18 changed files with 40623 additions and 330 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1 +1 @@
-SOURCES/setroubleshoot-3.3.32.tar.gz
+SOURCES/setroubleshoot-3.3.26.tar.gz
--- a/.setroubleshoot.metadata
+++ b/.setroubleshoot.metadata
@ -1 +0,0 @@
-6ee4101312b8c2b98ea7d007eccd62918f59c4f3 SOURCES/setroubleshoot-3.3.32.tar.gz
--- a/SOURCES/0001-Stop-SetroubleshootFixit-after-10-seconds-of-inactiv.patch
+++ b/SOURCES/0001-Stop-SetroubleshootFixit-after-10-seconds-of-inactiv.patch
@ -0,0 +1,45 @@
+From 78840f4e0bd41d3ba1b3c90b909e6c2cf7ef4ea7 Mon Sep 17 00:00:00 2001
+From: Petr Lautrbach <plautrba@redhat.com>
+Date: Wed, 14 Apr 2021 17:03:39 +0200
+Subject: [PATCH] Stop SetroubleshootFixit after 10 seconds of inactivity
+
+---
+ src/SetroubleshootFixit.py | 9 +++++++++
+ 1 file changed, 9 insertions(+)
+
+diff --git a/framework/src/SetroubleshootFixit.py b/framework/src/SetroubleshootFixit.py
+index 15c6cab..f7cbf95 100644
+--- a/framework/src/SetroubleshootFixit.py
+++ b/framework/src/SetroubleshootFixit.py
+@@ -7,6 +7,7 @@ from gi.repository import GLib
+ import slip.dbus.service
+ from slip.dbus import polkit
+ import os
+import signal
+ 
+ 
+ class RunFix(slip.dbus.service.Object):
+@@ -14,12 +15,20 @@ class RunFix(slip.dbus.service.Object):
+ 
+     def __init__(self, *p, **k):
+         super(RunFix, self).__init__(*p, **k)
+        self.timeout = 10
+        self.alarm(self.timeout)
+
+    def alarm(self, timeout=10):
+        signal.alarm(timeout)
+
+ 
+     @dbus.service.method("org.fedoraproject.SetroubleshootFixit", in_signature='ss', out_signature='s')
+     def run_fix(self, local_id, analysis_id):
+         import subprocess
+        self.alarm(0)
+         command = ["sealert", "-f", local_id, "-P", analysis_id]
+         return subprocess.check_output(command, universal_newlines=True)
+        self.alarm(self.timeout)
+ 
+ if __name__ == "__main__":
+     mainloop = GLib.MainLoop()
+-- 
+2.30.2
+
--- a/SOURCES/0001-imp-module-is-deprecated-in-favor-of-importlib.patch
+++ b/SOURCES/0001-imp-module-is-deprecated-in-favor-of-importlib.patch
@ -1,71 +0,0 @@
-From 2f9e575333af7c7798956f211c29a46a338155e5 Mon Sep 17 00:00:00 2001
-From: Petr Lautrbach <lautrbach@redhat.com>
-Date: Mon, 24 Jul 2023 17:33:17 +0200
-Subject: [PATCH] 'imp' module is deprecated in favor of 'importlib'
-Content-type: text/plain
-
-Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2224393
---
- src/setroubleshoot/util.py | 26 ++++++++------------------
- 1 file changed, 8 insertions(+), 18 deletions(-)
-
-diff --git a/src/setroubleshoot/util.py b/src/setroubleshoot/util.py
-index 0e02f12de682..828a598ef1c2 100755
--- a/src/setroubleshoot/util.py
-+++ b/src/setroubleshoot/util.py
-@@ -73,6 +73,7 @@ import datetime
- from dasbus.connection import SystemMessageBus
- import glob
- from gi.repository import GObject
-+import importlib
- import os
- import pwd
- import re
-@@ -771,37 +772,26 @@ def load_plugins(filter_glob=None):
- 
-     # load the parent (e.g. the package containing the submodules), required for python 2.5 and above
-     module_name = plugin_base
-    plugin_name = '__init__'
-     if module_name not in sys.modules:
-         try:
-            import imp
-            mod_fp, mod_path, mod_description = imp.find_module(plugin_name, [plugin_dir])
-            mod = imp.load_module(module_name, mod_fp, mod_path, mod_description)
-+            mod_spec = importlib.util.spec_from_file_location(plugin_base, plugin_dir + "/__init__.py")
-+            mod = importlib.util.module_from_spec(mod_spec)
-+            mod_spec.loader.exec_module(mod)
-         except Exception as e:
-             syslog.syslog(syslog.LOG_ERR, "failed to initialize plugins in %s: %s" % (plugin_dir, str(e)))
-             return []
- 
-        if mod_fp:
-            mod_fp.close()
-
-     for plugin_name in plugin_names:
-         module_name = "%s.%s" % (plugin_base, plugin_name)
-        mod = sys.modules.get(module_name)
-        if mod is not None:
-            log_debug("load_plugins() %s previously imported" % module_name)
-            plugins.append(mod.plugin())
-            continue
-+
-         try:
-            import imp
-            mod_fp, mod_path, mod_description = imp.find_module(plugin_name, [plugin_dir])
-            mod = imp.load_module(module_name, mod_fp, mod_path, mod_description)
-+            mod_spec = importlib.util.spec_from_file_location(module_name, plugin_dir + "/" + plugin_name + ".py")
-+            mod = importlib.util.module_from_spec(mod_spec)
-+            mod_spec.loader.exec_module(mod)
-             plugins.append(mod.plugin())
-         except Exception as e:
-             syslog.syslog(syslog.LOG_ERR, "failed to load %s plugin: %s" % (plugin_name, str(e)))
- 
-        if mod_fp:
-            mod_fp.close()
-
-     plugins.sort(key=cmp_to_key(sort_plugins))
-     return plugins
- 
-- 
-2.41.0
-
--- a/SOURCES/0002-Always-reset-pending-alarms-when-alarm-0.patch
+++ b/SOURCES/0002-Always-reset-pending-alarms-when-alarm-0.patch
@ -1,29 +0,0 @@
-From 659f10a0ab422251f4d6857fb34ddf1c25b21b37 Mon Sep 17 00:00:00 2001
-From: Petr Lautrbach <lautrbach@redhat.com>
-Date: Wed, 3 May 2023 09:35:28 +0200
-Subject: [PATCH] Always reset pending alarms when alarm(0)
-Content-type: text/plain
-
-Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2112573
-
-Signed-off-by: Petr Lautrbach <lautrbach@redhat.com>
---
- src/setroubleshoot/server.py | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/src/setroubleshoot/server.py b/src/setroubleshoot/server.py
-index fd89a5448912..2b1b0b1c30d0 100755
--- a/src/setroubleshoot/server.py
-+++ b/src/setroubleshoot/server.py
-@@ -703,7 +703,7 @@ Deletes an alert from the database.
-         return ""
- 
-     def alarm(self, timeout=10):
-        if self.conn_ctr == 0:
-+        if self.conn_ctr == 0 or timeout == 0:
-             signal.alarm(timeout)
- 
- 
-- 
-2.41.0
-
--- a/SOURCES/0002-Do-not-use-Python-slip-package.patch
+++ b/SOURCES/0002-Do-not-use-Python-slip-package.patch
@ -0,0 +1,103 @@
+From e9def2b8b0098842d0223d0951f41e2106821a88 Mon Sep 17 00:00:00 2001
+From: Petr Lautrbach <plautrba@redhat.com>
+Date: Wed, 14 Apr 2021 17:04:59 +0200
+Subject: [PATCH] Do not use Python slip package
+
+It's not maintained anymore and it allows us to drop dependency on
+Python slip package
+
+Use DBUS polkit interface instead -
+https://www.freedesktop.org/software/polkit/docs/latest/eggdbus-interface-org.freedesktop.PolicyKit1.Authority.html
+---
+ src/SetroubleshootFixit.py    | 35 +++++++++++++++++++++++++----------
+ src/setroubleshoot/browser.py |  3 ---
+ 2 files changed, 25 insertions(+), 13 deletions(-)
+
+diff --git a/framework/src/SetroubleshootFixit.py b/framework/src/SetroubleshootFixit.py
+index f7cbf95..ab0ad2b 100644
+--- a/framework/src/SetroubleshootFixit.py
+++ b/framework/src/SetroubleshootFixit.py
+@@ -4,13 +4,11 @@ import dbus
+ import dbus.service
+ import dbus.mainloop.glib
+ from gi.repository import GLib
+-import slip.dbus.service
+-from slip.dbus import polkit
+ import os
+ import signal
+import subprocess
+ 
+-
+-class RunFix(slip.dbus.service.Object):
+class RunFix(dbus.service.Object):
+     default_polkit_auth_required = "org.fedoraproject.setroubleshootfixit.write"
+ 
+     def __init__(self, *p, **k):
+@@ -21,14 +19,32 @@ class RunFix(slip.dbus.service.Object):
+     def alarm(self, timeout=10):
+         signal.alarm(timeout)
+ 
+-
+-    @dbus.service.method("org.fedoraproject.SetroubleshootFixit", in_signature='ss', out_signature='s')
+-    def run_fix(self, local_id, analysis_id):
+-        import subprocess
+    def is_authorized(self, sender):
+        bus = dbus.SystemBus()
+
+        proxy = bus.get_object('org.freedesktop.PolicyKit1', '/org/freedesktop/PolicyKit1/Authority')
+        authority = dbus.Interface(proxy, dbus_interface='org.freedesktop.PolicyKit1.Authority')
+        subject = ('system-bus-name', {'name' : sender})
+        action_id = 'org.fedoraproject.setroubleshootfixit.write'
+        details = {}
+        flags = 1            # AllowUserInteraction flag
+        cancellation_id = '' # No cancellation id
+        result = authority.CheckAuthorization(subject, action_id, details, flags, cancellation_id)
+        return result[0]
+
+    @dbus.service.method("org.fedoraproject.SetroubleshootFixit", sender_keyword="sender", in_signature='ss', out_signature='s')
+    def run_fix(self, local_id, analysis_id, sender):
+         self.alarm(0)
+         command = ["sealert", "-f", local_id, "-P", analysis_id]
+-        return subprocess.check_output(command, universal_newlines=True)
+
+        if self.is_authorized(sender):
+            result = subprocess.check_output(command, universal_newlines=True)
+        else:
+            result = "Authorization failed"
+
+         self.alarm(self.timeout)
+        return result
+
+ 
+ if __name__ == "__main__":
+     mainloop = GLib.MainLoop()
+@@ -36,5 +52,4 @@ if __name__ == "__main__":
+     system_bus = dbus.SystemBus()
+     name = dbus.service.BusName("org.fedoraproject.SetroubleshootFixit", system_bus)
+     object = RunFix(system_bus, "/org/fedoraproject/SetroubleshootFixit/object")
+-    slip.dbus.service.set_mainloop(mainloop)
+     mainloop.run()
+diff --git a/framework/src/setroubleshoot/browser.py b/framework/src/setroubleshoot/browser.py
+index 2d37bb4..3203f75 100644
+--- a/framework/src/setroubleshoot/browser.py
+++ b/framework/src/setroubleshoot/browser.py
+@@ -65,8 +65,6 @@ from setroubleshoot.util import *
+ from setroubleshoot.html_util import html_to_text
+ import re
+ import dbus
+-import slip.dbus.service
+-from slip.dbus import polkit
+ import report
+ import report.io
+ import report.io.GTKIO
+@@ -933,7 +931,6 @@ class DBusProxy (object):
+         self.bus = dbus.SystemBus()
+         self.dbus_object = self.bus.get_object("org.fedoraproject.SetroubleshootFixit", "/org/fedoraproject/SetroubleshootFixit/object")
+ 
+-    @polkit.enable_proxy
+     def run_fix(self, local_id, plugin_name):
+         return self.dbus_object.run_fix(local_id, plugin_name, dbus_interface="org.fedoraproject.SetroubleshootFixit")
+ 
+-- 
+2.30.2
+
--- a/SOURCES/0003-Fix-typos-in-help-man-pages-and-developer-s-guide.patch
+++ b/SOURCES/0003-Fix-typos-in-help-man-pages-and-developer-s-guide.patch
@ -0,0 +1,82 @@
+From f6a21742b2531f5dfd0fa68400848ca4314f972f Mon Sep 17 00:00:00 2001
+From: Vit Mojzis <vmojzis@redhat.com>
+Date: Mon, 6 Dec 2021 12:14:04 +0100
+Subject: [PATCH] Fix typos in --help, man pages and developer's guide
+
+Signed-off-by: Vit Mojzis <vmojzis@redhat.com>
+---
+ TODO                         | 2 +-
+ doc/sealert.8                | 2 +-
+ src/config.py.in             | 2 +-
+ src/sealert                  | 2 +-
+ src/setroubleshoot/server.py | 2 +-
+ 5 files changed, 5 insertions(+), 5 deletions(-)
+
+diff --git a/framework/TODO b/framework/TODO
+index 6c2f375..25072ea 100644
+--- a/framework/TODO
+++ b/framework/TODO
+@@ -22,7 +22,7 @@ return plain text (to be used for plaintext email and writing to
+ stdout).
+ 
+ (John) Add log file scanning support (I'm currently working on this).
+-We could use a better parser for AVC's in log file or other "stream",
+We could use a better parser for AVCs in log file or other "stream",
+ should work by accepting data via a feed() method and invoke a
+ callback when it finds an AVC returning an AVC class and a range
+ (start,end) where it was located (question: should the range be line
+diff --git a/framework/doc/sealert.8 b/framework/doc/sealert.8
+index 89f4dff..d3e81e3 100644
+--- a/framework/doc/sealert.8
+++ b/framework/doc/sealert.8
+@@ -102,7 +102,7 @@ Start sealert without dbus service as stand alone app
+ Lookup alert by id, if id is wildcard * then return all alerts
+ .TP 
+ .B \-a \-\-analyze file   
+-Scan a log file, analyze its AVC's
+Scan a log file, analyze its AVCs
+ .TP 
+ .B \-u \-\-user        
+ logon as user
+diff --git a/framework/src/config.py.in b/framework/src/config.py.in
+index cbb0542..daf9a68 100644
+--- a/framework/src/config.py.in
+++ b/framework/src/config.py.in
+@@ -184,7 +184,7 @@ the alert's last seen date will be purged first. Zero implies no limit''',
+         'max_alert_age': {
+             'value': '',
+             'description' : '''
+-Purge any alerts whose age based on it's last seen date exceeds this threshold.
+Purge any alerts whose age based on its last seen date exceeds this threshold.
+ Age may be specified as a sequence of integer unit pairs. Units may be one of
+ year,month,week,day,hour,minute,second and may optionally be plural.
+ Example: '2 weeks 1 day' sets the threshold at 15 days.
+diff --git a/framework/src/sealert b/framework/src/sealert
+index bae0c81..2663a21 100755
+--- a/framework/src/sealert
+++ b/framework/src/sealert
+@@ -598,7 +598,7 @@ if __name__ == '__main__':
+         parser.add_option("-l", "--lookupid", dest="lookupid", default=False,
+                           help="Lookup alert by id, id may be wildcard * to lookup all alerts")
+         parser.add_option("-a", "--analyze", dest="analyze", default=False,
+-                          help="Scan a log file, analyze it's AVC's", metavar="FILE")
+                          help="Scan a log file, analyze its AVCs", metavar="FILE")
+         parser.add_option("-u", "--user", dest="user", default=False,
+                           help="logon user name")
+         parser.add_option("-p", "--password", dest="password", default=False,
+diff --git a/framework/src/setroubleshoot/server.py b/framework/src/setroubleshoot/server.py
+index aef0346..771ea15 100755
+--- a/framework/src/setroubleshoot/server.py
+++ b/framework/src/setroubleshoot/server.py
+@@ -764,7 +764,7 @@ def RunFaultServer(timeout=10):
+     try:
+         # FIXME: should this be using our logging objects in log.py?
+         # currently syslog is only used for putting an alert into
+-        # the syslog with it's id
+        # the syslog with its id
+ 
+         global pkg_name
+         syslog.openlog(pkg_name)
+-- 
+2.30.2
+
--- a/SOURCES/0003-gitlab-ci-use-apt-get-to-install-python3-dbus-packag.patch
+++ b/SOURCES/0003-gitlab-ci-use-apt-get-to-install-python3-dbus-packag.patch
@ -1,52 +0,0 @@
-From 502d06c8fa86b53198a2f4aeb59efdf1203531d6 Mon Sep 17 00:00:00 2001
-From: Petr Lautrbach <lautrbach@redhat.com>
-Date: Wed, 3 May 2023 10:17:06 +0200
-Subject: [PATCH] gitlab-ci: use apt-get to install python3-dbus package
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-Content-type: text/plain
-
-Fixes:
-$ pip3 install dasbus
-error: externally-managed-environment
-× This environment is externally managed
-╰─> To install Python packages system-wide, try apt install
-    python3-xyz, where xyz is the package you are trying to
-    install.
-
-    If you wish to install a non-Debian-packaged Python package,
-    create a virtual environment using python3 -m venv path/to/venv.
-    Then use path/to/venv/bin/python and path/to/venv/bin/pip. Make
-    sure you have python3-full installed.
-
-    If you wish to install a non-Debian packaged Python application,
-    it may be easiest to use pipx install xyz, which will manage a
-    virtual environment for you. Make sure you have pipx installed.
-
-    See /usr/share/doc/python3.11/README.venv for more information.
-note: If you believe this is a mistake, please contact your Python installation or OS distribution provider. You can override this, at the risk of breaking your Python installation or OS, by passing --break-system-packages.
-hint: See PEP 668 for the detailed specification.
-
-Signed-off-by: Petr Lautrbach <lautrbach@redhat.com>
---
- .gitlab-ci.yml | 3 +--
- 1 file changed, 1 insertion(+), 2 deletions(-)
-
-diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
-index e82e12f66737..bea5081bb0b9 100644
--- a/.gitlab-ci.yml
-+++ b/.gitlab-ci.yml
-@@ -30,8 +30,7 @@ build:debian:
-     - >
-       apt-get -y install autoconf automake libglib2.0-dev libdbus-glib-1-dev libnotify-dev
-       libgtk-3-dev gcc python3-selinux python3-gi python3-dbus python3-six python3-sepolicy
-      xdg-utils make intltool libaudit-dev libauparse-dev python3-pip
-    - pip3 install dasbus
-+      xdg-utils make intltool libaudit-dev libauparse-dev python3-pip python3-dasbus
-     - ./autogen.sh
-     - make
-     - make install
-- 
-2.41.0
-
--- a/SOURCES/0004-Revert-Replace-pydbus-with-dasbus.patch
+++ b/SOURCES/0004-Revert-Replace-pydbus-with-dasbus.patch
@ -0,0 +1,174 @@
+From e0cf9f2e50e8da856ffd511cbbab7ee36a31bb74 Mon Sep 17 00:00:00 2001
+From: Vit Mojzis <vmojzis@redhat.com>
+Date: Fri, 10 Dec 2021 15:04:21 +0100
+Subject: [PATCH] Revert "Replace pydbus with dasbus"
+
+dasbus is not available in rhel8.
+
+This reverts commit 5290ca0ee06d69102bf2b756e2decc0f8c5b770f.
+---
+ configure.ac                    |  6 +++---
+ src/SetroubleshootPrivileged.py | 32 ++++++++++++++------------------
+ src/seapplet                    | 21 +++++++++++++--------
+ src/setroubleshoot/util.py      |  9 +++------
+ 4 files changed, 33 insertions(+), 35 deletions(-)
+
+diff --git a/framework/configure.ac b/framework/configure.ac
+index d1d0176..e3b7b5a 100644
+--- a/framework/configure.ac
+++ b/framework/configure.ac
+@@ -65,13 +65,13 @@ else
+                    $python_module_result])
+ fi
+ 
+-AC_MSG_CHECKING([for the dasbus python3 module])
+-python_module_result=`$PYTHON -c "import dasbus" 2>&1`
+AC_MSG_CHECKING([for the pydbus python3 module])
+python_module_result=`$PYTHON -c "import pydbus" 2>&1`
+ if test -z "$python_module_result"; then
+ 	AC_MSG_RESULT([yes])
+ else
+ 	AC_MSG_RESULT([no])
+-	AC_MSG_ERROR([cannot import Python3 module dasbus.
+	AC_MSG_ERROR([cannot import Python3 module pydbus.
+                    Please check your Python3 installation. The error was:
+                    $python_module_result])
+ fi
+diff --git a/framework/src/SetroubleshootPrivileged.py b/framework/src/SetroubleshootPrivileged.py
+index d2a9ea4..899e687 100644
+--- a/framework/src/SetroubleshootPrivileged.py
+++ b/framework/src/SetroubleshootPrivileged.py
+@@ -19,23 +19,23 @@
+ # 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ 
+ from gi.repository import GLib
+-from dasbus.connection import SystemMessageBus
+from pydbus import SystemBus
+ import setroubleshoot.util
+ import signal
+ 
+ loop = GLib.MainLoop()
+ 
+ class Privileged(object):
+-    __dbus_xml__ = """
+-    <node>
+-        <interface name='org.fedoraproject.SetroubleshootPrivileged'>
+-            <method name='get_rpm_nvr_by_scontext'>
+-                <arg type='s' name='scontext' direction='in'/>
+-                <arg type='s' name='rpmnvr' direction='out'/>
+-            </method>
+-            <method name='finish'/>
+-        </interface>
+-    </node>
+    """
+		<node>
+			<interface name='org.fedoraproject.SetroubleshootPrivileged'>
+				<method name='get_rpm_nvr_by_scontext'>
+					<arg type='s' name='scontext' direction='in'/>
+    				<arg type='s' name='rpmnvr' direction='out'/>
+				</method>
+				<method name='finish'/>
+			</interface>
+		</node>
+     """
+ 
+     def __init__(self, timeout=10):
+@@ -58,10 +58,6 @@ class Privileged(object):
+         loop.quit()
+ 
+ if __name__ == "__main__":
+-    bus = SystemMessageBus()
+-    try:
+-        bus.publish_object("/org/fedoraproject/SetroubleshootPrivileged", Privileged())
+-        bus.register_service("org.fedoraproject.SetroubleshootPrivileged")
+-        loop.run()
+-    finally:
+-        bus.disconnect()
+    bus = SystemBus()
+    bus.publish("org.fedoraproject.SetroubleshootPrivileged", Privileged())
+    loop.run()
+diff --git a/framework/src/seapplet b/framework/src/seapplet
+index b5f65d1..79b5ef2 100644
+--- a/framework/src/seapplet
+++ b/framework/src/seapplet
+@@ -26,7 +26,7 @@ from gi.repository import Gtk
+ gi.require_version('Notify', '0.7')
+ from gi.repository import Notify
+ 
+-from dasbus.connection import SystemMessageBus
+from pydbus import SystemBus
+ 
+ import selinux
+ import sys
+@@ -52,14 +52,13 @@ class SEApplet(GObject.Object):
+ 
+     def __init__(self):
+ 
+-        bus = SystemMessageBus()
+-        Setroubleshootd = bus.get_proxy(
+-            'org.fedoraproject.Setroubleshootd',
+-            '/org/fedoraproject/Setroubleshootd'
+        bus = SystemBus()
+        self.bus_signal = bus.subscribe(
+            iface='org.fedoraproject.SetroubleshootdIface',
+            signal='alert',
+            signal_fired=self.send_notification
+         )
+ 
+-        Setroubleshootd.alert.connect(self.send_notification)
+-
+         super(SEApplet, self).__init__()
+         Notify.init("seapplet")
+         # lets initialise with the application name
+@@ -81,6 +80,11 @@ class SEApplet(GObject.Object):
+         except:
+             pass
+ 
+        Setroubleshootd = bus.get(
+            'org.fedoraproject.Setroubleshootd',
+            '/org/fedoraproject/Setroubleshootd'
+        )
+
+         (count, red) = Setroubleshootd.check_for_new(last_id)
+ 
+         if count > 0:
+@@ -115,7 +119,8 @@ class SEApplet(GObject.Object):
+         launcher.launch(None, context)
+         self.status_icon.set_visible(False)
+ 
+-    def send_notification(self, *params):
+    def send_notification(self, sender, dobject, iface, signal, params):
+
+         status_icon = self.__init_status_icon()
+         status_icon.set_visible(True)
+ 
+diff --git a/framework/src/setroubleshoot/util.py b/framework/src/setroubleshoot/util.py
+index 02c4f75..657c882 100755
+--- a/framework/src/setroubleshoot/util.py
+++ b/framework/src/setroubleshoot/util.py
+@@ -69,7 +69,7 @@ __all__ = [
+ import bz2
+ import six
+ import datetime
+-from dasbus.connection import SystemMessageBus
+from pydbus import SystemBus
+ import glob
+ from gi.repository import GObject
+ import os
+@@ -522,11 +522,8 @@ Finds an SELinux module which defines given SELinux context
+ 
+     """
+     if use_dbus:
+-        bus = SystemMessageBus()
+-        remote_object = bus.get_proxy(
+-            "org.fedoraproject.SetroubleshootPrivileged",
+-            "/org/fedoraproject/SetroubleshootPrivileged"
+-        )
+        bus = SystemBus()
+        remote_object = bus.get("org.fedoraproject.SetroubleshootPrivileged")
+         return str(remote_object.get_rpm_nvr_by_scontext(str(scontext)))
+     else:
+         context = selinux.context_new(str(scontext))
+-- 
+2.30.2
+
--- a/SOURCES/0005-Improve-after_first-email-filter-behavior.patch
+++ b/SOURCES/0005-Improve-after_first-email-filter-behavior.patch
@ -0,0 +1,40 @@
+From 73d60acf9d4d7ae740d450f9c9a9566dac1c3111 Mon Sep 17 00:00:00 2001
+From: Petr Lautrbach <plautrba@redhat.com>
+Date: Thu, 3 Feb 2022 18:14:05 +0100
+Subject: [PATCH] Improve after_first email filter behavior
+
+after_first used to send 2 emails before it started to filter. The
+problem was in the email users were not saved into database when a new
+signature was created.
+
+Also we need to skip email users when we evaluated whether send a
+desktop notification or not.
+---
+ src/setroubleshoot/server.py | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/framework/src/setroubleshoot/server.py b/framework/src/setroubleshoot/server.py
+index 771ea15..10ef215 100755
+--- a/framework/src/setroubleshoot/server.py
+++ b/framework/src/setroubleshoot/server.py
+@@ -220,6 +220,7 @@ class AlertPluginReportReceiver(PluginReportReceiver):
+             if len(to_addrs):
+                 from setroubleshoot.email_alert import email_alert
+                 email_alert(siginfo, to_addrs)
+            self.database.mark_modified()
+ 
+         log_debug("sending alert to all clients")
+ 
+@@ -234,6 +235,9 @@ class AlertPluginReportReceiver(PluginReportReceiver):
+             systemd.journal.send(siginfo.format_text(), OBJECT_PID=pid, SYSLOG_IDENTIFIER=pkg_name)
+ 
+         for u in siginfo.users:
+            if u.username[0:6] == "email:":
+                # skip email users - they were evaluated before
+                continue
+             action = siginfo.evaluate_filter_for_user(u.username)
+             if action == "ignore":
+                 return siginfo
+-- 
+2.30.2
+
--- a/SOURCES/0006-Update-translations.patch
+++ b/SOURCES/0006-Update-translations.patch
--- a/SOURCES/0007-Decrease-setroubleshootd-priority-and-limit-RAM-util.patch
+++ b/SOURCES/0007-Decrease-setroubleshootd-priority-and-limit-RAM-util.patch
@ -0,0 +1,70 @@
+From a2102cb35cd45852fc508b2f62400be098050d7a Mon Sep 17 00:00:00 2001
+From: Vit Mojzis <vmojzis@redhat.com>
+Date: Mon, 4 Jul 2022 16:20:30 +0200
+Subject: [PATCH] Decrease setroubleshootd priority and limit RAM utilization
+ to 1GB
+
+This should help with system responsiveness in case of large amount of
+AVCs. The memory limit ensures the process cannot indefinitely hog
+memory in case it is running continuously. My testing showed normal
+memory consumption not to exceed 350MB, so 1GB should not limit normal
+operation.
+
+Note: Limiting memory using systemd service file was chosen to make it easier
+for users to adjust the limits.
+
+Related:
+https://bugzilla.redhat.com/show_bug.cgi?id=2064727
+
+Signed-off-by: Vit Mojzis <vmojzis@redhat.com>
+---
+ Makefile.am                               |  3 +++
+ org.fedoraproject.Setroubleshootd.service |  3 ++-
+ setroubleshootd.service                   | 10 ++++++++++
+ 3 files changed, 15 insertions(+), 1 deletion(-)
+ create mode 100644 setroubleshootd.service
+
+diff --git a/framework/Makefile.am b/framework/Makefile.am
+index f330b7c..93c6a06 100644
+--- a/framework/Makefile.am
+++ b/framework/Makefile.am
+@@ -28,6 +28,9 @@ polkit_systemdir = $(datadir)/polkit-1/actions
+ polkit_system_DATA = \
+ 			org.fedoraproject.setroubleshootfixit.policy
+ 
+systemd_systemunitdir = $(prefix)/lib/systemd/system/
+systemd_systemunit_DATA = setroubleshootd.service
+
+ autostartdir = $(sysconfdir)/xdg/autostart
+ autostart_DATA = sealertauto.desktop
+ 
+diff --git a/framework/org.fedoraproject.Setroubleshootd.service b/framework/org.fedoraproject.Setroubleshootd.service
+index 05c2c39..2c52499 100644
+--- a/framework/org.fedoraproject.Setroubleshootd.service
+++ b/framework/org.fedoraproject.Setroubleshootd.service
+@@ -1,4 +1,5 @@
+ [D-BUS Service]
+ Name=org.fedoraproject.Setroubleshootd
+-Exec=/usr/sbin/setroubleshootd -f 
+SystemdService=setroubleshootd.service
+Exec=/bin/false
+ User=setroubleshoot
+diff --git a/framework/setroubleshootd.service b/framework/setroubleshootd.service
+new file mode 100644
+index 0000000..81c75b1
+--- /dev/null
+++ b/framework/setroubleshootd.service
+@@ -0,0 +1,10 @@
+[Unit]
+Description=SETroubleshoot daemon for processing new SELinux denial logs
+
+[Service]
+Type=dbus
+BusName=org.fedoraproject.Setroubleshootd
+ExecStart=/usr/sbin/setroubleshootd -f
+User=setroubleshoot
+LimitAS=1G
+Nice=5
+-- 
+2.35.3
+
--- a/SOURCES/0008-doc-Document-performance-related-changes.patch
+++ b/SOURCES/0008-doc-Document-performance-related-changes.patch
@ -0,0 +1,45 @@
+From eed06d0f11867c1019fee4fb1a80be775a60d74e Mon Sep 17 00:00:00 2001
+From: Vit Mojzis <vmojzis@redhat.com>
+Date: Mon, 11 Jul 2022 18:20:47 +0200
+Subject: [PATCH] doc: Document performance related changes
+
+- Setroubleshootd is now executed using setroubleshootd.service
+- ^^ is limited to 1GB of RAM and has a lower than normal priority
+
+Signed-off-by: Vit Mojzis <vmojzis@redhat.com>
+---
+ doc/setroubleshootd.8 | 9 +++++++--
+ 1 file changed, 7 insertions(+), 2 deletions(-)
+
+diff --git a/framework/doc/setroubleshootd.8 b/framework/doc/setroubleshootd.8
+index bed6713..f1f04d8 100644
+--- a/framework/doc/setroubleshootd.8
+++ b/framework/doc/setroubleshootd.8
+@@ -23,9 +23,14 @@ components, sealert and setroubleshootd.
+ setroubleshootd is a system daemon which runs under setroubleshoot user and
+ listens for audit events emitted from the kernel related to SELinux. When the
+ setroubleshootd daemon sees an SELinux AVC denial it runs a series of analysis
+-plugins which examines the audit data related to the AVC. It records the
+plugins which examine the audit data related to the AVC. It records the
+ results of the analysis and signals any clients which have attached to the
+ setroubleshootd daemon that a new alert has been seen.
+.P
+setroubleshootd is not persistent and only runs when there are new AVCs to be
+analyzed. It is executed using setroubleshootd.service, which also limits its
+priority and maximum RAM utilization to 1GB, in order to help with system
+responsiveness in case of large amounts of AVCs.
+ 
+ .SH "OPTIONS"
+ .TP 
+@@ -33,7 +38,7 @@ setroubleshootd daemon that a new alert has been seen.
+ Do not fork the daemon
+ .TP 
+ .B \-d \-\-debug
+-Do not exit after 10 seconds
+Do not exit after 10 seconds of inactivity
+ .TP 
+ .B \-h \-\-help           
+ Show this message
+-- 
+2.35.3
+
--- a/SOURCES/0009-setroubleshoot-server-shutdown-RunFaultServer-nicely.patch
+++ b/SOURCES/0009-setroubleshoot-server-shutdown-RunFaultServer-nicely.patch
@ -0,0 +1,56 @@
+From 2fbc58c26359989894dfb54daaca2ff4b537f4fe Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= <cgzones@googlemail.com>
+Date: Fri, 22 Apr 2022 16:27:30 +0200
+Subject: [PATCH] setroubleshoot/server: shutdown RunFaultServer nicely
+
+    systemd[1]: dbus-:1.2-org.fedoraproject.Setroubleshootd@2.service: Main process exited, code=killed, status=14/ALRM
+    systemd[1]: dbus-:1.2-org.fedoraproject.Setroubleshootd@2.service: Failed with result 'signal'.
+    audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:systemd_t:s0 msg='unit=dbus-:1.2-org.fedoraproject.Setroubleshootd@2 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=failed'
+---
+ src/setroubleshoot/server.py | 14 +++++++++++---
+ 1 file changed, 11 insertions(+), 3 deletions(-)
+
+diff --git a/framework/src/setroubleshoot/server.py b/framework/src/setroubleshoot/server.py
+index 10ef215..8f16993 100755
+--- a/framework/src/setroubleshoot/server.py
+++ b/framework/src/setroubleshoot/server.py
+@@ -733,9 +733,17 @@ def goodbye(database):
+     audit2why.finish()
+ 
+ 
+main_loop = GLib.MainLoop()
+
+
+def alarm_handler(signum, frame):
+    log_debug("SIGALRM raised in RunFaultServer")
+    main_loop.quit()
+
+
+ def RunFaultServer(timeout=10):
+     signal.alarm(timeout)
+-    sigalrm_handler = signal.signal(signal.SIGALRM, polling_failed_handler)
+    signal.signal(signal.SIGALRM, polling_failed_handler)
+     # polling for /sys/fs/selinux/policy file
+     while True:
+         try:
+@@ -760,7 +768,7 @@ def RunFaultServer(timeout=10):
+ 
+     global host_database, analysis_queue, email_recipients
+ 
+-    signal.signal(signal.SIGALRM, sigalrm_handler)
+    signal.signal(signal.SIGALRM, alarm_handler)
+     signal.signal(signal.SIGHUP, sighandler)
+ 
+     #interface_registry.dump_interfaces()
+@@ -856,7 +864,7 @@ def RunFaultServer(timeout=10):
+ 
+         dbus.glib.init_threads()
+         setroubleshootd_dbus = SetroubleshootdDBus(analysis_queue, alert_receiver, timeout)
+-        main_loop = GLib.MainLoop()
+
+         main_loop.run()
+ 
+     except KeyboardInterrupt as e:
+-- 
+2.35.3
+
--- a/SOURCES/0010-Check-that-SELinux-is-enabled-before-running.patch
+++ b/SOURCES/0010-Check-that-SELinux-is-enabled-before-running.patch
@ -0,0 +1,48 @@
+From 9e2753d241bf0bccaf0b05984e7562a2ac2a70e6 Mon Sep 17 00:00:00 2001
+From: Vit Mojzis <vmojzis@redhat.com>
+Date: Thu, 24 Aug 2023 19:02:24 +0200
+Subject: [PATCH] Check that SELinux is enabled before running
+
+Setroubleshootd will fail to run when selinux is disabled. Check that
+SELinux is enabled in setroubleshootd service file and in sealert (so
+that it does not wait for setroubleshootd to start).
+
+Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2178950
+
+Signed-off-by: Vit Mojzis <vmojzis@redhat.com>
+---
+ setroubleshootd.service | 1 +
+ src/sealert             | 6 ++++++
+ 2 files changed, 7 insertions(+)
+
+diff --git a/framework/setroubleshootd.service b/framework/setroubleshootd.service
+index 81c75b1..7fc2ffb 100644
+--- a/framework/setroubleshootd.service
+++ b/framework/setroubleshootd.service
+@@ -1,5 +1,6 @@
+ [Unit]
+ Description=SETroubleshoot daemon for processing new SELinux denial logs
+ConditionSecurity=selinux
+ 
+ [Service]
+ Type=dbus
+diff --git a/framework/src/sealert b/framework/src/sealert
+index 2663a21..5ce6463 100755
+--- a/framework/src/sealert
+++ b/framework/src/sealert
+@@ -576,6 +576,12 @@ if __name__ == '__main__':
+     setup_sighandlers()
+     log_debug("main() args=%s" % sys.argv)
+ 
+    # Exit if selinux is disabled - setroubleshootd cannot start
+    if not selinux.is_selinux_enabled():
+        log_debug("SELinux not enabled, sealert will not run on non SELinux systems")
+        print("SELinux not enabled, sealert will not run on non SELinux systems", file=sys.stderr)
+        sys.exit(3)
+
+     def validate_invocation_style(opt, opts_instance, conflict_opts):
+         global invocation_style
+         conflict_opts.remove(opt)
+-- 
+2.41.0
+
--- a/SOURCES/setroubleshoot.sysusers
+++ b/SOURCES/setroubleshoot.sysusers
@ -1 +0,0 @@
-u setroubleshoot - "SELinux troubleshoot server" /var/lib/setroubleshoot
--- a/SOURCES/setroubleshoot.tmpfiles
+++ b/SOURCES/setroubleshoot.tmpfiles
@ -1,2 +1 @@
 d /run/setroubleshoot 711 setroubleshoot setroubleshoot -
-Z /var/lib/setroubleshoot - setroubleshoot setroubleshoot -
--- a/SPECS/setroubleshoot.spec
+++ b/SPECS/setroubleshoot.spec
@ -1,33 +1,33 @@
-# Disable automatic compilation of Python files in extra directories
-%global _python_bytecompile_extra 0
-
 Summary: Helps troubleshoot SELinux problems
 Name: setroubleshoot
-Version: 3.3.32
-Release: 1%{?dist}
-License: GPL-2.0-or-later
-URL: https://gitlab.com/setroubleshoot/setroubleshoot
-Source0: https://gitlab.com/setroubleshoot/setroubleshoot/-/archive/%{version}/setroubleshoot-%{version}.tar.gz
+Version: 3.3.26
+Release: 6%{?dist}
+License: GPLv2+
+URL: https://gitlab.com/setroubleshoot/framework
+Source0: https://releases.pagure.org/setroubleshoot/%{name}-%{version}.tar.gz
 Source1: %{name}.tmpfiles
-Source2: %{name}.sysusers
-# git format-patch -N 3.3.32
+# git format-patch --src-prefix=a/framework/ --dst-prefix=b/framework/ -N setroubleshoot-3.3.26 -- . ':!doc/developers_guide.wiki' ':!test/README.testing' ':!.gitlab-ci.yml'
 # i=1; for j in 00*patch; do printf "Patch%04d: %s\n" $i $j; i=$((i+1));done
-Patch0001: 0001-imp-module-is-deprecated-in-favor-of-importlib.patch
-Patch0002: 0002-Always-reset-pending-alarms-when-alarm-0.patch
-Patch0003: 0003-gitlab-ci-use-apt-get-to-install-python3-dbus-packag.patch
+Patch0001: 0001-Stop-SetroubleshootFixit-after-10-seconds-of-inactiv.patch
+Patch0002: 0002-Do-not-use-Python-slip-package.patch
+Patch0003: 0003-Fix-typos-in-help-man-pages-and-developer-s-guide.patch
+Patch0004: 0004-Revert-Replace-pydbus-with-dasbus.patch
+Patch0005: 0005-Improve-after_first-email-filter-behavior.patch
+Patch0006: 0006-Update-translations.patch
+Patch0007: 0007-Decrease-setroubleshootd-priority-and-limit-RAM-util.patch
+Patch0008: 0008-doc-Document-performance-related-changes.patch
+Patch0009: 0009-setroubleshoot-server-shutdown-RunFaultServer-nicely.patch
+Patch0010: 0010-Check-that-SELinux-is-enabled-before-running.patch
 BuildRequires: gcc
 BuildRequires: make
 BuildRequires: libcap-ng-devel
-BuildRequires: intltool gettext python3 python3-devel python3-setuptools python3-wheel python3-pip
-BuildRequires: desktop-file-utils libnotify-devel libselinux-devel polkit-devel
-BuildRequires: audit-libs-devel >= 3.0.1
-BuildRequires: python3-libselinux python3-dasbus python3-gobject gtk3-devel
-# for the _tmpfilesdir macro
-BuildRequires: systemd-rpm-macros
+BuildRequires: intltool gettext python3 python3-devel
+BuildRequires: desktop-file-utils dbus-glib-devel gtk2-devel libnotify-devel audit-libs-devel libselinux-devel polkit-devel
+BuildRequires: python3-libselinux python3-pydbus python3-gobject gtk3-devel
 Requires: %{name}-server = %{version}-%{release} 
 Requires: gtk3, libnotify
 Requires: libreport-gtk >= 2.2.1-2, python3-libreport
-Requires: python3-gobject, python3-dasbus
+Requires: python3-gobject, python3-pydbus
 Requires(post): desktop-file-utils
 Requires(post): dbus
 Requires(postun): desktop-file-utils
@ -43,6 +43,7 @@ Requires: xdg-utils
 %global pkgvardatadir %{_localstatedir}/lib/%{name}
 %global pkgconfigdir  %{_sysconfdir}/%{name}
 %global pkgdatabase   %{pkgvardatadir}/setroubleshoot_database.xml
+%global username      setroubleshoot

 %description
 setroubleshoot GUI. Application that allows you to view setroubleshoot-server
@ -56,8 +57,8 @@ to user preference. The same tools can be run on existing log files.
 %{pkgguidir}
 %config(noreplace) %{_sysconfdir}/xdg/autostart/*
 %{_datadir}/applications/*.desktop
-%{_metainfodir}/*.appdata.xml
-%{_datadir}/dbus-1/services/org.fedoraproject.sealert.service
+%{_datadir}/appdata/*.appdata.xml
+%{_datadir}/dbus-1/services/sealert.service
 %{_datadir}/icons/hicolor/*/*/*
 %dir %attr(0755,root,root) %{pkgpythondir}
 %{pkgpythondir}/browser.py
@ -68,15 +69,16 @@ to user preference. The same tools can be run on existing log files.


 %prep
-%autosetup -p 1
+%autosetup -p 2

 %build
-./autogen.sh
+autoreconf -f
 %configure PYTHON=%{__python3} --enable-seappletlegacy=no --with-auditpluginsdir=/etc/audit/plugins.d
 make

 %install
-%make_install PREFIX=/usr
+make DESTDIR=%{buildroot} PREFIX=/usr install
+touch -r src/config.py.in %{buildroot}%{python3_sitelib}/setroubleshoot/config.py
 desktop-file-install --vendor="" --dir=%{buildroot}%{_datadir}/applications %{buildroot}/%{_datadir}/applications/%{name}.desktop
 mkdir -p %{buildroot}%{pkgvardatadir}
 mkdir -p %{buildroot}%{_rundir}/setroubleshoot
@ -84,9 +86,19 @@ touch %{buildroot}%{pkgdatabase}
 touch %{buildroot}%{pkgvardatadir}/email_alert_recipients
 rm -rf %{buildroot}/usr/share/doc/
 # create /run/setroubleshoot on boot
-install -p -m644 -D %{SOURCE1} $RPM_BUILD_ROOT%{_tmpfilesdir}/%{name}.conf
-install -p -m644 -D %{SOURCE2} $RPM_BUILD_ROOT%{_sysusersdir}/%{name}.conf
+install -m644 -D %{SOURCE1} $RPM_BUILD_ROOT%{_tmpfilesdir}/%{name}.conf

+# Switch hardcoded python3 shebangs into the %%{__python3} macro
+pathfix.py -i "%{__python3} -Es" -p \
+    %{buildroot}%{_sbindir}/setroubleshootd \
+    %{buildroot}%{_bindir}/{sealert,seapplet} \
+    %{buildroot}/usr/share/setroubleshoot/SetroubleshootFixit.py \
+    %{buildroot}/usr/share/setroubleshoot/SetroubleshootPrivileged.py
+rm \
+    %{buildroot}%{_sbindir}/setroubleshootd~ \
+    %{buildroot}%{_bindir}/{sealert,seapplet}~ \
+    %{buildroot}/usr/share/setroubleshoot/SetroubleshootFixit.py~ \
+    %{buildroot}/usr/share/setroubleshoot/SetroubleshootPrivileged.py~

 %find_lang %{name}

@ -94,7 +106,7 @@ install -p -m644 -D %{SOURCE2} $RPM_BUILD_ROOT%{_sysusersdir}/%{name}.conf
 Summary: SELinux troubleshoot server

 Requires: %{name}-plugins >= 3.3.10
-Requires: audit >= 3.0.1
+Requires: audit >= 3
 Requires: audit-libs-python3
 Requires: libxml2-python3
 Requires: rpm-python3
@ -102,12 +114,14 @@ Requires: libselinux-python3  >= 2.1.5-1
 Requires: policycoreutils-python-utils
 BuildRequires: intltool gettext python3
 BuildRequires: python3-devel
+BuildRequires: systemd
 Requires: systemd-python3 >= 206-1
-Requires: python3-gobject-base >= 3.11
+Requires: python3-gobject >= 3.11
 Requires: dbus
-Requires: python3-dbus python3-dasbus python3-six
+Requires: python3-dbus python3-pydbus
 Requires: polkit
-Requires: initscripts-service
+Requires: initscripts
+Requires(pre): /usr/sbin/useradd /usr/sbin/groupadd

 %description server
 Provides tools to help diagnose SELinux problems. When AVC messages
@ -116,7 +130,7 @@ about the problem and help track its resolution. Alerts can be configured
 to user preference. The same tools can be run on existing log files.

 %pre server
-%sysusers_create_compat %{SOURCE2}
+getent passwd %{username} >/dev/null || useradd -r -U -s /sbin/nologin -d %{pkgvardatadir} %{username}

 %post server
 /sbin/service auditd reload >/dev/null 2>&1 || :
@ -124,14 +138,16 @@ to user preference. The same tools can be run on existing log files.
 %postun server
 /sbin/service auditd reload >/dev/null 2>&1 || :

+%triggerun server -- %{name}-server < 3.2.24-4
+chown -R setroubleshoot:setroubleshoot %{pkgvardatadir}
+
 %files server -f %{name}.lang
 %{_bindir}/sealert
 %{_sbindir}/sedispatch
 %{_sbindir}/setroubleshootd
-%{python3_sitelib}/setroubleshoot*.dist-info
+%{python3_sitelib}/setroubleshoot*.egg-info
 %dir %attr(0755,root,root) %{pkgconfigdir}
-%dir %{pkgpythondir}
-%dir %{pkgpythondir}/__pycache__
+%dir %attr(0755,root,root) %{pkgpythondir}
 %{pkgpythondir}/Plugin.py
 %{pkgpythondir}/__init__.py
 %{pkgpythondir}/access_control.py
@ -150,6 +166,8 @@ to user preference. The same tools can be run on existing log files.
 %{pkgpythondir}/util.py
 %{pkgpythondir}/uuid.py
 %{pkgpythondir}/xml_serialize.py
+%dir %{pkgpythondir}
+%dir %{pkgpythondir}/__pycache__
 %{pkgpythondir}/__pycache__/Plugin.cpython*
 %{pkgpythondir}/__pycache__/__init__.cpython*
 %{pkgpythondir}/__pycache__/access_control.cpython*
@ -182,149 +200,80 @@ to user preference. The same tools can be run on existing log files.
 %{_mandir}/man8/sedispatch.8.gz
 %{_mandir}/man8/setroubleshootd.8.gz
 %config /etc/audit/plugins.d/sedispatch.conf
-%{_unitdir}/setroubleshootd.service
 %{_datadir}/dbus-1/system-services/org.fedoraproject.Setroubleshootd.service
 %{_datadir}/dbus-1/system-services/org.fedoraproject.SetroubleshootPrivileged.service
 %{_datadir}/polkit-1/actions/org.fedoraproject.setroubleshootfixit.policy
 %config(noreplace) %{_sysconfdir}/dbus-1/system.d/org.fedoraproject.SetroubleshootFixit.conf
 %{_datadir}/dbus-1/system-services/org.fedoraproject.SetroubleshootFixit.service
+%{_unitdir}/setroubleshootd.service
 %attr(0644,root,root) %{_tmpfilesdir}/%{name}.conf
-%attr(0644,root,root) %{_sysusersdir}/%{name}.conf
 %attr(0711,setroubleshoot,setroubleshoot) %dir %{_rundir}/setroubleshoot
 %doc AUTHORS COPYING ChangeLog DBUS.md NEWS README TODO

 %changelog
-* Thu Jul 27 2023 Petr Lautrbach <lautrbach@redhat.com> - 3.3.32-1
- Always reset pending alarms when alarm(0) (rhbz#2112573)
- 'imp' module is deprecated in favor of 'importlib' (rhbz#2224393)
- Fix build with pip 23.1.2+
- Remove dbus-glib-devel BR as it's only needed when compiled with seappletlegacy
- Rename session bus name to org.fedoraproject.sealert
- seapplet: wrap SEApplet() to try except
- util.py: Add doctext test for build_module_type_cache()
- Update translations
+* Thu Aug 24 2023 Vit Mojzis <vmojzis@redhat.com> - 3.3.26-6
+- Fix shebang of SetroubleshootPrivileged.py (#2231023)
+- Check that SELinux is enabled before running (#2178950)

-* Thu Mar 09 2023 Vit Mojzis <vmojzis@redhat.com> - 3.3.31-2
- Update translations (#2139682)
+* Mon Aug 22 2022 Vit Mojzis <vmojzis@redhat.com> - 3.3.26-5
+- Shutdown RunFaultServer nicely (#2119001)

-* Wed Nov 23 2022 Petr Lautrbach <lautrbach@redhat.com> - 3.3.31-1
- Add a screen reader label to the icon
- seapplet: avoid ValueError when parsing sealert.conf
+* Wed Jul 13 2022 Vit Mojzis <vmojzis@redhat.com> - 3.3.26-4
+- Decrease setroubleshootd priority and limit RAM utilization to 1GB (#2064727)
 - doc: Document performance related changes
- Decrease setroubleshootd priority and limit RAM utilization to 1GB
- Use setup from setuptools
- Use `pip install` instead of `setup.py install`

-* Tue Jun 28 2022 Petr Lautrbach <plautrba@redhat.com> - 3.3.30-1
- - Miscellaneous python and build system changes
- - Fix couple of typos
- - Drop Python2 support
- - Use inspect.signature() instead of instead.getargspec()
- - Update translations
+* Fri Feb 25 2022 Vit Mojzis <vmojzis@redhat.com> - 3.3.26-3
+- Update translations (#2017299)

-* Wed Mar 30 2022 Petr Lautrbach <plautrba@redhat.com> - 3.3.29-1
- Introduce email.use_sendmail option
- Update translations
+* Fri Feb 11 2022 Vit Mojzis <vmojzis@redhat.com> - 3.3.26-2
+- Improve after_first email filter behavior (#2050734)

-* Wed Mar 09 2022 Vit Mojzis <vmojzis@redhat.com> - 3.3.28-3
- Update translations (#2017386)
-
-* Tue Feb  8 2022 Petr Lautrbach <plautrba@redhat.com> - 3.3.28-2
- Use %sysusers_create_compat instead of useradd
- Set right ownership on /var/lib/setroubleshoot
-
-* Tue Feb  8 2022 Petr Lautrbach <plautrba@redhat.com> - 3.3.28-1
- Look for modules in /usr/share/selinux/packages
- Always use rpm source package for reporting
- Improve after_first email filter behavior
-
-* Wed Jan 19 2022 Petr Lautrbach <plautrba@redhat.com> - 3.3.27-2
- Improve DSP module reporting
- Require initscripts-service - /sbin/service
-
-* Thu Jan 13 2022 Petr Lautrbach <plautrba@redhat.com> - 3.3.27-1
- sedispatch: check read_size
- SafeConfigParser is deprecated and will be dropped
- Fix typos in --help, man pages and developer's guide
- Improve Python 3.10 compatibility
-  https://pagure.io/setroubleshoot/issue/58
- Update translations
-
-* Tue Aug 10 2021 Mohan Boddu <mboddu@redhat.com> - 3.3.26-5
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
-  Related: rhbz#1991688
-
-* Fri Jul 16 2021 Petr Lautrbach <plautrba@redhat.com> - 3.3.26-4
- Improve sedispatch performance
-
-* Fri Jul  2 2021 Petr Lautrbach <plautrba@redhat.com> - 3.3.26-3
- Fix file mode of email_alert_recipients
-
-* Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 3.3.26-2
- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
-
-* Thu Apr 15 2021 Petr Lautrbach <plautrba@redhat.com> - 3.3.26-1
- Fix plugin exception reporting
- Update translations
- Stop SetroubleshootFixit after 10 seconds of inactivity
+* Fri Dec 10 2021 Vit Mojzis <vmojzis@redhat.com> - 3.3.26-1
+- Revert "Replace pydbus with dasbus"
+- Fix typos in --help, man pages and developer's guide (#2028226)
 - Do not use Python slip package
+- Stop SetroubleshootFixit after 10 seconds of inactivity
+- Fix plugin exception reporting
+- export alert dbus signal
+- Make sure local_policy_package is not None
+- sealert: add "Last Seen" column to alert list

-* Wed Mar 10 2021 Petr Lautrbach <plautrba@redhat.com> - 3.3.25-1
- Use Python dasbus instead of pydbus
- Optimize get_rpm_nvr_by_type by adding a cache
+* Mon Sep 27 2021 Vit Mojzis <vmojzis@redhat.com> - 3.3.24-4
+- Update translations (#1962030)
+
+* Tue Feb 02 2021 Vit Mojzis <vmojzis@redhat.com> - 3.3.24-3
+- sealert: exit on any connection close (#1875290)
+
+* Wed Jan 13 2021 Vit Mojzis <vmojzis@redhat.com> - 3.3.24-2
+- Optimize get_rpm_nvr_by_type by adding a cache (#1794807)
+- Stop building seappletlegacy (#1878792)
 - Update translations

-* Tue Feb 02 2021 Vit Mojzis <vmojzis@redhat.com> - 3.3.24-4
- sealert: exit on any connection close
+* Wed Aug 12 2020 Vit Mojzis <vmojzis@redhat.com> - 3.3.24-1
+- Add 'fur' into shipped locales
+- Update translations (#1820570)
+- Log full reports with correct syslog identifier
+- Cancel pending alarm during AVC analyses

-* Wed Jan 27 2021 Fedora Release Engineering <releng@fedoraproject.org> - 3.3.24-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
-
-* Sat Jan 16 2021 Vit Mojzis <vmojzis@redhat.com> - 3.3.24-2
- framework/util: optimize get_rpm_nvr_by_type by adding a cache
- Stop building seappletlegacy
-
-* Tue Oct 13 2020 Petr Lautrbach <plautrba@redhat.com> - 3.3.24-1
- - Add 'fur' into shipped locales
- - Update translations
- - Log full reports with correct syslog identifier
- - Cancel pending alarm during AVC analyses
-
-* Sat Aug 01 2020 Fedora Release Engineering <releng@fedoraproject.org> - 3.3.23-5
- Second attempt - Rebuilt for
-  https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
-
-* Wed Jul 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 3.3.23-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
-
-* Tue Jul 14 2020 Tom Stellard <tstellar@redhat.com> - 3.3.23-3
- Use make macros
- https://fedoraproject.org/wiki/Changes/UseMakeBuildInstallMacro
-
-* Tue May 26 2020 Miro Hrončok <mhroncok@redhat.com> - 3.3.23-2
- Rebuilt for Python 3.9
-
-* Tue Apr 21 2020 Vit Mojzis <vmojzis@redhat.com> - 3.3.23-1
- browser: Check return value of Gdk.Screen().get_default()
- Improve and unify error messages
+* Mon Apr 27 2020 Vit Mojzis <vmojzis@redhat.com> - 3.3.23-1
+- browser: Check return value of Gdk.Screen().get_default() (#1574434)
+- Improve and unify error messages (#1763982)
 - setroubleshoot.util: Catch exceptions from sepolicy import
 - Add dpkg support
 - Do not refer to hardcoded selinux-policy rpm in signature
- Make date/time format locale specific
- Improve speed of plugin evaluation
-
-* Wed Mar  4 2020 Petr Lautrbach <plautrba@redhat.com> - 3.3.22-6
- Do not try to report a bug on None package (#1809801)
-
-* Fri Feb 28 2020 Petr Lautrbach <plautrba@redhat.com> - 3.3.22-5
+- Make date/time format locale specific (#1812674)
+- Improve speed of plugin evaluation (#1794807)
+- Do not try to report a bug on None package
+- sealert: Drop unused import slib.dbus.service
+- Drop updater.py - it's not used and doesn't work
 - root user doesn't need to use SetroubleshootPrivileged API
-
-* Thu Feb 27 2020 Petr Lautrbach <plautrba@redhat.com> - 3.3.22-4
- sealert to report a bug on a package which owns the related SELinux domain
+- Use pydbus, a modern Python dbus API, for SetroubleshootPrivileged
+- Report bug on a package which owns the related SELinux domain (#1811644)
  https://pagure.io/setroubleshoot/issue/18
-
-* Thu Jan 30 2020 Fedora Release Engineering <releng@fedoraproject.org> - 3.3.22-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
+- Add Local SELinux policy package version to analyses reports
+- setroubleshoot.utils.get_rpm_nvr_by_scontext add option to use DBUS method
+- Export setroubleshoot.utils.get_rpm_nvr_by_scontext via DBUS
+- setroubleshoot.util: get_rpm_nvr_by_type() and get_rpm_nvr_by_scontext()

 * Sat Jan 11 2020 Petr Lautrbach <plautrba@redhat.com> - 3.3.22-2
 - Log plugin exception traceback when log level is DEBUG
@ -334,33 +283,30 @@ to user preference. The same tools can be run on existing log files.
 - sepolicy.info() returns a generator, not a list (#1784564)

 * Wed Dec 11 2019 Vit Mojzis <vmojzis@redhat.com> - 3.3.21-1
+- Use dbus.mainloop.glib.DBusGMainLoop() instead of dbus.glib
 - Fix AVC.__typeMatch to handle aliases properly
 - Handle sockets with abstract path properly (#1775135)

-* Thu Oct 03 2019 Miro Hrončok <mhroncok@redhat.com> - 3.3.20-4
- Rebuilt for Python 3.8.0rc1 (#1748018)
-
-* Tue Aug 27 2019 Petr Lautrbach <plautrba@redhat.com> - 3.3.20-3
- Use dbus.mainloop.glib.DBusGMainLoop() instead of dbus.glib
-
-* Mon Aug 19 2019 Miro Hrončok <mhroncok@redhat.com> - 3.3.20-2
- Rebuilt for Python 3.8
+* Fri Aug 16 2019 Vit Mojzis <vmojzis@redhat.com> - 3.3.20-2
+- Fix file mode of email_alert_recipients (#1741960)

 * Wed Jul 17 2019 Vit Mojzis <vmojzis@redhat.com> - 3.3.20-1
+- Add man page for seapplet (#1612529)
+
+* Tue May 14 2019 Vit Mojzis <vmojzis@redhat.com> - 3.3.19-2
 - Update "missing" scripts to automake-1.15
 - Add active polling for acquiring policy file
- Fix translation of hex values in AVCs
+- Fix translation of hex values in AVCs (#1477236, #1709742)
 - require initscripts to ensure that "service" call works properly
- Add man page for seapplet
- setroubleshoot-server: only require gobject-base
-
-* Sat Feb 02 2019 Fedora Release Engineering <releng@fedoraproject.org> - 3.3.19-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild

 * Sat Dec  8 2018 Petr Lautrbach <plautrba@redhat.com> - 3.3.19-1
 - Require plugins >= 3.3.10

-* Thu Nov 29 2018 Petr Lautrbach <plautrba@redhat.com> - 3.3.18-3
+* Wed Dec  5 2018 Petr Lautrbach <plautrba@redhat.com> - 3.3.18-4
+- Update translations
+- Catch exceptions caused by lookup_signature
+
+* Sat Dec  1 2018 Petr Lautrbach <plautrba@redhat.com> - 3.3.18-3.1
 - Update scriptlets to reload auditd after install or uninstall

 * Thu Sep 20 2018 Petr Lautrbach <plautrba@redhat.com> - 3.3.18-2
@ -371,11 +317,8 @@ to user preference. The same tools can be run on existing log files.
 - Move sedispatch.conf to /etc/audit/plugins.d/
 - Fix summary and "if" text for AVCs with unknown target path

-* Sat Jul 14 2018 Fedora Release Engineering <releng@fedoraproject.org> - 3.3.17-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
-
-* Tue Jun 19 2018 Miro Hrončok <mhroncok@redhat.com> - 3.3.17-2
- Rebuilt for Python 3.7
+* Tue Jul 03 2018 Tomas Orsava <torsava@redhat.com> - 3.3.17-2
+- Switch hardcoded python3 shebangs into the %%{__python3} macro

 * Mon Feb 26 2018 Petr Lautrbach <plautrba@redhat.com> - 3.3.17-1
 - Set auto_save_interval to 5 (#1548913,#1523406,#1539180)
@ -2048,4 +1991,3 @@ it has already been seen

 * Fri May 19 2006 John Dennis <jdennis@redhat.com> - 0.1-1
 - Initial build.
-
				`@ -1 +0,0 @@`
				`6ee4101312b8c2b98ea7d007eccd62918f59c4f3 SOURCES/setroubleshoot-3.3.32.tar.gz`
				`@ -1 +0,0 @@`
				`u setroubleshoot - "SELinux troubleshoot server" /var/lib/setroubleshoot`