1.11/gui/lockdown.glade
+--- policycoreutils-2.1.11/gui/lockdown.glade.gui	2012-04-05 10:13:37.906837244 -0400
+++ policycoreutils-2.1.11/gui/lockdown.glade	2012-04-05 10:13:37.906837244 -0400
@@ -0,0 +1,771 @@
 +<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*-->
 +<!DOCTYPE glade-interface SYSTEM "http://glade.gnome.org/glade-2.0.dtd">
@ -1577,9 +1577,9 @@ diff -up policycoreutils-2.1.10/gui/lockdown.glade.gui policycoreutils-2.1.10/gu
 +</widget>
 +
 +</glade-interface>
-diff -up policycoreutils-2.1.10/gui/lockdown.gladep.gui policycoreutils-2.1.10/gui/lockdown.gladep
--- policycoreutils-2.1.10/gui/lockdown.gladep.gui	2012-02-01 08:39:50.135218036 -0500
-+++ policycoreutils-2.1.10/gui/lockdown.gladep	2012-02-01 08:39:50.135218036 -0500
+diff -up policycoreutils-2.1.11/gui/lockdown.gladep.gui policycoreutils-2.1.11/gui/lockdown.gladep
+--- policycoreutils-2.1.11/gui/lockdown.gladep.gui	2012-04-05 10:13:37.906837244 -0400
+++ policycoreutils-2.1.11/gui/lockdown.gladep	2012-04-05 10:13:37.906837244 -0400
@@ -0,0 +1,7 @@
 +<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*-->
 +<!DOCTYPE glade-project SYSTEM "http://glade.gnome.org/glade-project-2.0.dtd">
@ -1588,9 +1588,9 @@ diff -up policycoreutils-2.1.10/gui/lockdown.gladep.gui policycoreutils-2.1.10/g
 +  <name></name>
 +  <program_name></program_name>
 +</glade-project>
-diff -up policycoreutils-2.1.10/gui/lockdown.py.gui policycoreutils-2.1.10/gui/lockdown.py
--- policycoreutils-2.1.10/gui/lockdown.py.gui	2012-02-01 08:39:50.136218037 -0500
-+++ policycoreutils-2.1.10/gui/lockdown.py	2012-02-01 08:39:50.136218037 -0500
+diff -up policycoreutils-2.1.11/gui/lockdown.py.gui policycoreutils-2.1.11/gui/lockdown.py
+--- policycoreutils-2.1.11/gui/lockdown.py.gui	2012-04-05 10:13:37.907837244 -0400
+++ policycoreutils-2.1.11/gui/lockdown.py	2012-04-05 10:13:37.907837244 -0400
@@ -0,0 +1,375 @@
 +#!/usr/bin/python
 +#
@ -1967,9 +1967,9 @@ diff -up policycoreutils-2.1.10/gui/lockdown.py.gui policycoreutils-2.1.10/gui/l
 +
 +    app = booleanWindow()
 +    app.stand_alone()
-diff -up policycoreutils-2.1.10/gui/loginsPage.py.gui policycoreutils-2.1.10/gui/loginsPage.py
--- policycoreutils-2.1.10/gui/loginsPage.py.gui	2012-02-01 08:39:50.137218037 -0500
-+++ policycoreutils-2.1.10/gui/loginsPage.py	2012-02-01 08:39:50.137218037 -0500
+diff -up policycoreutils-2.1.11/gui/loginsPage.py.gui policycoreutils-2.1.11/gui/loginsPage.py
+--- policycoreutils-2.1.11/gui/loginsPage.py.gui	2012-04-05 10:13:37.907837244 -0400
+++ policycoreutils-2.1.11/gui/loginsPage.py	2012-04-05 10:13:37.907837244 -0400
@@ -0,0 +1,185 @@
 +## loginsPage.py - show selinux mappings
 +## Copyright (C) 2006 Red Hat, Inc.
@ -2156,9 +2156,9 @@ diff -up policycoreutils-2.1.10/gui/loginsPage.py.gui policycoreutils-2.1.10/gui
 +        self.store.set_value(iter, 1, seuser)
 +        self.store.set_value(iter, 2, seobject.translate(serange))
 +
-diff -up policycoreutils-2.1.10/gui/Makefile.gui policycoreutils-2.1.10/gui/Makefile
--- policycoreutils-2.1.10/gui/Makefile.gui	2012-02-01 08:39:50.137218037 -0500
-+++ policycoreutils-2.1.10/gui/Makefile	2012-02-01 08:39:50.138218037 -0500
+diff -up policycoreutils-2.1.11/gui/Makefile.gui policycoreutils-2.1.11/gui/Makefile
+--- policycoreutils-2.1.11/gui/Makefile.gui	2012-04-05 10:13:37.907837244 -0400
+++ policycoreutils-2.1.11/gui/Makefile	2012-04-05 10:13:37.907837244 -0400
@@ -0,0 +1,40 @@
 +# Installation directories.
 +PREFIX ?= ${DESTDIR}/usr
@ -2200,9 +2200,9 @@ diff -up policycoreutils-2.1.10/gui/Makefile.gui policycoreutils-2.1.10/gui/Make
 +indent:
 +
 +relabel:
-diff -up policycoreutils-2.1.10/gui/mappingsPage.py.gui policycoreutils-2.1.10/gui/mappingsPage.py
--- policycoreutils-2.1.10/gui/mappingsPage.py.gui	2012-02-01 08:39:50.138218037 -0500
-+++ policycoreutils-2.1.10/gui/mappingsPage.py	2012-02-01 08:39:50.138218037 -0500
+diff -up policycoreutils-2.1.11/gui/mappingsPage.py.gui policycoreutils-2.1.11/gui/mappingsPage.py
+--- policycoreutils-2.1.11/gui/mappingsPage.py.gui	2012-04-05 10:13:37.907837244 -0400
+++ policycoreutils-2.1.11/gui/mappingsPage.py	2012-04-05 10:13:37.907837244 -0400
@@ -0,0 +1,56 @@
 +## mappingsPage.py - show selinux mappings
 +## Copyright (C) 2006 Red Hat, Inc.
@ -2260,9 +2260,9 @@ diff -up policycoreutils-2.1.10/gui/mappingsPage.py.gui policycoreutils-2.1.10/g
 +        for k in keys:
 +            print "%-25s %-25s %-25s" % (k, dict[k][0], translate(dict[k][1]))
 +
-diff -up policycoreutils-2.1.10/gui/modulesPage.py.gui policycoreutils-2.1.10/gui/modulesPage.py
--- policycoreutils-2.1.10/gui/modulesPage.py.gui	2012-02-01 08:39:50.138218037 -0500
-+++ policycoreutils-2.1.10/gui/modulesPage.py	2012-02-01 08:39:50.139218038 -0500
+diff -up policycoreutils-2.1.11/gui/modulesPage.py.gui policycoreutils-2.1.11/gui/modulesPage.py
+--- policycoreutils-2.1.11/gui/modulesPage.py.gui	2012-04-05 10:13:37.907837244 -0400
+++ policycoreutils-2.1.11/gui/modulesPage.py	2012-04-05 10:13:37.907837244 -0400
@@ -0,0 +1,190 @@
 +## modulesPage.py - show selinux mappings
 +## Copyright (C) 2006-2009 Red Hat, Inc.
@ -2454,9 +2454,9 @@ diff -up policycoreutils-2.1.10/gui/modulesPage.py.gui policycoreutils-2.1.10/gu
 +                
 +        except ValueError, e:
 +            self.error(e.args[0])
-diff -up policycoreutils-2.1.10/gui/polgen.glade.gui policycoreutils-2.1.10/gui/polgen.glade
--- policycoreutils-2.1.10/gui/polgen.glade.gui	2012-02-01 08:39:50.141218040 -0500
-+++ policycoreutils-2.1.10/gui/polgen.glade	2012-02-01 08:39:50.142218041 -0500
+diff -up policycoreutils-2.1.11/gui/polgen.glade.gui policycoreutils-2.1.11/gui/polgen.glade
+--- policycoreutils-2.1.11/gui/polgen.glade.gui	2012-04-05 10:13:37.909837247 -0400
+++ policycoreutils-2.1.11/gui/polgen.glade	2012-04-05 10:13:37.909837247 -0400
@@ -0,0 +1,3432 @@
 +<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*-->
 +<!DOCTYPE glade-interface SYSTEM "http://glade.gnome.org/glade-2.0.dtd">
@ -5890,9 +5890,9 @@ diff -up policycoreutils-2.1.10/gui/polgen.glade.gui policycoreutils-2.1.10/gui/
 +</widget>
 +
 +</glade-interface>
-diff -up policycoreutils-2.1.10/gui/polgen.gladep.gui policycoreutils-2.1.10/gui/polgen.gladep
--- policycoreutils-2.1.10/gui/polgen.gladep.gui	2012-02-01 08:39:50.143218042 -0500
-+++ policycoreutils-2.1.10/gui/polgen.gladep	2012-02-01 08:39:50.143218042 -0500
+diff -up policycoreutils-2.1.11/gui/polgen.gladep.gui policycoreutils-2.1.11/gui/polgen.gladep
+--- policycoreutils-2.1.11/gui/polgen.gladep.gui	2012-04-05 10:13:37.909837247 -0400
+++ policycoreutils-2.1.11/gui/polgen.gladep	2012-04-05 10:13:37.909837247 -0400
@@ -0,0 +1,7 @@
 +<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*-->
 +<!DOCTYPE glade-project SYSTEM "http://glade.gnome.org/glade-project-2.0.dtd">
@ -5901,9 +5901,9 @@ diff -up policycoreutils-2.1.10/gui/polgen.gladep.gui policycoreutils-2.1.10/gui
 +  <name></name>
 +  <program_name></program_name>
 +</glade-project>
-diff -up policycoreutils-2.1.10/gui/polgengui.py.gui policycoreutils-2.1.10/gui/polgengui.py
--- policycoreutils-2.1.10/gui/polgengui.py.gui	2012-02-01 08:39:50.144218043 -0500
-+++ policycoreutils-2.1.10/gui/polgengui.py	2012-02-01 08:39:50.144218043 -0500
+diff -up policycoreutils-2.1.11/gui/polgengui.py.gui policycoreutils-2.1.11/gui/polgengui.py
+--- policycoreutils-2.1.11/gui/polgengui.py.gui	2012-04-05 10:13:37.909837247 -0400
+++ policycoreutils-2.1.11/gui/polgengui.py	2012-04-05 10:13:37.910837250 -0400
@@ -0,0 +1,750 @@
 +#!/usr/bin/python -Es
 +#
@ -6655,10 +6655,10 @@ diff -up policycoreutils-2.1.10/gui/polgengui.py.gui policycoreutils-2.1.10/gui/
 +
 +    app = childWindow()
 +    app.stand_alone()
-diff -up policycoreutils-2.1.10/gui/polgen.py.gui policycoreutils-2.1.10/gui/polgen.py
--- policycoreutils-2.1.10/gui/polgen.py.gui	2012-02-01 08:39:50.145218044 -0500
-+++ policycoreutils-2.1.10/gui/polgen.py	2012-02-01 08:39:50.146218045 -0500
-@@ -0,0 +1,1353 @@
+diff -up policycoreutils-2.1.11/gui/polgen.py.gui policycoreutils-2.1.11/gui/polgen.py
+--- policycoreutils-2.1.11/gui/polgen.py.gui	2012-04-05 10:13:37.910837250 -0400
+++ policycoreutils-2.1.11/gui/polgen.py	2012-04-13 10:41:56.501251501 -0400
+@@ -0,0 +1,1354 @@
 +#!/usr/bin/python -Es
 +#
 +# Copyright (C) 2007-2012 Red Hat 
@ -6957,6 +6957,7 @@ diff -up policycoreutils-2.1.10/gui/polgen.py.gui policycoreutils-2.1.10/gui/pol
 +		self.DEFAULT_DIRS["/etc"] = ["etc_rw", [], etc_rw];
 +		self.DEFAULT_DIRS["/tmp"] = ["tmp", [], tmp];
 +		self.DEFAULT_DIRS["rw"] = ["rw", [], rw];
+		self.DEFAULT_DIRS["/usr/lib/systemd/system"] = ["unit_file", [], unit_file];
 +		self.DEFAULT_DIRS["/lib/systemd/system"] = ["unit_file", [], unit_file];
 +		self.DEFAULT_DIRS["/etc/systemd/system"] = ["unit_file", [], unit_file];
 +		self.DEFAULT_DIRS["/var/cache"] = ["var_cache", [], var_cache];
@ -6965,7 +6966,7 @@ diff -up policycoreutils-2.1.10/gui/polgen.py.gui policycoreutils-2.1.10/gui/pol
 +		self.DEFAULT_DIRS["/var/run"] = ["var_run", [], var_run];
 +		self.DEFAULT_DIRS["/var/spool"] = ["var_spool", [], var_spool];
 +
-+                self.DEFAULT_KEYS=["/etc", "/var/cache", "/var/log", "/tmp", "rw", "/var/lib", "/var/run", "/var/spool", "/etc/systemd/system", "/lib/systemd/system" ]
+                self.DEFAULT_KEYS=["/etc", "/var/cache", "/var/log", "/tmp", "rw", "/var/lib", "/var/run", "/var/spool", "/etc/systemd/system", "/usr/lib/systemd/system", "/lib/systemd/system" ]
 +
 +		self.DEFAULT_TYPES = (\
 +( self.generate_daemon_types, self.generate_daemon_rules), \
@ -8012,9 +8013,9 @@ diff -up policycoreutils-2.1.10/gui/polgen.py.gui policycoreutils-2.1.10/gui/pol
 +        sys.exit(0)
 +    except ValueError, e:
 +        usage(e)
-diff -up policycoreutils-2.1.10/gui/portsPage.py.gui policycoreutils-2.1.10/gui/portsPage.py
--- policycoreutils-2.1.10/gui/portsPage.py.gui	2012-02-01 08:39:50.146218045 -0500
-+++ policycoreutils-2.1.10/gui/portsPage.py	2012-02-01 08:39:50.146218045 -0500
+diff -up policycoreutils-2.1.11/gui/portsPage.py.gui policycoreutils-2.1.11/gui/portsPage.py
+--- policycoreutils-2.1.11/gui/portsPage.py.gui	2012-04-05 10:13:37.910837250 -0400
+++ policycoreutils-2.1.11/gui/portsPage.py	2012-04-05 10:13:37.910837250 -0400
@@ -0,0 +1,259 @@
 +## portsPage.py - show selinux mappings
 +## Copyright (C) 2006 Red Hat, Inc.
@ -8275,9 +8276,9 @@ diff -up policycoreutils-2.1.10/gui/portsPage.py.gui policycoreutils-2.1.10/gui/
 +
 +        return True
 +        
-diff -up policycoreutils-2.1.10/gui/selinux.tbl.gui policycoreutils-2.1.10/gui/selinux.tbl
--- policycoreutils-2.1.10/gui/selinux.tbl.gui	2012-02-01 08:39:50.147218045 -0500
-+++ policycoreutils-2.1.10/gui/selinux.tbl	2012-02-01 08:39:50.147218045 -0500
+diff -up policycoreutils-2.1.11/gui/selinux.tbl.gui policycoreutils-2.1.11/gui/selinux.tbl
+--- policycoreutils-2.1.11/gui/selinux.tbl.gui	2012-04-05 10:13:37.911837252 -0400
+++ policycoreutils-2.1.11/gui/selinux.tbl	2012-04-05 10:13:37.911837252 -0400
@@ -0,0 +1,234 @@
 +acct_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for acct daemon")
 +allow_daemons_dump_core _("Admin") _("Allow all daemons to write corefiles to /")
@ -8513,9 +8514,9 @@ diff -up policycoreutils-2.1.10/gui/selinux.tbl.gui policycoreutils-2.1.10/gui/s
 +webadm_manage_user_files _("HTTPD Service") _("Allow SELinux webadm user to manage unprivileged users home directories")
 +webadm_read_user_files _("HTTPD Service") _("Allow SELinux webadm user to read unprivileged users home directories")
 +
-diff -up policycoreutils-2.1.10/gui/semanagePage.py.gui policycoreutils-2.1.10/gui/semanagePage.py
--- policycoreutils-2.1.10/gui/semanagePage.py.gui	2012-02-01 08:39:50.148218045 -0500
-+++ policycoreutils-2.1.10/gui/semanagePage.py	2012-02-01 08:39:50.148218045 -0500
+diff -up policycoreutils-2.1.11/gui/semanagePage.py.gui policycoreutils-2.1.11/gui/semanagePage.py
+--- policycoreutils-2.1.11/gui/semanagePage.py.gui	2012-04-05 10:13:37.911837252 -0400
+++ policycoreutils-2.1.11/gui/semanagePage.py	2012-04-05 10:13:37.911837252 -0400
@@ -0,0 +1,168 @@
 +## semanagePage.py - show selinux mappings
 +## Copyright (C) 2006 Red Hat, Inc.
@ -8685,9 +8686,9 @@ diff -up policycoreutils-2.1.10/gui/semanagePage.py.gui policycoreutils-2.1.10/g
 +        self.load(self.filter)
 +        return True
 +        
-diff -up policycoreutils-2.1.10/gui/statusPage.py.gui policycoreutils-2.1.10/gui/statusPage.py
--- policycoreutils-2.1.10/gui/statusPage.py.gui	2012-02-01 08:39:50.148218045 -0500
-+++ policycoreutils-2.1.10/gui/statusPage.py	2012-02-01 08:39:50.149218046 -0500
+diff -up policycoreutils-2.1.11/gui/statusPage.py.gui policycoreutils-2.1.11/gui/statusPage.py
+--- policycoreutils-2.1.11/gui/statusPage.py.gui	2012-04-05 10:13:37.911837252 -0400
+++ policycoreutils-2.1.11/gui/statusPage.py	2012-04-05 10:13:37.911837252 -0400
@@ -0,0 +1,190 @@
 +# statusPage.py - show selinux status
 +## Copyright (C) 2006-2009 Red Hat, Inc.
@ -8879,9 +8880,9 @@ diff -up policycoreutils-2.1.10/gui/statusPage.py.gui policycoreutils-2.1.10/gui
 +        return self.types[self.selinuxTypeOptionMenu.get_active()]
 +
 +
-diff -up policycoreutils-2.1.10/gui/system-config-selinux.glade.gui policycoreutils-2.1.10/gui/system-config-selinux.glade
--- policycoreutils-2.1.10/gui/system-config-selinux.glade.gui	2012-02-01 08:39:50.151218048 -0500
-+++ policycoreutils-2.1.10/gui/system-config-selinux.glade	2012-02-01 08:39:50.151218048 -0500
+diff -up policycoreutils-2.1.11/gui/system-config-selinux.glade.gui policycoreutils-2.1.11/gui/system-config-selinux.glade
+--- policycoreutils-2.1.11/gui/system-config-selinux.glade.gui	2012-04-05 10:13:37.913837254 -0400
+++ policycoreutils-2.1.11/gui/system-config-selinux.glade	2012-04-05 10:13:37.913837254 -0400
@@ -0,0 +1,3024 @@
 +<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*-->
 +<!DOCTYPE glade-interface SYSTEM "http://glade.gnome.org/glade-2.0.dtd">
@ -11907,9 +11908,9 @@ diff -up policycoreutils-2.1.10/gui/system-config-selinux.glade.gui policycoreut
 +</widget>
 +
 +</glade-interface>
-diff -up policycoreutils-2.1.10/gui/system-config-selinux.gladep.gui policycoreutils-2.1.10/gui/system-config-selinux.gladep
--- policycoreutils-2.1.10/gui/system-config-selinux.gladep.gui	2012-02-01 08:39:50.152218049 -0500
-+++ policycoreutils-2.1.10/gui/system-config-selinux.gladep	2012-02-01 08:39:50.152218049 -0500
+diff -up policycoreutils-2.1.11/gui/system-config-selinux.gladep.gui policycoreutils-2.1.11/gui/system-config-selinux.gladep
+--- policycoreutils-2.1.11/gui/system-config-selinux.gladep.gui	2012-04-05 10:13:37.913837254 -0400
+++ policycoreutils-2.1.11/gui/system-config-selinux.gladep	2012-04-05 10:13:37.913837254 -0400
@@ -0,0 +1,7 @@
 +<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*-->
 +<!DOCTYPE glade-project SYSTEM "http://glade.gnome.org/glade-project-2.0.dtd">
@ -11918,9 +11919,9 @@ diff -up policycoreutils-2.1.10/gui/system-config-selinux.gladep.gui policycoreu
 +  <name></name>
 +  <program_name></program_name>
 +</glade-project>
-diff -up policycoreutils-2.1.10/gui/system-config-selinux.py.gui policycoreutils-2.1.10/gui/system-config-selinux.py
--- policycoreutils-2.1.10/gui/system-config-selinux.py.gui	2012-02-01 08:39:50.152218049 -0500
-+++ policycoreutils-2.1.10/gui/system-config-selinux.py	2012-02-01 08:39:50.153218050 -0500
+diff -up policycoreutils-2.1.11/gui/system-config-selinux.py.gui policycoreutils-2.1.11/gui/system-config-selinux.py
+--- policycoreutils-2.1.11/gui/system-config-selinux.py.gui	2012-04-05 10:13:37.913837254 -0400
+++ policycoreutils-2.1.11/gui/system-config-selinux.py	2012-04-05 10:13:37.913837254 -0400
@@ -0,0 +1,187 @@
 +#!/usr/bin/python -Es
 +#
@ -12109,9 +12110,9 @@ diff -up policycoreutils-2.1.10/gui/system-config-selinux.py.gui policycoreutils
 +
 +    app = childWindow()
 +    app.stand_alone()
-diff -up policycoreutils-2.1.10/gui/templates/boolean.py.gui policycoreutils-2.1.10/gui/templates/boolean.py
--- policycoreutils-2.1.10/gui/templates/boolean.py.gui	2012-02-01 08:39:50.153218050 -0500
-+++ policycoreutils-2.1.10/gui/templates/boolean.py	2012-02-01 08:39:50.153218050 -0500
+diff -up policycoreutils-2.1.11/gui/templates/boolean.py.gui policycoreutils-2.1.11/gui/templates/boolean.py
+--- policycoreutils-2.1.11/gui/templates/boolean.py.gui	2012-04-05 10:13:37.913837254 -0400
+++ policycoreutils-2.1.11/gui/templates/boolean.py	2012-04-05 10:13:37.913837254 -0400
@@ -0,0 +1,40 @@
 +# Copyright (C) 2007-2012 Red Hat
 +# see file 'COPYING' for use and warranty information
@ -12153,9 +12154,9 @@ diff -up policycoreutils-2.1.10/gui/templates/boolean.py.gui policycoreutils-2.1
 +')
 +"""
 +
-diff -up policycoreutils-2.1.10/gui/templates/etc_rw.py.gui policycoreutils-2.1.10/gui/templates/etc_rw.py
--- policycoreutils-2.1.10/gui/templates/etc_rw.py.gui	2012-02-01 08:39:50.154218051 -0500
-+++ policycoreutils-2.1.10/gui/templates/etc_rw.py	2012-02-01 08:39:50.154218051 -0500
+diff -up policycoreutils-2.1.11/gui/templates/etc_rw.py.gui policycoreutils-2.1.11/gui/templates/etc_rw.py
+--- policycoreutils-2.1.11/gui/templates/etc_rw.py.gui	2012-04-05 10:13:37.913837254 -0400
+++ policycoreutils-2.1.11/gui/templates/etc_rw.py	2012-04-05 10:13:37.913837254 -0400
@@ -0,0 +1,112 @@
 +# Copyright (C) 2007-2012 Red Hat
 +# see file 'COPYING' for use and warranty information
@ -12269,10 +12270,10 @@ diff -up policycoreutils-2.1.10/gui/templates/etc_rw.py.gui policycoreutils-2.1.
 +fc_dir="""\
 +FILENAME(/.*)?		gen_context(system_u:object_r:TEMPLATETYPE_etc_rw_t,s0)
 +"""
-diff -up policycoreutils-2.1.10/gui/templates/executable.py.gui policycoreutils-2.1.10/gui/templates/executable.py
--- policycoreutils-2.1.10/gui/templates/executable.py.gui	2012-02-01 08:39:50.155218052 -0500
-+++ policycoreutils-2.1.10/gui/templates/executable.py	2012-02-01 08:39:50.155218052 -0500
-@@ -0,0 +1,441 @@
+diff -up policycoreutils-2.1.11/gui/templates/executable.py.gui policycoreutils-2.1.11/gui/templates/executable.py
+--- policycoreutils-2.1.11/gui/templates/executable.py.gui	2012-04-05 10:13:37.913837254 -0400
+++ policycoreutils-2.1.11/gui/templates/executable.py	2012-04-05 10:13:37.913837254 -0400
+@@ -0,0 +1,445 @@
 +# Copyright (C) 2007-2012 Red Hat
 +# see file 'COPYING' for use and warranty information
 +#
@ -12699,6 +12700,10 @@ diff -up policycoreutils-2.1.10/gui/templates/executable.py.gui policycoreutils-
 +"""
 +
 +if_end_admin="""\
+	optional_policy(`
+		systemd_passwd_agent_exec($1)
+		systemd_read_fifo_file_passwd_run($1)
+	')
 +')
 +"""
 +
@ -12714,9 +12719,9 @@ diff -up policycoreutils-2.1.10/gui/templates/executable.py.gui policycoreutils-
 +fc_initscript="""\
 +EXECUTABLE	--	gen_context(system_u:object_r:TEMPLATETYPE_initrc_exec_t,s0)
 +"""
-diff -up policycoreutils-2.1.10/gui/templates/__init__.py.gui policycoreutils-2.1.10/gui/templates/__init__.py
--- policycoreutils-2.1.10/gui/templates/__init__.py.gui	2012-02-01 08:39:50.155218052 -0500
-+++ policycoreutils-2.1.10/gui/templates/__init__.py	2012-02-01 08:39:50.155218052 -0500
+diff -up policycoreutils-2.1.11/gui/templates/__init__.py.gui policycoreutils-2.1.11/gui/templates/__init__.py
+--- policycoreutils-2.1.11/gui/templates/__init__.py.gui	2012-04-05 10:13:37.913837254 -0400
+++ policycoreutils-2.1.11/gui/templates/__init__.py	2012-04-05 10:13:37.913837254 -0400
@@ -0,0 +1,18 @@
 +#
 +# Copyright (C) 2007-2012 Red Hat
@ -12736,9 +12741,9 @@ diff -up policycoreutils-2.1.10/gui/templates/__init__.py.gui policycoreutils-2.
 +# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
 +#
 +
-diff -up policycoreutils-2.1.10/gui/templates/network.py.gui policycoreutils-2.1.10/gui/templates/network.py
--- policycoreutils-2.1.10/gui/templates/network.py.gui	2012-02-01 08:39:50.156218053 -0500
-+++ policycoreutils-2.1.10/gui/templates/network.py	2012-02-01 08:39:50.156218053 -0500
+diff -up policycoreutils-2.1.11/gui/templates/network.py.gui policycoreutils-2.1.11/gui/templates/network.py
+--- policycoreutils-2.1.11/gui/templates/network.py.gui	2012-04-05 10:13:37.914837256 -0400
+++ policycoreutils-2.1.11/gui/templates/network.py	2012-04-05 10:13:37.914837256 -0400
@@ -0,0 +1,102 @@
 +# Copyright (C) 2007-2012 Red Hat
 +# see file 'COPYING' for use and warranty information
@ -12842,9 +12847,9 @@ diff -up policycoreutils-2.1.10/gui/templates/network.py.gui policycoreutils-2.1
 +corenet_udp_bind_all_unreserved_ports(TEMPLATETYPE_t)
 +"""
 +
-diff -up policycoreutils-2.1.10/gui/templates/rw.py.gui policycoreutils-2.1.10/gui/templates/rw.py
--- policycoreutils-2.1.10/gui/templates/rw.py.gui	2012-02-01 08:39:50.156218053 -0500
-+++ policycoreutils-2.1.10/gui/templates/rw.py	2012-02-01 08:39:50.157218053 -0500
+diff -up policycoreutils-2.1.11/gui/templates/rw.py.gui policycoreutils-2.1.11/gui/templates/rw.py
+--- policycoreutils-2.1.11/gui/templates/rw.py.gui	2012-04-05 10:13:37.914837256 -0400
+++ policycoreutils-2.1.11/gui/templates/rw.py	2012-04-05 10:13:37.914837256 -0400
@@ -0,0 +1,129 @@
 +# Copyright (C) 2007-2012 Red Hat
 +# see file 'COPYING' for use and warranty information
@ -12975,9 +12980,9 @@ diff -up policycoreutils-2.1.10/gui/templates/rw.py.gui policycoreutils-2.1.10/g
 +fc_dir="""
 +FILENAME(/.*)?		gen_context(system_u:object_r:TEMPLATETYPE_rw_t,s0)
 +"""
-diff -up policycoreutils-2.1.10/gui/templates/script.py.gui policycoreutils-2.1.10/gui/templates/script.py
--- policycoreutils-2.1.10/gui/templates/script.py.gui	2012-02-01 08:39:50.157218053 -0500
-+++ policycoreutils-2.1.10/gui/templates/script.py	2012-02-01 08:39:50.157218053 -0500
+diff -up policycoreutils-2.1.11/gui/templates/script.py.gui policycoreutils-2.1.11/gui/templates/script.py
+--- policycoreutils-2.1.11/gui/templates/script.py.gui	2012-04-05 10:13:37.914837256 -0400
+++ policycoreutils-2.1.11/gui/templates/script.py	2012-04-05 10:13:37.914837256 -0400
@@ -0,0 +1,126 @@
 +# Copyright (C) 2007-2012 Red Hat
 +# see file 'COPYING' for use and warranty information
@ -13044,7 +13049,7 @@ diff -up policycoreutils-2.1.10/gui/templates/script.py.gui policycoreutils-2.1.
 +
 +echo "Building and Loading Policy"
 +set -x
-+make -f /usr/share/selinux/devel/Makefile || exit
+make -f /usr/share/selinux/devel/Makefile TEMPLATEFILE.pp || exit
 +/usr/sbin/semodule -i TEMPLATEFILE.pp
 +
 +"""
@ -13105,9 +13110,9 @@ diff -up policycoreutils-2.1.10/gui/templates/script.py.gui policycoreutils-2.1.
 +_EOF
 +fi
 +"""
-diff -up policycoreutils-2.1.10/gui/templates/semodule.py.gui policycoreutils-2.1.10/gui/templates/semodule.py
--- policycoreutils-2.1.10/gui/templates/semodule.py.gui	2012-02-01 08:39:50.157218053 -0500
-+++ policycoreutils-2.1.10/gui/templates/semodule.py	2012-02-01 08:39:50.158218053 -0500
+diff -up policycoreutils-2.1.11/gui/templates/semodule.py.gui policycoreutils-2.1.11/gui/templates/semodule.py
+--- policycoreutils-2.1.11/gui/templates/semodule.py.gui	2012-04-05 10:13:37.914837256 -0400
+++ policycoreutils-2.1.11/gui/templates/semodule.py	2012-04-05 10:13:37.914837256 -0400
@@ -0,0 +1,41 @@
 +# Copyright (C) 2007-2012 Red Hat
 +# see file 'COPYING' for use and warranty information
@ -13150,9 +13155,9 @@ diff -up policycoreutils-2.1.10/gui/templates/semodule.py.gui policycoreutils-2.
 +semanage ports -a -t TEMPLATETYPE_port_t -p udp PORTNUM
 +"""
 +
-diff -up policycoreutils-2.1.10/gui/templates/tmp.py.gui policycoreutils-2.1.10/gui/templates/tmp.py
--- policycoreutils-2.1.10/gui/templates/tmp.py.gui	2012-02-01 08:39:50.158218053 -0500
-+++ policycoreutils-2.1.10/gui/templates/tmp.py	2012-02-01 08:39:50.158218053 -0500
+diff -up policycoreutils-2.1.11/gui/templates/tmp.py.gui policycoreutils-2.1.11/gui/templates/tmp.py
+--- policycoreutils-2.1.11/gui/templates/tmp.py.gui	2012-04-05 10:13:37.914837256 -0400
+++ policycoreutils-2.1.11/gui/templates/tmp.py	2012-04-05 10:13:37.914837256 -0400
@@ -0,0 +1,102 @@
 +# Copyright (C) 2007-2012 Red Hat
 +# see file 'COPYING' for use and warranty information
@ -13256,10 +13261,10 @@ diff -up policycoreutils-2.1.10/gui/templates/tmp.py.gui policycoreutils-2.1.10/
 +	files_search_tmp($1)
 +	admin_pattern($1, TEMPLATETYPE_tmp_t)
 +"""
-diff -up policycoreutils-2.1.10/gui/templates/unit_file.py.gui policycoreutils-2.1.10/gui/templates/unit_file.py
--- policycoreutils-2.1.10/gui/templates/unit_file.py.gui	2012-02-01 08:40:34.733252831 -0500
-+++ policycoreutils-2.1.10/gui/templates/unit_file.py	2012-02-01 08:40:28.444248042 -0500
-@@ -0,0 +1,69 @@
+diff -up policycoreutils-2.1.11/gui/templates/unit_file.py.gui policycoreutils-2.1.11/gui/templates/unit_file.py
+--- policycoreutils-2.1.11/gui/templates/unit_file.py.gui	2012-04-05 10:13:37.914837256 -0400
+++ policycoreutils-2.1.11/gui/templates/unit_file.py	2012-04-05 10:13:37.914837256 -0400
+@@ -0,0 +1,72 @@
 +# Copyright (C) 2012 Red Hat
 +# see file 'COPYING' for use and warranty information
 +#
@ -13286,7 +13291,7 @@ diff -up policycoreutils-2.1.10/gui/templates/unit_file.py.gui policycoreutils-2
 +########################### Type Enforcement File #############################
 +te_types="""
 +type TEMPLATETYPE_unit_file_t;
-+files_type(TEMPLATETYPE_unit_file_t)
+systemd_unit_file(TEMPLATETYPE_unit_file_t)
 +"""
 +
 +te_rules=""
@ -13310,8 +13315,9 @@ diff -up policycoreutils-2.1.10/gui/templates/unit_file.py.gui policycoreutils-2
 +	')
 +
 +	systemd_exec_systemctl($1)
+        systemd_read_fifo_file_password_run($1)
 +	allow $1 TEMPLATETYPE_unit_file_t:file read_file_perms;
-+	allow $1 TEMPLATETYPE_unit_file_t:service all_service_perms;
+	allow $1 TEMPLATETYPE_unit_file_t:service manage_service_perms;
 +
 +	ps_process_pattern($1, TEMPLATETYPE_t)
 +')
@ -13319,19 +13325,21 @@ diff -up policycoreutils-2.1.10/gui/templates/unit_file.py.gui policycoreutils-2
 +"""
 +
 +if_admin_types="""
-+		type TEMPLATETYPE_unit_file_t;"""
+	type TEMPLATETYPE_unit_file_t;"""
 +
 +if_admin_rules="""
 +	TEMPLATETYPE_systemctl($1)
+	admin_pattern($1, TEMPLATETYPE_unit_file_t)
+	allow $1 TEMPLATETYPE_unit_file_t:service all_service_perms;
 +"""
 +
 +########################### File Context ##################################
 +fc_file="""\
 +FILENAME		--	gen_context(system_u:object_r:TEMPLATETYPE_unit_file_t,s0)
 +"""
-diff -up policycoreutils-2.1.10/gui/templates/user.py.gui policycoreutils-2.1.10/gui/templates/user.py
--- policycoreutils-2.1.10/gui/templates/user.py.gui	2012-02-01 08:39:50.159218054 -0500
-+++ policycoreutils-2.1.10/gui/templates/user.py	2012-02-01 08:39:50.159218054 -0500
+diff -up policycoreutils-2.1.11/gui/templates/user.py.gui policycoreutils-2.1.11/gui/templates/user.py
+--- policycoreutils-2.1.11/gui/templates/user.py.gui	2012-04-05 10:13:37.914837256 -0400
+++ policycoreutils-2.1.11/gui/templates/user.py	2012-04-05 10:13:37.914837256 -0400
@@ -0,0 +1,204 @@
 +# Copyright (C) 2007-2012 Red Hat
 +# see file 'COPYING' for use and warranty information
@ -13537,9 +13545,9 @@ diff -up policycoreutils-2.1.10/gui/templates/user.py.gui policycoreutils-2.1.10
 +te_newrole_rules="""
 +seutil_run_newrole(TEMPLATETYPE_t, TEMPLATETYPE_r)
 +"""
-diff -up policycoreutils-2.1.10/gui/templates/var_cache.py.gui policycoreutils-2.1.10/gui/templates/var_cache.py
--- policycoreutils-2.1.10/gui/templates/var_cache.py.gui	2012-02-01 08:39:50.159218054 -0500
-+++ policycoreutils-2.1.10/gui/templates/var_cache.py	2012-02-01 08:39:50.159218054 -0500
+diff -up policycoreutils-2.1.11/gui/templates/var_cache.py.gui policycoreutils-2.1.11/gui/templates/var_cache.py
+--- policycoreutils-2.1.11/gui/templates/var_cache.py.gui	2012-04-05 10:13:37.914837256 -0400
+++ policycoreutils-2.1.11/gui/templates/var_cache.py	2012-04-05 10:13:37.914837256 -0400
@@ -0,0 +1,132 @@
 +# Copyright (C) 2007-2012 Red Hat
 +# see file 'COPYING' for use and warranty information
@ -13673,9 +13681,9 @@ diff -up policycoreutils-2.1.10/gui/templates/var_cache.py.gui policycoreutils-2
 +fc_dir="""\
 +FILENAME(/.*)?		gen_context(system_u:object_r:TEMPLATETYPE_cache_t,s0)
 +"""
-diff -up policycoreutils-2.1.10/gui/templates/var_lib.py.gui policycoreutils-2.1.10/gui/templates/var_lib.py
--- policycoreutils-2.1.10/gui/templates/var_lib.py.gui	2012-02-01 08:39:50.160218055 -0500
-+++ policycoreutils-2.1.10/gui/templates/var_lib.py	2012-02-01 08:39:50.160218055 -0500
+diff -up policycoreutils-2.1.11/gui/templates/var_lib.py.gui policycoreutils-2.1.11/gui/templates/var_lib.py
+--- policycoreutils-2.1.11/gui/templates/var_lib.py.gui	2012-04-05 10:13:37.915837258 -0400
+++ policycoreutils-2.1.11/gui/templates/var_lib.py	2012-04-05 10:13:37.915837258 -0400
@@ -0,0 +1,160 @@
 +# Copyright (C) 2007-2012 Red Hat
 +# see file 'COPYING' for use and warranty information
@ -13837,9 +13845,9 @@ diff -up policycoreutils-2.1.10/gui/templates/var_lib.py.gui policycoreutils-2.1
 +fc_dir="""\
 +FILENAME(/.*)?		gen_context(system_u:object_r:TEMPLATETYPE_var_lib_t,s0)
 +"""
-diff -up policycoreutils-2.1.10/gui/templates/var_log.py.gui policycoreutils-2.1.10/gui/templates/var_log.py
--- policycoreutils-2.1.10/gui/templates/var_log.py.gui	2012-02-01 08:39:50.160218055 -0500
-+++ policycoreutils-2.1.10/gui/templates/var_log.py	2012-02-01 08:39:50.161218056 -0500
+diff -up policycoreutils-2.1.11/gui/templates/var_log.py.gui policycoreutils-2.1.11/gui/templates/var_log.py
+--- policycoreutils-2.1.11/gui/templates/var_log.py.gui	2012-04-05 10:13:37.915837258 -0400
+++ policycoreutils-2.1.11/gui/templates/var_log.py	2012-04-05 10:13:37.915837258 -0400
@@ -0,0 +1,114 @@
 +# Copyright (C) 2007-2012 Red Hat
 +# see file 'COPYING' for use and warranty information
@ -13955,9 +13963,9 @@ diff -up policycoreutils-2.1.10/gui/templates/var_log.py.gui policycoreutils-2.1
 +fc_dir="""\
 +FILENAME(/.*)?		gen_context(system_u:object_r:TEMPLATETYPE_log_t,s0)
 +"""
-diff -up policycoreutils-2.1.10/gui/templates/var_run.py.gui policycoreutils-2.1.10/gui/templates/var_run.py
--- policycoreutils-2.1.10/gui/templates/var_run.py.gui	2012-02-01 08:39:50.161218056 -0500
-+++ policycoreutils-2.1.10/gui/templates/var_run.py	2012-02-01 08:39:50.161218056 -0500
+diff -up policycoreutils-2.1.11/gui/templates/var_run.py.gui policycoreutils-2.1.11/gui/templates/var_run.py
+--- policycoreutils-2.1.11/gui/templates/var_run.py.gui	2012-04-05 10:13:37.915837258 -0400
+++ policycoreutils-2.1.11/gui/templates/var_run.py	2012-04-05 10:13:37.915837258 -0400
@@ -0,0 +1,101 @@
 +# Copyright (C) 2007-2012 Red Hat
 +# see file 'COPYING' for use and warranty information
@ -14060,9 +14068,9 @@ diff -up policycoreutils-2.1.10/gui/templates/var_run.py.gui policycoreutils-2.1
 +fc_dir="""\
 +FILENAME(/.*)?		gen_context(system_u:object_r:TEMPLATETYPE_var_run_t,s0)
 +"""
-diff -up policycoreutils-2.1.10/gui/templates/var_spool.py.gui policycoreutils-2.1.10/gui/templates/var_spool.py
--- policycoreutils-2.1.10/gui/templates/var_spool.py.gui	2012-02-01 08:39:50.162218057 -0500
-+++ policycoreutils-2.1.10/gui/templates/var_spool.py	2012-02-01 08:39:50.162218057 -0500
+diff -up policycoreutils-2.1.11/gui/templates/var_spool.py.gui policycoreutils-2.1.11/gui/templates/var_spool.py
+--- policycoreutils-2.1.11/gui/templates/var_spool.py.gui	2012-04-05 10:13:37.915837258 -0400
+++ policycoreutils-2.1.11/gui/templates/var_spool.py	2012-04-05 10:13:37.915837258 -0400
@@ -0,0 +1,131 @@
 +# Copyright (C) 2007-2012 Red Hat
 +# see file 'COPYING' for use and warranty information
@ -14195,9 +14203,9 @@ diff -up policycoreutils-2.1.10/gui/templates/var_spool.py.gui policycoreutils-2
 +fc_dir="""\
 +FILENAME(/.*)?		gen_context(system_u:object_r:TEMPLATETYPE_spool_t,s0)
 +"""
-diff -up policycoreutils-2.1.10/gui/usersPage.py.gui policycoreutils-2.1.10/gui/usersPage.py
--- policycoreutils-2.1.10/gui/usersPage.py.gui	2012-02-01 08:39:50.162218057 -0500
-+++ policycoreutils-2.1.10/gui/usersPage.py	2012-02-01 08:39:50.163218058 -0500
+diff -up policycoreutils-2.1.11/gui/usersPage.py.gui policycoreutils-2.1.11/gui/usersPage.py
+--- policycoreutils-2.1.11/gui/usersPage.py.gui	2012-04-05 10:13:37.915837258 -0400
+++ policycoreutils-2.1.11/gui/usersPage.py	2012-04-05 10:13:37.915837258 -0400
@@ -0,0 +1,150 @@
 +## usersPage.py - show selinux mappings
 +## Copyright (C) 2006,2007,2008 Red Hat, Inc.
--- a/policycoreutils-nosub.patch
+++ b/policycoreutils-nosub.patch
@ -0,0 +1,33 @@
+diff -up policycoreutils-2.1.13/semanage/seobject.py~ policycoreutils-2.1.13/semanage/seobject.py
+--- policycoreutils-2.1.13/semanage/seobject.py~	2013-02-08 12:36:21.408442611 -0500
+++ policycoreutils-2.1.13/semanage/seobject.py	2013-02-08 12:36:53.963553141 -0500
+@@ -1992,8 +1992,6 @@ class booleanRecords(semanageRecords):
+ 			self.modify_local = False
+ 
+ 	def __mod(self, name, value):
+-                name = selinux.selinux_boolean_sub(name)
+-
+                 (rc, k) = semanage_bool_key_create(self.sh, name)
+                 if rc < 0:
+                        raise ValueError(_("Could not create a key for %s") % name)
+@@ -2043,8 +2041,6 @@ class booleanRecords(semanageRecords):
+                 self.commit()
+ 		
+ 	def __delete(self, name):
+-                name = selinux.selinux_boolean_sub(name)
+-
+                 (rc, k) = semanage_bool_key_create(self.sh, name)
+                 if rc < 0:
+                       raise ValueError(_("Could not create a key for %s") % name)
+@@ -2108,11 +2104,9 @@ class booleanRecords(semanageRecords):
+ 		return ddict
+ 			
+         def get_desc(self, name):
+-		name = selinux.selinux_boolean_sub(name)
+ 		return boolean_desc(name)
+ 
+         def get_category(self, name):
+-		name = selinux.selinux_boolean_sub(name)
+ 		return boolean_category(name)
+ 
+         def customized(self):
--- a/policycoreutils-rhat.patch
+++ b/policycoreutils-rhat.patch
--- a/policycoreutils-semanage.patch
+++ b/policycoreutils-semanage.patch
@ -0,0 +1,10 @@
+--- policycoreutils-2.1.11/semanage/semanage.old	2012-06-29 11:33:54.832066426 +0200
+++ policycoreutils-2.1.11/semanage/semanage	2012-06-29 11:34:36.230067371 +0200
+@@ -199,6 +199,7 @@
+ 		seuser = ""
+ 		prefix = "user"
+ 		heading = True
+		global reload
+ 		reload = True
+ 		value = None
+ 		add = False
--- a/policycoreutils-sepolgen.patch
+++ b/policycoreutils-sepolgen.patch
@ -1,94 +1,14 @@
-diff --git a/sepolgen/HACKING b/sepolgen/HACKING
-index 5cdf6d5..a0ec323 100644
--- a/sepolgen/HACKING
-+++ b/sepolgen/HACKING
-@@ -76,4 +76,4 @@ information about the object classes - including information flow. It
- is separated to keep the core from being concerned about the details
- of the object classes.
- 
-[selist]: http://www.nsa.gov/selinux/info/list.cfm
-\ No newline at end of file
-+[selist]: http://www.nsa.gov/research/selinux/info/list.cfm
 diff --git a/sepolgen/src/sepolgen/audit.py b/sepolgen/src/sepolgen/audit.py
-index 9fdfafa..9e2ccee 100644
+index 73c60f6..d636091 100644
 --- a/sepolgen/src/sepolgen/audit.py
 +++ b/sepolgen/src/sepolgen/audit.py
-@@ -20,6 +20,7 @@
- import refpolicy
- import access
- import re
-+import sys
- 
- # Convenience functions
- 
-@@ -343,6 +344,7 @@ class AuditParser:
-         self.policy_load_msgs = []
-         self.path_msgs = []
-         self.by_header = { }
-+        self.check_input_file = False
-                 
-     # Low-level parsing function - tries to determine if this audit
-     # message is an SELinux related message and then parses it into
-@@ -378,6 +380,7 @@ class AuditParser:
-                 found = True
-                 
-             if found:
-+                self.check_input_file = True
-                 try:
-                     msg.from_split_string(rec)
-                 except ValueError:
-@@ -447,6 +450,9 @@ class AuditParser:
-         while line:
-             self.__parse(line)
-             line = input.readline()
-+        if not self.check_input_file:
-+            sys.stderr.write("Nothing to do\n")
-+            sys.exit(0)
-         self.__post_process()
- 
-     def parse_string(self, input):
-diff --git a/sepolgen/src/sepolgen/matching.py b/sepolgen/src/sepolgen/matching.py
-index 1a9a3e5..d56dd92 100644
--- a/sepolgen/src/sepolgen/matching.py
-+++ b/sepolgen/src/sepolgen/matching.py
-@@ -50,7 +50,7 @@ class Match:
-                 return 1
- 
- class MatchList:
-    DEFAULT_THRESHOLD = 120
-+    DEFAULT_THRESHOLD = 150
-     def __init__(self):
-         # Match objects that pass the threshold
-         self.children = []
-@@ -63,14 +63,15 @@ class MatchList:
-     def best(self):
-         if len(self.children):
-             return self.children[0]
-        else:
-            return None
-+        if len(self.bastards):
-+            return self.bastards[0]
-+        return None
- 
-     def __len__(self):
-         # Only return the length of the matches so
-         # that this can be used to test if there is
-         # a match.
-        return len(self.children)
-+        return len(self.children) + len(self.bastards)
- 
-     def __iter__(self):
-         return iter(self.children)
-diff --git a/sepolgen/src/sepolgen/yacc.py b/sepolgen/src/sepolgen/yacc.py
-index 2f3c09d..bc4536d 100644
--- a/sepolgen/src/sepolgen/yacc.py
-+++ b/sepolgen/src/sepolgen/yacc.py
-@@ -506,7 +506,7 @@ def initialize_vars():
- 
-     Errorfunc    = None    # User defined error handler
- 
-    Signature    = hashlib.md5()   # Digital signature of the grammar rules, precedence
-+    Signature    = hashlib.sha256()   # Digital signature of the grammar rules, precedence
-                                # and other information.  Used to determined when a
-                                # parsing table needs to be regenerated.
- 
+@@ -38,8 +38,7 @@ def get_audit_boot_msgs():
+     off=float(fd.read().split()[0])
+     fd.close
+     s = time.localtime(time.time() - off)
+-    date = time.strftime("%D/%Y", s).split("/")
+-    bootdate="%s/%s/%s" % (date[0], date[1], date[3])
+    bootdate = time.strftime("%x", s)
+     boottime = time.strftime("%X", s)
+     output = subprocess.Popen(["/sbin/ausearch", "-m", "AVC,USER_AVC,MAC_POLICY_LOAD,DAEMON_START,SELINUX_ERR", "-ts", bootdate, boottime],
+                               stdout=subprocess.PIPE).communicate()[0]
--- a/policycoreutils-setfsuid.patch
+++ b/policycoreutils-setfsuid.patch
@ -0,0 +1,111 @@
+--- policycoreutils-2.1.12/sandbox/seunshare.c	2012-07-04 13:35:21.000000000 +0200
+++ policycoreutils-2.1.13/sandbox/seunshare.c	2012-10-24 14:34:49.346593664 +0200
+@@ -31,6 +31,12 @@
+ #include <selinux/context.h>	/* for context-mangling functions */
+ #include <dirent.h>
+ 
+
+/*
+ * Note setfsuid never returns an error code.  But the compiler complains if 
+ * I do not check, so I am checking for -1, which should never happen.
+ */
+
+ #ifdef USE_NLS
+ #include <locale.h>		/* for setlocale() */
+ #include <libintl.h>		/* for gettext() */
+@@ -617,12 +623,15 @@
+ 	free(cmdbuf); cmdbuf = NULL;
+ 
+ 	/* remove runtime temporary directory */
+-	setfsuid(0);
+	if (setfsuid(0) < 0) 
+		rc++;
+
+ 	if (rmdir(tmpdir) == -1)
+ 		fprintf(stderr, _("Failed to remove directory %s: %s\n"), tmpdir, strerror(errno));
+-	setfsuid(pwd->pw_uid);
+	if (setfsuid(pwd->pw_uid) < 0) 
+		rc++;
+ 
+-	return 0;
+	return rc;
+ }
+ 
+ /**
+@@ -642,7 +651,9 @@
+ 
+ 	/* get selinux context */
+ 	if (execcon) {
+-		setfsuid(pwd->pw_uid);
+		if (setfsuid(pwd->pw_uid) < 0) 
+			goto err;
+
+ 		if ((fd_s = open(src, O_RDONLY)) < 0) {
+ 			fprintf(stderr, _("Failed to open directory %s: %s\n"), src, strerror(errno));
+ 			goto err;
+@@ -661,7 +672,8 @@
+ 		}
+ 
+ 		/* ok to not reach this if there is an error */
+-		setfsuid(0);
+		if (setfsuid(0) < 0) 
+			goto err;
+ 	}
+ 
+ 	if (asprintf(&tmpdir, "/tmp/.sandbox-%s-XXXXXX", pwd->pw_name) == -1) {
+@@ -716,14 +728,16 @@
+ 		}
+ 	}
+ 
+-	setfsuid(pwd->pw_uid);
+	if (setfsuid(pwd->pw_uid) < 0) 
+		goto err;
+ 
+ 	if (rsynccmd(src, tmpdir, &cmdbuf) < 0) {
+ 		goto err;
+ 	}
+ 
+ 	/* ok to not reach this if there is an error */
+-	setfsuid(0);
+	if (setfsuid(0) < 0) 
+		goto err;
+ 
+ 	if (cmdbuf && spawn_command(cmdbuf, pwd->pw_uid) != 0) {
+ 		fprintf(stderr, _("Failed to populate runtime temporary directory\n"));
+@@ -916,7 +930,8 @@
+ 	/* Changing fsuid is usually required when user-specified directory is
+ 	 * on an NFS mount.  It's also desired to avoid leaking info about
+ 	 * existence of the files not accessible to the user. */
+-	setfsuid(uid);
+	if (setfsuid(uid) < 0) 
+		return -1;
+ 
+ 	/* verify homedir and tmpdir */
+ 	if (homedir_s && (
+@@ -925,7 +940,7 @@
+ 	if (tmpdir_s && (
+ 		verify_directory(tmpdir_s, NULL, &st_tmpdir_s) < 0 ||
+ 		check_owner_uid(uid, tmpdir_s, &st_tmpdir_s))) return -1;
+-	setfsuid(0);
+	if (setfsuid(0) < 0) return -1;
+ 
+ 	/* create runtime tmpdir */
+ 	if (tmpdir_s && (tmpdir_r = create_tmpdir(tmpdir_s, &st_tmpdir_s,
+@@ -959,7 +974,7 @@
+ 		}
+ 
+ 		/* assume fsuid==ruid after this point */
+-		setfsuid(uid);
+		if (setfsuid(uid) < 0) goto childerr;
+ 
+ 		/* mount homedir and tmpdir, in this order */
+ 		if (homedir_s && seunshare_mount(homedir_s, pwd->pw_dir,
+@@ -1005,7 +1020,7 @@
+ 
+ 		/* selinux context */
+ 		if (execcon && setexeccon(execcon) != 0) {
+-			fprintf(stderr, _("Could not set exec context to %s.\n"), execcon);
+			fprintf(stderr, _("Could not set exec context to %s. %s\n"), execcon, strerror(errno));
+ 			goto childerr;
+ 		}
+ 
--- a/policycoreutils-templates.patch
+++ b/policycoreutils-templates.patch
@ -0,0 +1,31 @@
+--- policycoreutils-2.1.11/gui/templates/executable.py~	2012-07-03 14:59:45.654659236 +0200
+++ policycoreutils-2.1.11/gui/templates/executable.py	2012-07-03 15:02:44.226663311 +0200
+@@ -212,7 +212,7 @@
+ 
+ ########################################
+ ## <summary>
+-##	Transition to TEMPLATETYPE.
+##	Execute TEMPLATETYPE in the TEMPLATETYPE domain.
+ ## </summary>
+ ## <param name=\"domain\">
+ ## <summary>
+@@ -423,7 +423,7 @@
+ 	allow $2 system_r;
+ """
+ 
+-if_end_admin="""\
+if_end_admin="""
+ 	optional_policy(`
+ 		systemd_passwd_agent_exec($1)
+ 		systemd_read_fifo_file_passwd_run($1)
+--- policycoreutils-2.1.11/gui/templates/unit_file.py~	2012-07-03 15:03:15.089664014 +0200
+++ policycoreutils-2.1.11/gui/templates/unit_file.py	2012-07-03 15:03:50.931664833 +0200
+@@ -48,7 +48,7 @@
+ 	')
+ 
+ 	systemd_exec_systemctl($1)
+-        systemd_read_fifo_file_password_run($1)
+	systemd_read_fifo_file_password_run($1)
+ 	allow $1 TEMPLATETYPE_unit_file_t:file read_file_perms;
+ 	allow $1 TEMPLATETYPE_unit_file_t:service manage_service_perms;
+ 
--- a/policycoreutils.spec
+++ b/policycoreutils.spec
@ -1,13 +1,10 @@
 %define	libauditver	2.1.3-4
-%define libsepolver 	2.1.4-5
-%define	libsemanagever	2.1.5-1
-%define	libselinuxver	2.1.8-5
-%define	sepolgenver	1.1.5
+%define	sepolgenver	1.1.8

 Summary: SELinux policy core utilities
 Name:	 policycoreutils
-Version: 2.1.10
-Release: 21%{?dist}
+Version: 2.1.13
+Release: 27.3%{?dist}
 License: GPLv2
 Group:	 System Environment/Base
 # Based on git repository with tag 20101221
@ -19,14 +16,11 @@ Source3: system-config-selinux.desktop
 Source4: system-config-selinux.pam
 Source5: system-config-selinux.console
 Source6: selinux-polgengui.desktop
-Source7: selinux-polgengui.console
 Source8: policycoreutils_man_ru2.tar.bz2
-Source9: semanage-bash-completion.sh
 Source10: restorecond.service
 Patch:	 policycoreutils-rhat.patch
-Patch1:	 policycoreutils-po.patch
-Patch3:	 policycoreutils-gui.patch
-Patch4:	 policycoreutils-sepolgen.patch
+Patch1:	 policycoreutils-sepolgen.patch
+Patch2:	 policycoreutils-nosub.patch
 Obsoletes: policycoreutils < 2.0.61-2
 Conflicts: filesystem < 3
 Provides: /sbin/fixfiles
@ -36,12 +30,12 @@ Provides: /sbin/restorecon

 %global pkgpythondir  %{python_sitelib}/%{name}

-BuildRequires: pam-devel libcgroup-devel libsepol-static >= %{libsepolver} libsemanage-static >= %{libsemanagever} libselinux-devel >= %{libselinuxver}  libcap-devel audit-libs-devel >=  %{libauditver} gettext
+BuildRequires: pam-devel libcgroup-devel libsepol-static libsemanage-static libselinux-devel libcap-devel audit-libs-devel >=  %{libauditver} gettext
 BuildRequires: desktop-file-utils dbus-devel dbus-glib-devel
-BuildRequires: python-devel
+BuildRequires: python-devel setools-devel >= 3.3.7-14
 Requires: /bin/mount /bin/egrep /bin/awk /usr/bin/diff rpm /bin/sed
 BuildRequires:  systemd-units
-Requires: libsepol >= %{libsepolver} coreutils libselinux-utils >=  %{libselinuxver}
+Requires: coreutils libselinux-utils
 Requires(post): systemd-units systemd-sysv
 Requires(preun): systemd-units
 Requires(postun): systemd-units
@ -61,15 +55,13 @@ Control, and Multi-level Security.
 policycoreutils contains the policy core utilities that are required
 for basic operation of a SELinux system.  These utilities include
 load_policy to load policies, setfiles to label filesystems, newrole
-to switch roles, and run_init to run /etc/init.d scripts in the proper
-context.
+to switch roles.

 %prep
 %setup -q -a 1 
 %patch -p2 -b .rhat
-%patch1 -p1 -b .rhatpo
-%patch3 -p1 -b .gui
-%patch4 -p2 -b .sepolgen -d sepolgen-%{sepolgenver}
+%patch1 -p2 -b .sepolgen -d sepolgen-%{sepolgenver}
+%patch2 -p1 -b .nosub

 %build
 make LSPP_PRIV=y SBINDIR="%{_sbindir}" LIBDIR="%{_libdir}" CFLAGS="%{optflags} -fPIE" LDFLAGS="-pie -Wl,-z,relro" all 
@ -103,20 +95,20 @@ install -m 644 %{SOURCE2} %{buildroot}%{_datadir}/pixmaps
 install -m 644 %{SOURCE2} %{buildroot}%{_datadir}/icons/hicolor/24x24/apps
 install -m 644 %{SOURCE2} %{buildroot}%{_datadir}/system-config-selinux
 install -m 644 %{SOURCE4} %{buildroot}%{_sysconfdir}/pam.d/system-config-selinux
-install -m 644 %{SOURCE4} %{buildroot}%{_sysconfdir}/pam.d/selinux-polgengui
 install -m 644 %{SOURCE5} %{buildroot}%{_sysconfdir}/security/console.apps/system-config-selinux
 tar -jxf %{SOURCE8} -C %{buildroot}/
 rm -f %{buildroot}/usr/share/man/ru/man8/genhomedircon.8.gz
 rm -f %{buildroot}/usr/share/man/ru/man8/open_init_pty.8.gz
 rm -f %{buildroot}/usr/share/man/man8/open_init_pty.8
 rm -f %{buildroot}/usr/sbin/open_init_pty
+rm -f %{buildroot}/usr/sbin/run_init
+rm -f %{buildroot}/usr/share/man/ru/man8/run_init.8*
+rm -f %{buildroot}/usr/share/man/man8/run_init.8*
+rm -f %{buildroot}/etc/pam.d/run_init*

 ln -sf consolehelper %{buildroot}%{_bindir}/system-config-selinux
 ln -sf /usr/share/system-config-selinux/polgengui.py %{buildroot}%{_bindir}/selinux-polgengui

-%{__mkdir} -p %{buildroot}%{_sysconfdir}/bash_completion.d/
-install -m 755 %{SOURCE9} %{buildroot}%{_sysconfdir}/bash_completion.d/
-
 desktop-file-install	--vendor fedora \
 			--dir ${RPM_BUILD_ROOT}%{_datadir}/applications	\
 			--add-category Settings				\
@ -138,6 +130,7 @@ Requires(pre): python >= 2.6
 Obsoletes: policycoreutils < 2.0.61-2
 Requires: setools-libs-python >= 3.3.7-14
 Requires: python-IPy checkpolicy
+Requires: selinux-policy-devel

 %description python
 The policycoreutils-python package contains the management tools use to manage an SELinux environment.
@ -149,11 +142,15 @@ The policycoreutils-python package contains the management tools use to manage a
 %{_bindir}/audit2why
 %{_bindir}/chcat
 %{_bindir}/sandbox
+%{_bindir}/sepolgen
+%{_bindir}/sepolicy
 %{_bindir}/sepolgen-ifgen
 %{_bindir}/sepolgen-ifgen-attr-helper
 %{python_sitelib}/seobject.py*
 %{python_sitelib}/sepolgen
+%{python_sitelib}/sepolicy
 %{python_sitelib}/%{name}*.egg-info
+%{python_sitelib}/sepolicy*.egg-info
 %{pkgpythondir}
 %dir  /var/lib/sepolgen
 %dir  /var/lib/selinux
@ -165,9 +162,12 @@ The policycoreutils-python package contains the management tools use to manage a
 %{_mandir}/ru/man8/chcat.8*
 %{_mandir}/man8/sandbox.8*
 %{_mandir}/man8/semanage.8*
+%{_mandir}/man8/sepolicy*.8*
 %{_mandir}/ru/man8/semanage.8*
 %dir %{_sysconfdir}/bash_completion.d
 %{_sysconfdir}/bash_completion.d/semanage-bash-completion.sh
+%{_sysconfdir}/bash_completion.d/sepolicy-bash-completion.sh
+%{_sysconfdir}/bash_completion.d/setsebool-bash-completion.sh

 %post python
 selinuxenabled && [ -f /usr/share/selinux/devel/include/build.conf ] && /usr/bin/sepolgen-ifgen 2>/dev/null 
@ -194,20 +194,10 @@ The policycoreutils-sandbox package contains the scripts to create graphical san
 %{_mandir}/man8/seunshare.8*
 %{_mandir}/man5/sandbox.5*

-%triggerin python -- selinux-policy
+%triggerin python -- selinux-policy-devel
 selinuxenabled && [ -f /usr/share/selinux/devel/include/build.conf ] && /usr/bin/sepolgen-ifgen 2>/dev/null
 exit 0

-%post sandbox
-if [ $1 -eq 1 ]; then
-   /sbin/chkconfig sandbox --add
-fi
-
-%preun sandbox
-if [ $1 -eq 0 ]; then
-   /sbin/chkconfig sandbox --del
-fi
-
 %package newrole
 Summary: The newrole application for RBAC/MLS 
 Group: System Environment/Base
@ -229,9 +219,8 @@ Summary: SELinux configuration GUI
 Group: System Environment/Base
 Requires: policycoreutils-python = %{version}-%{release} 
 Requires: gnome-python2-gnome, pygtk2, pygtk2-libglade, gnome-python2-canvas
-Requires: usermode-gtk pywebkitgtk
-Requires: setools-console
-Requires: selinux-policy
+Requires: usermode-gtk
+Requires: selinux-policy-doc
 Requires: python >= 2.6
 BuildRequires: desktop-file-utils

@ -242,20 +231,15 @@ system-config-selinux is a utility for managing the SELinux environment
 %defattr(-,root,root)
 %{_bindir}/system-config-selinux
 %{_bindir}/selinux-polgengui
-%{_bindir}/sepolgen
 %{_datadir}/applications/fedora-system-config-selinux.desktop
 %{_datadir}/applications/fedora-selinux-polgengui.desktop
 %{_datadir}/icons/hicolor/24x24/apps/system-config-selinux.png
 %{_datadir}/pixmaps/system-config-selinux.png
 %dir %{_datadir}/system-config-selinux
-%dir %{_datadir}/system-config-selinux/templates
 %{_datadir}/system-config-selinux/system-config-selinux.png
 %{_datadir}/system-config-selinux/*.py*
-%{_datadir}/system-config-selinux/selinux.tbl
 %{_datadir}/system-config-selinux/*.glade
-%{_datadir}/system-config-selinux/templates/*.py*
 %config(noreplace) %{_sysconfdir}/pam.d/system-config-selinux
-%config(noreplace) %{_sysconfdir}/pam.d/selinux-polgengui
 %config(noreplace) %{_sysconfdir}/security/console.apps/system-config-selinux

 %clean
@ -271,15 +255,12 @@ rm -rf %{buildroot}
 %{_sbindir}/setsebool
 %{_sbindir}/semodule
 %{_sbindir}/sestatus
-%{_sbindir}/run_init
-%{_sbindir}/restorecon
 %{_bindir}/secon
 %{_bindir}/semodule_deps
 %{_bindir}/semodule_expand
 %{_bindir}/semodule_link
 %{_bindir}/semodule_package
 %{_bindir}/semodule_unpackage
-%config(noreplace) %{_sysconfdir}/pam.d/run_init
 %config(noreplace) %{_sysconfdir}/sestatus.conf
 # selinux-policy Requires: policycoreutils, so we own this set of directories and our files within them
 %{_mandir}/man5/selinux_config.5.gz
@ -290,8 +271,6 @@ rm -rf %{buildroot}
 %{_mandir}/ru/man8/load_policy.8*
 %{_mandir}/man8/restorecon.8*
 %{_mandir}/ru/man8/restorecon.8*
-%{_mandir}/man8/run_init.8*
-%{_mandir}/ru/man8/run_init.8*
 %{_mandir}/man8/semodule.8*
 %{_mandir}/ru/man8/semodule.8*
 %{_mandir}/man8/semodule_deps.8*
@ -334,19 +313,19 @@ The policycoreutils-restorecond package contains the restorecond service.

 %post restorecond
 if [ $1 -eq 1 ] ; then
-   /usr/bin/systemctl daemon-reload >/dev/null 2>&1 || :
+    /bin/systemctl daemon-reload >/dev/null 2>&1 || :
 fi

 %preun restorecond
 if [ $1 = 0 ]; then
-   /usr/bin/systemctl --no-reload restorecond.service > /dev/null 2>&1 || :
-  /usr/bin/systemctl stop restorecond.service > /dev/null 2>&1 || :
+  /bin/systemctl --no-reload restorecond.service > /dev/null 2>&1 || :
+  /bin/systemctl stop restorecond.service > /dev/null 2>&1 || :
 fi

 %postun restorecond
-/usr/bin/systemctl daemon-reload >/dev/null 2>&1 || :
+/bin/systemctl daemon-reload >/dev/null 2>&1 || :
 if [ $1 -ge 1 ] ; then
-    /usr/bin/systemctl try-restart restorecond.service >/dev/null 2>&1 || :
+    /bin/systemctl try-restart restorecond.service >/dev/null 2>&1 || :
 fi

 %triggerun -- restorecond < 2.0.86-13
@ -356,6 +335,299 @@ fi
 %{_bindir}/systemctl try-restart restorecond.service >/dev/null 2>&1 || :

 %changelog
+* Thu Jan 24 2013 Dan Walsh <dwalsh@redhat.com> - 2.1.12-27.2
+- Fix post install scripts to not use systemd macros
+
+* Wed Nov 7 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.12-27.1
+- Fix audit2allow -b to work in all timezones
+
+* Wed Nov 7 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.12-27
+- Only report restorecon warning for missing default label, if not running
+recusively
+- Update translations
+
+* Mon Nov 5 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.12-26
+- Fix semanage booleans -l, move more boolean_dict handling into sepolicy
+- Update translations
+- Fixup sepolicy generate to discover /var/log, /var/run and /var/lib directories if they match the name
+- Fix kill function call should indicate signal_perms not kill capability
+- Error out cleanly in system-config-selinux, if it can not contact XServer
+
+* Mon Nov 5 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.12-25
+- Remove run_init, no longer needed with systemd.
+- Fix sepolicy generate to not include subdirs in generated fcontext file.  (mgrepl patch)
+
+* Sat Nov 3 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.12-24
+- Fix manpage to generate proper man pages for alternate policy,  
+basically allow me to build RHEL6 man pages on a Fedora 18 box, as long as 
+I pull the policy, policy.xml and file_contexts and file_contexts.homedir
+
+* Thu Nov 1 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.12-23
+- Fix some build problems in sepolicy manpage and sepolicy transition
+
+* Tue Oct 30 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.12-22
+- Add alias man pages to sepolicy manpage
+
+* Mon Oct 29 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.12-21
+- Redesign sepolicy to only read the policy file once, not for every call
+
+* Mon Oct 29 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.12-20
+- Fixes to sepolicy transition, allow it to list all transitions from a domain
+
+* Sat Oct 27 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.12-19
+- Change sepolicy python bindings to have python pick policy file, fixes weird memory problems in sepolicy network
+
+* Fri Oct 26 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.12-18
+- Allow sepolicy to specify the policy to generate content from
+
+* Thu Oct 25 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.12-17
+- Fix semanage boolean -F to handle boolean subs
+
+* Thu Oct 25 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.12-16
+- Add Miroslav Grepl patch to generate html man pages
+- Update Translations
+- Add option to sandbox to shred files before deleting
+
+* Mon Oct 22 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.12-15
+- Add Requires(post) PKGNAME to sepolicy generate /usr/bin/pkg
+
+* Fri Oct 19 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.12-14
+- Add role_allow to sepolicy.search python bindings, this allows us to remove last requirement for setools-cmdline in gui tools.
+- Fix man page generator.
+
+* Wed Oct 17 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.12-13
+- Remove dwalsh@redhat.com from man pages
+- Fix spec file for sepolicy generate
+
+* Wed Oct 17 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.12-12
+- Add missing spec.py from templates directory needed for sepolicy generate
+- Add /var/tmp as collection point for sandbox apps.
+
+* Tue Oct 16 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.12-11
+- Handle audit2allow -b in foreign locales
+
+* Tue Oct 16 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.12-10
+- Update sepolicy generate with patch to create spec file and man page.
+- Patch initiated by Miroslav Grepl
+
+* Wed Oct 10 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.12-9
+- Fix semanage to verify that types are appropriate for commands. 
+  * Patch initiated by mgrepl
+  * Fixes problem of specifying non file_types for fcontext, or not port_types for semanage port
+
+* Tue Oct 9 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.12-8
+- Fix typo in preunstall line for restorecond
+- Add mgrepl patch to consolidate file context generated by sepolicy generate
+
+* Mon Oct 8 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.12-7
+- Fix manpage generation, missing import
+- Add equiv_dict to get samba booleans into smbd_selinux
+- Add proper translations for booleans and remove selinux.tbl
+
+* Sat Oct 6 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.12-6
+- Fix system-config-selinux to use sepolicy.generate instead of sepolgen
+
+* Thu Oct 4 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.12-5
+- Add sepolicy commands, and change tools to use them.
+
+* Tue Sep 25 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.12-4
+- Rebuild without bogus prebuild 64 bit seunshare app
+
+* Mon Sep 16 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.12-3
+- Allow fixfiles to specify -v, so they can get verbosity rather then progress.
+- Fix load_file Makefile to use SBINDIR rather then real OS.
+- Fix man pages in setfiles and restorecon to reflect what happens when you relabel the entire OS.
+
+* Mon Sep 16 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.12-2
+- Use systemd post install scriptlets
+
+* Thu Sep 13 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.12-1
+- Update to upstream 
+	* genhomedircon: manual page improvements
+	* setfiles/restorecon minor improvements
+	* run_init: If open_init_pty is not available then just use exec
+	* newrole: do not drop capabilities when newrole is run as
+	* restorecon: only update type by default
+	* scripts: Don't syslog setfiles changes on a fixfiles restore
+	* setfiles: do not syslog if no changes
+	* Disable user restorecond by default
+	* Make restorecon return 0 when a file has changed context
+	* setfiles: Fix process_glob error handling
+	* semanage: allow enable/disable under -m
+	* add .tx to gitignore
+	* translations: commit translations from Fedora community
+	* po: silence build process
+	* gui: Checking in policy to support polgengui and sepolgen.
+	* gui: polgen: search for systemd subpackage when generating policy
+	* gui: for exploring booleans
+	* gui: system-config-selinux gui
+	* Add Makefiles to support new gui code
+	* gui: remove lockdown wizard
+	* return equivalency records in fcontext customized
+	* semanage: option to not load new policy into kernel after
+	* sandbox: manpage update to describe standard types
+	* setsebool: -N should not reload policy on changes
+	* semodule: Add -N qualifier to no reload kernel policy
+	* gui: polgen: sort selinux types of user controls
+	* gui: polgen: follow symlinks and get the real path to
+	* gui: Fix missing error function
+	* setfiles: return errors when bad paths are given
+	* fixfiles: tell restorecon to ignore missing paths
+	* setsebool: error when setting multiple options
+	* semanage: use boolean subs.
+	* sandbox: Make sure Xephyr never listens on tcp ports
+	* sepolgen: return and output constraint violation information
+	* semanage: skip comments while reading external configuration files
+	* restorecond: relabel all mount runtime files in the restorecond example
+	* genhomedircon: dynamically create genhomedircon
+	* Allow returning of bastard matches
+	* sepolgen: return and output constraint violation information
+	* audit2allow: one role/type pair per line
+
+* Wed Aug 8 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.11-6
+- Change polgen to generate dbus apps as optional so they can compile on minimal policy system, patch from Miroslav Grepl
+
+* Fri Jul 27 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.11-5
+- Fix sepolgen/audit2allow to handle multiple role/types in avc messages properly
+
+* Thu Jul 19 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.11-4
+- Fix restorecon to generate a better percentage of completion on restorecon -R /.
+- Have audit2allow look at the constaint violation and tell the user whether it 
+- is because of user,role or level
+
+
+* Wed Jul 11 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.11-3
+- userapps is generating sandbox code in polgengui
+
+* Thu Jul 5 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.11-2
+- Remove load_policy symbolic link on usrmove systems this breaks the system
+
+* Wed Jul 4 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.11-1
+- Update to upstream 
+  - policycoreutils
+	* restorecond: wrong options should exit with non-zero error code
+	* restorecond: Add -h option to get usage command
+	* resorecond: user: fix fd leak
+	* mcstrans: add -f to run in foreground
+	* semanage: fix man page range and level defaults
+	* semanage: bash completion for modules should include -a,-m, -d
+	* semanage: manpage update for -e
+	* semanage: dontaudit off should work
+	* semanage: locallist option does not take an argument
+	* sepolgen: Make use of setools optional within sepolgen
+   - sepolgen
+	* Make use of setools optional within sepolgen
+	* We need to support files that have a + in them
+
+* Thu May 24 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.11-18
+- Make restorecon exit with an error on a bad path
+
+* Thu May 24 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.11-17
+- Fix setsebool command, handling of = broken.
+- Add missing error option in booleansPage
+
+* Sun May 20 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.11-16
+- Fix sepolgen to use realpath on executables handed to it. - Brian Bickford
+
+* Fri May 18 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.11-15
+- Allow stream sock_files to be stored in /tmp and etc_rw_t directories by sepolgen
+- Trigger on selinux-policy needs to change to selinux-policy-devel
+- Update translations
+- Fix semanage dontaudit off/on exception
+
+* Tue May 8 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.11-12
+- Add -N qualifier to semanage, setsebool and semodule to allow you to update 
+- policy without reloading it into the kernel.
+
+* Thu May 3 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.11-11
+- add some definition to the standard types available for sandboxes
+
+* Mon May 1 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.11-10
+- Remove lockdown wizard
+
+* Mon Apr 30 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.11-9
+- Fix semanage fcontext -E to extract the equivalance customizations.
+
+* Tue Apr 26 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.11-8
+- Add mgrepl patch to have sepolgen search for -systemd rpm packages
+
+* Tue Apr 24 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.11-7
+- Apply Stef Walter patch for semanage man page
+
+* Mon Apr 23 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.11-6
+- Rebuild to get latest libsepol which fixes the file_name transition problems
+- Update translations
+- Fix calls to close fd for restorecond
+
+* Fri Apr 13 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.11-5
+- Update translations
+- Fix sepolgen to discover unit files in /lib/systemd/
+
+* Tue Apr 3 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.11-4
+- Update translations
+- Fix segfault on restorecon
+
+* Tue Apr 3 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.11-3
+- Allow filename transitions to use + in a file name
+
+* Fri Mar 30 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.11-2
+- Change policycoreutils-python to require selinux-policy-devel package
+
+* Thu Mar 29 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.11-1
+- Update to upstream 
+  - policycoreutils
+	* sandbox: do not propogate inside mounts outside
+	* sandbox: Removing sandbox init script, should no longer be necessary
+	* restorecond: Stop using deprecated interfaces for g_io
+	* semanage: proper auditting of user changes for LSPP
+	* semanage: audit message to show what record(s) and item(s) have chaged
+	* scripts: Update Makefiles to handle /usrmove
+	* mcstrans: Version should have been bumped on last check in
+	* seunshare: Only drop caps not the Bounding Set from seunshare
+	* Add bash-completion scripts for setsebool and semanage
+	* newrole: Use correct capng calls in newrole
+	* Fix infinite loop with inotify on 2.6.31 kernels
+	* fix ftbfs with hardening flags
+	* Only run setfiles if we found read-write filesystems to run it on
+	* update .po files
+	* remove empty po files
+	* do not fail to install if unable to make load_policy lnk file
+
+   - sepolgen
+	* Fix dead links to www.nsa.gov/selinux
+	* audit.py Dont crash if empty data is passed to sepolgen
+	* do not use md5 when calculating hash signatures
+	* fix detection of policy loads
+
+* Wed Mar 28 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.10-30
+- Have sepolgen script specify the pp file with the make command.  From mgrepl.
+
+* Wed Mar 21 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.10-29
+- Fix sepolgen handling of unit files.
+
+* Thu Mar 8 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.10-28
+- Require selinux-policy-doc
+
+* Thu Mar 8 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.10-27
+- Fix unit file handling in sepolgen
+
+* Wed Feb 29 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.10-26
+- Add bash_command completion for setsebool/getsebool
+
+* Mon Feb 27 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.10-25
+- Disable restorecond on desktop by default
+- Change seunshare to not modify the bounding set
+
+* Mon Feb 20 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.10-24
+- Stop using sandbox init in post install since it no longer exists.
+
+* Thu Feb 16 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.10-23
+- Change to use new selinux_current_policy_path()
+
+* Wed Feb 15 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.10-22
+- Change to use new selinux_binary_policy_path()
+- Add systemd_passwd_agent_exec($1), and systemd_read_fifo_file_passwd_run($1) to templates for _admin interface
+
 * Fri Feb 3 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.10-21
 - On full relabels we will now show a estimated percent complete rather then 
 just *s.
--- a/selinux-polgengui.desktop
+++ b/selinux-polgengui.desktop
@ -64,3 +64,4 @@ Type=Application
 Terminal=false
 Categories=System;Security;
 X-Desktop-File-Install-Version=0.2
+Keywords=policy;security;selinux;avc;permission;mac;
--- a/4
+++ b/4
@ -1,3 +1,3 @@
 59d33101d57378ce69889cc078addf90  policycoreutils_man_ru2.tar.bz2
-86d10b576c95d220bd2e27cc387e67da  policycoreutils-2.1.10.tgz
-34b1f6599517f80c9b7cfa2dc22826db  sepolgen-1.1.5.tgz
+381607ecf76bcb9397286143c93071cb  sepolgen-1.1.8.tgz
+98f13937f6723d7eb85b3adaf6b477e6  policycoreutils-2.1.13.tgz
--- a/system-config-selinux.desktop
+++ b/system-config-selinux.desktop
@ -64,3 +64,4 @@ Type=Application
 Terminal=false
 Categories=System;Security;
 X-Desktop-File-Install-Version=0.2
+Keywords=policy;security;selinux;avc;permission;mac;
Author	SHA1	Message	Date
Dan Walsh	4fe8139010	Fix post install scripts to not use systemd macros	2013-02-08 13:32:54 -05:00
Dan Walsh	93c78bf904	Fix post install scripts to not use systemd macros	2013-01-24 17:39:07 -05:00
Dan Walsh	1898c6355b	Fix post install scripts to not use systemd macros	2013-01-24 17:38:29 -05:00
Dan Walsh	42d4d3b08c	Fix audit2allow -b to work in all timezones	2012-12-17 15:34:20 -05:00
Dan Walsh	f3e0d7cac1	Only report restorecon warning for missing default label, if not running recusively - Update translations	2012-11-07 16:32:05 -05:00
rhatdan	1063cbdf9d	Remove accidently back ported boolean_subs calls	2012-10-26 14:24:28 -04:00
rhatdan	98eaf65163	Merge branch 'f17' of ssh://pkgs.fedoraproject.org/policycoreutils into f17	2012-10-26 14:23:12 -04:00
rhatdan	5c7a0bffef	Remove accidently back ported boolean_subs calls	2012-10-26 14:22:46 -04:00
Miroslav Grepl	d6d5e59c6d	Add policycoreutils-setfsuid.patch	2012-10-24 14:48:36 +02:00
rhatdan	55176e973a	Handle audit2allow -b in foreign locales	2012-10-16 15:20:50 -04:00
Dan Walsh	31d136f0c8	userapps is generating sandbox code in polgengui	2012-07-11 13:24:17 -04:00
Dan Walsh	04506bbd4a	userapps is generating sandbox code in polgengui	2012-07-11 11:40:50 -04:00
Dan Walsh	2c71ea7ca5	userapps is generating sandbox code in polgengui	2012-07-11 11:39:28 -04:00
Miroslav Grepl	235c664466	* Tue Jul 3 2012 Miroslav Grepl <mgrepl@redhat.com> - 2.1.11-19.2 - Fix polgen templates to get the correct interface description	2012-07-03 16:23:43 +02:00
Miroslav Grepl	849d1a0185	+* Fri Jun 29 2012 Miroslav Grepl <mgrepl@redhat.com> - 2.1.11-19.1 +- Fix semanage and handling of reload variable	2012-06-29 12:57:53 +02:00
Dan Walsh	b3b46a612c	Fixfiles needs to tell restorecon to ignore missing files - Update translations	2012-05-29 09:36:57 -04:00
Dan Walsh	cca543296e	Make restorecon exit with an error on a bad path	2012-05-24 11:41:02 -04:00
Dan Walsh	5f9de81a61	Fix setsebool command, handling of = broken. - Add missing error option in booleansPage	2012-05-24 08:55:13 -04:00
Dan Walsh	e0bcbf6793	Fix sepolgen to use realpath on executables handed to it. - Brian Bickford	2012-05-24 08:54:12 -04:00
Dan Walsh	64f47b2ef0	Fix sepolgen to use realpath on executables handed to it. - Brian Bickford	2012-05-20 06:38:53 -04:00
Dan Walsh	93276dba0a	Allow stream sock_files to be stored in /tmp and etc_rw_t directories by sepolgen - Trigger on selinux-policy needs to change to selinux-policy-devel - Update translations - Fix semanage dontaudit off/on exception	2012-05-18 11:43:21 -04:00
Dan Walsh	468db64317	Trigger on selinux-policy needs to change to selinux-policy-devel	2012-05-18 11:14:06 -04:00
Dan Walsh	dfb2f0d2c2	Update translations - Fix semanage dontaudit off/on exception	2012-05-18 09:57:44 -04:00
Dan Walsh	9f88a0acb3	Fix semanage fcontext -E to extract the equivalance customizations.	2012-04-30 15:19:26 -04:00
Dan Walsh	c8276ae4f1	Rebuild to get latest libsepol which fixes the file_name transition problems	2012-04-23 17:00:00 -04:00
Dan Walsh	45edf10943	Update translations - Fix sepolgen to discover unit files in /lib/systemd/	2012-04-13 11:09:43 -04:00
Dan Walsh	1ff7f2bd1c	Update translations - Fix sepolgen to discover unit files in /lib/systemd/	2012-04-13 10:55:17 -04:00
Dan Walsh	f63a1684d9	Change policycoreutils-python to require selinux-policy-devel package	2012-03-30 15:40:09 -04:00
Dan Walsh	1976dcee6a	Have sepolgen script specify the pp file with the make command. From mgrepl.	2012-03-28 08:12:53 -04:00
Dan Walsh	354dee2a71	Fix sepolgen handling of unit files.	2012-03-21 10:27:58 -04:00
Dan Walsh	4872b3ca72	Require selinux-policy-doc	2012-03-08 16:49:05 -05:00
Dan Walsh	0e3efcdc53	Fix unit file handling in sepolgen	2012-03-08 15:03:30 -05:00
Dan Walsh	68192df099	Add bash_command completion for setsebool/getsebool	2012-02-29 14:03:06 -05:00
Dan Walsh	57f2f1bc45	Add bash_command completion for setsebool/getsebool	2012-02-29 13:39:39 -05:00
Dan Walsh	78a847dc43	Disable restorecond on desktop by default - Change seunshare to not modify the bounding set	2012-02-27 12:11:02 -05:00
Dan Walsh	2c95861ef0	Stop using sandbox init in post install since it no longer exists.	2012-02-20 14:00:43 -05:00
Dan Walsh	51b0ee258d	Change to use new selinux_current_policy_path()	2012-02-17 16:30:17 -05:00
Dan Walsh	1cc037b422	Add more systemdctl support into sepolgen	2012-02-15 10:42:33 -05:00