* Tue Jan 9 2007 Dan Walsh <dwalsh@redhat.com> 1.33.12-1

- Want to update to match api - Update to upstream * Merged newrole securetty check from Dan Walsh. * Merged semodule patch to generalize list support from Karl MacMillan. Resolves: #200110
2007-01-11 20:19:37 +00:00 · 2007-01-11 20:19:37 +00:00 · cda33cabb1
commit cda33cabb1
parent 7d7e0bdd54
5 changed files with 573 additions and 723 deletions
--- a/.cvsignore
+++ b/.cvsignore
@ -123,3 +123,5 @@ policycoreutils-1.33.6.tgz
 policycoreutils-1.33.7.tgz
 policycoreutils-1.33.8.tgz
 policycoreutils-1.33.10.tgz
+policycoreutils-1.33.11.tgz
+policycoreutils-1.33.12.tgz
--- a/policycoreutils-po.patch
+++ b/policycoreutils-po.patch
--- a/policycoreutils-rhat.patch
+++ b/policycoreutils-rhat.patch
@ -1,6 +1,6 @@
-diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/booleansPage.py policycoreutils-1.33.10/gui/booleansPage.py
+diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/booleansPage.py policycoreutils-1.33.12/gui/booleansPage.py
 --- nsapolicycoreutils/gui/booleansPage.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-1.33.10/gui/booleansPage.py	2007-01-09 09:13:43.000000000 -0500
+++ policycoreutils-1.33.12/gui/booleansPage.py	2007-01-11 14:12:49.000000000 -0500
@@ -0,0 +1,199 @@
 +#
 +# booleansPage.py - GUI for Booleans page in system-config-securitylevel
@ -201,9 +201,9 @@ diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.
 +
 +        setsebool="/usr/sbin/setsebool -P %s=%d" % (key, not val)
 +        commands.getstatusoutput(setsebool)
-diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/fcontextPage.py policycoreutils-1.33.10/gui/fcontextPage.py
+diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/fcontextPage.py policycoreutils-1.33.12/gui/fcontextPage.py
 --- nsapolicycoreutils/gui/fcontextPage.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-1.33.10/gui/fcontextPage.py	2007-01-09 09:13:43.000000000 -0500
+++ policycoreutils-1.33.12/gui/fcontextPage.py	2007-01-11 14:12:49.000000000 -0500
@@ -0,0 +1,158 @@
 +## fcontextPage.py - show selinux mappings
 +## Copyright (C) 2006 Red Hat, Inc.
@ -363,9 +363,9 @@ diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.
 +        self.store.set_value(iter, 0, fspec)
 +        self.store.set_value(iter, 2, ftype)
 +        self.store.set_value(iter, 1, "system_u:object_r:%s:%s" % (type, mls))
-diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/loginsPage.py policycoreutils-1.33.10/gui/loginsPage.py
+diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/loginsPage.py policycoreutils-1.33.12/gui/loginsPage.py
 --- nsapolicycoreutils/gui/loginsPage.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-1.33.10/gui/loginsPage.py	2007-01-09 09:13:43.000000000 -0500
+++ policycoreutils-1.33.12/gui/loginsPage.py	2007-01-11 14:12:49.000000000 -0500
@@ -0,0 +1,161 @@
 +## loginsPage.py - show selinux mappings
 +## Copyright (C) 2006 Red Hat, Inc.
@ -528,9 +528,9 @@ diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.
 +        self.store.set_value(iter, 1, seuser)
 +        self.store.set_value(iter, 2, seobject.translate(serange))
 +
-diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/Makefile policycoreutils-1.33.10/gui/Makefile
+diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/Makefile policycoreutils-1.33.12/gui/Makefile
 --- nsapolicycoreutils/gui/Makefile	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-1.33.10/gui/Makefile	2007-01-09 09:13:43.000000000 -0500
+++ policycoreutils-1.33.12/gui/Makefile	2007-01-11 14:12:49.000000000 -0500
@@ -0,0 +1,30 @@
 +# Installation directories.
 +PREFIX ?= ${DESTDIR}/usr
@ -562,9 +562,9 @@ diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.
 +indent:
 +
 +relabel:
-diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/mappingsPage.py policycoreutils-1.33.10/gui/mappingsPage.py
+diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/mappingsPage.py policycoreutils-1.33.12/gui/mappingsPage.py
 --- nsapolicycoreutils/gui/mappingsPage.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-1.33.10/gui/mappingsPage.py	2007-01-09 09:13:43.000000000 -0500
+++ policycoreutils-1.33.12/gui/mappingsPage.py	2007-01-11 14:12:49.000000000 -0500
@@ -0,0 +1,54 @@
 +## mappingsPage.py - show selinux mappings
 +## Copyright (C) 2006 Red Hat, Inc.
@ -620,9 +620,9 @@ diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.
 +        for k in keys:
 +            print "%-25s %-25s %-25s" % (k, dict[k][0], translate(dict[k][1]))
 +
-diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/modulesPage.py policycoreutils-1.33.10/gui/modulesPage.py
+diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/modulesPage.py policycoreutils-1.33.12/gui/modulesPage.py
 --- nsapolicycoreutils/gui/modulesPage.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-1.33.10/gui/modulesPage.py	2007-01-09 09:13:43.000000000 -0500
+++ policycoreutils-1.33.12/gui/modulesPage.py	2007-01-11 14:12:49.000000000 -0500
@@ -0,0 +1,161 @@
 +## modulesPage.py - show selinux mappings
 +## Copyright (C) 2006 Red Hat, Inc.
@ -785,9 +785,9 @@ diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.
 +        
 +
 +
-diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/portsPage.py policycoreutils-1.33.10/gui/portsPage.py
+diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/portsPage.py policycoreutils-1.33.12/gui/portsPage.py
 --- nsapolicycoreutils/gui/portsPage.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-1.33.10/gui/portsPage.py	2007-01-09 09:13:43.000000000 -0500
+++ policycoreutils-1.33.12/gui/portsPage.py	2007-01-11 14:12:49.000000000 -0500
@@ -0,0 +1,214 @@
 +## portsPage.py - show selinux mappings
 +## Copyright (C) 2006 Red Hat, Inc.
@ -1003,9 +1003,9 @@ diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.
 +        self.store.set_value(iter, MLS_COL, mls)
 +
 +
-diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/selinux.tbl policycoreutils-1.33.10/gui/selinux.tbl
+diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/selinux.tbl policycoreutils-1.33.12/gui/selinux.tbl
 --- nsapolicycoreutils/gui/selinux.tbl	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-1.33.10/gui/selinux.tbl	2007-01-09 09:13:43.000000000 -0500
+++ policycoreutils-1.33.12/gui/selinux.tbl	2007-01-11 14:12:49.000000000 -0500
@@ -0,0 +1,265 @@
 +acct_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for acct daemon")
 +allow_cvs_read_shadow  _("CVS") _("Allow cvs daemon to read shadow")
@ -1272,9 +1272,9 @@ diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.
 +ypserv_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for ypserv daemon")
 +ypxfr_disable_trans _("NIS") _("Disable SELinux protection for NIS Transfer Daemon")
 +zebra_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for zebra daemon")
-diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/semanagePage.py policycoreutils-1.33.10/gui/semanagePage.py
+diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/semanagePage.py policycoreutils-1.33.12/gui/semanagePage.py
 --- nsapolicycoreutils/gui/semanagePage.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-1.33.10/gui/semanagePage.py	2007-01-09 09:13:43.000000000 -0500
+++ policycoreutils-1.33.12/gui/semanagePage.py	2007-01-11 14:12:50.000000000 -0500
@@ -0,0 +1,109 @@
 +## semanagePage.py - show selinux mappings
 +## Copyright (C) 2006 Red Hat, Inc.
@ -1385,9 +1385,9 @@ diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.
 +        self.dialog.hide()
 +
 +    
-diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/statusPage.py policycoreutils-1.33.10/gui/statusPage.py
+diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/statusPage.py policycoreutils-1.33.12/gui/statusPage.py
 --- nsapolicycoreutils/gui/statusPage.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-1.33.10/gui/statusPage.py	2007-01-09 09:13:43.000000000 -0500
+++ policycoreutils-1.33.12/gui/statusPage.py	2007-01-11 14:12:50.000000000 -0500
@@ -0,0 +1,213 @@
 +## statusPage.py - show selinux status
 +## Copyright (C) 2006 Red Hat, Inc.
@ -1602,9 +1602,9 @@ diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.
 +        return self.types[self.selinuxTypeOptionMenu.get_active()]
 +
 +
-diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/system-config-selinux.glade policycoreutils-1.33.10/gui/system-config-selinux.glade
+diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/system-config-selinux.glade policycoreutils-1.33.12/gui/system-config-selinux.glade
 --- nsapolicycoreutils/gui/system-config-selinux.glade	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-1.33.10/gui/system-config-selinux.glade	2007-01-09 09:13:43.000000000 -0500
+++ policycoreutils-1.33.12/gui/system-config-selinux.glade	2007-01-11 14:12:50.000000000 -0500
@@ -0,0 +1,2803 @@
 +<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*-->
 +<!DOCTYPE glade-interface SYSTEM "http://glade.gnome.org/glade-2.0.dtd">
@ -4409,9 +4409,9 @@ diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.
 +</widget>
 +
 +</glade-interface>
-diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/system-config-selinux.py policycoreutils-1.33.10/gui/system-config-selinux.py
+diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/system-config-selinux.py policycoreutils-1.33.12/gui/system-config-selinux.py
 --- nsapolicycoreutils/gui/system-config-selinux.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-1.33.10/gui/system-config-selinux.py	2007-01-09 09:13:43.000000000 -0500
+++ policycoreutils-1.33.12/gui/system-config-selinux.py	2007-01-11 14:12:50.000000000 -0500
@@ -0,0 +1,156 @@
 +#!/usr/bin/python
 +#
@ -4569,9 +4569,9 @@ diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.
 +
 +    app = childWindow()
 +    app.stand_alone()
-diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/translationsPage.py policycoreutils-1.33.10/gui/translationsPage.py
+diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/translationsPage.py policycoreutils-1.33.12/gui/translationsPage.py
 --- nsapolicycoreutils/gui/translationsPage.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-1.33.10/gui/translationsPage.py	2007-01-09 09:13:43.000000000 -0500
+++ policycoreutils-1.33.12/gui/translationsPage.py	2007-01-11 14:12:50.000000000 -0500
@@ -0,0 +1,109 @@
 +## translationsPage.py - show selinux translations
 +## Copyright (C) 2006 Red Hat, Inc.
@ -4682,9 +4682,9 @@ diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.
 +        store, iter = self.view.get_selection().get_selected()
 +        self.store.set_value(iter, 0, level)
 +        self.store.set_value(iter, 1, translation)
-diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/usersPage.py policycoreutils-1.33.10/gui/usersPage.py
+diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/usersPage.py policycoreutils-1.33.12/gui/usersPage.py
 --- nsapolicycoreutils/gui/usersPage.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-1.33.10/gui/usersPage.py	2007-01-09 09:13:43.000000000 -0500
+++ policycoreutils-1.33.12/gui/usersPage.py	2007-01-11 14:12:50.000000000 -0500
@@ -0,0 +1,155 @@
 +## usersPage.py - show selinux mappings
 +## Copyright (C) 2006 Red Hat, Inc.
@ -4841,45 +4841,18 @@ diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.
 +        except ValueError, e:
 +            self.error(e.args[0])
 +
-diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/Makefile policycoreutils-1.33.10/Makefile
+diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/Makefile policycoreutils-1.33.12/Makefile
 --- nsapolicycoreutils/Makefile	2006-11-16 17:15:00.000000000 -0500
-+++ policycoreutils-1.33.10/Makefile	2007-01-09 09:13:43.000000000 -0500
+++ policycoreutils-1.33.12/Makefile	2007-01-11 14:12:50.000000000 -0500
@@ -1,4 +1,4 @@
 -SUBDIRS=setfiles semanage load_policy newrole run_init restorecon restorecond secon audit2allow audit2why scripts sestatus semodule_package semodule semodule_link semodule_expand semodule_deps setsebool po
 +SUBDIRS=setfiles semanage load_policy newrole run_init restorecon restorecond secon audit2allow audit2why scripts sestatus semodule_package semodule semodule_link semodule_expand semodule_deps setsebool po gui
 
 all install relabel clean indent:
 	@for subdir in $(SUBDIRS); do \
-diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/newrole/newrole.c policycoreutils-1.33.10/newrole/newrole.c
--- nsapolicycoreutils/newrole/newrole.c	2007-01-04 17:01:41.000000000 -0500
-+++ policycoreutils-1.33.10/newrole/newrole.c	2007-01-09 09:13:43.000000000 -0500
-@@ -741,6 +741,7 @@
- 	char *level_s = NULL;	/* level spec'd by user in argv[] */
- 	char *range_ptr = NULL;
- 	security_context_t new_con = NULL;
-+	security_context_t tty_con = NULL;
- 	context_t context = NULL; /* manipulatable form of new_context */
- 	const struct option long_options[] = {
- 		{"role", 1, 0, 'r'},
-@@ -793,6 +794,15 @@
- 					"specified\n"));
- 				return -1;
- 			}
-+			if (fgetfilecon(0,&tty_con) >= 0) {
-+				if (selinux_check_securetty_context(tty_con) != 1) {
-+					fprintf(stderr, "Error: you are not allowed to change levels on a non secure terminal\n");
-+					freecon(tty_con);
-+					return -1;
-+				}
-+				freecon(tty_con);
-+			}
-+
- 			level_s = optarg;
- 			break;
- 		default:
-diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/restorecond/restorecond.c policycoreutils-1.33.10/restorecond/restorecond.c
+diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/restorecond/restorecond.c policycoreutils-1.33.12/restorecond/restorecond.c
 --- nsapolicycoreutils/restorecond/restorecond.c	2006-11-16 17:14:28.000000000 -0500
-+++ policycoreutils-1.33.10/restorecond/restorecond.c	2007-01-09 09:13:43.000000000 -0500
+++ policycoreutils-1.33.12/restorecond/restorecond.c	2007-01-11 14:12:50.000000000 -0500
@@ -210,9 +210,10 @@
 			}
 
@ -4906,80 +4879,78 @@ diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.
 	}
 	free(scontext);
 	close(fd);
-diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/restorecond/restorecond.conf policycoreutils-1.33.10/restorecond/restorecond.conf
+diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/restorecond/restorecond.conf policycoreutils-1.33.12/restorecond/restorecond.conf
 --- nsapolicycoreutils/restorecond/restorecond.conf	2006-11-20 12:19:55.000000000 -0500
-+++ policycoreutils-1.33.10/restorecond/restorecond.conf	2007-01-09 09:13:43.000000000 -0500
+++ policycoreutils-1.33.12/restorecond/restorecond.conf	2007-01-11 14:12:50.000000000 -0500
@@ -1,4 +1,5 @@
 /etc/resolv.conf
 +/etc/localtime
 /etc/samba/secrets.tdb
 /etc/mtab
 /var/run/utmp
-diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/scripts/fixfiles policycoreutils-1.33.10/scripts/fixfiles
--- nsapolicycoreutils/scripts/fixfiles	2006-11-16 17:14:27.000000000 -0500
-+++ policycoreutils-1.33.10/scripts/fixfiles	2007-01-09 09:13:43.000000000 -0500
-@@ -29,6 +29,9 @@
- RPMILES=""
- OUTFILES=""
- LOGFILE=`tty`
-+if [ $? != 0 ]; then
-+    LOGFILE="/dev/null"
-+fi
- SYSLOGFLAG="-l"
- LOGGER=/usr/sbin/logger
- SETFILES=/sbin/setfiles
-diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/semanage/seobject.py policycoreutils-1.33.10/semanage/seobject.py
--- nsapolicycoreutils/semanage/seobject.py	2007-01-09 09:06:59.000000000 -0500
-+++ policycoreutils-1.33.10/semanage/seobject.py	2007-01-09 09:21:32.000000000 -0500
-@@ -94,23 +94,25 @@
- 	return re.search("^" + reg +"$",raw)
+diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/semanage/semanage policycoreutils-1.33.12/semanage/semanage
+--- nsapolicycoreutils/semanage/semanage	2006-11-16 17:14:26.000000000 -0500
+++ policycoreutils-1.33.12/semanage/semanage	2007-01-11 14:12:50.000000000 -0500
+@@ -23,12 +23,21 @@
+ import os, sys, getopt
+ import seobject
+ import selinux
+PROGNAME="policycoreutils"
+
+ import gettext
+gettext.bindtextdomain(PROGNAME, "/usr/share/locale")
+gettext.textdomain(PROGNAME)
+import codecs
+import locale
+sys.stderr = codecs.getwriter(locale.getpreferredencoding())(sys.__stderr__, 'replace')
+sys.stdout = codecs.getwriter(locale.getpreferredencoding())(sys.__stdout__, 'replace')
 
- def translate(raw, prepend = 1):
-	if prepend == 1:
-		context = "a:b:c:%s" % raw
-+        filler="a:b:c:"
-+        if prepend == 1:
-+		context = "%s%s" % (filler,raw)
- 	else:
- 		context = raw
- 	(rc, trans) = selinux.selinux_raw_to_trans_context(context)
- 	if rc != 0:
- 		return raw
- 	if prepend:
-		trans = trans.strip("a:b:c")
-+		trans = trans[len(filler):]
- 	if trans == "":
- 		return raw
- 	else:
- 		return trans
+ try:
+-       gettext.install('policycoreutils')
+-except:
+-       pass
+       gettext.install(PROGNAME, localedir="/usr/share/locale", unicode=1)
+except IOError:
+       import __builtin__
+       __builtin__.__dict__['_'] = unicode
+ 
+ is_mls_enabled=selinux.is_selinux_mls_enabled()
+ 
+diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/semanage/seobject.py policycoreutils-1.33.12/semanage/seobject.py
+--- nsapolicycoreutils/semanage/seobject.py	2007-01-11 08:56:30.000000000 -0500
+++ policycoreutils-1.33.12/semanage/seobject.py	2007-01-11 14:14:19.000000000 -0500
+@@ -23,13 +23,16 @@
+ 
+ import pwd, string, selinux, tempfile, os, re, sys
+ from semanage import *;
+-import gettext
+PROGNAME="policycoreutils"
+ 
+import gettext
+gettext.bindtextdomain(PROGNAME, "/usr/share/locale")
+gettext.textdomain(PROGNAME)
+ try:
+-       t = gettext.translation('policycoreutils', '/usr/share/locale')
+-       _ = t.ugettext
+-except:
+-       pass
+       gettext.install(PROGNAME, localedir="/usr/share/locale", unicode=1)
+except IOError:
+       import __builtin__
+       __builtin__.__dict__['_'] = unicode
+ 
+ is_mls_enabled = selinux.is_selinux_mls_enabled()
+ 
+@@ -168,7 +171,7 @@
 	
- def untranslate(trans, prepend = 1):
-+        filler="a:b:c:"
-  	if prepend == 1:
-		context = "a:b:c:%s" % trans
-+		context = "%s%s" % (filler,trans)
- 	else:
- 		context = trans
- 
-@@ -118,7 +120,7 @@
- 	if rc != 0:
- 		return trans
- 	if prepend:
-		raw = raw.strip("a:b:c")	
-+		raw = raw[len(filler):]
- 	if raw == "":
- 		return trans
- 	else:
-@@ -157,7 +159,7 @@
- 	def out(self):
- 		rec = ""
- 		for c in self.comments:
-			rec += c +"\n"
-+			rec += c
+ 	def list(self,heading = 1):
+ 		if heading:
+-			print "\n%-25s %s\n" % ("Level", "Translation")
+			print "\n%-25s %s\n" % (_("Level"), _("Translation"))
 		keys = self.ddict.keys()
 		keys.sort()
 		for k in keys:
-@@ -204,7 +206,8 @@
+@@ -206,14 +209,14 @@
 		os.write(fd, self.out())
 		os.close(fd)
 		os.rename(newfilename, self.filename)
@ -4989,7 +4960,43 @@ diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.
 class semanageRecords:
 	def __init__(self):
 		self.sh = semanage_handle_create()
-@@ -459,7 +462,8 @@
+		self.semanaged = semanage_is_managed(self.sh)
+ 		if not self.sh:
+ 		       raise ValueError(_("Could not create semanage handle"))
+-		
+-		self.semanaged = semanage_is_managed(self.sh)
+ 
+ 		if not self.semanaged:
+ 			semanage_handle_destroy(self.sh)
+@@ -288,10 +291,10 @@
+ 				raise ValueError(_("Could not add login mapping for %s") % name)
+ 
+ 		except ValueError, error:
+-			mylog.log(0, "add SELinux user mapping", name, sename, "", serange);
+			mylog.log(0, _("add SELinux user mapping"), name, sename, "", serange);
+ 			raise error
+ 		
+-		mylog.log(1, "add SELinux user mapping", name, sename, "", serange);
+		mylog.log(1, _("add SELinux user mapping"), name, sename, "", serange);
+ 		semanage_seuser_key_free(k)
+ 		semanage_seuser_free(u)
+ 
+@@ -403,12 +406,12 @@
+ 		keys.sort()
+ 		if is_mls_enabled == 1:
+ 			if heading:
+-				print "\n%-25s %-25s %-25s\n" % ("Login Name", "SELinux User", "MLS/MCS Range")
+				print "\n%-25s %-25s %-25s\n" % (_("Login Name"), _("SELinux User"), _("MLS/MCS Range"))
+ 			for k in keys:
+ 				print "%-25s %-25s %-25s" % (k, ddict[k][0], translate(ddict[k][1]))
+ 		else:
+ 			if heading:
+-				print "\n%-25s %-25s\n" % ("Login Name", "SELinux User")
+				print "\n%-25s %-25s\n" % (_("Login Name"), _("SELinux User"))
+ 			for k in keys:
+ 				print "%-25s %-25s" % (k, ddict[k][0])
+ 
+@@ -461,7 +464,8 @@
 				rc = semanage_user_set_mlslevel(self.sh, u, selevel)
 				if rc < 0:
 					raise ValueError(_("Could not set MLS level for %s") % name)
@ -4999,7 +5006,7 @@ diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.
 			rc = semanage_user_set_prefix(self.sh, u, prefix)
 			if rc < 0:
 				raise ValueError(_("Could not add prefix %s for %s") % (r, prefix))
-@@ -525,7 +529,9 @@
+@@ -527,7 +531,9 @@
 				semanage_user_set_mlslevel(self.sh, u, untranslate(selevel))
 
 			if prefix != "":
@ -5010,3 +5017,56 @@ diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.
 
 			if len(roles) != 0:
                                for r in rlist:
+@@ -617,13 +623,13 @@
+ 		keys.sort()
+ 		if is_mls_enabled == 1:
+ 			if heading:
+-				print "\n%-15s %-10s %-10s %-30s" % ("", "Labeling", "MLS/", "MLS/")
+-				print "%-15s %-10s %-10s %-30s %s\n" % ("SELinux User", "Prefix", "MCS Level", "MCS Range", "SELinux Roles")
+				print "\n%-15s %-10s %-10s %-30s" % ("", _("Labeling"), _("MLS/"), _("MLS/"))
+				print "%-15s %-10s %-10s %-30s %s\n" % (_("SELinux User"), _("Prefix"), _("MCS Level"), _("MCS Range"), _("SELinux Roles"))
+ 			for k in keys:
+ 				print "%-15s %-10s %-10s %-30s %s" % (k, ddict[k][0], translate(ddict[k][1]), translate(ddict[k][2]), ddict[k][3])
+ 		else:
+ 			if heading:
+-				print "%-15s %s\n" % ("SELinux User", "SELinux Roles")
+				print "%-15s %s\n" % (_("SELinux User"), _("SELinux Roles"))
+ 			for k in keys:
+ 				print "%-15s %s" % (k, ddict[k][3])
+ 
+@@ -832,7 +838,7 @@
+ 
+ 	def list(self, heading = 1):
+ 		if heading:
+-			print "%-30s %-8s %s\n" % ("SELinux Port Type", "Proto", "Port Number")
+			print "%-30s %-8s %s\n" % (_("SELinux Port Type"), _("Proto"), _("Port Number"))
+ 		ddict = self.get_all_by_type()
+ 		keys = ddict.keys()
+ 		keys.sort()
+@@ -1002,7 +1008,7 @@
+ 			
+ 	def list(self, heading = 1):
+ 		if heading:
+-			print "%-30s %s\n" % ("SELinux Interface", "Context")
+			print "%-30s %s\n" % (_("SELinux Interface"), _("Context"))
+ 		ddict = self.get_all()
+ 		keys = ddict.keys()
+ 		keys.sort()
+@@ -1186,7 +1192,7 @@
+ 			
+ 	def list(self, heading = 1):
+ 		if heading:
+-			print "%-50s %-18s %s\n" % ("SELinux fcontext", "type", "Context")
+			print "%-50s %-18s %s\n" % (_("SELinux fcontext"), _("type"), _("Context"))
+ 		fcon_list = self.get_all()
+ 		for fcon in fcon_list:
+ 			if len(fcon) > 3:
+@@ -1284,7 +1290,7 @@
+ 			
+ 	def list(self, heading = 1):
+ 		if heading:
+-			print "%-50s %-18s\n" % ("SELinux boolean", "value")
+			print "%-50s %-18s\n" % (_("SELinux boolean"), _("value"))
+ 		ddict = self.get_all()
+ 		keys = ddict.keys()
+ 		for k in keys:
--- a/policycoreutils.spec
+++ b/policycoreutils.spec
@ -1,10 +1,10 @@
 %define libauditver 1.1.4-3
 %define libsepolver 1.12.27-1
 %define libsemanagever 1.6.17-1
-%define libselinuxver 1.33.3-2
+%define libselinuxver 1.33.4-1
 Summary: SELinux policy core utilities.
 Name: policycoreutils
-Version: 1.33.10
+Version: 1.33.12
 Release: 1%{?dist}
 License: GPL
 Group: System Environment/Base
@ -168,6 +168,18 @@ fi
 [ -x /sbin/service ] && /sbin/service restorecond condrestart  > /dev/null

 %changelog
+* Tue Jan 9 2007 Dan Walsh <dwalsh@redhat.com> 1.33.12-1
+- Want to update to match api
+- Update to upstream
+	* Merged newrole securetty check from Dan Walsh.
+	* Merged semodule patch to generalize list support from Karl MacMillan.
+Resolves: #200110
+
+* Tue Jan 9 2007 Dan Walsh <dwalsh@redhat.com> 1.33.11-1
+- Update to upstream
+	* Merged fixfiles and seobject fixes from Dan Walsh.
+	* Merged semodule support for list of modules after -i from Karl MacMillan. 
+
 * Tue Jan 9 2007 Dan Walsh <dwalsh@redhat.com> 1.33.10-1
 - Update to upstream
 	* Merged patch to correctly handle a failure during semanage handle
--- a/2
+++ b/2
@ -1 +1 @@
-131eadefb07d3e320d860136177578e4  policycoreutils-1.33.10.tgz
+9ee1abc2e930c675359c169771cff773  policycoreutils-1.33.12.tgz