Add back lockdown wizard for booleans using pywebkitgtk

2011-09-08 09:47:43 -04:00 · 2011-09-08 09:47:43 -04:00 · 2d6eafee19
commit 2d6eafee19
parent 78175de296
3 changed files with 242 additions and 175 deletions
--- a/policycoreutils-gui.patch
+++ b/policycoreutils-gui.patch
@ -1,6 +1,6 @@
 diff -up policycoreutils-2.1.5/gui/booleansPage.py.gui policycoreutils-2.1.5/gui/booleansPage.py
--- policycoreutils-2.1.5/gui/booleansPage.py.gui	2011-09-06 13:15:33.016804593 -0400
+--- policycoreutils-2.1.5/gui/booleansPage.py.gui	2011-09-07 16:58:08.229268533 -0400
-+++ policycoreutils-2.1.5/gui/booleansPage.py	2011-09-06 13:15:33.016804593 -0400
+++ policycoreutils-2.1.5/gui/booleansPage.py	2011-09-07 16:58:08.229268533 -0400
@@ -0,0 +1,247 @@
 +#
 +# booleansPage.py - GUI for Booleans page in system-config-securitylevel
@ -250,8 +250,8 @@ diff -up policycoreutils-2.1.5/gui/booleansPage.py.gui policycoreutils-2.1.5/gui
 +        return True
 +        
 diff -up policycoreutils-2.1.5/gui/domainsPage.py.gui policycoreutils-2.1.5/gui/domainsPage.py
--- policycoreutils-2.1.5/gui/domainsPage.py.gui	2011-09-06 13:15:33.016804593 -0400
+--- policycoreutils-2.1.5/gui/domainsPage.py.gui	2011-09-07 16:58:08.230268533 -0400
-+++ policycoreutils-2.1.5/gui/domainsPage.py	2011-09-06 13:15:33.017804594 -0400
+++ policycoreutils-2.1.5/gui/domainsPage.py	2011-09-07 16:58:08.230268533 -0400
@@ -0,0 +1,154 @@
 +## domainsPage.py - show selinux domains
 +## Copyright (C) 2009 Red Hat, Inc.
@ -408,8 +408,8 @@ diff -up policycoreutils-2.1.5/gui/domainsPage.py.gui policycoreutils-2.1.5/gui/
 +        except ValueError, e:
 +            self.error(e.args[0])
 diff -up policycoreutils-2.1.5/gui/fcontextPage.py.gui policycoreutils-2.1.5/gui/fcontextPage.py
--- policycoreutils-2.1.5/gui/fcontextPage.py.gui	2011-09-06 13:15:33.017804594 -0400
+--- policycoreutils-2.1.5/gui/fcontextPage.py.gui	2011-09-07 16:58:08.230268533 -0400
-+++ policycoreutils-2.1.5/gui/fcontextPage.py	2011-09-06 13:15:33.018804595 -0400
+++ policycoreutils-2.1.5/gui/fcontextPage.py	2011-09-07 16:58:08.231268533 -0400
@@ -0,0 +1,223 @@
 +## fcontextPage.py - show selinux mappings
 +## Copyright (C) 2006 Red Hat, Inc.
@ -635,8 +635,8 @@ diff -up policycoreutils-2.1.5/gui/fcontextPage.py.gui policycoreutils-2.1.5/gui
 +        self.store.set_value(iter, FTYPE_COL, ftype)
 +        self.store.set_value(iter, TYPE_COL, "%s:%s" % (type, mls))
 diff -up policycoreutils-2.1.5/gui/html_util.py.gui policycoreutils-2.1.5/gui/html_util.py
--- policycoreutils-2.1.5/gui/html_util.py.gui	2011-09-06 13:15:33.018804595 -0400
+--- policycoreutils-2.1.5/gui/html_util.py.gui	2011-09-07 16:58:08.231268533 -0400
-+++ policycoreutils-2.1.5/gui/html_util.py	2011-09-06 13:15:33.018804595 -0400
+++ policycoreutils-2.1.5/gui/html_util.py	2011-09-07 16:58:08.231268533 -0400
@@ -0,0 +1,164 @@
 +# Authors: John Dennis <jdennis@redhat.com>
 +#
@ -803,8 +803,8 @@ diff -up policycoreutils-2.1.5/gui/html_util.py.gui policycoreutils-2.1.5/gui/ht
 +    return doc
 +
 diff -up policycoreutils-2.1.5/gui/lockdown.glade.gui policycoreutils-2.1.5/gui/lockdown.glade
--- policycoreutils-2.1.5/gui/lockdown.glade.gui	2011-09-06 13:15:33.020804597 -0400
+--- policycoreutils-2.1.5/gui/lockdown.glade.gui	2011-09-07 16:58:08.232268533 -0400
-+++ policycoreutils-2.1.5/gui/lockdown.glade	2011-09-06 13:15:33.020804597 -0400
+++ policycoreutils-2.1.5/gui/lockdown.glade	2011-09-07 16:58:08.232268533 -0400
@@ -0,0 +1,771 @@
 +<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*-->
 +<!DOCTYPE glade-interface SYSTEM "http://glade.gnome.org/glade-2.0.dtd">
@ -1578,8 +1578,8 @@ diff -up policycoreutils-2.1.5/gui/lockdown.glade.gui policycoreutils-2.1.5/gui/
 +
 +</glade-interface>
 diff -up policycoreutils-2.1.5/gui/lockdown.gladep.gui policycoreutils-2.1.5/gui/lockdown.gladep
--- policycoreutils-2.1.5/gui/lockdown.gladep.gui	2011-09-06 13:15:33.021804598 -0400
+--- policycoreutils-2.1.5/gui/lockdown.gladep.gui	2011-09-07 16:58:08.233268533 -0400
-+++ policycoreutils-2.1.5/gui/lockdown.gladep	2011-09-06 13:15:33.021804598 -0400
+++ policycoreutils-2.1.5/gui/lockdown.gladep	2011-09-07 16:58:08.233268533 -0400
@@ -0,0 +1,7 @@
 +<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*-->
 +<!DOCTYPE glade-project SYSTEM "http://glade.gnome.org/glade-project-2.0.dtd">
@ -1589,10 +1589,10 @@ diff -up policycoreutils-2.1.5/gui/lockdown.gladep.gui policycoreutils-2.1.5/gui
 +  <program_name></program_name>
 +</glade-project>
 diff -up policycoreutils-2.1.5/gui/lockdown.py.gui policycoreutils-2.1.5/gui/lockdown.py
--- policycoreutils-2.1.5/gui/lockdown.py.gui	2011-09-06 13:15:33.022804599 -0400
+--- policycoreutils-2.1.5/gui/lockdown.py.gui	2011-09-07 16:58:08.234268533 -0400
-+++ policycoreutils-2.1.5/gui/lockdown.py	2011-09-06 13:15:33.022804599 -0400
+++ policycoreutils-2.1.5/gui/lockdown.py	2011-09-08 09:42:14.245334273 -0400
-@@ -0,0 +1,382 @@
+@@ -0,0 +1,375 @@
-+#!/usr/bin/python -Es
+#!/usr/bin/python
 +#
 +# lockdown.py - GUI for Booleans page in system-config-securitylevel
 +#
@ -1623,7 +1623,7 @@ diff -up policycoreutils-2.1.5/gui/lockdown.py.gui policycoreutils-2.1.5/gui/loc
 +import sys
 +import selinux
 +import seobject
-+import gtkhtml2
+import webkit
 +import commands
 +import tempfile
 +
@ -1714,18 +1714,14 @@ diff -up policycoreutils-2.1.5/gui/lockdown.py.gui policycoreutils-2.1.5/gui/loc
 +        col.set_resizable(True)
 +        self.view.append_column(col)
 +
-+        self.html_view, self.doc = self.create_htmlview(self.html_scrolledwindow)
+        self.html_view = self.create_htmlview(self.html_scrolledwindow)
 +        self.load()
 +        self.view.get_selection().select_path ((0,))
 +
 +    def create_htmlview(self, container):
-+        view = gtkhtml2.View()
+        view = webkit.WebView()
 +        doc = gtkhtml2.Document()
 +        container.set_hadjustment(view.get_hadjustment())
 +        container.set_vadjustment(view.get_vadjustment())
 +        view.set_document(doc)
 +        container.add(view)
-+        return (view, doc)
+        return (view)
 +
 +    def wait(self):
 +        self.window.set_cursor(self.busy_cursor)
@ -1922,8 +1918,6 @@ diff -up policycoreutils-2.1.5/gui/lockdown.py.gui policycoreutils-2.1.5/gui/loc
 +            self.cat =  None
 +
 +        self.name =  store.get_value(iter, BOOLEAN)
 +        self.doc.clear()
 +        self.doc.open_stream("text/html")
 +
 +        html = ''
 +
@ -1956,8 +1950,7 @@ diff -up policycoreutils-2.1.5/gui/lockdown.py.gui policycoreutils-2.1.5/gui/loc
 +                        self.default_radiobutton.set_active(True)
 +        html_doc= html_document(html)
 +
-+        self.doc.write_stream(html_doc)
+        self.html_view.load_html_string(html, "")
 +        self.doc.close_stream()
 +
 +    def stand_alone(self):
 +        desktopName = _("Lockdown SELinux Booleans")
@ -1975,8 +1968,8 @@ diff -up policycoreutils-2.1.5/gui/lockdown.py.gui policycoreutils-2.1.5/gui/loc
 +    app = booleanWindow()
 +    app.stand_alone()
 diff -up policycoreutils-2.1.5/gui/loginsPage.py.gui policycoreutils-2.1.5/gui/loginsPage.py
--- policycoreutils-2.1.5/gui/loginsPage.py.gui	2011-09-06 13:15:33.023804600 -0400
+--- policycoreutils-2.1.5/gui/loginsPage.py.gui	2011-09-07 16:58:08.234268533 -0400
-+++ policycoreutils-2.1.5/gui/loginsPage.py	2011-09-06 13:15:33.023804600 -0400
+++ policycoreutils-2.1.5/gui/loginsPage.py	2011-09-07 16:58:08.234268533 -0400
@@ -0,0 +1,185 @@
 +## loginsPage.py - show selinux mappings
 +## Copyright (C) 2006 Red Hat, Inc.
@ -2164,9 +2157,9 @@ diff -up policycoreutils-2.1.5/gui/loginsPage.py.gui policycoreutils-2.1.5/gui/l
 +        self.store.set_value(iter, 2, seobject.translate(serange))
 +
 diff -up policycoreutils-2.1.5/gui/Makefile.gui policycoreutils-2.1.5/gui/Makefile
--- policycoreutils-2.1.5/gui/Makefile.gui	2011-09-06 13:15:33.023804600 -0400
+--- policycoreutils-2.1.5/gui/Makefile.gui	2011-09-07 16:58:08.235268532 -0400
-+++ policycoreutils-2.1.5/gui/Makefile	2011-09-06 13:16:40.940907544 -0400
+++ policycoreutils-2.1.5/gui/Makefile	2011-09-08 09:43:07.615249107 -0400
-@@ -0,0 +1,38 @@
+@@ -0,0 +1,40 @@
 +# Installation directories.
 +PREFIX ?= ${DESTDIR}/usr
 +BINDIR ?= $(PREFIX)/bin
@ -2182,13 +2175,14 @@ diff -up policycoreutils-2.1.5/gui/Makefile.gui policycoreutils-2.1.5/gui/Makefi
 +modulesPage.py \
 +polgen.glade \
 +portsPage.py \
 +lockdown.glade \
 +semanagePage.py \
 +statusPage.py \
 +system-config-selinux.glade \
 +usersPage.py \
 +selinux.tbl
 +
-+all: $(TARGETS) system-config-selinux.py polgengui.py templates polgen.py 
+all: $(TARGETS) system-config-selinux.py polgengui.py templates lockdown.py polgen.py 
 +
 +install: all
 +	-mkdir -p $(SHAREDIR)/templates
@ -2197,6 +2191,7 @@ diff -up policycoreutils-2.1.5/gui/Makefile.gui policycoreutils-2.1.5/gui/Makefi
 +	install -m 755 polgengui.py $(SHAREDIR)
 +	install -m 755 polgen.py $(SHAREDIR)
 +	(cd $(BINDIR); 	ln -fs ../share/system-config-selinux/polgen.py sepolgen)
 +	install -m 755 lockdown.py $(SHAREDIR)
 +	install -m 644 $(TARGETS) $(SHAREDIR)
 +	install -m 644 templates/*.py $(SHAREDIR)/templates/
 +
@ -2206,8 +2201,8 @@ diff -up policycoreutils-2.1.5/gui/Makefile.gui policycoreutils-2.1.5/gui/Makefi
 +
 +relabel:
 diff -up policycoreutils-2.1.5/gui/mappingsPage.py.gui policycoreutils-2.1.5/gui/mappingsPage.py
--- policycoreutils-2.1.5/gui/mappingsPage.py.gui	2011-09-06 13:15:33.024804601 -0400
+--- policycoreutils-2.1.5/gui/mappingsPage.py.gui	2011-09-07 16:58:08.235268532 -0400
-+++ policycoreutils-2.1.5/gui/mappingsPage.py	2011-09-06 13:15:33.024804601 -0400
+++ policycoreutils-2.1.5/gui/mappingsPage.py	2011-09-07 16:58:08.236268531 -0400
@@ -0,0 +1,56 @@
 +## mappingsPage.py - show selinux mappings
 +## Copyright (C) 2006 Red Hat, Inc.
@ -2266,8 +2261,8 @@ diff -up policycoreutils-2.1.5/gui/mappingsPage.py.gui policycoreutils-2.1.5/gui
 +            print "%-25s %-25s %-25s" % (k, dict[k][0], translate(dict[k][1]))
 +
 diff -up policycoreutils-2.1.5/gui/modulesPage.py.gui policycoreutils-2.1.5/gui/modulesPage.py
--- policycoreutils-2.1.5/gui/modulesPage.py.gui	2011-09-06 13:15:33.025804602 -0400
+--- policycoreutils-2.1.5/gui/modulesPage.py.gui	2011-09-07 16:58:08.236268531 -0400
-+++ policycoreutils-2.1.5/gui/modulesPage.py	2011-09-06 13:15:33.025804602 -0400
+++ policycoreutils-2.1.5/gui/modulesPage.py	2011-09-07 16:58:08.236268531 -0400
@@ -0,0 +1,190 @@
 +## modulesPage.py - show selinux mappings
 +## Copyright (C) 2006-2009 Red Hat, Inc.
@ -2460,8 +2455,8 @@ diff -up policycoreutils-2.1.5/gui/modulesPage.py.gui policycoreutils-2.1.5/gui/
 +        except ValueError, e:
 +            self.error(e.args[0])
 diff -up policycoreutils-2.1.5/gui/polgen.glade.gui policycoreutils-2.1.5/gui/polgen.glade
--- policycoreutils-2.1.5/gui/polgen.glade.gui	2011-09-06 13:15:33.028804605 -0400
+--- policycoreutils-2.1.5/gui/polgen.glade.gui	2011-09-07 16:58:08.239268531 -0400
-+++ policycoreutils-2.1.5/gui/polgen.glade	2011-09-06 13:15:33.030804607 -0400
+++ policycoreutils-2.1.5/gui/polgen.glade	2011-09-07 16:58:08.240268531 -0400
@@ -0,0 +1,3432 @@
 +<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*-->
 +<!DOCTYPE glade-interface SYSTEM "http://glade.gnome.org/glade-2.0.dtd">
@ -5896,8 +5891,8 @@ diff -up policycoreutils-2.1.5/gui/polgen.glade.gui policycoreutils-2.1.5/gui/po
 +
 +</glade-interface>
 diff -up policycoreutils-2.1.5/gui/polgen.gladep.gui policycoreutils-2.1.5/gui/polgen.gladep
--- policycoreutils-2.1.5/gui/polgen.gladep.gui	2011-09-06 13:15:33.030804607 -0400
+--- policycoreutils-2.1.5/gui/polgen.gladep.gui	2011-09-07 16:58:08.241268531 -0400
-+++ policycoreutils-2.1.5/gui/polgen.gladep	2011-09-06 13:15:33.031804608 -0400
+++ policycoreutils-2.1.5/gui/polgen.gladep	2011-09-07 16:58:08.241268531 -0400
@@ -0,0 +1,7 @@
 +<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*-->
 +<!DOCTYPE glade-project SYSTEM "http://glade.gnome.org/glade-project-2.0.dtd">
@ -5907,8 +5902,8 @@ diff -up policycoreutils-2.1.5/gui/polgen.gladep.gui policycoreutils-2.1.5/gui/p
 +  <program_name></program_name>
 +</glade-project>
 diff -up policycoreutils-2.1.5/gui/polgengui.py.gui policycoreutils-2.1.5/gui/polgengui.py
--- policycoreutils-2.1.5/gui/polgengui.py.gui	2011-09-06 13:15:33.032804609 -0400
+--- policycoreutils-2.1.5/gui/polgengui.py.gui	2011-09-07 16:58:08.242268530 -0400
-+++ policycoreutils-2.1.5/gui/polgengui.py	2011-09-06 13:15:33.032804609 -0400
+++ policycoreutils-2.1.5/gui/polgengui.py	2011-09-07 16:58:08.242268530 -0400
@@ -0,0 +1,750 @@
 +#!/usr/bin/python -Es
 +#
@ -6661,8 +6656,8 @@ diff -up policycoreutils-2.1.5/gui/polgengui.py.gui policycoreutils-2.1.5/gui/po
 +    app = childWindow()
 +    app.stand_alone()
 diff -up policycoreutils-2.1.5/gui/polgen.py.gui policycoreutils-2.1.5/gui/polgen.py
--- policycoreutils-2.1.5/gui/polgen.py.gui	2011-09-06 13:15:33.034804611 -0400
+--- policycoreutils-2.1.5/gui/polgen.py.gui	2011-09-07 16:58:08.243268529 -0400
-+++ policycoreutils-2.1.5/gui/polgen.py	2011-09-06 13:15:33.034804611 -0400
+++ policycoreutils-2.1.5/gui/polgen.py	2011-09-07 16:58:08.244268529 -0400
@@ -0,0 +1,1346 @@
 +#!/usr/bin/python -Es
 +#
@ -8011,8 +8006,8 @@ diff -up policycoreutils-2.1.5/gui/polgen.py.gui policycoreutils-2.1.5/gui/polge
 +    except ValueError, e:
 +        usage(e)
 diff -up policycoreutils-2.1.5/gui/portsPage.py.gui policycoreutils-2.1.5/gui/portsPage.py
--- policycoreutils-2.1.5/gui/portsPage.py.gui	2011-09-06 13:15:33.035804612 -0400
+--- policycoreutils-2.1.5/gui/portsPage.py.gui	2011-09-07 16:58:08.244268529 -0400
-+++ policycoreutils-2.1.5/gui/portsPage.py	2011-09-06 13:15:33.035804612 -0400
+++ policycoreutils-2.1.5/gui/portsPage.py	2011-09-07 16:58:08.244268529 -0400
@@ -0,0 +1,259 @@
 +## portsPage.py - show selinux mappings
 +## Copyright (C) 2006 Red Hat, Inc.
@ -8274,8 +8269,8 @@ diff -up policycoreutils-2.1.5/gui/portsPage.py.gui policycoreutils-2.1.5/gui/po
 +        return True
 +        
 diff -up policycoreutils-2.1.5/gui/selinux.tbl.gui policycoreutils-2.1.5/gui/selinux.tbl
--- policycoreutils-2.1.5/gui/selinux.tbl.gui	2011-09-06 13:15:33.036804613 -0400
+--- policycoreutils-2.1.5/gui/selinux.tbl.gui	2011-09-07 16:58:08.245268529 -0400
-+++ policycoreutils-2.1.5/gui/selinux.tbl	2011-09-06 13:15:33.036804613 -0400
+++ policycoreutils-2.1.5/gui/selinux.tbl	2011-09-07 16:58:08.246268529 -0400
@@ -0,0 +1,234 @@
 +acct_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for acct daemon")
 +allow_daemons_dump_core _("Admin") _("Allow all daemons to write corefiles to /")
@ -8512,8 +8507,8 @@ diff -up policycoreutils-2.1.5/gui/selinux.tbl.gui policycoreutils-2.1.5/gui/sel
 +webadm_read_user_files _("HTTPD Service") _("Allow SELinux webadm user to read unprivileged users home directories")
 +
 diff -up policycoreutils-2.1.5/gui/semanagePage.py.gui policycoreutils-2.1.5/gui/semanagePage.py
--- policycoreutils-2.1.5/gui/semanagePage.py.gui	2011-09-06 13:15:33.037804614 -0400
+--- policycoreutils-2.1.5/gui/semanagePage.py.gui	2011-09-07 16:58:08.246268529 -0400
-+++ policycoreutils-2.1.5/gui/semanagePage.py	2011-09-06 13:15:33.037804614 -0400
+++ policycoreutils-2.1.5/gui/semanagePage.py	2011-09-07 16:58:08.246268529 -0400
@@ -0,0 +1,168 @@
 +## semanagePage.py - show selinux mappings
 +## Copyright (C) 2006 Red Hat, Inc.
@ -8684,8 +8679,8 @@ diff -up policycoreutils-2.1.5/gui/semanagePage.py.gui policycoreutils-2.1.5/gui
 +        return True
 +        
 diff -up policycoreutils-2.1.5/gui/statusPage.py.gui policycoreutils-2.1.5/gui/statusPage.py
--- policycoreutils-2.1.5/gui/statusPage.py.gui	2011-09-06 13:15:33.038804615 -0400
+--- policycoreutils-2.1.5/gui/statusPage.py.gui	2011-09-07 16:58:08.247268528 -0400
-+++ policycoreutils-2.1.5/gui/statusPage.py	2011-09-06 13:15:33.038804615 -0400
+++ policycoreutils-2.1.5/gui/statusPage.py	2011-09-07 16:58:08.247268528 -0400
@@ -0,0 +1,190 @@
 +# statusPage.py - show selinux status
 +## Copyright (C) 2006-2009 Red Hat, Inc.
@ -8878,9 +8873,9 @@ diff -up policycoreutils-2.1.5/gui/statusPage.py.gui policycoreutils-2.1.5/gui/s
 +
 +
 diff -up policycoreutils-2.1.5/gui/system-config-selinux.glade.gui policycoreutils-2.1.5/gui/system-config-selinux.glade
--- policycoreutils-2.1.5/gui/system-config-selinux.glade.gui	2011-09-06 13:15:33.041804618 -0400
+--- policycoreutils-2.1.5/gui/system-config-selinux.glade.gui	2011-09-07 16:58:08.249268527 -0400
-+++ policycoreutils-2.1.5/gui/system-config-selinux.glade	2011-09-06 13:16:15.397861323 -0400
+++ policycoreutils-2.1.5/gui/system-config-selinux.glade	2011-09-08 09:44:04.498161457 -0400
-@@ -0,0 +1,3005 @@
+@@ -0,0 +1,3024 @@
 +<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*-->
 +<!DOCTYPE glade-interface SYSTEM "http://glade.gnome.org/glade-2.0.dtd">
 +
@ -10112,6 +10107,7 @@ diff -up policycoreutils-2.1.5/gui/system-config-selinux.glade.gui policycoreuti
 +	<widget class="GtkHPaned" id="hpaned1">
 +	  <property name="visible">True</property>
 +	  <property name="can_focus">True</property>
 +	  <property name="position">0</property>
 +
 +	  <child>
 +	    <widget class="GtkFrame" id="frame1">
@ -10508,6 +10504,24 @@ diff -up policycoreutils-2.1.5/gui/system-config-selinux.glade.gui policycoreuti
 +			  <property name="homogeneous">True</property>
 +			</packing>
 +		      </child>
 +
 +		      <child>
 +			<widget class="GtkToolButton" id="toolbutton36">
 +			  <property name="visible">True</property>
 +			  <property name="tooltip" translatable="yes">Run booleans lockdown wizard</property>
 +			  <property name="label" translatable="yes">Lockdown...</property>
 +			  <property name="use_underline">True</property>
 +			  <property name="stock_id">gtk-print-error</property>
 +			  <property name="visible_horizontal">True</property>
 +			  <property name="visible_vertical">True</property>
 +			  <property name="is_important">False</property>
 +			  <signal name="clicked" handler="on_lockdown_clicked" last_modification_time="Thu, 03 Jul 2008 16:51:17 GMT"/>
 +			</widget>
 +			<packing>
 +			  <property name="expand">False</property>
 +			  <property name="homogeneous">True</property>
 +			</packing>
 +		      </child>
 +		    </widget>
 +		    <packing>
 +		      <property name="padding">0</property>
@ -11887,8 +11901,8 @@ diff -up policycoreutils-2.1.5/gui/system-config-selinux.glade.gui policycoreuti
 +
 +</glade-interface>
 diff -up policycoreutils-2.1.5/gui/system-config-selinux.gladep.gui policycoreutils-2.1.5/gui/system-config-selinux.gladep
--- policycoreutils-2.1.5/gui/system-config-selinux.gladep.gui	2011-09-06 13:15:33.042804619 -0400
+--- policycoreutils-2.1.5/gui/system-config-selinux.gladep.gui	2011-09-07 16:58:08.250268527 -0400
-+++ policycoreutils-2.1.5/gui/system-config-selinux.gladep	2011-09-06 13:15:33.043804620 -0400
+++ policycoreutils-2.1.5/gui/system-config-selinux.gladep	2011-09-07 16:58:08.250268527 -0400
@@ -0,0 +1,7 @@
 +<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*-->
 +<!DOCTYPE glade-project SYSTEM "http://glade.gnome.org/glade-project-2.0.dtd">
@ -11898,8 +11912,8 @@ diff -up policycoreutils-2.1.5/gui/system-config-selinux.gladep.gui policycoreut
 +  <program_name></program_name>
 +</glade-project>
 diff -up policycoreutils-2.1.5/gui/system-config-selinux.py.gui policycoreutils-2.1.5/gui/system-config-selinux.py
--- policycoreutils-2.1.5/gui/system-config-selinux.py.gui	2011-09-06 13:15:33.043804620 -0400
+--- policycoreutils-2.1.5/gui/system-config-selinux.py.gui	2011-09-07 16:58:08.251268527 -0400
-+++ policycoreutils-2.1.5/gui/system-config-selinux.py	2011-09-06 13:15:33.043804620 -0400
+++ policycoreutils-2.1.5/gui/system-config-selinux.py	2011-09-07 16:58:08.251268527 -0400
@@ -0,0 +1,187 @@
 +#!/usr/bin/python -Es
 +#
@ -12089,8 +12103,8 @@ diff -up policycoreutils-2.1.5/gui/system-config-selinux.py.gui policycoreutils-
 +    app = childWindow()
 +    app.stand_alone()
 diff -up policycoreutils-2.1.5/gui/templates/boolean.py.gui policycoreutils-2.1.5/gui/templates/boolean.py
--- policycoreutils-2.1.5/gui/templates/boolean.py.gui	2011-09-06 13:15:33.044804621 -0400
+--- policycoreutils-2.1.5/gui/templates/boolean.py.gui	2011-09-07 16:58:08.252268527 -0400
-+++ policycoreutils-2.1.5/gui/templates/boolean.py	2011-09-06 13:15:33.044804621 -0400
+++ policycoreutils-2.1.5/gui/templates/boolean.py	2011-09-07 16:58:08.252268527 -0400
@@ -0,0 +1,40 @@
 +# Copyright (C) 2007-2011 Red Hat
 +# see file 'COPYING' for use and warranty information
@ -12133,8 +12147,8 @@ diff -up policycoreutils-2.1.5/gui/templates/boolean.py.gui policycoreutils-2.1.
 +"""
 +
 diff -up policycoreutils-2.1.5/gui/templates/etc_rw.py.gui policycoreutils-2.1.5/gui/templates/etc_rw.py
--- policycoreutils-2.1.5/gui/templates/etc_rw.py.gui	2011-09-06 13:15:33.045804622 -0400
+--- policycoreutils-2.1.5/gui/templates/etc_rw.py.gui	2011-09-07 16:58:08.252268527 -0400
-+++ policycoreutils-2.1.5/gui/templates/etc_rw.py	2011-09-06 13:15:33.045804622 -0400
+++ policycoreutils-2.1.5/gui/templates/etc_rw.py	2011-09-07 16:58:08.252268527 -0400
@@ -0,0 +1,112 @@
 +# Copyright (C) 2007-2011 Red Hat
 +# see file 'COPYING' for use and warranty information
@ -12249,8 +12263,8 @@ diff -up policycoreutils-2.1.5/gui/templates/etc_rw.py.gui policycoreutils-2.1.5
 +FILENAME(/.*)?		gen_context(system_u:object_r:TEMPLATETYPE_etc_rw_t,s0)
 +"""
 diff -up policycoreutils-2.1.5/gui/templates/executable.py.gui policycoreutils-2.1.5/gui/templates/executable.py
--- policycoreutils-2.1.5/gui/templates/executable.py.gui	2011-09-06 13:15:33.046804623 -0400
+--- policycoreutils-2.1.5/gui/templates/executable.py.gui	2011-09-07 16:58:08.253268527 -0400
-+++ policycoreutils-2.1.5/gui/templates/executable.py	2011-09-06 13:15:33.046804623 -0400
+++ policycoreutils-2.1.5/gui/templates/executable.py	2011-09-07 16:58:08.253268527 -0400
@@ -0,0 +1,451 @@
 +# Copyright (C) 2007-2011 Red Hat
 +# see file 'COPYING' for use and warranty information
@ -12704,8 +12718,8 @@ diff -up policycoreutils-2.1.5/gui/templates/executable.py.gui policycoreutils-2
 +EXECUTABLE	--	gen_context(system_u:object_r:TEMPLATETYPE_initrc_exec_t,s0)
 +"""
 diff -up policycoreutils-2.1.5/gui/templates/__init__.py.gui policycoreutils-2.1.5/gui/templates/__init__.py
--- policycoreutils-2.1.5/gui/templates/__init__.py.gui	2011-09-06 13:15:33.046804623 -0400
+--- policycoreutils-2.1.5/gui/templates/__init__.py.gui	2011-09-07 16:58:08.254268527 -0400
-+++ policycoreutils-2.1.5/gui/templates/__init__.py	2011-09-06 13:15:33.047804624 -0400
+++ policycoreutils-2.1.5/gui/templates/__init__.py	2011-09-07 16:58:08.254268527 -0400
@@ -0,0 +1,18 @@
 +#
 +# Copyright (C) 2007-2011 Red Hat
@ -12726,8 +12740,8 @@ diff -up policycoreutils-2.1.5/gui/templates/__init__.py.gui policycoreutils-2.1
 +#
 +
 diff -up policycoreutils-2.1.5/gui/templates/network.py.gui policycoreutils-2.1.5/gui/templates/network.py
--- policycoreutils-2.1.5/gui/templates/network.py.gui	2011-09-06 13:15:33.047804624 -0400
+--- policycoreutils-2.1.5/gui/templates/network.py.gui	2011-09-07 16:58:08.254268527 -0400
-+++ policycoreutils-2.1.5/gui/templates/network.py	2011-09-06 13:15:33.047804624 -0400
+++ policycoreutils-2.1.5/gui/templates/network.py	2011-09-07 16:58:08.255268527 -0400
@@ -0,0 +1,102 @@
 +# Copyright (C) 2007-2011 Red Hat
 +# see file 'COPYING' for use and warranty information
@ -12832,8 +12846,8 @@ diff -up policycoreutils-2.1.5/gui/templates/network.py.gui policycoreutils-2.1.
 +"""
 +
 diff -up policycoreutils-2.1.5/gui/templates/rw.py.gui policycoreutils-2.1.5/gui/templates/rw.py
--- policycoreutils-2.1.5/gui/templates/rw.py.gui	2011-09-06 13:15:33.048804625 -0400
+--- policycoreutils-2.1.5/gui/templates/rw.py.gui	2011-09-07 16:58:08.255268527 -0400
-+++ policycoreutils-2.1.5/gui/templates/rw.py	2011-09-06 13:15:33.048804625 -0400
+++ policycoreutils-2.1.5/gui/templates/rw.py	2011-09-07 16:58:08.255268527 -0400
@@ -0,0 +1,129 @@
 +# Copyright (C) 2007-2011 Red Hat
 +# see file 'COPYING' for use and warranty information
@ -12965,8 +12979,8 @@ diff -up policycoreutils-2.1.5/gui/templates/rw.py.gui policycoreutils-2.1.5/gui
 +FILENAME(/.*)?		gen_context(system_u:object_r:TEMPLATETYPE_rw_t,s0)
 +"""
 diff -up policycoreutils-2.1.5/gui/templates/script.py.gui policycoreutils-2.1.5/gui/templates/script.py
--- policycoreutils-2.1.5/gui/templates/script.py.gui	2011-09-06 13:15:33.049804626 -0400
+--- policycoreutils-2.1.5/gui/templates/script.py.gui	2011-09-07 16:58:08.256268527 -0400
-+++ policycoreutils-2.1.5/gui/templates/script.py	2011-09-06 13:15:33.049804626 -0400
+++ policycoreutils-2.1.5/gui/templates/script.py	2011-09-07 16:58:08.256268527 -0400
@@ -0,0 +1,126 @@
 +# Copyright (C) 2007-2011 Red Hat
 +# see file 'COPYING' for use and warranty information
@ -13095,8 +13109,8 @@ diff -up policycoreutils-2.1.5/gui/templates/script.py.gui policycoreutils-2.1.5
 +fi
 +"""
 diff -up policycoreutils-2.1.5/gui/templates/semodule.py.gui policycoreutils-2.1.5/gui/templates/semodule.py
--- policycoreutils-2.1.5/gui/templates/semodule.py.gui	2011-09-06 13:15:33.050804627 -0400
+--- policycoreutils-2.1.5/gui/templates/semodule.py.gui	2011-09-07 16:58:08.256268527 -0400
-+++ policycoreutils-2.1.5/gui/templates/semodule.py	2011-09-06 13:15:33.050804627 -0400
+++ policycoreutils-2.1.5/gui/templates/semodule.py	2011-09-07 16:58:08.256268527 -0400
@@ -0,0 +1,41 @@
 +# Copyright (C) 2007-2011 Red Hat
 +# see file 'COPYING' for use and warranty information
@ -13140,8 +13154,8 @@ diff -up policycoreutils-2.1.5/gui/templates/semodule.py.gui policycoreutils-2.1
 +"""
 +
 diff -up policycoreutils-2.1.5/gui/templates/tmp.py.gui policycoreutils-2.1.5/gui/templates/tmp.py
--- policycoreutils-2.1.5/gui/templates/tmp.py.gui	2011-09-06 13:15:33.050804627 -0400
+--- policycoreutils-2.1.5/gui/templates/tmp.py.gui	2011-09-07 16:58:08.257268526 -0400
-+++ policycoreutils-2.1.5/gui/templates/tmp.py	2011-09-06 13:15:33.050804627 -0400
+++ policycoreutils-2.1.5/gui/templates/tmp.py	2011-09-07 16:58:08.257268526 -0400
@@ -0,0 +1,102 @@
 +# Copyright (C) 2007-2011 Red Hat
 +# see file 'COPYING' for use and warranty information
@ -13246,8 +13260,8 @@ diff -up policycoreutils-2.1.5/gui/templates/tmp.py.gui policycoreutils-2.1.5/gu
 +	admin_pattern($1, TEMPLATETYPE_tmp_t)
 +"""
 diff -up policycoreutils-2.1.5/gui/templates/user.py.gui policycoreutils-2.1.5/gui/templates/user.py
--- policycoreutils-2.1.5/gui/templates/user.py.gui	2011-09-06 13:15:33.051804628 -0400
+--- policycoreutils-2.1.5/gui/templates/user.py.gui	2011-09-07 16:58:08.257268526 -0400
-+++ policycoreutils-2.1.5/gui/templates/user.py	2011-09-06 13:15:33.051804628 -0400
+++ policycoreutils-2.1.5/gui/templates/user.py	2011-09-07 16:58:08.257268526 -0400
@@ -0,0 +1,204 @@
 +# Copyright (C) 2007-2011 Red Hat
 +# see file 'COPYING' for use and warranty information
@ -13454,8 +13468,8 @@ diff -up policycoreutils-2.1.5/gui/templates/user.py.gui policycoreutils-2.1.5/g
 +seutil_run_newrole(TEMPLATETYPE_t, TEMPLATETYPE_r)
 +"""
 diff -up policycoreutils-2.1.5/gui/templates/var_cache.py.gui policycoreutils-2.1.5/gui/templates/var_cache.py
--- policycoreutils-2.1.5/gui/templates/var_cache.py.gui	2011-09-06 13:15:33.052804629 -0400
+--- policycoreutils-2.1.5/gui/templates/var_cache.py.gui	2011-09-07 16:58:08.258268525 -0400
-+++ policycoreutils-2.1.5/gui/templates/var_cache.py	2011-09-06 13:15:33.052804629 -0400
+++ policycoreutils-2.1.5/gui/templates/var_cache.py	2011-09-07 16:58:08.258268525 -0400
@@ -0,0 +1,132 @@
 +# Copyright (C) 2007-2011 Red Hat
 +# see file 'COPYING' for use and warranty information
@ -13590,8 +13604,8 @@ diff -up policycoreutils-2.1.5/gui/templates/var_cache.py.gui policycoreutils-2.
 +FILENAME(/.*)?		gen_context(system_u:object_r:TEMPLATETYPE_cache_t,s0)
 +"""
 diff -up policycoreutils-2.1.5/gui/templates/var_lib.py.gui policycoreutils-2.1.5/gui/templates/var_lib.py
--- policycoreutils-2.1.5/gui/templates/var_lib.py.gui	2011-09-06 13:15:33.052804629 -0400
+--- policycoreutils-2.1.5/gui/templates/var_lib.py.gui	2011-09-07 16:58:08.258268525 -0400
-+++ policycoreutils-2.1.5/gui/templates/var_lib.py	2011-09-06 13:15:33.053804630 -0400
+++ policycoreutils-2.1.5/gui/templates/var_lib.py	2011-09-07 16:58:08.259268525 -0400
@@ -0,0 +1,160 @@
 +# Copyright (C) 2007-2011 Red Hat
 +# see file 'COPYING' for use and warranty information
@ -13754,8 +13768,8 @@ diff -up policycoreutils-2.1.5/gui/templates/var_lib.py.gui policycoreutils-2.1.
 +FILENAME(/.*)?		gen_context(system_u:object_r:TEMPLATETYPE_var_lib_t,s0)
 +"""
 diff -up policycoreutils-2.1.5/gui/templates/var_log.py.gui policycoreutils-2.1.5/gui/templates/var_log.py
--- policycoreutils-2.1.5/gui/templates/var_log.py.gui	2011-09-06 13:15:33.053804630 -0400
+--- policycoreutils-2.1.5/gui/templates/var_log.py.gui	2011-09-07 16:58:08.259268525 -0400
-+++ policycoreutils-2.1.5/gui/templates/var_log.py	2011-09-06 13:15:33.053804630 -0400
+++ policycoreutils-2.1.5/gui/templates/var_log.py	2011-09-07 16:58:08.259268525 -0400
@@ -0,0 +1,114 @@
 +# Copyright (C) 2007-2011 Red Hat
 +# see file 'COPYING' for use and warranty information
@ -13872,8 +13886,8 @@ diff -up policycoreutils-2.1.5/gui/templates/var_log.py.gui policycoreutils-2.1.
 +FILENAME(/.*)?		gen_context(system_u:object_r:TEMPLATETYPE_log_t,s0)
 +"""
 diff -up policycoreutils-2.1.5/gui/templates/var_run.py.gui policycoreutils-2.1.5/gui/templates/var_run.py
--- policycoreutils-2.1.5/gui/templates/var_run.py.gui	2011-09-06 13:15:33.054804631 -0400
+--- policycoreutils-2.1.5/gui/templates/var_run.py.gui	2011-09-07 16:58:08.260268525 -0400
-+++ policycoreutils-2.1.5/gui/templates/var_run.py	2011-09-06 13:15:33.054804631 -0400
+++ policycoreutils-2.1.5/gui/templates/var_run.py	2011-09-07 16:58:08.260268525 -0400
@@ -0,0 +1,101 @@
 +# Copyright (C) 2007-2011 Red Hat
 +# see file 'COPYING' for use and warranty information
@ -13977,8 +13991,8 @@ diff -up policycoreutils-2.1.5/gui/templates/var_run.py.gui policycoreutils-2.1.
 +FILENAME(/.*)?		gen_context(system_u:object_r:TEMPLATETYPE_var_run_t,s0)
 +"""
 diff -up policycoreutils-2.1.5/gui/templates/var_spool.py.gui policycoreutils-2.1.5/gui/templates/var_spool.py
--- policycoreutils-2.1.5/gui/templates/var_spool.py.gui	2011-09-06 13:15:33.055804632 -0400
+--- policycoreutils-2.1.5/gui/templates/var_spool.py.gui	2011-09-07 16:58:08.261268525 -0400
-+++ policycoreutils-2.1.5/gui/templates/var_spool.py	2011-09-06 13:15:33.055804632 -0400
+++ policycoreutils-2.1.5/gui/templates/var_spool.py	2011-09-07 16:58:08.261268525 -0400
@@ -0,0 +1,131 @@
 +# Copyright (C) 2007-2011 Red Hat
 +# see file 'COPYING' for use and warranty information
@ -14112,8 +14126,8 @@ diff -up policycoreutils-2.1.5/gui/templates/var_spool.py.gui policycoreutils-2.
 +FILENAME(/.*)?		gen_context(system_u:object_r:TEMPLATETYPE_spool_t,s0)
 +"""
 diff -up policycoreutils-2.1.5/gui/usersPage.py.gui policycoreutils-2.1.5/gui/usersPage.py
--- policycoreutils-2.1.5/gui/usersPage.py.gui	2011-09-06 13:15:33.055804632 -0400
+--- policycoreutils-2.1.5/gui/usersPage.py.gui	2011-09-07 16:58:08.261268525 -0400
-+++ policycoreutils-2.1.5/gui/usersPage.py	2011-09-06 13:15:33.056804633 -0400
+++ policycoreutils-2.1.5/gui/usersPage.py	2011-09-07 16:58:08.261268525 -0400
@@ -0,0 +1,150 @@
 +## usersPage.py - show selinux mappings
 +## Copyright (C) 2006,2007,2008 Red Hat, Inc.
--- a/policycoreutils-rhat.patch
+++ b/policycoreutils-rhat.patch
@ -3616,15 +3616,21 @@ index 0000000..1ce37b0
 +	return 0;
 +}
 diff --git a/policycoreutils/setfiles/restore.c b/policycoreutils/setfiles/restore.c
-index 48ffcad..c1e6e24 100644
+index 48ffcad..7cff7e4 100644
 --- a/policycoreutils/setfiles/restore.c
 +++ b/policycoreutils/setfiles/restore.c
-@@ -33,7 +33,7 @@ struct edir {
+@@ -1,5 +1,6 @@
 #include "restore.h"
 #include <glob.h>
 +#include <selinux/context.h>
 #define SKIP -2
 #define ERR -1
@@ -33,7 +34,6 @@ struct edir {
 static file_spec_t *fl_head;
 static int filespec_add(ino_t ino, const security_context_t con, const char *file);
 -static int only_changed_user(const char *a, const char *b);
 +static int match_type(const security_context_t oldcon, security_context_t *newcon);
 struct restore_opts *r_opts = NULL;
 static void filespec_destroy(void);
 static void filespec_eval(void);
@ -3647,11 +3653,11 @@ index 48ffcad..c1e6e24 100644
 	int ret;
 -	char *context, *newcon;
 -	int user_only_changed = 0;
-+	security_context_t curcon, newcon;
+	security_context_t curcon = NULL, newcon = NULL;
 	if (match(my_file, ftsent->fts_statp, &newcon) < 0)
 		/* Check for no matching specification. */
-@@ -143,74 +143,82 @@ static int restore(FTSENT *ftsent)
+@@ -143,74 +143,105 @@ static int restore(FTSENT *ftsent)
 		printf("%s:  %s matched by %s\n", r_opts->progname, my_file, newcon);
 	}
@ -3696,7 +3702,6 @@ index 48ffcad..c1e6e24 100644
 -	    (context && (strcmp(context, newcon) == 0))) {
 -		freecon(context);
 +	if (curcon && (strcmp(curcon, newcon) == 0)) {
 +		freecon(curcon);
 		goto out;
 	}
@ -3709,32 +3714,59 @@ index 48ffcad..c1e6e24 100644
 +				r_opts->progname, my_file, curcon);
 		}
 -		freecon(context);
 +		freecon(curcon);
 +		goto out;
 +	}
 +
 +	/* 
 +	 *  Do not change label unless this is a force or the type is different 
 +	 */
 +	if (!r_opts->force && match_type(curcon, &newcon)) {
 +		freecon(curcon);
 		goto out;
 	}
- 	if (r_opts->verbose) {
+-	if (r_opts->verbose) {
 -		/* If we're just doing "-v", trim out any relabels where
 -		 * the user has r_opts->changed but the role and type are the
 -		 * same.  For "-vv", emit everything. */
 -		if (r_opts->verbose > 1 || !user_only_changed) {
 -			printf("%s reset %s context %s->%s\n",
 -			       r_opts->progname, my_file, context ?: "", newcon);
-		}
+	/* 
-+		printf("%s reset %s context %s->%s\n",
+	 *  Do not change label unless this is a force or the type is different 
-+		       r_opts->progname, my_file, curcon ?: "", newcon);
+	 */
 +	if (!r_opts->force && curcon) {
 +		int types_differ = 0;
 +		context_t cona;
 +		context_t conb;
 +		int err = 0;
 +		cona = context_new(curcon);
 +		if (! cona) {
 +			goto out;
 +		}
 +		conb = context_new(newcon);
 +		if (! conb) {
 +			context_free(cona);
 +			goto out;
 +		}
 +
 +		types_differ = strcmp(context_type_get(cona), context_type_get(conb));
 +		if (types_differ) {
 +			err |= context_user_set(conb, context_user_get(cona));
 +			err |= context_role_set(conb, context_role_get(cona));
 +			err |= context_range_set(conb, context_range_get(cona));
 +			if (!err) {
 +				freecon(newcon);
 +				newcon = strdup(context_str(conb));
 +			}
 +		}
 +		context_free(cona);
 +		context_free(conb);
 +		
 +		if (!types_differ || err) {
 +			goto out;
 		}
 	}
 -	if (r_opts->logging && !user_only_changed) {
 -		if (context)
 +	if (r_opts->verbose) {
 +		printf("%s reset %s context %s->%s\n",
 +		       r_opts->progname, my_file, curcon ?: "", newcon);
 +	}
 +
 +	if (r_opts->logging) {
 +		if (curcon)
 			syslog(LOG_INFO, "relabeling %s from %s to %s\n",
@ -3751,9 +3783,7 @@ index 48ffcad..c1e6e24 100644
 -	if (context)
 -		freecon(context);
-+	if (curcon)
+-
 +		freecon(curcon);
 	/*
 	 * Do not relabel the file if -n was used.
 	 */
@ -3762,7 +3792,7 @@ index 48ffcad..c1e6e24 100644
 		goto out;
 	/*
-@@ -318,11 +326,16 @@ static int process_one(char *name, int recurse_this_path)
+@@ -318,11 +349,16 @@ static int process_one(char *name, int recurse_this_path)
 	ftsent = fts_read(fts_handle);
@ -3782,7 +3812,7 @@ index 48ffcad..c1e6e24 100644
 	do {
 		rc = 0;
 		/* Skip the post order nodes. */
-@@ -390,7 +403,7 @@ int process_one_realpath(char *name, int recurse)
+@@ -390,7 +426,7 @@ int process_one_realpath(char *name, int recurse)
 {
 	int rc = 0;
 	char *p;
@ -3791,7 +3821,7 @@ index 48ffcad..c1e6e24 100644
 	if (r_opts == NULL){
 		fprintf(stderr,
-@@ -401,7 +414,7 @@ int process_one_realpath(char *name, int recurse)
+@@ -401,7 +437,7 @@ int process_one_realpath(char *name, int recurse)
 	if (!r_opts->expand_realpath) {
 		return process_one(name, recurse);
 	} else {
@ -3800,22 +3830,14 @@ index 48ffcad..c1e6e24 100644
 		if (rc < 0) {
 			if (r_opts->ignore_enoent && errno == ENOENT)
 				return 0;
-@@ -486,20 +499,46 @@ int add_exclude(const char *directory)
+@@ -486,22 +522,6 @@ int add_exclude(const char *directory)
 	return 0;
 }
 -/* Compare two contexts to see if their differences are "significant",
 - * or whether the only difference is in the user. */
 -static int only_changed_user(const char *a, const char *b)
-+#include <selinux/context.h>
+-{
 +
 +/* Compare two contexts to see if their types differ; if they do, return 1 
 + * and replace the the new context with the the current context user, role 
 + * and range 
 + */
 +
 +static int match_type(const security_context_t oldcon, security_context_t *newcon)
 {
 -	char *rest_a, *rest_b;	/* Rest of the context after the user */
 -	if (r_opts->force)
 -		return 0;
@ -3826,41 +3848,12 @@ index 48ffcad..c1e6e24 100644
 -	if (!rest_a || !rest_b)
 -		return 0;
 -	return (strcmp(rest_a, rest_b) == 0);
-+	int match = 0;
+-}
-+	context_t cona;
+-
 +	context_t conb;
 +	if (!oldcon || !*newcon)
 +		return match;
 +	cona = context_new(oldcon);
 +	if (! cona) {
 +		return match;
 +	}
 +	conb = context_new(*newcon);
 +	if (! conb) {
 +		context_free(cona);
 +		return match;
 +	}
 +
 +	match = strcmp(context_type_get(cona), context_type_get(conb)) == 0;
 +	if (! match) {
 +		if (context_user_set(conb, context_user_get(cona)) < 0)
 +			goto out;
 +		if (context_role_set(conb, context_role_get(cona)) < 0)
 +			goto out;
 +		if (context_range_set(conb, context_range_get(cona)) < 0)
 +			goto out;
 +		free(*newcon);
 +		*newcon = strdup(context_str(conb));
 +	}
 +
 +out:
 +	context_free(cona);
 +	context_free(conb);
 +	return match;
 }
 /*
-@@ -568,7 +607,7 @@ static int filespec_add(ino_t ino, const security_context_t con, const char *fil
+  * Evaluate the association hash table distribution.
  */
@@ -568,7 +588,7 @@ static int filespec_add(ino_t ino, const security_context_t con, const char *fil
 {
 	file_spec_t *prevfl, *fl;
 	int h, ret;
@ -3869,7 +3862,7 @@ index 48ffcad..c1e6e24 100644
 	if (!fl_head) {
 		fl_head = malloc(sizeof(file_spec_t) * HASH_BUCKETS);
-@@ -581,7 +620,7 @@ static int filespec_add(ino_t ino, const security_context_t con, const char *fil
+@@ -581,7 +601,7 @@ static int filespec_add(ino_t ino, const security_context_t con, const char *fil
 	for (prevfl = &fl_head[h], fl = fl_head[h].next; fl;
 	     prevfl = fl, fl = fl->next) {
 		if (ino == fl->ino) {
@ -3891,10 +3884,10 @@ index ac27222..3909d15 100644
 void restore_init(struct restore_opts *opts);
 diff --git a/policycoreutils/setfiles/restorecon.8 b/policycoreutils/setfiles/restorecon.8
-index c8ea4bb..6cb7d3d 100644
+index c8ea4bb..0eb7293 100644
 --- a/policycoreutils/setfiles/restorecon.8
 +++ b/policycoreutils/setfiles/restorecon.8
-@@ -4,10 +4,10 @@ restorecon \- restore file(s) default SELinux security contexts.
+@@ -4,22 +4,27 @@ restorecon \- restore file(s) default SELinux security contexts.
 .SH "SYNOPSIS"
 .B restorecon
@ -3907,7 +3900,25 @@ index c8ea4bb..6cb7d3d 100644
 .SH "DESCRIPTION"
 This manual page describes the
-@@ -32,6 +32,12 @@ infilename contains a list of files to be processed by application. Use \- for s
+ .BR restorecon
 program.
 .P
 -This program is primarily used to set the security context
 +This program is primarily used to reset the security context (type)
 (extended attributes) on one or more files. 
 .P
 It can be run at any time to correct errors, to add support for
 new policy, or with the \-n option it can just check whether the file
 contexts are all as you expect.
 +.P 
 +If a file object does not have a context, restorecon will write the default 
 +context to the file object's extended attributes. If a file object has a 
 +context, restorecon will only modify the type portion of the security context. 
 +The -F option will force a replacement of the entire context.
 .SH "OPTIONS"
 .TP 
@@ -32,6 +37,12 @@ infilename contains a list of files to be processed by application. Use \- for s
 .B \-e directory
 directory to exclude (repeat option for more than one directory.)
 .TP 
@ -3920,8 +3931,21 @@ index c8ea4bb..6cb7d3d 100644
 .B \-R \-r
 change files and directories file labels recursively
 .TP 
@@ -47,11 +58,8 @@ show progress by printing * every 1000 files.
 .B \-v
 show changes in file labels.
 .TP 
 -.B \-vv
 -show changes in file labels, if type, role, or user are changing.
 -.TP 
 .B \-F
 -Force reset of context to match file_context for customizable files, or the user section, if it has changed. 
 +Force reset of context to match file_context for customizable files, and the default file context, changing the user, role, range portion as well as the type.
 .TP 
 .SH "ARGUMENTS"
 .B pathname...
 diff --git a/policycoreutils/setfiles/setfiles.8 b/policycoreutils/setfiles/setfiles.8
-index 7f700ca..c77431a 100644
+index 7f700ca..5902e8e 100644
 --- a/policycoreutils/setfiles/setfiles.8
 +++ b/policycoreutils/setfiles/setfiles.8
@@ -4,7 +4,7 @@ setfiles \- set file SELinux security contexts.
@ -3929,20 +3953,46 @@ index 7f700ca..c77431a 100644
 .SH "SYNOPSIS"
 .B setfiles
 -.I [\-c policy ] [\-d] [\-l] [\-n] [\-e directory ] [\-o filename ] [\-q] [\-s] [\-v] [\-vv] [\-W] [\-F] spec_file pathname...
-+.I [\-c policy ] [\-d] [\-l] [\-n] [\-e directory ] [\-o filename ] [\-L labelprefix ] [\-q] [\-s] [\-v] [\-vv] [\-W] [\-F] spec_file pathname...
+.I [\-c policy ] [\-d] [\-l] [\-n] [\-e directory ] [\-o filename ] [\-L labelprefix ] [\-q] [\-s] [\-v] [\-W] [\-F] spec_file pathname...
 .SH "DESCRIPTION"
 This manual page describes the
 .BR setfiles
-@@ -47,6 +47,9 @@ directory to exclude (repeat option for more than one directory.)
+@@ -17,6 +17,11 @@ program is initially run as part of the SE Linux installation process.
- .B \-F
+ It can also be run at any time to correct errors, to add support for
- Force reset of context to match file_context for customizable files
+ new policy, or with the \-n option it can just check whether the file
 contexts are all as you expect.
 +.P 
 +If a file object does not have a context, setfiles will write the default 
 +context to the file object's extended attributes. If a file object has a 
 +context, setfiles will only modify the type portion of the security context. 
 +The -F option will force a replacement of the entire context.
 .SH "OPTIONS"
 .TP 
@@ -45,7 +50,10 @@ use an alternate root path
 directory to exclude (repeat option for more than one directory.)
 .TP 
 .B \-F
 -Force reset of context to match file_context for customizable files
 +Force reset of context to match file_context for customizable files, and the default file context, changing the user, role, range portion as well as the type.
 +.TP 
 +.B \-L labelprefix
 +Tells selinux to only use the file context that match this prefix for labeling,  -L can be called multiple times.  Can speed up labeling if you are only doing one directory.
-+.TP 
+ .TP 
 .B \-o filename
 save list of files with incorrect context in filename.
@@ -55,10 +63,7 @@ take a list of files from standard input instead of using a pathname on the
 command line.
 .TP
 .B \-v
 -show changes in file labels, if type or role are changing.
 -.TP 
 -.B \-vv
 -show changes in file labels, if type, role, or user are changing.
 +show changes in file labels
 .TP 
 .B \-W
 display warnings about entries that had no matching files.
 diff --git a/policycoreutils/setfiles/setfiles.c b/policycoreutils/setfiles/setfiles.c
 index fa0cd6a..590a4e0 100644
 --- a/policycoreutils/setfiles/setfiles.c
--- a/policycoreutils.spec
+++ b/policycoreutils.spec
@ -7,7 +7,7 @@
 Summary: SELinux policy core utilities
 Name:	 policycoreutils
 Version: 2.1.5
-Release: 4%{?dist}
+Release: 5%{?dist}
 License: GPLv2
 Group:	 System Environment/Base
 # Based on git repository with tag 20101221
@ -222,7 +222,7 @@ Summary: SELinux configuration GUI
 Group: System Environment/Base
 Requires: policycoreutils-python = %{version}-%{release} 
 Requires: gnome-python2-gnome, pygtk2, pygtk2-libglade, gnome-python2-canvas
-Requires: usermode-gtk 
+Requires: usermode-gtk pywebkitgtk
 Requires: setools-console
 Requires: selinux-policy
 Requires: python >= 2.6
@ -352,6 +352,9 @@ fi
 /bin/systemctl try-restart restorecond.service >/dev/null 2>&1 || :
 %changelog
 * Thu Sep 8 2011 Dan Walsh <dwalsh@redhat.com> - 2.1.5-5
 - Add back lockdown wizard for booleans using pywebkitgtk
 * Wed Sep 7 2011 Dan Walsh <dwalsh@redhat.com> - 2.1.5-4
 - Maintain the LANG environment Variable into the sandbox
 - Change restorecon/setfiles to only change type part of the context unless