- Add reference to selinux man page in all man pages to make apropos work

Resolves: # 217881

libselinux-rhat.patch

@@ -1,338 +1,555 @@
-Binary files nsalibselinux/debugsources.list and libselinux-1.33.3/debugsources.list differ
+diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/avc_add_callback.3 libselinux-1.33.4/man/man3/avc_add_callback.3
-diff --exclude-from=exclude -N -u -r nsalibselinux/include/selinux/selinux.h libselinux-1.33.3/include/selinux/selinux.h
+--- nsalibselinux/man/man3/avc_add_callback.3	2006-11-16 17:15:30.000000000 -0500
---- nsalibselinux/include/selinux/selinux.h	2006-11-16 17:15:18.000000000 -0500
++++ libselinux-1.33.4/man/man3/avc_add_callback.3	2007-01-12 10:52:13.000000000 -0500
-+++ libselinux-1.33.3/include/selinux/selinux.h	2007-01-09 09:49:51.000000000 -0500
+@@ -3,7 +3,7 @@
-@@ -406,6 +406,7 @@
+ .\" Author: Eamon Walsh (ewalsh@epoch.ncsc.mil) 2004
- 	extern const char *selinux_homedir_context_path(void);
+ .TH "avc_add_callback" "3" "9 June 2004" "" "SE Linux API documentation"
- 	extern const char *selinux_media_context_path(void);
+ .SH "NAME"
- 	extern const char *selinux_contexts_path(void);
+-avc_add_callback \- additional event notification for userspace object managers.
-+	extern const char *selinux_securetty_context_path(void);
++avc_add_callback \- additional event notification for SELinux userspace object managers.
- 	extern const char *selinux_booleans_path(void);
+ .SH "SYNOPSIS"
- 	extern const char *selinux_customizable_types_path(void);
+ .B #include <selinux/selinux.h>
- 	extern const char *selinux_users_path(void);
+ .br
-@@ -413,12 +414,15 @@
+@@ -181,3 +181,4 @@
- 	extern const char *selinux_translations_path(void);
+ .BR avc_context_to_sid (3),
- 	extern const char *selinux_netfilter_context_path(void);
+ .BR avc_cache_stats (3),
- 	extern const char *selinux_path(void);
+ .BR security_compute_av (3)
--
++.BR selinux (8)
- /* Check a permission in the passwd class.
+diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/avc_cache_stats.3 libselinux-1.33.4/man/man3/avc_cache_stats.3
-    Return 0 if granted or -1 otherwise. */
+--- nsalibselinux/man/man3/avc_cache_stats.3	2006-11-16 17:15:30.000000000 -0500
- 	extern int selinux_check_passwd_access(access_vector_t requested);
++++ libselinux-1.33.4/man/man3/avc_cache_stats.3	2007-01-12 10:52:01.000000000 -0500
- 	extern int checkPasswdAccess(access_vector_t requested);
+@@ -3,7 +3,7 @@
+ .\" Author: Eamon Walsh (ewalsh@epoch.ncsc.mil) 2004
+ .TH "avc_cache_stats" "3" "27 May 2004" "" "SE Linux API documentation"
+ .SH "NAME"
+-avc_cache_stats, avc_av_stats, avc_sid_stats \- obtain userspace AVC statistics.
++avc_cache_stats, avc_av_stats, avc_sid_stats \- obtain userspace SELinux AVC statistics.
+ .SH "SYNOPSIS"
+ .B #include <selinux/selinux.h>
+ .br
+@@ -96,3 +96,4 @@
+ .BR avc_has_perm (3),
+ .BR avc_context_to_sid (3),
+ .BR avc_add_callback (3)
++.BR selinux (8)
+diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/avc_context_to_sid.3 libselinux-1.33.4/man/man3/avc_context_to_sid.3
+--- nsalibselinux/man/man3/avc_context_to_sid.3	2006-11-16 17:15:30.000000000 -0500
++++ libselinux-1.33.4/man/man3/avc_context_to_sid.3	2007-01-12 10:51:53.000000000 -0500
+@@ -3,7 +3,7 @@
+ .\" Author: Eamon Walsh (ewalsh@epoch.ncsc.mil) 2004
+ .TH "avc_context_to_sid" "3" "27 May 2004" "" "SE Linux API documentation"
+ .SH "NAME"
+-avc_context_to_sid, avc_sid_to_context, sidput, sidget \- obtain and manipulate security ID's.
++avc_context_to_sid, avc_sid_to_context, sidput, sidget \- obtain and manipulate SELinux security ID's.
+ .SH "SYNOPSIS"
+ .B #include <selinux/selinux.h>
+ .br
+@@ -88,3 +88,4 @@
+ .BR avc_add_callback (3),
+ .BR getcon (3),
+ .BR freecon (3)
++.BR selinux (8)
+diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/avc_has_perm.3 libselinux-1.33.4/man/man3/avc_has_perm.3
+--- nsalibselinux/man/man3/avc_has_perm.3	2006-11-16 17:15:30.000000000 -0500
++++ libselinux-1.33.4/man/man3/avc_has_perm.3	2007-01-12 10:16:17.000000000 -0500
+@@ -152,3 +152,4 @@
+ .BR avc_cache_stats (3),
+ .BR avc_add_callback (3),
+ .BR security_compute_av (3)
++.BR selinux(8)
+diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/avc_init.3 libselinux-1.33.4/man/man3/avc_init.3
+--- nsalibselinux/man/man3/avc_init.3	2006-11-16 17:15:30.000000000 -0500
++++ libselinux-1.33.4/man/man3/avc_init.3	2007-01-12 10:51:40.000000000 -0500
+@@ -3,7 +3,7 @@
+ .\" Author: Eamon Walsh (ewalsh@epoch.ncsc.mil) 2004
+ .TH "avc_init" "3" "27 May 2004" "" "SE Linux API documentation"
+ .SH "NAME"
+-avc_init, avc_destroy, avc_reset, avc_cleanup \- userspace AVC setup and teardown.
++avc_init, avc_destroy, avc_reset, avc_cleanup \- userspace SELinux AVC setup and teardown.
+ .SH "SYNOPSIS"
+ .B #include <selinux/selinux.h>
+ .br
+@@ -209,3 +209,5 @@
+ .BR avc_cache_stats (3),
+ .BR avc_add_callback (3),
+ .BR security_compute_av (3)
++.BR selinux (8)
++
+diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/context_new.3 libselinux-1.33.4/man/man3/context_new.3
+--- nsalibselinux/man/man3/context_new.3	2006-11-16 17:15:30.000000000 -0500
++++ libselinux-1.33.4/man/man3/context_new.3	2007-01-12 10:15:43.000000000 -0500
+@@ -56,3 +56,6 @@
+ On success, zero is returned. On failure, -1 is returned and errno is
+ set appropriately.
  
-+/* Check if the tty_context is defined as a securetty
++.SH "SEE ALSO"
-+   Return 1 if secure, 0 if not, or -1 if otherwise. */
++.BR selinux "(8)"
-+	extern int selinux_check_securetty_context(security_context_t
++
-+						   tty_context);
+diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/freecon.3 libselinux-1.33.4/man/man3/freecon.3
- /* Set the path to the selinuxfs mount point explicitly.
+--- nsalibselinux/man/man3/freecon.3	2006-11-16 17:15:30.000000000 -0500
-    Normally, this is determined automatically during libselinux 
++++ libselinux-1.33.4/man/man3/freecon.3	2007-01-12 10:51:18.000000000 -0500
-    initialization, but this is not always possible, e.g. for /sbin/init
+@@ -1,6 +1,6 @@
-diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/selinux_binary_policy_path.3 libselinux-1.33.3/man/man3/selinux_binary_policy_path.3
+ .TH "freecon" "3" "1 January 2004" "russell@coker.com.au" "SE Linux API documentation"
---- nsalibselinux/man/man3/selinux_binary_policy_path.3	2006-11-16 17:15:30.000000000 -0500
+ .SH "NAME"
-+++ libselinux-1.33.3/man/man3/selinux_binary_policy_path.3	2007-01-09 09:49:51.000000000 -0500
+-freecon, freeconary \- free memory associated with SE Linux security contexts.
-@@ -27,6 +27,8 @@
++freecon, freeconary \- free memory associated with SELinux security contexts.
- .br
+ .SH "SYNOPSIS"
- extern const char *selinux_media_context_path(void);
+ .B #include <selinux/selinux.h>
- .br
-+extern const char *selinux_securetty_context_path(void);
-+.br
- extern const char *selinux_contexts_path(void);
- .br
- extern const char *selinux_booleans_path(void);
-@@ -56,6 +58,8 @@
  .sp
- selinux_contexts_path() - directory containing all of the context configuration files
+@@ -14,3 +14,7 @@
- .sp
-+selinux_securetty_context_path() - defines terminal contexts for securetty
-+.sp
- selinux_booleans_path() - initial policy boolean settings
  
+ .B freeconary
+ frees the memory allocated for a context array.
++
++.SH "SEE ALSO"
++.BR selinux "(8)"
++
+diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/getcon.3 libselinux-1.33.4/man/man3/getcon.3
+--- nsalibselinux/man/man3/getcon.3	2006-11-16 17:15:30.000000000 -0500
++++ libselinux-1.33.4/man/man3/getcon.3	2007-01-12 10:51:12.000000000 -0500
+@@ -1,6 +1,6 @@
+ .TH "getcon" "3" "1 January 2004" "russell@coker.com.au" "SE Linux API documentation"
+ .SH "NAME"
+-getcon, getprevcon, getpidcon \- get SE Linux security context of a process.
++getcon, getprevcon, getpidcon \- get SELinux security context of a process.
+ .br
+ getpeercon - get security context of a peer socket.
+ .br
+@@ -59,4 +59,4 @@
+ On error -1 is returned.  On success 0 is returned.
+ 
+ .SH "SEE ALSO"
+-.BR freecon "(3), " setexeccon "(3)"
++.BR selinux "(8), " freecon "(3), " setexeccon "(3)"
+diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/getexeccon.3 libselinux-1.33.4/man/man3/getexeccon.3
+--- nsalibselinux/man/man3/getexeccon.3	2006-11-16 17:15:30.000000000 -0500
++++ libselinux-1.33.4/man/man3/getexeccon.3	2007-01-12 10:51:04.000000000 -0500
+@@ -1,6 +1,6 @@
+ .TH "getexeccon" "3" "1 January 2004" "russell@coker.com.au" "SE Linux API documentation"
+ .SH "NAME"
+-getexeccon, setexeccon \- get or set the SE Linux security context used for executing a new process.
++getexeccon, setexeccon \- get or set the SELinux security context used for executing a new process.
+ .br
+ rpm_execcon \- run a helper for rpm in an appropriate security context
+ 
+@@ -55,6 +55,6 @@
+ rpm_execcon only returns upon errors, as it calls execve(2).
+ 
+ .SH "SEE ALSO"
+-.BR freecon "(3), " getcon "(3)"
++.BR selinux "(8), " freecon "(3), " getcon "(3)"
+ 
+ 
+diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/getfilecon.3 libselinux-1.33.4/man/man3/getfilecon.3
+--- nsalibselinux/man/man3/getfilecon.3	2006-11-16 17:15:30.000000000 -0500
++++ libselinux-1.33.4/man/man3/getfilecon.3	2007-01-12 10:50:59.000000000 -0500
+@@ -1,6 +1,6 @@
+ .TH "getfilecon" "3" "1 January 2004" "russell@coker.com.au" "SE Linux API documentation"
+ .SH "NAME"
+-getfilecon, fgetfilecon, lgetfilecon \- get SE Linux security context of a file
++getfilecon, fgetfilecon, lgetfilecon \- get SELinux security context of a file
+ .SH "SYNOPSIS"
+ .B #include <selinux/selinux.h>
+ .sp
+@@ -40,4 +40,4 @@
+ here.
+ 
+ .SH "SEE ALSO"
+-.BR freecon "(3), " setfilecon "(3), " setfscreatecon "(3)"
++.BR selinux "(8), " freecon "(3), " setfilecon "(3), " setfscreatecon "(3)"
+diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/getfscreatecon.3 libselinux-1.33.4/man/man3/getfscreatecon.3
+--- nsalibselinux/man/man3/getfscreatecon.3	2006-11-16 17:15:30.000000000 -0500
++++ libselinux-1.33.4/man/man3/getfscreatecon.3	2007-01-12 10:50:55.000000000 -0500
+@@ -1,6 +1,6 @@
+ .TH "getfscreatecon" "3" "1 January 2004" "russell@coker.com.au" "SE Linux API documentation"
+ .SH "NAME"
+-getfscreatecon, setfscreatecon \- get or set the SE Linux security context used for creating a new file system object.
++getfscreatecon, setfscreatecon \- get or set the SELinux security context used for creating a new file system object.
+ 
+ .SH "SYNOPSIS"
+ .B #include <selinux/selinux.h>
+@@ -35,4 +35,4 @@
+ On success 0 is returned.
+ 
+ .SH "SEE ALSO"
+-.BR freecon "(3), " getcon "(3), " getexeccon "(3)"
++.BR selinux "(8), " freecon "(3), " getcon "(3), " getexeccon "(3)"
+diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/get_ordered_context_list.3 libselinux-1.33.4/man/man3/get_ordered_context_list.3
+--- nsalibselinux/man/man3/get_ordered_context_list.3	2006-11-16 17:15:30.000000000 -0500
++++ libselinux-1.33.4/man/man3/get_ordered_context_list.3	2007-01-12 10:50:48.000000000 -0500
+@@ -1,6 +1,6 @@
+ .TH "get_ordered_context_list" "3" "1 January 2004" "russell@coker.com.au" "SE Linux"
+ .SH "NAME"
+-get_ordered_context_list, get_ordered_context_list_with_level, get_default_context, get_default_context_with_level, get_default_context_with_role, get_default_context_with_rolelevel, query_user_context, manual_user_enter_context, get_default_role \- determine context(s) for user sessions
++get_ordered_context_list, get_ordered_context_list_with_level, get_default_context, get_default_context_with_level, get_default_context_with_role, get_default_context_with_rolelevel, query_user_context, manual_user_enter_context, get_default_role \- determine SELinux context(s) for user sessions
+ 
+ .SH "SYNOPSIS"
+ .B #include <selinux/selinux.h>
+@@ -77,4 +77,4 @@
+ The other functions return 0 for success or -1 for errors.
+ 
+ .SH "SEE ALSO"
+-.BR freeconary "(3), " freecon "(3), " security_compute_av "(3)", getseuserbyname"(3)"
++.BR selinux "(8), " freeconary "(3), " freecon "(3), " security_compute_av "(3)", getseuserbyname"(3)"
+diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/getseuserbyname.3 libselinux-1.33.4/man/man3/getseuserbyname.3
+--- nsalibselinux/man/man3/getseuserbyname.3	2006-11-16 17:15:30.000000000 -0500
++++ libselinux-1.33.4/man/man3/getseuserbyname.3	2007-01-12 10:13:47.000000000 -0500
+@@ -23,3 +23,6 @@
+ The errors documented for the stat(2) system call are also applicable
+ here.
+ 
++.SH "SEE ALSO"
++.BR selinux "(8)"
++
+diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/is_context_customizable.3 libselinux-1.33.4/man/man3/is_context_customizable.3
+--- nsalibselinux/man/man3/is_context_customizable.3	2006-11-16 17:15:30.000000000 -0500
++++ libselinux-1.33.4/man/man3/is_context_customizable.3	2007-01-12 10:50:33.000000000 -0500
+@@ -1,6 +1,6 @@
+ .TH "is_context_customizable" "3" "10 January 2005" "dwalsh@redhat.com" "SELinux API documentation"
+ .SH "NAME"
+-is_context_customizable \- check whether context type is customizable by the administrator.
++is_context_customizable \- check whether SELinux context type is customizable by the administrator.
+ .SH "SYNOPSIS"
+ .B #include <selinux/selinux.h>
+ .sp
+@@ -20,3 +20,6 @@
+ .SH "FILE"
+ /etc/selinux/SELINUXTYPE/context/customizable_types
+ 
++.SH "SEE ALSO"
++.BR selinux "(8)"
++
+diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/is_selinux_enabled.3 libselinux-1.33.4/man/man3/is_selinux_enabled.3
+--- nsalibselinux/man/man3/is_selinux_enabled.3	2006-11-16 17:15:30.000000000 -0500
++++ libselinux-1.33.4/man/man3/is_selinux_enabled.3	2007-01-12 10:50:24.000000000 -0500
+@@ -1,6 +1,6 @@
+ .TH "is_selinux_enabled" "3" "1 January 2004" "russell@coker.com.au" "SE Linux API documentation"
+ .SH "NAME"
+-is_selinux_enabled \- check whether SE Linux is enabled
++is_selinux_enabled \- check whether SELinux is enabled
+ .SH "SYNOPSIS"
+ .B #include <selinux/selinux.h>
+ .sp
+@@ -9,3 +9,7 @@
+ .SH "DESCRIPTION"
+ .B is_selinux_enabled
+ returns 1 if SE Linux is running or 0 if it is not.  May change soon.
++
++.SH "SEE ALSO"
++.BR selinux "(8)"
++
+diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/matchmediacon.3 libselinux-1.33.4/man/man3/matchmediacon.3
+--- nsalibselinux/man/man3/matchmediacon.3	2006-11-16 17:15:30.000000000 -0500
++++ libselinux-1.33.4/man/man3/matchmediacon.3	2007-01-12 10:50:18.000000000 -0500
+@@ -1,6 +1,6 @@
+ .TH "matchmediacon" "3" "15 November 2004" "dwalsh@redhat.com" "SE Linux API documentation"
+ .SH "NAME"
+-matchmediacon \- get the default security context for the specified mediatype from the policy.
++matchmediacon \- get the default SELinux security context for the specified mediatype from the policy.
+ 
+ .SH "SYNOPSIS"
+ .B #include <selinux/selinux.h>
+@@ -23,4 +23,4 @@
+ /etc/selinux/POLICYTYPE/contexts/files/media
+ 
+ .SH "SEE ALSO"
+-.BR freecon "(3)
++.BR selinux "(8), " freecon "(3)
+diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/matchpathcon.3 libselinux-1.33.4/man/man3/matchpathcon.3
+--- nsalibselinux/man/man3/matchpathcon.3	2006-11-16 17:15:30.000000000 -0500
++++ libselinux-1.33.4/man/man3/matchpathcon.3	2007-01-12 10:50:12.000000000 -0500
+@@ -1,6 +1,6 @@
+ .TH "matchpathcon" "3" "16 March 2005" "sds@tycho.nsa.gov" "SE Linux API documentation"
+ .SH "NAME"
+-matchpathcon \- get the default security context for the specified path from the file contexts configuration.
++matchpathcon \- get the default SELinux security context for the specified path from the file contexts configuration.
+ 
+ .SH "SYNOPSIS"
+ .B #include <selinux/selinux.h>
+@@ -117,4 +117,4 @@
+ Returns 0 on success or -1 otherwise.
+ 
+ .SH "SEE ALSO"
+-.BR freecon "(3), " setfilecon "(3), " setfscreatecon "(3)"
++.BR selinux "(8), " freecon "(3), " setfilecon "(3), " setfscreatecon "(3)"
+diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/security_check_context.3 libselinux-1.33.4/man/man3/security_check_context.3
+--- nsalibselinux/man/man3/security_check_context.3	2006-11-16 17:15:30.000000000 -0500
++++ libselinux-1.33.4/man/man3/security_check_context.3	2007-01-12 10:50:01.000000000 -0500
+@@ -1,6 +1,6 @@
+ .TH "security_check_context" "3" "1 January 2004" "russell@coker.com.au" "SE Linux API documentation"
+ .SH "NAME"
+-security_check_context \- check the validity of a context
++security_check_context \- check the validity of a SELinux context
+ .SH "SYNOPSIS"
+ .B #include <selinux/selinux.h>
+ .sp
+@@ -10,3 +10,7 @@
+ .B security_check_context
+ returns 0 if SE Linux is running and the context is valid, otherwise it
+ returns -1.
++
++.SH "SEE ALSO"
++.BR selinux "(8)"
++
+diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/security_compute_av.3 libselinux-1.33.4/man/man3/security_compute_av.3
+--- nsalibselinux/man/man3/security_compute_av.3	2006-11-16 17:15:30.000000000 -0500
++++ libselinux-1.33.4/man/man3/security_compute_av.3	2007-01-12 10:49:51.000000000 -0500
+@@ -1,7 +1,7 @@
+ .TH "security_compute_av" "3" "1 January 2004" "russell@coker.com.au" "SE Linux API documentation"
+ .SH "NAME"
+ security_compute_av, security_compute_create, security_compute_relabel, security_compute_user \- query
+-the SE Linux policy database in the kernel.
++the SELinux policy database in the kernel.
+ 
+ .SH "SYNOPSIS"
+ .B #include <selinux/selinux.h>
+@@ -51,4 +51,4 @@
+ 0 for success and on error -1 is returned.
+ 
+ .SH "SEE ALSO"
+-.BR getcon "(3), " getfilecon "(3), " get_ordered_context_list "(3)"
++.BR selinux "(8), " getcon "(3), " getfilecon "(3), " get_ordered_context_list "(3)"
+diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/security_getenforce.3 libselinux-1.33.4/man/man3/security_getenforce.3
+--- nsalibselinux/man/man3/security_getenforce.3	2006-11-16 17:15:30.000000000 -0500
++++ libselinux-1.33.4/man/man3/security_getenforce.3	2007-01-12 10:49:38.000000000 -0500
+@@ -1,6 +1,6 @@
+ .TH "security_getenforce" "3" "1 January 2004" "russell@coker.com.au" "SE Linux API documentation"
+ .SH "NAME"
+-security_getenforce, security_setenforce \- get or set the enforcing state of SE Linux
++security_getenforce, security_setenforce \- get or set the enforcing state of SELinux
+ .SH "SYNOPSIS"
+ .B #include <selinux/selinux.h>
+ .sp
+@@ -17,3 +17,7 @@
+ sets SE Linux to enforcing mode if the value 1 is passed in, and sets it to
+ permissive mode if 0 is passed in.  On success 0 is returned, on error -1 is
+ returned.
++
++.SH "SEE ALSO"
++.BR selinux "(8)"
++
+diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/security_load_booleans.3 libselinux-1.33.4/man/man3/security_load_booleans.3
+--- nsalibselinux/man/man3/security_load_booleans.3	2006-11-16 17:15:30.000000000 -0500
++++ libselinux-1.33.4/man/man3/security_load_booleans.3	2007-01-12 10:12:30.000000000 -0500
+@@ -56,4 +56,4 @@
+ This manual page was written by Dan Walsh <dwalsh@redhat.com>.
+ 
+ .SH "SEE ALSO"
+-getsebool(8), booleans(8), togglesebool(8)
++selinux(8), getsebool(8), booleans(8), togglesebool(8)
+diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/security_load_policy.3 libselinux-1.33.4/man/man3/security_load_policy.3
+--- nsalibselinux/man/man3/security_load_policy.3	2006-11-16 17:15:30.000000000 -0500
++++ libselinux-1.33.4/man/man3/security_load_policy.3	2007-01-12 10:49:30.000000000 -0500
+@@ -1,6 +1,6 @@
+ .TH "security_load_policy" "3" "1 January 2004" "russell@coker.com.au" "SE Linux API documentation"
+ .SH "NAME"
+-security_load_policy \- load a new policy
++security_load_policy \- load a new SELinux policy
+ .SH "SYNOPSIS"
+ .B #include <selinux/selinux.h>
+ .sp
+@@ -9,3 +9,7 @@
+ .SH "DESCRIPTION"
+ .B security_load_policy
+ loads a new policy, returns 0 for success and -1 for error.
++
++.SH "SEE ALSO"
++.BR selinux "(8)"
++
+diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/security_policyvers.3 libselinux-1.33.4/man/man3/security_policyvers.3
+--- nsalibselinux/man/man3/security_policyvers.3	2006-11-16 17:15:30.000000000 -0500
++++ libselinux-1.33.4/man/man3/security_policyvers.3	2007-01-12 10:49:22.000000000 -0500
+@@ -1,6 +1,6 @@
+ .TH "security_policyvers" "3" "1 January 2004" "russell@coker.com.au" "SE Linux API documentation"
+ .SH "NAME"
+-security_policyvers \- get the version of the SE Linux policy
++security_policyvers \- get the version of the SELinux policy
+ .SH "SYNOPSIS"
+ .B #include <selinux/selinux.h>
+ .sp
+@@ -10,3 +10,7 @@
+ .B security_policyvers
+ returns the version of the policy (a positive integer) on success, or -1 on
+ error.
++
++.SH "SEE ALSO"
++.BR selinux "(8)"
++
+diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/selinux_binary_policy_path.3 libselinux-1.33.4/man/man3/selinux_binary_policy_path.3
+--- nsalibselinux/man/man3/selinux_binary_policy_path.3	2007-01-11 14:01:22.000000000 -0500
++++ libselinux-1.33.4/man/man3/selinux_binary_policy_path.3	2007-01-12 10:49:16.000000000 -0500
+@@ -4,7 +4,7 @@
+ selinux_failsafe_context_path, selinux_removable_context_path,
+ selinux_default_context_path, selinux_user_contexts_path,
+ selinux_file_context_path, selinux_media_context_path,
+-selinux_contexts_path, selinux_booleans_path \- These functions return the paths to the active policy configuration
++selinux_contexts_path, selinux_booleans_path \- These functions return the paths to the active SELinux policy configuration
+ directories and files.
+ 
+ .SH "SYNOPSIS"
+@@ -65,3 +65,6 @@
  .SH AUTHOR	
-diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/selinux_check_securetty_context.3 libselinux-1.33.3/man/man3/selinux_check_securetty_context.3
+ This manual page was written by Dan Walsh <dwalsh@redhat.com>.
---- nsalibselinux/man/man3/selinux_check_securetty_context.3	1969-12-31 19:00:00.000000000 -0500
-+++ libselinux-1.33.3/man/man3/selinux_check_securetty_context.3	2007-01-09 09:49:51.000000000 -0500
-@@ -0,0 +1,13 @@
-+.TH "selinux_check_securetty_context" "3" "1 January 2007" "dwalsh@redhat.com" "SE Linux API documentation"
-+.SH "NAME"
-+selinux_check_securetty_context \- check whether a tty security context is defined as a securetty context
-+.SH "SYNOPSIS"
-+.B #include <selinux/selinux.h>
-+.sp
-+.BI "int selinux_check_securetty_context(security_context_t "tty_context );
-+
-+.SH "DESCRIPTION"
-+.B selinux_check_securetty_context
-+returns 1 if tty_context is a securetty context
-+returns 0 if tty_context is a not a securetty context
-+returns -1 on error.
-diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/selinux_securetty_context_path.3 libselinux-1.33.3/man/man3/selinux_securetty_context_path.3
---- nsalibselinux/man/man3/selinux_securetty_context_path.3	1969-12-31 19:00:00.000000000 -0500
-+++ libselinux-1.33.3/man/man3/selinux_securetty_context_path.3	2007-01-09 09:49:51.000000000 -0500
-@@ -0,0 +1 @@
-+.so man3/selinux_binary_policy_path.3
-diff --exclude-from=exclude -N -u -r nsalibselinux/src/file_path_suffixes.h libselinux-1.33.3/src/file_path_suffixes.h
---- nsalibselinux/src/file_path_suffixes.h	2006-11-16 17:15:25.000000000 -0500
-+++ libselinux-1.33.3/src/file_path_suffixes.h	2007-01-09 09:49:51.000000000 -0500
-@@ -7,6 +7,7 @@
-     S_(USER_CONTEXTS, "/contexts/users/")
-     S_(FAILSAFE_CONTEXT, "/contexts/failsafe_context")
-     S_(DEFAULT_TYPE, "/contexts/default_type")
-+    S_(SECURETTY_CONTEXTS, "/contexts/securetty_contexts")
-     S_(BOOLEANS, "/booleans")
-     S_(MEDIA_CONTEXTS, "/contexts/files/media")
-     S_(REMOVABLE_CONTEXT, "/contexts/removable_context")
-diff --exclude-from=exclude -N -u -r nsalibselinux/src/selinux_check_securetty_context.c libselinux-1.33.3/src/selinux_check_securetty_context.c
---- nsalibselinux/src/selinux_check_securetty_context.c	1969-12-31 19:00:00.000000000 -0500
-+++ libselinux-1.33.3/src/selinux_check_securetty_context.c	2007-01-09 10:00:58.000000000 -0500
-@@ -0,0 +1,54 @@
-+#include <unistd.h>
-+#include <stdlib.h>
-+#include <string.h>
-+#include <stdio.h>
-+#include <ctype.h>
-+#include "selinux_internal.h"
-+#include "context_internal.h"
-+
-+int selinux_check_securetty_context(security_context_t tty_context)
-+{
-+	char *line = NULL;
-+	char *start, *end = NULL;
-+	size_t line_len = 0;
-+	size_t len;
-+	int found = -1;
-+	FILE *fp;
-+	fp = fopen(selinux_securetty_context_path(), "r");
-+	if (fp) {
-+		context_t con = context_new(tty_context);
-+		if (con) {
-+			const char *type = context_type_get(con);
-+			found = 0;
-+			while ((len = getline(&line, &line_len, fp)) != -1) {
-+
-+				if (line[len - 1] == '\n')
-+					line[len - 1] = 0;
-+
-+				/* Skip leading whitespace. */
-+				start = line;
-+				while (*start && isspace(*start))
-+					start++;
-+				if (!(*start))
-+					continue;
-+
-+				end = start;
-+				while (*end && !isspace(*end))
-+					end++;
-+				if (*end)
-+					*end++ = 0;
-+				if (!strcmp(type, start)) {
-+					found = 1;
-+					break;
-+				}
-+			}
-+			free(line);
-+			context_free(con);
-+		}
-+		fclose(fp);
-+	}
-+
-+	return found;
-+}
-+
-+hidden_def(selinux_check_securetty_context)
-diff --exclude-from=exclude -N -u -r nsalibselinux/src/selinux_config.c libselinux-1.33.3/src/selinux_config.c
---- nsalibselinux/src/selinux_config.c	2006-11-16 17:15:25.000000000 -0500
-+++ libselinux-1.33.3/src/selinux_config.c	2007-01-09 09:49:51.000000000 -0500
-@@ -38,7 +38,8 @@
- #define NETFILTER_CONTEXTS    15
- #define FILE_CONTEXTS_HOMEDIR 16
- #define FILE_CONTEXTS_LOCAL 17
--#define NEL               18
-+#define SECURETTY_CONTEXTS  18
-+#define NEL               19
  
- /* New layout is relative to SELINUXDIR/policytype. */
++.SH "SEE ALSO"
- static char *file_paths[NEL];
++.BR selinux "(8)"
-@@ -299,6 +300,13 @@
++
+diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/selinux_check_securetty_context.3 libselinux-1.33.4/man/man3/selinux_check_securetty_context.3
+--- nsalibselinux/man/man3/selinux_check_securetty_context.3	2007-01-11 14:01:22.000000000 -0500
++++ libselinux-1.33.4/man/man3/selinux_check_securetty_context.3	2007-01-12 10:48:56.000000000 -0500
+@@ -1,6 +1,6 @@
+ .TH "selinux_check_securetty_context" "3" "1 January 2007" "dwalsh@redhat.com" "SE Linux API documentation"
+ .SH "NAME"
+-selinux_check_securetty_context \- check whether a tty security context is defined as a securetty context
++selinux_check_securetty_context \- check whether a SELinux tty security context is defined as a securetty context
+ .SH "SYNOPSIS"
+ .B #include <selinux/selinux.h>
+ .sp
+@@ -10,3 +10,7 @@
+ .B selinux_check_securetty_context
+ returns 0 if tty_context is a securetty context
+ returns < 0 otherwise. 
++
++.SH "SEE ALSO"
++.BR selinux "(8)"
++
+diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/selinux_getenforcemode.3 libselinux-1.33.4/man/man3/selinux_getenforcemode.3
+--- nsalibselinux/man/man3/selinux_getenforcemode.3	2006-11-16 17:15:30.000000000 -0500
++++ libselinux-1.33.4/man/man3/selinux_getenforcemode.3	2007-01-12 10:48:36.000000000 -0500
+@@ -1,6 +1,6 @@
+ .TH "selinux_getenforcemode" "3" "25 May 2004" "dwalsh@redhat.com" "SE Linux API documentation"
+ .SH "NAME"
+-selinux_getenforcemode \- get the enforcing state of SE Linux
++selinux_getenforcemode \- get the enforcing state of SELinux
+ .SH "SYNOPSIS"
+ .B #include <selinux/selinux.h>
+ .sp
+@@ -19,4 +19,7 @@
+ On success, zero is returned.
+ On failure, -1 is returned.
  
- hidden_def(selinux_default_context_path)
++.SH "SEE ALSO"
++.BR selinux "(8)"
++
  
-+const char *selinux_securetty_context_path()
+diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/selinux_policy_root.3 libselinux-1.33.4/man/man3/selinux_policy_root.3
-+{
+--- nsalibselinux/man/man3/selinux_policy_root.3	2006-11-16 17:15:30.000000000 -0500
-+	return get_path(SECURETTY_CONTEXTS);
++++ libselinux-1.33.4/man/man3/selinux_policy_root.3	2007-01-12 10:11:54.000000000 -0500
-+}
+@@ -14,4 +14,7 @@
+ On success, returns a directory path containing the SELinux policy files.
+ On failure, NULL is returned.
+ 
++.SH "SEE ALSO"
++.BR selinux "(8)"
 +
-+hidden_def(selinux_securetty_context_path)
+ 
+diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/setfilecon.3 libselinux-1.33.4/man/man3/setfilecon.3
+--- nsalibselinux/man/man3/setfilecon.3	2006-11-16 17:15:30.000000000 -0500
++++ libselinux-1.33.4/man/man3/setfilecon.3	2007-01-12 10:48:24.000000000 -0500
+@@ -1,6 +1,6 @@
+ .TH "setfilecon" "3" "1 January 2004" "russell@coker.com.au" "SE Linux API documentation"
+ .SH "NAME"
+-setfilecon, fsetfilecon, lsetfilecon \- set SE Linux security context of a file
++setfilecon, fsetfilecon, lsetfilecon \- set SELinux security context of a file
+ 
+ .SH "SYNOPSIS"
+ .B #include <selinux/selinux.h>
+@@ -38,4 +38,4 @@
+ here.
+ 
+ .SH "SEE ALSO"
+-.BR freecon "(3), " getfilecon "(3), " setfscreatecon "(3)"
++.BR selinux "(3), " freecon "(3), " getfilecon "(3), " setfscreatecon "(3)"
+diff --exclude-from=exclude -N -u -r nsalibselinux/man/man8/avcstat.8 libselinux-1.33.4/man/man8/avcstat.8
+--- nsalibselinux/man/man8/avcstat.8	2006-11-16 17:15:26.000000000 -0500
++++ libselinux-1.33.4/man/man8/avcstat.8	2007-01-12 10:09:24.000000000 -0500
+@@ -22,6 +22,9 @@
+ .B \-f
+ Specifies the location of the AVC statistics file, defaulting to '/selinux/avc/cache_stats'.
+ 
++.SH "SEE ALSO"
++selinux(8)
 +
- const char *selinux_failsafe_context_path()
+ .SH AUTHOR	
- {
+ This manual page was written by Dan Walsh <dwalsh@redhat.com>.
- 	return get_path(FAILSAFE_CONTEXT);
+ The program was written by James Morris <jmorris@redhat.com>.
-diff --exclude-from=exclude -N -u -r nsalibselinux/src/selinux_internal.h libselinux-1.33.3/src/selinux_internal.h
+diff --exclude-from=exclude -N -u -r nsalibselinux/man/man8/getenforce.8 libselinux-1.33.4/man/man8/getenforce.8
---- nsalibselinux/src/selinux_internal.h	2006-11-16 17:15:25.000000000 -0500
+--- nsalibselinux/man/man8/getenforce.8	2006-11-16 17:15:26.000000000 -0500
-+++ libselinux-1.33.3/src/selinux_internal.h	2007-01-09 09:49:51.000000000 -0500
++++ libselinux-1.33.4/man/man8/getenforce.8	2007-01-12 10:07:11.000000000 -0500
-@@ -53,6 +53,7 @@
+@@ -12,4 +12,4 @@
-     hidden_proto(security_setenforce)
+ Dan Walsh, <dwalsh@redhat.com>
-     hidden_proto(selinux_binary_policy_path)
+ 
-     hidden_proto(selinux_default_context_path)
+ .SH "SEE ALSO"
-+    hidden_proto(selinux_securetty_context_path)
+-setenforce(8), selinuxenabled(8)
-     hidden_proto(selinux_failsafe_context_path)
++selinux(8), setenforce(8), selinuxenabled(8)
-     hidden_proto(selinux_removable_context_path)
+diff --exclude-from=exclude -N -u -r nsalibselinux/man/man8/getsebool.8 libselinux-1.33.4/man/man8/getsebool.8
-     hidden_proto(selinux_file_context_path)
+--- nsalibselinux/man/man8/getsebool.8	2006-11-16 17:15:26.000000000 -0500
-@@ -66,6 +67,7 @@
++++ libselinux-1.33.4/man/man8/getsebool.8	2007-01-12 10:11:15.000000000 -0500
-     hidden_proto(selinux_media_context_path)
+@@ -26,9 +26,10 @@
-     hidden_proto(selinux_path)
+ .B \-a
-     hidden_proto(selinux_check_passwd_access)
+ Show all SELinux booleans.
-+    hidden_proto(selinux_check_securetty_context)
+ 
-     hidden_proto(matchpathcon_init_prefix)
++.SH "SEE ALSO"
-     hidden_proto(selinux_users_path)
++selinux(8), setsebool(8), booleans(8)
-     hidden_proto(selinux_usersconf_path);
-diff --exclude-from=exclude -N -u -r nsalibselinux/utils/getdefaultcon.c libselinux-1.33.3/utils/getdefaultcon.c
---- nsalibselinux/utils/getdefaultcon.c	1969-12-31 19:00:00.000000000 -0500
-+++ libselinux-1.33.3/utils/getdefaultcon.c	2007-01-09 14:55:19.000000000 -0500
-@@ -0,0 +1,75 @@
-+#include <unistd.h>
-+#include <sys/types.h>
-+#include <fcntl.h>
-+#include <stdio.h>
-+#include <stdlib.h>
-+#include <errno.h>
-+#include <string.h>
-+#include <ctype.h>
-+#include <selinux/selinux.h>
-+#include <selinux/get_context_list.h>
 +
-+void usage(char *name, char *detail, int rc)
+ .SH AUTHOR	
-+{
+ This manual page was written by Dan Walsh <dwalsh@redhat.com>.
-+	fprintf(stderr, "usage:  %s [-l level] user fromcon\n", name);
+ The program was written by Tresys Technology.
-+	if (detail)
+ 
-+		fprintf(stderr, "%s:  %s\n", name, detail);
+-.SH "SEE ALSO"
-+	exit(rc);
+-setsebool(8), booleans(8)
-+}
+diff --exclude-from=exclude -N -u -r nsalibselinux/man/man8/matchpathcon.8 libselinux-1.33.4/man/man8/matchpathcon.8
-+
+--- nsalibselinux/man/man8/matchpathcon.8	2006-11-16 17:15:26.000000000 -0500
-+int main(int argc, char **argv)
++++ libselinux-1.33.4/man/man8/matchpathcon.8	2007-01-12 10:47:15.000000000 -0500
-+{
+@@ -1,6 +1,6 @@
-+	security_context_t usercon = NULL, cur_context = NULL;
+ .TH "matchpathcon" "8" "21 April 2005" "dwalsh@redhat.com" "SE Linux Command Line documentation"
-+	char *user = NULL, *level = NULL, *role=NULL, *seuser=NULL;
+ .SH "NAME"
-+	int ret, opt;
+-matchpathcon \- get the default security context for the specified path from the file contexts configuration.
-+
++matchpathcon \- get the default SELinux security context for the specified path from the file contexts configuration.
-+	while ((opt = getopt(argc, argv, "l:r:")) > 0) {
+ 
-+		switch (opt) {
+ .SH "SYNOPSIS"
-+		case 'l':
+ .B matchpathcon [-V] [-N] [-n] [-f file_contexts_file ] [-p prefix ] filepath...
-+			level = strdup(optarg);
+@@ -27,4 +27,5 @@
-+			break;
+ This manual page was written by Dan Walsh <dwalsh@redhat.com>.
-+		case 'r':
+ 
-+			role = strdup(optarg);
+ .SH "SEE ALSO"
-+			break;
++.BR selinux "(8), "
-+		default:
+ .BR mathpathcon "(3), " 
-+			usage(argv[0], "invalid option", 1);
+diff --exclude-from=exclude -N -u -r nsalibselinux/man/man8/selinuxenabled.8 libselinux-1.33.4/man/man8/selinuxenabled.8
-+		}
+--- nsalibselinux/man/man8/selinuxenabled.8	2006-11-16 17:15:26.000000000 -0500
-+	}
++++ libselinux-1.33.4/man/man8/selinuxenabled.8	2007-01-12 10:07:35.000000000 -0500
-+
+@@ -13,4 +13,4 @@
-+	if (((argc - optind) < 1) || ((argc - optind) > 2))
+ Dan Walsh, <dwalsh@redhat.com>
-+		usage(argv[0], "invalid number of arguments", 2);
+ 
-+
+ .SH "SEE ALSO"
-+	/* If selinux isn't available, bail out. */
+-setenforce(8), getenforce(8)
-+	if (!is_selinux_enabled()) {
++selinux(8), setenforce(8), getenforce(8)
-+		fprintf(stderr,
+diff --exclude-from=exclude -N -u -r nsalibselinux/man/man8/setenforce.8 libselinux-1.33.4/man/man8/setenforce.8
-+			"%s may be used only on a SELinux kernel.\n", argv[0]);
+--- nsalibselinux/man/man8/setenforce.8	2006-11-16 17:15:26.000000000 -0500
-+		return 1;
++++ libselinux-1.33.4/man/man8/setenforce.8	2007-01-12 10:06:30.000000000 -0500
-+	}
+@@ -17,7 +17,7 @@
-+
+ Dan Walsh, <dwalsh@redhat.com>
-+	user = argv[optind];
+ 
-+
+ .SH "SEE ALSO"
-+	/* If a context wasn't passed, use the current context. */
+-getenforce(8), selinuxenabled(8)
-+	if (((argc - optind) < 2)) {
++selinux(8), getenforce(8), selinuxenabled(8)
-+		if (getcon(&cur_context) < 0) {
+ 
-+			fprintf(stderr, "Couldn't get current context.\n");
+ .SH FILES
-+			return 2;
+ /etc/grub.conf, /etc/selinux/config
-+		}
+diff --exclude-from=exclude -N -u -r nsalibselinux/man/man8/togglesebool.8 libselinux-1.33.4/man/man8/togglesebool.8
-+	} else
+--- nsalibselinux/man/man8/togglesebool.8	2006-11-16 17:15:26.000000000 -0500
-+		cur_context = argv[optind + 1];
++++ libselinux-1.33.4/man/man8/togglesebool.8	2007-01-12 10:46:55.000000000 -0500
-+
+@@ -1,6 +1,6 @@
-+	if (getseuserbyname(user, &seuser, &level)==0) {
+ .TH "togglesebool" "1" "26 Oct 2004" "sgrubb@redhat.com" "SELinux Command Line documentation"
-+		if (role != NULL && role[0]) 
+ .SH "NAME"
-+			ret=get_default_context_with_rolelevel(seuser, role, level,cur_context,&usercon);
+-togglesebool \- flip the current value of a boolean
-+		else
++togglesebool \- flip the current value of a SELinux boolean
-+			ret=get_default_context_with_level(seuser, level, cur_context,&usercon);
+ .SH "SYNOPSIS"
-+	}
+ .B togglesebool boolean...
-+	if (ret < 0)
+ 
-+		perror(argv[0]);
+@@ -14,4 +14,4 @@
-+	else
+ This man page was written by Steve Grubb <sgrubb@redhat.com>
-+		printf("%s: %s from %s %s %s %s -> %s\n", argv[0], user, cur_context, seuser, role, level, usercon);
+ 
-+
+ .SH "SEE ALSO"
-+
+-booleans(8), getsebool(8), setsebool(8)
-+	free(usercon);
++selinux(8), booleans(8), getsebool(8), setsebool(8)
-+
-+	return 0;
-+}
-diff --exclude-from=exclude -N -u -r nsalibselinux/utils/matchpathcon.c libselinux-1.33.3/utils/matchpathcon.c
---- nsalibselinux/utils/matchpathcon.c	2007-01-04 17:01:41.000000000 -0500
-+++ libselinux-1.33.3/utils/matchpathcon.c	2007-01-09 09:49:51.000000000 -0500
-@@ -95,7 +95,7 @@
- 		}
- 	}
- 	for (i = optind; i < argc; i++) {
--		int mode=0;
-+		int mode = 0;
- 		struct stat buf;
- 		if (lstat(argv[i], &buf) == 0)
- 			mode = buf.st_mode;
-@@ -114,13 +114,15 @@
- 				if (rc >= 0) {
- 					printf("%s has context %s, should be ",
- 					       argv[i], con);
--					error += printmatchpathcon(argv[i], 0, mode);
-+					error +=
-+					    printmatchpathcon(argv[i], 0, mode);
- 					freecon(con);
- 				} else {
- 					printf
- 					    ("actual context unknown: %s, should be ",
- 					     strerror(errno));
--					error += printmatchpathcon(argv[i], 0,mode);
-+					error +=
-+					    printmatchpathcon(argv[i], 0, mode);
- 				}
- 			}
- 		} else {
-diff --exclude-from=exclude -N -u -r nsalibselinux/utils/selinux_check_securetty_context.c libselinux-1.33.3/utils/selinux_check_securetty_context.c
---- nsalibselinux/utils/selinux_check_securetty_context.c	1969-12-31 19:00:00.000000000 -0500
-+++ libselinux-1.33.3/utils/selinux_check_securetty_context.c	2007-01-09 09:49:51.000000000 -0500
-@@ -0,0 +1,38 @@
-+#include <unistd.h>
-+#include <stdio.h>
-+#include <stdlib.h>
-+#include <getopt.h>
-+#include <errno.h>
-+#include <string.h>
-+#include <sys/types.h>
-+#include <sys/stat.h>
-+#include <sys/errno.h>
-+#include <selinux/selinux.h>
-+
-+void usage(const char *progname)
-+{
-+	fprintf(stderr, "usage:  %s tty_context...\n", progname);
-+	exit(1);
-+}
-+
-+int main(int argc, char **argv)
-+{
-+	int i;
-+	if (argc < 2)
-+		usage(argv[0]);
-+
-+	for (i = 1; i < argc; i++) {
-+		switch (selinux_check_securetty_context(argv[i])) {
-+		case 1:
-+			printf("%s securetty.\n", argv[i]);
-+			break;
-+		case 0:
-+			printf("%s not securetty.\n", argv[i]);
-+			break;
-+		case -1:
-+			perror("Failed on check if securetty");
-+			return -1;
-+		}
-+	}
-+	return 0;
-+}

libselinux.spec

@@ -2,10 +2,11 @@
 Summary: SELinux library and simple utilities
 Name: libselinux
 Version: 1.33.4
-Release: 1%{?dist}
+Release: 2%{?dist}
 License: Public domain (uncopyrighted)
 Group: System Environment/Libraries
 Source: http://www.nsa.gov/selinux/archives/%{name}-%{version}.tgz
+Patch: libselinux-rhat.patch
 
 BuildRequires: libsepol-devel >= %{libsepolver} swig
 Requires: libsepol >= %{libsepolver} setransd
@@ -48,6 +49,7 @@ needed for developing SELinux applications.
 
 %prep
 %setup -q
+%patch -p1 -b .rhat 
 
 %build
 make clean
@@ -118,7 +120,11 @@ exit 0
 %{_libdir}/python*/site-packages/selinux.py*
 
 %changelog
-* Fri Jan 5 2007 Dan Walsh <dwalsh@redhat.com> - 1.33.3-3
+* Fri Jan 12 2007 Dan Walsh <dwalsh@redhat.com> - 1.33.4-2
+- Add reference to selinux man page in all man pages to make apropos work
+Resolves: # 217881
+
+* Thu Jan 11 2007 Dan Walsh <dwalsh@redhat.com> - 1.33.4-1
 - Upstream wanted some minor changes, upgrading to keep api the same
 - Upgrade to upstream
 	* Merged selinux_check_securetty_context() and support from Dan Walsh.