diff --git a/.cvsignore b/.cvsignore index 43a70d5..72972c2 100644 --- a/.cvsignore +++ b/.cvsignore @@ -132,3 +132,4 @@ policycoreutils-1.34.1.tgz policycoreutils-2.0.0.tgz policycoreutils-2.0.1.tgz sepolgen-1.0.0.tgz +policycoreutils-2.0.2.tgz diff --git a/policycoreutils-gui.patch b/policycoreutils-gui.patch new file mode 100644 index 0000000..2c19055 --- /dev/null +++ b/policycoreutils-gui.patch @@ -0,0 +1,4843 @@ +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/booleansPage.py policycoreutils-2.0.1/gui/booleansPage.py +--- nsapolicycoreutils/gui/booleansPage.py 1969-12-31 19:00:00.000000000 -0500 ++++ policycoreutils-2.0.1/gui/booleansPage.py 2007-02-15 15:16:09.000000000 -0500 +@@ -0,0 +1,199 @@ ++# ++# booleansPage.py - GUI for Booleans page in system-config-securitylevel ++# ++# Brent Fox ++# Dan Walsh ++# ++# Copyright 2006 Red Hat, Inc. ++# ++# This program is free software; you can redistribute it and/or modify ++# it under the terms of the GNU General Public License as published by ++# the Free Software Foundation; either version 2 of the License, or ++# (at your option) any later version. ++# ++# This program is distributed in the hope that it will be useful, ++# but WITHOUT ANY WARRANTY; without even the implied warranty of ++# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ++# GNU General Public License for more details. ++# ++# You should have received a copy of the GNU General Public License ++# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. ++# ++import string ++import gtk ++import gtk.glade ++import os ++import libxml2 ++import gobject ++import sys ++import tempfile ++ ++INSTALLPATH='/usr/share/system-config-selinux' ++sys.path.append(INSTALLPATH) ++ ++from Conf import * ++import commands ++ENFORCING=0 ++PERMISSIVE=1 ++DISABLED=2 ++ ++## ++## I18N ++## ++PROGNAME="system-config-selinux" ++ ++import gettext ++gettext.bindtextdomain(PROGNAME, "/usr/share/locale") ++gettext.textdomain(PROGNAME) ++try: ++ gettext.install(PROGNAME, localedir="/usr/share/locale", unicode=1) ++except IOError: ++ import __builtin__ ++ __builtin__.__dict__['_'] = unicode ++ ++class Translation: ++ def __init__(self): ++ self.translation={} ++ fd=open(INSTALLPATH + "/selinux.tbl","r") ++ lines=fd.readlines() ++ fd.close() ++ for i in lines: ++ try: ++ line=i.strip().split("_(\"") ++ key=line[0].strip() ++ category=line[1].split("\"")[0] ++ value=line[2].split("\"")[0] ++ self.translation[key]=(category,value) ++ except: ++ continue ++ ++ def get_category(self,key): ++ try: ++ return _(self.translation[key][0]) ++ except: ++ return _("Other") ++ ++ def get_value(self,key): ++ try: ++ return _(self.translation[key][1]) ++ except: ++ return key ++ ++class Modifier: ++ def __init__(self,name, on, save): ++ self.on=on ++ self.name=name ++ self.save=save ++ ++ def set(self,value): ++ self.on=value ++ self.save=True ++ ++ def isOn(self): ++ return self.on ++ ++class Boolean(Modifier): ++ def __init__(self,name, val, save=False): ++ Modifier.__init__(self,name, val, save) ++ ++class Modifiers: ++ def __init__(self,store): ++ self.modifiers={} ++ self.translation=Translation() ++ self.store=store ++ self.store.clear() ++ ++ def add(self,name,val): ++ if name == "targeted_policy": ++ return ++ category=self.translation.get_category(name) ++ if not self.modifiers.has_key(category): ++ self.modifiers[category]={} ++ iter=self.store.append(None) ++ self.modifiers[category]["iter"] = iter ++ self.store.set_value(iter, 1, category) ++ self.store.set_value(iter, 3, False) ++ ++ self.modifiers[category][name]=val; ++ iter=self.store.append(self.modifiers[category]["iter"]) ++ self.store.set_value(iter, 0, val.isOn()) ++ self.store.set_value(iter, 1, self.translation.get_value(name)) ++ self.store.set_value(iter, 2, name) ++ self.store.set_value(iter, 3, True) ++ ++ def set(self,name,val): ++ category=self.translation.get_category(name) ++ self.modifiers[category][name].set(val) ++ ++ def isBoolean(self,name): ++ c=self.translation.get_category(name) ++ return isinstance(self.modifiers[c][name], Boolean) ++ ++ def get_booleans(self): ++ booleans={} ++ for c in self.modifiers.keys(): ++ for n in self.modifiers[c].keys(): ++ if isinstance(self.modifiers[c][n], Boolean): ++ booleans[n]=self.modifiers[c][n] ++ return booleans ++ ++class booleansPage: ++ def __init__(self, xml, doDebug=None): ++ self.xml = xml ++ self.types=[] ++ self.selinuxsupport = True ++ self.translation = Translation() ++ self.typechanged = False ++ self.doDebug = doDebug ++ ++ # Bring in widgets from glade file. ++ self.typeHBox = xml.get_widget("typeHBox") ++ self.booleanSW = xml.get_widget("booleanSW") ++ self.booleansView = xml.get_widget("booleansView") ++ self.typeLabel = xml.get_widget("typeLabel") ++ self.modifySeparator = xml.get_widget("modifySeparator") ++ ++ listStore = gtk.ListStore(gobject.TYPE_STRING) ++ cell = gtk.CellRendererText() ++ ++ self.booleansStore = gtk.TreeStore(gobject.TYPE_BOOLEAN, gobject.TYPE_STRING, gobject.TYPE_PYOBJECT, gobject.TYPE_BOOLEAN) ++ self.booleansStore.set_sort_column_id(1, gtk.SORT_ASCENDING) ++ self.booleansView.set_model(self.booleansStore) ++ ++ checkbox = gtk.CellRendererToggle() ++ checkbox.connect("toggled", self.boolean_toggled) ++ col = gtk.TreeViewColumn('', checkbox, active = 0,visible=3) ++ col.set_fixed_width(20) ++ col.set_clickable(True) ++ self.booleansView.append_column(col) ++ ++ col = gtk.TreeViewColumn("", gtk.CellRendererText(), text=1) ++ self.booleansView.append_column(col) ++ self.refreshBooleans() ++ ++ def get_description(self): ++ return _("Boolean") ++ ++ def refreshBooleans(self): ++ self.modifiers=Modifiers(self.booleansStore) ++ booleansList=commands.getoutput("/usr/sbin/getsebool -a").split("\n") ++ for i in booleansList: ++ rec=i.split() ++ name=rec[0] ++ if rec[2]=="on" or rec[2]=="active": ++ on=1 ++ else: ++ on=0 ++ self.modifiers.add(name,Boolean(name,on)) ++ ++ def boolean_toggled(self, widget, row): ++ if len(row) == 1: ++ return ++ iter = self.booleansStore.get_iter(row) ++ val = self.booleansStore.get_value(iter, 0) ++ key = self.booleansStore.get_value(iter, 2) ++ self.booleansStore.set_value(iter, 0 , not val) ++ self.modifiers.set(key, not val) ++ ++ setsebool="/usr/sbin/setsebool -P %s=%d" % (key, not val) ++ commands.getstatusoutput(setsebool) +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/fcontextPage.py policycoreutils-2.0.1/gui/fcontextPage.py +--- nsapolicycoreutils/gui/fcontextPage.py 1969-12-31 19:00:00.000000000 -0500 ++++ policycoreutils-2.0.1/gui/fcontextPage.py 2007-02-15 15:16:09.000000000 -0500 +@@ -0,0 +1,158 @@ ++## fcontextPage.py - show selinux mappings ++## Copyright (C) 2006 Red Hat, Inc. ++ ++## This program is free software; you can redistribute it and/or modify ++## it under the terms of the GNU General Public License as published by ++## the Free Software Foundation; either version 2 of the License, or ++## (at your option) any later version. ++ ++## This program is distributed in the hope that it will be useful, ++## but WITHOUT ANY WARRANTY; without even the implied warranty of ++## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ++## GNU General Public License for more details. ++ ++## You should have received a copy of the GNU General Public License ++## along with this program; if not, write to the Free Software ++## Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. ++ ++## Author: Dan Walsh ++import gtk ++import gtk.glade ++import os ++import libxml2 ++import gobject ++import seobject ++from semanagePage import *; ++from avc import context ++ ++## ++## I18N ++## ++PROGNAME="system-config-selinux" ++ ++import gettext ++gettext.bindtextdomain(PROGNAME, "/usr/share/locale") ++gettext.textdomain(PROGNAME) ++try: ++ gettext.install(PROGNAME, localedir="/usr/share/locale", unicode=1) ++except IOError: ++ import __builtin__ ++ __builtin__.__dict__['_'] = unicode ++ ++class fcontextPage(semanagePage): ++ def __init__(self, xml): ++ semanagePage.__init__(self, xml, "fcontext", _("File Labeling")) ++ self.view = xml.get_widget("fcontextView") ++ self.store = gtk.ListStore(gobject.TYPE_STRING, gobject.TYPE_STRING, gobject.TYPE_STRING) ++ self.view.set_model(self.store) ++# self.store.set_sort_column_id(0, gtk.SORT_ASCENDING) ++ ++ col = gtk.TreeViewColumn(_("File\nSpecification"), gtk.CellRendererText(), text=0) ++ col.set_sizing(gtk.TREE_VIEW_COLUMN_FIXED) ++ col.set_fixed_width(250) ++ ++ col.set_sort_column_id(0) ++ col.set_resizable(True) ++ self.view.append_column(col) ++ col = gtk.TreeViewColumn(_("Selinux\nFile Context"), gtk.CellRendererText(), text=1) ++ ++ col.set_sizing(gtk.TREE_VIEW_COLUMN_FIXED) ++ col.set_fixed_width(250) ++ col.set_sort_column_id(1) ++ col.set_resizable(True) ++ self.view.append_column(col) ++ col = gtk.TreeViewColumn(_("File\nType"), gtk.CellRendererText(), text=2) ++ col.set_sort_column_id(2) ++ col.set_resizable(True) ++ self.view.append_column(col) ++ self.load() ++ self.fcontextEntry = xml.get_widget("fcontextEntry") ++ self.fcontextFileTypeCombo = xml.get_widget("fcontextFileTypeCombo") ++ liststore=self.fcontextFileTypeCombo.get_model() ++ for k in seobject.file_types: ++ if len(k) > 0 and k[0] != '-': ++ iter=liststore.append() ++ liststore.set_value(iter, 0, k) ++ iter = liststore.get_iter_first() ++ self.fcontextFileTypeCombo.set_active_iter(iter) ++ self.fcontextTypeEntry = xml.get_widget("fcontextTypeEntry") ++ self.fcontextMLSEntry = xml.get_widget("fcontextMLSEntry") ++ ++ def load(self): ++ self.fcontext=seobject.fcontextRecords() ++ fcon_list=self.fcontext.get_all() ++ self.store.clear() ++ for fcon in fcon_list: ++ iter=self.store.append() ++ self.store.set_value(iter, 0, fcon[0]) ++ self.store.set_value(iter, 2, fcon[1]) ++ if len(fcon) > 3: ++ rec="%s:%s:%s:%s " % (fcon[2], fcon[3],fcon[4], seobject.translate(fcon[5],False)) ++ else: ++ rec="<>" ++ self.store.set_value(iter, 1, rec) ++ self.view.get_selection().select_path ((0,)) ++ ++ def dialogInit(self): ++ store, iter = self.view.get_selection().get_selected() ++ self.fcontextEntry.set_text(store.get_value(iter, 0)) ++ self.fcontextEntry.set_sensitive(False) ++ scontext = store.get_value(iter, 1) ++ scon=context(scontext) ++ self.fcontextTypeEntry.set_text(scon.type) ++ self.fcontextMLSEntry.set_text(scon.mls) ++ type=store.get_value(iter, 2) ++ liststore=self.fcontextFileTypeCombo.get_model() ++ iter = liststore.get_iter_first() ++ while iter != None and liststore.get_value(iter,0) != type: ++ iter = liststore.iter_next(iter) ++ if iter != None: ++ self.fcontextFileTypeCombo.set_active_iter(iter) ++ self.fcontextFileTypeCombo.set_sensitive(False) ++ ++ def dialogClear(self): ++ self.fcontextEntry.set_text("") ++ self.fcontextEntry.set_sensitive(True) ++ self.fcontextFileTypeCombo.set_sensitive(True) ++ self.fcontextTypeEntry.set_text("") ++ self.fcontextMLSEntry.set_text("s0") ++ ++ def delete(self): ++ store, iter = self.view.get_selection().get_selected() ++ try: ++ fspec=store.get_value(iter, 0) ++ type=store.get_value(iter, 1) ++ self.fcontext.delete(fspec, type) ++ store.remove(iter) ++ self.view.get_selection().select_path ((0,)) ++ except ValueError, e: ++ self.error(e.args[0]) ++ ++ def add(self): ++ fspec=self.fcontextEntry.get_text().strip() ++ type=self.fcontextTypeEntry.get_text().strip() ++ mls=self.fcontextMLSEntry.get_text().strip() ++ list_model=self.fcontextFileTypeCombo.get_model() ++ iter = self.fcontextFileTypeCombo.get_active_iter() ++ ftype=list_model.get_value(iter,0) ++ ++ self.fcontext.add(fspec, type, ftype, mls) ++ ++ iter=self.store.append() ++ self.store.set_value(iter, 0, fspec) ++ self.store.set_value(iter, 2, ftype) ++ self.store.set_value(iter, 1, "system_u:object_r:%s:%s" % (type, mls)) ++ ++ def modify(self): ++ fspec=self.fcontextEntry.get_text().strip() ++ type=self.fcontextTypeEntry.get_text().strip() ++ mls=self.fcontextMLSEntry.get_text().strip() ++ list_model=self.fcontextFileTypeCombo.get_model() ++ iter = self.fcontextFileTypeCombo.get_active_iter() ++ ftype=list_model.get_value(iter,0) ++ self.fcontext.modify(fspec, type, ftype, mls, "") ++ ++ store, iter = self.view.get_selection().get_selected() ++ self.store.set_value(iter, 0, fspec) ++ self.store.set_value(iter, 2, ftype) ++ self.store.set_value(iter, 1, "system_u:object_r:%s:%s" % (type, mls)) +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/loginsPage.py policycoreutils-2.0.1/gui/loginsPage.py +--- nsapolicycoreutils/gui/loginsPage.py 1969-12-31 19:00:00.000000000 -0500 ++++ policycoreutils-2.0.1/gui/loginsPage.py 2007-02-15 15:16:09.000000000 -0500 +@@ -0,0 +1,161 @@ ++## loginsPage.py - show selinux mappings ++## Copyright (C) 2006 Red Hat, Inc. ++ ++## This program is free software; you can redistribute it and/or modify ++## it under the terms of the GNU General Public License as published by ++## the Free Software Foundation; either version 2 of the License, or ++## (at your option) any later version. ++ ++## This program is distributed in the hope that it will be useful, ++## but WITHOUT ANY WARRANTY; without even the implied warranty of ++## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ++## GNU General Public License for more details. ++ ++## You should have received a copy of the GNU General Public License ++## along with this program; if not, write to the Free Software ++## Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. ++ ++## Author: Dan Walsh ++import string ++import gtk ++import gtk.glade ++import os ++import libxml2 ++import gobject ++import sys ++import seobject ++from semanagePage import *; ++ ++## ++## I18N ++## ++PROGNAME="policycoreutils" ++import gettext ++gettext.bindtextdomain(PROGNAME, "/usr/share/locale") ++gettext.textdomain(PROGNAME) ++try: ++ gettext.install(PROGNAME, localedir="/usr/share/locale", unicode=1) ++except IOError: ++ import __builtin__ ++ __builtin__.__dict__['_'] = unicode ++ ++class loginsPage(semanagePage): ++ def __init__(self, xml): ++ self.firstTime = False ++ semanagePage.__init__(self, xml, "logins", _("User Mapping")) ++ self.store = gtk.ListStore(gobject.TYPE_STRING, gobject.TYPE_STRING, gobject.TYPE_STRING) ++ self.view.set_model(self.store) ++ self.store.set_sort_column_id(0, gtk.SORT_ASCENDING) ++ col = gtk.TreeViewColumn(_("Login\nName"), gtk.CellRendererText(), text = 0) ++ col.set_sort_column_id(0) ++ col.set_resizable(True) ++ self.view.append_column(col) ++ col = gtk.TreeViewColumn(_("SELinux\nUser"), gtk.CellRendererText(), text = 1) ++ col.set_resizable(True) ++ self.view.append_column(col) ++ col = gtk.TreeViewColumn(_("MLS/\nMCS Range"), gtk.CellRendererText(), text = 2) ++ col.set_resizable(True) ++ self.view.append_column(col) ++ self.load() ++ self.loginsNameEntry = xml.get_widget("loginsNameEntry") ++ self.loginsSelinuxUserCombo = xml.get_widget("loginsSelinuxUserCombo") ++ self.loginsMLSEntry = xml.get_widget("loginsMLSEntry") ++ ++ def load(self): ++ self.login = seobject.loginRecords() ++ dict = self.login.get_all() ++ keys = dict.keys() ++ keys.sort() ++ self.store.clear() ++ for k in keys: ++ iter = self.store.append() ++ self.store.set_value(iter, 0, k) ++ self.store.set_value(iter, 1, dict[k][0]) ++ self.store.set_value(iter, 2, seobject.translate(dict[k][1])) ++ self.view.get_selection().select_path ((0,)) ++ ++ def __dialogSetup(self): ++ if self.firstTime == True: ++ return ++ self.firstTime = True ++ liststore = gtk.ListStore(gobject.TYPE_STRING) ++ self.loginsSelinuxUserCombo.set_model(liststore) ++ cell = gtk.CellRendererText() ++ self.loginsSelinuxUserCombo.pack_start(cell, True) ++ self.loginsSelinuxUserCombo.add_attribute(cell, 'text', 0) ++ ++ selusers = seobject.seluserRecords().get_all() ++ keys = selusers.keys() ++ keys.sort() ++ for k in keys: ++ if k != "system_u": ++ self.loginsSelinuxUserCombo.append_text(k) ++ ++ iter = liststore.get_iter_first() ++ while liststore.get_value(iter,0) != "user_u": ++ iter = liststore.iter_next(iter) ++ self.loginsSelinuxUserCombo.set_active_iter(iter) ++ ++ def dialogInit(self): ++ self.__dialogSetup() ++ store, iter = self.view.get_selection().get_selected() ++ self.loginsNameEntry.set_text(store.get_value(iter, 0)) ++ self.loginsNameEntry.set_sensitive(False) ++ ++ self.loginsMLSEntry.set_text(store.get_value(iter, 2)) ++ seuser = store.get_value(iter, 1) ++ liststore = self.loginsSelinuxUserCombo.get_model() ++ iter = liststore.get_iter_first() ++ while iter != None and liststore.get_value(iter,0) != seuser: ++ iter = liststore.iter_next(iter) ++ if iter != None: ++ self.loginsSelinuxUserCombo.set_active_iter(iter) ++ ++ ++ def dialogClear(self): ++ self.__dialogSetup() ++ self.loginsNameEntry.set_text("") ++ self.loginsNameEntry.set_sensitive(True) ++ self.loginsMLSEntry.set_text("s0") ++ ++ def delete(self): ++ store, iter = self.view.get_selection().get_selected() ++ try: ++ login=store.get_value(iter, 0) ++ if login == "root" or login == "__default__": ++ raise ValueError(_("Login '%s' is required") % login) ++ ++ self.login.delete(login) ++ store.remove(iter) ++ self.view.get_selection().select_path ((0,)) ++ except ValueError, e: ++ self.error(e.args[0]) ++ ++ def add(self): ++ target=self.loginsNameEntry.get_text().strip() ++ serange=self.loginsMLSEntry.get_text().strip() ++ if serange == "": ++ serange="s0" ++ list_model=self.loginsSelinuxUserCombo.get_model() ++ iter = self.loginsSelinuxUserCombo.get_active_iter() ++ seuser = list_model.get_value(iter,0) ++ self.login.add(target, seuser, serange) ++ iter = self.store.append() ++ self.store.set_value(iter, 0, target) ++ self.store.set_value(iter, 1, seuser) ++ self.store.set_value(iter, 2, seobject.translate(serange)) ++ ++ def modify(self): ++ target=self.loginsNameEntry.get_text().strip() ++ serange=self.loginsMLSEntry.get_text().strip() ++ if serange == "": ++ serange = "s0" ++ list_model = self.loginsSelinuxUserCombo.get_model() ++ iter = self.loginsSelinuxUserCombo.get_active_iter() ++ seuser=list_model.get_value(iter,0) ++ self.login.modify(target, seuser, serange) ++ store, iter = self.view.get_selection().get_selected() ++ self.store.set_value(iter, 0, target) ++ self.store.set_value(iter, 1, seuser) ++ self.store.set_value(iter, 2, seobject.translate(serange)) ++ +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/Makefile policycoreutils-2.0.1/gui/Makefile +--- nsapolicycoreutils/gui/Makefile 1969-12-31 19:00:00.000000000 -0500 ++++ policycoreutils-2.0.1/gui/Makefile 2007-02-15 15:16:09.000000000 -0500 +@@ -0,0 +1,30 @@ ++# Installation directories. ++PREFIX ?= ${DESTDIR}/usr ++SHAREDIR ?= $(PREFIX)/share/system-config-selinux ++ ++TARGETS= \ ++booleansPage.py \ ++fcontextPage.py \ ++loginsPage.py \ ++mappingsPage.py \ ++modulesPage.py \ ++portsPage.py \ ++semanagePage.py \ ++statusPage.py \ ++system-config-selinux.glade \ ++translationsPage.py \ ++usersPage.py \ ++selinux.tbl ++ ++all: $(TARGETS) system-config-selinux.py ++ ++install: all ++ -mkdir -p $(SHAREDIR) ++ install -m 755 system-config-selinux.py $(SHAREDIR) ++ install -m 644 $(TARGETS) $(SHAREDIR) ++ ++clean: ++ ++indent: ++ ++relabel: +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/mappingsPage.py policycoreutils-2.0.1/gui/mappingsPage.py +--- nsapolicycoreutils/gui/mappingsPage.py 1969-12-31 19:00:00.000000000 -0500 ++++ policycoreutils-2.0.1/gui/mappingsPage.py 2007-02-15 15:16:09.000000000 -0500 +@@ -0,0 +1,54 @@ ++## mappingsPage.py - show selinux mappings ++## Copyright (C) 2006 Red Hat, Inc. ++ ++## This program is free software; you can redistribute it and/or modify ++## it under the terms of the GNU General Public License as published by ++## the Free Software Foundation; either version 2 of the License, or ++## (at your option) any later version. ++ ++## This program is distributed in the hope that it will be useful, ++## but WITHOUT ANY WARRANTY; without even the implied warranty of ++## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ++## GNU General Public License for more details. ++ ++## You should have received a copy of the GNU General Public License ++## along with this program; if not, write to the Free Software ++## Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. ++ ++## Author: Dan Walsh ++import string ++import gtk ++import gtk.glade ++import os ++import libxml2 ++import gobject ++import sys ++import seobject ++ ++## ++## I18N ++## ++PROGNAME="policycoreutils" ++import gettext ++gettext.bindtextdomain(PROGNAME, "/usr/share/locale") ++gettext.textdomain(PROGNAME) ++try: ++ gettext.install(PROGNAME, localedir="/usr/share/locale", unicode=1) ++except IOError: ++ import __builtin__ ++ __builtin__.__dict__['_'] = unicode ++ ++class loginsPage: ++ def __init__(self, xml): ++ self.xml = xml ++ self.view = xml.get_widget("mappingsView") ++ self.store = gtk.ListStore(gobject.TYPE_STRING, gobject.TYPE_STRING, gobject.TYPE_STRING) ++ self.store.set_sort_column_id(0, gtk.SORT_ASCENDING) ++ self.view.set_model(self.store) ++ self.login = loginRecords() ++ dict = self.login.get_all() ++ keys = dict.keys() ++ keys.sort() ++ for k in keys: ++ print "%-25s %-25s %-25s" % (k, dict[k][0], translate(dict[k][1])) ++ +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/modulesPage.py policycoreutils-2.0.1/gui/modulesPage.py +--- nsapolicycoreutils/gui/modulesPage.py 1969-12-31 19:00:00.000000000 -0500 ++++ policycoreutils-2.0.1/gui/modulesPage.py 2007-02-15 15:16:09.000000000 -0500 +@@ -0,0 +1,161 @@ ++## modulesPage.py - show selinux mappings ++## Copyright (C) 2006 Red Hat, Inc. ++ ++## This program is free software; you can redistribute it and/or modify ++## it under the terms of the GNU General Public License as published by ++## the Free Software Foundation; either version 2 of the License, or ++## (at your option) any later version. ++ ++## This program is distributed in the hope that it will be useful, ++## but WITHOUT ANY WARRANTY; without even the implied warranty of ++## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ++## GNU General Public License for more details. ++ ++## You should have received a copy of the GNU General Public License ++## along with this program; if not, write to the Free Software ++## Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. ++ ++## Author: Dan Walsh ++import string ++import gtk ++import gtk.glade ++import os ++import commands ++import libxml2 ++import gobject ++import sys ++import seobject ++import selinux ++from semanagePage import *; ++ ++## ++## I18N ++## ++PROGNAME="policycoreutils" ++import gettext ++gettext.bindtextdomain(PROGNAME, "/usr/share/locale") ++gettext.textdomain(PROGNAME) ++try: ++ gettext.install(PROGNAME, localedir="/usr/share/locale", unicode=1) ++except IOError: ++ import __builtin__ ++ __builtin__.__dict__['_'] = unicode ++ ++class modulesPage(semanagePage): ++ def __init__(self, xml): ++ semanagePage.__init__(self, xml, "modules", _("Policy Module")) ++ self.store = gtk.ListStore(gobject.TYPE_STRING, gobject.TYPE_STRING) ++ self.view.set_model(self.store) ++ self.store.set_sort_column_id(0, gtk.SORT_ASCENDING) ++ col = gtk.TreeViewColumn(_("Module Name"), gtk.CellRendererText(), text = 0) ++ col.set_sort_column_id(0) ++ col.set_resizable(True) ++ self.view.append_column(col) ++ self.store.set_sort_column_id(0, gtk.SORT_ASCENDING) ++ col = gtk.TreeViewColumn(_("Version"), gtk.CellRendererText(), text = 1) ++ self.enable_audit_button = xml.get_widget("enableAuditButton") ++ self.enable_audit_button.connect("clicked", self.enable_audit) ++ self.disable_audit_button = xml.get_widget("disableAuditButton") ++ self.disable_audit_button.connect("clicked", self.disable_audit) ++ col.set_sort_column_id(1) ++ col.set_resizable(True) ++ self.view.append_column(col) ++ self.store.set_sort_func(1,self.sort_int, "") ++ status, self.policy_type = selinux.selinux_getpolicytype() ++ ++ self.load() ++ ++ def sort_int(self, treemodel, iter1, iter2, user_data): ++ try: ++ p1 = int(treemodel.get_value(iter1,1)) ++ p2 = int(treemodel.get_value(iter1,1)) ++ if p1 > p2: ++ return 1 ++ if p1 == p2: ++ return 0 ++ return -1 ++ except: ++ return 0 ++ ++ def load(self): ++ self.store.clear() ++ fd=os.popen("semodule -l") ++ l = fd.readlines() ++ fd.close() ++ for i in l: ++ module, ver = i.split('\t') ++ iter = self.store.append() ++ self.store.set_value(iter, 0, module.strip()) ++ self.store.set_value(iter, 1, ver.strip()) ++ ++ self.view.get_selection().select_path ((0,)) ++ ++ def delete(self): ++ store, iter = self.view.get_selection().get_selected() ++ module = store.get_value(iter, 0) ++ try: ++ status, output =commands.getstatusoutput("semodule -r %s" % module) ++ if status != 0: ++ self.error(output) ++ else: ++ store.remove(iter) ++ self.view.get_selection().select_path ((0,)) ++ ++ except ValueError, e: ++ self.error(e.args[0]) ++ ++ def enable_audit(self, button): ++ try: ++ status, output =commands.getstatusoutput("semodule -b /usr/share/selinux/%s/enableaudit.pp" % self.policy_type) ++ if status != 0: ++ self.error(output) ++ ++ except ValueError, e: ++ self.error(e.args[0]) ++ ++ def disable_audit(self, button): ++ try: ++ status, output =commands.getstatusoutput("semodule -b /usr/share/selinux/%s/base.pp" % self.policy_type) ++ if status != 0: ++ self.error(output) ++ ++ except ValueError, e: ++ self.error(e.args[0]) ++ ++ def propertiesDialog(self): ++ # Do nothing ++ return ++ ++ def addDialog(self): ++ dialog = gtk.FileChooserDialog(_("Load Policy Module"), ++ None, ++ gtk.FILE_CHOOSER_ACTION_OPEN, ++ (gtk.STOCK_CANCEL, gtk.RESPONSE_CANCEL, ++ gtk.STOCK_OPEN, gtk.RESPONSE_OK)) ++ dialog.set_default_response(gtk.RESPONSE_OK) ++ ++ filter = gtk.FileFilter() ++ filter.set_name("Policy Files") ++ filter.add_pattern("*.pp") ++ dialog.add_filter(filter) ++ ++ response = dialog.run() ++ if response == gtk.RESPONSE_OK: ++ self.add(dialog.get_filename()) ++ dialog.destroy() ++ ++ def add(self, file): ++ try: ++ status, output =commands.getstatusoutput("semodule -i %s" % file) ++ if status != 0: ++ self.error(output) ++ else: ++ self.load() ++ ++ except ValueError, e: ++ self.error(e.args[0]) ++ ++ ++ ++ ++ +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/portsPage.py policycoreutils-2.0.1/gui/portsPage.py +--- nsapolicycoreutils/gui/portsPage.py 1969-12-31 19:00:00.000000000 -0500 ++++ policycoreutils-2.0.1/gui/portsPage.py 2007-02-15 15:16:09.000000000 -0500 +@@ -0,0 +1,214 @@ ++## portsPage.py - show selinux mappings ++## Copyright (C) 2006 Red Hat, Inc. ++ ++## This program is free software; you can redistribute it and/or modify ++## it under the terms of the GNU General Public License as published by ++## the Free Software Foundation; either version 2 of the License, or ++## (at your option) any later version. ++ ++## This program is distributed in the hope that it will be useful, ++## but WITHOUT ANY WARRANTY; without even the implied warranty of ++## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ++## GNU General Public License for more details. ++ ++## You should have received a copy of the GNU General Public License ++## along with this program; if not, write to the Free Software ++## Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. ++ ++## Author: Dan Walsh ++import string ++import gtk ++import gtk.glade ++import os ++import libxml2 ++import gobject ++import sys ++import seobject ++from semanagePage import *; ++ ++## ++## I18N ++## ++PROGNAME = "policycoreutils" ++import gettext ++gettext.bindtextdomain(PROGNAME, "/usr/share/locale") ++gettext.textdomain(PROGNAME) ++TYPE_COL = 0 ++PROTOCOL_COL = 1 ++MLS_COL = 2 ++PORT_COL = 3 ++try: ++ gettext.install(PROGNAME, localedir = "/usr/share/locale", unicode = 1) ++except IOError: ++ import __builtin__ ++ __builtin__.__dict__['_'] = unicode ++ ++class portsPage(semanagePage): ++ def __init__(self, xml): ++ semanagePage.__init__(self, xml, "ports", "Network Port") ++ self.ports_name_entry = xml.get_widget("portsNameEntry") ++ self.ports_protocol_combo = xml.get_widget("portsProtocolCombo") ++ self.ports_number_entry = xml.get_widget("portsNumberEntry") ++ self.ports_mls_entry = xml.get_widget("portsMLSEntry") ++ self.ports_add_button = xml.get_widget("portsAddButton") ++ self.ports_properties_button = xml.get_widget("portsPropertiesButton") ++ self.ports_delete_button = xml.get_widget("portsDeleteButton") ++ self.ports_group_togglebutton = xml.get_widget("portsGroupTogglebutton") ++ self.ports_group_togglebutton.connect("toggled", self.group_toggle) ++ liststore = self.ports_protocol_combo.get_model() ++ iter = liststore.get_iter_first() ++ self.ports_protocol_combo.set_active_iter(iter) ++ self.init_store() ++ self.edit = True ++ self.load() ++ ++ def init_store(self): ++ self.store = gtk.ListStore(gobject.TYPE_STRING, gobject.TYPE_STRING, gobject.TYPE_STRING , gobject.TYPE_STRING) ++ self.view.set_model(self.store) ++ self.store.set_sort_column_id(0, gtk.SORT_ASCENDING) ++ ++ col = gtk.TreeViewColumn(_("SELinux Port\nType"), gtk.CellRendererText(), text = TYPE_COL) ++ col.set_sort_column_id(TYPE_COL) ++ col.set_resizable(True) ++ self.view.append_column(col) ++ self.store.set_sort_column_id(TYPE_COL, gtk.SORT_ASCENDING) ++ ++ col = gtk.TreeViewColumn(_("Protocol"), gtk.CellRendererText(), text = PROTOCOL_COL) ++ col.set_sort_column_id(PROTOCOL_COL) ++ col.set_resizable(True) ++ self.view.append_column(col) ++ ++ self.mls_col = gtk.TreeViewColumn(_("MLS/MCS\nLevel"), gtk.CellRendererText(), text = MLS_COL) ++ self.mls_col.set_resizable(True) ++ self.mls_col.set_sort_column_id(MLS_COL) ++ self.view.append_column(self.mls_col) ++ ++ col = gtk.TreeViewColumn(_("Port"), gtk.CellRendererText(), text = PORT_COL) ++ col.set_sort_column_id(PORT_COL) ++ col.set_resizable(True) ++ self.view.append_column(col) ++ self.store.set_sort_func(1,self.sort_int, "") ++ ++ def group_toggle(self, button): ++ self.edit = not button.get_active() ++ self.ports_add_button.set_sensitive(self.edit) ++ self.ports_properties_button.set_sensitive(self.edit) ++ self.ports_delete_button.set_sensitive(self.edit) ++ self.mls_col.set_visible(self.edit) ++ if self.edit: ++ self.load() ++ else: ++ self.group_load() ++ ++ def sort_int(self, treemodel, iter1, iter2, user_data): ++ try: ++ p1 = int(treemodel.get_value(iter1,2)) ++ p2 = int(treemodel.get_value(iter1,2)) ++ if p1 > p2: ++ return 1 ++ if p1 == p2: ++ return 0 ++ return -1 ++ except: ++ return 0 ++ ++ def load(self): ++ self.port = seobject.portRecords() ++ dict = self.port.get_all() ++ keys = dict.keys() ++ keys.sort() ++ self.store.clear() ++ for k in keys: ++ iter = self.store.append() ++ if k[0] == k[1]: ++ self.store.set_value(iter, PORT_COL, k[0]) ++ else: ++ rec = "%s-%s" % k ++ self.store.set_value(iter, PORT_COL, rec) ++ self.store.set_value(iter, TYPE_COL, dict[k][0]) ++ self.store.set_value(iter, PROTOCOL_COL, dict[k][1]) ++ self.store.set_value(iter, MLS_COL, dict[k][2]) ++ self.view.get_selection().select_path ((0,)) ++ ++ def group_load(self): ++ self.port = seobject.portRecords() ++ dict = self.port.get_all_by_type() ++ keys = dict.keys() ++ keys.sort() ++ self.store.clear() ++ for k in keys: ++ iter = self.store.append() ++ self.store.set_value(iter, TYPE_COL, k[0]) ++ self.store.set_value(iter, PROTOCOL_COL, k[1]) ++ self.store.set_value(iter, PORT_COL, ", ".join(dict[k])) ++ self.store.set_value(iter, MLS_COL, "") ++ self.view.get_selection().select_path ((0,)) ++ ++ def propertiesDialog(self): ++ if self.edit: ++ semanagePage.propertiesDialog(self) ++ ++ def dialogInit(self): ++ store, iter = self.view.get_selection().get_selected() ++ self.ports_number_entry.set_text(store.get_value(iter, PORT_COL)) ++ self.ports_number_entry.set_sensitive(False) ++ self.ports_protocol_combo.set_sensitive(False) ++ self.ports_name_entry.set_text(store.get_value(iter, TYPE_COL)) ++ self.ports_mls_entry.set_text(store.get_value(iter, MLS_COL)) ++ protocol = store.get_value(iter, PROTOCOL_COL) ++ liststore = self.ports_protocol_combo.get_model() ++ iter = liststore.get_iter_first() ++ while iter != None and liststore.get_value(iter,0) != protocol: ++ iter = liststore.iter_next(iter) ++ if iter != None: ++ self.ports_protocol_combo.set_active_iter(iter) ++ ++ def dialogClear(self): ++ self.ports_number_entry.set_text("") ++ self.ports_number_entry.set_sensitive(True) ++ self.ports_protocol_combo.set_sensitive(True) ++ self.ports_name_entry.set_text("") ++ self.ports_mls_entry.set_text("s0") ++ ++ def delete(self): ++ store, iter = self.view.get_selection().get_selected() ++ port = store.get_value(iter, PORT_COL) ++ protocol = store.get_value(iter, 1) ++ try: ++ self.port.delete(port, protocol) ++ store.remove(iter) ++ self.view.get_selection().select_path ((0,)) ++ except ValueError, e: ++ self.error(e.args[0]) ++ ++ def add(self): ++ target = self.ports_name_entry.get_text().strip() ++ mls = self.ports_mls_entry.get_text().strip() ++ port_number = self.ports_number_entry.get_text().strip() ++ if port_number == "": ++ port_number = "1" ++ list_model = self.ports_protocol_combo.get_model() ++ iter = self.ports_protocol_combo.get_active_iter() ++ protocol = list_model.get_value(iter,0) ++ self.port.add(port_number, protocol, mls, target) ++ iter = self.store.append() ++ self.store.set_value(iter, TYPE_COL, target) ++ self.store.set_value(iter, PORT_COL, port_number) ++ self.store.set_value(iter, PROTOCOL_COL, protocol) ++ self.store.set_value(iter, MLS_COL, mls) ++ ++ def modify(self): ++ target = self.ports_name_entry.get_text().strip() ++ mls = self.ports_mls_entry.get_text().strip() ++ port_number = self.ports_number_entry.get_text().strip() ++ list_model = self.ports_protocol_combo.get_model() ++ iter = self.ports_protocol_combo.get_active_iter() ++ protocol = list_model.get_value(iter,0) ++ self.port.modify(port_number, protocol, mls, target) ++ store, iter = self.view.get_selection().get_selected() ++ self.store.set_value(iter, TYPE_COL, target) ++ self.store.set_value(iter, PORT_COL, port_number) ++ self.store.set_value(iter, PROTOCOL_COL, protocol) ++ self.store.set_value(iter, MLS_COL, mls) ++ ++ +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/selinux.tbl policycoreutils-2.0.1/gui/selinux.tbl +--- nsapolicycoreutils/gui/selinux.tbl 1969-12-31 19:00:00.000000000 -0500 ++++ policycoreutils-2.0.1/gui/selinux.tbl 2007-02-15 15:16:09.000000000 -0500 +@@ -0,0 +1,265 @@ ++acct_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for acct daemon") ++allow_cvs_read_shadow _("CVS") _("Allow cvs daemon to read shadow") ++allow_daemons_dump_core _("Admin") _("Allow all daemons to write corefiles to /.") ++allow_daemons_use_tty _("Admin") _("Allow all daemons the ability to use unallocated ttys.") ++allow_execheap _("Memory Protection") _("Allow unconfined executables to make their heap memory executable. Doing this is a really bad idea. Probably indicates a badly coded executable, but could indicate an attack. This executable should be reported in bugzilla") ++allow_execmem _("Memory Protection") _("Allow unconfined executables to map a memory region as both executable and writable, this is dangerous and the executable should be reported in bugzilla") ++allow_execmod _("Memory Protection") _("Allow all unconfined executables to use libraries requiring text relocation that are not labeled textrel_shlib_t") ++allow_execstack _("Memory Protection") _("Allow unconfined executables to make their stack executable. This should never, ever be neessary. Probably indicates a badly coded executable, but could indicate an attack. This executable should be reported in bugzilla") ++allow_ftpd_anon_write _("FTP") _("Allow ftpd to upload files to directories labeled public_content_rw_t") ++allow_ftpd_use_cifs _("FTP") _("Allow ftp servers to use cifs used for public file transfer services.") ++allow_ftpd_use_nfs _("FTP") _("Allow ftp servers to use nfs used for public file transfer services.") ++allow_gpg_execstack _("Memory Protection") _("Allow gpg executable stack") ++allow_gssd_read_tmp _("NFS") _("Allow gssd to read temp directory.") ++allow_httpd_anon_write _("HTTPD Service") _("Allow httpd daemon to write files in directories labeled public_content_rw_t") ++allow_httpd_mod_auth_pam _("HTTPD Service") _("Allow Apache to use mod_auth_pam.") ++allow_httpd_sys_script_anon_write _("HTTPD Service") _("Allow httpd scripts to write files in directories labeled public_content_rw_t") ++allow_java_execstack _("Memory Protection") _("Allow java executable stack") ++allow_kerberos _("Kerberos") _("Allow daemons to use kerberos files") ++allow_mount_anyfile _("Mount") _("Allow mount to mount any file") ++allow_mounton_anydir _("Mount") _("Allow mount to mount any dir") ++allow_mplayer_execstack _("Memory Protection") _("Allow mplayer executable stack") ++allow_nfsd_anon_write _("NFS") _("Allow nfs servers to modify public files used for public file transfer services.") ++allow_polyinstantiation _("Polyinstatiation") _("Enable polyinstantiated directory support.") ++allow_ptrace _("Compatibility") _("Allow sysadm_t to debug or ptrace applications) ++allow_rsync_anon_write _("rsync") _("Allow rsync to write files in directories labeled public_content_rw_t") ++allow_saslauthd_read_shadow _("sasl authentication server") _("Allow sasl authentication server to read /etc/shadow") ++allow_smbd_anon_write _("Samba") _("Allow Samba to write files in directories labeled public_content_rw_t") ++allow_ssh_keysign _("SSH") _("Allow ssh to run ssh-keysign") ++allow_unconfined_execmem_dyntrans _("Memory Protection") _("Allow unconfined to dyntrans to unconfined_execmem") ++allow_user_mysql_connect _("Databases") _("Allow user to connect to mysql socket") ++allow_user_postgresql_connect _("Databases") _("Allow user to connect to postgres socket") ++allow_write_xshm _("XServer") _("Allow clients to write to X shared memory") ++allow_ypbind _("NIS") _("Allow daemons to run with NIS") ++allow_zebra_write_config _("Zebra") _("Allow zebra daemon to write it configuration files") ++amanda_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for amanda") ++amavis_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for amavis") ++apmd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for apmd daemon") ++arpwatch_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for arpwatch daemon") ++auditd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for auditd daemon") ++automount_disable_trans _("Mount") _("Disable SELinux protection for automount daemon") ++avahi_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for avahi") ++bluetooth_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for bluetooth daemon") ++canna_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for canna daemon") ++cardmgr_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for cardmgr daemon") ++ccs_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for Cluster Server") ++cdrecord_read_content _("User Privs") _("Allow cdrecord to read various content. nfs, samba, removable devices, user temp and untrusted content files") ++ciped_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for ciped daemon") ++clamd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for clamd daemon") ++clamscan_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for clamscan") ++clvmd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for clvmd") ++comsat_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for comsat daemon") ++courier_authdaemon_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for courier daemon") ++courier_pcp_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for courier daemon") ++courier_pop_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for courier daemon") ++courier_sqwebmail_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for courier daemon") ++courier_tcpd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for courier daemon") ++cpucontrol_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for cpucontrol daemon") ++cpuspeed_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for cpuspeed daemon") ++cron_can_relabel _("Cron") _("Allow system cron jobs to relabel filesystem for restoring file contexts.") ++crond_disable_trans _("Cron") _("Disable SELinux protection for crond daemon") ++cupsd_config_disable_trans _("Printing") _("Disable SELinux protection for cupsd backend server") ++cupsd_disable_trans _("Printing") _("Disable SELinux protection for cupsd daemon") ++cupsd_lpd_disable_trans _("Printing") _("Disable SELinux protection for cupsd_lpd") ++cvs_disable_trans _("CVS") _("Disable SELinux protection for cvs daemon") ++cyrus_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for cyrus daemon") ++dbskkd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for dbskkd daemon") ++dbusd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for dbusd daemon") ++dccd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for dccd") ++dccifd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for dccifd") ++dccm_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for dccm") ++ddt_client_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for ddt daemon") ++devfsd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for devfsd daemon") ++dhcpc_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for dhcpc daemon") ++dhcpd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for dhcpd daemon") ++dictd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for dictd daemon") ++direct_sysadm_daemon _("Admin") _("Allow sysadm_t to directly start daemons") ++disable_evolution_trans _("Web Applications") _("Disable SELinux protection for Evolution") ++disable_games_trans _("Games") _("Disable SELinux protection for games") ++disable_mozilla_trans _("Web Applications") _("Disable SELinux protection for the web browsers") ++disable_thunderbird_trans _("Web Applications") _("Disable SELinux protection for Thunderbird") ++distccd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for distccd daemon") ++dmesg_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for dmesg daemon") ++dnsmasq_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for dnsmasq daemon") ++dovecot_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for dovecot daemon") ++entropyd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for entropyd daemon") ++fcron_crond _("Cron") _("Enable extra rules in the cron domain to support fcron.") ++fetchmail_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for fetchmail") ++fingerd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for fingerd daemon") ++freshclam_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for freshclam daemon") ++fsdaemon_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for fsdaemon daemon") ++ftpd_disable_trans _("FTP") _("Disable SELinux protection for ftpd daemon") ++ftpd_is_daemon _("FTP") _("Allow ftpd to run directly without inetd") ++ftp_home_dir _("FTP") _("Allow ftp to read/write files in the user home directories") ++global_ssp _("Admin") _("This should be enabled when all programs are compiled with ProPolice/SSP stack smashing protection. All domains will be allowed to read from /dev/urandom.") ++gpm_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for gpm daemon") ++gssd_disable_trans _("NFS") _("Disable SELinux protection for gss daemon") ++hald_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for hal daemon") ++hide_broken_symptoms _("Compatibility") _("Do not audit things that we know to be broken but which are not security risks") ++hostname_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for hostname daemon") ++hotplug_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for hotplug daemon") ++howl_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for howl daemon") ++hplip_disable_trans _("Printing") _("Disable SELinux protection for cups hplip daemon") ++httpd_builtin_scripting _("HTTPD Service") _("Allow HTTPD to support built-in scripting") ++httpd_can_network_connect_db _("HTTPD Service") _("Allow HTTPD scripts and modules to network connect to databases.") ++httpd_can_network_connect _("HTTPD Service") _("Allow HTTPD scripts and modules to connect to the network.") ++httpd_can_network_relay _("HTTPD Service") _("Allow httpd to act as a relay.") ++httpd_disable_trans _("HTTPD Service") _("Disable SELinux protection for httpd daemon") ++httpd_enable_cgi _("HTTPD Service") _("Allow HTTPD cgi support") ++httpd_enable_ftp_server _("HTTPD Service") _("Allow HTTPD to run as a ftp server") ++httpd_enable_homedirs _("HTTPD Service") _("Allow HTTPD to read home directories") ++httpd_rotatelogs_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for httpd rotatelogs") ++httpd_ssi_exec _("HTTPD Service") _("Allow HTTPD to run SSI executables in the same domain as system CGI scripts.") ++httpd_suexec_disable_trans _("HTTPD Service") _("Disable SELinux protection for http suexec") ++httpd_tty_comm _("HTTPD Service") _("Unify HTTPD to communicate with the terminal. Needed for handling certificates.") ++httpd_unified _("HTTPD Service") _("Unify HTTPD handling of all content files.") ++hwclock_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for hwclock daemon") ++i18n_input_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for i18n daemon") ++imazesrv_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for imazesrv daemon") ++inetd_child_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for inetd child daemons") ++inetd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for inetd daemon") ++innd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for innd daemon") ++iptables_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for iptables daemon") ++ircd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for ircd daemon") ++irqbalance_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for irqbalance daemon") ++iscsid_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for iscsi daemon") ++jabberd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for jabberd daemon") ++kadmind_disable_trans _("Kerberos") _("Disable SELinux protection for kadmind daemon") ++klogd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for klogd daemon") ++krb5kdc_disable_trans _("Kerberos") _("Disable SELinux protection for krb5kdc daemon") ++ktalkd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for ktalk daemons") ++kudzu_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for kudzu daemon") ++locate_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for locate daemon") ++lpd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for lpd daemon") ++lrrd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for lrrd daemon") ++lvm_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for lvm daemon") ++mailman_mail_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for mailman") ++mail_read_content _("Web Applications") _("Allow evolution and thunderbird to read user files") ++mdadm_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for mdadm daemon") ++monopd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for monopd daemon") ++mozilla_read_content _("Web Applications") _("Allow the mozilla browser to read user files") ++mrtg_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for mrtg daemon") ++mysqld_disable_trans _("Databases") _("Disable SELinux protection for mysqld daemon") ++nagios_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for nagios daemon") ++named_disable_trans _("Name Service") _("Disable SELinux protection for named daemon") ++named_write_master_zones _("Name Service") _("Allow named to overwrite master zone files") ++nessusd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for nessusd daemon") ++NetworkManager_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for NetworkManager") ++nfsd_disable_trans _("NFS") _("Disable SELinux protection for nfsd daemon") ++nfs_export_all_ro _("NFS") _("Allow the reading on any NFS file system") ++nfs_export_all_rw _("NFS") _("Allow the read/write/create on any NFS file system") ++nmbd_disable_trans _("Samba") _("Disable SELinux protection for nmbd daemon") ++nrpe_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for nrpe daemon") ++nscd_disable_trans _("Name Service") _("Disable SELinux protection for nscd daemon") ++nsd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for nsd daemon") ++ntpd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for ntpd daemon") ++oddjob_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for oddjob") ++oddjob_mkhomedir_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for oddjob_mkhomedir") ++openvpn_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for openvpn daemon") ++pam_console_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for pam daemon") ++pegasus_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for pegasus") ++perdition_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for perdition daemon") ++portmap_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for portmap daemon") ++portslave_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for portslave daemon") ++postfix_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for postfix") ++postgresql_disable_trans _("Databases") _("Disable SELinux protection for postgresql daemon") ++pppd_can_insmod _("pppd") _("Allow pppd daemon to insert modules into the kernel") ++pppd_disable_trans _("pppd") _("Disable SELinux protection for pppd daemon") ++pppd_disable_trans _("pppd") _("Disable SELinux protection for the mozilla ppp daemon") ++pppd_for_user _("pppd") _("Allow pppd to be run for a regular user.") ++pptp_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for pptp") ++prelink_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for prelink daemon") ++privoxy_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for privoxy daemon") ++ptal_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for ptal daemon") ++pxe_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for pxe daemon") ++pyzord_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for pyzord") ++quota_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for quota daemon") ++radiusd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for radiusd daemon") ++radvd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for radvd daemon") ++rdisc_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for rdisc") ++readahead_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for readahead") ++read_default_t _("Admin") _("Allow programs to read files in non-standard locations (default_t)") ++read_untrusted_content _("Web Applications") _("Allow programs to read untrusted content without relabel") ++restorecond_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for restorecond") ++rhgb_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for rhgb daemon") ++ricci_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for ricci") ++ricci_modclusterd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for ricci_modclusterd") ++rlogind_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for rlogind daemon") ++rpcd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for rpcd daemon") ++rshd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for rshd") ++rsync_disable_trans _("rsync") _("Disable SELinux protection for rsync daemon") ++run_ssh_inetd _("SSH") _("Allow ssh to run from inetd instead of as a daemon") ++samba_enable_home_dirs _("Samba") _("Allow Samba to share users home directories") ++samba_share_nfs _("Samba") _("Allow Samba to share nfs directories") ++saslauthd_disable_trans _("sasl authentications server") _("Disable SELinux protection for saslauthd daemon") ++scannerdaemon_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for scannerdaemon daemon") ++secure_mode _("Admin") _("Do not allow transition to sysadm_t, sudo and su effected") ++secure_mode_insmod _("Admin") _("Do not allow any processes to load kernel modules") ++secure_mode_policyload _("Admin") _("Do not allow any processes to modify kernel SELinux policy") ++sendmail_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for sendmail daemon") ++setrans_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for setrans") ++setroubleshootd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for setroublesoot daemon") ++slapd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for slapd daemon") ++slrnpull_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for slrnpull daemon") ++smbd_disable_trans _("Samba") _("Disable SELinux protection for smbd daemon") ++snmpd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for snmpd daemon") ++snort_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for snort daemon") ++soundd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for soundd daemon") ++sound_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for sound daemon") ++spamassasin_can_network _("Spam Assassin") _("Allow Spam Assasin daemon network access") ++spamd_disable_trans _("spam Protection") _("Disable SELinux protection for spamd daemon") ++spamd_enable_home_dirs _("spam Protection") _("Allow spamd to access home directories") ++spammassasin_can_network _("spam Protection") _("Allow spammassasin to access the network") ++speedmgmt_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for speedmgmt daemon") ++squid_connect_any _("Squid") _("Allow squid daemon to connect to the network") ++squid_disable_trans _("Squid") _("Disable SELinux protection for squid daemon") ++ssh_keygen_disable_trans _("SSH") _("Disable SELinux protection for ssh daemon") ++ssh_sysadm_login _("SSH") _("Allow ssh logins as sysadm_r:sysadm_t") ++staff_read_sysadm_file _("Admin") _("Allow staff_r users to search the sysadm home dir and read files (such as ~/.bashrc)") ++stunnel_disable_trans _("Universal SSL tunnel") _("Disable SELinux protection for stunnel daemon") ++stunnel_is_daemon _("Universal SSL tunnel") _("Allow stunnel daemon to run as standalone, outside of xinetd") ++swat_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for swat daemon") ++sxid_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for sxid daemon") ++syslogd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for syslogd daemon") ++system_crond_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for system cron jobs") ++tcpd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for tcp daemon") ++telnetd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for telnet daemon") ++tftpd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for tftpd daemon") ++transproxy_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for transproxy daemon") ++udev_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for udev daemon") ++uml_switch_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for uml daemon") ++unlimitedInetd _("Admin") _("Allow xinetd to run unconfined, including any services it starts that do not have a domain transition explicitly defined.") ++unlimitedRC _("Admin") _("Allow rc scripts to run unconfined, including any daemon started by an rc script that does not have a domain transition explicitly defined.") ++unlimitedRPM _("Admin") _("Allow rpm to run unconfined.") ++unlimitedUtils _("Admin") _("Allow privileged utilities like hotplug and insmod to run unconfined.") ++updfstab_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for updfstab daemon") ++uptimed_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for uptimed daemon") ++use_lpd_server _("Printing") _("Use lpd server instead of cups") ++use_nfs_home_dirs _("NFS") _("Support NFS home directories") ++user_canbe_sysadm _("User Privs") _("Allow user_r to reach sysadm_r via su, sudo, or userhelper. Otherwise, only staff_r can do so.") ++user_can_mount _("Mount") _("Allow users to execute the mount command") ++user_direct_mouse _("User Privs") _("Allow regular users direct mouse access (only allow the X server)") ++user_dmesg _("User Privs") _("Allow users to run the dmesg command") ++user_net_control _("User Privs") _("Allow users to control network interfaces (also needs USERCTL=true)") ++user_ping _("User Privs") _("Allow normal user to execute ping") ++user_rw_noexattrfile _("User Privs") _("Allow user to r/w noextattrfile (FAT, CDROM, FLOPPY)") ++user_rw_usb _("User Privs") _("Allow users to rw usb devices") ++user_tcp_server _("User Privs") _("Allow users to run TCP servers (bind to ports and accept connection from the same domain and outside users) disabling this forces FTP passive mode and may change other protocols") ++user_ttyfile_stat _("User Privs") _("Allow user to stat ttyfiles") ++use_samba_home_dirs _("Samba") _("Allow users to login with CIFS home directories") ++uucpd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for uucpd daemon") ++vmware_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for vmware daemon") ++watchdog_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for watchdog daemon") ++winbind_disable_trans _("Samba") _("Disable SELinux protection for winbind daemon") ++write_untrusted_content _("Web Applications") _("Allow web applications to write untrusted content to disk (implies read)") ++xdm_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for xdm daemon") ++xdm_sysadm_login _("XServer") _("Allow xdm logins as sysadm_r:sysadm_t") ++xend_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for xen daemon") ++xen_use_raw_disk _("XEN") _("Allow xen to read/write physical disk devices") ++xfs_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for xfs daemon") ++xm_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for xen constrol") ++ypbind_disable_trans _("NIS") _("Disable SELinux protection for ypbind daemon") ++yppasswdd_disable_trans _("NIS") _("Disable SELinux protection for NIS Password Daemon") ++ypserv_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for ypserv daemon") ++ypxfr_disable_trans _("NIS") _("Disable SELinux protection for NIS Transfer Daemon") ++zebra_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for zebra daemon") +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/semanagePage.py policycoreutils-2.0.1/gui/semanagePage.py +--- nsapolicycoreutils/gui/semanagePage.py 1969-12-31 19:00:00.000000000 -0500 ++++ policycoreutils-2.0.1/gui/semanagePage.py 2007-02-15 15:16:09.000000000 -0500 +@@ -0,0 +1,109 @@ ++## semanagePage.py - show selinux mappings ++## Copyright (C) 2006 Red Hat, Inc. ++ ++## This program is free software; you can redistribute it and/or modify ++## it under the terms of the GNU General Public License as published by ++## the Free Software Foundation; either version 2 of the License, or ++## (at your option) any later version. ++ ++## This program is distributed in the hope that it will be useful, ++## but WITHOUT ANY WARRANTY; without even the implied warranty of ++## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ++## GNU General Public License for more details. ++ ++## You should have received a copy of the GNU General Public License ++## along with this program; if not, write to the Free Software ++## Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. ++ ++## Author: Dan Walsh ++import string ++import gtk ++import gtk.glade ++import os ++import libxml2 ++import gobject ++import sys ++import seobject ++ ++## ++## I18N ++## ++PROGNAME="policycoreutils" ++import gettext ++gettext.bindtextdomain(PROGNAME, "/usr/share/locale") ++gettext.textdomain(PROGNAME) ++try: ++ gettext.install(PROGNAME, localedir="/usr/share/locale", unicode=1) ++except IOError: ++ import __builtin__ ++ __builtin__.__dict__['_'] = unicode ++ ++class semanagePage: ++ def __init__(self, xml, name, description): ++ self.xml = xml ++ self.view = xml.get_widget("%sView" % name) ++ self.dialog = xml.get_widget("%sDialog" % name) ++ self.view.connect("row_activated", self.rowActivated) ++ self.view.get_selection().connect("changed", self.itemSelected) ++ self.description = description; ++ ++ def get_description(self): ++ return self.description ++ ++ def itemSelected(self, args): ++ return ++ ++ def rowActivated(self, view, row, Column): ++ self.propertiesDialog() ++ ++ def verify(self, message, title="" ): ++ dlg = gtk.MessageDialog(None, 0, gtk.MESSAGE_INFO, ++ gtk.BUTTONS_YES_NO, ++ message) ++ dlg.set_title(title) ++ dlg.set_position(gtk.WIN_POS_MOUSE) ++ dlg.show_all() ++ rc = dlg.run() ++ dlg.destroy() ++ return rc ++ ++ def error(self, message): ++ dlg = gtk.MessageDialog(None, 0, gtk.MESSAGE_ERROR, ++ gtk.BUTTONS_CLOSE, ++ message) ++ dlg.set_position(gtk.WIN_POS_MOUSE) ++ dlg.show_all() ++ dlg.run() ++ dlg.destroy() ++ ++ def deleteDialog(self): ++ store, iter = self.view.get_selection().get_selected() ++ if self.verify(_("Are you sure you want to delete %s '%s'?" % (self.description, store.get_value(iter, 0))), _("Delete %s" % self.description)) == gtk.RESPONSE_YES: ++ self.delete() ++ ++ def addDialog(self): ++ self.dialogClear() ++ self.dialog.set_title(_("Add %s" % self.description)) ++ self.dialog.set_position(gtk.WIN_POS_MOUSE) ++ ++ while self.dialog.run() == gtk.RESPONSE_OK: ++ try: ++ self.add() ++ break; ++ except ValueError, e: ++ self.error(e.args[0]) ++ self.dialog.hide() ++ ++ def propertiesDialog(self): ++ self.dialogInit() ++ self.dialog.set_title(_("Modify %s" % self.description)) ++ self.dialog.set_position(gtk.WIN_POS_MOUSE) ++ while self.dialog.run() == gtk.RESPONSE_OK: ++ try: ++ self.modify() ++ break; ++ except ValueError, e: ++ self.error(e.args[0]) ++ self.dialog.hide() ++ ++ +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/statusPage.py policycoreutils-2.0.1/gui/statusPage.py +--- nsapolicycoreutils/gui/statusPage.py 1969-12-31 19:00:00.000000000 -0500 ++++ policycoreutils-2.0.1/gui/statusPage.py 2007-02-15 15:16:09.000000000 -0500 +@@ -0,0 +1,213 @@ ++## statusPage.py - show selinux status ++## Copyright (C) 2006 Red Hat, Inc. ++ ++## This program is free software; you can redistribute it and/or modify ++## it under the terms of the GNU General Public License as published by ++## the Free Software Foundation; either version 2 of the License, or ++## (at your option) any later version. ++ ++## This program is distributed in the hope that it will be useful, ++## but WITHOUT ANY WARRANTY; without even the implied warranty of ++## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ++## GNU General Public License for more details. ++ ++## You should have received a copy of the GNU General Public License ++## along with this program; if not, write to the Free Software ++## Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. ++ ++## Author: Dan Walsh ++import string ++import gtk ++import gtk.glade ++import os ++import libxml2 ++import gobject ++import sys ++import tempfile ++ ++INSTALLPATH = '/usr/share/system-config-selinux' ++sys.path.append(INSTALLPATH) ++ ++rhplPath = "/usr/lib/python%d.%d/site-packages/rhpl" % (sys.version_info[0], sys.version_info[1]) ++if not rhplPath in sys.path: ++ sys.path.append(rhplPath) ++ ++rhplPath = "/usr/lib64/python%d.%d/site-packages/rhpl" % (sys.version_info[0], sys.version_info[1]) ++if not rhplPath in sys.path: ++ sys.path.append(rhplPath) ++ ++from Conf import * ++import commands ++ENFORCING = 0 ++PERMISSIVE = 1 ++DISABLED = 2 ++modearray = ( "enforcing", "permissive", "disabled" ) ++ ++SELINUXDIR = "/etc/selinux/" ++RELABELFILE = "/.autorelabel" ++ ++## ++## I18N ++## ++PROGNAME="policycoreutils" ++import gettext ++gettext.bindtextdomain(PROGNAME, "/usr/share/locale") ++gettext.textdomain(PROGNAME) ++import selinux ++try: ++ gettext.install(PROGNAME, localedir="/usr/share/locale", unicode=1) ++except IOError: ++ import __builtin__ ++ __builtin__.__dict__['_'] = unicode ++ ++class statusPage: ++ def __init__(self, xml): ++ self.xml = xml ++ self.needRelabel = False ++ ++ self.type = selinux.selinux_getpolicytype() ++ # Bring in widgets from glade file. ++ self.typeHBox = xml.get_widget("typeHBox") ++ self.selinuxTypeOptionMenu = xml.get_widget("selinuxTypeOptionMenu") ++ self.typeLabel = xml.get_widget("typeLabel") ++ self.enabledOptionMenu = xml.get_widget("enabledOptionMenu") ++ self.currentOptionMenu = xml.get_widget("currentOptionMenu") ++ self.relabel_checkbutton = xml.get_widget("relabelCheckbutton") ++ self.relabel_checkbutton.set_active(self.is_relabel()) ++ self.relabel_checkbutton.connect("toggled", self.on_relabel_toggle) ++ if self.get_current_mode() == ENFORCING or self.get_current_mode() == PERMISSIVE: ++ self.currentOptionMenu.append_text(_("Enforcing")) ++ self.currentOptionMenu.append_text(_("Permissive")) ++ self.currentOptionMenu.set_active(self.get_current_mode()) ++ self.currentOptionMenu.connect("changed", self.set_current_mode) ++ self.currentOptionMenu.set_sensitive(True) ++ else: ++ self.currentOptionMenu.append_text(_("Disabled")) ++ self.currentOptionMenu.set_sensitive(False) ++ ++ ++ if self.read_selinux_config() == None: ++ self.selinuxsupport = False ++ else: ++ self.enabledOptionMenu.connect("changed", self.enabled_changed) ++ # ++ # This line must come after read_selinux_config ++ # ++ self.selinuxTypeOptionMenu.connect("changed", self.typemenu_changed) ++ ++ self.typeLabel.set_mnemonic_widget(self.selinuxTypeOptionMenu) ++ ++ def get_description(self): ++ return _("Status") ++ ++ def get_current_mode(self): ++ if selinux.is_selinux_enabled(): ++ if selinux.security_getenforce() > 0: ++ return ENFORCING ++ else: ++ return PERMISSIVE ++ else: ++ return DISABLED ++ ++ def set_current_mode(self,menu): ++ selinux.security_setenforce(menu.get_active() == 0) ++ ++ def is_relabel(self): ++ return os.access(RELABELFILE, os.F_OK) != 0 ++ ++ def on_relabel_toggle(self,button): ++ if button.get_active(): ++ fd = open(RELABELFILE,"w") ++ fd.close() ++ else: ++ if os.access(RELABELFILE, os.F_OK) != 0: ++ os.unlink(RELABELFILE) ++ ++ def verify(self, message): ++ dlg = gtk.MessageDialog(None, 0, gtk.MESSAGE_INFO, ++ gtk.BUTTONS_YES_NO, ++ message) ++ dlg.set_position(gtk.WIN_POS_MOUSE) ++ dlg.show_all() ++ rc = dlg.run() ++ dlg.destroy() ++ return rc ++ ++ def typemenu_changed(self, menu): ++ type = self.get_type() ++ enabled = self.enabledOptionMenu.get_active() ++ if self.initialtype != type: ++ if self.verify(_("Changing the policy type will cause a relabel of the entire file system on the next boot. Relabeling takes a long time depending on the size of the file system. Do you wish to continue?")) == gtk.RESPONSE_NO: ++ menu.set_active(self.typeHistory) ++ return None ++ ++ self.relabel_checkbutton.set_active(True) ++ self.conf["SELINUX"] = modearray[enabled] ++ self.conf["SELINUXTYPE"]=type ++ self.conf.write() ++ self.typeHistory = menu.get_active() ++ ++ def enabled_changed(self, combo): ++ enabled = combo.get_active() ++ type = self.get_type() ++ ++ if self.initEnabled == DISABLED and enabled < 2: ++ if self.verify(_("Changing to SELinux enabled will cause a relabel of the entire file system on the next boot. Relabeling takes a long time depending on the size of the file system. Do you wish to continue?")) == gtk.RESPONSE_NO: ++ return None ++ ++ self.relabel_checkbutton.set_active(True) ++ ++ self.conf["SELINUX"] = modearray[enabled] ++ self.conf["SELINUXTYPE"]=type ++ self.conf.write() ++ ++ def read_selinux_config(self): ++ self.initialtype = "targeted" ++ self.initEnabled = DISABLED ++ self.types = [] ++ if os.access(SELINUXDIR, os.F_OK) == 0: ++ #File doesn't exist. return ++ return None ++ ++ self.conf = ConfShellVar(SELINUXDIR+"config") ++ self.conf.rcs = 1 ++ if self.conf.has_key("SELINUX"): ++ value = self.conf.vars["SELINUX"].upper().strip() ++ else: ++ value = "ENFORCING" ++ self.conf.vars["SELINUX"] = value ++ ++ if value == "ENFORCING": ++ self.initEnabled = ENFORCING ++ self.enabledOptionMenu.set_active(ENFORCING) ++ elif value == "PERMISSIVE": ++ self.initEnabled = PERMISSIVE ++ self.enabledOptionMenu.set_active(PERMISSIVE) ++ elif value == "DISABLED": ++ self.initEnabled = DISABLED ++ self.enabledOptionMenu.set_active(DISABLED) ++ ++ if self.conf.has_key("SELINUXTYPE"): ++ self.initialtype = self.conf.vars["SELINUXTYPE"].strip() ++ else: ++ self.conf.vars["SELINUXTYPE"] = self.initialtype ++ ++ n = 0 ++ current = n ++ ++ for i in os.listdir(SELINUXDIR): ++ if os.path.isdir(SELINUXDIR+i) and os.path.isdir(SELINUXDIR+i+"/policy"): ++ self.types.append(i) ++ self.selinuxTypeOptionMenu.append_text(i) ++ if i == self.initialtype: ++ current = n ++ n = n+1 ++ self.selinuxTypeOptionMenu.set_active(current) ++ self.typeHistory = current ++ ++ return 0 ++ ++ def get_type(self): ++ return self.types[self.selinuxTypeOptionMenu.get_active()] ++ ++ +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinux.glade policycoreutils-2.0.1/gui/system-config-selinux.glade +--- nsapolicycoreutils/gui/system-config-selinux.glade 1969-12-31 19:00:00.000000000 -0500 ++++ policycoreutils-2.0.1/gui/system-config-selinux.glade 2007-02-15 15:16:09.000000000 -0500 +@@ -0,0 +1,2803 @@ ++ ++ ++ ++ ++ ++ ++ ++ ++ False ++ system-config-selinux ++ Copyright (c)2006 Red Hat, Inc. ++Copyright (c) 2006 Dan Walsh <dwalsh@redhat.com> ++ False ++ Daniel Walsh <dwalsh@redhat.com> ++ ++ translator-credits ++ system-config-selinux.png ++ ++ ++ ++ Add SELinux Login Mapping ++ GTK_WINDOW_TOPLEVEL ++ GTK_WIN_POS_NONE ++ False ++ True ++ False ++ True ++ False ++ False ++ GDK_WINDOW_TYPE_HINT_DIALOG ++ GDK_GRAVITY_NORTH_WEST ++ True ++ False ++ True ++ ++ ++ ++ True ++ False ++ 0 ++ ++ ++ ++ True ++ GTK_BUTTONBOX_END ++ ++ ++ ++ True ++ True ++ True ++ gtk-cancel ++ True ++ GTK_RELIEF_NORMAL ++ True ++ -6 ++ ++ ++ ++ ++ ++ True ++ True ++ True ++ gtk-ok ++ True ++ GTK_RELIEF_NORMAL ++ True ++ -5 ++ ++ ++ ++ ++ 0 ++ False ++ True ++ GTK_PACK_END ++ ++ ++ ++ ++ ++ True ++ False ++ 0 ++ ++ ++ ++ True ++ 3 ++ 2 ++ False ++ 4 ++ 6 ++ ++ ++ ++ True ++ Login Name ++ False ++ False ++ GTK_JUSTIFY_LEFT ++ False ++ False ++ 0 ++ 0.5 ++ 0 ++ 0 ++ PANGO_ELLIPSIZE_NONE ++ -1 ++ False ++ 0 ++ ++ ++ 0 ++ 1 ++ 0 ++ 1 ++ fill ++ ++ ++ ++ ++ ++ ++ True ++ SELinux User ++ False ++ False ++ GTK_JUSTIFY_LEFT ++ False ++ False ++ 0 ++ 0.5 ++ 0 ++ 0 ++ PANGO_ELLIPSIZE_NONE ++ -1 ++ False ++ 0 ++ ++ ++ 0 ++ 1 ++ 1 ++ 2 ++ fill ++ ++ ++ ++ ++ ++ ++ True ++ MLS/MCS Range ++ False ++ False ++ GTK_JUSTIFY_LEFT ++ False ++ False ++ 0 ++ 0.5 ++ 0 ++ 0 ++ PANGO_ELLIPSIZE_NONE ++ -1 ++ False ++ 0 ++ ++ ++ 0 ++ 1 ++ 2 ++ 3 ++ fill ++ ++ ++ ++ ++ ++ ++ True ++ True ++ True ++ True ++ 0 ++ ++ True ++ * ++ False ++ ++ ++ 1 ++ 2 ++ 0 ++ 1 ++ ++ ++ ++ ++ ++ ++ True ++ False ++ True ++ ++ ++ 1 ++ 2 ++ 1 ++ 2 ++ fill ++ fill ++ ++ ++ ++ ++ ++ True ++ True ++ True ++ True ++ 0 ++ ++ True ++ * ++ False ++ ++ ++ 1 ++ 2 ++ 2 ++ 3 ++ ++ ++ ++ ++ ++ 5 ++ True ++ True ++ ++ ++ ++ ++ 0 ++ True ++ True ++ ++ ++ ++ ++ ++ ++ ++ Add SELinux Network Ports ++ GTK_WINDOW_TOPLEVEL ++ GTK_WIN_POS_NONE ++ False ++ True ++ False ++ True ++ False ++ False ++ GDK_WINDOW_TYPE_HINT_DIALOG ++ GDK_GRAVITY_NORTH_WEST ++ True ++ False ++ True ++ ++ ++ ++ True ++ False ++ 0 ++ ++ ++ ++ True ++ GTK_BUTTONBOX_END ++ ++ ++ ++ True ++ True ++ True ++ gtk-cancel ++ True ++ GTK_RELIEF_NORMAL ++ True ++ -6 ++ ++ ++ ++ ++ ++ True ++ True ++ True ++ gtk-ok ++ True ++ GTK_RELIEF_NORMAL ++ True ++ -5 ++ ++ ++ ++ ++ 0 ++ False ++ True ++ GTK_PACK_END ++ ++ ++ ++ ++ ++ True ++ False ++ 0 ++ ++ ++ ++ True ++ 4 ++ 2 ++ False ++ 4 ++ 6 ++ ++ ++ ++ True ++ Port Number ++ False ++ False ++ GTK_JUSTIFY_LEFT ++ False ++ False ++ 0 ++ 0.5 ++ 0 ++ 0 ++ PANGO_ELLIPSIZE_NONE ++ -1 ++ False ++ 0 ++ ++ ++ 0 ++ 1 ++ 0 ++ 1 ++ fill ++ ++ ++ ++ ++ ++ ++ True ++ Protocol ++ False ++ False ++ GTK_JUSTIFY_LEFT ++ False ++ False ++ 0 ++ 0.5 ++ 0 ++ 0 ++ PANGO_ELLIPSIZE_NONE ++ -1 ++ False ++ 0 ++ ++ ++ 0 ++ 1 ++ 1 ++ 2 ++ fill ++ ++ ++ ++ ++ ++ ++ True ++ SELinux Type ++ False ++ False ++ GTK_JUSTIFY_LEFT ++ False ++ False ++ 0 ++ 0.5 ++ 0 ++ 0 ++ PANGO_ELLIPSIZE_NONE ++ -1 ++ False ++ 0 ++ ++ ++ 0 ++ 1 ++ 2 ++ 3 ++ fill ++ ++ ++ ++ ++ ++ ++ True ++ True ++ True ++ True ++ 0 ++ ++ True ++ * ++ False ++ ++ ++ 1 ++ 2 ++ 0 ++ 1 ++ ++ ++ ++ ++ ++ ++ True ++ tcp ++udp ++ False ++ True ++ ++ ++ 1 ++ 2 ++ 1 ++ 2 ++ fill ++ fill ++ ++ ++ ++ ++ ++ True ++ True ++ True ++ True ++ 0 ++ ++ True ++ * ++ False ++ ++ ++ 1 ++ 2 ++ 2 ++ 3 ++ ++ ++ ++ ++ ++ ++ True ++ MLS/MCS ++Level ++ False ++ False ++ GTK_JUSTIFY_LEFT ++ False ++ False ++ 0 ++ 0.5 ++ 0 ++ 0 ++ PANGO_ELLIPSIZE_NONE ++ -1 ++ False ++ 0 ++ ++ ++ 0 ++ 1 ++ 3 ++ 4 ++ fill ++ ++ ++ ++ ++ ++ ++ True ++ True ++ True ++ True ++ 0 ++ ++ True ++ * ++ False ++ ++ ++ 1 ++ 2 ++ 3 ++ 4 ++ ++ ++ ++ ++ ++ 5 ++ True ++ True ++ ++ ++ ++ ++ 0 ++ True ++ True ++ ++ ++ ++ ++ ++ ++ ++ Add SELinux Login Mapping ++ GTK_WINDOW_TOPLEVEL ++ GTK_WIN_POS_NONE ++ False ++ True ++ False ++ True ++ False ++ False ++ GDK_WINDOW_TYPE_HINT_DIALOG ++ GDK_GRAVITY_NORTH_WEST ++ True ++ False ++ True ++ ++ ++ ++ True ++ False ++ 0 ++ ++ ++ ++ True ++ GTK_BUTTONBOX_END ++ ++ ++ ++ True ++ True ++ True ++ gtk-cancel ++ True ++ GTK_RELIEF_NORMAL ++ True ++ -6 ++ ++ ++ ++ ++ ++ True ++ True ++ True ++ gtk-ok ++ True ++ GTK_RELIEF_NORMAL ++ True ++ -5 ++ ++ ++ ++ ++ 0 ++ False ++ True ++ GTK_PACK_END ++ ++ ++ ++ ++ ++ True ++ False ++ 0 ++ ++ ++ ++ True ++ 2 ++ 2 ++ False ++ 4 ++ 6 ++ ++ ++ ++ True ++ SELinux MLS/MCS ++Level ++ False ++ False ++ GTK_JUSTIFY_LEFT ++ False ++ False ++ 0 ++ 0.5 ++ 0 ++ 0 ++ PANGO_ELLIPSIZE_NONE ++ -1 ++ False ++ 0 ++ ++ ++ 0 ++ 1 ++ 0 ++ 1 ++ fill ++ ++ ++ ++ ++ ++ ++ True ++ Translation ++ False ++ False ++ GTK_JUSTIFY_LEFT ++ False ++ False ++ 0 ++ 0.5 ++ 0 ++ 0 ++ PANGO_ELLIPSIZE_NONE ++ -1 ++ False ++ 0 ++ ++ ++ 0 ++ 1 ++ 1 ++ 2 ++ fill ++ ++ ++ ++ ++ ++ ++ True ++ True ++ True ++ True ++ 0 ++ ++ True ++ * ++ False ++ ++ ++ 1 ++ 2 ++ 0 ++ 1 ++ ++ ++ ++ ++ ++ ++ True ++ True ++ True ++ True ++ 0 ++ ++ True ++ * ++ False ++ ++ ++ 1 ++ 2 ++ 1 ++ 2 ++ ++ ++ ++ ++ ++ 5 ++ True ++ True ++ ++ ++ ++ ++ 0 ++ True ++ True ++ ++ ++ ++ ++ ++ ++ ++ Add SELinux Login Mapping ++ GTK_WINDOW_TOPLEVEL ++ GTK_WIN_POS_NONE ++ False ++ True ++ False ++ True ++ False ++ False ++ GDK_WINDOW_TYPE_HINT_DIALOG ++ GDK_GRAVITY_NORTH_WEST ++ True ++ False ++ True ++ ++ ++ ++ True ++ False ++ 0 ++ ++ ++ ++ True ++ GTK_BUTTONBOX_END ++ ++ ++ ++ True ++ True ++ True ++ gtk-cancel ++ True ++ GTK_RELIEF_NORMAL ++ True ++ -6 ++ ++ ++ ++ ++ ++ True ++ True ++ True ++ gtk-ok ++ True ++ GTK_RELIEF_NORMAL ++ True ++ -5 ++ ++ ++ ++ ++ 0 ++ False ++ True ++ GTK_PACK_END ++ ++ ++ ++ ++ ++ True ++ False ++ 0 ++ ++ ++ ++ True ++ 4 ++ 2 ++ False ++ 4 ++ 6 ++ ++ ++ ++ True ++ File Specification ++ False ++ False ++ GTK_JUSTIFY_LEFT ++ False ++ False ++ 0 ++ 0.5 ++ 0 ++ 0 ++ PANGO_ELLIPSIZE_NONE ++ -1 ++ False ++ 0 ++ ++ ++ 0 ++ 1 ++ 0 ++ 1 ++ fill ++ ++ ++ ++ ++ ++ ++ True ++ File Type ++ False ++ False ++ GTK_JUSTIFY_LEFT ++ False ++ False ++ 0 ++ 0.5 ++ 0 ++ 0 ++ PANGO_ELLIPSIZE_NONE ++ -1 ++ False ++ 0 ++ ++ ++ 0 ++ 1 ++ 1 ++ 2 ++ fill ++ ++ ++ ++ ++ ++ ++ True ++ SELinux Type ++ False ++ False ++ GTK_JUSTIFY_LEFT ++ False ++ False ++ 0 ++ 0.5 ++ 0 ++ 0 ++ PANGO_ELLIPSIZE_NONE ++ -1 ++ False ++ 0 ++ ++ ++ 0 ++ 1 ++ 2 ++ 3 ++ fill ++ ++ ++ ++ ++ ++ ++ True ++ True ++ True ++ True ++ 0 ++ ++ True ++ * ++ False ++ ++ ++ 1 ++ 2 ++ 0 ++ 1 ++ ++ ++ ++ ++ ++ ++ True ++ all files ++regular file ++directory ++character device ++block device ++socket ++symbolic link ++named pipe ++ ++ False ++ True ++ ++ ++ 1 ++ 2 ++ 1 ++ 2 ++ fill ++ fill ++ ++ ++ ++ ++ ++ True ++ True ++ True ++ True ++ 0 ++ ++ True ++ * ++ False ++ ++ ++ 1 ++ 2 ++ 2 ++ 3 ++ ++ ++ ++ ++ ++ ++ True ++ MLS ++ False ++ False ++ GTK_JUSTIFY_LEFT ++ False ++ False ++ 0 ++ 0.5 ++ 0 ++ 0 ++ PANGO_ELLIPSIZE_NONE ++ -1 ++ False ++ 0 ++ ++ ++ 0 ++ 1 ++ 3 ++ 4 ++ fill ++ ++ ++ ++ ++ ++ ++ True ++ True ++ True ++ True ++ 0 ++ ++ True ++ * ++ False ++ ++ ++ 1 ++ 2 ++ 3 ++ 4 ++ ++ ++ ++ ++ ++ 5 ++ True ++ True ++ ++ ++ ++ ++ 0 ++ True ++ True ++ ++ ++ ++ ++ ++ ++ ++ Add SELinux User ++ GTK_WINDOW_TOPLEVEL ++ GTK_WIN_POS_NONE ++ False ++ True ++ False ++ True ++ False ++ False ++ GDK_WINDOW_TYPE_HINT_DIALOG ++ GDK_GRAVITY_NORTH_WEST ++ True ++ False ++ True ++ ++ ++ ++ True ++ False ++ 0 ++ ++ ++ ++ True ++ GTK_BUTTONBOX_END ++ ++ ++ ++ True ++ True ++ True ++ gtk-cancel ++ True ++ GTK_RELIEF_NORMAL ++ True ++ -6 ++ ++ ++ ++ ++ ++ True ++ True ++ True ++ gtk-ok ++ True ++ GTK_RELIEF_NORMAL ++ True ++ -5 ++ ++ ++ ++ ++ 0 ++ False ++ True ++ GTK_PACK_END ++ ++ ++ ++ ++ ++ True ++ False ++ 0 ++ ++ ++ ++ True ++ 5 ++ 2 ++ False ++ 4 ++ 6 ++ ++ ++ ++ True ++ SELinux User ++ False ++ False ++ GTK_JUSTIFY_LEFT ++ False ++ False ++ 0 ++ 0.5 ++ 0 ++ 0 ++ PANGO_ELLIPSIZE_NONE ++ -1 ++ False ++ 0 ++ ++ ++ 0 ++ 1 ++ 0 ++ 1 ++ fill ++ ++ ++ ++ ++ ++ ++ True ++ Label Prefix ++ False ++ False ++ GTK_JUSTIFY_LEFT ++ False ++ False ++ 0 ++ 0.5 ++ 0 ++ 0 ++ PANGO_ELLIPSIZE_NONE ++ -1 ++ False ++ 0 ++ ++ ++ 0 ++ 1 ++ 1 ++ 2 ++ fill ++ ++ ++ ++ ++ ++ ++ True ++ MLS/MCS Range ++ False ++ False ++ GTK_JUSTIFY_LEFT ++ False ++ False ++ 0 ++ 0.5 ++ 0 ++ 0 ++ PANGO_ELLIPSIZE_NONE ++ -1 ++ False ++ 0 ++ ++ ++ 0 ++ 1 ++ 3 ++ 4 ++ fill ++ ++ ++ ++ ++ ++ ++ True ++ True ++ True ++ True ++ 0 ++ ++ True ++ * ++ False ++ ++ ++ 1 ++ 2 ++ 3 ++ 4 ++ ++ ++ ++ ++ ++ ++ True ++ MLS/MCS Level ++ False ++ False ++ GTK_JUSTIFY_LEFT ++ False ++ False ++ 0 ++ 0.5 ++ 0 ++ 0 ++ PANGO_ELLIPSIZE_NONE ++ -1 ++ False ++ 0 ++ ++ ++ 0 ++ 1 ++ 2 ++ 3 ++ fill ++ ++ ++ ++ ++ ++ ++ True ++ True ++ True ++ True ++ 0 ++ ++ True ++ * ++ False ++ ++ ++ 1 ++ 2 ++ 2 ++ 3 ++ ++ ++ ++ ++ ++ ++ True ++ SELinux Roles ++ False ++ False ++ GTK_JUSTIFY_LEFT ++ False ++ False ++ 0 ++ 0.5 ++ 0 ++ 0 ++ PANGO_ELLIPSIZE_NONE ++ -1 ++ False ++ 0 ++ ++ ++ 0 ++ 1 ++ 4 ++ 5 ++ fill ++ ++ ++ ++ ++ ++ ++ True ++ True ++ True ++ True ++ 0 ++ ++ True ++ * ++ False ++ ++ ++ 1 ++ 2 ++ 4 ++ 5 ++ ++ ++ ++ ++ ++ ++ True ++ True ++ True ++ True ++ 0 ++ ++ True ++ * ++ False ++ ++ ++ 1 ++ 2 ++ 0 ++ 1 ++ ++ ++ ++ ++ ++ ++ True ++ True ++ True ++ True ++ 0 ++ ++ True ++ * ++ False ++ ++ ++ 1 ++ 2 ++ 1 ++ 2 ++ ++ ++ ++ ++ ++ 5 ++ True ++ True ++ ++ ++ ++ ++ 0 ++ True ++ True ++ ++ ++ ++ ++ ++ ++ ++ 800 ++ 500 ++ GTK_WINDOW_TOPLEVEL ++ GTK_WIN_POS_NONE ++ False ++ True ++ False ++ system-config-selinux.png ++ True ++ False ++ False ++ GDK_WINDOW_TYPE_HINT_NORMAL ++ GDK_GRAVITY_NORTH_WEST ++ True ++ False ++ True ++ ++ ++ ++ True ++ True ++ ++ ++ ++ True ++ GTK_SHADOW_NONE ++ ++ ++ ++ True ++ GTK_PACK_DIRECTION_LTR ++ GTK_PACK_DIRECTION_LTR ++ ++ ++ ++ True ++ GNOMEUIINFO_MENU_FILE_TREE ++ ++ ++ ++ ++ ++ ++ True ++ GNOMEUIINFO_MENU_EXIT_ITEM ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ True ++ GNOMEUIINFO_MENU_HELP_TREE ++ ++ ++ ++ ++ ++ ++ True ++ GNOMEUIINFO_MENU_ABOUT_ITEM ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ BONOBO_DOCK_TOP ++ 0 ++ 0 ++ 0 ++ BONOBO_DOCK_ITEM_BEH_EXCLUSIVE|BONOBO_DOCK_ITEM_BEH_NEVER_VERTICAL|BONOBO_DOCK_ITEM_BEH_LOCKED ++ ++ ++ ++ ++ ++ True ++ True ++ 0 ++ ++ ++ ++ 5 ++ True ++ 0 ++ 0.5 ++ GTK_SHADOW_NONE ++ ++ ++ ++ True ++ 0.5 ++ 0.5 ++ 1 ++ 1 ++ 0 ++ 0 ++ 12 ++ 0 ++ ++ ++ ++ True ++ Select Managment Object ++ True ++ False ++ False ++ False ++ True ++ False ++ False ++ False ++ ++ ++ ++ ++ ++ ++ ++ True ++ <b>Select:</b> ++ False ++ True ++ GTK_JUSTIFY_LEFT ++ False ++ False ++ 0.5 ++ 0.5 ++ 0 ++ 0 ++ PANGO_ELLIPSIZE_NONE ++ -1 ++ False ++ 0 ++ ++ ++ label_item ++ ++ ++ ++ ++ False ++ True ++ ++ ++ ++ ++ ++ True ++ False ++ True ++ GTK_POS_TOP ++ False ++ False ++ ++ ++ ++ True ++ False ++ 0 ++ ++ ++ ++ True ++ 4 ++ 2 ++ False ++ 5 ++ 5 ++ ++ ++ ++ True ++ System Default Enforcing Mode ++ False ++ False ++ GTK_JUSTIFY_LEFT ++ False ++ False ++ 0.5 ++ 0.5 ++ 0 ++ 0 ++ PANGO_ELLIPSIZE_NONE ++ -1 ++ False ++ 0 ++ ++ ++ 0 ++ 1 ++ 0 ++ 1 ++ fill ++ ++ ++ ++ ++ ++ ++ True ++ Enforcing ++Permissive ++Disabled ++ ++ False ++ True ++ ++ ++ 1 ++ 2 ++ 0 ++ 1 ++ fill ++ ++ ++ ++ ++ ++ True ++ Current Enforcing Mode ++ False ++ False ++ GTK_JUSTIFY_LEFT ++ False ++ False ++ 0.5 ++ 0.5 ++ 0 ++ 0 ++ PANGO_ELLIPSIZE_NONE ++ -1 ++ False ++ 0 ++ ++ ++ 0 ++ 1 ++ 1 ++ 2 ++ fill ++ ++ ++ ++ ++ ++ ++ True ++ ++ False ++ True ++ ++ ++ 1 ++ 2 ++ 1 ++ 2 ++ fill ++ fill ++ ++ ++ ++ ++ ++ True ++ System Default Policy Type: ++ False ++ False ++ GTK_JUSTIFY_LEFT ++ False ++ False ++ 0.5 ++ 0.5 ++ 0 ++ 0 ++ PANGO_ELLIPSIZE_NONE ++ -1 ++ False ++ 0 ++ ++ ++ 0 ++ 1 ++ 2 ++ 3 ++ fill ++ ++ ++ ++ ++ ++ ++ True ++ ++ False ++ True ++ ++ ++ 1 ++ 2 ++ 2 ++ 3 ++ fill ++ fill ++ ++ ++ ++ ++ ++ True ++ Select if you wish to relabel then entire file system on next reboot. Relabeling can take a very long time, depending on the size of the system. If you are changing policy types or going from disabled to enforing, a relabel is required. ++ True ++ GTK_RELIEF_NORMAL ++ True ++ False ++ False ++ True ++ ++ ++ ++ True ++ 0.5 ++ 0.5 ++ 0 ++ 0 ++ 0 ++ 0 ++ 0 ++ 0 ++ ++ ++ ++ True ++ False ++ 2 ++ ++ ++ ++ True ++ gtk-refresh ++ 4 ++ 0.5 ++ 0.5 ++ 0 ++ 0 ++ ++ ++ 0 ++ False ++ False ++ ++ ++ ++ ++ ++ True ++ Relabel on next reboot. ++ True ++ False ++ GTK_JUSTIFY_LEFT ++ False ++ False ++ 0.5 ++ 0.5 ++ 0 ++ 0 ++ PANGO_ELLIPSIZE_NONE ++ -1 ++ False ++ 0 ++ ++ ++ 0 ++ False ++ False ++ ++ ++ ++ ++ ++ ++ ++ ++ 0 ++ 2 ++ 3 ++ 4 ++ fill ++ fill ++ ++ ++ ++ ++ 0 ++ True ++ True ++ ++ ++ ++ ++ False ++ True ++ ++ ++ ++ ++ ++ True ++ label37 ++ False ++ False ++ GTK_JUSTIFY_LEFT ++ False ++ False ++ 0.5 ++ 0.5 ++ 0 ++ 0 ++ PANGO_ELLIPSIZE_NONE ++ -1 ++ False ++ 0 ++ ++ ++ tab ++ ++ ++ ++ ++ ++ True ++ True ++ GTK_POLICY_ALWAYS ++ GTK_POLICY_ALWAYS ++ GTK_SHADOW_NONE ++ GTK_CORNER_TOP_LEFT ++ ++ ++ ++ True ++ True ++ False ++ False ++ False ++ True ++ False ++ False ++ False ++ ++ ++ ++ ++ False ++ True ++ ++ ++ ++ ++ ++ True ++ label50 ++ False ++ False ++ GTK_JUSTIFY_LEFT ++ False ++ False ++ 0.5 ++ 0.5 ++ 0 ++ 0 ++ PANGO_ELLIPSIZE_NONE ++ -1 ++ False ++ 0 ++ ++ ++ tab ++ ++ ++ ++ ++ ++ True ++ False ++ 0 ++ ++ ++ ++ True ++ GTK_ORIENTATION_HORIZONTAL ++ GTK_TOOLBAR_BOTH ++ True ++ True ++ ++ ++ ++ True ++ Add File Context ++ gtk-add ++ True ++ True ++ False ++ ++ ++ ++ False ++ True ++ ++ ++ ++ ++ ++ True ++ Modify File Context ++ gtk-properties ++ True ++ True ++ False ++ ++ ++ ++ False ++ True ++ ++ ++ ++ ++ ++ True ++ Delete File Context ++ gtk-delete ++ True ++ True ++ False ++ ++ ++ ++ False ++ True ++ ++ ++ ++ ++ 0 ++ False ++ False ++ ++ ++ ++ ++ ++ True ++ True ++ GTK_POLICY_ALWAYS ++ GTK_POLICY_ALWAYS ++ GTK_SHADOW_NONE ++ GTK_CORNER_TOP_LEFT ++ ++ ++ ++ True ++ True ++ True ++ False ++ False ++ True ++ False ++ False ++ False ++ ++ ++ ++ ++ 0 ++ True ++ True ++ ++ ++ ++ ++ False ++ True ++ ++ ++ ++ ++ ++ True ++ label38 ++ False ++ False ++ GTK_JUSTIFY_LEFT ++ False ++ False ++ 0.5 ++ 0.5 ++ 0 ++ 0 ++ PANGO_ELLIPSIZE_NONE ++ -1 ++ False ++ 0 ++ ++ ++ tab ++ ++ ++ ++ ++ ++ True ++ False ++ 0 ++ ++ ++ ++ True ++ GTK_ORIENTATION_HORIZONTAL ++ GTK_TOOLBAR_BOTH ++ True ++ True ++ ++ ++ ++ True ++ Add SELinux User Mapping ++ gtk-add ++ True ++ True ++ False ++ ++ ++ ++ False ++ True ++ ++ ++ ++ ++ ++ True ++ Modify SELinux User Mapping ++ gtk-properties ++ True ++ True ++ False ++ ++ ++ ++ False ++ True ++ ++ ++ ++ ++ ++ True ++ Delete SELinux User Mapping ++ gtk-delete ++ True ++ True ++ False ++ ++ ++ ++ False ++ True ++ ++ ++ ++ ++ 0 ++ False ++ False ++ ++ ++ ++ ++ ++ True ++ True ++ GTK_POLICY_ALWAYS ++ GTK_POLICY_ALWAYS ++ GTK_SHADOW_NONE ++ GTK_CORNER_TOP_LEFT ++ ++ ++ ++ True ++ True ++ True ++ False ++ False ++ True ++ False ++ False ++ False ++ ++ ++ ++ ++ 0 ++ True ++ True ++ ++ ++ ++ ++ False ++ True ++ ++ ++ ++ ++ ++ True ++ label39 ++ False ++ False ++ GTK_JUSTIFY_LEFT ++ False ++ False ++ 0.5 ++ 0.5 ++ 0 ++ 0 ++ PANGO_ELLIPSIZE_NONE ++ -1 ++ False ++ 0 ++ ++ ++ tab ++ ++ ++ ++ ++ ++ True ++ False ++ 0 ++ ++ ++ ++ True ++ GTK_ORIENTATION_HORIZONTAL ++ GTK_TOOLBAR_BOTH ++ True ++ True ++ ++ ++ ++ True ++ Add Translation ++ gtk-add ++ True ++ True ++ False ++ ++ ++ ++ False ++ True ++ ++ ++ ++ ++ ++ True ++ Modify Translation ++ gtk-properties ++ True ++ True ++ False ++ ++ ++ ++ False ++ True ++ ++ ++ ++ ++ ++ True ++ Delete Translation ++ gtk-delete ++ True ++ True ++ False ++ ++ ++ ++ False ++ True ++ ++ ++ ++ ++ 0 ++ False ++ False ++ ++ ++ ++ ++ ++ True ++ True ++ GTK_POLICY_ALWAYS ++ GTK_POLICY_ALWAYS ++ GTK_SHADOW_NONE ++ GTK_CORNER_TOP_LEFT ++ ++ ++ ++ True ++ True ++ True ++ False ++ False ++ True ++ False ++ False ++ False ++ ++ ++ ++ ++ 0 ++ True ++ True ++ ++ ++ ++ ++ False ++ True ++ ++ ++ ++ ++ ++ True ++ label41 ++ False ++ False ++ GTK_JUSTIFY_LEFT ++ False ++ False ++ 0.5 ++ 0.5 ++ 0 ++ 0 ++ PANGO_ELLIPSIZE_NONE ++ -1 ++ False ++ 0 ++ ++ ++ tab ++ ++ ++ ++ ++ ++ True ++ False ++ 0 ++ ++ ++ ++ True ++ GTK_ORIENTATION_HORIZONTAL ++ GTK_TOOLBAR_BOTH ++ True ++ True ++ ++ ++ ++ True ++ Add SELinux User ++ gtk-add ++ True ++ True ++ False ++ ++ ++ ++ False ++ True ++ ++ ++ ++ ++ ++ True ++ Modify SELinux User ++ gtk-properties ++ True ++ True ++ False ++ ++ ++ ++ False ++ True ++ ++ ++ ++ ++ ++ True ++ Add SELinux User ++ gtk-delete ++ True ++ True ++ False ++ ++ ++ ++ False ++ True ++ ++ ++ ++ ++ 0 ++ False ++ False ++ ++ ++ ++ ++ ++ True ++ True ++ GTK_POLICY_ALWAYS ++ GTK_POLICY_ALWAYS ++ GTK_SHADOW_NONE ++ GTK_CORNER_TOP_LEFT ++ ++ ++ ++ True ++ True ++ True ++ False ++ False ++ True ++ False ++ False ++ False ++ ++ ++ ++ ++ 0 ++ True ++ True ++ ++ ++ ++ ++ False ++ True ++ ++ ++ ++ ++ ++ True ++ label40 ++ False ++ False ++ GTK_JUSTIFY_LEFT ++ False ++ False ++ 0.5 ++ 0.5 ++ 0 ++ 0 ++ PANGO_ELLIPSIZE_NONE ++ -1 ++ False ++ 0 ++ ++ ++ tab ++ ++ ++ ++ ++ ++ True ++ False ++ 0 ++ ++ ++ ++ True ++ GTK_ORIENTATION_HORIZONTAL ++ GTK_TOOLBAR_BOTH ++ False ++ True ++ ++ ++ ++ True ++ Add Network Port ++ gtk-add ++ True ++ True ++ False ++ ++ ++ ++ False ++ True ++ ++ ++ ++ ++ ++ True ++ Edit Network Port ++ gtk-properties ++ True ++ True ++ False ++ ++ ++ ++ False ++ True ++ ++ ++ ++ ++ ++ True ++ Delete Network Port ++ gtk-delete ++ True ++ True ++ False ++ ++ ++ ++ False ++ True ++ ++ ++ ++ ++ ++ True ++ True ++ True ++ False ++ ++ ++ ++ 32 ++ True ++ ++ ++ ++ ++ False ++ False ++ ++ ++ ++ ++ ++ True ++ True ++ True ++ False ++ ++ ++ ++ True ++ Group/ungroup network ports by SELinux type. ++ True ++ GTK_RELIEF_NORMAL ++ True ++ False ++ False ++ ++ ++ ++ ++ True ++ 0.5 ++ 0.5 ++ 0 ++ 0 ++ 0 ++ 0 ++ 0 ++ 0 ++ ++ ++ ++ True ++ False ++ 2 ++ ++ ++ ++ True ++ gtk-indent ++ 4 ++ 0.5 ++ 0.5 ++ 0 ++ 0 ++ ++ ++ 0 ++ False ++ False ++ ++ ++ ++ ++ ++ True ++ Group View ++ True ++ False ++ GTK_JUSTIFY_LEFT ++ False ++ False ++ 0.5 ++ 0.5 ++ 0 ++ 0 ++ PANGO_ELLIPSIZE_NONE ++ -1 ++ False ++ 0 ++ ++ ++ 0 ++ False ++ False ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ False ++ False ++ ++ ++ ++ ++ 0 ++ False ++ False ++ ++ ++ ++ ++ ++ True ++ True ++ GTK_POLICY_ALWAYS ++ GTK_POLICY_ALWAYS ++ GTK_SHADOW_NONE ++ GTK_CORNER_TOP_LEFT ++ ++ ++ ++ True ++ True ++ True ++ False ++ False ++ True ++ False ++ False ++ False ++ ++ ++ ++ ++ 0 ++ True ++ True ++ ++ ++ ++ ++ False ++ True ++ ++ ++ ++ ++ ++ True ++ label42 ++ False ++ False ++ GTK_JUSTIFY_LEFT ++ False ++ False ++ 0.5 ++ 0.5 ++ 0 ++ 0 ++ PANGO_ELLIPSIZE_NONE ++ -1 ++ False ++ 0 ++ ++ ++ tab ++ ++ ++ ++ ++ ++ True ++ False ++ 0 ++ ++ ++ ++ True ++ GTK_ORIENTATION_HORIZONTAL ++ GTK_TOOLBAR_BOTH ++ True ++ True ++ ++ ++ ++ True ++ Load policy module ++ gtk-add ++ True ++ True ++ False ++ ++ ++ ++ False ++ True ++ ++ ++ ++ ++ ++ True ++ Remove loadable policy module ++ gtk-remove ++ True ++ True ++ False ++ ++ ++ ++ False ++ True ++ ++ ++ ++ ++ ++ True ++ True ++ True ++ False ++ ++ ++ ++ 10 ++ True ++ ++ ++ ++ ++ False ++ False ++ ++ ++ ++ ++ ++ True ++ Enable additional audit rules, that are normally not reported in the log files. ++ Enable Audit ++ True ++ gtk-zoom-in ++ True ++ True ++ False ++ ++ ++ ++ False ++ True ++ ++ ++ ++ ++ ++ True ++ Disable additional audit rules, that are normally not reported in the log files. ++ Disable Audit ++ True ++ gtk-zoom-out ++ True ++ True ++ False ++ ++ ++ ++ False ++ True ++ ++ ++ ++ ++ 0 ++ False ++ False ++ ++ ++ ++ ++ ++ True ++ True ++ GTK_POLICY_ALWAYS ++ GTK_POLICY_ALWAYS ++ GTK_SHADOW_NONE ++ GTK_CORNER_TOP_LEFT ++ ++ ++ ++ True ++ True ++ True ++ False ++ False ++ True ++ False ++ False ++ False ++ ++ ++ ++ ++ 0 ++ True ++ True ++ ++ ++ ++ ++ False ++ True ++ ++ ++ ++ ++ ++ True ++ label44 ++ False ++ False ++ GTK_JUSTIFY_LEFT ++ False ++ False ++ 0.5 ++ 0.5 ++ 0 ++ 0 ++ PANGO_ELLIPSIZE_NONE ++ -1 ++ False ++ 0 ++ ++ ++ tab ++ ++ ++ ++ ++ True ++ True ++ ++ ++ ++ ++ ++ ++ 0 ++ True ++ True ++ ++ ++ ++ ++ ++ True ++ True ++ True ++ ++ ++ 0 ++ True ++ True ++ ++ ++ ++ ++ +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/system-config-selinux.py policycoreutils-2.0.1/gui/system-config-selinux.py +--- nsapolicycoreutils/gui/system-config-selinux.py 1969-12-31 19:00:00.000000000 -0500 ++++ policycoreutils-2.0.1/gui/system-config-selinux.py 2007-02-15 15:16:09.000000000 -0500 +@@ -0,0 +1,156 @@ ++#!/usr/bin/python ++# ++# system-config-selinux.py - GUI for SELinux Config tool in system-config-selinux ++# ++# Dan Walsh ++# ++# Copyright 2006 Red Hat, Inc. ++# ++# This program is free software; you can redistribute it and/or modify ++# it under the terms of the GNU General Public License as published by ++# the Free Software Foundation; either version 2 of the License, or ++# (at your option) any later version. ++# ++# This program is distributed in the hope that it will be useful, ++# but WITHOUT ANY WARRANTY; without even the implied warranty of ++# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ++# GNU General Public License for more details. ++# ++# You should have received a copy of the GNU General Public License ++# along with this program; if not, write to the Free Software ++# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. ++# ++import signal ++import string ++import gtk ++import gtk.glade ++import os ++import libxml2 ++import gobject ++import gnome ++import sys ++import statusPage ++import booleansPage ++import loginsPage ++import usersPage ++import portsPage ++import modulesPage ++import fcontextPage ++import translationsPage ++## ++## I18N ++## ++PROGNAME="system-config-selinux" ++ ++import gettext ++gettext.bindtextdomain(PROGNAME, "/usr/share/locale") ++gettext.textdomain(PROGNAME) ++try: ++ gettext.install(PROGNAME, localedir="/usr/share/locale", unicode=1) ++except IOError: ++ import __builtin__ ++ __builtin__.__dict__['_'] = unicode ++ ++gnome.program_init("SELinux Management Tool", "5") ++ ++version = "1.0" ++ ++sys.path.append('/usr/share/system-config-selinux') ++ ++ ++ ++## ++## Pull in the Glade file ++## ++if os.access("system-config-selinux.glade", os.F_OK): ++ xml = gtk.glade.XML ("system-config-selinux.glade", domain=PROGNAME) ++else: ++ xml = gtk.glade.XML ("/usr/share/system-config-selinux/system-config-selinux.glade", domain=PROGNAME) ++ ++class childWindow: ++ def __init__(self): ++ self.tabs=[] ++ self.xml = xml ++ xml.signal_connect("on_quit_activate", self.destroy) ++ xml.signal_connect("on_delete_clicked", self.delete) ++ xml.signal_connect("on_add_clicked", self.add) ++ xml.signal_connect("on_properties_clicked", self.properties) ++ self.add_page(statusPage.statusPage(xml)) ++ self.add_page(booleansPage.booleansPage(xml)) ++ self.add_page(fcontextPage.fcontextPage(xml)) ++ self.add_page(loginsPage.loginsPage(xml)) ++ self.add_page(usersPage.usersPage(xml)) ++ self.add_page(translationsPage.translationsPage(xml)) ++ self.add_page(portsPage.portsPage(xml)) ++ self.add_page(modulesPage.modulesPage(xml)) # modules ++ ++ xml.signal_connect("on_quit_activate", self.destroy) ++ xml.signal_connect("on_policy_activate", self.policy) ++ xml.signal_connect("on_logging_activate", self.logging) ++ xml.signal_connect("on_about_activate", self.on_about_activate) ++ ++ def add_page(self, page): ++ self.tabs.append(page) ++ ++ def policy(self, args): ++ os.spawnl(os.P_NOWAIT, "/usr/share/system-config-selinux/semanagegui.py") ++ def logging(self, args): ++ os.spawnl(os.P_NOWAIT, "/usr/bin/seaudit") ++ ++ def delete(self, args): ++ self.tabs[self.notebook.get_current_page()].deleteDialog() ++ ++ def add(self, args): ++ self.tabs[self.notebook.get_current_page()].addDialog() ++ ++ def properties(self, args): ++ self.tabs[self.notebook.get_current_page()].propertiesDialog() ++ ++ def on_about_activate(self, args): ++ dlg = xml.get_widget ("aboutWindow") ++ dlg.run () ++ dlg.hide () ++ ++ def destroy(self, args): ++ gtk.main_quit() ++ ++ def itemSelected(self, selection): ++ store, rows = selection.get_selected_rows() ++ if store != None and len(rows) > 0: ++ self.notebook.set_current_page(rows[0][0]) ++ else: ++ self.notebook.set_current_page(0) ++ ++ ++ def setupScreen(self): ++ # Bring in widgets from glade file. ++ self.mainWindow = self.xml.get_widget("mainWindow") ++ self.notebook = self.xml.get_widget("notebook") ++ self.view = self.xml.get_widget("selectView") ++ self.view.get_selection().connect("changed", self.itemSelected) ++ self.store = gtk.ListStore(gobject.TYPE_STRING) ++ self.view.set_model(self.store) ++ col = gtk.TreeViewColumn("", gtk.CellRendererText(), text = 0) ++ col.set_resizable(True) ++ self.view.append_column(col) ++ ++ for page in self.tabs: ++ iter = self.store.append() ++ self.store.set_value(iter, 0, page.get_description()) ++ self.view.get_selection().select_path ((0,)) ++ ++ def stand_alone(self): ++ desktopName = _("Configue SELinux") ++ ++ self.setupScreen() ++ ++ self.mainWindow.connect("destroy", self.destroy) ++ ++ self.mainWindow.show_all() ++ gtk.main() ++ ++if __name__ == "__main__": ++ signal.signal (signal.SIGINT, signal.SIG_DFL) ++ ++ app = childWindow() ++ app.stand_alone() +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/translationsPage.py policycoreutils-2.0.1/gui/translationsPage.py +--- nsapolicycoreutils/gui/translationsPage.py 1969-12-31 19:00:00.000000000 -0500 ++++ policycoreutils-2.0.1/gui/translationsPage.py 2007-02-15 15:16:09.000000000 -0500 +@@ -0,0 +1,109 @@ ++## translationsPage.py - show selinux translations ++## Copyright (C) 2006 Red Hat, Inc. ++ ++## This program is free software; you can redistribute it and/or modify ++## it under the terms of the GNU General Public License as published by ++## the Free Software Foundation; either version 2 of the License, or ++## (at your option) any later version. ++ ++## This program is distributed in the hope that it will be useful, ++## but WITHOUT ANY WARRANTY; without even the implied warranty of ++## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ++## GNU General Public License for more details. ++ ++## You should have received a copy of the GNU General Public License ++## along with this program; if not, write to the Free Software ++## Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. ++ ++## Author: Dan Walsh ++import string ++import gtk ++import gtk.glade ++import os ++import libxml2 ++import gobject ++import sys ++import seobject ++from semanagePage import *; ++ ++## ++## I18N ++## ++PROGNAME="policycoreutils" ++import gettext ++gettext.bindtextdomain(PROGNAME, "/usr/share/locale") ++gettext.textdomain(PROGNAME) ++try: ++ gettext.install(PROGNAME, localedir="/usr/share/locale", unicode=1) ++except IOError: ++ import __builtin__ ++ __builtin__.__dict__['_'] = unicode ++ ++class translationsPage(semanagePage): ++ def __init__(self, xml): ++ self.firstTime = False ++ semanagePage.__init__(self, xml, "translations", _("Translation")) ++ self.store = gtk.ListStore(gobject.TYPE_STRING, gobject.TYPE_STRING) ++ self.view.set_model(self.store) ++ self.store.set_sort_column_id(0, gtk.SORT_ASCENDING) ++ col = gtk.TreeViewColumn(_("Sensitvity Level"), gtk.CellRendererText(), text = 0) ++ col.set_sort_column_id(0) ++ col.set_resizable(True) ++ self.view.append_column(col) ++ col = gtk.TreeViewColumn(_("Translation"), gtk.CellRendererText(), text = 1) ++ col.set_sort_column_id(1) ++ col.set_resizable(True) ++ self.view.append_column(col) ++ ++ self.load() ++ self.translationsLevelEntry = xml.get_widget("translationsLevelEntry") ++ self.translationsEntry = xml.get_widget("translationsEntry") ++ ++ def load(self): ++ self.translation = seobject.setransRecords() ++ dict = self.translation.get_all() ++ keys = dict.keys() ++ keys.sort() ++ self.store.clear() ++ for k in keys: ++ iter = self.store.append() ++ self.store.set_value(iter, 0, k) ++ self.store.set_value(iter, 1, dict[k]) ++ self.view.get_selection().select_path ((0,)) ++ ++ def dialogInit(self): ++ store, iter = self.view.get_selection().get_selected() ++ self.translationsLevelEntry.set_text(store.get_value(iter, 0)) ++ self.translationsLevelEntry.set_sensitive(False) ++ self.translationsEntry.set_text(store.get_value(iter, 1)) ++ ++ def dialogClear(self): ++ self.translationsLevelEntry.set_text("") ++ self.translationsLevelEntry.set_sensitive(True) ++ self.translationsEntry.set_text("") ++ ++ def delete(self): ++ store, iter = self.view.get_selection().get_selected() ++ try: ++ level = store.get_value(iter, 0) ++ self.translation.delete(level) ++ store.remove(iter) ++ self.view.get_selection().select_path ((0,)) ++ except ValueError, e: ++ self.error(e.args[0]) ++ ++ def add(self): ++ level = self.translationsLevelEntry.get_text().strip() ++ translation = self.translationsEntry.get_text().strip() ++ self.translation.add(level, translation) ++ iter = self.store.append() ++ self.store.set_value(iter, 0, level) ++ self.store.set_value(iter, 1, translation) ++ ++ def modify(self): ++ level = self.translationsLevelEntry.get_text().strip() ++ translation = self.translationsEntry.get_text().strip() ++ self.translation.modify(level, translation) ++ store, iter = self.view.get_selection().get_selected() ++ self.store.set_value(iter, 0, level) ++ self.store.set_value(iter, 1, translation) +diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/usersPage.py policycoreutils-2.0.1/gui/usersPage.py +--- nsapolicycoreutils/gui/usersPage.py 1969-12-31 19:00:00.000000000 -0500 ++++ policycoreutils-2.0.1/gui/usersPage.py 2007-02-15 15:16:09.000000000 -0500 +@@ -0,0 +1,155 @@ ++## usersPage.py - show selinux mappings ++## Copyright (C) 2006 Red Hat, Inc. ++ ++## This program is free software; you can redistribute it and/or modify ++## it under the terms of the GNU General Public License as published by ++## the Free Software Foundation; either version 2 of the License, or ++## (at your option) any later version. ++ ++## This program is distributed in the hope that it will be useful, ++## but WITHOUT ANY WARRANTY; without even the implied warranty of ++## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ++## GNU General Public License for more details. ++ ++## You should have received a copy of the GNU General Public License ++## along with this program; if not, write to the Free Software ++## Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. ++ ++## Author: Dan Walsh ++import string ++import gtk ++import gtk.glade ++import os ++import libxml2 ++import gobject ++import sys ++import seobject ++from semanagePage import *; ++ ++## ++## I18N ++## ++PROGNAME="policycoreutils" ++import gettext ++gettext.bindtextdomain(PROGNAME, "/usr/share/locale") ++gettext.textdomain(PROGNAME) ++try: ++ gettext.install(PROGNAME, localedir="/usr/share/locale", unicode=1) ++except IOError: ++ import __builtin__ ++ __builtin__.__dict__['_'] = unicode ++ ++class usersPage(semanagePage): ++ def __init__(self, xml): ++ semanagePage.__init__(self, xml, "users", "SELinux User") ++ self.store = gtk.ListStore(gobject.TYPE_STRING, gobject.TYPE_STRING, gobject.TYPE_STRING, gobject.TYPE_STRING, gobject.TYPE_STRING) ++ self.view.set_model(self.store) ++ self.store.set_sort_column_id(0, gtk.SORT_ASCENDING) ++ ++ col = gtk.TreeViewColumn(_("SELinux\nUser"), gtk.CellRendererText(), text = 0) ++ col.set_sort_column_id(0) ++ col.set_resizable(True) ++ self.view.append_column(col) ++ ++ col = gtk.TreeViewColumn(_("Labeling\nPrefix"), gtk.CellRendererText(), text = 1) ++ col.set_resizable(True) ++ self.view.append_column(col) ++ col = gtk.TreeViewColumn(_("MLS/\nMCS Level"), gtk.CellRendererText(), text = 2) ++ col.set_resizable(True) ++ self.view.append_column(col) ++ col = gtk.TreeViewColumn(_("MLS/\nMCS Range"), gtk.CellRendererText(), text = 3) ++ col.set_resizable(True) ++ self.view.append_column(col) ++ ++ col = gtk.TreeViewColumn(_("SELinux Roles"), gtk.CellRendererText(), text = 4) ++ col.set_resizable(True) ++ self.view.append_column(col) ++ ++ self.load() ++ self.selinuxUserEntry = xml.get_widget("selinuxUserEntry") ++ self.labelPrefixEntry = xml.get_widget("labelPrefixEntry") ++ self.mlsLevelEntry = xml.get_widget("mlsLevelEntry") ++ self.mlsRangeEntry = xml.get_widget("mlsRangeEntry") ++ self.selinuxRolesEntry = xml.get_widget("selinuxRolesEntry") ++ ++ def load(self): ++ self.user = seobject.seluserRecords() ++ dict = self.user.get_all() ++ keys = dict.keys() ++ keys.sort() ++ self.store.clear() ++ for k in keys: ++ iter = self.store.append() ++ self.store.set_value(iter, 0, k) ++ self.store.set_value(iter, 1, dict[k][0]) ++ self.store.set_value(iter, 2, seobject.translate(dict[k][1])) ++ self.store.set_value(iter, 3, seobject.translate(dict[k][2])) ++ self.store.set_value(iter, 4, dict[k][3]) ++ self.view.get_selection().select_path ((0,)) ++ ++ def delete(self): ++ if semanagePage.delete(self) == gtk.RESPONSE_NO: ++ return None ++ ++ def dialogInit(self): ++ store, iter = self.view.get_selection().get_selected() ++ self.selinuxUserEntry.set_text(store.get_value(iter, 0)) ++ self.selinuxUserEntry.set_sensitive(False) ++ self.labelPrefixEntry.set_text(store.get_value(iter, 1)) ++ self.mlsLevelEntry.set_text(store.get_value(iter, 2)) ++ self.mlsRangeEntry.set_text(store.get_value(iter, 3)) ++ self.selinuxRolesEntry.set_text(store.get_value(iter, 4)) ++ protocol=store.get_value(iter, 2) ++ ++ def dialogClear(self): ++ self.selinuxUserEntry.set_text("") ++ self.selinuxUserEntry.set_sensitive(True) ++ self.labelPrefixEntry.set_text("") ++ self.mlsLevelEntry.set_text("s0") ++ self.mlsRangeEntry.set_text("s0") ++ self.selinuxRolesEntry.set_text("") ++ ++ def add(self): ++ user = self.selinuxUserEntry.get_text() ++ prefix = self.labelPrefixEntry.get_text() ++ level = self.mlsLevelEntry.get_text() ++ range = self.mlsRangeEntry.get_text() ++ roles = self.selinuxRolesEntry.get_text() ++ ++ self.user.add(user, roles.split(), level, range, prefix) ++ iter = self.store.append() ++ self.store.set_value(iter, 0, user) ++ self.store.set_value(iter, 1, prefix) ++ self.store.set_value(iter, 2, level) ++ self.store.set_value(iter, 3, range) ++ self.store.set_value(iter, 4, roles) ++ ++ def modify(self): ++ user = self.selinuxUserEntry.get_text() ++ prefix = self.labelPrefixEntry.get_text() ++ level = self.mlsLevelEntry.get_text() ++ range = self.mlsRangeEntry.get_text() ++ roles = self.selinuxRolesEntry.get_text() ++ ++ self.user.modify(user, roles.split(), level, range, prefix) ++ store, iter = self.view.get_selection().get_selected() ++ iter = self.store.append() ++ self.store.set_value(iter, 0, user) ++ self.store.set_value(iter, 1, prefix) ++ self.store.set_value(iter, 2, level) ++ self.store.set_value(iter, 3, range) ++ self.store.set_value(iter, 4, roles) ++ ++ def delete(self): ++ store, iter = self.view.get_selection().get_selected() ++ try: ++ user=store.get_value(iter, 0) ++ if user == "root" or user == "user_u": ++ raise ValueError(_("SELinux user '%s' is required") % user) ++ ++ self.user.delete(user) ++ store.remove(iter) ++ self.view.get_selection().select_path ((0,)) ++ except ValueError, e: ++ self.error(e.args[0]) ++ diff --git a/policycoreutils-rhat.patch b/policycoreutils-rhat.patch index 3416f88..debf7f0 100644 --- a/policycoreutils-rhat.patch +++ b/policycoreutils-rhat.patch @@ -1,4858 +1,15 @@ -diff --exclude-from=exclude --exclude=sepolgen-1.0.0 --exclude=po -N -u -r nsapolicycoreutils/gui/booleansPage.py policycoreutils-2.0.1/gui/booleansPage.py ---- nsapolicycoreutils/gui/booleansPage.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.1/gui/booleansPage.py 2007-02-15 15:01:06.000000000 -0500 -@@ -0,0 +1,199 @@ -+# -+# booleansPage.py - GUI for Booleans page in system-config-securitylevel -+# -+# Brent Fox -+# Dan Walsh -+# -+# Copyright 2006 Red Hat, Inc. -+# -+# This program is free software; you can redistribute it and/or modify -+# it under the terms of the GNU General Public License as published by -+# the Free Software Foundation; either version 2 of the License, or -+# (at your option) any later version. -+# -+# This program is distributed in the hope that it will be useful, -+# but WITHOUT ANY WARRANTY; without even the implied warranty of -+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+# GNU General Public License for more details. -+# -+# You should have received a copy of the GNU General Public License -+# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -+# -+import string -+import gtk -+import gtk.glade -+import os -+import libxml2 -+import gobject -+import sys -+import tempfile -+ -+INSTALLPATH='/usr/share/system-config-selinux' -+sys.path.append(INSTALLPATH) -+ -+from Conf import * -+import commands -+ENFORCING=0 -+PERMISSIVE=1 -+DISABLED=2 -+ -+## -+## I18N -+## -+PROGNAME="system-config-selinux" -+ -+import gettext -+gettext.bindtextdomain(PROGNAME, "/usr/share/locale") -+gettext.textdomain(PROGNAME) -+try: -+ gettext.install(PROGNAME, localedir="/usr/share/locale", unicode=1) -+except IOError: -+ import __builtin__ -+ __builtin__.__dict__['_'] = unicode -+ -+class Translation: -+ def __init__(self): -+ self.translation={} -+ fd=open(INSTALLPATH + "/selinux.tbl","r") -+ lines=fd.readlines() -+ fd.close() -+ for i in lines: -+ try: -+ line=i.strip().split("_(\"") -+ key=line[0].strip() -+ category=line[1].split("\"")[0] -+ value=line[2].split("\"")[0] -+ self.translation[key]=(category,value) -+ except: -+ continue -+ -+ def get_category(self,key): -+ try: -+ return _(self.translation[key][0]) -+ except: -+ return _("Other") -+ -+ def get_value(self,key): -+ try: -+ return _(self.translation[key][1]) -+ except: -+ return key -+ -+class Modifier: -+ def __init__(self,name, on, save): -+ self.on=on -+ self.name=name -+ self.save=save -+ -+ def set(self,value): -+ self.on=value -+ self.save=True -+ -+ def isOn(self): -+ return self.on -+ -+class Boolean(Modifier): -+ def __init__(self,name, val, save=False): -+ Modifier.__init__(self,name, val, save) -+ -+class Modifiers: -+ def __init__(self,store): -+ self.modifiers={} -+ self.translation=Translation() -+ self.store=store -+ self.store.clear() -+ -+ def add(self,name,val): -+ if name == "targeted_policy": -+ return -+ category=self.translation.get_category(name) -+ if not self.modifiers.has_key(category): -+ self.modifiers[category]={} -+ iter=self.store.append(None) -+ self.modifiers[category]["iter"] = iter -+ self.store.set_value(iter, 1, category) -+ self.store.set_value(iter, 3, False) -+ -+ self.modifiers[category][name]=val; -+ iter=self.store.append(self.modifiers[category]["iter"]) -+ self.store.set_value(iter, 0, val.isOn()) -+ self.store.set_value(iter, 1, self.translation.get_value(name)) -+ self.store.set_value(iter, 2, name) -+ self.store.set_value(iter, 3, True) -+ -+ def set(self,name,val): -+ category=self.translation.get_category(name) -+ self.modifiers[category][name].set(val) -+ -+ def isBoolean(self,name): -+ c=self.translation.get_category(name) -+ return isinstance(self.modifiers[c][name], Boolean) -+ -+ def get_booleans(self): -+ booleans={} -+ for c in self.modifiers.keys(): -+ for n in self.modifiers[c].keys(): -+ if isinstance(self.modifiers[c][n], Boolean): -+ booleans[n]=self.modifiers[c][n] -+ return booleans -+ -+class booleansPage: -+ def __init__(self, xml, doDebug=None): -+ self.xml = xml -+ self.types=[] -+ self.selinuxsupport = True -+ self.translation = Translation() -+ self.typechanged = False -+ self.doDebug = doDebug -+ -+ # Bring in widgets from glade file. -+ self.typeHBox = xml.get_widget("typeHBox") -+ self.booleanSW = xml.get_widget("booleanSW") -+ self.booleansView = xml.get_widget("booleansView") -+ self.typeLabel = xml.get_widget("typeLabel") -+ self.modifySeparator = xml.get_widget("modifySeparator") -+ -+ listStore = gtk.ListStore(gobject.TYPE_STRING) -+ cell = gtk.CellRendererText() -+ -+ self.booleansStore = gtk.TreeStore(gobject.TYPE_BOOLEAN, gobject.TYPE_STRING, gobject.TYPE_PYOBJECT, gobject.TYPE_BOOLEAN) -+ self.booleansStore.set_sort_column_id(1, gtk.SORT_ASCENDING) -+ self.booleansView.set_model(self.booleansStore) -+ -+ checkbox = gtk.CellRendererToggle() -+ checkbox.connect("toggled", self.boolean_toggled) -+ col = gtk.TreeViewColumn('', checkbox, active = 0,visible=3) -+ col.set_fixed_width(20) -+ col.set_clickable(True) -+ self.booleansView.append_column(col) -+ -+ col = gtk.TreeViewColumn("", gtk.CellRendererText(), text=1) -+ self.booleansView.append_column(col) -+ self.refreshBooleans() -+ -+ def get_description(self): -+ return _("Boolean") -+ -+ def refreshBooleans(self): -+ self.modifiers=Modifiers(self.booleansStore) -+ booleansList=commands.getoutput("/usr/sbin/getsebool -a").split("\n") -+ for i in booleansList: -+ rec=i.split() -+ name=rec[0] -+ if rec[2]=="on" or rec[2]=="active": -+ on=1 -+ else: -+ on=0 -+ self.modifiers.add(name,Boolean(name,on)) -+ -+ def boolean_toggled(self, widget, row): -+ if len(row) == 1: -+ return -+ iter = self.booleansStore.get_iter(row) -+ val = self.booleansStore.get_value(iter, 0) -+ key = self.booleansStore.get_value(iter, 2) -+ self.booleansStore.set_value(iter, 0 , not val) -+ self.modifiers.set(key, not val) -+ -+ setsebool="/usr/sbin/setsebool -P %s=%d" % (key, not val) -+ commands.getstatusoutput(setsebool) -diff --exclude-from=exclude --exclude=sepolgen-1.0.0 --exclude=po -N -u -r nsapolicycoreutils/gui/fcontextPage.py policycoreutils-2.0.1/gui/fcontextPage.py ---- nsapolicycoreutils/gui/fcontextPage.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.1/gui/fcontextPage.py 2007-02-15 15:01:06.000000000 -0500 -@@ -0,0 +1,158 @@ -+## fcontextPage.py - show selinux mappings -+## Copyright (C) 2006 Red Hat, Inc. -+ -+## This program is free software; you can redistribute it and/or modify -+## it under the terms of the GNU General Public License as published by -+## the Free Software Foundation; either version 2 of the License, or -+## (at your option) any later version. -+ -+## This program is distributed in the hope that it will be useful, -+## but WITHOUT ANY WARRANTY; without even the implied warranty of -+## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+## GNU General Public License for more details. -+ -+## You should have received a copy of the GNU General Public License -+## along with this program; if not, write to the Free Software -+## Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -+ -+## Author: Dan Walsh -+import gtk -+import gtk.glade -+import os -+import libxml2 -+import gobject -+import seobject -+from semanagePage import *; -+from avc import context -+ -+## -+## I18N -+## -+PROGNAME="system-config-selinux" -+ -+import gettext -+gettext.bindtextdomain(PROGNAME, "/usr/share/locale") -+gettext.textdomain(PROGNAME) -+try: -+ gettext.install(PROGNAME, localedir="/usr/share/locale", unicode=1) -+except IOError: -+ import __builtin__ -+ __builtin__.__dict__['_'] = unicode -+ -+class fcontextPage(semanagePage): -+ def __init__(self, xml): -+ semanagePage.__init__(self, xml, "fcontext", _("File Labeling")) -+ self.view = xml.get_widget("fcontextView") -+ self.store = gtk.ListStore(gobject.TYPE_STRING, gobject.TYPE_STRING, gobject.TYPE_STRING) -+ self.view.set_model(self.store) -+# self.store.set_sort_column_id(0, gtk.SORT_ASCENDING) -+ -+ col = gtk.TreeViewColumn(_("File\nSpecification"), gtk.CellRendererText(), text=0) -+ col.set_sizing(gtk.TREE_VIEW_COLUMN_FIXED) -+ col.set_fixed_width(250) -+ -+ col.set_sort_column_id(0) -+ col.set_resizable(True) -+ self.view.append_column(col) -+ col = gtk.TreeViewColumn(_("Selinux\nFile Context"), gtk.CellRendererText(), text=1) -+ -+ col.set_sizing(gtk.TREE_VIEW_COLUMN_FIXED) -+ col.set_fixed_width(250) -+ col.set_sort_column_id(1) -+ col.set_resizable(True) -+ self.view.append_column(col) -+ col = gtk.TreeViewColumn(_("File\nType"), gtk.CellRendererText(), text=2) -+ col.set_sort_column_id(2) -+ col.set_resizable(True) -+ self.view.append_column(col) -+ self.load() -+ self.fcontextEntry = xml.get_widget("fcontextEntry") -+ self.fcontextFileTypeCombo = xml.get_widget("fcontextFileTypeCombo") -+ liststore=self.fcontextFileTypeCombo.get_model() -+ for k in seobject.file_types: -+ if len(k) > 0 and k[0] != '-': -+ iter=liststore.append() -+ liststore.set_value(iter, 0, k) -+ iter = liststore.get_iter_first() -+ self.fcontextFileTypeCombo.set_active_iter(iter) -+ self.fcontextTypeEntry = xml.get_widget("fcontextTypeEntry") -+ self.fcontextMLSEntry = xml.get_widget("fcontextMLSEntry") -+ -+ def load(self): -+ self.fcontext=seobject.fcontextRecords() -+ fcon_list=self.fcontext.get_all() -+ self.store.clear() -+ for fcon in fcon_list: -+ iter=self.store.append() -+ self.store.set_value(iter, 0, fcon[0]) -+ self.store.set_value(iter, 2, fcon[1]) -+ if len(fcon) > 3: -+ rec="%s:%s:%s:%s " % (fcon[2], fcon[3],fcon[4], seobject.translate(fcon[5],False)) -+ else: -+ rec="<>" -+ self.store.set_value(iter, 1, rec) -+ self.view.get_selection().select_path ((0,)) -+ -+ def dialogInit(self): -+ store, iter = self.view.get_selection().get_selected() -+ self.fcontextEntry.set_text(store.get_value(iter, 0)) -+ self.fcontextEntry.set_sensitive(False) -+ scontext = store.get_value(iter, 1) -+ scon=context(scontext) -+ self.fcontextTypeEntry.set_text(scon.type) -+ self.fcontextMLSEntry.set_text(scon.mls) -+ type=store.get_value(iter, 2) -+ liststore=self.fcontextFileTypeCombo.get_model() -+ iter = liststore.get_iter_first() -+ while iter != None and liststore.get_value(iter,0) != type: -+ iter = liststore.iter_next(iter) -+ if iter != None: -+ self.fcontextFileTypeCombo.set_active_iter(iter) -+ self.fcontextFileTypeCombo.set_sensitive(False) -+ -+ def dialogClear(self): -+ self.fcontextEntry.set_text("") -+ self.fcontextEntry.set_sensitive(True) -+ self.fcontextFileTypeCombo.set_sensitive(True) -+ self.fcontextTypeEntry.set_text("") -+ self.fcontextMLSEntry.set_text("s0") -+ -+ def delete(self): -+ store, iter = self.view.get_selection().get_selected() -+ try: -+ fspec=store.get_value(iter, 0) -+ type=store.get_value(iter, 1) -+ self.fcontext.delete(fspec, type) -+ store.remove(iter) -+ self.view.get_selection().select_path ((0,)) -+ except ValueError, e: -+ self.error(e.args[0]) -+ -+ def add(self): -+ fspec=self.fcontextEntry.get_text().strip() -+ type=self.fcontextTypeEntry.get_text().strip() -+ mls=self.fcontextMLSEntry.get_text().strip() -+ list_model=self.fcontextFileTypeCombo.get_model() -+ iter = self.fcontextFileTypeCombo.get_active_iter() -+ ftype=list_model.get_value(iter,0) -+ -+ self.fcontext.add(fspec, type, ftype, mls) -+ -+ iter=self.store.append() -+ self.store.set_value(iter, 0, fspec) -+ self.store.set_value(iter, 2, ftype) -+ self.store.set_value(iter, 1, "system_u:object_r:%s:%s" % (type, mls)) -+ -+ def modify(self): -+ fspec=self.fcontextEntry.get_text().strip() -+ type=self.fcontextTypeEntry.get_text().strip() -+ mls=self.fcontextMLSEntry.get_text().strip() -+ list_model=self.fcontextFileTypeCombo.get_model() -+ iter = self.fcontextFileTypeCombo.get_active_iter() -+ ftype=list_model.get_value(iter,0) -+ self.fcontext.modify(fspec, type, ftype, mls, "") -+ -+ store, iter = self.view.get_selection().get_selected() -+ self.store.set_value(iter, 0, fspec) -+ self.store.set_value(iter, 2, ftype) -+ self.store.set_value(iter, 1, "system_u:object_r:%s:%s" % (type, mls)) -diff --exclude-from=exclude --exclude=sepolgen-1.0.0 --exclude=po -N -u -r nsapolicycoreutils/gui/loginsPage.py policycoreutils-2.0.1/gui/loginsPage.py ---- nsapolicycoreutils/gui/loginsPage.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.1/gui/loginsPage.py 2007-02-15 15:01:06.000000000 -0500 -@@ -0,0 +1,161 @@ -+## loginsPage.py - show selinux mappings -+## Copyright (C) 2006 Red Hat, Inc. -+ -+## This program is free software; you can redistribute it and/or modify -+## it under the terms of the GNU General Public License as published by -+## the Free Software Foundation; either version 2 of the License, or -+## (at your option) any later version. -+ -+## This program is distributed in the hope that it will be useful, -+## but WITHOUT ANY WARRANTY; without even the implied warranty of -+## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+## GNU General Public License for more details. -+ -+## You should have received a copy of the GNU General Public License -+## along with this program; if not, write to the Free Software -+## Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -+ -+## Author: Dan Walsh -+import string -+import gtk -+import gtk.glade -+import os -+import libxml2 -+import gobject -+import sys -+import seobject -+from semanagePage import *; -+ -+## -+## I18N -+## -+PROGNAME="policycoreutils" -+import gettext -+gettext.bindtextdomain(PROGNAME, "/usr/share/locale") -+gettext.textdomain(PROGNAME) -+try: -+ gettext.install(PROGNAME, localedir="/usr/share/locale", unicode=1) -+except IOError: -+ import __builtin__ -+ __builtin__.__dict__['_'] = unicode -+ -+class loginsPage(semanagePage): -+ def __init__(self, xml): -+ self.firstTime = False -+ semanagePage.__init__(self, xml, "logins", _("User Mapping")) -+ self.store = gtk.ListStore(gobject.TYPE_STRING, gobject.TYPE_STRING, gobject.TYPE_STRING) -+ self.view.set_model(self.store) -+ self.store.set_sort_column_id(0, gtk.SORT_ASCENDING) -+ col = gtk.TreeViewColumn(_("Login\nName"), gtk.CellRendererText(), text = 0) -+ col.set_sort_column_id(0) -+ col.set_resizable(True) -+ self.view.append_column(col) -+ col = gtk.TreeViewColumn(_("SELinux\nUser"), gtk.CellRendererText(), text = 1) -+ col.set_resizable(True) -+ self.view.append_column(col) -+ col = gtk.TreeViewColumn(_("MLS/\nMCS Range"), gtk.CellRendererText(), text = 2) -+ col.set_resizable(True) -+ self.view.append_column(col) -+ self.load() -+ self.loginsNameEntry = xml.get_widget("loginsNameEntry") -+ self.loginsSelinuxUserCombo = xml.get_widget("loginsSelinuxUserCombo") -+ self.loginsMLSEntry = xml.get_widget("loginsMLSEntry") -+ -+ def load(self): -+ self.login = seobject.loginRecords() -+ dict = self.login.get_all() -+ keys = dict.keys() -+ keys.sort() -+ self.store.clear() -+ for k in keys: -+ iter = self.store.append() -+ self.store.set_value(iter, 0, k) -+ self.store.set_value(iter, 1, dict[k][0]) -+ self.store.set_value(iter, 2, seobject.translate(dict[k][1])) -+ self.view.get_selection().select_path ((0,)) -+ -+ def __dialogSetup(self): -+ if self.firstTime == True: -+ return -+ self.firstTime = True -+ liststore = gtk.ListStore(gobject.TYPE_STRING) -+ self.loginsSelinuxUserCombo.set_model(liststore) -+ cell = gtk.CellRendererText() -+ self.loginsSelinuxUserCombo.pack_start(cell, True) -+ self.loginsSelinuxUserCombo.add_attribute(cell, 'text', 0) -+ -+ selusers = seobject.seluserRecords().get_all() -+ keys = selusers.keys() -+ keys.sort() -+ for k in keys: -+ if k != "system_u": -+ self.loginsSelinuxUserCombo.append_text(k) -+ -+ iter = liststore.get_iter_first() -+ while liststore.get_value(iter,0) != "user_u": -+ iter = liststore.iter_next(iter) -+ self.loginsSelinuxUserCombo.set_active_iter(iter) -+ -+ def dialogInit(self): -+ self.__dialogSetup() -+ store, iter = self.view.get_selection().get_selected() -+ self.loginsNameEntry.set_text(store.get_value(iter, 0)) -+ self.loginsNameEntry.set_sensitive(False) -+ -+ self.loginsMLSEntry.set_text(store.get_value(iter, 2)) -+ seuser = store.get_value(iter, 1) -+ liststore = self.loginsSelinuxUserCombo.get_model() -+ iter = liststore.get_iter_first() -+ while iter != None and liststore.get_value(iter,0) != seuser: -+ iter = liststore.iter_next(iter) -+ if iter != None: -+ self.loginsSelinuxUserCombo.set_active_iter(iter) -+ -+ -+ def dialogClear(self): -+ self.__dialogSetup() -+ self.loginsNameEntry.set_text("") -+ self.loginsNameEntry.set_sensitive(True) -+ self.loginsMLSEntry.set_text("s0") -+ -+ def delete(self): -+ store, iter = self.view.get_selection().get_selected() -+ try: -+ login=store.get_value(iter, 0) -+ if login == "root" or login == "__default__": -+ raise ValueError(_("Login '%s' is required") % login) -+ -+ self.login.delete(login) -+ store.remove(iter) -+ self.view.get_selection().select_path ((0,)) -+ except ValueError, e: -+ self.error(e.args[0]) -+ -+ def add(self): -+ target=self.loginsNameEntry.get_text().strip() -+ serange=self.loginsMLSEntry.get_text().strip() -+ if serange == "": -+ serange="s0" -+ list_model=self.loginsSelinuxUserCombo.get_model() -+ iter = self.loginsSelinuxUserCombo.get_active_iter() -+ seuser = list_model.get_value(iter,0) -+ self.login.add(target, seuser, serange) -+ iter = self.store.append() -+ self.store.set_value(iter, 0, target) -+ self.store.set_value(iter, 1, seuser) -+ self.store.set_value(iter, 2, seobject.translate(serange)) -+ -+ def modify(self): -+ target=self.loginsNameEntry.get_text().strip() -+ serange=self.loginsMLSEntry.get_text().strip() -+ if serange == "": -+ serange = "s0" -+ list_model = self.loginsSelinuxUserCombo.get_model() -+ iter = self.loginsSelinuxUserCombo.get_active_iter() -+ seuser=list_model.get_value(iter,0) -+ self.login.modify(target, seuser, serange) -+ store, iter = self.view.get_selection().get_selected() -+ self.store.set_value(iter, 0, target) -+ self.store.set_value(iter, 1, seuser) -+ self.store.set_value(iter, 2, seobject.translate(serange)) -+ -diff --exclude-from=exclude --exclude=sepolgen-1.0.0 --exclude=po -N -u -r nsapolicycoreutils/gui/Makefile policycoreutils-2.0.1/gui/Makefile ---- nsapolicycoreutils/gui/Makefile 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.1/gui/Makefile 2007-02-15 15:01:06.000000000 -0500 -@@ -0,0 +1,30 @@ -+# Installation directories. -+PREFIX ?= ${DESTDIR}/usr -+SHAREDIR ?= $(PREFIX)/share/system-config-selinux -+ -+TARGETS= \ -+booleansPage.py \ -+fcontextPage.py \ -+loginsPage.py \ -+mappingsPage.py \ -+modulesPage.py \ -+portsPage.py \ -+semanagePage.py \ -+statusPage.py \ -+system-config-selinux.glade \ -+translationsPage.py \ -+usersPage.py \ -+selinux.tbl -+ -+all: $(TARGETS) system-config-selinux.py -+ -+install: all -+ -mkdir -p $(SHAREDIR) -+ install -m 755 system-config-selinux.py $(SHAREDIR) -+ install -m 644 $(TARGETS) $(SHAREDIR) -+ -+clean: -+ -+indent: -+ -+relabel: -diff --exclude-from=exclude --exclude=sepolgen-1.0.0 --exclude=po -N -u -r nsapolicycoreutils/gui/mappingsPage.py policycoreutils-2.0.1/gui/mappingsPage.py ---- nsapolicycoreutils/gui/mappingsPage.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.1/gui/mappingsPage.py 2007-02-15 15:01:06.000000000 -0500 -@@ -0,0 +1,54 @@ -+## mappingsPage.py - show selinux mappings -+## Copyright (C) 2006 Red Hat, Inc. -+ -+## This program is free software; you can redistribute it and/or modify -+## it under the terms of the GNU General Public License as published by -+## the Free Software Foundation; either version 2 of the License, or -+## (at your option) any later version. -+ -+## This program is distributed in the hope that it will be useful, -+## but WITHOUT ANY WARRANTY; without even the implied warranty of -+## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+## GNU General Public License for more details. -+ -+## You should have received a copy of the GNU General Public License -+## along with this program; if not, write to the Free Software -+## Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -+ -+## Author: Dan Walsh -+import string -+import gtk -+import gtk.glade -+import os -+import libxml2 -+import gobject -+import sys -+import seobject -+ -+## -+## I18N -+## -+PROGNAME="policycoreutils" -+import gettext -+gettext.bindtextdomain(PROGNAME, "/usr/share/locale") -+gettext.textdomain(PROGNAME) -+try: -+ gettext.install(PROGNAME, localedir="/usr/share/locale", unicode=1) -+except IOError: -+ import __builtin__ -+ __builtin__.__dict__['_'] = unicode -+ -+class loginsPage: -+ def __init__(self, xml): -+ self.xml = xml -+ self.view = xml.get_widget("mappingsView") -+ self.store = gtk.ListStore(gobject.TYPE_STRING, gobject.TYPE_STRING, gobject.TYPE_STRING) -+ self.store.set_sort_column_id(0, gtk.SORT_ASCENDING) -+ self.view.set_model(self.store) -+ self.login = loginRecords() -+ dict = self.login.get_all() -+ keys = dict.keys() -+ keys.sort() -+ for k in keys: -+ print "%-25s %-25s %-25s" % (k, dict[k][0], translate(dict[k][1])) -+ -diff --exclude-from=exclude --exclude=sepolgen-1.0.0 --exclude=po -N -u -r nsapolicycoreutils/gui/modulesPage.py policycoreutils-2.0.1/gui/modulesPage.py ---- nsapolicycoreutils/gui/modulesPage.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.1/gui/modulesPage.py 2007-02-15 15:01:06.000000000 -0500 -@@ -0,0 +1,161 @@ -+## modulesPage.py - show selinux mappings -+## Copyright (C) 2006 Red Hat, Inc. -+ -+## This program is free software; you can redistribute it and/or modify -+## it under the terms of the GNU General Public License as published by -+## the Free Software Foundation; either version 2 of the License, or -+## (at your option) any later version. -+ -+## This program is distributed in the hope that it will be useful, -+## but WITHOUT ANY WARRANTY; without even the implied warranty of -+## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+## GNU General Public License for more details. -+ -+## You should have received a copy of the GNU General Public License -+## along with this program; if not, write to the Free Software -+## Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -+ -+## Author: Dan Walsh -+import string -+import gtk -+import gtk.glade -+import os -+import commands -+import libxml2 -+import gobject -+import sys -+import seobject -+import selinux -+from semanagePage import *; -+ -+## -+## I18N -+## -+PROGNAME="policycoreutils" -+import gettext -+gettext.bindtextdomain(PROGNAME, "/usr/share/locale") -+gettext.textdomain(PROGNAME) -+try: -+ gettext.install(PROGNAME, localedir="/usr/share/locale", unicode=1) -+except IOError: -+ import __builtin__ -+ __builtin__.__dict__['_'] = unicode -+ -+class modulesPage(semanagePage): -+ def __init__(self, xml): -+ semanagePage.__init__(self, xml, "modules", _("Policy Module")) -+ self.store = gtk.ListStore(gobject.TYPE_STRING, gobject.TYPE_STRING) -+ self.view.set_model(self.store) -+ self.store.set_sort_column_id(0, gtk.SORT_ASCENDING) -+ col = gtk.TreeViewColumn(_("Module Name"), gtk.CellRendererText(), text = 0) -+ col.set_sort_column_id(0) -+ col.set_resizable(True) -+ self.view.append_column(col) -+ self.store.set_sort_column_id(0, gtk.SORT_ASCENDING) -+ col = gtk.TreeViewColumn(_("Version"), gtk.CellRendererText(), text = 1) -+ self.enable_audit_button = xml.get_widget("enableAuditButton") -+ self.enable_audit_button.connect("clicked", self.enable_audit) -+ self.disable_audit_button = xml.get_widget("disableAuditButton") -+ self.disable_audit_button.connect("clicked", self.disable_audit) -+ col.set_sort_column_id(1) -+ col.set_resizable(True) -+ self.view.append_column(col) -+ self.store.set_sort_func(1,self.sort_int, "") -+ status, self.policy_type = selinux.selinux_getpolicytype() -+ -+ self.load() -+ -+ def sort_int(self, treemodel, iter1, iter2, user_data): -+ try: -+ p1 = int(treemodel.get_value(iter1,1)) -+ p2 = int(treemodel.get_value(iter1,1)) -+ if p1 > p2: -+ return 1 -+ if p1 == p2: -+ return 0 -+ return -1 -+ except: -+ return 0 -+ -+ def load(self): -+ self.store.clear() -+ fd=os.popen("semodule -l") -+ l = fd.readlines() -+ fd.close() -+ for i in l: -+ module, ver = i.split('\t') -+ iter = self.store.append() -+ self.store.set_value(iter, 0, module.strip()) -+ self.store.set_value(iter, 1, ver.strip()) -+ -+ self.view.get_selection().select_path ((0,)) -+ -+ def delete(self): -+ store, iter = self.view.get_selection().get_selected() -+ module = store.get_value(iter, 0) -+ try: -+ status, output =commands.getstatusoutput("semodule -r %s" % module) -+ if status != 0: -+ self.error(output) -+ else: -+ store.remove(iter) -+ self.view.get_selection().select_path ((0,)) -+ -+ except ValueError, e: -+ self.error(e.args[0]) -+ -+ def enable_audit(self, button): -+ try: -+ status, output =commands.getstatusoutput("semodule -b /usr/share/selinux/%s/enableaudit.pp" % self.policy_type) -+ if status != 0: -+ self.error(output) -+ -+ except ValueError, e: -+ self.error(e.args[0]) -+ -+ def disable_audit(self, button): -+ try: -+ status, output =commands.getstatusoutput("semodule -b /usr/share/selinux/%s/base.pp" % self.policy_type) -+ if status != 0: -+ self.error(output) -+ -+ except ValueError, e: -+ self.error(e.args[0]) -+ -+ def propertiesDialog(self): -+ # Do nothing -+ return -+ -+ def addDialog(self): -+ dialog = gtk.FileChooserDialog(_("Load Policy Module"), -+ None, -+ gtk.FILE_CHOOSER_ACTION_OPEN, -+ (gtk.STOCK_CANCEL, gtk.RESPONSE_CANCEL, -+ gtk.STOCK_OPEN, gtk.RESPONSE_OK)) -+ dialog.set_default_response(gtk.RESPONSE_OK) -+ -+ filter = gtk.FileFilter() -+ filter.set_name("Policy Files") -+ filter.add_pattern("*.pp") -+ dialog.add_filter(filter) -+ -+ response = dialog.run() -+ if response == gtk.RESPONSE_OK: -+ self.add(dialog.get_filename()) -+ dialog.destroy() -+ -+ def add(self, file): -+ try: -+ status, output =commands.getstatusoutput("semodule -i %s" % file) -+ if status != 0: -+ self.error(output) -+ else: -+ self.load() -+ -+ except ValueError, e: -+ self.error(e.args[0]) -+ -+ -+ -+ -+ -diff --exclude-from=exclude --exclude=sepolgen-1.0.0 --exclude=po -N -u -r nsapolicycoreutils/gui/portsPage.py policycoreutils-2.0.1/gui/portsPage.py ---- nsapolicycoreutils/gui/portsPage.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.1/gui/portsPage.py 2007-02-15 15:01:06.000000000 -0500 -@@ -0,0 +1,214 @@ -+## portsPage.py - show selinux mappings -+## Copyright (C) 2006 Red Hat, Inc. -+ -+## This program is free software; you can redistribute it and/or modify -+## it under the terms of the GNU General Public License as published by -+## the Free Software Foundation; either version 2 of the License, or -+## (at your option) any later version. -+ -+## This program is distributed in the hope that it will be useful, -+## but WITHOUT ANY WARRANTY; without even the implied warranty of -+## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+## GNU General Public License for more details. -+ -+## You should have received a copy of the GNU General Public License -+## along with this program; if not, write to the Free Software -+## Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -+ -+## Author: Dan Walsh -+import string -+import gtk -+import gtk.glade -+import os -+import libxml2 -+import gobject -+import sys -+import seobject -+from semanagePage import *; -+ -+## -+## I18N -+## -+PROGNAME = "policycoreutils" -+import gettext -+gettext.bindtextdomain(PROGNAME, "/usr/share/locale") -+gettext.textdomain(PROGNAME) -+TYPE_COL = 0 -+PROTOCOL_COL = 1 -+MLS_COL = 2 -+PORT_COL = 3 -+try: -+ gettext.install(PROGNAME, localedir = "/usr/share/locale", unicode = 1) -+except IOError: -+ import __builtin__ -+ __builtin__.__dict__['_'] = unicode -+ -+class portsPage(semanagePage): -+ def __init__(self, xml): -+ semanagePage.__init__(self, xml, "ports", "Network Port") -+ self.ports_name_entry = xml.get_widget("portsNameEntry") -+ self.ports_protocol_combo = xml.get_widget("portsProtocolCombo") -+ self.ports_number_entry = xml.get_widget("portsNumberEntry") -+ self.ports_mls_entry = xml.get_widget("portsMLSEntry") -+ self.ports_add_button = xml.get_widget("portsAddButton") -+ self.ports_properties_button = xml.get_widget("portsPropertiesButton") -+ self.ports_delete_button = xml.get_widget("portsDeleteButton") -+ self.ports_group_togglebutton = xml.get_widget("portsGroupTogglebutton") -+ self.ports_group_togglebutton.connect("toggled", self.group_toggle) -+ liststore = self.ports_protocol_combo.get_model() -+ iter = liststore.get_iter_first() -+ self.ports_protocol_combo.set_active_iter(iter) -+ self.init_store() -+ self.edit = True -+ self.load() -+ -+ def init_store(self): -+ self.store = gtk.ListStore(gobject.TYPE_STRING, gobject.TYPE_STRING, gobject.TYPE_STRING , gobject.TYPE_STRING) -+ self.view.set_model(self.store) -+ self.store.set_sort_column_id(0, gtk.SORT_ASCENDING) -+ -+ col = gtk.TreeViewColumn(_("SELinux Port\nType"), gtk.CellRendererText(), text = TYPE_COL) -+ col.set_sort_column_id(TYPE_COL) -+ col.set_resizable(True) -+ self.view.append_column(col) -+ self.store.set_sort_column_id(TYPE_COL, gtk.SORT_ASCENDING) -+ -+ col = gtk.TreeViewColumn(_("Protocol"), gtk.CellRendererText(), text = PROTOCOL_COL) -+ col.set_sort_column_id(PROTOCOL_COL) -+ col.set_resizable(True) -+ self.view.append_column(col) -+ -+ self.mls_col = gtk.TreeViewColumn(_("MLS/MCS\nLevel"), gtk.CellRendererText(), text = MLS_COL) -+ self.mls_col.set_resizable(True) -+ self.mls_col.set_sort_column_id(MLS_COL) -+ self.view.append_column(self.mls_col) -+ -+ col = gtk.TreeViewColumn(_("Port"), gtk.CellRendererText(), text = PORT_COL) -+ col.set_sort_column_id(PORT_COL) -+ col.set_resizable(True) -+ self.view.append_column(col) -+ self.store.set_sort_func(1,self.sort_int, "") -+ -+ def group_toggle(self, button): -+ self.edit = not button.get_active() -+ self.ports_add_button.set_sensitive(self.edit) -+ self.ports_properties_button.set_sensitive(self.edit) -+ self.ports_delete_button.set_sensitive(self.edit) -+ self.mls_col.set_visible(self.edit) -+ if self.edit: -+ self.load() -+ else: -+ self.group_load() -+ -+ def sort_int(self, treemodel, iter1, iter2, user_data): -+ try: -+ p1 = int(treemodel.get_value(iter1,2)) -+ p2 = int(treemodel.get_value(iter1,2)) -+ if p1 > p2: -+ return 1 -+ if p1 == p2: -+ return 0 -+ return -1 -+ except: -+ return 0 -+ -+ def load(self): -+ self.port = seobject.portRecords() -+ dict = self.port.get_all() -+ keys = dict.keys() -+ keys.sort() -+ self.store.clear() -+ for k in keys: -+ iter = self.store.append() -+ if k[0] == k[1]: -+ self.store.set_value(iter, PORT_COL, k[0]) -+ else: -+ rec = "%s-%s" % k -+ self.store.set_value(iter, PORT_COL, rec) -+ self.store.set_value(iter, TYPE_COL, dict[k][0]) -+ self.store.set_value(iter, PROTOCOL_COL, dict[k][1]) -+ self.store.set_value(iter, MLS_COL, dict[k][2]) -+ self.view.get_selection().select_path ((0,)) -+ -+ def group_load(self): -+ self.port = seobject.portRecords() -+ dict = self.port.get_all_by_type() -+ keys = dict.keys() -+ keys.sort() -+ self.store.clear() -+ for k in keys: -+ iter = self.store.append() -+ self.store.set_value(iter, TYPE_COL, k[0]) -+ self.store.set_value(iter, PROTOCOL_COL, k[1]) -+ self.store.set_value(iter, PORT_COL, ", ".join(dict[k])) -+ self.store.set_value(iter, MLS_COL, "") -+ self.view.get_selection().select_path ((0,)) -+ -+ def propertiesDialog(self): -+ if self.edit: -+ semanagePage.propertiesDialog(self) -+ -+ def dialogInit(self): -+ store, iter = self.view.get_selection().get_selected() -+ self.ports_number_entry.set_text(store.get_value(iter, PORT_COL)) -+ self.ports_number_entry.set_sensitive(False) -+ self.ports_protocol_combo.set_sensitive(False) -+ self.ports_name_entry.set_text(store.get_value(iter, TYPE_COL)) -+ self.ports_mls_entry.set_text(store.get_value(iter, MLS_COL)) -+ protocol = store.get_value(iter, PROTOCOL_COL) -+ liststore = self.ports_protocol_combo.get_model() -+ iter = liststore.get_iter_first() -+ while iter != None and liststore.get_value(iter,0) != protocol: -+ iter = liststore.iter_next(iter) -+ if iter != None: -+ self.ports_protocol_combo.set_active_iter(iter) -+ -+ def dialogClear(self): -+ self.ports_number_entry.set_text("") -+ self.ports_number_entry.set_sensitive(True) -+ self.ports_protocol_combo.set_sensitive(True) -+ self.ports_name_entry.set_text("") -+ self.ports_mls_entry.set_text("s0") -+ -+ def delete(self): -+ store, iter = self.view.get_selection().get_selected() -+ port = store.get_value(iter, PORT_COL) -+ protocol = store.get_value(iter, 1) -+ try: -+ self.port.delete(port, protocol) -+ store.remove(iter) -+ self.view.get_selection().select_path ((0,)) -+ except ValueError, e: -+ self.error(e.args[0]) -+ -+ def add(self): -+ target = self.ports_name_entry.get_text().strip() -+ mls = self.ports_mls_entry.get_text().strip() -+ port_number = self.ports_number_entry.get_text().strip() -+ if port_number == "": -+ port_number = "1" -+ list_model = self.ports_protocol_combo.get_model() -+ iter = self.ports_protocol_combo.get_active_iter() -+ protocol = list_model.get_value(iter,0) -+ self.port.add(port_number, protocol, mls, target) -+ iter = self.store.append() -+ self.store.set_value(iter, TYPE_COL, target) -+ self.store.set_value(iter, PORT_COL, port_number) -+ self.store.set_value(iter, PROTOCOL_COL, protocol) -+ self.store.set_value(iter, MLS_COL, mls) -+ -+ def modify(self): -+ target = self.ports_name_entry.get_text().strip() -+ mls = self.ports_mls_entry.get_text().strip() -+ port_number = self.ports_number_entry.get_text().strip() -+ list_model = self.ports_protocol_combo.get_model() -+ iter = self.ports_protocol_combo.get_active_iter() -+ protocol = list_model.get_value(iter,0) -+ self.port.modify(port_number, protocol, mls, target) -+ store, iter = self.view.get_selection().get_selected() -+ self.store.set_value(iter, TYPE_COL, target) -+ self.store.set_value(iter, PORT_COL, port_number) -+ self.store.set_value(iter, PROTOCOL_COL, protocol) -+ self.store.set_value(iter, MLS_COL, mls) -+ -+ -diff --exclude-from=exclude --exclude=sepolgen-1.0.0 --exclude=po -N -u -r nsapolicycoreutils/gui/selinux.tbl policycoreutils-2.0.1/gui/selinux.tbl ---- nsapolicycoreutils/gui/selinux.tbl 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.1/gui/selinux.tbl 2007-02-15 15:01:06.000000000 -0500 -@@ -0,0 +1,265 @@ -+acct_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for acct daemon") -+allow_cvs_read_shadow _("CVS") _("Allow cvs daemon to read shadow") -+allow_daemons_dump_core _("Admin") _("Allow all daemons to write corefiles to /.") -+allow_daemons_use_tty _("Admin") _("Allow all daemons the ability to use unallocated ttys.") -+allow_execheap _("Memory Protection") _("Allow unconfined executables to make their heap memory executable. Doing this is a really bad idea. Probably indicates a badly coded executable, but could indicate an attack. This executable should be reported in bugzilla") -+allow_execmem _("Memory Protection") _("Allow unconfined executables to map a memory region as both executable and writable, this is dangerous and the executable should be reported in bugzilla") -+allow_execmod _("Memory Protection") _("Allow all unconfined executables to use libraries requiring text relocation that are not labeled textrel_shlib_t") -+allow_execstack _("Memory Protection") _("Allow unconfined executables to make their stack executable. This should never, ever be neessary. Probably indicates a badly coded executable, but could indicate an attack. This executable should be reported in bugzilla") -+allow_ftpd_anon_write _("FTP") _("Allow ftpd to upload files to directories labeled public_content_rw_t") -+allow_ftpd_use_cifs _("FTP") _("Allow ftp servers to use cifs used for public file transfer services.") -+allow_ftpd_use_nfs _("FTP") _("Allow ftp servers to use nfs used for public file transfer services.") -+allow_gpg_execstack _("Memory Protection") _("Allow gpg executable stack") -+allow_gssd_read_tmp _("NFS") _("Allow gssd to read temp directory.") -+allow_httpd_anon_write _("HTTPD Service") _("Allow httpd daemon to write files in directories labeled public_content_rw_t") -+allow_httpd_mod_auth_pam _("HTTPD Service") _("Allow Apache to use mod_auth_pam.") -+allow_httpd_sys_script_anon_write _("HTTPD Service") _("Allow httpd scripts to write files in directories labeled public_content_rw_t") -+allow_java_execstack _("Memory Protection") _("Allow java executable stack") -+allow_kerberos _("Kerberos") _("Allow daemons to use kerberos files") -+allow_mount_anyfile _("Mount") _("Allow mount to mount any file") -+allow_mounton_anydir _("Mount") _("Allow mount to mount any dir") -+allow_mplayer_execstack _("Memory Protection") _("Allow mplayer executable stack") -+allow_nfsd_anon_write _("NFS") _("Allow nfs servers to modify public files used for public file transfer services.") -+allow_polyinstantiation _("Polyinstatiation") _("Enable polyinstantiated directory support.") -+allow_ptrace _("Compatibility") _("Allow sysadm_t to debug or ptrace applications) -+allow_rsync_anon_write _("rsync") _("Allow rsync to write files in directories labeled public_content_rw_t") -+allow_saslauthd_read_shadow _("sasl authentication server") _("Allow sasl authentication server to read /etc/shadow") -+allow_smbd_anon_write _("Samba") _("Allow Samba to write files in directories labeled public_content_rw_t") -+allow_ssh_keysign _("SSH") _("Allow ssh to run ssh-keysign") -+allow_unconfined_execmem_dyntrans _("Memory Protection") _("Allow unconfined to dyntrans to unconfined_execmem") -+allow_user_mysql_connect _("Databases") _("Allow user to connect to mysql socket") -+allow_user_postgresql_connect _("Databases") _("Allow user to connect to postgres socket") -+allow_write_xshm _("XServer") _("Allow clients to write to X shared memory") -+allow_ypbind _("NIS") _("Allow daemons to run with NIS") -+allow_zebra_write_config _("Zebra") _("Allow zebra daemon to write it configuration files") -+amanda_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for amanda") -+amavis_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for amavis") -+apmd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for apmd daemon") -+arpwatch_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for arpwatch daemon") -+auditd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for auditd daemon") -+automount_disable_trans _("Mount") _("Disable SELinux protection for automount daemon") -+avahi_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for avahi") -+bluetooth_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for bluetooth daemon") -+canna_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for canna daemon") -+cardmgr_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for cardmgr daemon") -+ccs_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for Cluster Server") -+cdrecord_read_content _("User Privs") _("Allow cdrecord to read various content. nfs, samba, removable devices, user temp and untrusted content files") -+ciped_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for ciped daemon") -+clamd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for clamd daemon") -+clamscan_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for clamscan") -+clvmd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for clvmd") -+comsat_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for comsat daemon") -+courier_authdaemon_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for courier daemon") -+courier_pcp_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for courier daemon") -+courier_pop_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for courier daemon") -+courier_sqwebmail_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for courier daemon") -+courier_tcpd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for courier daemon") -+cpucontrol_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for cpucontrol daemon") -+cpuspeed_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for cpuspeed daemon") -+cron_can_relabel _("Cron") _("Allow system cron jobs to relabel filesystem for restoring file contexts.") -+crond_disable_trans _("Cron") _("Disable SELinux protection for crond daemon") -+cupsd_config_disable_trans _("Printing") _("Disable SELinux protection for cupsd backend server") -+cupsd_disable_trans _("Printing") _("Disable SELinux protection for cupsd daemon") -+cupsd_lpd_disable_trans _("Printing") _("Disable SELinux protection for cupsd_lpd") -+cvs_disable_trans _("CVS") _("Disable SELinux protection for cvs daemon") -+cyrus_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for cyrus daemon") -+dbskkd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for dbskkd daemon") -+dbusd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for dbusd daemon") -+dccd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for dccd") -+dccifd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for dccifd") -+dccm_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for dccm") -+ddt_client_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for ddt daemon") -+devfsd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for devfsd daemon") -+dhcpc_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for dhcpc daemon") -+dhcpd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for dhcpd daemon") -+dictd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for dictd daemon") -+direct_sysadm_daemon _("Admin") _("Allow sysadm_t to directly start daemons") -+disable_evolution_trans _("Web Applications") _("Disable SELinux protection for Evolution") -+disable_games_trans _("Games") _("Disable SELinux protection for games") -+disable_mozilla_trans _("Web Applications") _("Disable SELinux protection for the web browsers") -+disable_thunderbird_trans _("Web Applications") _("Disable SELinux protection for Thunderbird") -+distccd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for distccd daemon") -+dmesg_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for dmesg daemon") -+dnsmasq_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for dnsmasq daemon") -+dovecot_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for dovecot daemon") -+entropyd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for entropyd daemon") -+fcron_crond _("Cron") _("Enable extra rules in the cron domain to support fcron.") -+fetchmail_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for fetchmail") -+fingerd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for fingerd daemon") -+freshclam_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for freshclam daemon") -+fsdaemon_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for fsdaemon daemon") -+ftpd_disable_trans _("FTP") _("Disable SELinux protection for ftpd daemon") -+ftpd_is_daemon _("FTP") _("Allow ftpd to run directly without inetd") -+ftp_home_dir _("FTP") _("Allow ftp to read/write files in the user home directories") -+global_ssp _("Admin") _("This should be enabled when all programs are compiled with ProPolice/SSP stack smashing protection. All domains will be allowed to read from /dev/urandom.") -+gpm_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for gpm daemon") -+gssd_disable_trans _("NFS") _("Disable SELinux protection for gss daemon") -+hald_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for hal daemon") -+hide_broken_symptoms _("Compatibility") _("Do not audit things that we know to be broken but which are not security risks") -+hostname_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for hostname daemon") -+hotplug_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for hotplug daemon") -+howl_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for howl daemon") -+hplip_disable_trans _("Printing") _("Disable SELinux protection for cups hplip daemon") -+httpd_builtin_scripting _("HTTPD Service") _("Allow HTTPD to support built-in scripting") -+httpd_can_network_connect_db _("HTTPD Service") _("Allow HTTPD scripts and modules to network connect to databases.") -+httpd_can_network_connect _("HTTPD Service") _("Allow HTTPD scripts and modules to connect to the network.") -+httpd_can_network_relay _("HTTPD Service") _("Allow httpd to act as a relay.") -+httpd_disable_trans _("HTTPD Service") _("Disable SELinux protection for httpd daemon") -+httpd_enable_cgi _("HTTPD Service") _("Allow HTTPD cgi support") -+httpd_enable_ftp_server _("HTTPD Service") _("Allow HTTPD to run as a ftp server") -+httpd_enable_homedirs _("HTTPD Service") _("Allow HTTPD to read home directories") -+httpd_rotatelogs_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for httpd rotatelogs") -+httpd_ssi_exec _("HTTPD Service") _("Allow HTTPD to run SSI executables in the same domain as system CGI scripts.") -+httpd_suexec_disable_trans _("HTTPD Service") _("Disable SELinux protection for http suexec") -+httpd_tty_comm _("HTTPD Service") _("Unify HTTPD to communicate with the terminal. Needed for handling certificates.") -+httpd_unified _("HTTPD Service") _("Unify HTTPD handling of all content files.") -+hwclock_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for hwclock daemon") -+i18n_input_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for i18n daemon") -+imazesrv_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for imazesrv daemon") -+inetd_child_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for inetd child daemons") -+inetd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for inetd daemon") -+innd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for innd daemon") -+iptables_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for iptables daemon") -+ircd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for ircd daemon") -+irqbalance_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for irqbalance daemon") -+iscsid_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for iscsi daemon") -+jabberd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for jabberd daemon") -+kadmind_disable_trans _("Kerberos") _("Disable SELinux protection for kadmind daemon") -+klogd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for klogd daemon") -+krb5kdc_disable_trans _("Kerberos") _("Disable SELinux protection for krb5kdc daemon") -+ktalkd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for ktalk daemons") -+kudzu_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for kudzu daemon") -+locate_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for locate daemon") -+lpd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for lpd daemon") -+lrrd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for lrrd daemon") -+lvm_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for lvm daemon") -+mailman_mail_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for mailman") -+mail_read_content _("Web Applications") _("Allow evolution and thunderbird to read user files") -+mdadm_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for mdadm daemon") -+monopd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for monopd daemon") -+mozilla_read_content _("Web Applications") _("Allow the mozilla browser to read user files") -+mrtg_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for mrtg daemon") -+mysqld_disable_trans _("Databases") _("Disable SELinux protection for mysqld daemon") -+nagios_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for nagios daemon") -+named_disable_trans _("Name Service") _("Disable SELinux protection for named daemon") -+named_write_master_zones _("Name Service") _("Allow named to overwrite master zone files") -+nessusd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for nessusd daemon") -+NetworkManager_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for NetworkManager") -+nfsd_disable_trans _("NFS") _("Disable SELinux protection for nfsd daemon") -+nfs_export_all_ro _("NFS") _("Allow the reading on any NFS file system") -+nfs_export_all_rw _("NFS") _("Allow the read/write/create on any NFS file system") -+nmbd_disable_trans _("Samba") _("Disable SELinux protection for nmbd daemon") -+nrpe_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for nrpe daemon") -+nscd_disable_trans _("Name Service") _("Disable SELinux protection for nscd daemon") -+nsd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for nsd daemon") -+ntpd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for ntpd daemon") -+oddjob_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for oddjob") -+oddjob_mkhomedir_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for oddjob_mkhomedir") -+openvpn_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for openvpn daemon") -+pam_console_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for pam daemon") -+pegasus_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for pegasus") -+perdition_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for perdition daemon") -+portmap_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for portmap daemon") -+portslave_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for portslave daemon") -+postfix_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for postfix") -+postgresql_disable_trans _("Databases") _("Disable SELinux protection for postgresql daemon") -+pppd_can_insmod _("pppd") _("Allow pppd daemon to insert modules into the kernel") -+pppd_disable_trans _("pppd") _("Disable SELinux protection for pppd daemon") -+pppd_disable_trans _("pppd") _("Disable SELinux protection for the mozilla ppp daemon") -+pppd_for_user _("pppd") _("Allow pppd to be run for a regular user.") -+pptp_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for pptp") -+prelink_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for prelink daemon") -+privoxy_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for privoxy daemon") -+ptal_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for ptal daemon") -+pxe_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for pxe daemon") -+pyzord_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for pyzord") -+quota_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for quota daemon") -+radiusd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for radiusd daemon") -+radvd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for radvd daemon") -+rdisc_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for rdisc") -+readahead_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for readahead") -+read_default_t _("Admin") _("Allow programs to read files in non-standard locations (default_t)") -+read_untrusted_content _("Web Applications") _("Allow programs to read untrusted content without relabel") -+restorecond_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for restorecond") -+rhgb_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for rhgb daemon") -+ricci_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for ricci") -+ricci_modclusterd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for ricci_modclusterd") -+rlogind_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for rlogind daemon") -+rpcd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for rpcd daemon") -+rshd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for rshd") -+rsync_disable_trans _("rsync") _("Disable SELinux protection for rsync daemon") -+run_ssh_inetd _("SSH") _("Allow ssh to run from inetd instead of as a daemon") -+samba_enable_home_dirs _("Samba") _("Allow Samba to share users home directories") -+samba_share_nfs _("Samba") _("Allow Samba to share nfs directories") -+saslauthd_disable_trans _("sasl authentications server") _("Disable SELinux protection for saslauthd daemon") -+scannerdaemon_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for scannerdaemon daemon") -+secure_mode _("Admin") _("Do not allow transition to sysadm_t, sudo and su effected") -+secure_mode_insmod _("Admin") _("Do not allow any processes to load kernel modules") -+secure_mode_policyload _("Admin") _("Do not allow any processes to modify kernel SELinux policy") -+sendmail_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for sendmail daemon") -+setrans_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for setrans") -+setroubleshootd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for setroublesoot daemon") -+slapd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for slapd daemon") -+slrnpull_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for slrnpull daemon") -+smbd_disable_trans _("Samba") _("Disable SELinux protection for smbd daemon") -+snmpd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for snmpd daemon") -+snort_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for snort daemon") -+soundd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for soundd daemon") -+sound_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for sound daemon") -+spamassasin_can_network _("Spam Assassin") _("Allow Spam Assasin daemon network access") -+spamd_disable_trans _("spam Protection") _("Disable SELinux protection for spamd daemon") -+spamd_enable_home_dirs _("spam Protection") _("Allow spamd to access home directories") -+spammassasin_can_network _("spam Protection") _("Allow spammassasin to access the network") -+speedmgmt_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for speedmgmt daemon") -+squid_connect_any _("Squid") _("Allow squid daemon to connect to the network") -+squid_disable_trans _("Squid") _("Disable SELinux protection for squid daemon") -+ssh_keygen_disable_trans _("SSH") _("Disable SELinux protection for ssh daemon") -+ssh_sysadm_login _("SSH") _("Allow ssh logins as sysadm_r:sysadm_t") -+staff_read_sysadm_file _("Admin") _("Allow staff_r users to search the sysadm home dir and read files (such as ~/.bashrc)") -+stunnel_disable_trans _("Universal SSL tunnel") _("Disable SELinux protection for stunnel daemon") -+stunnel_is_daemon _("Universal SSL tunnel") _("Allow stunnel daemon to run as standalone, outside of xinetd") -+swat_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for swat daemon") -+sxid_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for sxid daemon") -+syslogd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for syslogd daemon") -+system_crond_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for system cron jobs") -+tcpd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for tcp daemon") -+telnetd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for telnet daemon") -+tftpd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for tftpd daemon") -+transproxy_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for transproxy daemon") -+udev_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for udev daemon") -+uml_switch_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for uml daemon") -+unlimitedInetd _("Admin") _("Allow xinetd to run unconfined, including any services it starts that do not have a domain transition explicitly defined.") -+unlimitedRC _("Admin") _("Allow rc scripts to run unconfined, including any daemon started by an rc script that does not have a domain transition explicitly defined.") -+unlimitedRPM _("Admin") _("Allow rpm to run unconfined.") -+unlimitedUtils _("Admin") _("Allow privileged utilities like hotplug and insmod to run unconfined.") -+updfstab_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for updfstab daemon") -+uptimed_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for uptimed daemon") -+use_lpd_server _("Printing") _("Use lpd server instead of cups") -+use_nfs_home_dirs _("NFS") _("Support NFS home directories") -+user_canbe_sysadm _("User Privs") _("Allow user_r to reach sysadm_r via su, sudo, or userhelper. Otherwise, only staff_r can do so.") -+user_can_mount _("Mount") _("Allow users to execute the mount command") -+user_direct_mouse _("User Privs") _("Allow regular users direct mouse access (only allow the X server)") -+user_dmesg _("User Privs") _("Allow users to run the dmesg command") -+user_net_control _("User Privs") _("Allow users to control network interfaces (also needs USERCTL=true)") -+user_ping _("User Privs") _("Allow normal user to execute ping") -+user_rw_noexattrfile _("User Privs") _("Allow user to r/w noextattrfile (FAT, CDROM, FLOPPY)") -+user_rw_usb _("User Privs") _("Allow users to rw usb devices") -+user_tcp_server _("User Privs") _("Allow users to run TCP servers (bind to ports and accept connection from the same domain and outside users) disabling this forces FTP passive mode and may change other protocols") -+user_ttyfile_stat _("User Privs") _("Allow user to stat ttyfiles") -+use_samba_home_dirs _("Samba") _("Allow users to login with CIFS home directories") -+uucpd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for uucpd daemon") -+vmware_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for vmware daemon") -+watchdog_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for watchdog daemon") -+winbind_disable_trans _("Samba") _("Disable SELinux protection for winbind daemon") -+write_untrusted_content _("Web Applications") _("Allow web applications to write untrusted content to disk (implies read)") -+xdm_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for xdm daemon") -+xdm_sysadm_login _("XServer") _("Allow xdm logins as sysadm_r:sysadm_t") -+xend_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for xen daemon") -+xen_use_raw_disk _("XEN") _("Allow xen to read/write physical disk devices") -+xfs_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for xfs daemon") -+xm_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for xen constrol") -+ypbind_disable_trans _("NIS") _("Disable SELinux protection for ypbind daemon") -+yppasswdd_disable_trans _("NIS") _("Disable SELinux protection for NIS Password Daemon") -+ypserv_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for ypserv daemon") -+ypxfr_disable_trans _("NIS") _("Disable SELinux protection for NIS Transfer Daemon") -+zebra_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for zebra daemon") -diff --exclude-from=exclude --exclude=sepolgen-1.0.0 --exclude=po -N -u -r nsapolicycoreutils/gui/semanagePage.py policycoreutils-2.0.1/gui/semanagePage.py ---- nsapolicycoreutils/gui/semanagePage.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.1/gui/semanagePage.py 2007-02-15 15:01:06.000000000 -0500 -@@ -0,0 +1,109 @@ -+## semanagePage.py - show selinux mappings -+## Copyright (C) 2006 Red Hat, Inc. -+ -+## This program is free software; you can redistribute it and/or modify -+## it under the terms of the GNU General Public License as published by -+## the Free Software Foundation; either version 2 of the License, or -+## (at your option) any later version. -+ -+## This program is distributed in the hope that it will be useful, -+## but WITHOUT ANY WARRANTY; without even the implied warranty of -+## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+## GNU General Public License for more details. -+ -+## You should have received a copy of the GNU General Public License -+## along with this program; if not, write to the Free Software -+## Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -+ -+## Author: Dan Walsh -+import string -+import gtk -+import gtk.glade -+import os -+import libxml2 -+import gobject -+import sys -+import seobject -+ -+## -+## I18N -+## -+PROGNAME="policycoreutils" -+import gettext -+gettext.bindtextdomain(PROGNAME, "/usr/share/locale") -+gettext.textdomain(PROGNAME) -+try: -+ gettext.install(PROGNAME, localedir="/usr/share/locale", unicode=1) -+except IOError: -+ import __builtin__ -+ __builtin__.__dict__['_'] = unicode -+ -+class semanagePage: -+ def __init__(self, xml, name, description): -+ self.xml = xml -+ self.view = xml.get_widget("%sView" % name) -+ self.dialog = xml.get_widget("%sDialog" % name) -+ self.view.connect("row_activated", self.rowActivated) -+ self.view.get_selection().connect("changed", self.itemSelected) -+ self.description = description; -+ -+ def get_description(self): -+ return self.description -+ -+ def itemSelected(self, args): -+ return -+ -+ def rowActivated(self, view, row, Column): -+ self.propertiesDialog() -+ -+ def verify(self, message, title="" ): -+ dlg = gtk.MessageDialog(None, 0, gtk.MESSAGE_INFO, -+ gtk.BUTTONS_YES_NO, -+ message) -+ dlg.set_title(title) -+ dlg.set_position(gtk.WIN_POS_MOUSE) -+ dlg.show_all() -+ rc = dlg.run() -+ dlg.destroy() -+ return rc -+ -+ def error(self, message): -+ dlg = gtk.MessageDialog(None, 0, gtk.MESSAGE_ERROR, -+ gtk.BUTTONS_CLOSE, -+ message) -+ dlg.set_position(gtk.WIN_POS_MOUSE) -+ dlg.show_all() -+ dlg.run() -+ dlg.destroy() -+ -+ def deleteDialog(self): -+ store, iter = self.view.get_selection().get_selected() -+ if self.verify(_("Are you sure you want to delete %s '%s'?" % (self.description, store.get_value(iter, 0))), _("Delete %s" % self.description)) == gtk.RESPONSE_YES: -+ self.delete() -+ -+ def addDialog(self): -+ self.dialogClear() -+ self.dialog.set_title(_("Add %s" % self.description)) -+ self.dialog.set_position(gtk.WIN_POS_MOUSE) -+ -+ while self.dialog.run() == gtk.RESPONSE_OK: -+ try: -+ self.add() -+ break; -+ except ValueError, e: -+ self.error(e.args[0]) -+ self.dialog.hide() -+ -+ def propertiesDialog(self): -+ self.dialogInit() -+ self.dialog.set_title(_("Modify %s" % self.description)) -+ self.dialog.set_position(gtk.WIN_POS_MOUSE) -+ while self.dialog.run() == gtk.RESPONSE_OK: -+ try: -+ self.modify() -+ break; -+ except ValueError, e: -+ self.error(e.args[0]) -+ self.dialog.hide() -+ -+ -diff --exclude-from=exclude --exclude=sepolgen-1.0.0 --exclude=po -N -u -r nsapolicycoreutils/gui/statusPage.py policycoreutils-2.0.1/gui/statusPage.py ---- nsapolicycoreutils/gui/statusPage.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.1/gui/statusPage.py 2007-02-15 15:01:06.000000000 -0500 -@@ -0,0 +1,213 @@ -+## statusPage.py - show selinux status -+## Copyright (C) 2006 Red Hat, Inc. -+ -+## This program is free software; you can redistribute it and/or modify -+## it under the terms of the GNU General Public License as published by -+## the Free Software Foundation; either version 2 of the License, or -+## (at your option) any later version. -+ -+## This program is distributed in the hope that it will be useful, -+## but WITHOUT ANY WARRANTY; without even the implied warranty of -+## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+## GNU General Public License for more details. -+ -+## You should have received a copy of the GNU General Public License -+## along with this program; if not, write to the Free Software -+## Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -+ -+## Author: Dan Walsh -+import string -+import gtk -+import gtk.glade -+import os -+import libxml2 -+import gobject -+import sys -+import tempfile -+ -+INSTALLPATH = '/usr/share/system-config-selinux' -+sys.path.append(INSTALLPATH) -+ -+rhplPath = "/usr/lib/python%d.%d/site-packages/rhpl" % (sys.version_info[0], sys.version_info[1]) -+if not rhplPath in sys.path: -+ sys.path.append(rhplPath) -+ -+rhplPath = "/usr/lib64/python%d.%d/site-packages/rhpl" % (sys.version_info[0], sys.version_info[1]) -+if not rhplPath in sys.path: -+ sys.path.append(rhplPath) -+ -+from Conf import * -+import commands -+ENFORCING = 0 -+PERMISSIVE = 1 -+DISABLED = 2 -+modearray = ( "enforcing", "permissive", "disabled" ) -+ -+SELINUXDIR = "/etc/selinux/" -+RELABELFILE = "/.autorelabel" -+ -+## -+## I18N -+## -+PROGNAME="policycoreutils" -+import gettext -+gettext.bindtextdomain(PROGNAME, "/usr/share/locale") -+gettext.textdomain(PROGNAME) -+import selinux -+try: -+ gettext.install(PROGNAME, localedir="/usr/share/locale", unicode=1) -+except IOError: -+ import __builtin__ -+ __builtin__.__dict__['_'] = unicode -+ -+class statusPage: -+ def __init__(self, xml): -+ self.xml = xml -+ self.needRelabel = False -+ -+ self.type = selinux.selinux_getpolicytype() -+ # Bring in widgets from glade file. -+ self.typeHBox = xml.get_widget("typeHBox") -+ self.selinuxTypeOptionMenu = xml.get_widget("selinuxTypeOptionMenu") -+ self.typeLabel = xml.get_widget("typeLabel") -+ self.enabledOptionMenu = xml.get_widget("enabledOptionMenu") -+ self.currentOptionMenu = xml.get_widget("currentOptionMenu") -+ self.relabel_checkbutton = xml.get_widget("relabelCheckbutton") -+ self.relabel_checkbutton.set_active(self.is_relabel()) -+ self.relabel_checkbutton.connect("toggled", self.on_relabel_toggle) -+ if self.get_current_mode() == ENFORCING or self.get_current_mode() == PERMISSIVE: -+ self.currentOptionMenu.append_text(_("Enforcing")) -+ self.currentOptionMenu.append_text(_("Permissive")) -+ self.currentOptionMenu.set_active(self.get_current_mode()) -+ self.currentOptionMenu.connect("changed", self.set_current_mode) -+ self.currentOptionMenu.set_sensitive(True) -+ else: -+ self.currentOptionMenu.append_text(_("Disabled")) -+ self.currentOptionMenu.set_sensitive(False) -+ -+ -+ if self.read_selinux_config() == None: -+ self.selinuxsupport = False -+ else: -+ self.enabledOptionMenu.connect("changed", self.enabled_changed) -+ # -+ # This line must come after read_selinux_config -+ # -+ self.selinuxTypeOptionMenu.connect("changed", self.typemenu_changed) -+ -+ self.typeLabel.set_mnemonic_widget(self.selinuxTypeOptionMenu) -+ -+ def get_description(self): -+ return _("Status") -+ -+ def get_current_mode(self): -+ if selinux.is_selinux_enabled(): -+ if selinux.security_getenforce() > 0: -+ return ENFORCING -+ else: -+ return PERMISSIVE -+ else: -+ return DISABLED -+ -+ def set_current_mode(self,menu): -+ selinux.security_setenforce(menu.get_active() == 0) -+ -+ def is_relabel(self): -+ return os.access(RELABELFILE, os.F_OK) != 0 -+ -+ def on_relabel_toggle(self,button): -+ if button.get_active(): -+ fd = open(RELABELFILE,"w") -+ fd.close() -+ else: -+ if os.access(RELABELFILE, os.F_OK) != 0: -+ os.unlink(RELABELFILE) -+ -+ def verify(self, message): -+ dlg = gtk.MessageDialog(None, 0, gtk.MESSAGE_INFO, -+ gtk.BUTTONS_YES_NO, -+ message) -+ dlg.set_position(gtk.WIN_POS_MOUSE) -+ dlg.show_all() -+ rc = dlg.run() -+ dlg.destroy() -+ return rc -+ -+ def typemenu_changed(self, menu): -+ type = self.get_type() -+ enabled = self.enabledOptionMenu.get_active() -+ if self.initialtype != type: -+ if self.verify(_("Changing the policy type will cause a relabel of the entire file system on the next boot. Relabeling takes a long time depending on the size of the file system. Do you wish to continue?")) == gtk.RESPONSE_NO: -+ menu.set_active(self.typeHistory) -+ return None -+ -+ self.relabel_checkbutton.set_active(True) -+ self.conf["SELINUX"] = modearray[enabled] -+ self.conf["SELINUXTYPE"]=type -+ self.conf.write() -+ self.typeHistory = menu.get_active() -+ -+ def enabled_changed(self, combo): -+ enabled = combo.get_active() -+ type = self.get_type() -+ -+ if self.initEnabled == DISABLED and enabled < 2: -+ if self.verify(_("Changing to SELinux enabled will cause a relabel of the entire file system on the next boot. Relabeling takes a long time depending on the size of the file system. Do you wish to continue?")) == gtk.RESPONSE_NO: -+ return None -+ -+ self.relabel_checkbutton.set_active(True) -+ -+ self.conf["SELINUX"] = modearray[enabled] -+ self.conf["SELINUXTYPE"]=type -+ self.conf.write() -+ -+ def read_selinux_config(self): -+ self.initialtype = "targeted" -+ self.initEnabled = DISABLED -+ self.types = [] -+ if os.access(SELINUXDIR, os.F_OK) == 0: -+ #File doesn't exist. return -+ return None -+ -+ self.conf = ConfShellVar(SELINUXDIR+"config") -+ self.conf.rcs = 1 -+ if self.conf.has_key("SELINUX"): -+ value = self.conf.vars["SELINUX"].upper().strip() -+ else: -+ value = "ENFORCING" -+ self.conf.vars["SELINUX"] = value -+ -+ if value == "ENFORCING": -+ self.initEnabled = ENFORCING -+ self.enabledOptionMenu.set_active(ENFORCING) -+ elif value == "PERMISSIVE": -+ self.initEnabled = PERMISSIVE -+ self.enabledOptionMenu.set_active(PERMISSIVE) -+ elif value == "DISABLED": -+ self.initEnabled = DISABLED -+ self.enabledOptionMenu.set_active(DISABLED) -+ -+ if self.conf.has_key("SELINUXTYPE"): -+ self.initialtype = self.conf.vars["SELINUXTYPE"].strip() -+ else: -+ self.conf.vars["SELINUXTYPE"] = self.initialtype -+ -+ n = 0 -+ current = n -+ -+ for i in os.listdir(SELINUXDIR): -+ if os.path.isdir(SELINUXDIR+i) and os.path.isdir(SELINUXDIR+i+"/policy"): -+ self.types.append(i) -+ self.selinuxTypeOptionMenu.append_text(i) -+ if i == self.initialtype: -+ current = n -+ n = n+1 -+ self.selinuxTypeOptionMenu.set_active(current) -+ self.typeHistory = current -+ -+ return 0 -+ -+ def get_type(self): -+ return self.types[self.selinuxTypeOptionMenu.get_active()] -+ -+ -diff --exclude-from=exclude --exclude=sepolgen-1.0.0 --exclude=po -N -u -r nsapolicycoreutils/gui/system-config-selinux.glade policycoreutils-2.0.1/gui/system-config-selinux.glade ---- nsapolicycoreutils/gui/system-config-selinux.glade 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.1/gui/system-config-selinux.glade 2007-02-15 15:01:06.000000000 -0500 -@@ -0,0 +1,2803 @@ -+ -+ -+ -+ -+ -+ -+ -+ -+ False -+ system-config-selinux -+ Copyright (c)2006 Red Hat, Inc. -+Copyright (c) 2006 Dan Walsh <dwalsh@redhat.com> -+ False -+ Daniel Walsh <dwalsh@redhat.com> -+ -+ translator-credits -+ system-config-selinux.png -+ -+ -+ -+ Add SELinux Login Mapping -+ GTK_WINDOW_TOPLEVEL -+ GTK_WIN_POS_NONE -+ False -+ True -+ False -+ True -+ False -+ False -+ GDK_WINDOW_TYPE_HINT_DIALOG -+ GDK_GRAVITY_NORTH_WEST -+ True -+ False -+ True -+ -+ -+ -+ True -+ False -+ 0 -+ -+ -+ -+ True -+ GTK_BUTTONBOX_END -+ -+ -+ -+ True -+ True -+ True -+ gtk-cancel -+ True -+ GTK_RELIEF_NORMAL -+ True -+ -6 -+ -+ -+ -+ -+ -+ True -+ True -+ True -+ gtk-ok -+ True -+ GTK_RELIEF_NORMAL -+ True -+ -5 -+ -+ -+ -+ -+ 0 -+ False -+ True -+ GTK_PACK_END -+ -+ -+ -+ -+ -+ True -+ False -+ 0 -+ -+ -+ -+ True -+ 3 -+ 2 -+ False -+ 4 -+ 6 -+ -+ -+ -+ True -+ Login Name -+ False -+ False -+ GTK_JUSTIFY_LEFT -+ False -+ False -+ 0 -+ 0.5 -+ 0 -+ 0 -+ PANGO_ELLIPSIZE_NONE -+ -1 -+ False -+ 0 -+ -+ -+ 0 -+ 1 -+ 0 -+ 1 -+ fill -+ -+ -+ -+ -+ -+ -+ True -+ SELinux User -+ False -+ False -+ GTK_JUSTIFY_LEFT -+ False -+ False -+ 0 -+ 0.5 -+ 0 -+ 0 -+ PANGO_ELLIPSIZE_NONE -+ -1 -+ False -+ 0 -+ -+ -+ 0 -+ 1 -+ 1 -+ 2 -+ fill -+ -+ -+ -+ -+ -+ -+ True -+ MLS/MCS Range -+ False -+ False -+ GTK_JUSTIFY_LEFT -+ False -+ False -+ 0 -+ 0.5 -+ 0 -+ 0 -+ PANGO_ELLIPSIZE_NONE -+ -1 -+ False -+ 0 -+ -+ -+ 0 -+ 1 -+ 2 -+ 3 -+ fill -+ -+ -+ -+ -+ -+ -+ True -+ True -+ True -+ True -+ 0 -+ -+ True -+ * -+ False -+ -+ -+ 1 -+ 2 -+ 0 -+ 1 -+ -+ -+ -+ -+ -+ -+ True -+ False -+ True -+ -+ -+ 1 -+ 2 -+ 1 -+ 2 -+ fill -+ fill -+ -+ -+ -+ -+ -+ True -+ True -+ True -+ True -+ 0 -+ -+ True -+ * -+ False -+ -+ -+ 1 -+ 2 -+ 2 -+ 3 -+ -+ -+ -+ -+ -+ 5 -+ True -+ True -+ -+ -+ -+ -+ 0 -+ True -+ True -+ -+ -+ -+ -+ -+ -+ -+ Add SELinux Network Ports -+ GTK_WINDOW_TOPLEVEL -+ GTK_WIN_POS_NONE -+ False -+ True -+ False -+ True -+ False -+ False -+ GDK_WINDOW_TYPE_HINT_DIALOG -+ GDK_GRAVITY_NORTH_WEST -+ True -+ False -+ True -+ -+ -+ -+ True -+ False -+ 0 -+ -+ -+ -+ True -+ GTK_BUTTONBOX_END -+ -+ -+ -+ True -+ True -+ True -+ gtk-cancel -+ True -+ GTK_RELIEF_NORMAL -+ True -+ -6 -+ -+ -+ -+ -+ -+ True -+ True -+ True -+ gtk-ok -+ True -+ GTK_RELIEF_NORMAL -+ True -+ -5 -+ -+ -+ -+ -+ 0 -+ False -+ True -+ GTK_PACK_END -+ -+ -+ -+ -+ -+ True -+ False -+ 0 -+ -+ -+ -+ True -+ 4 -+ 2 -+ False -+ 4 -+ 6 -+ -+ -+ -+ True -+ Port Number -+ False -+ False -+ GTK_JUSTIFY_LEFT -+ False -+ False -+ 0 -+ 0.5 -+ 0 -+ 0 -+ PANGO_ELLIPSIZE_NONE -+ -1 -+ False -+ 0 -+ -+ -+ 0 -+ 1 -+ 0 -+ 1 -+ fill -+ -+ -+ -+ -+ -+ -+ True -+ Protocol -+ False -+ False -+ GTK_JUSTIFY_LEFT -+ False -+ False -+ 0 -+ 0.5 -+ 0 -+ 0 -+ PANGO_ELLIPSIZE_NONE -+ -1 -+ False -+ 0 -+ -+ -+ 0 -+ 1 -+ 1 -+ 2 -+ fill -+ -+ -+ -+ -+ -+ -+ True -+ SELinux Type -+ False -+ False -+ GTK_JUSTIFY_LEFT -+ False -+ False -+ 0 -+ 0.5 -+ 0 -+ 0 -+ PANGO_ELLIPSIZE_NONE -+ -1 -+ False -+ 0 -+ -+ -+ 0 -+ 1 -+ 2 -+ 3 -+ fill -+ -+ -+ -+ -+ -+ -+ True -+ True -+ True -+ True -+ 0 -+ -+ True -+ * -+ False -+ -+ -+ 1 -+ 2 -+ 0 -+ 1 -+ -+ -+ -+ -+ -+ -+ True -+ tcp -+udp -+ False -+ True -+ -+ -+ 1 -+ 2 -+ 1 -+ 2 -+ fill -+ fill -+ -+ -+ -+ -+ -+ True -+ True -+ True -+ True -+ 0 -+ -+ True -+ * -+ False -+ -+ -+ 1 -+ 2 -+ 2 -+ 3 -+ -+ -+ -+ -+ -+ -+ True -+ MLS/MCS -+Level -+ False -+ False -+ GTK_JUSTIFY_LEFT -+ False -+ False -+ 0 -+ 0.5 -+ 0 -+ 0 -+ PANGO_ELLIPSIZE_NONE -+ -1 -+ False -+ 0 -+ -+ -+ 0 -+ 1 -+ 3 -+ 4 -+ fill -+ -+ -+ -+ -+ -+ -+ True -+ True -+ True -+ True -+ 0 -+ -+ True -+ * -+ False -+ -+ -+ 1 -+ 2 -+ 3 -+ 4 -+ -+ -+ -+ -+ -+ 5 -+ True -+ True -+ -+ -+ -+ -+ 0 -+ True -+ True -+ -+ -+ -+ -+ -+ -+ -+ Add SELinux Login Mapping -+ GTK_WINDOW_TOPLEVEL -+ GTK_WIN_POS_NONE -+ False -+ True -+ False -+ True -+ False -+ False -+ GDK_WINDOW_TYPE_HINT_DIALOG -+ GDK_GRAVITY_NORTH_WEST -+ True -+ False -+ True -+ -+ -+ -+ True -+ False -+ 0 -+ -+ -+ -+ True -+ GTK_BUTTONBOX_END -+ -+ -+ -+ True -+ True -+ True -+ gtk-cancel -+ True -+ GTK_RELIEF_NORMAL -+ True -+ -6 -+ -+ -+ -+ -+ -+ True -+ True -+ True -+ gtk-ok -+ True -+ GTK_RELIEF_NORMAL -+ True -+ -5 -+ -+ -+ -+ -+ 0 -+ False -+ True -+ GTK_PACK_END -+ -+ -+ -+ -+ -+ True -+ False -+ 0 -+ -+ -+ -+ True -+ 2 -+ 2 -+ False -+ 4 -+ 6 -+ -+ -+ -+ True -+ SELinux MLS/MCS -+Level -+ False -+ False -+ GTK_JUSTIFY_LEFT -+ False -+ False -+ 0 -+ 0.5 -+ 0 -+ 0 -+ PANGO_ELLIPSIZE_NONE -+ -1 -+ False -+ 0 -+ -+ -+ 0 -+ 1 -+ 0 -+ 1 -+ fill -+ -+ -+ -+ -+ -+ -+ True -+ Translation -+ False -+ False -+ GTK_JUSTIFY_LEFT -+ False -+ False -+ 0 -+ 0.5 -+ 0 -+ 0 -+ PANGO_ELLIPSIZE_NONE -+ -1 -+ False -+ 0 -+ -+ -+ 0 -+ 1 -+ 1 -+ 2 -+ fill -+ -+ -+ -+ -+ -+ -+ True -+ True -+ True -+ True -+ 0 -+ -+ True -+ * -+ False -+ -+ -+ 1 -+ 2 -+ 0 -+ 1 -+ -+ -+ -+ -+ -+ -+ True -+ True -+ True -+ True -+ 0 -+ -+ True -+ * -+ False -+ -+ -+ 1 -+ 2 -+ 1 -+ 2 -+ -+ -+ -+ -+ -+ 5 -+ True -+ True -+ -+ -+ -+ -+ 0 -+ True -+ True -+ -+ -+ -+ -+ -+ -+ -+ Add SELinux Login Mapping -+ GTK_WINDOW_TOPLEVEL -+ GTK_WIN_POS_NONE -+ False -+ True -+ False -+ True -+ False -+ False -+ GDK_WINDOW_TYPE_HINT_DIALOG -+ GDK_GRAVITY_NORTH_WEST -+ True -+ False -+ True -+ -+ -+ -+ True -+ False -+ 0 -+ -+ -+ -+ True -+ GTK_BUTTONBOX_END -+ -+ -+ -+ True -+ True -+ True -+ gtk-cancel -+ True -+ GTK_RELIEF_NORMAL -+ True -+ -6 -+ -+ -+ -+ -+ -+ True -+ True -+ True -+ gtk-ok -+ True -+ GTK_RELIEF_NORMAL -+ True -+ -5 -+ -+ -+ -+ -+ 0 -+ False -+ True -+ GTK_PACK_END -+ -+ -+ -+ -+ -+ True -+ False -+ 0 -+ -+ -+ -+ True -+ 4 -+ 2 -+ False -+ 4 -+ 6 -+ -+ -+ -+ True -+ File Specification -+ False -+ False -+ GTK_JUSTIFY_LEFT -+ False -+ False -+ 0 -+ 0.5 -+ 0 -+ 0 -+ PANGO_ELLIPSIZE_NONE -+ -1 -+ False -+ 0 -+ -+ -+ 0 -+ 1 -+ 0 -+ 1 -+ fill -+ -+ -+ -+ -+ -+ -+ True -+ File Type -+ False -+ False -+ GTK_JUSTIFY_LEFT -+ False -+ False -+ 0 -+ 0.5 -+ 0 -+ 0 -+ PANGO_ELLIPSIZE_NONE -+ -1 -+ False -+ 0 -+ -+ -+ 0 -+ 1 -+ 1 -+ 2 -+ fill -+ -+ -+ -+ -+ -+ -+ True -+ SELinux Type -+ False -+ False -+ GTK_JUSTIFY_LEFT -+ False -+ False -+ 0 -+ 0.5 -+ 0 -+ 0 -+ PANGO_ELLIPSIZE_NONE -+ -1 -+ False -+ 0 -+ -+ -+ 0 -+ 1 -+ 2 -+ 3 -+ fill -+ -+ -+ -+ -+ -+ -+ True -+ True -+ True -+ True -+ 0 -+ -+ True -+ * -+ False -+ -+ -+ 1 -+ 2 -+ 0 -+ 1 -+ -+ -+ -+ -+ -+ -+ True -+ all files -+regular file -+directory -+character device -+block device -+socket -+symbolic link -+named pipe -+ -+ False -+ True -+ -+ -+ 1 -+ 2 -+ 1 -+ 2 -+ fill -+ fill -+ -+ -+ -+ -+ -+ True -+ True -+ True -+ True -+ 0 -+ -+ True -+ * -+ False -+ -+ -+ 1 -+ 2 -+ 2 -+ 3 -+ -+ -+ -+ -+ -+ -+ True -+ MLS -+ False -+ False -+ GTK_JUSTIFY_LEFT -+ False -+ False -+ 0 -+ 0.5 -+ 0 -+ 0 -+ PANGO_ELLIPSIZE_NONE -+ -1 -+ False -+ 0 -+ -+ -+ 0 -+ 1 -+ 3 -+ 4 -+ fill -+ -+ -+ -+ -+ -+ -+ True -+ True -+ True -+ True -+ 0 -+ -+ True -+ * -+ False -+ -+ -+ 1 -+ 2 -+ 3 -+ 4 -+ -+ -+ -+ -+ -+ 5 -+ True -+ True -+ -+ -+ -+ -+ 0 -+ True -+ True -+ -+ -+ -+ -+ -+ -+ -+ Add SELinux User -+ GTK_WINDOW_TOPLEVEL -+ GTK_WIN_POS_NONE -+ False -+ True -+ False -+ True -+ False -+ False -+ GDK_WINDOW_TYPE_HINT_DIALOG -+ GDK_GRAVITY_NORTH_WEST -+ True -+ False -+ True -+ -+ -+ -+ True -+ False -+ 0 -+ -+ -+ -+ True -+ GTK_BUTTONBOX_END -+ -+ -+ -+ True -+ True -+ True -+ gtk-cancel -+ True -+ GTK_RELIEF_NORMAL -+ True -+ -6 -+ -+ -+ -+ -+ -+ True -+ True -+ True -+ gtk-ok -+ True -+ GTK_RELIEF_NORMAL -+ True -+ -5 -+ -+ -+ -+ -+ 0 -+ False -+ True -+ GTK_PACK_END -+ -+ -+ -+ -+ -+ True -+ False -+ 0 -+ -+ -+ -+ True -+ 5 -+ 2 -+ False -+ 4 -+ 6 -+ -+ -+ -+ True -+ SELinux User -+ False -+ False -+ GTK_JUSTIFY_LEFT -+ False -+ False -+ 0 -+ 0.5 -+ 0 -+ 0 -+ PANGO_ELLIPSIZE_NONE -+ -1 -+ False -+ 0 -+ -+ -+ 0 -+ 1 -+ 0 -+ 1 -+ fill -+ -+ -+ -+ -+ -+ -+ True -+ Label Prefix -+ False -+ False -+ GTK_JUSTIFY_LEFT -+ False -+ False -+ 0 -+ 0.5 -+ 0 -+ 0 -+ PANGO_ELLIPSIZE_NONE -+ -1 -+ False -+ 0 -+ -+ -+ 0 -+ 1 -+ 1 -+ 2 -+ fill -+ -+ -+ -+ -+ -+ -+ True -+ MLS/MCS Range -+ False -+ False -+ GTK_JUSTIFY_LEFT -+ False -+ False -+ 0 -+ 0.5 -+ 0 -+ 0 -+ PANGO_ELLIPSIZE_NONE -+ -1 -+ False -+ 0 -+ -+ -+ 0 -+ 1 -+ 3 -+ 4 -+ fill -+ -+ -+ -+ -+ -+ -+ True -+ True -+ True -+ True -+ 0 -+ -+ True -+ * -+ False -+ -+ -+ 1 -+ 2 -+ 3 -+ 4 -+ -+ -+ -+ -+ -+ -+ True -+ MLS/MCS Level -+ False -+ False -+ GTK_JUSTIFY_LEFT -+ False -+ False -+ 0 -+ 0.5 -+ 0 -+ 0 -+ PANGO_ELLIPSIZE_NONE -+ -1 -+ False -+ 0 -+ -+ -+ 0 -+ 1 -+ 2 -+ 3 -+ fill -+ -+ -+ -+ -+ -+ -+ True -+ True -+ True -+ True -+ 0 -+ -+ True -+ * -+ False -+ -+ -+ 1 -+ 2 -+ 2 -+ 3 -+ -+ -+ -+ -+ -+ -+ True -+ SELinux Roles -+ False -+ False -+ GTK_JUSTIFY_LEFT -+ False -+ False -+ 0 -+ 0.5 -+ 0 -+ 0 -+ PANGO_ELLIPSIZE_NONE -+ -1 -+ False -+ 0 -+ -+ -+ 0 -+ 1 -+ 4 -+ 5 -+ fill -+ -+ -+ -+ -+ -+ -+ True -+ True -+ True -+ True -+ 0 -+ -+ True -+ * -+ False -+ -+ -+ 1 -+ 2 -+ 4 -+ 5 -+ -+ -+ -+ -+ -+ -+ True -+ True -+ True -+ True -+ 0 -+ -+ True -+ * -+ False -+ -+ -+ 1 -+ 2 -+ 0 -+ 1 -+ -+ -+ -+ -+ -+ -+ True -+ True -+ True -+ True -+ 0 -+ -+ True -+ * -+ False -+ -+ -+ 1 -+ 2 -+ 1 -+ 2 -+ -+ -+ -+ -+ -+ 5 -+ True -+ True -+ -+ -+ -+ -+ 0 -+ True -+ True -+ -+ -+ -+ -+ -+ -+ -+ 800 -+ 500 -+ GTK_WINDOW_TOPLEVEL -+ GTK_WIN_POS_NONE -+ False -+ True -+ False -+ system-config-selinux.png -+ True -+ False -+ False -+ GDK_WINDOW_TYPE_HINT_NORMAL -+ GDK_GRAVITY_NORTH_WEST -+ True -+ False -+ True -+ -+ -+ -+ True -+ True -+ -+ -+ -+ True -+ GTK_SHADOW_NONE -+ -+ -+ -+ True -+ GTK_PACK_DIRECTION_LTR -+ GTK_PACK_DIRECTION_LTR -+ -+ -+ -+ True -+ GNOMEUIINFO_MENU_FILE_TREE -+ -+ -+ -+ -+ -+ -+ True -+ GNOMEUIINFO_MENU_EXIT_ITEM -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ True -+ GNOMEUIINFO_MENU_HELP_TREE -+ -+ -+ -+ -+ -+ -+ True -+ GNOMEUIINFO_MENU_ABOUT_ITEM -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ BONOBO_DOCK_TOP -+ 0 -+ 0 -+ 0 -+ BONOBO_DOCK_ITEM_BEH_EXCLUSIVE|BONOBO_DOCK_ITEM_BEH_NEVER_VERTICAL|BONOBO_DOCK_ITEM_BEH_LOCKED -+ -+ -+ -+ -+ -+ True -+ True -+ 0 -+ -+ -+ -+ 5 -+ True -+ 0 -+ 0.5 -+ GTK_SHADOW_NONE -+ -+ -+ -+ True -+ 0.5 -+ 0.5 -+ 1 -+ 1 -+ 0 -+ 0 -+ 12 -+ 0 -+ -+ -+ -+ True -+ Select Managment Object -+ True -+ False -+ False -+ False -+ True -+ False -+ False -+ False -+ -+ -+ -+ -+ -+ -+ -+ True -+ <b>Select:</b> -+ False -+ True -+ GTK_JUSTIFY_LEFT -+ False -+ False -+ 0.5 -+ 0.5 -+ 0 -+ 0 -+ PANGO_ELLIPSIZE_NONE -+ -1 -+ False -+ 0 -+ -+ -+ label_item -+ -+ -+ -+ -+ False -+ True -+ -+ -+ -+ -+ -+ True -+ False -+ True -+ GTK_POS_TOP -+ False -+ False -+ -+ -+ -+ True -+ False -+ 0 -+ -+ -+ -+ True -+ 4 -+ 2 -+ False -+ 5 -+ 5 -+ -+ -+ -+ True -+ System Default Enforcing Mode -+ False -+ False -+ GTK_JUSTIFY_LEFT -+ False -+ False -+ 0.5 -+ 0.5 -+ 0 -+ 0 -+ PANGO_ELLIPSIZE_NONE -+ -1 -+ False -+ 0 -+ -+ -+ 0 -+ 1 -+ 0 -+ 1 -+ fill -+ -+ -+ -+ -+ -+ -+ True -+ Enforcing -+Permissive -+Disabled -+ -+ False -+ True -+ -+ -+ 1 -+ 2 -+ 0 -+ 1 -+ fill -+ -+ -+ -+ -+ -+ True -+ Current Enforcing Mode -+ False -+ False -+ GTK_JUSTIFY_LEFT -+ False -+ False -+ 0.5 -+ 0.5 -+ 0 -+ 0 -+ PANGO_ELLIPSIZE_NONE -+ -1 -+ False -+ 0 -+ -+ -+ 0 -+ 1 -+ 1 -+ 2 -+ fill -+ -+ -+ -+ -+ -+ -+ True -+ -+ False -+ True -+ -+ -+ 1 -+ 2 -+ 1 -+ 2 -+ fill -+ fill -+ -+ -+ -+ -+ -+ True -+ System Default Policy Type: -+ False -+ False -+ GTK_JUSTIFY_LEFT -+ False -+ False -+ 0.5 -+ 0.5 -+ 0 -+ 0 -+ PANGO_ELLIPSIZE_NONE -+ -1 -+ False -+ 0 -+ -+ -+ 0 -+ 1 -+ 2 -+ 3 -+ fill -+ -+ -+ -+ -+ -+ -+ True -+ -+ False -+ True -+ -+ -+ 1 -+ 2 -+ 2 -+ 3 -+ fill -+ fill -+ -+ -+ -+ -+ -+ True -+ Select if you wish to relabel then entire file system on next reboot. Relabeling can take a very long time, depending on the size of the system. If you are changing policy types or going from disabled to enforing, a relabel is required. -+ True -+ GTK_RELIEF_NORMAL -+ True -+ False -+ False -+ True -+ -+ -+ -+ True -+ 0.5 -+ 0.5 -+ 0 -+ 0 -+ 0 -+ 0 -+ 0 -+ 0 -+ -+ -+ -+ True -+ False -+ 2 -+ -+ -+ -+ True -+ gtk-refresh -+ 4 -+ 0.5 -+ 0.5 -+ 0 -+ 0 -+ -+ -+ 0 -+ False -+ False -+ -+ -+ -+ -+ -+ True -+ Relabel on next reboot. -+ True -+ False -+ GTK_JUSTIFY_LEFT -+ False -+ False -+ 0.5 -+ 0.5 -+ 0 -+ 0 -+ PANGO_ELLIPSIZE_NONE -+ -1 -+ False -+ 0 -+ -+ -+ 0 -+ False -+ False -+ -+ -+ -+ -+ -+ -+ -+ -+ 0 -+ 2 -+ 3 -+ 4 -+ fill -+ fill -+ -+ -+ -+ -+ 0 -+ True -+ True -+ -+ -+ -+ -+ False -+ True -+ -+ -+ -+ -+ -+ True -+ label37 -+ False -+ False -+ GTK_JUSTIFY_LEFT -+ False -+ False -+ 0.5 -+ 0.5 -+ 0 -+ 0 -+ PANGO_ELLIPSIZE_NONE -+ -1 -+ False -+ 0 -+ -+ -+ tab -+ -+ -+ -+ -+ -+ True -+ True -+ GTK_POLICY_ALWAYS -+ GTK_POLICY_ALWAYS -+ GTK_SHADOW_NONE -+ GTK_CORNER_TOP_LEFT -+ -+ -+ -+ True -+ True -+ False -+ False -+ False -+ True -+ False -+ False -+ False -+ -+ -+ -+ -+ False -+ True -+ -+ -+ -+ -+ -+ True -+ label50 -+ False -+ False -+ GTK_JUSTIFY_LEFT -+ False -+ False -+ 0.5 -+ 0.5 -+ 0 -+ 0 -+ PANGO_ELLIPSIZE_NONE -+ -1 -+ False -+ 0 -+ -+ -+ tab -+ -+ -+ -+ -+ -+ True -+ False -+ 0 -+ -+ -+ -+ True -+ GTK_ORIENTATION_HORIZONTAL -+ GTK_TOOLBAR_BOTH -+ True -+ True -+ -+ -+ -+ True -+ Add File Context -+ gtk-add -+ True -+ True -+ False -+ -+ -+ -+ False -+ True -+ -+ -+ -+ -+ -+ True -+ Modify File Context -+ gtk-properties -+ True -+ True -+ False -+ -+ -+ -+ False -+ True -+ -+ -+ -+ -+ -+ True -+ Delete File Context -+ gtk-delete -+ True -+ True -+ False -+ -+ -+ -+ False -+ True -+ -+ -+ -+ -+ 0 -+ False -+ False -+ -+ -+ -+ -+ -+ True -+ True -+ GTK_POLICY_ALWAYS -+ GTK_POLICY_ALWAYS -+ GTK_SHADOW_NONE -+ GTK_CORNER_TOP_LEFT -+ -+ -+ -+ True -+ True -+ True -+ False -+ False -+ True -+ False -+ False -+ False -+ -+ -+ -+ -+ 0 -+ True -+ True -+ -+ -+ -+ -+ False -+ True -+ -+ -+ -+ -+ -+ True -+ label38 -+ False -+ False -+ GTK_JUSTIFY_LEFT -+ False -+ False -+ 0.5 -+ 0.5 -+ 0 -+ 0 -+ PANGO_ELLIPSIZE_NONE -+ -1 -+ False -+ 0 -+ -+ -+ tab -+ -+ -+ -+ -+ -+ True -+ False -+ 0 -+ -+ -+ -+ True -+ GTK_ORIENTATION_HORIZONTAL -+ GTK_TOOLBAR_BOTH -+ True -+ True -+ -+ -+ -+ True -+ Add SELinux User Mapping -+ gtk-add -+ True -+ True -+ False -+ -+ -+ -+ False -+ True -+ -+ -+ -+ -+ -+ True -+ Modify SELinux User Mapping -+ gtk-properties -+ True -+ True -+ False -+ -+ -+ -+ False -+ True -+ -+ -+ -+ -+ -+ True -+ Delete SELinux User Mapping -+ gtk-delete -+ True -+ True -+ False -+ -+ -+ -+ False -+ True -+ -+ -+ -+ -+ 0 -+ False -+ False -+ -+ -+ -+ -+ -+ True -+ True -+ GTK_POLICY_ALWAYS -+ GTK_POLICY_ALWAYS -+ GTK_SHADOW_NONE -+ GTK_CORNER_TOP_LEFT -+ -+ -+ -+ True -+ True -+ True -+ False -+ False -+ True -+ False -+ False -+ False -+ -+ -+ -+ -+ 0 -+ True -+ True -+ -+ -+ -+ -+ False -+ True -+ -+ -+ -+ -+ -+ True -+ label39 -+ False -+ False -+ GTK_JUSTIFY_LEFT -+ False -+ False -+ 0.5 -+ 0.5 -+ 0 -+ 0 -+ PANGO_ELLIPSIZE_NONE -+ -1 -+ False -+ 0 -+ -+ -+ tab -+ -+ -+ -+ -+ -+ True -+ False -+ 0 -+ -+ -+ -+ True -+ GTK_ORIENTATION_HORIZONTAL -+ GTK_TOOLBAR_BOTH -+ True -+ True -+ -+ -+ -+ True -+ Add Translation -+ gtk-add -+ True -+ True -+ False -+ -+ -+ -+ False -+ True -+ -+ -+ -+ -+ -+ True -+ Modify Translation -+ gtk-properties -+ True -+ True -+ False -+ -+ -+ -+ False -+ True -+ -+ -+ -+ -+ -+ True -+ Delete Translation -+ gtk-delete -+ True -+ True -+ False -+ -+ -+ -+ False -+ True -+ -+ -+ -+ -+ 0 -+ False -+ False -+ -+ -+ -+ -+ -+ True -+ True -+ GTK_POLICY_ALWAYS -+ GTK_POLICY_ALWAYS -+ GTK_SHADOW_NONE -+ GTK_CORNER_TOP_LEFT -+ -+ -+ -+ True -+ True -+ True -+ False -+ False -+ True -+ False -+ False -+ False -+ -+ -+ -+ -+ 0 -+ True -+ True -+ -+ -+ -+ -+ False -+ True -+ -+ -+ -+ -+ -+ True -+ label41 -+ False -+ False -+ GTK_JUSTIFY_LEFT -+ False -+ False -+ 0.5 -+ 0.5 -+ 0 -+ 0 -+ PANGO_ELLIPSIZE_NONE -+ -1 -+ False -+ 0 -+ -+ -+ tab -+ -+ -+ -+ -+ -+ True -+ False -+ 0 -+ -+ -+ -+ True -+ GTK_ORIENTATION_HORIZONTAL -+ GTK_TOOLBAR_BOTH -+ True -+ True -+ -+ -+ -+ True -+ Add SELinux User -+ gtk-add -+ True -+ True -+ False -+ -+ -+ -+ False -+ True -+ -+ -+ -+ -+ -+ True -+ Modify SELinux User -+ gtk-properties -+ True -+ True -+ False -+ -+ -+ -+ False -+ True -+ -+ -+ -+ -+ -+ True -+ Add SELinux User -+ gtk-delete -+ True -+ True -+ False -+ -+ -+ -+ False -+ True -+ -+ -+ -+ -+ 0 -+ False -+ False -+ -+ -+ -+ -+ -+ True -+ True -+ GTK_POLICY_ALWAYS -+ GTK_POLICY_ALWAYS -+ GTK_SHADOW_NONE -+ GTK_CORNER_TOP_LEFT -+ -+ -+ -+ True -+ True -+ True -+ False -+ False -+ True -+ False -+ False -+ False -+ -+ -+ -+ -+ 0 -+ True -+ True -+ -+ -+ -+ -+ False -+ True -+ -+ -+ -+ -+ -+ True -+ label40 -+ False -+ False -+ GTK_JUSTIFY_LEFT -+ False -+ False -+ 0.5 -+ 0.5 -+ 0 -+ 0 -+ PANGO_ELLIPSIZE_NONE -+ -1 -+ False -+ 0 -+ -+ -+ tab -+ -+ -+ -+ -+ -+ True -+ False -+ 0 -+ -+ -+ -+ True -+ GTK_ORIENTATION_HORIZONTAL -+ GTK_TOOLBAR_BOTH -+ False -+ True -+ -+ -+ -+ True -+ Add Network Port -+ gtk-add -+ True -+ True -+ False -+ -+ -+ -+ False -+ True -+ -+ -+ -+ -+ -+ True -+ Edit Network Port -+ gtk-properties -+ True -+ True -+ False -+ -+ -+ -+ False -+ True -+ -+ -+ -+ -+ -+ True -+ Delete Network Port -+ gtk-delete -+ True -+ True -+ False -+ -+ -+ -+ False -+ True -+ -+ -+ -+ -+ -+ True -+ True -+ True -+ False -+ -+ -+ -+ 32 -+ True -+ -+ -+ -+ -+ False -+ False -+ -+ -+ -+ -+ -+ True -+ True -+ True -+ False -+ -+ -+ -+ True -+ Group/ungroup network ports by SELinux type. -+ True -+ GTK_RELIEF_NORMAL -+ True -+ False -+ False -+ -+ -+ -+ -+ True -+ 0.5 -+ 0.5 -+ 0 -+ 0 -+ 0 -+ 0 -+ 0 -+ 0 -+ -+ -+ -+ True -+ False -+ 2 -+ -+ -+ -+ True -+ gtk-indent -+ 4 -+ 0.5 -+ 0.5 -+ 0 -+ 0 -+ -+ -+ 0 -+ False -+ False -+ -+ -+ -+ -+ -+ True -+ Group View -+ True -+ False -+ GTK_JUSTIFY_LEFT -+ False -+ False -+ 0.5 -+ 0.5 -+ 0 -+ 0 -+ PANGO_ELLIPSIZE_NONE -+ -1 -+ False -+ 0 -+ -+ -+ 0 -+ False -+ False -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ False -+ False -+ -+ -+ -+ -+ 0 -+ False -+ False -+ -+ -+ -+ -+ -+ True -+ True -+ GTK_POLICY_ALWAYS -+ GTK_POLICY_ALWAYS -+ GTK_SHADOW_NONE -+ GTK_CORNER_TOP_LEFT -+ -+ -+ -+ True -+ True -+ True -+ False -+ False -+ True -+ False -+ False -+ False -+ -+ -+ -+ -+ 0 -+ True -+ True -+ -+ -+ -+ -+ False -+ True -+ -+ -+ -+ -+ -+ True -+ label42 -+ False -+ False -+ GTK_JUSTIFY_LEFT -+ False -+ False -+ 0.5 -+ 0.5 -+ 0 -+ 0 -+ PANGO_ELLIPSIZE_NONE -+ -1 -+ False -+ 0 -+ -+ -+ tab -+ -+ -+ -+ -+ -+ True -+ False -+ 0 -+ -+ -+ -+ True -+ GTK_ORIENTATION_HORIZONTAL -+ GTK_TOOLBAR_BOTH -+ True -+ True -+ -+ -+ -+ True -+ Load policy module -+ gtk-add -+ True -+ True -+ False -+ -+ -+ -+ False -+ True -+ -+ -+ -+ -+ -+ True -+ Remove loadable policy module -+ gtk-remove -+ True -+ True -+ False -+ -+ -+ -+ False -+ True -+ -+ -+ -+ -+ -+ True -+ True -+ True -+ False -+ -+ -+ -+ 10 -+ True -+ -+ -+ -+ -+ False -+ False -+ -+ -+ -+ -+ -+ True -+ Enable additional audit rules, that are normally not reported in the log files. -+ Enable Audit -+ True -+ gtk-zoom-in -+ True -+ True -+ False -+ -+ -+ -+ False -+ True -+ -+ -+ -+ -+ -+ True -+ Disable additional audit rules, that are normally not reported in the log files. -+ Disable Audit -+ True -+ gtk-zoom-out -+ True -+ True -+ False -+ -+ -+ -+ False -+ True -+ -+ -+ -+ -+ 0 -+ False -+ False -+ -+ -+ -+ -+ -+ True -+ True -+ GTK_POLICY_ALWAYS -+ GTK_POLICY_ALWAYS -+ GTK_SHADOW_NONE -+ GTK_CORNER_TOP_LEFT -+ -+ -+ -+ True -+ True -+ True -+ False -+ False -+ True -+ False -+ False -+ False -+ -+ -+ -+ -+ 0 -+ True -+ True -+ -+ -+ -+ -+ False -+ True -+ -+ -+ -+ -+ -+ True -+ label44 -+ False -+ False -+ GTK_JUSTIFY_LEFT -+ False -+ False -+ 0.5 -+ 0.5 -+ 0 -+ 0 -+ PANGO_ELLIPSIZE_NONE -+ -1 -+ False -+ 0 -+ -+ -+ tab -+ -+ -+ -+ -+ True -+ True -+ -+ -+ -+ -+ -+ -+ 0 -+ True -+ True -+ -+ -+ -+ -+ -+ True -+ True -+ True -+ -+ -+ 0 -+ True -+ True -+ -+ -+ -+ -+ -diff --exclude-from=exclude --exclude=sepolgen-1.0.0 --exclude=po -N -u -r nsapolicycoreutils/gui/system-config-selinux.py policycoreutils-2.0.1/gui/system-config-selinux.py ---- nsapolicycoreutils/gui/system-config-selinux.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.1/gui/system-config-selinux.py 2007-02-15 15:01:06.000000000 -0500 -@@ -0,0 +1,156 @@ -+#!/usr/bin/python -+# -+# system-config-selinux.py - GUI for SELinux Config tool in system-config-selinux -+# -+# Dan Walsh -+# -+# Copyright 2006 Red Hat, Inc. -+# -+# This program is free software; you can redistribute it and/or modify -+# it under the terms of the GNU General Public License as published by -+# the Free Software Foundation; either version 2 of the License, or -+# (at your option) any later version. -+# -+# This program is distributed in the hope that it will be useful, -+# but WITHOUT ANY WARRANTY; without even the implied warranty of -+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+# GNU General Public License for more details. -+# -+# You should have received a copy of the GNU General Public License -+# along with this program; if not, write to the Free Software -+# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -+# -+import signal -+import string -+import gtk -+import gtk.glade -+import os -+import libxml2 -+import gobject -+import gnome -+import sys -+import statusPage -+import booleansPage -+import loginsPage -+import usersPage -+import portsPage -+import modulesPage -+import fcontextPage -+import translationsPage -+## -+## I18N -+## -+PROGNAME="system-config-selinux" -+ -+import gettext -+gettext.bindtextdomain(PROGNAME, "/usr/share/locale") -+gettext.textdomain(PROGNAME) -+try: -+ gettext.install(PROGNAME, localedir="/usr/share/locale", unicode=1) -+except IOError: -+ import __builtin__ -+ __builtin__.__dict__['_'] = unicode -+ -+gnome.program_init("SELinux Management Tool", "5") -+ -+version = "1.0" -+ -+sys.path.append('/usr/share/system-config-selinux') -+ -+ -+ -+## -+## Pull in the Glade file -+## -+if os.access("system-config-selinux.glade", os.F_OK): -+ xml = gtk.glade.XML ("system-config-selinux.glade", domain=PROGNAME) -+else: -+ xml = gtk.glade.XML ("/usr/share/system-config-selinux/system-config-selinux.glade", domain=PROGNAME) -+ -+class childWindow: -+ def __init__(self): -+ self.tabs=[] -+ self.xml = xml -+ xml.signal_connect("on_quit_activate", self.destroy) -+ xml.signal_connect("on_delete_clicked", self.delete) -+ xml.signal_connect("on_add_clicked", self.add) -+ xml.signal_connect("on_properties_clicked", self.properties) -+ self.add_page(statusPage.statusPage(xml)) -+ self.add_page(booleansPage.booleansPage(xml)) -+ self.add_page(fcontextPage.fcontextPage(xml)) -+ self.add_page(loginsPage.loginsPage(xml)) -+ self.add_page(usersPage.usersPage(xml)) -+ self.add_page(translationsPage.translationsPage(xml)) -+ self.add_page(portsPage.portsPage(xml)) -+ self.add_page(modulesPage.modulesPage(xml)) # modules -+ -+ xml.signal_connect("on_quit_activate", self.destroy) -+ xml.signal_connect("on_policy_activate", self.policy) -+ xml.signal_connect("on_logging_activate", self.logging) -+ xml.signal_connect("on_about_activate", self.on_about_activate) -+ -+ def add_page(self, page): -+ self.tabs.append(page) -+ -+ def policy(self, args): -+ os.spawnl(os.P_NOWAIT, "/usr/share/system-config-selinux/semanagegui.py") -+ def logging(self, args): -+ os.spawnl(os.P_NOWAIT, "/usr/bin/seaudit") -+ -+ def delete(self, args): -+ self.tabs[self.notebook.get_current_page()].deleteDialog() -+ -+ def add(self, args): -+ self.tabs[self.notebook.get_current_page()].addDialog() -+ -+ def properties(self, args): -+ self.tabs[self.notebook.get_current_page()].propertiesDialog() -+ -+ def on_about_activate(self, args): -+ dlg = xml.get_widget ("aboutWindow") -+ dlg.run () -+ dlg.hide () -+ -+ def destroy(self, args): -+ gtk.main_quit() -+ -+ def itemSelected(self, selection): -+ store, rows = selection.get_selected_rows() -+ if store != None and len(rows) > 0: -+ self.notebook.set_current_page(rows[0][0]) -+ else: -+ self.notebook.set_current_page(0) -+ -+ -+ def setupScreen(self): -+ # Bring in widgets from glade file. -+ self.mainWindow = self.xml.get_widget("mainWindow") -+ self.notebook = self.xml.get_widget("notebook") -+ self.view = self.xml.get_widget("selectView") -+ self.view.get_selection().connect("changed", self.itemSelected) -+ self.store = gtk.ListStore(gobject.TYPE_STRING) -+ self.view.set_model(self.store) -+ col = gtk.TreeViewColumn("", gtk.CellRendererText(), text = 0) -+ col.set_resizable(True) -+ self.view.append_column(col) -+ -+ for page in self.tabs: -+ iter = self.store.append() -+ self.store.set_value(iter, 0, page.get_description()) -+ self.view.get_selection().select_path ((0,)) -+ -+ def stand_alone(self): -+ desktopName = _("Configue SELinux") -+ -+ self.setupScreen() -+ -+ self.mainWindow.connect("destroy", self.destroy) -+ -+ self.mainWindow.show_all() -+ gtk.main() -+ -+if __name__ == "__main__": -+ signal.signal (signal.SIGINT, signal.SIG_DFL) -+ -+ app = childWindow() -+ app.stand_alone() -diff --exclude-from=exclude --exclude=sepolgen-1.0.0 --exclude=po -N -u -r nsapolicycoreutils/gui/translationsPage.py policycoreutils-2.0.1/gui/translationsPage.py ---- nsapolicycoreutils/gui/translationsPage.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.1/gui/translationsPage.py 2007-02-15 15:01:06.000000000 -0500 -@@ -0,0 +1,109 @@ -+## translationsPage.py - show selinux translations -+## Copyright (C) 2006 Red Hat, Inc. -+ -+## This program is free software; you can redistribute it and/or modify -+## it under the terms of the GNU General Public License as published by -+## the Free Software Foundation; either version 2 of the License, or -+## (at your option) any later version. -+ -+## This program is distributed in the hope that it will be useful, -+## but WITHOUT ANY WARRANTY; without even the implied warranty of -+## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+## GNU General Public License for more details. -+ -+## You should have received a copy of the GNU General Public License -+## along with this program; if not, write to the Free Software -+## Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -+ -+## Author: Dan Walsh -+import string -+import gtk -+import gtk.glade -+import os -+import libxml2 -+import gobject -+import sys -+import seobject -+from semanagePage import *; -+ -+## -+## I18N -+## -+PROGNAME="policycoreutils" -+import gettext -+gettext.bindtextdomain(PROGNAME, "/usr/share/locale") -+gettext.textdomain(PROGNAME) -+try: -+ gettext.install(PROGNAME, localedir="/usr/share/locale", unicode=1) -+except IOError: -+ import __builtin__ -+ __builtin__.__dict__['_'] = unicode -+ -+class translationsPage(semanagePage): -+ def __init__(self, xml): -+ self.firstTime = False -+ semanagePage.__init__(self, xml, "translations", _("Translation")) -+ self.store = gtk.ListStore(gobject.TYPE_STRING, gobject.TYPE_STRING) -+ self.view.set_model(self.store) -+ self.store.set_sort_column_id(0, gtk.SORT_ASCENDING) -+ col = gtk.TreeViewColumn(_("Sensitvity Level"), gtk.CellRendererText(), text = 0) -+ col.set_sort_column_id(0) -+ col.set_resizable(True) -+ self.view.append_column(col) -+ col = gtk.TreeViewColumn(_("Translation"), gtk.CellRendererText(), text = 1) -+ col.set_sort_column_id(1) -+ col.set_resizable(True) -+ self.view.append_column(col) -+ -+ self.load() -+ self.translationsLevelEntry = xml.get_widget("translationsLevelEntry") -+ self.translationsEntry = xml.get_widget("translationsEntry") -+ -+ def load(self): -+ self.translation = seobject.setransRecords() -+ dict = self.translation.get_all() -+ keys = dict.keys() -+ keys.sort() -+ self.store.clear() -+ for k in keys: -+ iter = self.store.append() -+ self.store.set_value(iter, 0, k) -+ self.store.set_value(iter, 1, dict[k]) -+ self.view.get_selection().select_path ((0,)) -+ -+ def dialogInit(self): -+ store, iter = self.view.get_selection().get_selected() -+ self.translationsLevelEntry.set_text(store.get_value(iter, 0)) -+ self.translationsLevelEntry.set_sensitive(False) -+ self.translationsEntry.set_text(store.get_value(iter, 1)) -+ -+ def dialogClear(self): -+ self.translationsLevelEntry.set_text("") -+ self.translationsLevelEntry.set_sensitive(True) -+ self.translationsEntry.set_text("") -+ -+ def delete(self): -+ store, iter = self.view.get_selection().get_selected() -+ try: -+ level = store.get_value(iter, 0) -+ self.translation.delete(level) -+ store.remove(iter) -+ self.view.get_selection().select_path ((0,)) -+ except ValueError, e: -+ self.error(e.args[0]) -+ -+ def add(self): -+ level = self.translationsLevelEntry.get_text().strip() -+ translation = self.translationsEntry.get_text().strip() -+ self.translation.add(level, translation) -+ iter = self.store.append() -+ self.store.set_value(iter, 0, level) -+ self.store.set_value(iter, 1, translation) -+ -+ def modify(self): -+ level = self.translationsLevelEntry.get_text().strip() -+ translation = self.translationsEntry.get_text().strip() -+ self.translation.modify(level, translation) -+ store, iter = self.view.get_selection().get_selected() -+ self.store.set_value(iter, 0, level) -+ self.store.set_value(iter, 1, translation) -diff --exclude-from=exclude --exclude=sepolgen-1.0.0 --exclude=po -N -u -r nsapolicycoreutils/gui/usersPage.py policycoreutils-2.0.1/gui/usersPage.py ---- nsapolicycoreutils/gui/usersPage.py 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.1/gui/usersPage.py 2007-02-15 15:01:06.000000000 -0500 -@@ -0,0 +1,155 @@ -+## usersPage.py - show selinux mappings -+## Copyright (C) 2006 Red Hat, Inc. -+ -+## This program is free software; you can redistribute it and/or modify -+## it under the terms of the GNU General Public License as published by -+## the Free Software Foundation; either version 2 of the License, or -+## (at your option) any later version. -+ -+## This program is distributed in the hope that it will be useful, -+## but WITHOUT ANY WARRANTY; without even the implied warranty of -+## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+## GNU General Public License for more details. -+ -+## You should have received a copy of the GNU General Public License -+## along with this program; if not, write to the Free Software -+## Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -+ -+## Author: Dan Walsh -+import string -+import gtk -+import gtk.glade -+import os -+import libxml2 -+import gobject -+import sys -+import seobject -+from semanagePage import *; -+ -+## -+## I18N -+## -+PROGNAME="policycoreutils" -+import gettext -+gettext.bindtextdomain(PROGNAME, "/usr/share/locale") -+gettext.textdomain(PROGNAME) -+try: -+ gettext.install(PROGNAME, localedir="/usr/share/locale", unicode=1) -+except IOError: -+ import __builtin__ -+ __builtin__.__dict__['_'] = unicode -+ -+class usersPage(semanagePage): -+ def __init__(self, xml): -+ semanagePage.__init__(self, xml, "users", "SELinux User") -+ self.store = gtk.ListStore(gobject.TYPE_STRING, gobject.TYPE_STRING, gobject.TYPE_STRING, gobject.TYPE_STRING, gobject.TYPE_STRING) -+ self.view.set_model(self.store) -+ self.store.set_sort_column_id(0, gtk.SORT_ASCENDING) -+ -+ col = gtk.TreeViewColumn(_("SELinux\nUser"), gtk.CellRendererText(), text = 0) -+ col.set_sort_column_id(0) -+ col.set_resizable(True) -+ self.view.append_column(col) -+ -+ col = gtk.TreeViewColumn(_("Labeling\nPrefix"), gtk.CellRendererText(), text = 1) -+ col.set_resizable(True) -+ self.view.append_column(col) -+ col = gtk.TreeViewColumn(_("MLS/\nMCS Level"), gtk.CellRendererText(), text = 2) -+ col.set_resizable(True) -+ self.view.append_column(col) -+ col = gtk.TreeViewColumn(_("MLS/\nMCS Range"), gtk.CellRendererText(), text = 3) -+ col.set_resizable(True) -+ self.view.append_column(col) -+ -+ col = gtk.TreeViewColumn(_("SELinux Roles"), gtk.CellRendererText(), text = 4) -+ col.set_resizable(True) -+ self.view.append_column(col) -+ -+ self.load() -+ self.selinuxUserEntry = xml.get_widget("selinuxUserEntry") -+ self.labelPrefixEntry = xml.get_widget("labelPrefixEntry") -+ self.mlsLevelEntry = xml.get_widget("mlsLevelEntry") -+ self.mlsRangeEntry = xml.get_widget("mlsRangeEntry") -+ self.selinuxRolesEntry = xml.get_widget("selinuxRolesEntry") -+ -+ def load(self): -+ self.user = seobject.seluserRecords() -+ dict = self.user.get_all() -+ keys = dict.keys() -+ keys.sort() -+ self.store.clear() -+ for k in keys: -+ iter = self.store.append() -+ self.store.set_value(iter, 0, k) -+ self.store.set_value(iter, 1, dict[k][0]) -+ self.store.set_value(iter, 2, seobject.translate(dict[k][1])) -+ self.store.set_value(iter, 3, seobject.translate(dict[k][2])) -+ self.store.set_value(iter, 4, dict[k][3]) -+ self.view.get_selection().select_path ((0,)) -+ -+ def delete(self): -+ if semanagePage.delete(self) == gtk.RESPONSE_NO: -+ return None -+ -+ def dialogInit(self): -+ store, iter = self.view.get_selection().get_selected() -+ self.selinuxUserEntry.set_text(store.get_value(iter, 0)) -+ self.selinuxUserEntry.set_sensitive(False) -+ self.labelPrefixEntry.set_text(store.get_value(iter, 1)) -+ self.mlsLevelEntry.set_text(store.get_value(iter, 2)) -+ self.mlsRangeEntry.set_text(store.get_value(iter, 3)) -+ self.selinuxRolesEntry.set_text(store.get_value(iter, 4)) -+ protocol=store.get_value(iter, 2) -+ -+ def dialogClear(self): -+ self.selinuxUserEntry.set_text("") -+ self.selinuxUserEntry.set_sensitive(True) -+ self.labelPrefixEntry.set_text("") -+ self.mlsLevelEntry.set_text("s0") -+ self.mlsRangeEntry.set_text("s0") -+ self.selinuxRolesEntry.set_text("") -+ -+ def add(self): -+ user = self.selinuxUserEntry.get_text() -+ prefix = self.labelPrefixEntry.get_text() -+ level = self.mlsLevelEntry.get_text() -+ range = self.mlsRangeEntry.get_text() -+ roles = self.selinuxRolesEntry.get_text() -+ -+ self.user.add(user, roles.split(), level, range, prefix) -+ iter = self.store.append() -+ self.store.set_value(iter, 0, user) -+ self.store.set_value(iter, 1, prefix) -+ self.store.set_value(iter, 2, level) -+ self.store.set_value(iter, 3, range) -+ self.store.set_value(iter, 4, roles) -+ -+ def modify(self): -+ user = self.selinuxUserEntry.get_text() -+ prefix = self.labelPrefixEntry.get_text() -+ level = self.mlsLevelEntry.get_text() -+ range = self.mlsRangeEntry.get_text() -+ roles = self.selinuxRolesEntry.get_text() -+ -+ self.user.modify(user, roles.split(), level, range, prefix) -+ store, iter = self.view.get_selection().get_selected() -+ iter = self.store.append() -+ self.store.set_value(iter, 0, user) -+ self.store.set_value(iter, 1, prefix) -+ self.store.set_value(iter, 2, level) -+ self.store.set_value(iter, 3, range) -+ self.store.set_value(iter, 4, roles) -+ -+ def delete(self): -+ store, iter = self.view.get_selection().get_selected() -+ try: -+ user=store.get_value(iter, 0) -+ if user == "root" or user == "user_u": -+ raise ValueError(_("SELinux user '%s' is required") % user) -+ -+ self.user.delete(user) -+ store.remove(iter) -+ self.view.get_selection().select_path ((0,)) -+ except ValueError, e: -+ self.error(e.args[0]) -+ -diff --exclude-from=exclude --exclude=sepolgen-1.0.0 --exclude=po -N -u -r nsapolicycoreutils/Makefile policycoreutils-2.0.1/Makefile +diff --exclude-from=exclude --exclude=sepolgen-1.0.0 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/Makefile policycoreutils-2.0.1/Makefile --- nsapolicycoreutils/Makefile 2006-11-16 17:15:00.000000000 -0500 -+++ policycoreutils-2.0.1/Makefile 2007-02-15 15:01:06.000000000 -0500 ++++ policycoreutils-2.0.1/Makefile 2007-02-15 15:16:09.000000000 -0500 @@ -1,4 +1,4 @@ -SUBDIRS=setfiles semanage load_policy newrole run_init restorecon restorecond secon audit2allow audit2why scripts sestatus semodule_package semodule semodule_link semodule_expand semodule_deps setsebool po +SUBDIRS=setfiles semanage load_policy newrole run_init restorecon restorecond secon audit2allow audit2why scripts sestatus semodule_package semodule semodule_link semodule_expand semodule_deps setsebool po gui all install relabel clean indent: @for subdir in $(SUBDIRS); do \ -diff --exclude-from=exclude --exclude=sepolgen-1.0.0 --exclude=po -N -u -r nsapolicycoreutils/newrole/newrole.c policycoreutils-2.0.1/newrole/newrole.c +diff --exclude-from=exclude --exclude=sepolgen-1.0.0 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/newrole/newrole.c policycoreutils-2.0.1/newrole/newrole.c --- nsapolicycoreutils/newrole/newrole.c 2007-01-24 10:03:59.000000000 -0500 -+++ policycoreutils-2.0.1/newrole/newrole.c 2007-02-15 15:01:06.000000000 -0500 ++++ policycoreutils-2.0.1/newrole/newrole.c 2007-02-15 15:16:09.000000000 -0500 @@ -640,7 +640,7 @@ } @@ -4879,9 +36,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.0 --exclude=po -N -u -r nsapo if (fd != 2) goto err_close_pam; -diff --exclude-from=exclude --exclude=sepolgen-1.0.0 --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.c policycoreutils-2.0.1/restorecond/restorecond.c +diff --exclude-from=exclude --exclude=sepolgen-1.0.0 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.c policycoreutils-2.0.1/restorecond/restorecond.c --- nsapolicycoreutils/restorecond/restorecond.c 2006-11-16 17:14:28.000000000 -0500 -+++ policycoreutils-2.0.1/restorecond/restorecond.c 2007-02-15 15:01:06.000000000 -0500 ++++ policycoreutils-2.0.1/restorecond/restorecond.c 2007-02-15 15:16:09.000000000 -0500 @@ -210,9 +210,10 @@ } @@ -4908,9 +65,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.0 --exclude=po -N -u -r nsapo } free(scontext); close(fd); -diff --exclude-from=exclude --exclude=sepolgen-1.0.0 --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.conf policycoreutils-2.0.1/restorecond/restorecond.conf +diff --exclude-from=exclude --exclude=sepolgen-1.0.0 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.conf policycoreutils-2.0.1/restorecond/restorecond.conf --- nsapolicycoreutils/restorecond/restorecond.conf 2006-11-20 12:19:55.000000000 -0500 -+++ policycoreutils-2.0.1/restorecond/restorecond.conf 2007-02-15 15:01:06.000000000 -0500 ++++ policycoreutils-2.0.1/restorecond/restorecond.conf 2007-02-15 15:16:09.000000000 -0500 @@ -1,7 +1,9 @@ /etc/resolv.conf +/etc/localtime @@ -4921,9 +78,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.0 --exclude=po -N -u -r nsapo /var/log/wtmp ~/public_html ~/.mozilla/plugins/libflashplayer.so -diff --exclude-from=exclude --exclude=sepolgen-1.0.0 --exclude=po -N -u -r nsapolicycoreutils/scripts/chcat policycoreutils-2.0.1/scripts/chcat +diff --exclude-from=exclude --exclude=sepolgen-1.0.0 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/chcat policycoreutils-2.0.1/scripts/chcat --- nsapolicycoreutils/scripts/chcat 2006-11-16 17:14:27.000000000 -0500 -+++ policycoreutils-2.0.1/scripts/chcat 2007-02-15 15:01:06.000000000 -0500 ++++ policycoreutils-2.0.1/scripts/chcat 2007-02-15 15:16:09.000000000 -0500 @@ -25,11 +25,22 @@ import commands, sys, os, pwd, string, getopt, selinux import seobject @@ -5025,9 +182,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.0 --exclude=po -N -u -r nsapo except ValueError, e: usage() -diff --exclude-from=exclude --exclude=sepolgen-1.0.0 --exclude=po -N -u -r nsapolicycoreutils/scripts/chcat.8 policycoreutils-2.0.1/scripts/chcat.8 +diff --exclude-from=exclude --exclude=sepolgen-1.0.0 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/chcat.8 policycoreutils-2.0.1/scripts/chcat.8 --- nsapolicycoreutils/scripts/chcat.8 2007-01-17 11:11:34.000000000 -0500 -+++ policycoreutils-2.0.1/scripts/chcat.8 2007-02-15 15:01:06.000000000 -0500 ++++ policycoreutils-2.0.1/scripts/chcat.8 2007-02-15 15:16:09.000000000 -0500 @@ -3,30 +3,31 @@ chcat \- change file SELinux security category .SH SYNOPSIS @@ -5069,9 +226,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.0 --exclude=po -N -u -r nsapo .PP .B Note: -diff --exclude-from=exclude --exclude=sepolgen-1.0.0 --exclude=po -N -u -r nsapolicycoreutils/scripts/fixfiles.8 policycoreutils-2.0.1/scripts/fixfiles.8 +diff --exclude-from=exclude --exclude=sepolgen-1.0.0 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/fixfiles.8 policycoreutils-2.0.1/scripts/fixfiles.8 --- nsapolicycoreutils/scripts/fixfiles.8 2007-01-17 11:11:34.000000000 -0500 -+++ policycoreutils-2.0.1/scripts/fixfiles.8 2007-02-15 15:01:06.000000000 -0500 ++++ policycoreutils-2.0.1/scripts/fixfiles.8 2007-02-15 15:16:09.000000000 -0500 @@ -54,7 +54,7 @@ change any incorrect file context labels. .TP @@ -5081,9 +238,18 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.0 --exclude=po -N -u -r nsapo .TP .B verify List out files with incorrect file context labels, but do not change them. -diff --exclude-from=exclude --exclude=sepolgen-1.0.0 --exclude=po -N -u -r nsapolicycoreutils/semanage/seobject.py policycoreutils-2.0.1/semanage/seobject.py ---- nsapolicycoreutils/semanage/seobject.py 2007-01-17 11:11:34.000000000 -0500 -+++ policycoreutils-2.0.1/semanage/seobject.py 2007-02-15 15:01:06.000000000 -0500 +diff --exclude-from=exclude --exclude=sepolgen-1.0.0 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/seobject.py policycoreutils-2.0.1/semanage/seobject.py +--- nsapolicycoreutils/semanage/seobject.py 2007-02-20 08:43:10.000000000 -0500 ++++ policycoreutils-2.0.1/semanage/seobject.py 2007-02-15 15:16:09.000000000 -0500 +@@ -139,7 +139,7 @@ + translations = fd.readlines() + fd.close() + except IOError, e: +- raise ValueError(_("Unable to open %s: translations not supported on non-MLS machines") % (self.filename) ) ++ raise ValueError(_("Unable to open %s: translations not supported on non-MLS machines") % (self.filename, e) ) + + self.ddict = {} + self.comments = [] @@ -209,7 +209,8 @@ os.write(fd, self.out()) os.close(fd) diff --git a/policycoreutils.spec b/policycoreutils.spec index 20df6c9..6052815 100644 --- a/policycoreutils.spec +++ b/policycoreutils.spec @@ -5,8 +5,8 @@ %define sepolgenver 1.0.0 Summary: SELinux policy core utilities. Name: policycoreutils -Version: 2.0.1 -Release: 2%{?dist} +Version: 2.0.2 +Release: 1%{?dist} License: GPL Group: System Environment/Base Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz @@ -18,12 +18,14 @@ Source5: system-config-selinux.console Patch: policycoreutils-rhat.patch Patch1: policycoreutils-po.patch Patch2: policycoreutils-sepolgen.patch +Patch3: policycoreutils-gui.patch BuildRequires: pam-devel libsepol-devel >= %{libsepolver} libsemanage-devel >= %{libsemanagever} libselinux-devel >= %{libselinuxver} libcap-devel audit-libs-devel gettext Requires: /bin/mount /bin/egrep /bin/awk /usr/bin/diff /bin/rpm Requires: libsepol >= %{libsepolver} libsemanage >= %{libsemanagever} libselinux-python coreutils audit-libs-python >= %{libauditver} Requires(post): /sbin/service /sbin/chkconfig BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) +Requires: %{name}-plugins %description Security-enhanced Linux is a feature of the Linux® kernel and a number @@ -47,6 +49,7 @@ context. %patch -p1 -b .rhat %patch1 -p1 -b .rhatpo %patch2 -p1 -b .sepolgen +%patch3 -p1 -b .gui %build make LSPP_PRIV=y LIBDIR="%{_libdir}" CFLAGS="%{optflags} -fPIE" LDFLAGS="-pie -Wl,-z,relro" all @@ -179,6 +182,11 @@ fi /usr/bin/sepolgen-ifgen > /dev/null %changelog +* Tue Feb 20 2007 Dan Walsh 2.0.2-1 +- Update to upstream + * Merged seobject exception handler fix from Caleb Case. + * Merged setfiles memory leak patch from Todd Miller. + * Thu Feb 15 2007 Dan Walsh 2.0.1-2 - Cleanup man pages syntax - Add sepolgen diff --git a/sources b/sources index f7f3b67..7d76ab6 100644 --- a/sources +++ b/sources @@ -1,2 +1,2 @@ -f642af08f24e04a93269cb295050ef59 policycoreutils-2.0.1.tgz 42087696c0b3926244ccfe637ee8c89b sepolgen-1.0.0.tgz +64bd1845e6457d0d238338a6a0292dfc policycoreutils-2.0.2.tgz