++#
++# Copyright 2008 Red Hat, Inc.
++#
++# This program is free software; you can redistribute it and/or modify
++# it under the terms of the GNU General Public License as published by
++# the Free Software Foundation; either version 2 of the License, or
++# (at your option) any later version.
++#
++# This program is distributed in the hope that it will be useful,
++# but WITHOUT ANY WARRANTY; without even the implied warranty of
++# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
++# GNU General Public License for more details.
++#
++# You should have received a copy of the GNU General Public License
++# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
++#
++import signal
++import string
++import gtk
++import gtk.glade
++import os
++import gobject
++import gnome
++import sys
++import selinux
++import seobject
++import gtkhtml2
++from html_util import *
++
++gnome.program_init("SELinux Boolean Lockdown Tool", "5")
++
++INSTALLPATH='/usr/share/system-config-selinux'
++sys.path.append(INSTALLPATH)
++
++##
++## I18N
++##
++PROGNAME="lockdown"
++
++import gettext
++gettext.bindtextdomain(PROGNAME, "/usr/share/locale")
++gettext.textdomain(PROGNAME)
++try:
++ gettext.install(PROGNAME,
++ localedir="/usr/share/locale",
++ unicode=False,
++ codeset = 'utf-8')
++except IOError:
++ import __builtin__
++ __builtin__.__dict__['_'] = unicode
++
++from glob import fnmatch
++
++STATUS=(_("Disable"), _("Enable"), _("Default"))
++DISABLE = 0
++ENABLE = 1
++DEFAULT = 2
++
++def idle_func():
++ while gtk.events_pending():
++ gtk.main_iteration()
++
++def td_fmt(val):
++ return '%s | ' % val
++
++tr_fmt = '%s
\n'
++
++p_fmt = '%s\n'
++
++##
++## Pull in the Glade file
++##
++if os.access("system-config-selinux.glade", os.F_OK):
++ xml = gtk.glade.XML ("lockdown.glade", domain=PROGNAME)
++else:
++ xml = gtk.glade.XML ("/usr/share/system-config-selinux/lockdown.glade", domain=PROGNAME)
++BOOLEAN = 0
++class booleanWindow:
++ def __init__(self):
++ self.tabs=[]
++ self.xml = xml
++ xml.signal_connect("on_cancel_clicked", self.cancel)
++ xml.signal_connect("on_forward_clicked", self.forward)
++ xml.signal_connect("on_previous_clicked", self.previous)
++ self.xml = xml
++ self.mainWindow = self.xml.get_widget("mainWindow")
++ self.window = self.xml.get_widget("mainWindow").get_root_window()
++ self.busy_cursor = gtk.gdk.Cursor(gtk.gdk.WATCH)
++ self.ready_cursor = gtk.gdk.Cursor(gtk.gdk.LEFT_PTR)
++ self.radiobox = self.xml.get_widget("radiobox")
++
++ self.vbox = self.xml.get_widget("vbox")
++ self.enable_radiobutton = self.xml.get_widget("enable_radiobutton")
++ self.enable_radiobutton.connect("toggled", self.toggled)
++ self.disable_radiobutton = self.xml.get_widget("disable_radiobutton")
++ self.disable_radiobutton.connect("toggled", self.toggled)
++ self.default_radiobutton = self.xml.get_widget("default_radiobutton")
++ self.default_radiobutton.connect("toggled", self.toggled)
++ self.html_scrolledwindow = self.xml.get_widget("html_scrolledwindow")
++
++ self.view = xml.get_widget("booleanView")
++ self.view.get_selection().connect("changed", self.itemSelected)
++
++ self.store = gtk.TreeStore(gobject.TYPE_STRING)
++ self.view.set_model(self.store)
++
++ col = gtk.TreeViewColumn("Boolean", gtk.CellRendererText(), text=BOOLEAN)
++ col.set_sort_column_id(BOOLEAN)
++ col.set_resizable(True)
++ self.view.append_column(col)
++
++ self.html_view, self.doc = self.create_htmlview(self.html_scrolledwindow)
++ self.load()
++ self.view.get_selection().select_path ((1,))
++ print dir(self.view.get_selection())
++
++ def create_htmlview(self, container):
++ view = gtkhtml2.View()
++ doc = gtkhtml2.Document()
++ container.set_hadjustment(view.get_hadjustment())
++ container.set_vadjustment(view.get_vadjustment())
++ view.set_document(doc)
++ container.add(view)
++ return (view, doc)
++
++ def wait(self):
++ self.window.set_cursor(self.busy_cursor)
++ idle_func()
++
++ def ready(self):
++ self.window.set_cursor(self.ready_cursor)
++ idle_func()
++
++ def load(self):
++ self.store.clear()
++ self.booleans = seobject.booleanRecords()
++ booleansList = self.booleans.get_all(0)
++ self.booldict = {}
++ for name in booleansList:
++ cat = self.booleans.get_category(name)
++ if cat not in self.booldict:
++ self.booldict[cat] = {}
++
++ rec = booleansList[name]
++ self.booldict[cat][name]= [rec[2], self.booleans.get_desc(name)]
++
++ cats = self.booldict.keys()
++ cats.sort()
++
++ citer = self.store.append(None)
++ self.store.set_value(citer, BOOLEAN, "Begin")
++ for cat in cats:
++ citer = self.store.append(None)
++ self.store.set_value(citer, BOOLEAN, cat)
++ bools = self.booldict[cat].keys()
++ for bool in bools:
++ biter = self.store.append(citer)
++ self.store.set_value(biter, BOOLEAN, bool)
++ biter = self.store.append(citer)
++ self.store.set_value(biter, BOOLEAN, "Finish")
++ citer = self.store.append(None)
++ self.store.set_value(citer, BOOLEAN, "Finish")
++
++ def on_about_activate(self, args):
++ dlg = xml.get_widget ("aboutWindow")
++ dlg.run ()
++ dlg.hide ()
++
++ def cancel(self, args):
++ gtk.main_quit()
++
++ def forward(self, args):
++ selection = self.view.get_selection()
++ store, iter = selection.get_selected()
++ if self.store.iter_has_child(iter):
++ store, rows = selection.get_selected_rows()
++ self.view.expand_to_path(rows[0])
++ niter = self.store.iter_nth_child(iter, 0)
++ else:
++ niter = store.iter_next(iter)
++
++ if niter == None:
++ piter = self.store.iter_parent(iter)
++ if piter == None:
++ return
++ niter = store.iter_next(piter)
++
++ if niter != None:
++ selection.select_iter(niter)
++ store, rows = selection.get_selected_rows()
++ self.view.scroll_to_cell(rows[0])
++ else:
++ print "Finish"
++
++ def toggled(self, button):
++ if button.get_active() == False:
++ return
++ if self.cat == None:
++ return
++ if self.disable_radiobutton == button:
++ self.booldict[self.cat][self.name][0] = DISABLE
++ if self.enable_radiobutton == button:
++ self.booldict[self.cat][self.name][0] = ENABLE
++ if self.default_radiobutton == button:
++ self.booldict[self.cat][self.name][0] = DEFAULT
++
++ def previous(self, args):
++ selection = self.view.get_selection()
++ store, iter = selection.get_selected()
++ store, rows = selection.get_selected_rows()
++ row = rows[0]
++ if len(row) == 1 or self.store.iter_has_child(iter):
++ if row[0] == 0:
++ return
++ nrow = row[0] - 1
++ iter = self.store.get_iter((nrow,))
++ if self.store.iter_has_child(iter):
++ self.view.expand_to_path((nrow,))
++ n = store.iter_n_children(iter) -1
++ piter = store.iter_nth_child(iter, n)
++ else:
++ piter = iter
++ else:
++ if row[1] == 0:
++ piter = self.store.iter_parent(iter)
++ else:
++ r0 = row[0]
++ r1 = row[1] - 1
++ piter = self.store.get_iter((r0,r1))
++ if piter != None:
++ selection.select_iter(piter)
++ store, rows = selection.get_selected_rows()
++ self.view.scroll_to_cell(rows[0])
++ else:
++ print "Finish"
++
++ def html_cat(self, cat):
++ html = ""
++ row = td_fmt(_("Boolean")) + td_fmt(_("Description")) + td_fmt(_("Status"))
++ html += tr_fmt % row
++
++ for b in self.booldict[cat]:
++ row = td_fmt(b) + td_fmt(self.booleans.get_desc(b)) + td_fmt(STATUS[self.booldict[cat][b][0]])
++ html += tr_fmt % row
++ return html
++
++ def html_table(self, title, body):
++ html = self.html_head(title)
++ html += '
\n'
++ html += body
++ html += '
'
++ return html
++
++ def html_head(self, val):
++ # Wrap entire alert in one table
++ # 1st table: primary Information
++
++ html = '%s\n\n\n' % val
++ return html
++
++ def html_all(self):
++ html = ""
++ cats = self.booldict.keys()
++ cats.sort()
++ for cat in cats:
++ html += self.html_table((_("Category: ") + cat), self.html_cat(cat))
++ return html
++
++ def itemSelected(self, selection):
++ store, iter = selection.get_selected()
++ if iter == None:
++ return
++
++ piter = self.store.iter_parent(iter)
++ if piter != None:
++ self.cat = store.get_value(piter, BOOLEAN)
++ else:
++ self.cat = None
++
++ self.name = store.get_value(iter, BOOLEAN)
++ self.doc.clear()
++ self.doc.open_stream("text/html")
++
++ html = ''
++
++ self.radiobox.hide()
++ if self.name == _("Begin"):
++ html += self.html_head(_("Welcome to the SELinux Lockdown Tool, Blah Blah, Blah"))
++ html += self.html_all()
++ else:
++ if self.name == _("Finish"):
++ if self.cat != None:
++ cat_finish="%s %s %s" % (_("Categories: "),self.cat,_("Finish"))
++ html += self.html_all(cat_finish, self.html_cat(self.cat))
++ else:
++ html += self.html_head(self.name)
++ html += self.html_all()
++ else:
++ if self.store.iter_has_child(iter):
++ html += self.html_table(_("Category: ") + self.name, self.html_cat(self.name))
++ else:
++ self.radiobox.show()
++ html += self.html_table(_("Boolean: ") + self.name, tr_fmt % td_fmt(self.booleans.get_desc(self.name)))
++ if self.booldict[self.cat][self.name][0] == ENABLE:
++ self.enable_radiobutton.set_active(True)
++ if self.booldict[self.cat][self.name][0] == DISABLE:
++ self.disable_radiobutton.set_active(True)
++ if self.booldict[self.cat][self.name][0] == DEFAULT:
++ self.default_radiobutton.set_active(True)
++
++ html_doc= html_document(html)
++
++ self.doc.write_stream(html_doc)
++ self.doc.close_stream()
++
++ def stand_alone(self):
++ desktopName = _("Lockdown SELinux Booleans")
++
++ self.mainWindow.connect("destroy", self.cancel)
++
++ self.mainWindow.show()
++ gtk.main()
++
++if __name__ == "__main__":
++ signal.signal (signal.SIGINT, signal.SIG_DFL)
++
++ app = booleanWindow()
++ app.stand_alone()
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/loginsPage.py policycoreutils-2.0.46/gui/loginsPage.py
+--- nsapolicycoreutils/gui/loginsPage.py 1969-12-31 19:00:00.000000000 -0500
++++ policycoreutils-2.0.46/gui/loginsPage.py 2008-05-06 14:31:45.000000000 -0400
@@ -0,0 +1,185 @@
+## loginsPage.py - show selinux mappings
+## Copyright (C) 2006 Red Hat, Inc.
@@ -642,9 +5139,9 @@ diff -up /dev/null policycoreutils-2.0.46/gui/loginsPage.py
+ self.store.set_value(iter, 1, seuser)
+ self.store.set_value(iter, 2, seobject.translate(serange))
+
-diff -up /dev/null policycoreutils-2.0.46/gui/Makefile
---- /dev/null 2008-04-18 15:30:34.773004687 -0400
-+++ policycoreutils-2.0.46/gui/Makefile 2008-04-18 13:24:17.000000000 -0400
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/Makefile policycoreutils-2.0.46/gui/Makefile
+--- nsapolicycoreutils/gui/Makefile 1969-12-31 19:00:00.000000000 -0500
++++ policycoreutils-2.0.46/gui/Makefile 2008-05-06 14:31:45.000000000 -0400
@@ -0,0 +1,34 @@
+# Installation directories.
+PREFIX ?= ${DESTDIR}/usr
@@ -680,9 +5177,9 @@ diff -up /dev/null policycoreutils-2.0.46/gui/Makefile
+indent:
+
+relabel:
-diff -up /dev/null policycoreutils-2.0.46/gui/mappingsPage.py
---- /dev/null 2008-04-18 15:30:34.773004687 -0400
-+++ policycoreutils-2.0.46/gui/mappingsPage.py 2008-04-18 13:24:17.000000000 -0400
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/mappingsPage.py policycoreutils-2.0.46/gui/mappingsPage.py
+--- nsapolicycoreutils/gui/mappingsPage.py 1969-12-31 19:00:00.000000000 -0500
++++ policycoreutils-2.0.46/gui/mappingsPage.py 2008-05-06 14:31:45.000000000 -0400
@@ -0,0 +1,56 @@
+## mappingsPage.py - show selinux mappings
+## Copyright (C) 2006 Red Hat, Inc.
@@ -740,9 +5237,9 @@ diff -up /dev/null policycoreutils-2.0.46/gui/mappingsPage.py
+ for k in keys:
+ print "%-25s %-25s %-25s" % (k, dict[k][0], translate(dict[k][1]))
+
-diff -up /dev/null policycoreutils-2.0.46/gui/modulesPage.py
---- /dev/null 2008-04-18 15:30:34.773004687 -0400
-+++ policycoreutils-2.0.46/gui/modulesPage.py 2008-04-18 13:24:17.000000000 -0400
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/modulesPage.py policycoreutils-2.0.46/gui/modulesPage.py
+--- nsapolicycoreutils/gui/modulesPage.py 1969-12-31 19:00:00.000000000 -0500
++++ policycoreutils-2.0.46/gui/modulesPage.py 2008-05-06 14:31:45.000000000 -0400
@@ -0,0 +1,195 @@
+## modulesPage.py - show selinux mappings
+## Copyright (C) 2006 Red Hat, Inc.
@@ -939,10 +5436,10 @@ diff -up /dev/null policycoreutils-2.0.46/gui/modulesPage.py
+
+
+
-diff -up /dev/null policycoreutils-2.0.46/gui/polgen.glade
---- /dev/null 2008-04-18 15:30:34.773004687 -0400
-+++ policycoreutils-2.0.46/gui/polgen.glade 2008-04-18 18:50:51.000000000 -0400
-@@ -0,0 +1,3282 @@
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.glade policycoreutils-2.0.46/gui/polgen.glade
+--- nsapolicycoreutils/gui/polgen.glade 1969-12-31 19:00:00.000000000 -0500
++++ policycoreutils-2.0.46/gui/polgen.glade 2008-05-06 14:31:45.000000000 -0400
+@@ -0,0 +1,3284 @@
+
+
+
@@ -1381,6 +5878,7 @@ diff -up /dev/null policycoreutils-2.0.46/gui/polgen.glade
+ False
+ False
+ True
++ init_radiobutton
+
+
+ 0
@@ -1401,7 +5899,7 @@ diff -up /dev/null policycoreutils-2.0.46/gui/polgen.glade
+ False
+ False
+ True
-+ existing_user_radiobutton
++ init_radiobutton
+
+
+ 0
@@ -1422,7 +5920,7 @@ diff -up /dev/null policycoreutils-2.0.46/gui/polgen.glade
+ False
+ False
+ True
-+ existing_user_radiobutton
++ init_radiobutton
+
+
+ 0
@@ -1443,7 +5941,7 @@ diff -up /dev/null policycoreutils-2.0.46/gui/polgen.glade
+ False
+ False
+ True
-+ existing_user_radiobutton
++ init_radiobutton
+
+
+ 0
@@ -1464,7 +5962,7 @@ diff -up /dev/null policycoreutils-2.0.46/gui/polgen.glade
+ False
+ False
+ True
-+ existing_user_radiobutton
++ init_radiobutton
+
+
+ 0
@@ -1574,6 +6072,7 @@ diff -up /dev/null policycoreutils-2.0.46/gui/polgen.glade
+ False
+ False
+ True
++ init_radiobutton
+
+
+ 0
@@ -4225,10 +8724,10 @@ diff -up /dev/null policycoreutils-2.0.46/gui/polgen.glade
+
+
+
-diff -up /dev/null policycoreutils-2.0.46/gui/polgengui.py
---- /dev/null 2008-04-18 15:30:34.773004687 -0400
-+++ policycoreutils-2.0.46/gui/polgengui.py 2008-04-18 18:35:15.000000000 -0400
-@@ -0,0 +1,649 @@
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgengui.py policycoreutils-2.0.46/gui/polgengui.py
+--- nsapolicycoreutils/gui/polgengui.py 1969-12-31 19:00:00.000000000 -0500
++++ policycoreutils-2.0.46/gui/polgengui.py 2008-05-07 07:14:54.000000000 -0400
+@@ -0,0 +1,623 @@
+#!/usr/bin/python -E
+#
+# system-config-selinux.py - GUI for SELinux Config tool in system-config-selinux
@@ -4288,32 +8787,6 @@ diff -up /dev/null policycoreutils-2.0.46/gui/polgengui.py
+sys.path.append('/usr/share/system-config-selinux')
+sys.path.append('.')
+
-+def get_all_types():
-+ try:
-+ all_types = []
-+ rc, output=commands.getstatusoutput("seinfo --type")
-+ if rc == 0:
-+ l = output.split()
-+ for i in l:
-+ all_types.append(i.split("_t")[0])
-+ except:
-+ pass
-+
-+ return all_types
-+
-+def get_all_modules():
-+ try:
-+ all_modules = []
-+ rc, output=commands.getstatusoutput("semodule -l")
-+ if rc == 0:
-+ l = output.split("\n")
-+ for i in l:
-+ all_modules.append(i.split()[0])
-+ except:
-+ pass
-+
-+ return all_modules
-+
+# From John Hunter http://www.daa.com.au/pipermail/pygtk/2003-February/004454.html
+def foreach(model, path, iter, selected):
+ selected.append(model.get_value(iter, 0))
@@ -4349,8 +8822,8 @@ diff -up /dev/null policycoreutils-2.0.46/gui/polgengui.py
+
+ def __init__(self):
+ self.xml = xml
-+ self.all_types=get_all_types()
-+ self.all_modules=get_all_modules()
++ self.all_types=polgen.get_all_types()
++ self.all_modules=polgen.get_all_modules()
+ self.name=""
+ xml.signal_connect("on_delete_clicked", self.delete)
+ xml.signal_connect("on_delete_boolean_clicked", self.delete_boolean)
@@ -4441,12 +8914,12 @@ diff -up /dev/null policycoreutils-2.0.46/gui/polgengui.py
+ col = gtk.TreeViewColumn(_("Existing_User"), gtk.CellRendererText(), text = 0)
+ self.existing_user_treeview.append_column(col)
+
-+ roles = commands.getoutput("/usr/bin/seinfo -r").split()[2:]
++ roles = polgen.get_all_roles()
+ for i in roles:
+ iter = self.role_store.append()
+ self.role_store.set_value(iter, 0, i[:-2])
+
-+ self.types = commands.getoutput("/usr/bin/seinfo -t").split()[2:]
++ self.types = polgen.get_all_types()
+
+ self.transition_treeview = self.xml.get_widget("transition_treeview")
+ self.transition_store = gtk.ListStore(gobject.TYPE_STRING)
@@ -4464,7 +8937,7 @@ diff -up /dev/null policycoreutils-2.0.46/gui/polgengui.py
+ col = gtk.TreeViewColumn(_("Application"), gtk.CellRendererText(), text = 0)
+ self.user_transition_treeview.append_column(col)
+
-+ for i in polgen.get_users():
++ for i in polgen.get_all_users():
+ iter = self.user_transition_store.append()
+ self.user_transition_store.set_value(iter, 0, i)
+ iter = self.existing_user_store.append()
@@ -4878,10 +9351,10 @@ diff -up /dev/null policycoreutils-2.0.46/gui/polgengui.py
+
+ app = childWindow()
+ app.stand_alone()
-diff -up /dev/null policycoreutils-2.0.46/gui/polgen.py
---- /dev/null 2008-04-18 15:30:34.773004687 -0400
-+++ policycoreutils-2.0.46/gui/polgen.py 2008-04-18 13:24:17.000000000 -0400
-@@ -0,0 +1,879 @@
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/polgen.py policycoreutils-2.0.46/gui/polgen.py
+--- nsapolicycoreutils/gui/polgen.py 1969-12-31 19:00:00.000000000 -0500
++++ policycoreutils-2.0.46/gui/polgen.py 2008-05-07 07:16:26.000000000 -0400
+@@ -0,0 +1,923 @@
+#!/usr/bin/python
+#
+# Copyright (C) 2007, 2008 Red Hat
@@ -4907,6 +9380,8 @@ diff -up /dev/null policycoreutils-2.0.46/gui/polgen.py
+#
+import os, sys, stat
+import re
++import commands
++
+from templates import executable
+from templates import boolean
+from templates import etc_rw
@@ -4953,16 +9428,46 @@ diff -up /dev/null policycoreutils-2.0.46/gui/polgen.py
+ sys.stderr.write("could not open interface info [%s]\n" % fn)
+ sys.exit(1)
+
-+def get_users():
-+ users = []
-+ userdict = seobject.seluserRecords().get_all()
-+ for i in userdict.keys():
-+ if userdict[i][0] not in users:
-+ users.append(userdict[i][0])
++def get_all_roles():
++ roles = []
++ roles = commands.getoutput("/usr/bin/seinfo -r 2> /dev/tty").split()[2:]
++ roles.remove("object_r")
++ roles.sort()
++ return roles
++
++def get_all_types():
++ all_types = []
++ try:
++ rc, output=commands.getstatusoutput("/usr/bin/seinfo --type 2> /dev/tty")
++ if rc == 0:
++ l = output.split()
++ for i in l:
++ all_types.append(i.split("_t")[0])
++ except:
++ pass
++
++ return all_types
++
++def get_all_modules():
++ try:
++ all_modules = []
++ rc, output=commands.getstatusoutput("semodule -l 2> /dev/tty")
++ if rc == 0:
++ l = output.split("\n")
++ for i in l:
++ all_modules.append(i.split()[0])
++ except:
++ pass
++
++ return all_modules
++
++def get_all_users():
++ users = seobject.seluserRecords().get_all().keys()
++ users.remove("system_u")
++ users.remove("root")
+ users.sort()
+ return users
+
-+
+ALL = 0
+RESERVED = 1
+UNRESERVED = 2
@@ -5071,7 +9576,8 @@ diff -up /dev/null policycoreutils-2.0.46/gui/polgen.py
+ self.admin_domains = []
+ self.transition_domains = []
+ self.roles = []
-+
++ self.all_roles = get_all_roles()
++
+ def __isnetset(self, l):
+ return l[ALL] or l[RESERVED] or l[UNRESERVED] or len(l[PORTS]) > 0
+
@@ -5354,9 +9860,12 @@ diff -up /dev/null policycoreutils-2.0.46/gui/polgen.py
+ for app in self.admin_domains:
+ tmp = re.sub("TEMPLATETYPE", self.name, user.te_admin_domain_rules)
+ newte += re.sub("APPLICATION", app, tmp)
++
+ for u in self.transition_users:
-+ tmp = re.sub("TEMPLATETYPE", self.name, user.te_admin_trans_rules)
-+ newte += re.sub("USER", u, tmp)
++ role = u[:-2]
++ if (role + "_r") in self.all_roles:
++ tmp = re.sub("TEMPLATETYPE", self.name, user.te_admin_trans_rules)
++ newte += re.sub("USER", role, tmp)
+
+ return newte
+
@@ -5586,13 +10095,21 @@ diff -up /dev/null policycoreutils-2.0.46/gui/polgen.py
+ roles += " %s_r" % role
+ if roles != "":
+ roles += " system_r"
-+ tmp = re.sub("TEMPLATETYPE", self.name, script.users)
++ if self.type == EUSER:
++ tmp = re.sub("TEMPLATETYPE", self.name, script.eusers)
++ else:
++ tmp = re.sub("TEMPLATETYPE", self.name, script.users)
+ newsh += re.sub("ROLES", roles, tmp)
++
++ if self.type == RUSER:
++ for u in self.transition_users:
++ tmp = re.sub("TEMPLATETYPE", self.name, script.admin_trans)
++ newsh += re.sub("USER", u, tmp)
+ return newsh
+
+ def generate_sh(self):
+ temp = re.sub("TEMPLATETYPE", self.file_name, script.compile)
-+ if self.type == RUSER:
++ if self.type == EUSER:
+ newsh = re.sub("TEMPLATEFILE", "my%s" % self.file_name, temp)
+ else:
+ newsh = re.sub("TEMPLATEFILE", self.file_name, temp)
@@ -5761,9 +10278,9 @@ diff -up /dev/null policycoreutils-2.0.46/gui/polgen.py
+ sys.exit(0)
+
+
-diff -up /dev/null policycoreutils-2.0.46/gui/portsPage.py
---- /dev/null 2008-04-18 15:30:34.773004687 -0400
-+++ policycoreutils-2.0.46/gui/portsPage.py 2008-04-18 13:24:17.000000000 -0400
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/portsPage.py policycoreutils-2.0.46/gui/portsPage.py
+--- nsapolicycoreutils/gui/portsPage.py 1969-12-31 19:00:00.000000000 -0500
++++ policycoreutils-2.0.46/gui/portsPage.py 2008-05-06 14:31:45.000000000 -0400
@@ -0,0 +1,258 @@
+## portsPage.py - show selinux mappings
+## Copyright (C) 2006 Red Hat, Inc.
@@ -6023,9 +10540,9 @@ diff -up /dev/null policycoreutils-2.0.46/gui/portsPage.py
+
+ return True
+
-diff -up /dev/null policycoreutils-2.0.46/gui/selinux.tbl
---- /dev/null 2008-04-18 15:30:34.773004687 -0400
-+++ policycoreutils-2.0.46/gui/selinux.tbl 2008-04-18 13:24:17.000000000 -0400
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/selinux.tbl policycoreutils-2.0.46/gui/selinux.tbl
+--- nsapolicycoreutils/gui/selinux.tbl 1969-12-31 19:00:00.000000000 -0500
++++ policycoreutils-2.0.46/gui/selinux.tbl 2008-05-06 14:31:45.000000000 -0400
@@ -0,0 +1,234 @@
+acct_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for acct daemon")
+allow_daemons_dump_core _("Admin") _("Allow all daemons to write corefiles to /")
@@ -6261,9 +10778,9 @@ diff -up /dev/null policycoreutils-2.0.46/gui/selinux.tbl
+webadm_manage_user_files _("HTTPD Service") _("Allow SELinux webadm user to manage unprivileged users home directories")
+webadm_read_user_files _("HTTPD Service") _("Allow SELinux webadm user to read unprivileged users home directories")
+
-diff -up /dev/null policycoreutils-2.0.46/gui/semanagePage.py
---- /dev/null 2008-04-18 15:30:34.773004687 -0400
-+++ policycoreutils-2.0.46/gui/semanagePage.py 2008-04-18 13:24:17.000000000 -0400
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/semanagePage.py policycoreutils-2.0.46/gui/semanagePage.py
+--- nsapolicycoreutils/gui/semanagePage.py 1969-12-31 19:00:00.000000000 -0500
++++ policycoreutils-2.0.46/gui/semanagePage.py 2008-05-06 14:31:45.000000000 -0400
@@ -0,0 +1,170 @@
+## semanagePage.py - show selinux mappings
+## Copyright (C) 2006 Red Hat, Inc.
@@ -6435,9 +10952,9 @@ diff -up /dev/null policycoreutils-2.0.46/gui/semanagePage.py
+ self.load(self.filter)
+ return True
+
-diff -up /dev/null policycoreutils-2.0.46/gui/statusPage.py
---- /dev/null 2008-04-18 15:30:34.773004687 -0400
-+++ policycoreutils-2.0.46/gui/statusPage.py 2008-04-18 13:24:17.000000000 -0400
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/statusPage.py policycoreutils-2.0.46/gui/statusPage.py
+--- nsapolicycoreutils/gui/statusPage.py 1969-12-31 19:00:00.000000000 -0500
++++ policycoreutils-2.0.46/gui/statusPage.py 2008-05-06 14:31:45.000000000 -0400
@@ -0,0 +1,227 @@
+## statusPage.py - show selinux status
+## Copyright (C) 2006 Red Hat, Inc.
@@ -6666,9 +11183,9 @@ diff -up /dev/null policycoreutils-2.0.46/gui/statusPage.py
+ return self.types[self.selinuxTypeOptionMenu.get_active()]
+
+
-diff -up /dev/null policycoreutils-2.0.46/gui/system-config-selinux.glade
---- /dev/null 2008-04-18 15:30:34.773004687 -0400
-+++ policycoreutils-2.0.46/gui/system-config-selinux.glade 2008-04-18 13:24:17.000000000 -0400
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinux.glade policycoreutils-2.0.46/gui/system-config-selinux.glade
+--- nsapolicycoreutils/gui/system-config-selinux.glade 1969-12-31 19:00:00.000000000 -0500
++++ policycoreutils-2.0.46/gui/system-config-selinux.glade 2008-05-06 14:31:45.000000000 -0400
@@ -0,0 +1,3203 @@
+
+
@@ -9873,9 +14390,9 @@ diff -up /dev/null policycoreutils-2.0.46/gui/system-config-selinux.glade
+
+
+
-diff -up /dev/null policycoreutils-2.0.46/gui/system-config-selinux.py
---- /dev/null 2008-04-18 15:30:34.773004687 -0400
-+++ policycoreutils-2.0.46/gui/system-config-selinux.py 2008-04-18 13:24:17.000000000 -0400
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinux.py policycoreutils-2.0.46/gui/system-config-selinux.py
+--- nsapolicycoreutils/gui/system-config-selinux.py 1969-12-31 19:00:00.000000000 -0500
++++ policycoreutils-2.0.46/gui/system-config-selinux.py 2008-05-06 14:31:45.000000000 -0400
@@ -0,0 +1,175 @@
+#!/usr/bin/python
+#
@@ -10052,9 +14569,9 @@ diff -up /dev/null policycoreutils-2.0.46/gui/system-config-selinux.py
+
+ app = childWindow()
+ app.stand_alone()
-diff -up /dev/null policycoreutils-2.0.46/gui/templates/boolean.py
---- /dev/null 2008-04-18 15:30:34.773004687 -0400
-+++ policycoreutils-2.0.46/gui/templates/boolean.py 2008-04-18 13:24:17.000000000 -0400
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/boolean.py policycoreutils-2.0.46/gui/templates/boolean.py
+--- nsapolicycoreutils/gui/templates/boolean.py 1969-12-31 19:00:00.000000000 -0500
++++ policycoreutils-2.0.46/gui/templates/boolean.py 2008-05-06 14:31:45.000000000 -0400
@@ -0,0 +1,40 @@
+# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information
@@ -10096,9 +14613,9 @@ diff -up /dev/null policycoreutils-2.0.46/gui/templates/boolean.py
+')
+"""
+
-diff -up /dev/null policycoreutils-2.0.46/gui/templates/etc_rw.py
---- /dev/null 2008-04-18 15:30:34.773004687 -0400
-+++ policycoreutils-2.0.46/gui/templates/etc_rw.py 2008-04-18 13:24:17.000000000 -0400
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/etc_rw.py policycoreutils-2.0.46/gui/templates/etc_rw.py
+--- nsapolicycoreutils/gui/templates/etc_rw.py 1969-12-31 19:00:00.000000000 -0500
++++ policycoreutils-2.0.46/gui/templates/etc_rw.py 2008-05-06 14:31:45.000000000 -0400
@@ -0,0 +1,129 @@
+# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information
@@ -10229,9 +14746,9 @@ diff -up /dev/null policycoreutils-2.0.46/gui/templates/etc_rw.py
+fc_dir="""\
+FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_etc_rw_t,s0)
+"""
-diff -up /dev/null policycoreutils-2.0.46/gui/templates/executable.py
---- /dev/null 2008-04-18 15:30:34.773004687 -0400
-+++ policycoreutils-2.0.46/gui/templates/executable.py 2008-04-18 13:24:17.000000000 -0400
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/executable.py policycoreutils-2.0.46/gui/templates/executable.py
+--- nsapolicycoreutils/gui/templates/executable.py 1969-12-31 19:00:00.000000000 -0500
++++ policycoreutils-2.0.46/gui/templates/executable.py 2008-05-06 14:31:45.000000000 -0400
@@ -0,0 +1,328 @@
+# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information
@@ -10561,9 +15078,9 @@ diff -up /dev/null policycoreutils-2.0.46/gui/templates/executable.py
+EXECUTABLE -- gen_context(system_u:object_r:TEMPLATETYPE_script_exec_t,s0)
+"""
+
-diff -up /dev/null policycoreutils-2.0.46/gui/templates/__init__.py
---- /dev/null 2008-04-18 15:30:34.773004687 -0400
-+++ policycoreutils-2.0.46/gui/templates/__init__.py 2008-04-18 13:24:17.000000000 -0400
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/__init__.py policycoreutils-2.0.46/gui/templates/__init__.py
+--- nsapolicycoreutils/gui/templates/__init__.py 1969-12-31 19:00:00.000000000 -0500
++++ policycoreutils-2.0.46/gui/templates/__init__.py 2008-05-06 14:31:45.000000000 -0400
@@ -0,0 +1,18 @@
+#
+# Copyright (C) 2007 Red Hat, Inc.
@@ -10583,9 +15100,9 @@ diff -up /dev/null policycoreutils-2.0.46/gui/templates/__init__.py
+# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+#
+
-diff -up /dev/null policycoreutils-2.0.46/gui/templates/network.py
---- /dev/null 2008-04-18 15:30:34.773004687 -0400
-+++ policycoreutils-2.0.46/gui/templates/network.py 2008-04-18 13:24:17.000000000 -0400
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/network.py policycoreutils-2.0.46/gui/templates/network.py
+--- nsapolicycoreutils/gui/templates/network.py 1969-12-31 19:00:00.000000000 -0500
++++ policycoreutils-2.0.46/gui/templates/network.py 2008-05-06 14:31:45.000000000 -0400
@@ -0,0 +1,80 @@
+te_port_types="""
+type TEMPLATETYPE_port_t;
@@ -10667,9 +15184,9 @@ diff -up /dev/null policycoreutils-2.0.46/gui/templates/network.py
+corenet_udp_bind_all_unreserved_ports(TEMPLATETYPE_t)
+"""
+
-diff -up /dev/null policycoreutils-2.0.46/gui/templates/rw.py
---- /dev/null 2008-04-18 15:30:34.773004687 -0400
-+++ policycoreutils-2.0.46/gui/templates/rw.py 2008-04-18 13:24:17.000000000 -0400
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/rw.py policycoreutils-2.0.46/gui/templates/rw.py
+--- nsapolicycoreutils/gui/templates/rw.py 1969-12-31 19:00:00.000000000 -0500
++++ policycoreutils-2.0.46/gui/templates/rw.py 2008-05-06 14:31:45.000000000 -0400
@@ -0,0 +1,128 @@
+# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information
@@ -10799,10 +15316,10 @@ diff -up /dev/null policycoreutils-2.0.46/gui/templates/rw.py
+fc_dir="""
+FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_rw_t,s0)
+"""
-diff -up /dev/null policycoreutils-2.0.46/gui/templates/script.py
---- /dev/null 2008-04-18 15:30:34.773004687 -0400
-+++ policycoreutils-2.0.46/gui/templates/script.py 2008-04-18 13:24:17.000000000 -0400
-@@ -0,0 +1,91 @@
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/script.py policycoreutils-2.0.46/gui/templates/script.py
+--- nsapolicycoreutils/gui/templates/script.py 1969-12-31 19:00:00.000000000 -0500
++++ policycoreutils-2.0.46/gui/templates/script.py 2008-05-06 14:31:45.000000000 -0400
+@@ -0,0 +1,105 @@
+# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information
+#
@@ -10880,23 +15397,37 @@ diff -up /dev/null policycoreutils-2.0.46/gui/templates/script.py
+"""
+
+restorecon="""\
++# Fixing the file context on FILENAME
+/sbin/restorecon -F -R -v FILENAME
+"""
+
+tcp_ports="""\
++# Adding SELinux tcp port to port PORTNUM
+/usr/sbin/semanage port -a -t TEMPLATETYPE_port_t -p tcp PORTNUM
+"""
+
+udp_ports="""\
++# Adding SELinux udp port to port PORTNUM
+/usr/sbin/semanage port -a -t TEMPLATETYPE_port_t -p udp PORTNUM
+"""
+
+users="""\
-+/usr/sbin/semanage user -a -P TEMPLATETYPE -R "TEMPLATETYPE_rROLES" TEMPLATETYPE_u
++# Adding SELinux user TEMPLATETYPE_u
++/usr/sbin/semanage user -a -R "TEMPLATETYPE_rROLES" TEMPLATETYPE_u
+"""
-diff -up /dev/null policycoreutils-2.0.46/gui/templates/semodule.py
---- /dev/null 2008-04-18 15:30:34.773004687 -0400
-+++ policycoreutils-2.0.46/gui/templates/semodule.py 2008-04-18 13:24:17.000000000 -0400
++
++eusers="""\
++# Adding roles to SELinux user TEMPLATETYPE_u
++/usr/sbin/semanage user -m -R "TEMPLATETYPE_rROLES" TEMPLATETYPE_u
++"""
++
++admin_trans="""\
++# Adding roles to SELinux user USER
++/usr/sbin/semanage user -m -R +TEMPLATETYPE_r USER
++"""
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/semodule.py policycoreutils-2.0.46/gui/templates/semodule.py
+--- nsapolicycoreutils/gui/templates/semodule.py 1969-12-31 19:00:00.000000000 -0500
++++ policycoreutils-2.0.46/gui/templates/semodule.py 2008-05-06 14:31:45.000000000 -0400
@@ -0,0 +1,41 @@
+# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information
@@ -10939,9 +15470,9 @@ diff -up /dev/null policycoreutils-2.0.46/gui/templates/semodule.py
+semanage ports -a -t TEMPLATETYPE_port_t -p udp PORTNUM
+"""
+
-diff -up /dev/null policycoreutils-2.0.46/gui/templates/tmp.py
---- /dev/null 2008-04-18 15:30:34.773004687 -0400
-+++ policycoreutils-2.0.46/gui/templates/tmp.py 2008-04-18 13:24:17.000000000 -0400
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/tmp.py policycoreutils-2.0.46/gui/templates/tmp.py
+--- nsapolicycoreutils/gui/templates/tmp.py 1969-12-31 19:00:00.000000000 -0500
++++ policycoreutils-2.0.46/gui/templates/tmp.py 2008-05-06 14:31:45.000000000 -0400
@@ -0,0 +1,97 @@
+# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information
@@ -11040,9 +15571,9 @@ diff -up /dev/null policycoreutils-2.0.46/gui/templates/tmp.py
+ TEMPLATETYPE_manage_tmp($1)
+"""
+
-diff -up /dev/null policycoreutils-2.0.46/gui/templates/user.py
---- /dev/null 2008-04-18 15:30:34.773004687 -0400
-+++ policycoreutils-2.0.46/gui/templates/user.py 2008-04-18 13:24:17.000000000 -0400
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/user.py policycoreutils-2.0.46/gui/templates/user.py
+--- nsapolicycoreutils/gui/templates/user.py 1969-12-31 19:00:00.000000000 -0500
++++ policycoreutils-2.0.46/gui/templates/user.py 2008-05-06 14:31:45.000000000 -0400
@@ -0,0 +1,182 @@
+# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information
@@ -11226,9 +15757,9 @@ diff -up /dev/null policycoreutils-2.0.46/gui/templates/user.py
+te_newrole_rules="""
+seutil_run_newrole(TEMPLATETYPE_t,TEMPLATETYPE_r,{ TEMPLATETYPE_devpts_t TEMPLATETYPE_tty_device_t })
+"""
-diff -up /dev/null policycoreutils-2.0.46/gui/templates/var_lib.py
---- /dev/null 2008-04-18 15:30:34.773004687 -0400
-+++ policycoreutils-2.0.46/gui/templates/var_lib.py 2008-04-18 13:24:17.000000000 -0400
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_lib.py policycoreutils-2.0.46/gui/templates/var_lib.py
+--- nsapolicycoreutils/gui/templates/var_lib.py 1969-12-31 19:00:00.000000000 -0500
++++ policycoreutils-2.0.46/gui/templates/var_lib.py 2008-05-06 14:31:45.000000000 -0400
@@ -0,0 +1,158 @@
+# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information
@@ -11388,9 +15919,9 @@ diff -up /dev/null policycoreutils-2.0.46/gui/templates/var_lib.py
+fc_dir="""\
+FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_var_lib_t,s0)
+"""
-diff -up /dev/null policycoreutils-2.0.46/gui/templates/var_log.py
---- /dev/null 2008-04-18 15:30:34.773004687 -0400
-+++ policycoreutils-2.0.46/gui/templates/var_log.py 2008-04-18 13:24:17.000000000 -0400
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_log.py policycoreutils-2.0.46/gui/templates/var_log.py
+--- nsapolicycoreutils/gui/templates/var_log.py 1969-12-31 19:00:00.000000000 -0500
++++ policycoreutils-2.0.46/gui/templates/var_log.py 2008-05-06 14:31:45.000000000 -0400
@@ -0,0 +1,110 @@
+# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information
@@ -11502,9 +16033,9 @@ diff -up /dev/null policycoreutils-2.0.46/gui/templates/var_log.py
+fc_dir="""\
+FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_log_t,s0)
+"""
-diff -up /dev/null policycoreutils-2.0.46/gui/templates/var_run.py
---- /dev/null 2008-04-18 15:30:34.773004687 -0400
-+++ policycoreutils-2.0.46/gui/templates/var_run.py 2008-04-18 13:24:17.000000000 -0400
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_run.py policycoreutils-2.0.46/gui/templates/var_run.py
+--- nsapolicycoreutils/gui/templates/var_run.py 1969-12-31 19:00:00.000000000 -0500
++++ policycoreutils-2.0.46/gui/templates/var_run.py 2008-05-06 14:31:45.000000000 -0400
@@ -0,0 +1,118 @@
+# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information
@@ -11624,9 +16155,9 @@ diff -up /dev/null policycoreutils-2.0.46/gui/templates/var_run.py
+FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_var_run_t,s0)
+"""
+
-diff -up /dev/null policycoreutils-2.0.46/gui/templates/var_spool.py
---- /dev/null 2008-04-18 15:30:34.773004687 -0400
-+++ policycoreutils-2.0.46/gui/templates/var_spool.py 2008-04-18 13:24:17.000000000 -0400
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_spool.py policycoreutils-2.0.46/gui/templates/var_spool.py
+--- nsapolicycoreutils/gui/templates/var_spool.py 1969-12-31 19:00:00.000000000 -0500
++++ policycoreutils-2.0.46/gui/templates/var_spool.py 2008-05-06 14:31:45.000000000 -0400
@@ -0,0 +1,129 @@
+# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information
@@ -11757,9 +16288,9 @@ diff -up /dev/null policycoreutils-2.0.46/gui/templates/var_spool.py
+fc_dir="""\
+FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_spool_t,s0)
+"""
-diff -up /dev/null policycoreutils-2.0.46/gui/translationsPage.py
---- /dev/null 2008-04-18 15:30:34.773004687 -0400
-+++ policycoreutils-2.0.46/gui/translationsPage.py 2008-04-18 13:24:17.000000000 -0400
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/translationsPage.py policycoreutils-2.0.46/gui/translationsPage.py
+--- nsapolicycoreutils/gui/translationsPage.py 1969-12-31 19:00:00.000000000 -0500
++++ policycoreutils-2.0.46/gui/translationsPage.py 2008-05-06 14:31:45.000000000 -0400
@@ -0,0 +1,118 @@
+## translationsPage.py - show selinux translations
+## Copyright (C) 2006 Red Hat, Inc.
@@ -11879,9 +16410,9 @@ diff -up /dev/null policycoreutils-2.0.46/gui/translationsPage.py
+ store, iter = self.view.get_selection().get_selected()
+ self.store.set_value(iter, 0, level)
+ self.store.set_value(iter, 1, translation)
-diff -up /dev/null policycoreutils-2.0.46/gui/usersPage.py
---- /dev/null 2008-04-18 15:30:34.773004687 -0400
-+++ policycoreutils-2.0.46/gui/usersPage.py 2008-04-18 13:24:17.000000000 -0400
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/usersPage.py policycoreutils-2.0.46/gui/usersPage.py
+--- nsapolicycoreutils/gui/usersPage.py 1969-12-31 19:00:00.000000000 -0500
++++ policycoreutils-2.0.46/gui/usersPage.py 2008-05-06 14:31:45.000000000 -0400
@@ -0,0 +1,150 @@
+## usersPage.py - show selinux mappings
+## Copyright (C) 2006,2007,2008 Red Hat, Inc.
diff --git a/policycoreutils-po.patch b/policycoreutils-po.patch
index f1e9e12..2a321a2 100644
--- a/policycoreutils-po.patch
+++ b/policycoreutils-po.patch
@@ -1,16 +1,16 @@
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/af.po policycoreutils-2.0.35/po/af.po
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/af.po policycoreutils-2.0.46/po/af.po
--- nsapolicycoreutils/po/af.po 2007-07-16 14:20:42.000000000 -0400
-+++ policycoreutils-2.0.35/po/af.po 2008-01-11 16:25:09.000000000 -0500
++++ policycoreutils-2.0.46/po/af.po 2008-04-30 12:16:05.000000000 -0400
@@ -8,7 +8,7 @@
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2006-11-21 14:21-0500\n"
-+"POT-Creation-Date: 2007-09-14 10:36-0400\n"
++"POT-Creation-Date: 2008-03-20 10:33-0400\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME \n"
"Language-Team: LANGUAGE \n"
-@@ -16,1013 +16,3357 @@
+@@ -16,1013 +16,3244 @@
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
@@ -25,7 +25,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/af.po policycoreutils
msgstr ""
-#: ../load_policy/load_policy.c:66
-+#: ../run_init/run_init.c:126 ../newrole/newrole.c:1170
++#: ../run_init/run_init.c:126 ../newrole/newrole.c:1187
#, c-format
-msgid "%s: Can't load policy: %s\n"
+msgid "failed to initialize PAM\n"
@@ -39,18 +39,18 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/af.po policycoreutils
msgstr ""
-#: ../newrole/newrole.c:218 ../run_init/run_init.c:162
-+#: ../run_init/run_init.c:162 ../newrole/newrole.c:334
++#: ../run_init/run_init.c:162 ../newrole/newrole.c:338
msgid "Password:"
msgstr ""
-#: ../newrole/newrole.c:243 ../run_init/run_init.c:197
-+#: ../run_init/run_init.c:197 ../newrole/newrole.c:359
++#: ../run_init/run_init.c:197 ../newrole/newrole.c:363
#, c-format
msgid "Cannot find your entry in the shadow passwd file.\n"
msgstr ""
-#: ../newrole/newrole.c:250 ../run_init/run_init.c:203
-+#: ../run_init/run_init.c:203 ../newrole/newrole.c:366
++#: ../run_init/run_init.c:203 ../newrole/newrole.c:370
#, c-format
msgid "getpass cannot open /dev/tty\n"
msgstr ""
@@ -91,7 +91,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/af.po policycoreutils
msgstr ""
-#: ../newrole/newrole.c:444 ../newrole/newrole.c:519
-+#: ../run_init/run_init.c:405 ../newrole/newrole.c:1302
++#: ../run_init/run_init.c:405 ../newrole/newrole.c:1321
#, c-format
-msgid "Error setting capabilities, aborting\n"
+msgid "Could not set exec context to %s.\n"
@@ -100,363 +100,365 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/af.po policycoreutils
-#: ../newrole/newrole.c:450
-#, c-format
-msgid "Error setting KEEPCAPS, aborting\n"
-+#: ../audit2allow/audit2allow:209
++#: ../audit2allow/audit2allow:216
+msgid "******************** IMPORTANT ***********************\n"
msgstr ""
-#: ../newrole/newrole.c:458 ../newrole/newrole.c:531
-#, c-format
-msgid "Error dropping capabilities, aborting\n"
-+#: ../audit2allow/audit2allow:210
++#: ../audit2allow/audit2allow:217
+msgid "To make this policy package active, execute:"
msgstr ""
-#: ../newrole/newrole.c:464 ../newrole/newrole.c:562
-#, c-format
-msgid "Error changing uid, aborting.\n"
-+#: ../semanage/seobject.py:135
-+msgid "translations not supported on non-MLS machines"
++#: ../semanage/seobject.py:111 ../semanage/seobject.py:115
++msgid "global"
msgstr ""
-#: ../newrole/newrole.c:470 ../newrole/newrole.c:525 ../newrole/newrole.c:557
-#, c-format
-msgid "Error resetting KEEPCAPS, aborting\n"
-+#: ../semanage/seobject.py:142
-+#, python-format
-+msgid "Unable to open %s: translations not supported on non-MLS machines"
++#: ../semanage/seobject.py:170
++msgid "translations not supported on non-MLS machines"
msgstr ""
-#: ../newrole/newrole.c:477
-#, c-format
-msgid "Error dropping SETUID capability, aborting\n"
-+#: ../semanage/seobject.py:175
-+msgid "Level"
++#: ../semanage/seobject.py:177
++#, python-format
++msgid "Unable to open %s: translations not supported on non-MLS machines: %s"
msgstr ""
-#: ../newrole/newrole.c:482 ../newrole/newrole.c:536
-#, c-format
-msgid "Error freeing caps\n"
-+#: ../semanage/seobject.py:175 ../gui/system-config-selinux.glade:651
-+#: ../gui/translationsPage.py:43 ../gui/translationsPage.py:59
-+msgid "Translation"
++#: ../semanage/seobject.py:210
++msgid "Level"
msgstr ""
-#: ../newrole/newrole.c:580
-#, c-format
-msgid "Error connecting to audit system.\n"
-+#: ../semanage/seobject.py:183 ../semanage/seobject.py:197
-+#, python-format
-+msgid "Translations can not contain spaces '%s' "
++#: ../semanage/seobject.py:210 ../gui/system-config-selinux.glade:651
++#: ../gui/translationsPage.py:43 ../gui/translationsPage.py:59
++msgid "Translation"
msgstr ""
-#: ../newrole/newrole.c:586
-#, c-format
-msgid "Error allocating memory.\n"
-+#: ../semanage/seobject.py:186
++#: ../semanage/seobject.py:218 ../semanage/seobject.py:232
+#, python-format
-+msgid "Invalid Level '%s' "
++msgid "Translations can not contain spaces '%s' "
msgstr ""
-#: ../newrole/newrole.c:593
-#, c-format
-msgid "Error sending audit message.\n"
-+#: ../semanage/seobject.py:189
++#: ../semanage/seobject.py:221
+#, python-format
-+msgid "%s already defined in translations"
++msgid "Invalid Level '%s' "
msgstr ""
-#: ../newrole/newrole.c:634 ../newrole/newrole.c:978
-#, c-format
-msgid "Could not determine enforcing mode.\n"
-+#: ../semanage/seobject.py:201
++#: ../semanage/seobject.py:224
+#, python-format
-+msgid "%s not defined in translations"
++msgid "%s already defined in translations"
msgstr ""
-#: ../newrole/newrole.c:641
-#, c-format
-msgid "Error! Could not open %s.\n"
-+#: ../semanage/seobject.py:219
-+msgid "Could not create semanage handle"
++#: ../semanage/seobject.py:236
++#, python-format
++msgid "%s not defined in translations"
msgstr ""
-#: ../newrole/newrole.c:646
-#, c-format
-msgid "%s! Could not get current context for %s, not relabeling tty.\n"
-+#: ../semanage/seobject.py:225
-+msgid "SELinux policy is not managed or store cannot be accessed."
++#: ../semanage/seobject.py:254
++msgid "Could not create semanage handle"
msgstr ""
-#: ../newrole/newrole.c:656
-#, c-format
-msgid "%s! Could not get new context for %s, not relabeling tty.\n"
-+#: ../semanage/seobject.py:230
-+msgid "Cannot read policy store."
++#: ../semanage/seobject.py:263
++msgid "SELinux policy is not managed or store cannot be accessed."
msgstr ""
-#: ../newrole/newrole.c:666
-#, c-format
-msgid "%s! Could not set new context for %s\n"
-+#: ../semanage/seobject.py:235
-+msgid "Could not establish semanage connection"
++#: ../semanage/seobject.py:268
++msgid "Cannot read policy store."
msgstr ""
-#: ../newrole/newrole.c:710
-#, c-format
-msgid "%s changed labels.\n"
-+#: ../semanage/seobject.py:254 ../semanage/seobject.py:312
-+#: ../semanage/seobject.py:359 ../semanage/seobject.py:440
-+#: ../semanage/seobject.py:511 ../semanage/seobject.py:573
-+#: ../semanage/seobject.py:1112 ../semanage/seobject.py:1164
-+#: ../semanage/seobject.py:1239 ../semanage/seobject.py:1273
-+#, python-format
-+msgid "Could not create a key for %s"
++#: ../semanage/seobject.py:273
++msgid "Could not establish semanage connection"
msgstr ""
-#: ../newrole/newrole.c:716
-#, c-format
-msgid "Warning! Could not restore context for %s\n"
-+#: ../semanage/seobject.py:258 ../semanage/seobject.py:316
-+#: ../semanage/seobject.py:363 ../semanage/seobject.py:369
-+#, python-format
-+msgid "Could not check if login mapping for %s is defined"
++#: ../semanage/seobject.py:275
++msgid "Not yet implemented"
msgstr ""
-#: ../newrole/newrole.c:772
-#, c-format
-msgid "Error: multiple roles specified\n"
-+#: ../semanage/seobject.py:260
++#: ../semanage/seobject.py:295 ../semanage/seobject.py:353
++#: ../semanage/seobject.py:400 ../semanage/seobject.py:483
++#: ../semanage/seobject.py:554 ../semanage/seobject.py:616
++#: ../semanage/seobject.py:834 ../semanage/seobject.py:1202
++#: ../semanage/seobject.py:1266 ../semanage/seobject.py:1280
++#: ../semanage/seobject.py:1358 ../semanage/seobject.py:1395
++#: ../semanage/seobject.py:1435
+#, python-format
-+msgid "Login mapping for %s is already defined"
++msgid "Could not create a key for %s"
msgstr ""
-#: ../newrole/newrole.c:780
-#, c-format
-msgid "Error: multiple types specified\n"
-+#: ../semanage/seobject.py:264
++#: ../semanage/seobject.py:299 ../semanage/seobject.py:357
++#: ../semanage/seobject.py:404 ../semanage/seobject.py:410
+#, python-format
-+msgid "Linux User %s does not exist"
++msgid "Could not check if login mapping for %s is defined"
msgstr ""
-#: ../newrole/newrole.c:787
-#, c-format
-msgid "Sorry, -l may be used with SELinux MLS support.\n"
-+#: ../semanage/seobject.py:268
++#: ../semanage/seobject.py:301
+#, python-format
-+msgid "Could not create login mapping for %s"
++msgid "Login mapping for %s is already defined"
msgstr ""
-#: ../newrole/newrole.c:792
-#, c-format
-msgid "Error: multiple levels specified\n"
-+#: ../semanage/seobject.py:272 ../semanage/seobject.py:454
++#: ../semanage/seobject.py:305
+#, python-format
-+msgid "Could not set name for %s"
++msgid "Linux User %s does not exist"
msgstr ""
-#: ../newrole/newrole.c:814
-#, c-format
-msgid "Couldn't get default type.\n"
-+#: ../semanage/seobject.py:277 ../semanage/seobject.py:464
++#: ../semanage/seobject.py:309
+#, python-format
-+msgid "Could not set MLS range for %s"
++msgid "Could not create login mapping for %s"
msgstr ""
-#: ../newrole/newrole.c:824
-#, c-format
-msgid "failed to get new context.\n"
-+#: ../semanage/seobject.py:281
++#: ../semanage/seobject.py:313 ../semanage/seobject.py:497
+#, python-format
-+msgid "Could not set SELinux user for %s"
++msgid "Could not set name for %s"
msgstr ""
-#: ../newrole/newrole.c:831
-#, c-format
-msgid "failed to set new role %s\n"
-+#: ../semanage/seobject.py:285 ../semanage/seobject.py:337
-+#: ../semanage/seobject.py:375 ../semanage/seobject.py:480
-+#: ../semanage/seobject.py:550 ../semanage/seobject.py:589
-+#: ../semanage/seobject.py:716 ../semanage/seobject.py:758
-+#: ../semanage/seobject.py:787 ../semanage/seobject.py:914
-+#: ../semanage/seobject.py:955 ../semanage/seobject.py:987
-+#: ../semanage/seobject.py:1091 ../semanage/seobject.py:1148
-+#: ../semanage/seobject.py:1180 ../semanage/seobject.py:1257
-+#: ../semanage/seobject.py:1289
-+msgid "Could not start semanage transaction"
++#: ../semanage/seobject.py:318 ../semanage/seobject.py:507
++#, python-format
++msgid "Could not set MLS range for %s"
msgstr ""
-#: ../newrole/newrole.c:838
-#, c-format
-msgid "failed to set new type %s\n"
-+#: ../semanage/seobject.py:289 ../semanage/seobject.py:293
++#: ../semanage/seobject.py:322
+#, python-format
-+msgid "Could not add login mapping for %s"
++msgid "Could not set SELinux user for %s"
msgstr ""
-#: ../newrole/newrole.c:847
-#, c-format
-msgid "failed to build new range with level %s\n"
-+#: ../semanage/seobject.py:296 ../semanage/seobject.py:299
-+msgid "add SELinux user mapping"
++#: ../semanage/seobject.py:326 ../semanage/seobject.py:378
++#: ../semanage/seobject.py:416 ../semanage/seobject.py:523
++#: ../semanage/seobject.py:593 ../semanage/seobject.py:632
++#: ../semanage/seobject.py:762 ../semanage/seobject.py:804
++#: ../semanage/seobject.py:824 ../semanage/seobject.py:861
++#: ../semanage/seobject.py:994 ../semanage/seobject.py:1035
++#: ../semanage/seobject.py:1067 ../semanage/seobject.py:1180
++#: ../semanage/seobject.py:1238 ../semanage/seobject.py:1258
++#: ../semanage/seobject.py:1296 ../semanage/seobject.py:1378
++#: ../semanage/seobject.py:1411 ../semanage/seobject.py:1429
++msgid "Could not start semanage transaction"
msgstr ""
-#: ../newrole/newrole.c:852
-#, c-format
-msgid "failed to set new range %s\n"
-+#: ../semanage/seobject.py:308
-+msgid "Requires seuser or serange"
++#: ../semanage/seobject.py:330 ../semanage/seobject.py:334
++#, python-format
++msgid "Could not add login mapping for %s"
msgstr ""
-#: ../newrole/newrole.c:860
-#, c-format
-msgid "failed to convert new context to string\n"
-+#: ../semanage/seobject.py:318 ../semanage/seobject.py:365
-+#, python-format
-+msgid "Login mapping for %s is not defined"
++#: ../semanage/seobject.py:337 ../semanage/seobject.py:340
++msgid "add SELinux user mapping"
msgstr ""
-#: ../newrole/newrole.c:865
-#, c-format
-msgid "%s is not a valid context\n"
-+#: ../semanage/seobject.py:322
-+#, python-format
-+msgid "Could not query seuser for %s"
++#: ../semanage/seobject.py:349
++msgid "Requires seuser or serange"
msgstr ""
-#: ../newrole/newrole.c:872
-#, c-format
-msgid "Unable to allocate memory for new_context"
-+#: ../semanage/seobject.py:341 ../semanage/seobject.py:345
++#: ../semanage/seobject.py:359 ../semanage/seobject.py:406
+#, python-format
-+msgid "Could not modify login mapping for %s"
++msgid "Login mapping for %s is not defined"
msgstr ""
-#: ../newrole/newrole.c:898
-#, c-format
-msgid "Unable to obtain empty signal set\n"
-+#: ../semanage/seobject.py:371
++#: ../semanage/seobject.py:363
+#, python-format
-+msgid "Login mapping for %s is defined in policy, cannot be deleted"
++msgid "Could not query seuser for %s"
msgstr ""
-#: ../newrole/newrole.c:906
-#, c-format
-msgid "Unable to set SIGHUP handler\n"
-+#: ../semanage/seobject.py:380 ../semanage/seobject.py:384
++#: ../semanage/seobject.py:382 ../semanage/seobject.py:386
+#, python-format
-+msgid "Could not delete login mapping for %s"
++msgid "Could not modify login mapping for %s"
msgstr ""
-#: ../newrole/newrole.c:972
-#, c-format
-msgid "Sorry, newrole may be used only on a SELinux kernel.\n"
-+#: ../semanage/seobject.py:398
-+msgid "Could not list login mappings"
++#: ../semanage/seobject.py:412
++#, python-format
++msgid "Login mapping for %s is defined in policy, cannot be deleted"
msgstr ""
-#: ../newrole/newrole.c:989
-#, c-format
-msgid "failed to get old_context.\n"
-+#: ../semanage/seobject.py:411 ../semanage/seobject.py:416
-+#: ../gui/system-config-selinux.glade:100
-+msgid "Login Name"
++#: ../semanage/seobject.py:421 ../semanage/seobject.py:425
++#, python-format
++msgid "Could not delete login mapping for %s"
msgstr ""
-#: ../newrole/newrole.c:996
-#, c-format
-msgid "Error! Could not retrieve tty information.\n"
-+#: ../semanage/seobject.py:411 ../semanage/seobject.py:416
-+#: ../semanage/seobject.py:629 ../semanage/seobject.py:634
-+#: ../gui/system-config-selinux.glade:128
-+#: ../gui/system-config-selinux.glade:1107
-+msgid "SELinux User"
++#: ../semanage/seobject.py:441
++msgid "Could not list login mappings"
msgstr ""
-#: ../newrole/newrole.c:1015
-#, c-format
-msgid "Authenticating %s.\n"
-+#: ../semanage/seobject.py:411 ../gui/system-config-selinux.glade:156
-+#: ../gui/system-config-selinux.glade:1163
-+msgid "MLS/MCS Range"
++#: ../semanage/seobject.py:454 ../semanage/seobject.py:459
++#: ../gui/system-config-selinux.glade:100
++msgid "Login Name"
msgstr ""
-#: ../newrole/newrole.c:1020 ../run_init/run_init.c:126
-#, c-format
-msgid "failed to initialize PAM\n"
-+#: ../semanage/seobject.py:444 ../semanage/seobject.py:515
-+#: ../semanage/seobject.py:577 ../semanage/seobject.py:583
-+#, python-format
-+msgid "Could not check if SELinux user %s is defined"
++#: ../semanage/seobject.py:454 ../semanage/seobject.py:459
++#: ../semanage/seobject.py:675 ../semanage/seobject.py:680
++#: ../gui/system-config-selinux.glade:128
++#: ../gui/system-config-selinux.glade:1107
++msgid "SELinux User"
msgstr ""
-#: ../newrole/newrole.c:1029
-#, c-format
-msgid "newrole: incorrect password for %s\n"
-+#: ../semanage/seobject.py:446
-+#, python-format
-+msgid "SELinux user %s is already defined"
++#: ../semanage/seobject.py:454 ../gui/system-config-selinux.glade:156
++#: ../gui/system-config-selinux.glade:1135
++msgid "MLS/MCS Range"
msgstr ""
-#: ../newrole/newrole.c:1056
-#, c-format
-msgid "newrole: failure forking: %s"
-+#: ../semanage/seobject.py:450
++#: ../semanage/seobject.py:487 ../semanage/seobject.py:558
++#: ../semanage/seobject.py:620 ../semanage/seobject.py:626
+#, python-format
-+msgid "Could not create SELinux user for %s"
++msgid "Could not check if SELinux user %s is defined"
msgstr ""
-#: ../newrole/newrole.c:1059 ../newrole/newrole.c:1082
-#, c-format
-msgid "Unable to restore tty label...\n"
-+#: ../semanage/seobject.py:459
++#: ../semanage/seobject.py:489
+#, python-format
-+msgid "Could not add role %s for %s"
++msgid "SELinux user %s is already defined"
msgstr ""
-#: ../newrole/newrole.c:1061 ../newrole/newrole.c:1088
-#, c-format
-msgid "Failed to close tty properly\n"
-+#: ../semanage/seobject.py:468
++#: ../semanage/seobject.py:493
+#, python-format
-+msgid "Could not set MLS level for %s"
++msgid "Could not create SELinux user for %s"
msgstr ""
-#: ../newrole/newrole.c:1117
-#, c-format
-msgid "Could not close descriptors.\n"
-+#: ../semanage/seobject.py:470 ../semanage/seobject.py:537
++#: ../semanage/seobject.py:502
+#, python-format
-+msgid "Invalid prefix %s"
++msgid "Could not add role %s for %s"
msgstr ""
-#: ../newrole/newrole.c:1140
-#, c-format
-msgid "Error allocating shell's argv0.\n"
-+#: ../semanage/seobject.py:473
++#: ../semanage/seobject.py:511
+#, python-format
-+msgid "Could not add prefix %s for %s"
++msgid "Could not set MLS level for %s"
msgstr ""
-#: ../newrole/newrole.c:1147 ../run_init/run_init.c:405
-#, c-format
-msgid "Could not set exec context to %s.\n"
-+#: ../semanage/seobject.py:476
++#: ../semanage/seobject.py:513 ../semanage/seobject.py:580
+#, python-format
-+msgid "Could not extract key for %s"
++msgid "Invalid prefix %s"
msgstr ""
-#: ../newrole/newrole.c:1173
-#, c-format
-msgid "Unable to restore the environment, aborting\n"
-+#: ../semanage/seobject.py:484 ../semanage/seobject.py:488
++#: ../semanage/seobject.py:516
+#, python-format
-+msgid "Could not add SELinux user %s"
++msgid "Could not add prefix %s for %s"
msgstr ""
-#: ../newrole/newrole.c:1184
-msgid "failed to exec shell\n"
-+#: ../semanage/seobject.py:505
-+msgid "Requires prefix, roles, level or range"
++#: ../semanage/seobject.py:519
++#, python-format
++msgid "Could not extract key for %s"
msgstr ""
-#: ../run_init/run_init.c:67
@@ -464,829 +466,884 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/po/af.po policycoreutils
-"USAGE: run_init