diff --git a/policycoreutils-rhat.patch b/policycoreutils-rhat.patch index 7dd2309..32b7d85 100644 --- a/policycoreutils-rhat.patch +++ b/policycoreutils-rhat.patch @@ -1,2345 +1,209 @@ -diff --git a/policycoreutils/Makefile b/policycoreutils/Makefile -index 83ebd45..bea9814 100644 ---- a/policycoreutils/Makefile -+++ b/policycoreutils/Makefile -@@ -1,4 +1,4 @@ --SUBDIRS = sepolicy setfiles semanage load_policy newrole run_init sandbox secon audit2allow sestatus semodule_package semodule semodule_link semodule_expand semodule_deps sepolgen-ifgen setsebool scripts po man gui -+SUBDIRS = sepolicy setfiles semanage load_policy newrole run_init sandbox secon audit2allow sestatus semodule_package semodule semodule_link semodule_expand semodule_deps sepolgen-ifgen setsebool scripts po man gui semanage/default_encoding - - INOTIFYH = $(shell ls /usr/include/sys/inotify.h 2>/dev/null) - -diff --git a/policycoreutils/audit2allow/sepolgen-ifgen b/policycoreutils/audit2allow/sepolgen-ifgen -index 3967ba5..7f8caaf 100644 ---- a/policycoreutils/audit2allow/sepolgen-ifgen -+++ b/policycoreutils/audit2allow/sepolgen-ifgen -@@ -63,7 +63,7 @@ def parse_options(): - - def get_policy(): - p = selinux.selinux_current_policy_path() -- if os.path.exists(p): -+ if p and os.path.exists(p): - return p - i = selinux.security_policyvers() - p = selinux.selinux_binary_policy_path() + "." + str(i) -@@ -82,7 +82,7 @@ def get_attrs(policy_path): - sys.stderr.write("No installed policy to check\n") - return None - outfile = tempfile.NamedTemporaryFile() -- except IOError, e: -+ except IOError as e: - sys.stderr.write("could not open attribute output file\n") - return None - except OSError: -@@ -100,7 +100,7 @@ def get_attrs(policy_path): - try: - attrs.from_file(outfile) - except: -- print "error parsing attribute info" -+ print("error parsing attribute info") - return None - - return attrs -@@ -111,7 +111,7 @@ def main(): - # Open the output first to generate errors before parsing - try: - f = open(options.output, "w") -- except IOError, e: -+ except IOError as e: - sys.stderr.write("could not open output file [%s]\n" % options.output) - return 1 - -@@ -130,9 +130,9 @@ def main(): - # Parse the headers - try: - headers = refparser.parse_headers(options.headers, output=log, debug=options.debug) -- except ValueError, e: -- print "error parsing headers" -- print str(e) -+ except ValueError as e: -+ print("error parsing headers") -+ print(str(e)) - return 1 - - if_set = interfaces.InterfaceSet(output=log) -diff --git a/policycoreutils/gui/Makefile b/policycoreutils/gui/Makefile -index 9d9f820..0c2b390 100644 ---- a/policycoreutils/gui/Makefile -+++ b/policycoreutils/gui/Makefile -@@ -12,7 +12,6 @@ domainsPage.py \ - fcontextPage.py \ - html_util.py \ - loginsPage.py \ --mappingsPage.py \ - modulesPage.py \ - polgen.glade \ - portsPage.py \ -diff --git a/policycoreutils/gui/booleansPage.py b/policycoreutils/gui/booleansPage.py -index eee954d..0c4b14b 100644 ---- a/policycoreutils/gui/booleansPage.py -+++ b/policycoreutils/gui/booleansPage.py -@@ -18,20 +18,17 @@ - # You should have received a copy of the GNU General Public License - # Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - # --import string - import gtk - import gtk.glade --import os - import gobject - import sys --import tempfile - import seobject - import semanagePage - - INSTALLPATH='/usr/share/system-config-selinux' - sys.path.append(INSTALLPATH) - --import commands -+import subprocess - ENFORCING=0 - PERMISSIVE=1 - DISABLED=2 -@@ -50,10 +47,8 @@ try: - unicode=False, - codeset = 'utf-8') - except IOError: -- import __builtin__ -- __builtin__.__dict__['_'] = unicode -- --from glob import fnmatch -+ import builtins -+ builtins.__dict__['_'] = str - - class Modifier: - def __init__(self,name, on, save): -@@ -103,8 +98,6 @@ class booleansPage: - self.revertButton = xml.get_widget("booleanRevertButton") - self.revertButton.set_sensitive(self.local) - self.revertButton.connect("clicked", self.on_revert_clicked) -- listStore = gtk.ListStore(gobject.TYPE_STRING) -- cell = gtk.CellRendererText() - - self.store = gtk.ListStore(gobject.TYPE_BOOLEAN, gobject.TYPE_STRING, gobject.TYPE_STRING, gobject.TYPE_STRING) - self.store.set_sort_column_id(1, gtk.SORT_ASCENDING) -@@ -123,7 +116,7 @@ class booleansPage: - self.booleansView.append_column(col) - - col = gtk.TreeViewColumn("Description", gtk.CellRendererText(), text=DESC) -- col.set_sizing(gtk.TREE_VIEW_COLUMN_FIXED) -+ col.set_sizing(gtk.TREE_VIEW_COLUMN_FIXED) - col.set_fixed_width(400) - col.set_sort_column_id(DESC) - col.set_resizable(True) -@@ -170,16 +163,15 @@ class booleansPage: - # change cursor - if boolean == None: - return -+ self.wait() - try: -- self.wait() -- (rc, out) = commands.getstatusoutput("semanage boolean -d %s" % boolean) -- -- self.ready() -- if rc != 0: -- return self.error(out) -+ subprocess.check_output("semanage boolean -d %s" % boolean, -+ stderr=subprocess.STDOUT, -+ shell=True) - self.load(self.filter) -- except ValueError, e: -- self.error(e.args[0]) -+ except subprocess.CalledProcessError as e: -+ self.error(e.output) -+ self.ready() - - def filter_changed(self, *arg): - filter = arg[0].get_text() -@@ -224,17 +216,25 @@ class booleansPage: - self.store.set_value(iter, ACTIVE , not val) - self.wait() - setsebool="/usr/sbin/setsebool -P %s %d" % (key, not val) -- rc,out = commands.getstatusoutput(setsebool) -- if rc != 0: -- self.error(out) -- self.load(self.filter) -+ try: -+ subprocess.check_output(setsebool, -+ stderr=subprocess.STDOUT, -+ shell=True) -+ self.load(self.filter) -+ except subprocess.CalledProcessError as e: -+ self.error(e.output) - self.ready() - - def on_revert_clicked(self, button): - self.wait() - setsebool="semanage boolean --deleteall" -- commands.getstatusoutput(setsebool) -- self.load(self.filter) -+ try: -+ subprocess.check_output(setsebool, -+ stderr=subprocess.STDOUT, -+ shell=True) -+ self.load(self.filter) -+ except subprocess.CalledProcessError as e: -+ self.error(e.output) - self.ready() - - def on_local_clicked(self, button): -diff --git a/policycoreutils/gui/domainsPage.py b/policycoreutils/gui/domainsPage.py -index 6af1e9a..39a4574 100644 ---- a/policycoreutils/gui/domainsPage.py -+++ b/policycoreutils/gui/domainsPage.py -@@ -20,7 +20,7 @@ import string - import gtk - import gtk.glade - import os --import commands -+import subprocess - import gobject - import sys - import seobject -@@ -41,8 +41,8 @@ try: - unicode=False, - codeset = 'utf-8') - except IOError: -- import __builtin__ -- __builtin__.__dict__['_'] = unicode -+ import builtins -+ builtins.__dict__['_'] = str - - class domainsPage(semanagePage): - def __init__(self, xml): -@@ -115,18 +115,17 @@ class domainsPage(semanagePage): - selection = self.view.get_selection() - store, iter = selection.get_selected() - domain = store.get_value(iter, 0) -+ self.wait() -+ cmd = "semanage permissive -d %s_t" % domain - try: -- self.wait() -- status, output = commands.getstatusoutput("semanage permissive -d %s_t" % domain) -- self.ready() -- if status != 0: -- self.error(output) -- else: -- domain = store.set_value(iter, 1, "") -- self.itemSelected(selection) -- -- except ValueError, e: -- self.error(e.args[0]) -+ subprocess.check_output(cmd, -+ stderr=subprocess.STDOUT, -+ shell=True) -+ domain = store.set_value(iter, 1, "") -+ self.itemSelected(selection) -+ except subprocess.CalledProcessError as e: -+ self.error(e.output) -+ self.ready() - - def propertiesDialog(self): - # Do nothing -@@ -140,15 +139,14 @@ class domainsPage(semanagePage): - selection = self.view.get_selection() - store, iter = selection.get_selected() - domain = store.get_value(iter, 0) -+ self.wait() -+ cmd = "semanage permissive -a %s_t" % domain - try: -- self.wait() -- status, output = commands.getstatusoutput("semanage permissive -a %s_t" % domain) -- self.ready() -- if status != 0: -- self.error(output) -- else: -- domain = store.set_value(iter, 1, _("Permissive")) -- self.itemSelected(selection) -- -- except ValueError, e: -- self.error(e.args[0]) -+ subprocess.check_output(cmd, -+ stderr=subprocess.STDOUT, -+ shell=True) -+ domain = store.set_value(iter, 1, _("Permissive")) -+ self.itemSelected(selection) -+ except subprocess.CalledProcessError as e: -+ self.error(e.output) -+ self.ready() -diff --git a/policycoreutils/gui/fcontextPage.py b/policycoreutils/gui/fcontextPage.py -index 131f1c2..9a34143 100644 ---- a/policycoreutils/gui/fcontextPage.py -+++ b/policycoreutils/gui/fcontextPage.py -@@ -18,10 +18,9 @@ - ## Author: Dan Walsh - import gtk - import gtk.glade --import os - import gobject - import seobject --import commands -+import subprocess - from semanagePage import *; - - SPEC_COL = 0 -@@ -55,8 +54,8 @@ try: - unicode=False, - codeset = 'utf-8') - except IOError: -- import __builtin__ -- __builtin__.__dict__['_'] = unicode -+ import builtins -+ builtins.__dict__['_'] = str - - - class fcontextPage(semanagePage): -@@ -72,16 +71,16 @@ class fcontextPage(semanagePage): - self.view.set_search_equal_func(self.search) - - col = gtk.TreeViewColumn(_("File\nSpecification"), gtk.CellRendererText(), text=SPEC_COL) -- col.set_sizing(gtk.TREE_VIEW_COLUMN_FIXED) -- col.set_fixed_width(250) -+ col.set_sizing(gtk.TREE_VIEW_COLUMN_FIXED) -+ col.set_fixed_width(250) - - col.set_sort_column_id(SPEC_COL) - col.set_resizable(True) - self.view.append_column(col) - col = gtk.TreeViewColumn(_("Selinux\nFile Type"), gtk.CellRendererText(), text=TYPE_COL) - -- col.set_sizing(gtk.TREE_VIEW_COLUMN_FIXED) -- col.set_fixed_width(250) -+ col.set_sizing(gtk.TREE_VIEW_COLUMN_FIXED) -+ col.set_fixed_width(250) - col.set_sort_column_id(TYPE_COL) - col.set_resizable(True) - self.view.append_column(col) -@@ -97,16 +96,16 @@ class fcontextPage(semanagePage): - liststore=self.fcontextFileTypeCombo.get_model() - for k in seobject.file_types: - if len(k) > 0 and k[0] != '-': -- iter=liststore.append() -- liststore.set_value(iter, 0, k) -- iter = liststore.get_iter_first() -- self.fcontextFileTypeCombo.set_active_iter(iter) -+ it=liststore.append() -+ liststore.set_value(it, 0, k) -+ it = liststore.get_iter_first() -+ self.fcontextFileTypeCombo.set_active_iter(it) - self.fcontextTypeEntry = xml.get_widget("fcontextTypeEntry") - self.fcontextMLSEntry = xml.get_widget("fcontextMLSEntry") - -- def match(self, fcon_dict, k, filter): -+ def match(self, fcon_dict, k, filt): - try: -- f=filter.lower() -+ f=filt.lower() - for con in k: - k=con.lower() - if k.find(f) >= 0: -@@ -119,46 +118,46 @@ class fcontextPage(semanagePage): - pass - return False - -- def load(self, filter=""): -- self.filter=filter -+ def load(self, filt=""): -+ self.filter=filt - self.fcontext=seobject.fcontextRecords() - self.store.clear() - fcon_dict=self.fcontext.get_all(self.local) -- keys = fcon_dict.keys() -+ keys = list(fcon_dict.keys()) - keys.sort() - for k in keys: -- if not self.match(fcon_dict, k, filter): -+ if not self.match(fcon_dict, k, filt): - continue -- iter=self.store.append() -- self.store.set_value(iter, SPEC_COL, k[0]) -- self.store.set_value(iter, FTYPE_COL, k[1]) -+ it=self.store.append() -+ self.store.set_value(it, SPEC_COL, k[0]) -+ self.store.set_value(it, FTYPE_COL, k[1]) - if fcon_dict[k]: - rec="%s:%s" % (fcon_dict[k][2], seobject.translate(fcon_dict[k][3],False)) - else: - rec="<>" -- self.store.set_value(iter, TYPE_COL, rec) -+ self.store.set_value(it, TYPE_COL, rec) - self.view.get_selection().select_path ((0,)) - - def filter_changed(self, *arg): -- filter = arg[0].get_text() -- if filter != self.filter: -- self.load(filter) -+ filt = arg[0].get_text() -+ if filt != self.filter: -+ self.load(filt) - - def dialogInit(self): -- store, iter = self.view.get_selection().get_selected() -- self.fcontextEntry.set_text(store.get_value(iter, SPEC_COL)) -+ store, it = self.view.get_selection().get_selected() -+ self.fcontextEntry.set_text(store.get_value(it, SPEC_COL)) - self.fcontextEntry.set_sensitive(False) -- scontext = store.get_value(iter, TYPE_COL) -+ scontext = store.get_value(it, TYPE_COL) - scon=context(scontext) - self.fcontextTypeEntry.set_text(scon.type) - self.fcontextMLSEntry.set_text(scon.mls) -- type=store.get_value(iter, FTYPE_COL) -+ setype=store.get_value(it, FTYPE_COL) - liststore=self.fcontextFileTypeCombo.get_model() -- iter = liststore.get_iter_first() -- while iter != None and liststore.get_value(iter,0) != type: -- iter = liststore.iter_next(iter) -- if iter != None: -- self.fcontextFileTypeCombo.set_active_iter(iter) -+ it = liststore.get_iter_first() -+ while it != None and liststore.get_value(it,0) != setype: -+ it = liststore.iter_next(it) -+ if it != None: -+ self.fcontextFileTypeCombo.set_active_iter(it) - self.fcontextFileTypeCombo.set_sensitive(False) - - def dialogClear(self): -@@ -169,55 +168,60 @@ class fcontextPage(semanagePage): - self.fcontextMLSEntry.set_text("s0") - - def delete(self): -- store, iter = self.view.get_selection().get_selected() -+ store, it = self.view.get_selection().get_selected() -+ fspec=store.get_value(it, SPEC_COL) -+ ftype=store.get_value(it, FTYPE_COL) -+ self.wait() - try: -- fspec=store.get_value(iter, SPEC_COL) -- ftype=store.get_value(iter, FTYPE_COL) -- self.wait() -- (rc, out) = commands.getstatusoutput("semanage fcontext -d -f '%s' '%s'" % (ftype, fspec)) -- self.ready() -- -- if rc != 0: -- return self.error(out) -- store.remove(iter) -+ subprocess.check_output("semanage fcontext -d -f '%s' '%s'" % (ftype, fspec), -+ stderr=subprocess.STDOUT, -+ shell=True) -+ store.remove(it) - self.view.get_selection().select_path ((0,)) -- except ValueError, e: -- self.error(e.args[0]) -+ except subprocess.CalledProcessError as e: -+ self.error(e.output) -+ self.ready() - - def add(self): - ftype=["", "--", "-d", "-c", "-b", "-s", "-l", "-p" ] - fspec=self.fcontextEntry.get_text().strip() -- type=self.fcontextTypeEntry.get_text().strip() -+ setype=self.fcontextTypeEntry.get_text().strip() - mls=self.fcontextMLSEntry.get_text().strip() - list_model=self.fcontextFileTypeCombo.get_model() - active = self.fcontextFileTypeCombo.get_active() - self.wait() -- (rc, out) = commands.getstatusoutput("semanage fcontext -a -t %s -r %s -f '%s' '%s'" % (type, mls, ftype[active], fspec)) -- self.ready() -- if rc != 0: -- self.error(out) -+ try: -+ subprocess.check_output("semanage fcontext -a -t %s -r %s -f '%s' '%s'" % (setype, mls, ftype[active], fspec), -+ stderr=subprocess.STDOUT, -+ shell=True) -+ self.ready() -+ it=self.store.append() -+ self.store.set_value(it, SPEC_COL, fspec) -+ self.store.set_value(it, FTYPE_COL, ftype) -+ self.store.set_value(it, TYPE_COL, "%s:%s" % (setype, mls)) -+ except subprocess.CalledProcessError as e: -+ self.error(e.output) -+ self.ready() - return False - -- iter=self.store.append() -- self.store.set_value(iter, SPEC_COL, fspec) -- self.store.set_value(iter, FTYPE_COL, ftype) -- self.store.set_value(iter, TYPE_COL, "%s:%s" % (type, mls)) -- - def modify(self): - fspec=self.fcontextEntry.get_text().strip() -- type=self.fcontextTypeEntry.get_text().strip() -+ setype=self.fcontextTypeEntry.get_text().strip() - mls=self.fcontextMLSEntry.get_text().strip() - list_model=self.fcontextFileTypeCombo.get_model() -- iter = self.fcontextFileTypeCombo.get_active_iter() -- ftype=list_model.get_value(iter,0) -+ it = self.fcontextFileTypeCombo.get_active_iter() -+ ftype=list_model.get_value(it,0) - self.wait() -- (rc, out) = commands.getstatusoutput("semanage fcontext -m -t %s -r %s -f '%s' '%s'" % (type, mls, ftype, fspec)) -- self.ready() -- if rc != 0: -- self.error(out) -+ try: -+ subprocess.check_output("semanage fcontext -m -t %s -r %s -f '%s' '%s'" % (setype, mls, ftype, fspec), -+ stderr=subprocess.STDOUT, -+ shell=True) -+ self.ready() -+ store, it = self.view.get_selection().get_selected() -+ self.store.set_value(it, SPEC_COL, fspec) -+ self.store.set_value(it, FTYPE_COL, ftype) -+ self.store.set_value(it, TYPE_COL, "%s:%s" % (setype, mls)) -+ except subprocess.CalledProcessError as e: -+ self.error(e.output) -+ self.ready() - return False -- -- store, iter = self.view.get_selection().get_selected() -- self.store.set_value(iter, SPEC_COL, fspec) -- self.store.set_value(iter, FTYPE_COL, ftype) -- self.store.set_value(iter, TYPE_COL, "%s:%s" % (type, mls)) -diff --git a/policycoreutils/gui/html_util.py b/policycoreutils/gui/html_util.py -index 68eed76..32de37a 100644 ---- a/policycoreutils/gui/html_util.py -+++ b/policycoreutils/gui/html_util.py -@@ -30,7 +30,8 @@ import htmllib - import formatter as Formatter - import string - from types import * --import StringIO -+import io -+import collections - - #------------------------------------------------------------------------------ - -@@ -119,7 +120,7 @@ def unescape_html(s): - - def html_to_text(html, maxcol=80): - try: -- buffer = StringIO.StringIO() -+ buffer = io.StringIO() - formatter = Formatter.AbstractFormatter(TextWriter(buffer, maxcol)) - parser = HTMLParserAnchor(formatter) - parser.feed(html) -@@ -127,7 +128,7 @@ def html_to_text(html, maxcol=80): - text = buffer.getvalue() - buffer.close() - return text -- except Exception, e: -+ except Exception as e: - log_program.error('cannot convert html to text: %s' % e) - return None - -@@ -149,7 +150,7 @@ def html_document(*body_components): - elif type(body_component) in [TupleType, ListType]: - for item in body_component: - doc += item -- elif callable(body_component): -+ elif isinstance(body_component, collections.Callable): - result = body_component() - if type(result) in [TupleType, ListType]: - for item in result: -diff --git a/policycoreutils/gui/loginsPage.py b/policycoreutils/gui/loginsPage.py -index ec29fd9..8a1c0b7 100644 ---- a/policycoreutils/gui/loginsPage.py -+++ b/policycoreutils/gui/loginsPage.py -@@ -16,13 +16,10 @@ - ## Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - - ## Author: Dan Walsh --import string - import gtk - import gtk.glade --import os - import gobject --import sys --import commands -+import subprocess - import seobject - from semanagePage import *; - -@@ -39,8 +36,8 @@ try: - unicode=False, - codeset = 'utf-8') - except IOError: -- import __builtin__ -- __builtin__.__dict__['_'] = unicode -+ import builtins -+ builtins.__dict__['_'] = str - - class loginsPage(semanagePage): - def __init__(self, xml): -@@ -68,21 +65,21 @@ class loginsPage(semanagePage): - self.filter=filter - self.login = seobject.loginRecords() - dict = self.login.get_all(0) -- keys = dict.keys() -+ keys = list(dict.keys()) - keys.sort() - self.store.clear() - for k in keys: - range = seobject.translate(dict[k][1]) - if not (self.match(k, filter) or self.match(dict[k][0], filter) or self.match(range, filter)): - continue -- iter = self.store.append() -- self.store.set_value(iter, 0, k) -- self.store.set_value(iter, 1, dict[k][0]) -- self.store.set_value(iter, 2, range) -+ it = self.store.append() -+ self.store.set_value(it, 0, k) -+ self.store.set_value(it, 1, dict[k][0]) -+ self.store.set_value(it, 2, range) - self.view.get_selection().select_path ((0,)) - - def __dialogSetup(self): -- if self.firstTime == True: -+ if self.firstTime: - return - self.firstTime = True - liststore = gtk.ListStore(gobject.TYPE_STRING) -@@ -92,31 +89,31 @@ class loginsPage(semanagePage): - self.loginsSelinuxUserCombo.add_attribute(cell, 'text', 0) - - selusers = seobject.seluserRecords().get_all(0) -- keys = selusers.keys() -+ keys = list(selusers.keys()) - keys.sort() - for k in keys: - if k != "system_u": - self.loginsSelinuxUserCombo.append_text(k) - -- iter = liststore.get_iter_first() -- while liststore.get_value(iter,0) != "user_u": -- iter = liststore.iter_next(iter) -- self.loginsSelinuxUserCombo.set_active_iter(iter) -+ it = liststore.get_iter_first() -+ while liststore.get_value(it,0) != "user_u": -+ it = liststore.iter_next(it) -+ self.loginsSelinuxUserCombo.set_active_iter(it) - - def dialogInit(self): - self.__dialogSetup() -- store, iter = self.view.get_selection().get_selected() -- self.loginsNameEntry.set_text(store.get_value(iter, 0)) -+ store, it = self.view.get_selection().get_selected() -+ self.loginsNameEntry.set_text(store.get_value(it, 0)) - self.loginsNameEntry.set_sensitive(False) - -- self.loginsMLSEntry.set_text(store.get_value(iter, 2)) -- seuser = store.get_value(iter, 1) -+ self.loginsMLSEntry.set_text(store.get_value(it, 2)) -+ seuser = store.get_value(it, 1) - liststore = self.loginsSelinuxUserCombo.get_model() -- iter = liststore.get_iter_first() -- while iter != None and liststore.get_value(iter,0) != seuser: -- iter = liststore.iter_next(iter) -- if iter != None: -- self.loginsSelinuxUserCombo.set_active_iter(iter) -+ it = liststore.get_iter_first() -+ while it != None and liststore.get_value(it,0) != seuser: -+ it = liststore.iter_next(it) -+ if it != None: -+ self.loginsSelinuxUserCombo.set_active_iter(it) - - - def dialogClear(self): -@@ -126,21 +123,25 @@ class loginsPage(semanagePage): - self.loginsMLSEntry.set_text("s0") - - def delete(self): -- store, iter = self.view.get_selection().get_selected() -+ store, it = self.view.get_selection().get_selected() - try: -- login=store.get_value(iter, 0) -+ login=store.get_value(it, 0) - if login == "root" or login == "__default__": - raise ValueError(_("Login '%s' is required") % login) - - self.wait() -- (rc, out) = commands.getstatusoutput("semanage login -d %s" % login) -- self.ready() -- if rc != 0: -- self.error(out) -+ try: -+ subprocess.check_output("semanage login -d %s" % login, -+ stderr=subprocess.STDOUT, -+ shell=True) -+ self.ready() -+ store.remove(it) -+ self.view.get_selection().select_path ((0,)) -+ except subprocess.CalledProcessError as e: -+ self.ready() -+ self.error(e.output) - return False -- store.remove(iter) -- self.view.get_selection().select_path ((0,)) -- except ValueError, e: -+ except ValueError as e: - self.error(e.args[0]) - - def add(self): -@@ -149,36 +150,42 @@ class loginsPage(semanagePage): - if serange == "": - serange="s0" - list_model=self.loginsSelinuxUserCombo.get_model() -- iter = self.loginsSelinuxUserCombo.get_active_iter() -- seuser = list_model.get_value(iter,0) -+ it = self.loginsSelinuxUserCombo.get_active_iter() -+ seuser = list_model.get_value(it,0) - self.wait() -- (rc, out) = commands.getstatusoutput("semanage login -a -s %s -r %s %s" % (seuser, serange, target)) -- self.ready() -- if rc != 0: -- self.error(out) -+ try: -+ subprocess.check_output("semanage login -a -s %s -r %s %s" % (seuser, serange, target), -+ stderr=subprocess.STDOUT, -+ shell=True) -+ self.ready() -+ it = self.store.append() -+ self.store.set_value(it, 0, target) -+ self.store.set_value(it, 1, seuser) -+ self.store.set_value(it, 2, seobject.translate(serange)) -+ except subprocess.CalledProcessError as e: -+ self.error(e.output) -+ self.ready() - return False - -- iter = self.store.append() -- self.store.set_value(iter, 0, target) -- self.store.set_value(iter, 1, seuser) -- self.store.set_value(iter, 2, seobject.translate(serange)) -- - def modify(self): - target=self.loginsNameEntry.get_text().strip() - serange=self.loginsMLSEntry.get_text().strip() - if serange == "": - serange = "s0" - list_model = self.loginsSelinuxUserCombo.get_model() -- iter = self.loginsSelinuxUserCombo.get_active_iter() -- seuser=list_model.get_value(iter,0) -+ it = self.loginsSelinuxUserCombo.get_active_iter() -+ seuser=list_model.get_value(it,0) - self.wait() -- (rc, out) = commands.getstatusoutput("semanage login -m -s %s -r %s %s" % (seuser, serange, target)) -- self.ready() -- if rc != 0: -- self.error(out) -+ try: -+ subprocess.check_output("semanage login -m -s %s -r %s %s" % (seuser, serange, target), -+ stderr=subprocess.STDOUT, -+ shell=True) -+ self.ready() -+ store, it = self.view.get_selection().get_selected() -+ self.store.set_value(it, 0, target) -+ self.store.set_value(it, 1, seuser) -+ self.store.set_value(it, 2, seobject.translate(serange)) -+ except subprocess.CalledProcessError as e: -+ self.error(e.output) -+ self.ready() - return False -- -- store, iter = self.view.get_selection().get_selected() -- self.store.set_value(iter, 0, target) -- self.store.set_value(iter, 1, seuser) -- self.store.set_value(iter, 2, seobject.translate(serange)) -diff --git a/policycoreutils/gui/mappingsPage.py b/policycoreutils/gui/mappingsPage.py -deleted file mode 100644 -index fd0ea75..0000000 ---- a/policycoreutils/gui/mappingsPage.py -+++ /dev/null -@@ -1,55 +0,0 @@ --## mappingsPage.py - show selinux mappings --## Copyright (C) 2006 Red Hat, Inc. -- --## This program is free software; you can redistribute it and/or modify --## it under the terms of the GNU General Public License as published by --## the Free Software Foundation; either version 2 of the License, or --## (at your option) any later version. -- --## This program is distributed in the hope that it will be useful, --## but WITHOUT ANY WARRANTY; without even the implied warranty of --## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the --## GNU General Public License for more details. -- --## You should have received a copy of the GNU General Public License --## along with this program; if not, write to the Free Software --## Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -- --## Author: Dan Walsh --import string --import gtk --import gtk.glade --import os --import gobject --import sys --import seobject -- --## --## I18N --## --PROGNAME="policycoreutils" --import gettext --gettext.bindtextdomain(PROGNAME, "/usr/share/locale") --gettext.textdomain(PROGNAME) --try: -- gettext.install(PROGNAME, -- localedir="/usr/share/locale", -- unicode=False, -- codeset = 'utf-8') --except IOError: -- import __builtin__ -- __builtin__.__dict__['_'] = unicode -- --class loginsPage: -- def __init__(self, xml): -- self.xml = xml -- self.view = xml.get_widget("mappingsView") -- self.store = gtk.ListStore(gobject.TYPE_STRING, gobject.TYPE_STRING, gobject.TYPE_STRING) -- self.store.set_sort_column_id(0, gtk.SORT_ASCENDING) -- self.view.set_model(self.store) -- self.login = loginRecords() -- dict = self.login.get_all(0) -- keys = dict.keys() -- keys.sort() -- for k in keys: -- print "%-25s %-25s %-25s" % (k, dict[k][0], translate(dict[k][1])) -diff --git a/policycoreutils/gui/modulesPage.py b/policycoreutils/gui/modulesPage.py -index 9ff0766..a52863e 100644 ---- a/policycoreutils/gui/modulesPage.py -+++ b/policycoreutils/gui/modulesPage.py -@@ -20,7 +20,7 @@ import string - import gtk - import gtk.glade - import os --import commands -+import subprocess - import gobject - import sys - import seobject -@@ -41,8 +41,8 @@ try: - unicode=False, - codeset = 'utf-8') - except IOError: -- import __builtin__ -- __builtin__.__dict__['_'] = unicode -+ import builtins -+ builtins.__dict__['_'] = str - - class modulesPage(semanagePage): - def __init__(self, xml): -@@ -85,8 +85,8 @@ class modulesPage(semanagePage): - except: - return 0 - -- def load(self, filter=""): -- self.filter=filter -+ def load(self, filt=""): -+ self.filter=filt - self.store.clear() - try: - fd = Popen("semodule -l", shell=True, stdout=PIPE).stdout -@@ -94,11 +94,11 @@ class modulesPage(semanagePage): - fd.close() - for i in l: - module, ver, newline = i.split('\t') -- if not (self.match(module, filter) or self.match(ver, filter)): -+ if not (self.match(module, filt) or self.match(ver, filt)): - continue -- iter = self.store.append() -- self.store.set_value(iter, 0, module.strip()) -- self.store.set_value(iter, 1, ver.strip()) -+ it = self.store.append() -+ self.store.set_value(it, 0, module.strip()) -+ self.store.set_value(it, 1, ver.strip()) - except: - pass - self.view.get_selection().select_path ((0,)) -@@ -107,53 +107,51 @@ class modulesPage(semanagePage): - def new_module(self, args): - try: - Popen(["/usr/share/system-config-selinux/polgengui.py"]) -- except ValueError, e: -+ except ValueError as e: - self.error(e.args[0]) - - def delete(self): -- store, iter = self.view.get_selection().get_selected() -- module = store.get_value(iter, 0) -+ store, it = self.view.get_selection().get_selected() -+ module = store.get_value(it, 0) -+ self.wait() - try: -- self.wait() -- status, output = commands.getstatusoutput("semodule -r %s" % module) -- self.ready() -- if status != 0: -- self.error(output) -- else: -- store.remove(iter) -- self.view.get_selection().select_path ((0,)) -- -- except ValueError, e: -- self.error(e.args[0]) -+ subprocess.check_output("semodule -r %s" % module, -+ stderr=subprocess.STDOUT, -+ shell=True) -+ store.remove(it) -+ self.view.get_selection().select_path ((0,)) -+ except subprocess.CalledProcessError as e: -+ self.error(e.output) -+ self.ready() - - def enable_audit(self, button): - self.audit_enabled = not self.audit_enabled -+ if self.audit_enabled: -+ cmd = "semodule -DB" -+ label = _("Disable Audit") -+ else: -+ cmd = "semodule -B" -+ label = _("Enable Audit") -+ self.wait() - try: -- self.wait() -- if self.audit_enabled: -- status, output =commands.getstatusoutput("semodule -DB") -- button.set_label(_("Disable Audit")) -- else: -- status, output =commands.getstatusoutput("semodule -B") -- button.set_label(_("Enable Audit")) -- self.ready() -- -- if status != 0: -- self.error(output) -- -- except ValueError, e: -- self.error(e.args[0]) -+ subprocess.check_output(cmd, -+ stderr=subprocess.STDOUT, -+ shell=True) -+ button.set_label(label) -+ except subprocess.CalledProcessError as e: -+ self.error(e.output) -+ self.ready() - - def disable_audit(self, button): -+ self.wait() -+ cmd = "semodule -B" - try: -- self.wait() -- status, output =commands.getstatusoutput("semodule -B") -- self.ready() -- if status != 0: -- self.error(output) -- -- except ValueError, e: -- self.error(e.args[0]) -+ subprocess.check_output(cmd, -+ stderr=subprocess.STDOUT, -+ shell=True) -+ except subprocess.CalledProcessError as e: -+ self.error(e.output) -+ self.ready() - - def propertiesDialog(self): - # Do nothing -@@ -167,10 +165,10 @@ class modulesPage(semanagePage): - gtk.STOCK_OPEN, gtk.RESPONSE_OK)) - dialog.set_default_response(gtk.RESPONSE_OK) - -- filter = gtk.FileFilter() -- filter.set_name("Policy Files") -- filter.add_pattern("*.pp") -- dialog.add_filter(filter) -+ filt = gtk.FileFilter() -+ filt.set_name("Policy Files") -+ filt.add_pattern("*.pp") -+ dialog.add_filter(filt) - - response = dialog.run() - if response == gtk.RESPONSE_OK: -@@ -178,14 +176,13 @@ class modulesPage(semanagePage): - dialog.destroy() - - def add(self, file): -+ self.wait() -+ cmd = "semodule -i %s" % file - try: -- self.wait() -- status, output =commands.getstatusoutput("semodule -i %s" % file) -- self.ready() -- if status != 0: -- self.error(output) -- else: -- self.load() -- -- except ValueError, e: -- self.error(e.args[0]) -+ subprocess.check_output(cmd, -+ stderr=subprocess.STDOUT, -+ shell=True) -+ self.load() -+ except subprocess.CalledProcessError as e: -+ self.error(e.output) -+ self.ready() -diff --git a/policycoreutils/gui/polgen.glade b/policycoreutils/gui/polgen.glade -index 37c1472..9854fb2 100644 ---- a/policycoreutils/gui/polgen.glade -+++ b/policycoreutils/gui/polgen.glade -@@ -758,7 +758,7 @@ - True - False - True -- -+ - - - 2 -@@ -840,7 +840,7 @@ - True - False - True -- -+ - - - 2 -@@ -1983,7 +1983,7 @@ Tab - True - True - False -- -+ - - - True -@@ -2036,7 +2036,7 @@ Tab - True - True - False -- -+ - - - True -@@ -2091,7 +2091,7 @@ Tab - True - False - True -- -+ - - - -@@ -2188,7 +2188,7 @@ Tab - True - True - False -- -+ - - - True -@@ -2243,7 +2243,7 @@ Tab - True - False - True -- -+ - - - -@@ -2414,7 +2414,7 @@ Tab - True - False - True -- -+ - - - False -@@ -2430,7 +2430,7 @@ Tab - True - False - True -- -+ - - - False -@@ -2446,7 +2446,7 @@ Tab - True - False - True -- -+ - - - False -diff --git a/policycoreutils/gui/polgengui.py b/policycoreutils/gui/polgengui.py -index 0f0e564..1b88c47 100644 ---- a/policycoreutils/gui/polgengui.py -+++ b/policycoreutils/gui/polgengui.py -@@ -30,29 +30,15 @@ import gnome - import sys - try: - from sepolicy import generate --except ValueError,e: -+except ValueError as e: - sys.stderr.write("%s: %s\n" % (e.__class__.__name__, str(e))) - sys.exit(1) -- -+ - import sepolicy.interface --import commands -+import subprocess - - import re - --def get_all_modules(): -- try: -- all_modules = [] -- rc, output=commands.getstatusoutput("semodule -l 2>/dev/null") -- if rc == 0: -- l = output.split("\n") -- for i in l: -- all_modules.append(i.split()[0]) -- except: -- pass -- -- return all_modules -- -- - ## - ## I18N - ## -@@ -67,8 +53,8 @@ try: - unicode=False, - codeset = 'utf-8') - except IOError: -- import __builtin__ -- __builtin__.__dict__['_'] = unicode -+ import builtins -+ builtins.__dict__['_'] = str - - gnome.program_init("SELinux Policy Generation Tool", "5") - -@@ -191,10 +177,10 @@ class childWindow: - - try: - self.all_types = generate.get_all_types() -- self.all_modules = get_all_modules() -+ self.all_modules = sepolicy.get_all_modules() - self.all_roles = generate.get_all_roles() - self.all_users = generate.get_all_users() -- except RuntimeError, e: -+ except RuntimeError as e: - self.all_types = [] - self.all_modules = [] - self.all_roles = [] -@@ -262,7 +248,7 @@ class childWindow: - self.out_udp_entry = self.xml.get_widget("out_udp_entry") - self.network_buttons[self.out_udp_all_checkbutton] = [ self.out_udp_entry ] - -- for b in self.network_buttons.keys(): -+ for b in list(self.network_buttons.keys()): - b.connect("clicked",self.network_all_clicked) - - self.boolean_treeview = self.xml.get_widget("boolean_treeview") -@@ -333,7 +319,7 @@ class childWindow: - for a in sepolicy.interface.get_admin(): - iter = self.admin_store.append() - self.admin_store.set_value(iter, 0, a) -- except ValueError,e: -+ except ValueError as e: - self.error(e.message) - - def confine_application(self): -@@ -519,7 +505,7 @@ class childWindow: - - self.info(my_policy.generate(outputdir)) - return False -- except ValueError, e: -+ except ValueError as e: - self.error(e.message) - - def delete(self, args): -@@ -687,7 +673,7 @@ class childWindow: - try: - generate.verify_ports(self.in_tcp_entry.get_text()) - generate.verify_ports(self.in_udp_entry.get_text()) -- except ValueError, e: -+ except ValueError as e: - self.error(e.message) - return True - -@@ -695,7 +681,7 @@ class childWindow: - try: - generate.verify_ports(self.out_tcp_entry.get_text()) - generate.verify_ports(self.out_udp_entry.get_text()) -- except ValueError, e: -+ except ValueError as e: - self.error(e.message) - return True - -@@ -734,12 +720,12 @@ class childWindow: - policy.set_program(exe) - policy.gen_writeable() - policy.gen_symbols() -- for f in policy.files.keys(): -+ for f in list(policy.files.keys()): - iter = self.store.append() - self.store.set_value(iter, 0, f) - self.store.set_value(iter, 1, FILE) - -- for f in policy.dirs.keys(): -+ for f in list(policy.dirs.keys()): - iter = self.store.append() - self.store.set_value(iter, 0, f) - self.store.set_value(iter, 1, DIR) -diff --git a/policycoreutils/gui/portsPage.py b/policycoreutils/gui/portsPage.py -index bfb4e36..e6c87c5 100644 ---- a/policycoreutils/gui/portsPage.py -+++ b/policycoreutils/gui/portsPage.py -@@ -16,14 +16,11 @@ - ## Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - - ## Author: Dan Walsh --import string - import gtk - import gtk.glade --import os - import gobject --import sys - import seobject --import commands -+import subprocess - from semanagePage import *; - - ## -@@ -43,8 +40,8 @@ try: - unicode=False, - codeset = 'utf-8') - except IOError: -- import __builtin__ -- __builtin__.__dict__['_'] = unicode -+ import builtins -+ builtins.__dict__['_'] = str - - class portsPage(semanagePage): - def __init__(self, xml): -@@ -62,19 +59,19 @@ class portsPage(semanagePage): - self.ports_properties_button = xml.get_widget("portsPropertiesButton") - self.ports_delete_button = xml.get_widget("portsDeleteButton") - liststore = self.ports_protocol_combo.get_model() -- iter = liststore.get_iter_first() -- self.ports_protocol_combo.set_active_iter(iter) -+ it = liststore.get_iter_first() -+ self.ports_protocol_combo.set_active_iter(it) - self.init_store() - self.edit = True - self.load() - - def filter_changed(self, *arg): -- filter = arg[0].get_text() -- if filter != self.filter: -+ filt = arg[0].get_text() -+ if filt != self.filter: - if self.edit: -- self.load(filter) -+ self.load(filt) - else: -- self.group_load(filter) -+ self.group_load(filt) - - def init_store(self): - self.store = gtk.ListStore(gobject.TYPE_STRING, gobject.TYPE_STRING, gobject.TYPE_STRING , gobject.TYPE_STRING) -@@ -116,43 +113,43 @@ class portsPage(semanagePage): - except: - return 0 - -- def load(self,filter = ""): -- self.filter=filter -+ def load(self,filt = ""): -+ self.filter=filt - self.port = seobject.portRecords() -- dict = self.port.get_all(self.local) -- keys = dict.keys() -+ pdict = self.port.get_all(self.local) -+ keys = list(pdict.keys()) - keys.sort() - self.store.clear() - for k in keys: -- if not (self.match(str(k[0]), filter) or self.match(dict[k][0], filter) or self.match(k[2], filter) or self.match(dict[k][1], filter) or self.match(dict[k][1], filter)): -+ if not (self.match(str(k[0]), filt) or self.match(pdict[k][0], filt) or self.match(k[2], filt) or self.match(pdict[k][1], filt) or self.match(pdict[k][1], filt)): - continue -- iter = self.store.append() -+ it = self.store.append() - if k[0] == k[1]: -- self.store.set_value(iter, PORT_COL, k[0]) -+ self.store.set_value(it, PORT_COL, k[0]) - else: - rec = "%s-%s" % k[:2] -- self.store.set_value(iter, PORT_COL, rec) -- self.store.set_value(iter, TYPE_COL, dict[k][0]) -- self.store.set_value(iter, PROTOCOL_COL, k[2]) -- self.store.set_value(iter, MLS_COL, dict[k][1]) -+ self.store.set_value(it, PORT_COL, rec) -+ self.store.set_value(it, TYPE_COL, pdict[k][0]) -+ self.store.set_value(it, PROTOCOL_COL, k[2]) -+ self.store.set_value(it, MLS_COL, pdict[k][1]) - self.view.get_selection().select_path ((0,)) - -- def group_load(self, filter = ""): -- self.filter=filter -+ def group_load(self, filt = ""): -+ self.filter=filt - self.port = seobject.portRecords() -- dict = self.port.get_all_by_type(self.local) -- keys = dict.keys() -+ pdict = self.port.get_all_by_type(self.local) -+ keys = list(pdict.keys()) - keys.sort() - self.store.clear() - for k in keys: -- ports_string = ", ".join(dict[k]) -- if not (self.match(ports_string, filter) or self.match(k[0], filter) or self.match(k[1], filter) ): -+ ports_string = ", ".join(pdict[k]) -+ if not (self.match(ports_string, filt) or self.match(k[0], filt) or self.match(k[1], filt) ): - continue -- iter = self.store.append() -- self.store.set_value(iter, TYPE_COL, k[0]) -- self.store.set_value(iter, PROTOCOL_COL, k[1]) -- self.store.set_value(iter, PORT_COL, ports_string) -- self.store.set_value(iter, MLS_COL, "") -+ it = self.store.append() -+ self.store.set_value(it, TYPE_COL, k[0]) -+ self.store.set_value(it, PROTOCOL_COL, k[1]) -+ self.store.set_value(it, PORT_COL, ports_string) -+ self.store.set_value(it, MLS_COL, "") - self.view.get_selection().select_path ((0,)) - - def propertiesDialog(self): -@@ -160,19 +157,19 @@ class portsPage(semanagePage): - semanagePage.propertiesDialog(self) - - def dialogInit(self): -- store, iter = self.view.get_selection().get_selected() -- self.ports_number_entry.set_text(store.get_value(iter, PORT_COL)) -+ store, it = self.view.get_selection().get_selected() -+ self.ports_number_entry.set_text(store.get_value(it, PORT_COL)) - self.ports_number_entry.set_sensitive(False) - self.ports_protocol_combo.set_sensitive(False) -- self.ports_name_entry.set_text(store.get_value(iter, TYPE_COL)) -- self.ports_mls_entry.set_text(store.get_value(iter, MLS_COL)) -- protocol = store.get_value(iter, PROTOCOL_COL) -+ self.ports_name_entry.set_text(store.get_value(it, TYPE_COL)) -+ self.ports_mls_entry.set_text(store.get_value(it, MLS_COL)) -+ protocol = store.get_value(it, PROTOCOL_COL) - liststore = self.ports_protocol_combo.get_model() -- iter = liststore.get_iter_first() -- while iter != None and liststore.get_value(iter,0) != protocol: -- iter = liststore.iter_next(iter) -- if iter != None: -- self.ports_protocol_combo.set_active_iter(iter) -+ it = liststore.get_iter_first() -+ while it != None and liststore.get_value(it,0) != protocol: -+ it = liststore.iter_next(it) -+ if it != None: -+ self.ports_protocol_combo.set_active_iter(it) - - def dialogClear(self): - self.ports_number_entry.set_text("") -@@ -182,19 +179,20 @@ class portsPage(semanagePage): - self.ports_mls_entry.set_text("s0") - - def delete(self): -- store, iter = self.view.get_selection().get_selected() -- port = store.get_value(iter, PORT_COL) -- protocol = store.get_value(iter, 1) -+ store, it = self.view.get_selection().get_selected() -+ port = store.get_value(it, PORT_COL) -+ protocol = store.get_value(it, 1) -+ self.wait() -+ cmd = "semanage port -d -p %s %s" % (protocol, port) - try: -- self.wait() -- (rc, out) = commands.getstatusoutput("semanage port -d -p %s %s" % (protocol, port)) -- self.ready() -- if rc != 0: -- return self.error(out) -- store.remove(iter) -+ subprocess.check_output(cmd, -+ stderr=subprocess.STDOUT, -+ shell=True) -+ store.remove(it) - self.view.get_selection().select_path ((0,)) -- except ValueError, e: -- self.error(e.args[0]) -+ except subprocess.CalledProcessError as e: -+ self.error(e.output) -+ self.ready() - - def add(self): - target = self.ports_name_entry.get_text().strip() -@@ -207,39 +205,47 @@ class portsPage(semanagePage): - self.error(_("Port number \"%s\" is not valid. 0 < PORT_NUMBER < 65536 ") % port_number ) - return False - list_model = self.ports_protocol_combo.get_model() -- iter = self.ports_protocol_combo.get_active_iter() -- protocol = list_model.get_value(iter,0) -+ it = self.ports_protocol_combo.get_active_iter() -+ protocol = list_model.get_value(it,0) - self.wait() -- (rc, out) = commands.getstatusoutput("semanage port -a -p %s -r %s -t %s %s" % (protocol, mls, target, port_number)) -+ cmd = "semanage port -a -p %s -r %s -t %s %s" % (protocol, mls, target, port_number) -+ try: -+ subprocess.check_output(cmd, -+ stderr=subprocess.STDOUT, -+ shell=True) -+ it = self.store.append() -+ self.store.set_value(it, TYPE_COL, target) -+ self.store.set_value(it, PORT_COL, port_number) -+ self.store.set_value(it, PROTOCOL_COL, protocol) -+ self.store.set_value(it, MLS_COL, mls) -+ except subprocess.CalledProcessError as e: -+ self.error(e.output) - self.ready() -- if rc != 0: -- self.error(out) -- return False -- iter = self.store.append() -- -- self.store.set_value(iter, TYPE_COL, target) -- self.store.set_value(iter, PORT_COL, port_number) -- self.store.set_value(iter, PROTOCOL_COL, protocol) -- self.store.set_value(iter, MLS_COL, mls) - - def modify(self): - target = self.ports_name_entry.get_text().strip() - mls = self.ports_mls_entry.get_text().strip() - port_number = self.ports_number_entry.get_text().strip() - list_model = self.ports_protocol_combo.get_model() -- iter = self.ports_protocol_combo.get_active_iter() -- protocol = list_model.get_value(iter,0) -+ it = self.ports_protocol_combo.get_active_iter() -+ protocol = list_model.get_value(it,0) - self.wait() -- (rc, out) = commands.getstatusoutput("semanage port -m -p %s -r %s -t %s %s" % (protocol, mls, target, port_number)) -- self.ready() -- if rc != 0: -- self.error(out) -+ cmd = "semanage port -m -p %s -r %s -t %s %s" % (protocol, mls, target, port_number) -+ try: -+ subprocess.check_output(cmd, -+ stderr=subprocess.STDOUT, -+ shell=True) -+ store, it = self.view.get_selection().get_selected() -+ self.store.set_value(it, TYPE_COL, target) -+ self.store.set_value(it, PORT_COL, port_number) -+ self.store.set_value(it, PROTOCOL_COL, protocol) -+ self.store.set_value(it, MLS_COL, mls) -+ self.ready() -+ return True -+ except subprocess.CalledProcessError as e: -+ self.error(e.output) -+ self.ready() - return False -- store, iter = self.view.get_selection().get_selected() -- self.store.set_value(iter, TYPE_COL, target) -- self.store.set_value(iter, PORT_COL, port_number) -- self.store.set_value(iter, PROTOCOL_COL, protocol) -- self.store.set_value(iter, MLS_COL, mls) - - def on_group_clicked(self, button): - self.ports_add_button.set_sensitive(self.group) -diff --git a/policycoreutils/gui/selinux-polgengui.desktop b/policycoreutils/gui/selinux-polgengui.desktop -index 0c2f399..bbcb18f 100644 ---- a/policycoreutils/gui/selinux-polgengui.desktop -+++ b/policycoreutils/gui/selinux-polgengui.desktop -@@ -64,4 +64,3 @@ Type=Application - Terminal=false - Categories=System;Security; - X-Desktop-File-Install-Version=0.2 --Keywords=policy;security;selinux;avc;permission;mac; -diff --git a/policycoreutils/gui/semanagePage.py b/policycoreutils/gui/semanagePage.py -index 3a0e478..040a4f8 100644 ---- a/policycoreutils/gui/semanagePage.py -+++ b/policycoreutils/gui/semanagePage.py -@@ -37,8 +37,8 @@ try: - unicode=False, - codeset = 'utf-8') - except IOError: -- import __builtin__ -- __builtin__.__dict__['_'] = unicode -+ import builtins -+ builtins.__dict__['_'] = str - - def idle_func(): - while gtk.events_pending(): -@@ -77,9 +77,9 @@ class semanagePage: - return - - def filter_changed(self, *arg): -- filter = arg[0].get_text() -- if filter != self.filter: -- self.load(filter) -+ filt = arg[0].get_text() -+ if filt != self.filter: -+ self.load(filt) - - def search(self, model, col, key, i): - sort_col = self.store.get_sort_column_id()[0] -@@ -122,13 +122,37 @@ class semanagePage: - dlg.destroy() - - def deleteDialog(self): -- store, iter = self.view.get_selection().get_selected() -- if self.verify(_("Are you sure you want to delete %s '%s'?" % (self.description, store.get_value(iter, 0))), _("Delete %s" % self.description)) == gtk.RESPONSE_YES: -+ store, it = self.view.get_selection().get_selected() -+ if self.verify(_("Are you sure you want to delete %s '%s'?" % (self.description, store.get_value(it, 0))), _("Delete %s" % self.description)) == gtk.RESPONSE_YES: - self.delete() - - def use_menus(self): - return True - -+ def load(self, filt): -+ raise RuntimeError("load method not implemented in parent class"); -+ -+ def filter(self): -+ raise RuntimeError("filter method not implemented in parent class"); -+ -+ def store(self): -+ raise RuntimeError("store method not implemented in parent class"); -+ -+ def add(self): -+ raise RuntimeError("add method not implemented"); -+ -+ def modify(self): -+ raise RuntimeError("modify method not implemented"); -+ -+ def delete(self): -+ raise RuntimeError("delete method not implemented"); -+ -+ def dialogInit(self): -+ raise RuntimeError("dialogInit method not implemented"); -+ -+ def dialogClear(self): -+ raise RuntimeError("dialogClear method not implemented"); -+ - def addDialog(self): - self.dialogClear() - self.dialog.set_title(_("Add %s" % self.description)) -@@ -136,10 +160,10 @@ class semanagePage: - - while self.dialog.run() == gtk.RESPONSE_OK: - try: -- if self.add() == False: -+ if not self.add(): - continue - break; -- except ValueError, e: -+ except ValueError as e: - self.error(e.args[0]) - self.dialog.hide() - -@@ -149,10 +173,10 @@ class semanagePage: - self.dialog.set_position(gtk.WIN_POS_MOUSE) - while self.dialog.run() == gtk.RESPONSE_OK: - try: -- if self.modify() == False: -+ if not self.modify(): - continue - break; -- except ValueError, e: -+ except ValueError as e: - self.error(e.args[0]) - self.dialog.hide() - -diff --git a/policycoreutils/gui/statusPage.py b/policycoreutils/gui/statusPage.py -index 02685f2..6510d2a 100644 ---- a/policycoreutils/gui/statusPage.py -+++ b/policycoreutils/gui/statusPage.py -@@ -16,18 +16,14 @@ - ## Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - - ## Author: Dan Walsh --import string - import gtk - import gtk.glade - import os --import gobject - import sys --import tempfile - - INSTALLPATH = '/usr/share/system-config-selinux' - sys.path.append(INSTALLPATH) - --import commands - ENFORCING = 1 - PERMISSIVE = 0 - DISABLED = -1 -@@ -47,8 +43,8 @@ import selinux - try: - gettext.install(PROGNAME, localedir="/usr/share/locale", unicode=1) - except IOError: -- import __builtin__ -- __builtin__.__dict__['_'] = unicode -+ import builtins -+ builtins.__dict__['_'] = unicode - - class statusPage: - def __init__(self, xml): -@@ -127,21 +123,21 @@ class statusPage: - return rc - - def typemenu_changed(self, menu): -- type = self.get_type() -+ setype = self.get_type() - enabled = self.enabledOptionMenu.get_active() -- if self.initialtype != type: -+ if self.initialtype != setype: - if self.verify(_("Changing the policy type will cause a relabel of the entire file system on the next boot. Relabeling takes a long time depending on the size of the file system. Do you wish to continue?")) == gtk.RESPONSE_NO: - menu.set_active(self.typeHistory) - return None - - self.relabel_checkbutton.set_active(True) - -- self.write_selinux_config(modearray[enabled], type ) -+ self.write_selinux_config(modearray[enabled], setype ) - self.typeHistory = menu.get_active() - - def enabled_changed(self, combo): - enabled = combo.get_active() -- type = self.get_type() -+ setype = self.get_type() - - if self.initEnabled != DISABLED and enabled == DISABLED: - if self.verify(_("Changing to SELinux disabled requires a reboot. It is not recommended. If you later decide to turn SELinux back on, the system will be required to relabel. If you just want to see if SELinux is causing a problem on your system, you can go to permissive mode which will only log errors and not enforce SELinux policy. Permissive mode does not require a reboot Do you wish to continue?")) == gtk.RESPONSE_NO: -@@ -154,11 +150,11 @@ class statusPage: - return None - self.relabel_checkbutton.set_active(True) - -- self.write_selinux_config(modearray[enabled], type ) -+ self.write_selinux_config(modearray[enabled], setype ) - self.enabled = enabled - -- def write_selinux_config(self, enforcing, type): -- path = selinux.selinux_path() + "config" -+ def write_selinux_config(self, enforcing, setype): -+ path = selinux.selinux_path() + "config" - backup_path = path + ".bck" - fd = open(path) - lines = fd.readlines() -@@ -169,7 +165,7 @@ class statusPage: - fd.write("SELINUX=%s\n" % enforcing) - continue - if l.startswith("SELINUXTYPE="): -- fd.write("SELINUXTYPE=%s\n" % type) -+ fd.write("SELINUXTYPE=%s\n" % setype) - continue - fd.write(l) - fd.close() -diff --git a/policycoreutils/gui/system-config-selinux.desktop b/policycoreutils/gui/system-config-selinux.desktop -index 8822ce2..befdb23 100644 ---- a/policycoreutils/gui/system-config-selinux.desktop -+++ b/policycoreutils/gui/system-config-selinux.desktop -@@ -64,4 +64,3 @@ Type=Application - Terminal=false - Categories=System;Security; - X-Desktop-File-Install-Version=0.2 --Keywords=policy;security;selinux;avc;permission;mac; -diff --git a/policycoreutils/gui/system-config-selinux.py b/policycoreutils/gui/system-config-selinux.py -index bc3027e..9482fa5 100644 ---- a/policycoreutils/gui/system-config-selinux.py -+++ b/policycoreutils/gui/system-config-selinux.py -@@ -25,9 +25,9 @@ import string - import sys - try: - import gtk --except RuntimeError, e: -- print "system-config-selinux:", e -- print "This is a graphical application and requires DISPLAY to be set." -+except RuntimeError as e: -+ print("system-config-selinux:", e) -+ print("This is a graphical application and requires DISPLAY to be set.") - sys.exit (1) - - import gtk.glade -@@ -57,8 +57,8 @@ try: - unicode=False, - codeset = 'utf-8') - except IOError: -- import __builtin__ -- __builtin__.__dict__['_'] = unicode -+ import builtins -+ builtins.__dict__['_'] = str - - gnome.program_init("SELinux Management Tool", "5") - -@@ -95,7 +95,7 @@ class childWindow: - self.add_page(portsPage.portsPage(xml)) - self.add_page(modulesPage.modulesPage(xml)) # modules - self.add_page(domainsPage.domainsPage(xml)) # domains -- except ValueError, e: -+ except ValueError as e: - self.error(e.message) - - xml.signal_connect("on_quit_activate", self.destroy) -diff --git a/policycoreutils/gui/usersPage.py b/policycoreutils/gui/usersPage.py -index 93804ac..1451903 100644 ---- a/policycoreutils/gui/usersPage.py -+++ b/policycoreutils/gui/usersPage.py -@@ -16,13 +16,10 @@ - ## Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - - ## Author: Dan Walsh --import string - import gtk - import gtk.glade --import os - import gobject --import sys --import commands -+import subprocess - import seobject - from semanagePage import *; - -@@ -36,8 +33,8 @@ gettext.textdomain(PROGNAME) - try: - gettext.install(PROGNAME, localedir="/usr/share/locale", unicode=1) - except IOError: -- import __builtin__ -- __builtin__.__dict__['_'] = unicode -+ import builtins -+ builtins.__dict__['_'] = unicode - - class usersPage(semanagePage): - def __init__(self, xml): -@@ -65,34 +62,30 @@ class usersPage(semanagePage): - self.mlsRangeEntry = xml.get_widget("mlsRangeEntry") - self.selinuxRolesEntry = xml.get_widget("selinuxRolesEntry") - -- def load(self, filter = ""): -- self.filter=filter -+ def load(self, filt = ""): -+ self.filter=filt - self.user = seobject.seluserRecords() -- dict = self.user.get_all() -- keys = dict.keys() -+ udict = self.user.get_all() -+ keys = list(udict.keys()) - keys.sort() - self.store.clear() - for k in keys: -- range = seobject.translate(dict[k][2]) -- if not (self.match(k, filter) or self.match(dict[k][0], filter) or self.match(range, filter) or self.match(dict[k][3], filter)): -+ serange = seobject.translate(udict[k][2]) -+ if not (self.match(k, filt) or self.match(udict[k][0], filter) or self.match(serange, filt) or self.match(udict[k][3], filt)): - continue - -- iter = self.store.append() -- self.store.set_value(iter, 0, k) -- self.store.set_value(iter, 1, range) -- self.store.set_value(iter, 2, dict[k][3]) -+ it = self.store.append() -+ self.store.set_value(it, 0, k) -+ self.store.set_value(it, 1, serange) -+ self.store.set_value(it, 2, udict[k][3]) - self.view.get_selection().select_path ((0,)) - -- def delete(self): -- if semanagePage.delete(self) == gtk.RESPONSE_NO: -- return None -- - def dialogInit(self): -- store, iter = self.view.get_selection().get_selected() -- self.selinuxUserEntry.set_text(store.get_value(iter, 0)) -+ store, it = self.view.get_selection().get_selected() -+ self.selinuxUserEntry.set_text(store.get_value(it, 0)) - self.selinuxUserEntry.set_sensitive(False) -- self.mlsRangeEntry.set_text(store.get_value(iter, 1)) -- self.selinuxRolesEntry.set_text(store.get_value(iter, 2)) -+ self.mlsRangeEntry.set_text(store.get_value(it, 1)) -+ self.selinuxRolesEntry.set_text(store.get_value(it, 2)) - - def dialogClear(self): - self.selinuxUserEntry.set_text("") -@@ -102,48 +95,62 @@ class usersPage(semanagePage): - - def add(self): - user = self.selinuxUserEntry.get_text() -- range = self.mlsRangeEntry.get_text() -+ serange = self.mlsRangeEntry.get_text() - roles = self.selinuxRolesEntry.get_text() - - self.wait() -- (rc, out) = commands.getstatusoutput("semanage user -a -R '%s' -r %s %s" % (roles, range, user)) -- self.ready() -- if rc != 0: -- self.error(out) -+ try: -+ subprocess.check_output("semanage user -a -R '%s' -r %s %s" % (roles, serange, user), -+ stderr=subprocess.STDOUT, -+ shell=True) -+ self.ready() -+ it = self.store.append() -+ self.store.set_value(it, 0, user) -+ self.store.set_value(it, 1, serange) -+ self.store.set_value(it, 2, roles) -+ except subprocess.CalledProcessError as e: -+ self.error(e.output) -+ self.ready() - return False -- iter = self.store.append() -- self.store.set_value(iter, 0, user) -- self.store.set_value(iter, 1, range) -- self.store.set_value(iter, 2, roles) - - def modify(self): - user = self.selinuxUserEntry.get_text() -- range = self.mlsRangeEntry.get_text() -+ serange = self.mlsRangeEntry.get_text() - roles = self.selinuxRolesEntry.get_text() - - self.wait() -- (rc, out) = commands.getstatusoutput("semanage user -m -R '%s' -r %s %s" % (roles, range, user)) -- self.ready() -- -- if rc != 0: -- self.error(out) -+ cmd = "semanage user -m -R '%s' -r %s %s" % (roles, serange, user) -+ try: -+ subprocess.check_output(cmd, -+ stderr=subprocess.STDOUT, -+ shell=True) -+ self.ready() -+ self.load(self.filter) -+ except subprocess.CalledProcessError as e: -+ self.error(e.output) -+ self.ready() - return False -- self.load(self.filter) -+ return True - - def delete(self): -- store, iter = self.view.get_selection().get_selected() -+ store, it = self.view.get_selection().get_selected() - try: -- user=store.get_value(iter, 0) -+ user=store.get_value(it, 0) - if user == "root" or user == "user_u": - raise ValueError(_("SELinux user '%s' is required") % user) - - self.wait() -- (rc, out) = commands.getstatusoutput("semanage user -d %s" % user) -- self.ready() -- if rc != 0: -- self.error(out) -+ cmd = "semanage user -d %s" % user -+ try: -+ subprocess.check_output(cmd, -+ stderr=subprocess.STDOUT, -+ shell=True) -+ self.ready() -+ store.remove(it) -+ self.view.get_selection().select_path ((0,)) -+ except subprocess.CalledProcessError as e: -+ self.error(e.output) -+ self.ready() - return False -- store.remove(iter) -- self.view.get_selection().select_path ((0,)) -- except ValueError, e: -+ except ValueError as e: - self.error(e.args[0]) -diff --git a/policycoreutils/newrole/newrole.c b/policycoreutils/newrole/newrole.c -index dfb8c7f..4e59a06 100644 ---- a/policycoreutils/newrole/newrole.c -+++ b/policycoreutils/newrole/newrole.c -@@ -547,9 +547,7 @@ static int drop_capabilities(int full) - if (!uid) return 0; - - capng_setpid(getpid()); -- capng_clear(CAPNG_SELECT_BOTH); -- if (capng_lock() < 0) -- return -1; -+ capng_clear(CAPNG_SELECT_CAPS); - - /* Change uid */ - if (setresuid(uid, uid, uid)) { -@@ -558,7 +556,7 @@ static int drop_capabilities(int full) - } - if (! full) - capng_update(CAPNG_ADD, CAPNG_EFFECTIVE | CAPNG_PERMITTED, CAP_AUDIT_WRITE); -- return capng_apply(CAPNG_SELECT_BOTH); -+ return capng_apply(CAPNG_SELECT_CAPS); - } - #elif defined(NAMESPACE_PRIV) - /** -@@ -576,20 +574,21 @@ static int drop_capabilities(int full) - */ - static int drop_capabilities(int full) - { -+ uid_t uid = getuid(); -+ if (!uid) return 0; -+ - capng_setpid(getpid()); -- capng_clear(CAPNG_SELECT_BOTH); -- if (capng_lock() < 0) -- return -1; -+ capng_clear(CAPNG_SELECT_CAPS); - -- uid_t uid = getuid(); - /* Change uid */ - if (setresuid(uid, uid, uid)) { - fprintf(stderr, _("Error changing uid, aborting.\n")); - return -1; - } - if (! full) -- capng_updatev(CAPNG_ADD, CAPNG_EFFECTIVE | CAPNG_PERMITTED, CAP_SYS_ADMIN , CAP_FOWNER , CAP_CHOWN, CAP_DAC_OVERRIDE, CAP_SETPCAP, -1); -- return capng_apply(CAPNG_SELECT_BOTH); -+ capng_updatev(CAPNG_ADD, CAPNG_EFFECTIVE | CAPNG_PERMITTED, CAP_SYS_ADMIN , CAP_FOWNER , CAP_CHOWN, CAP_DAC_OVERRIDE, CAP_AUDIT_WRITE, -1); -+ -+ return capng_apply(CAPNG_SELECT_CAPS); - } - - #else -@@ -680,7 +679,7 @@ static int relabel_tty(const char *ttyn, security_context_t new_context, - security_context_t * tty_context, - security_context_t * new_tty_context) - { -- int fd; -+ int fd, rc; - int enforcing = security_getenforce(); - security_context_t tty_con = NULL; - security_context_t new_tty_con = NULL; -@@ -699,7 +698,13 @@ static int relabel_tty(const char *ttyn, security_context_t new_context, - fprintf(stderr, _("Error! Could not open %s.\n"), ttyn); - return fd; - } -- fcntl(fd, F_SETFL, fcntl(fd, F_GETFL, 0) & ~O_NONBLOCK); -+ /* this craziness is to make sure we cann't block on open and deadlock */ -+ rc = fcntl(fd, F_SETFL, fcntl(fd, F_GETFL, 0) & ~O_NONBLOCK); -+ if (rc) { -+ fprintf(stderr, _("Error! Could not clear O_NONBLOCK on %s\n"), ttyn); -+ close(fd); -+ return rc; -+ } - - if (fgetfilecon(fd, &tty_con) < 0) { - fprintf(stderr, _("%s! Could not get current context " -@@ -1010,9 +1015,9 @@ int main(int argc, char *argv[]) - int fd; - pid_t childPid = 0; - char *shell_argv0 = NULL; -+ int rc; - - #ifdef USE_PAM -- int rc; - int pam_status; /* pam return code */ - pam_handle_t *pam_handle; /* opaque handle used by all PAM functions */ - -@@ -1223,18 +1228,26 @@ int main(int argc, char *argv[]) - fprintf(stderr, _("Could not close descriptors.\n")); - goto err_close_pam; - } -- fd = open(ttyn, O_RDWR | O_NONBLOCK); -+ fd = open(ttyn, O_RDONLY | O_NONBLOCK); - if (fd != 0) - goto err_close_pam; -- fcntl(fd, F_SETFL, fcntl(fd, F_GETFL, 0) & ~O_NONBLOCK); -+ rc = fcntl(fd, F_SETFL, fcntl(fd, F_GETFL, 0) & ~O_NONBLOCK); -+ if (rc) -+ goto err_close_pam; -+ - fd = open(ttyn, O_RDWR | O_NONBLOCK); - if (fd != 1) - goto err_close_pam; -- fcntl(fd, F_SETFL, fcntl(fd, F_GETFL, 0) & ~O_NONBLOCK); -+ rc = fcntl(fd, F_SETFL, fcntl(fd, F_GETFL, 0) & ~O_NONBLOCK); -+ if (rc) -+ goto err_close_pam; -+ - fd = open(ttyn, O_RDWR | O_NONBLOCK); - if (fd != 2) - goto err_close_pam; -- fcntl(fd, F_SETFL, fcntl(fd, F_GETFL, 0) & ~O_NONBLOCK); -+ rc = fcntl(fd, F_SETFL, fcntl(fd, F_GETFL, 0) & ~O_NONBLOCK); -+ if (rc) -+ goto err_close_pam; - - } - /* -@@ -1268,19 +1281,24 @@ int main(int argc, char *argv[]) - } - #endif - -- if (send_audit_message(1, old_context, new_context, ttyn)) -+ if (send_audit_message(1, old_context, new_context, ttyn)) { -+ fprintf(stderr, _("Failed to send audit message")); - goto err_close_pam_session; -+ } - freecon(old_context); old_context=NULL; - freecon(new_context); new_context=NULL; - - #ifdef NAMESPACE_PRIV -- if (transition_to_caller_uid()) -+ if (transition_to_caller_uid()) { -+ fprintf(stderr, _("Failed to transition to namespace\n")); - goto err_close_pam_session; -+ } - #endif - -- if (drop_capabilities(TRUE)) -+ if (drop_capabilities(TRUE)) { -+ fprintf(stderr, _("Failed to drop capabilities %m\n")); - goto err_close_pam_session; -- -+ } - /* Handle environment changes */ - if (restore_environment(preserve_environment, old_environ, &pw)) { - fprintf(stderr, _("Unable to restore the environment, " -diff --git a/policycoreutils/po/Makefile b/policycoreutils/po/Makefile -index a693823..555f381 100644 ---- a/policycoreutils/po/Makefile -+++ b/policycoreutils/po/Makefile -@@ -28,7 +28,7 @@ POTFILES = \ - ../run_init/run_init.c \ - ../semodule_link/semodule_link.c \ - ../audit2allow/audit2allow \ -- ../semanage/seobject.py \ -+ ../semanage/seobject/__init__.py \ - ../setsebool/setsebool.c \ - ../newrole/newrole.c \ - ../load_policy/load_policy.c \ -@@ -49,7 +49,6 @@ POTFILES = \ - ../gui/booleansPage.py \ - ../gui/fcontextPage.py \ - ../gui/loginsPage.py \ -- ../gui/mappingsPage.py \ - ../gui/modulesPage.py \ - ../gui/polgen.glade \ - ../gui/polgengui.py \ -@@ -61,6 +60,36 @@ POTFILES = \ - ../gui/usersPage.py \ - ../secon/secon.c \ - booleans.py \ -+ ../sepolicy/sepolicy/help/booleans_more_show.txt \ -+ ../sepolicy/sepolicy/help/booleans_more.txt \ -+ ../sepolicy/sepolicy/help/booleans_toggled.txt \ -+ ../sepolicy/sepolicy/help/booleans.txt \ -+ ../sepolicy/sepolicy/help/file_equiv.txt \ -+ ../sepolicy/sepolicy/help/files_apps.txt \ -+ ../sepolicy/sepolicy/help/files_exec.txt \ -+ ../sepolicy/sepolicy/help/files_write.txt \ -+ ../sepolicy/sepolicy/help/lockdown_permissive.txt \ -+ ../sepolicy/sepolicy/help/lockdown_ptrace.txt \ -+ ../sepolicy/sepolicy/help/lockdown.txt \ -+ ../sepolicy/sepolicy/help/lockdown_unconfined.txt \ -+ ../sepolicy/sepolicy/help/login_default.txt \ -+ ../sepolicy/sepolicy/help/login.txt \ -+ ../sepolicy/sepolicy/help/ports_inbound.txt \ -+ ../sepolicy/sepolicy/help/ports_outbound.txt \ -+ ../sepolicy/sepolicy/help/start.txt \ -+ ../sepolicy/sepolicy/help/system_boot_mode.txt \ -+ ../sepolicy/sepolicy/help/system_current_mode.txt \ -+ ../sepolicy/sepolicy/help/system_export.txt \ -+ ../sepolicy/sepolicy/help/system_policy_type.txt \ -+ ../sepolicy/sepolicy/help/system_relabel.txt \ -+ ../sepolicy/sepolicy/help/system.txt \ -+ ../sepolicy/sepolicy/help/transition_file.txt \ -+ ../sepolicy/sepolicy/help/transition_from_boolean_1.txt \ -+ ../sepolicy/sepolicy/help/transition_from_boolean_2.txt \ -+ ../sepolicy/sepolicy/help/transition_from_boolean.txt \ -+ ../sepolicy/sepolicy/help/transition_from.txt \ -+ ../sepolicy/sepolicy/help/transition_to.txt \ -+ ../sepolicy/sepolicy/help/users.txt \ - ../sepolicy/info.c \ - ../sepolicy/search.c \ - ../sepolicy/sepolicy.py \ -diff --git a/policycoreutils/po/POTFILES b/policycoreutils/po/POTFILES -index bcb9e99..ae25133 100644 ---- a/policycoreutils/po/POTFILES -+++ b/policycoreutils/po/POTFILES -@@ -2,7 +2,7 @@ - ../run_init/run_init.c - ../semodule_link/semodule_link.c - ../audit2allow/audit2allow -- ../semanage/seobject.py -+ ../semanage/seobject/__init__.py - ../setsebool/setsebool.c - ../newrole/newrole.c - ../load_policy/load_policy.c -@@ -23,7 +23,6 @@ - ../gui/booleansPage.py - ../gui/fcontextPage.py - ../gui/loginsPage.py -- ../gui/mappingsPage.py - ../gui/modulesPage.py - ../gui/polgen.glade - ../gui/polgengui.py -@@ -47,6 +46,36 @@ - ../gui/templates/var_log.py - ../gui/templates/var_run.py - ../gui/templates/var_spool.py -+ ../sepolicy/sepolicy/help/booleans_more_show.txt -+ ../sepolicy/sepolicy/help/booleans_more.txt -+ ../sepolicy/sepolicy/help/booleans_toggled.txt -+ ../sepolicy/sepolicy/help/booleans.txt -+ ../sepolicy/sepolicy/help/file_equiv.txt -+ ../sepolicy/sepolicy/help/files_apps.txt -+ ../sepolicy/sepolicy/help/files_exec.txt -+ ../sepolicy/sepolicy/help/files_write.txt -+ ../sepolicy/sepolicy/help/lockdown_permissive.txt -+ ../sepolicy/sepolicy/help/lockdown_ptrace.txt -+ ../sepolicy/sepolicy/help/lockdown.txt -+ ../sepolicy/sepolicy/help/lockdown_unconfined.txt -+ ../sepolicy/sepolicy/help/login_default.txt -+ ../sepolicy/sepolicy/help/login.txt -+ ../sepolicy/sepolicy/help/ports_inbound.txt -+ ../sepolicy/sepolicy/help/ports_outbound.txt -+ ../sepolicy/sepolicy/help/start.txt -+ ../sepolicy/sepolicy/help/system_boot_mode.txt -+ ../sepolicy/sepolicy/help/system_current_mode.txt -+ ../sepolicy/sepolicy/help/system_export.txt -+ ../sepolicy/sepolicy/help/system_policy_type.txt -+ ../sepolicy/sepolicy/help/system_relabel.txt -+ ../sepolicy/sepolicy/help/system.txt -+ ../sepolicy/sepolicy/help/transition_file.txt -+ ../sepolicy/sepolicy/help/transition_from_boolean_1.txt -+ ../sepolicy/sepolicy/help/transition_from_boolean_2.txt -+ ../sepolicy/sepolicy/help/transition_from_boolean.txt -+ ../sepolicy/sepolicy/help/transition_from.txt -+ ../sepolicy/sepolicy/help/transition_to.txt -+ ../sepolicy/sepolicy/help/users.txt - ../sepolicy/info.c - ../sepolicy/search.c - ../sepolicy/sepolicy.py -diff --git a/policycoreutils/po/POTFILES.in b/policycoreutils/po/POTFILES.in -index aca0474..0ccb542 100644 ---- a/policycoreutils/po/POTFILES.in -+++ b/policycoreutils/po/POTFILES.in -@@ -2,7 +2,7 @@ run_init/open_init_pty.c - run_init/run_init.c - semodule_link/semodule_link.c - audit2allow/audit2allow --semanage/seobject.py -+semanage/seobject/__init__.py - setsebool/setsebool.c - newrole/newrole.c - load_policy/load_policy.c -@@ -23,7 +23,6 @@ restorecond/utmpwatcher.c - gui/booleansPage.py - gui/fcontextPage.py - gui/loginsPage.py --gui/mappingsPage.py - gui/modulesPage.py - gui/polgen.glade - gui/polgengui.py -@@ -45,6 +44,36 @@ sepolicy/sepolicy/generate.py - sepolicy/sepolicy/sepolicy.glade - sepolicy/sepolicy/gui.py - sepolicy/sepolicy/manpage.py -+sepolicy/sepolicy/help/booleans_more_show.txt -+sepolicy/sepolicy/help/booleans_more.txt -+sepolicy/sepolicy/help/booleans_toggled.txt -+sepolicy/sepolicy/help/booleans.txt -+sepolicy/sepolicy/help/file_equiv.txt -+sepolicy/sepolicy/help/files_apps.txt -+sepolicy/sepolicy/help/files_exec.txt -+sepolicy/sepolicy/help/files_write.txt -+sepolicy/sepolicy/help/lockdown_permissive.txt -+sepolicy/sepolicy/help/lockdown_ptrace.txt -+sepolicy/sepolicy/help/lockdown.txt -+sepolicy/sepolicy/help/lockdown_unconfined.txt -+sepolicy/sepolicy/help/login_default.txt -+sepolicy/sepolicy/help/login.txt -+sepolicy/sepolicy/help/ports_inbound.txt -+sepolicy/sepolicy/help/ports_outbound.txt -+sepolicy/sepolicy/help/start.txt -+sepolicy/sepolicy/help/system_boot_mode.txt -+sepolicy/sepolicy/help/system_current_mode.txt -+sepolicy/sepolicy/help/system_export.txt -+sepolicy/sepolicy/help/system_policy_type.txt -+sepolicy/sepolicy/help/system_relabel.txt -+sepolicy/sepolicy/help/system.txt -+sepolicy/sepolicy/help/transition_file.txt -+sepolicy/sepolicy/help/transition_from_boolean_1.txt -+sepolicy/sepolicy/help/transition_from_boolean_2.txt -+sepolicy/sepolicy/help/transition_from_boolean.txt -+sepolicy/sepolicy/help/transition_from.txt -+sepolicy/sepolicy/help/transition_to.txt -+sepolicy/sepolicy/help/users.txt - sepolicy/sepolicy/transition.py - sepolicy/sepolicy/templates/executable.py - sepolicy/sepolicy/templates/__init__.py -diff --git a/policycoreutils/po/af.po b/policycoreutils/po/af.po -index e4a6e09..c565e50 100644 ---- a/policycoreutils/po/af.po -+++ b/policycoreutils/po/af.po -@@ -7,9 +7,9 @@ msgid "" - msgstr "" - "Project-Id-Version: Policycoreutils\n" - "Report-Msgid-Bugs-To: \n" --"POT-Creation-Date: 2013-10-10 16:04-0400\n" --"PO-Revision-Date: 2012-03-30 18:14+0000\n" --"Last-Translator: FULL NAME \n" +diff --git a/policycoreutils/po/ach.po b/policycoreutils/po/ach.po +new file mode 100644 +index 0000000..0d84e13 +--- /dev/null ++++ b/policycoreutils/po/ach.po +@@ -0,0 +1,5198 @@ ++# SOME DESCRIPTIVE TITLE. ++# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER ++# This file is distributed under the same license as the PACKAGE package. ++# ++# Translators: ++msgid "" ++msgstr "" ++"Project-Id-Version: Policycoreutils\n" ++"Report-Msgid-Bugs-To: \n" +"POT-Creation-Date: 2014-01-03 16:04-0500\n" -+"PO-Revision-Date: 2013-12-20 13:58+0000\n" -+"Last-Translator: dwalsh \n" - "Language-Team: Afrikaans (http://www.transifex.com/projects/p/fedora/" - "language/af/)\n" - "Language: af\n" -@@ -87,96 +87,101 @@ msgstr "" - msgid "To make this policy package active, execute:" - msgstr "" - --#: ../semanage/seobject.py:210 ++"PO-Revision-Date: 2014-03-24 16:46+0000\n" ++"Last-Translator: jsmith \n" ++"Language-Team: Acoli (http://www.transifex.com/projects/p/fedora/language/ach/)\n" ++"MIME-Version: 1.0\n" ++"Content-Type: text/plain; charset=UTF-8\n" ++"Content-Transfer-Encoding: 8bit\n" ++"Language: ach\n" ++"Plural-Forms: nplurals=2; plural=(n > 1);\n" ++ ++#: ../run_init/run_init.c:67 ++msgid "" ++"USAGE: run_init