policycoreutils/policycoreutils-rhat.patch

diff --exclude-from=exclude --exclude=sepolgen-1.0.13 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/Makefile policycoreutils-2.0.57/Makefile
--- nsapolicycoreutils/Makefile	2008-08-28 09:34:24.000000000 -0400
+++ policycoreutils-2.0.57/Makefile	2008-10-10 16:04:46.000000000 -0400
@@ -1,4 +1,4 @@
-SUBDIRS = setfiles semanage load_policy newrole run_init secon audit2allow audit2why scripts sestatus semodule_package semodule semodule_link semodule_expand semodule_deps setsebool po
+SUBDIRS = setfiles semanage load_policy newrole run_init secon audit2allow audit2why scripts sestatus semodule_package semodule semodule_link semodule_expand semodule_deps setsebool po gui
 
 INOTIFYH = $(shell ls /usr/include/sys/inotify.h 2>/dev/null)
 
diff --exclude-from=exclude --exclude=sepolgen-1.0.13 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/audit2allow/audit2allow policycoreutils-2.0.57/audit2allow/audit2allow
--- nsapolicycoreutils/audit2allow/audit2allow	2008-08-28 09:34:24.000000000 -0400
+++ policycoreutils-2.0.57/audit2allow/audit2allow	2008-10-30 14:21:33.000000000 -0400
@@ -287,7 +287,11 @@
     def __output(self):
         
         if self.__options.audit2why:
-            return self.__output_audit2why()
+            try:
+                return self.__output_audit2why()
+            except RuntimeError, e:
+                print e
+                sys.exit(1)
 
         g = policygen.PolicyGenerator()
 
diff --exclude-from=exclude --exclude=sepolgen-1.0.13 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/audit2allow/audit2allow.1 policycoreutils-2.0.57/audit2allow/audit2allow.1
--- nsapolicycoreutils/audit2allow/audit2allow.1	2008-08-28 09:34:24.000000000 -0400
+++ policycoreutils-2.0.57/audit2allow/audit2allow.1	2008-10-29 09:44:41.000000000 -0400
@@ -82,7 +82,7 @@
 Indicates input file is a te (type enforcement) file.  This can be used to translate old te format to new policy format.
 .TP
 .B "\-w" | "\-\-why"
-Translates SELinux audit messages into a description of why the access wasn denied
+Translates SELinux audit messages into a description of why the access was denied
 
 .TP
 .B "\-v" | "\-\-verbose"
diff --exclude-from=exclude --exclude=sepolgen-1.0.13 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/newrole/newrole.c policycoreutils-2.0.57/newrole/newrole.c
--- nsapolicycoreutils/newrole/newrole.c	2008-08-28 09:34:24.000000000 -0400
+++ policycoreutils-2.0.57/newrole/newrole.c	2008-10-17 16:43:52.000000000 -0400
@@ -553,7 +553,7 @@
 	new_caps = cap_init();
 	tmp_caps = cap_init();
 	if (!new_caps || !tmp_caps) {
-		fprintf(stderr, _("Error initing capabilities, aborting.\n"));
+		fprintf(stderr, _("Error initializing capabilities, aborting.\n"));
 		return -1;
 	}
 	rc |= cap_set_flag(new_caps, CAP_PERMITTED, 1, cap_list, CAP_SET);
@@ -631,7 +631,7 @@
 	/* Non-root caller, suid root path */
 	new_caps = cap_init();
 	if (!new_caps) {
-		fprintf(stderr, _("Error initing capabilities, aborting.\n"));
+		fprintf(stderr, _("Error initializing capabilities, aborting.\n"));
 		return -1;
 	}
 	rc |= cap_set_flag(new_caps, CAP_PERMITTED, 6, cap_list, CAP_SET);
diff --exclude-from=exclude --exclude=sepolgen-1.0.13 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/seobject.py policycoreutils-2.0.57/semanage/seobject.py
--- nsapolicycoreutils/semanage/seobject.py	2008-09-12 11:48:15.000000000 -0400
+++ policycoreutils-2.0.57/semanage/seobject.py	2008-10-28 15:48:14.000000000 -0400
@@ -35,7 +35,7 @@
        import __builtin__
        __builtin__.__dict__['_'] = unicode
 
-is_mls_enabled = selinux.is_selinux_mls_enabled()
+is_mls_enabled = not selinux.is_selinux_enabled() or selinux.is_selinux_mls_enabled()
 
 import syslog
 
@@ -1433,8 +1433,14 @@
 		(rc,exists) = semanage_fcontext_exists(self.sh, k)
 		if rc < 0:
 			raise ValueError(_("Could not check if file context for %s is defined") % target)
-		if exists:
-			raise ValueError(_("File context for %s already defined") % target)
+
+		if not exists:
+                       (rc,exists) = semanage_fcontext_exists_local(self.sh, k)
+                       if rc < 0:
+                              raise ValueError(_("Could not check if file context for %s is defined") % target)
+
+                if exists:
+                       raise ValueError(_("File context for %s already defined") % target)
 
 		(rc,fcontext) = semanage_fcontext_create(self.sh)
 		if rc < 0:
@@ -1481,15 +1487,19 @@
 		if rc < 0:
 			raise ValueError(_("Could not create a key for %s") % target)
 
-		(rc,exists) = semanage_fcontext_exists_local(self.sh, k)
+		(rc,exists) = semanage_fcontext_exists(self.sh, k)
 		if rc < 0:
 			raise ValueError(_("Could not check if file context for %s is defined") % target)
 		if not exists:
-			raise ValueError(_("File context for %s is not defined") % target)
+                       (rc,exists) = semanage_fcontext_exists_local(self.sh, k)
+                       if not exists:
+                              raise ValueError(_("File context for %s is not defined") % target)
 		
 		(rc,fcontext) = semanage_fcontext_query_local(self.sh, k)
 		if rc < 0:
-			raise ValueError(_("Could not query file context for %s") % target)
+                       (rc,fcontext) = semanage_fcontext_query(self.sh, k)
+                       if rc < 0:
+                              raise ValueError(_("Could not query file context for %s") % target)
 
                 if setype != "<<none>>":
                        con = semanage_fcontext_get_con(fcontext)
@@ -1591,30 +1601,33 @@
 
                        self.flist += fclocal
 
+                ddict = {}
 		for fcontext in self.flist:
 			expr = semanage_fcontext_get_expr(fcontext)
 			ftype = semanage_fcontext_get_type(fcontext)
 			ftype_str = semanage_fcontext_get_type_str(ftype)
 			con = semanage_fcontext_get_con(fcontext)
 			if con:
-				l.append((expr, ftype_str, semanage_context_get_user(con), semanage_context_get_role(con), semanage_context_get_type(con), semanage_context_get_mls(con)))
+                               ddict[(expr, ftype_str)] = (semanage_context_get_user(con), semanage_context_get_role(con), semanage_context_get_type(con), semanage_context_get_mls(con))
 			else:
-				l.append((expr, ftype_str, con))
+				ddict[(expr, ftype_str)] = con
 
-		return l
+		return ddict
 			
 	def list(self, heading = 1, locallist = 0 ):
 		if heading:
 			print "%-50s %-18s %s\n" % (_("SELinux fcontext"), _("type"), _("Context"))
-		fcon_list = self.get_all(locallist)
-		for fcon in fcon_list:
-			if len(fcon) > 3:
+		fcon_dict = self.get_all(locallist)
+                keys = fcon_dict.keys()
+                keys.sort()
+		for k in keys:
+			if fcon_dict[k]:
 				if is_mls_enabled:
-					print "%-50s %-18s %s:%s:%s:%s " % (fcon[0], fcon[1], fcon[2], fcon[3], fcon[4], translate(fcon[5],False))
+					print "%-50s %-18s %s:%s:%s:%s " % (k[0], k[1], fcon_dict[k][0], fcon_dict[k][1], fcon_dict[k][2], translate(fcon_dict[k][3],False))
 				else:
-					print "%-50s %-18s %s:%s:%s " % (fcon[0], fcon[1], fcon[2], fcon[3],fcon[4])
+					print "%-50s %-18s %s:%s:%s " % (k[0], k[1], fcon_dict[k][0], fcon_dict[k][1],fcon_dict[k][2])
 			else:
-				print "%-50s %-18s <<None>>" % (fcon[0], fcon[1])
+				print "%-50s %-18s <<None>>" % (k[0], k[1])
 				
 class booleanRecords(semanageRecords):
 	def __init__(self, store = ""):