]> git.ipfire.org Git - people/amarx/ipfire-3.x.git/blame - policycoreutils/patches/policycoreutils-gui.patch
projects / people / amarx / ipfire-3.x.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
openssl: Update to 1.0.1b.
[people/amarx/ipfire-3.x.git] / policycoreutils / patches / policycoreutils-gui.patch
CommitLineData
db3649f6
SS		 1diff -up policycoreutils-2.1.8/gui/booleansPage.py.gui policycoreutils-2.1.8/gui/booleansPage.py
2--- policycoreutils-2.1.8/gui/booleansPage.py.gui 2011-11-07 15:12:01.891834224 -0500
3+++ policycoreutils-2.1.8/gui/booleansPage.py 2011-11-07 15:12:01.892834224 -0500
4@@ -0,0 +1,247 @@
5+#
6+# booleansPage.py - GUI for Booleans page in system-config-securitylevel
7+#
8+# Dan Walsh <dwalsh@redhat.com>
9+#
10+# Copyright 2006, 2007 Red Hat, Inc.
11+#
12+# This program is free software; you can redistribute it and/or modify
13+# it under the terms of the GNU General Public License as published by
14+# the Free Software Foundation; either version 2 of the License, or
15+# (at your option) any later version.
16+#
17+# This program is distributed in the hope that it will be useful,
18+# but WITHOUT ANY WARRANTY; without even the implied warranty of
19+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
20+# GNU General Public License for more details.
21+#
22+# You should have received a copy of the GNU General Public License
23+# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
24+#
25+import string
26+import gtk
27+import gtk.glade
28+import os
29+import gobject
30+import sys
31+import tempfile
32+import seobject
33+import semanagePage
34+
35+INSTALLPATH='/usr/share/system-config-selinux'
36+sys.path.append(INSTALLPATH)
37+
38+import commands
39+ENFORCING=0
40+PERMISSIVE=1
41+DISABLED=2
42+
43+##
44+## I18N
45+##
46+PROGNAME="policycoreutils"
47+
48+import gettext
49+gettext.bindtextdomain(PROGNAME, "/usr/share/locale")
50+gettext.textdomain(PROGNAME)
51+try:
52+ gettext.install(PROGNAME,
53+ localedir="/usr/share/locale",
54+ unicode=False,
55+ codeset = 'utf-8')
56+except IOError:
57+ import __builtin__
58+ __builtin__.__dict__['_'] = unicode
59+
60+from glob import fnmatch
61+
62+class Modifier:
63+ def __init__(self,name, on, save):
64+ self.on=on
65+ self.name=name
66+ self.save=save
67+
68+ def set(self,value):
69+ self.on=value
70+ self.save=True
71+
72+ def isOn(self):
73+ return self.on
74+
75+class Boolean(Modifier):
76+ def __init__(self,name, val, save=False):
77+ Modifier.__init__(self,name, val, save)
78+
79+ACTIVE = 0
80+MODULE = 1
81+DESC = 2
82+BOOLEAN = 3
83+
84+class booleansPage:
85+ def __init__(self, xml, doDebug=None):
86+ self.xml = xml
87+ xml.signal_connect("on_lockdown_clicked", self.on_lockdown_clicked)
88+ self.window = self.xml.get_widget("mainWindow").get_root_window()
89+ self.local = False
90+ self.types=[]
91+ self.selinuxsupport = True
92+ self.typechanged = False
93+ self.doDebug = doDebug
94+ self.busy_cursor = gtk.gdk.Cursor(gtk.gdk.WATCH)
95+ self.ready_cursor = gtk.gdk.Cursor(gtk.gdk.LEFT_PTR)
96+
97+ # Bring in widgets from glade file.
98+ self.typeHBox = xml.get_widget("typeHBox")
99+ self.booleanSW = xml.get_widget("booleanSW")
100+ self.booleansFilter = xml.get_widget("booleansFilter")
101+ self.booleansFilter.connect("focus_out_event", self.filter_changed)
102+ self.booleansFilter.connect("activate", self.filter_changed)
103+
104+ self.booleansView = xml.get_widget("booleansView")
105+ self.typeLabel = xml.get_widget("typeLabel")
106+ self.modifySeparator = xml.get_widget("modifySeparator")
107+
108+ self.revertButton = xml.get_widget("booleanRevertButton")
109+ self.revertButton.set_sensitive(self.local)
110+ self.revertButton.connect("clicked", self.on_revert_clicked)
111+ listStore = gtk.ListStore(gobject.TYPE_STRING)
112+ cell = gtk.CellRendererText()
113+
114+ self.store = gtk.ListStore(gobject.TYPE_BOOLEAN, gobject.TYPE_STRING, gobject.TYPE_STRING, gobject.TYPE_STRING)
115+ self.store.set_sort_column_id(1, gtk.SORT_ASCENDING)
116+ self.booleansView.set_model(self.store)
117+
118+ checkbox = gtk.CellRendererToggle()
119+ checkbox.connect("toggled", self.boolean_toggled)
120+ col = gtk.TreeViewColumn('Active', checkbox, active = ACTIVE)
121+ col.set_clickable(True)
122+ col.set_sort_column_id(ACTIVE)
123+ self.booleansView.append_column(col)
124+
125+ col = gtk.TreeViewColumn("Module", gtk.CellRendererText(), text=MODULE)
126+ col.set_sort_column_id(MODULE)
127+ col.set_resizable(True)
128+ self.booleansView.append_column(col)
129+
130+ col = gtk.TreeViewColumn("Description", gtk.CellRendererText(), text=DESC)
131+ col.set_sizing(gtk.TREE_VIEW_COLUMN_FIXED)
132+ col.set_fixed_width(400)
133+ col.set_sort_column_id(DESC)
134+ col.set_resizable(True)
135+ self.booleansView.append_column(col)
136+
137+ col = gtk.TreeViewColumn("Name", gtk.CellRendererText(), text=BOOLEAN)
138+ col.set_sort_column_id(BOOLEAN)
139+ col.set_resizable(True)
140+ self.booleansView.set_search_equal_func(self.__search)
141+ self.booleansView.append_column(col)
142+ self.filter=""
143+ self.load(self.filter)
144+
145+ def __search(self, model, col, key, i):
146+ sort_col = self.store.get_sort_column_id()[0]
147+ if sort_col > 0:
148+ val = model.get_value(i, sort_col)
149+ if val.lower().startswith(key.lower()):
150+ return False
151+ return True
152+
153+ def wait(self):
154+ self.window.set_cursor(self.busy_cursor)
155+ semanagePage.idle_func()
156+
157+ def ready(self):
158+ self.window.set_cursor(self.ready_cursor)
159+ semanagePage.idle_func()
160+
161+ def deleteDialog(self):
162+ store, iter = self.booleansView.get_selection().get_selected()
163+ if iter == None:
164+ return
165+ boolean = store.get_value(iter, BOOLEAN)
166+ # change cursor
167+ if boolean == None:
168+ return
169+ try:
170+ self.wait()
171+ (rc, out) = commands.getstatusoutput("semanage boolean -d %s" % boolean)
172+
173+ self.ready()
174+ if rc != 0:
175+ return self.error(out)
176+ self.load(self.filter)
177+ except ValueError, e:
178+ self.error(e.args[0])
179+
180+ def filter_changed(self, *arg):
181+ filter = arg[0].get_text()
182+ if filter != self.filter:
183+ self.load(filter)
184+ self.filter=filter
185+
186+ def use_menus(self):
187+ return False
188+
189+ def get_description(self):
190+ return _("Boolean")
191+
192+ def match(self,key, filter=""):
193+ try:
194+ f=filter.lower()
195+ cat=self.booleans.get_category(key).lower()
196+ val=self.booleans.get_desc(key).lower()
197+ k=key.lower()
198+ return val.find(f) >= 0 or k.find(f) >= 0 or cat.find(f) >= 0
199+ except:
200+ return False
201+
202+
203+ def load(self, filter=None):
204+ self.store.clear()
205+ self.booleans = seobject.booleanRecords()
206+ booleansList = self.booleans.get_all(self.local)
207+ for name in booleansList:
208+ rec = booleansList[name]
209+ if self.match(name, filter):
210+ iter=self.store.append()
211+ self.store.set_value(iter, ACTIVE, rec[2] == 1)
212+ self.store.set_value(iter, MODULE, self.booleans.get_category(name))
213+ self.store.set_value(iter, DESC, self.booleans.get_desc(name))
214+ self.store.set_value(iter, BOOLEAN, name)
215+
216+ def boolean_toggled(self, widget, row):
217+ iter = self.store.get_iter(row)
218+ val = self.store.get_value(iter, ACTIVE)
219+ key = self.store.get_value(iter, BOOLEAN)
220+ self.store.set_value(iter, ACTIVE , not val)
221+ self.wait()
222+ setsebool="/usr/sbin/setsebool -P %s=%d" % (key, not val)
223+ commands.getstatusoutput(setsebool)
224+ self.load(self.filter)
225+ self.ready()
226+
227+ def on_revert_clicked(self, button):
228+ self.wait()
229+ setsebool="semanage boolean --deleteall"
230+ commands.getstatusoutput(setsebool)
231+ self.load(self.filter)
232+ self.ready()
233+
234+ def on_lockdown_clicked(self, button):
235+ try:
236+ os.spawnl(os.P_NOWAIT, "/usr/share/system-config-selinux/lockdown.py")
237+ except ValueError, e:
238+ self.error(e.args[0])
239+
240+ def on_local_clicked(self, button):
241+ self.local = not self.local
242+ self.revertButton.set_sensitive(self.local)
243+
244+ if self.local:
245+ button.set_label(_("all"))
246+ else:
247+ button.set_label(_("Customized"))
248+
249+ self.load(self.filter)
250+ return True
251+
252diff -up policycoreutils-2.1.8/gui/domainsPage.py.gui policycoreutils-2.1.8/gui/domainsPage.py
253--- policycoreutils-2.1.8/gui/domainsPage.py.gui 2011-11-07 15:12:01.892834224 -0500
254+++ policycoreutils-2.1.8/gui/domainsPage.py 2011-11-07 15:12:01.892834224 -0500
255@@ -0,0 +1,154 @@
256+## domainsPage.py - show selinux domains
257+## Copyright (C) 2009 Red Hat, Inc.
258+
259+## This program is free software; you can redistribute it and/or modify
260+## it under the terms of the GNU General Public License as published by
261+## the Free Software Foundation; either version 2 of the License, or
262+## (at your option) any later version.
263+
264+## This program is distributed in the hope that it will be useful,
265+## but WITHOUT ANY WARRANTY; without even the implied warranty of
266+## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
267+## GNU General Public License for more details.
268+
269+## You should have received a copy of the GNU General Public License
270+## along with this program; if not, write to the Free Software
271+## Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
272+
273+## Author: Dan Walsh
274+import string
275+import gtk
276+import gtk.glade
277+import os
278+import commands
279+import gobject
280+import sys
281+import seobject
282+import selinux
283+from semanagePage import *;
284+import polgen
285+
286+##
287+## I18N
288+##
289+PROGNAME="policycoreutils"
290+import gettext
291+gettext.bindtextdomain(PROGNAME, "/usr/share/locale")
292+gettext.textdomain(PROGNAME)
293+try:
294+ gettext.install(PROGNAME,
295+ localedir="/usr/share/locale",
296+ unicode=False,
297+ codeset = 'utf-8')
298+except IOError:
299+ import __builtin__
300+ __builtin__.__dict__['_'] = unicode
301+
302+class domainsPage(semanagePage):
303+ def __init__(self, xml):
304+ semanagePage.__init__(self, xml, "domains", _("Process Domain"))
305+ self.domain_filter = xml.get_widget("domainsFilterEntry")
306+ self.domain_filter.connect("focus_out_event", self.filter_changed)
307+ self.domain_filter.connect("activate", self.filter_changed)
308+
309+ self.store = gtk.ListStore(gobject.TYPE_STRING, gobject.TYPE_STRING)
310+ self.view.set_model(self.store)
311+ self.store.set_sort_column_id(0, gtk.SORT_ASCENDING)
312+ col = gtk.TreeViewColumn(_("Domain Name"), gtk.CellRendererText(), text = 0)
313+ col.set_sort_column_id(0)
314+ col.set_resizable(True)
315+ self.view.append_column(col)
316+ self.store.set_sort_column_id(0, gtk.SORT_ASCENDING)
317+ col = gtk.TreeViewColumn(_("Mode"), gtk.CellRendererText(), text = 1)
318+ col.set_sort_column_id(1)
319+ col.set_resizable(True)
320+ self.view.append_column(col)
321+ self.view.get_selection().connect("changed", self.itemSelected)
322+
323+ self.permissive_button = xml.get_widget("permissiveButton")
324+ self.enforcing_button = xml.get_widget("enforcingButton")
325+
326+ self.domains=polgen.get_all_domains()
327+ self.load()
328+
329+ def get_modules(self):
330+ modules=[]
331+ fd=os.popen("semodule -l")
332+ mods = fd.readlines()
333+ fd.close()
334+ for l in mods:
335+ modules.append(l.split()[0])
336+ return modules
337+
338+ def load(self, filter=""):
339+ self.filter=filter
340+ self.store.clear()
341+ try:
342+ modules=self.get_modules()
343+ for domain in self.domains:
344+ if not self.match(domain, filter):
345+ continue
346+ iter = self.store.append()
347+ self.store.set_value(iter, 0, domain)
348+ t = "permissive_%s_t" % domain
349+ if t in modules:
350+ self.store.set_value(iter, 1, _("Permissive"))
351+ else:
352+ self.store.set_value(iter, 1, "")
353+ except:
354+ pass
355+ self.view.get_selection().select_path ((0,))
356+
357+ def itemSelected(self, selection):
358+ store, iter = selection.get_selected()
359+ if iter == None:
360+ return
361+ p = store.get_value(iter, 1) == _("Permissive")
362+ self.permissive_button.set_sensitive(not p)
363+ self.enforcing_button.set_sensitive(p)
364+
365+ def deleteDialog(self):
366+ # Do nothing
367+ return self.delete()
368+
369+ def delete(self):
370+ selection = self.view.get_selection()
371+ store, iter = selection.get_selected()
372+ domain = store.get_value(iter, 0)
373+ try:
374+ self.wait()
375+ status, output = commands.getstatusoutput("semanage permissive -d %s_t" % domain)
376+ self.ready()
377+ if status != 0:
378+ self.error(output)
379+ else:
380+ domain = store.set_value(iter, 1, "")
381+ self.itemSelected(selection)
382+
383+ except ValueError, e:
384+ self.error(e.args[0])
385+
386+ def propertiesDialog(self):
387+ # Do nothing
388+ return
389+
390+ def addDialog(self):
391+ # Do nothing
392+ return self.add()
393+
394+ def add(self):
395+ selection = self.view.get_selection()
396+ store, iter = selection.get_selected()
397+ domain = store.get_value(iter, 0)
398+ try:
399+ self.wait()
400+ status, output = commands.getstatusoutput("semanage permissive -a %s_t" % domain)
401+ self.ready()
402+ if status != 0:
403+ self.error(output)
404+ else:
405+ domain = store.set_value(iter, 1, _("Permissive"))
406+ self.itemSelected(selection)
407+
408+ except ValueError, e:
409+ self.error(e.args[0])
410diff -up policycoreutils-2.1.8/gui/fcontextPage.py.gui policycoreutils-2.1.8/gui/fcontextPage.py
411--- policycoreutils-2.1.8/gui/fcontextPage.py.gui 2011-11-07 15:12:01.893834225 -0500
412+++ policycoreutils-2.1.8/gui/fcontextPage.py 2011-11-07 15:12:01.893834225 -0500
413@@ -0,0 +1,223 @@
414+## fcontextPage.py - show selinux mappings
415+## Copyright (C) 2006 Red Hat, Inc.
416+
417+## This program is free software; you can redistribute it and/or modify
418+## it under the terms of the GNU General Public License as published by
419+## the Free Software Foundation; either version 2 of the License, or
420+## (at your option) any later version.
421+
422+## This program is distributed in the hope that it will be useful,
423+## but WITHOUT ANY WARRANTY; without even the implied warranty of
424+## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
425+## GNU General Public License for more details.
426+
427+## You should have received a copy of the GNU General Public License
428+## along with this program; if not, write to the Free Software
429+## Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
430+
431+## Author: Dan Walsh
432+import gtk
433+import gtk.glade
434+import os
435+import gobject
436+import seobject
437+import commands
438+from semanagePage import *;
439+
440+SPEC_COL = 0
441+TYPE_COL = 1
442+FTYPE_COL = 2
443+
444+class context:
445+ def __init__(self, scontext):
446+ self.scontext = scontext
447+ con=scontext.split(":")
448+ self.type = con[0]
449+ if len(con) > 1:
450+ self.mls = con[1]
451+ else:
452+ self.mls = "s0"
453+
454+ def __str__(self):
455+ return self.scontext
456+
457+##
458+## I18N
459+##
460+PROGNAME="policycoreutils"
461+
462+import gettext
463+gettext.bindtextdomain(PROGNAME, "/usr/share/locale")
464+gettext.textdomain(PROGNAME)
465+try:
466+ gettext.install(PROGNAME,
467+ localedir="/usr/share/locale",
468+ unicode=False,
469+ codeset = 'utf-8')
470+except IOError:
471+ import __builtin__
472+ __builtin__.__dict__['_'] = unicode
473+
474+
475+class fcontextPage(semanagePage):
476+ def __init__(self, xml):
477+ semanagePage.__init__(self, xml, "fcontext", _("File Labeling"))
478+ self.fcontextFilter = xml.get_widget("fcontextFilterEntry")
479+ self.fcontextFilter.connect("focus_out_event", self.filter_changed)
480+ self.fcontextFilter.connect("activate", self.filter_changed)
481+
482+ self.store = gtk.ListStore(gobject.TYPE_STRING, gobject.TYPE_STRING, gobject.TYPE_STRING)
483+ self.view = xml.get_widget("fcontextView")
484+ self.view.set_model(self.store)
485+ self.view.set_search_equal_func(self.search)
486+
487+ col = gtk.TreeViewColumn(_("File\nSpecification"), gtk.CellRendererText(), text=SPEC_COL)
488+ col.set_sizing(gtk.TREE_VIEW_COLUMN_FIXED)
489+ col.set_fixed_width(250)
490+
491+ col.set_sort_column_id(SPEC_COL)
492+ col.set_resizable(True)
493+ self.view.append_column(col)
494+ col = gtk.TreeViewColumn(_("Selinux\nFile Type"), gtk.CellRendererText(), text=TYPE_COL)
495+
496+ col.set_sizing(gtk.TREE_VIEW_COLUMN_FIXED)
497+ col.set_fixed_width(250)
498+ col.set_sort_column_id(TYPE_COL)
499+ col.set_resizable(True)
500+ self.view.append_column(col)
501+ col = gtk.TreeViewColumn(_("File\nType"), gtk.CellRendererText(), text=2)
502+ col.set_sort_column_id(FTYPE_COL)
503+ col.set_resizable(True)
504+ self.view.append_column(col)
505+
506+ self.store.set_sort_column_id(SPEC_COL, gtk.SORT_ASCENDING)
507+ self.load()
508+ self.fcontextEntry = xml.get_widget("fcontextEntry")
509+ self.fcontextFileTypeCombo = xml.get_widget("fcontextFileTypeCombo")
510+ liststore=self.fcontextFileTypeCombo.get_model()
511+ for k in seobject.file_types:
512+ if len(k) > 0 and k[0] != '-':
513+ iter=liststore.append()
514+ liststore.set_value(iter, 0, k)
515+ iter = liststore.get_iter_first()
516+ self.fcontextFileTypeCombo.set_active_iter(iter)
517+ self.fcontextTypeEntry = xml.get_widget("fcontextTypeEntry")
518+ self.fcontextMLSEntry = xml.get_widget("fcontextMLSEntry")
519+
520+ def match(self, fcon_dict, k, filter):
521+ try:
522+ f=filter.lower()
523+ for con in k:
524+ k=con.lower()
525+ if k.find(f) >= 0:
526+ return True
527+ for con in fcon_dict[k]:
528+ k=con.lower()
529+ if k.find(f) >= 0:
530+ return True
531+ except:
532+ pass
533+ return False
534+
535+ def load(self, filter=""):
536+ self.filter=filter
537+ self.fcontext=seobject.fcontextRecords()
538+ self.store.clear()
539+ fcon_dict=self.fcontext.get_all(self.local)
540+ keys = fcon_dict.keys()
541+ keys.sort()
542+ for k in keys:
543+ if not self.match(fcon_dict, k, filter):
544+ continue
545+ iter=self.store.append()
546+ self.store.set_value(iter, SPEC_COL, k[0])
547+ self.store.set_value(iter, FTYPE_COL, k[1])
548+ if fcon_dict[k]:
549+ rec="%s:%s" % (fcon_dict[k][2], seobject.translate(fcon_dict[k][3],False))
550+ else:
551+ rec="<<None>>"
552+ self.store.set_value(iter, TYPE_COL, rec)
553+ self.view.get_selection().select_path ((0,))
554+
555+ def filter_changed(self, *arg):
556+ filter = arg[0].get_text()
557+ if filter != self.filter:
558+ self.load(filter)
559+
560+ def dialogInit(self):
561+ store, iter = self.view.get_selection().get_selected()
562+ self.fcontextEntry.set_text(store.get_value(iter, SPEC_COL))
563+ self.fcontextEntry.set_sensitive(False)
564+ scontext = store.get_value(iter, TYPE_COL)
565+ scon=context(scontext)
566+ self.fcontextTypeEntry.set_text(scon.type)
567+ self.fcontextMLSEntry.set_text(scon.mls)
568+ type=store.get_value(iter, FTYPE_COL)
569+ liststore=self.fcontextFileTypeCombo.get_model()
570+ iter = liststore.get_iter_first()
571+ while iter != None and liststore.get_value(iter,0) != type:
572+ iter = liststore.iter_next(iter)
573+ if iter != None:
574+ self.fcontextFileTypeCombo.set_active_iter(iter)
575+ self.fcontextFileTypeCombo.set_sensitive(False)
576+
577+ def dialogClear(self):
578+ self.fcontextEntry.set_text("")
579+ self.fcontextEntry.set_sensitive(True)
580+ self.fcontextFileTypeCombo.set_sensitive(True)
581+ self.fcontextTypeEntry.set_text("")
582+ self.fcontextMLSEntry.set_text("s0")
583+
584+ def delete(self):
585+ store, iter = self.view.get_selection().get_selected()
586+ try:
587+ fspec=store.get_value(iter, SPEC_COL)
588+ ftype=store.get_value(iter, FTYPE_COL)
589+ self.wait()
590+ (rc, out) = commands.getstatusoutput("semanage fcontext -d -f '%s' '%s'" % (ftype, fspec))
591+ self.ready()
592+
593+ if rc != 0:
594+ return self.error(out)
595+ store.remove(iter)
596+ self.view.get_selection().select_path ((0,))
597+ except ValueError, e:
598+ self.error(e.args[0])
599+
600+ def add(self):
601+ ftype=["", "--", "-d", "-c", "-b", "-s", "-l", "-p" ]
602+ fspec=self.fcontextEntry.get_text().strip()
603+ type=self.fcontextTypeEntry.get_text().strip()
604+ mls=self.fcontextMLSEntry.get_text().strip()
605+ list_model=self.fcontextFileTypeCombo.get_model()
606+ active = self.fcontextFileTypeCombo.get_active()
607+ self.wait()
608+ (rc, out) = commands.getstatusoutput("semanage fcontext -a -t %s -r %s -f '%s' '%s'" % (type, mls, ftype[active], fspec))
609+ self.ready()
610+ if rc != 0:
611+ self.error(out)
612+ return False
613+
614+ iter=self.store.append()
615+ self.store.set_value(iter, SPEC_COL, fspec)
616+ self.store.set_value(iter, FTYPE_COL, ftype)
617+ self.store.set_value(iter, TYPE_COL, "%s:%s" % (type, mls))
618+
619+ def modify(self):
620+ fspec=self.fcontextEntry.get_text().strip()
621+ type=self.fcontextTypeEntry.get_text().strip()
622+ mls=self.fcontextMLSEntry.get_text().strip()
623+ list_model=self.fcontextFileTypeCombo.get_model()
624+ iter = self.fcontextFileTypeCombo.get_active_iter()
625+ ftype=list_model.get_value(iter,0)
626+ self.wait()
627+ (rc, out) = commands.getstatusoutput("semanage fcontext -m -t %s -r %s -f '%s' '%s'" % (type, mls, ftype, fspec))
628+ self.ready()
629+ if rc != 0:
630+ self.error(out)
631+ return False
632+
633+ store, iter = self.view.get_selection().get_selected()
634+ self.store.set_value(iter, SPEC_COL, fspec)
635+ self.store.set_value(iter, FTYPE_COL, ftype)
636+ self.store.set_value(iter, TYPE_COL, "%s:%s" % (type, mls))
637diff -up policycoreutils-2.1.8/gui/html_util.py.gui policycoreutils-2.1.8/gui/html_util.py
638--- policycoreutils-2.1.8/gui/html_util.py.gui 2011-11-07 15:12:01.894834226 -0500
639+++ policycoreutils-2.1.8/gui/html_util.py 2011-11-07 15:12:01.894834226 -0500
640@@ -0,0 +1,164 @@
641+# Authors: John Dennis <jdennis@redhat.com>
642+#
643+# Copyright (C) 2007 Red Hat, Inc.
644+#
645+# This program is free software; you can redistribute it and/or modify
646+# it under the terms of the GNU General Public License as published by
647+# the Free Software Foundation; either version 2 of the License, or
648+# (at your option) any later version.
649+#
650+# This program is distributed in the hope that it will be useful,
651+# but WITHOUT ANY WARRANTY; without even the implied warranty of
652+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
653+# GNU General Public License for more details.
654+#
655+# You should have received a copy of the GNU General Public License
656+# along with this program; if not, write to the Free Software
657+# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
658+#
659+
660+
661+__all__ = [
662+ 'escape_html',
663+ 'unescape_html',
664+ 'html_to_text',
665+
666+ 'html_document',
667+]
668+
669+import htmllib
670+import formatter as Formatter
671+import string
672+from types import *
673+import StringIO
674+
675+#------------------------------------------------------------------------------
676+
677+class TextWriter(Formatter.DumbWriter):
678+ def __init__(self, file=None, maxcol=80, indent_width=4):
679+ Formatter.DumbWriter.__init__(self, file, maxcol)
680+ self.indent_level = 0
681+ self.indent_width = indent_width
682+ self._set_indent()
683+
684+ def _set_indent(self):
685+ self.indent_col = self.indent_level * self.indent_width
686+ self.indent = ' ' * self.indent_col
687+
688+ def new_margin(self, margin, level):
689+ self.indent_level = level
690+ self._set_indent()
691+
692+ def send_label_data(self, data):
693+ data = data + ' '
694+ if len(data) > self.indent_col:
695+ self.send_literal_data(data)
696+ else:
697+ offset = self.indent_col - len(data)
698+ self.send_literal_data(' ' * offset + data)
699+
700+ def send_flowing_data(self, data):
701+ if not data: return
702+ atbreak = self.atbreak or data[0] in string.whitespace
703+ col = self.col
704+ maxcol = self.maxcol
705+ write = self.file.write
706+ col = self.col
707+ if col == 0:
708+ write(self.indent)
709+ col = self.indent_col
710+ for word in data.split():
711+ if atbreak:
712+ if col + len(word) >= maxcol:
713+ write('\n' + self.indent)
714+ col = self.indent_col
715+ else:
716+ write(' ')
717+ col = col + 1
718+ write(word)
719+ col = col + len(word)
720+ atbreak = 1
721+ self.col = col
722+ self.atbreak = data[-1] in string.whitespace
723+
724+class HTMLParserAnchor(htmllib.HTMLParser):
725+
726+ def __init__(self, formatter, verbose=0):
727+ htmllib.HTMLParser.__init__(self, formatter, verbose)
728+
729+ def anchor_bgn(self, href, name, type):
730+ self.anchor = href
731+
732+ def anchor_end(self):
733+ if self.anchor:
734+ self.handle_data(' (%s) ' % self.anchor)
735+ self.anchor = None
736+
737+#------------------------------------------------------------------------------
738+
739+def escape_html(s):
740+ if s is None: return None
741+ s = s.replace("&", "&amp;") # Must be done first!
742+ s = s.replace("<", "&lt;")
743+ s = s.replace(">", "&gt;")
744+ s = s.replace("'", "&apos;")
745+ s = s.replace('"', "&quot;")
746+ return s
747+
748+
749+def unescape_html(s):
750+ if s is None: return None
751+ if '&' not in s:
752+ return s
753+ s = s.replace("&lt;", "<")
754+ s = s.replace("&gt;", ">")
755+ s = s.replace("&apos;", "'")
756+ s = s.replace("&quot;", '"')
757+ s = s.replace("&amp;", "&") # Must be last
758+ return s
759+
760+def html_to_text(html, maxcol=80):
761+ try:
762+ buffer = StringIO.StringIO()
763+ formatter = Formatter.AbstractFormatter(TextWriter(buffer, maxcol))
764+ parser = HTMLParserAnchor(formatter)
765+ parser.feed(html)
766+ parser.close()
767+ text = buffer.getvalue()
768+ buffer.close()
769+ return text
770+ except Exception, e:
771+ log_program.error('cannot convert html to text: %s' % e)
772+ return None
773+
774+def html_document(*body_components):
775+ '''Wrap the body components in a HTML document structure with a valid header.
776+ Accepts a variable number of arguments of of which canb be:
777+ * string
778+ * a sequences of strings (tuple or list).
779+ * a callable object taking no parameters and returning a string or sequence of strings.
780+ '''
781+ head = '<html>\n <head>\n <meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>\n </head>\n <body>\n'
782+ tail = '\n </body>\n</html>'
783+
784+ doc = head
785+
786+ for body_component in body_components:
787+ if type(body_component) is StringTypes:
788+ doc += body_component
789+ elif type(body_component) in [TupleType, ListType]:
790+ for item in body_component:
791+ doc += item
792+ elif callable(body_component):
793+ result = body_component()
794+ if type(result) in [TupleType, ListType]:
795+ for item in result:
796+ doc += item
797+ else:
798+ doc += result
799+ else:
800+ doc += body_component
801+
802+ doc += tail
803+ return doc
804+
805diff -up policycoreutils-2.1.8/gui/lockdown.glade.gui policycoreutils-2.1.8/gui/lockdown.glade
806--- policycoreutils-2.1.8/gui/lockdown.glade.gui 2011-11-07 15:12:01.895834226 -0500
807+++ policycoreutils-2.1.8/gui/lockdown.glade 2011-11-07 15:12:01.895834226 -0500
808@@ -0,0 +1,771 @@
809+<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*-->
810+<!DOCTYPE glade-interface SYSTEM "http://glade.gnome.org/glade-2.0.dtd">
811+
812+<glade-interface>
813+<requires lib="gnome"/>
814+<requires lib="bonobo"/>
815+
816+<widget class="GtkAboutDialog" id="aboutWindow">
817+ <property name="border_width">5</property>
818+ <property name="destroy_with_parent">False</property>
819+ <property name="name" translatable="yes">system-config-selinux</property>
820+ <property name="copyright" translatable="yes">Copyright (c)2006 Red Hat, Inc.
821+Copyright (c) 2006 Dan Walsh &lt;dwalsh@redhat.com&gt;</property>
822+ <property name="wrap_license">False</property>
823+ <property name="authors">Daniel Walsh &lt;dwalsh@redhat.com&gt;
824+</property>
825+ <property name="translator_credits" translatable="yes" comments="TRANSLATORS: Replace this string with your names, one name per line.">translator-credits</property>
826+ <property name="logo">system-config-selinux.png</property>
827+</widget>
828+
829+<widget class="GnomeApp" id="mainWindow">
830+ <property name="width_request">800</property>
831+ <property name="height_request">400</property>
832+ <property name="title" translatable="yes">SELinux Boolean Lockdown</property>
833+ <property name="type">GTK_WINDOW_TOPLEVEL</property>
834+ <property name="window_position">GTK_WIN_POS_NONE</property>
835+ <property name="modal">False</property>
836+ <property name="resizable">True</property>
837+ <property name="destroy_with_parent">False</property>
838+ <property name="icon">system-config-selinux.png</property>
839+ <property name="decorated">True</property>
840+ <property name="skip_taskbar_hint">False</property>
841+ <property name="skip_pager_hint">False</property>
842+ <property name="type_hint">GDK_WINDOW_TYPE_HINT_NORMAL</property>
843+ <property name="gravity">GDK_GRAVITY_NORTH_WEST</property>
844+ <property name="focus_on_map">True</property>
845+ <property name="urgency_hint">False</property>
846+ <property name="enable_layout_config">True</property>
847+
848+ <child internal-child="dock">
849+ <widget class="BonoboDock" id="bonobodock2">
850+ <property name="visible">True</property>
851+ <property name="allow_floating">True</property>
852+
853+ <child>
854+ <widget class="BonoboDockItem" id="bonobodockitem3">
855+ <property name="visible">True</property>
856+ <property name="shadow_type">GTK_SHADOW_NONE</property>
857+
858+ <child>
859+ <widget class="GtkMenuBar" id="menubar1">
860+ <property name="visible">True</property>
861+ <property name="pack_direction">GTK_PACK_DIRECTION_LTR</property>
862+ <property name="child_pack_direction">GTK_PACK_DIRECTION_LTR</property>
863+
864+ <child>
865+ <widget class="GtkMenuItem" id="file1">
866+ <property name="visible">True</property>
867+ <property name="stock_item">GNOMEUIINFO_MENU_FILE_TREE</property>
868+
869+ <child>
870+ <widget class="GtkMenu" id="file1_menu">
871+
872+ <child>
873+ <widget class="GtkImageMenuItem" id="forward_menu_item">
874+ <property name="visible">True</property>
875+ <property name="label" translatable="yes">_Forward</property>
876+ <property name="use_underline">True</property>
877+ <signal name="activate" handler="on_forward_clicked" last_modification_time="Thu, 24 Apr 2008 10:18:41 GMT"/>
878+ <accelerator key="f" modifiers="GDK_CONTROL_MASK" signal="activate"/>
879+
880+ <child internal-child="image">
881+ <widget class="GtkImage" id="image46">
882+ <property name="visible">True</property>
883+ <property name="stock">gtk-media-next</property>
884+ <property name="icon_size">1</property>
885+ <property name="xalign">0.5</property>
886+ <property name="yalign">0.5</property>
887+ <property name="xpad">0</property>
888+ <property name="ypad">0</property>
889+ </widget>
890+ </child>
891+ </widget>
892+ </child>
893+
894+ <child>
895+ <widget class="GtkImageMenuItem" id="previous_menu_item">
896+ <property name="visible">True</property>
897+ <property name="label" translatable="yes">_Previous</property>
898+ <property name="use_underline">True</property>
899+ <signal name="activate" handler="on_previous_clicked" last_modification_time="Thu, 24 Apr 2008 10:18:41 GMT"/>
900+ <accelerator key="p" modifiers="GDK_CONTROL_MASK" signal="activate"/>
901+
902+ <child internal-child="image">
903+ <widget class="GtkImage" id="image47">
904+ <property name="visible">True</property>
905+ <property name="stock">gtk-media-previous</property>
906+ <property name="icon_size">1</property>
907+ <property name="xalign">0.5</property>
908+ <property name="yalign">0.5</property>
909+ <property name="xpad">0</property>
910+ <property name="ypad">0</property>
911+ </widget>
912+ </child>
913+ </widget>
914+ </child>
915+
916+ <child>
917+ <widget class="GtkSeparatorMenuItem" id="separator1">
918+ <property name="visible">True</property>
919+ </widget>
920+ </child>
921+
922+ <child>
923+ <widget class="GtkImageMenuItem" id="save_as2">
924+ <property name="visible">True</property>
925+ <property name="label" translatable="yes">Save As</property>
926+ <property name="use_underline">True</property>
927+ <signal name="activate" handler="on_save_clicked" last_modification_time="Thu, 03 Jul 2008 13:30:05 GMT"/>
928+ <accelerator key="s" modifiers="GDK_CONTROL_MASK" signal="activate"/>
929+
930+ <child internal-child="image">
931+ <widget class="GtkImage" id="image48">
932+ <property name="visible">True</property>
933+ <property name="stock">gtk-save-as</property>
934+ <property name="icon_size">1</property>
935+ <property name="xalign">0.5</property>
936+ <property name="yalign">0.5</property>
937+ <property name="xpad">0</property>
938+ <property name="ypad">0</property>
939+ </widget>
940+ </child>
941+ </widget>
942+ </child>
943+
944+ <child>
945+ <widget class="GtkImageMenuItem" id="apply1">
946+ <property name="visible">True</property>
947+ <property name="label" translatable="yes">Apply</property>
948+ <property name="use_underline">True</property>
949+ <signal name="activate" handler="on_apply_clicked" last_modification_time="Thu, 03 Jul 2008 13:25:23 GMT"/>
950+ <accelerator key="a" modifiers="GDK_CONTROL_MASK" signal="activate"/>
951+
952+ <child internal-child="image">
953+ <widget class="GtkImage" id="image49">
954+ <property name="visible">True</property>
955+ <property name="stock">gtk-apply</property>
956+ <property name="icon_size">1</property>
957+ <property name="xalign">0.5</property>
958+ <property name="yalign">0.5</property>
959+ <property name="xpad">0</property>
960+ <property name="ypad">0</property>
961+ </widget>
962+ </child>
963+ </widget>
964+ </child>
965+
966+ <child>
967+ <widget class="GtkImageMenuItem" id="cancel">
968+ <property name="visible">True</property>
969+ <property name="stock_item">GNOMEUIINFO_MENU_EXIT_ITEM</property>
970+ <signal name="activate" handler="on_cancel_clicked" last_modification_time="Thu, 24 Apr 2008 10:18:41 GMT"/>
971+ </widget>
972+ </child>
973+ </widget>
974+ </child>
975+ </widget>
976+ </child>
977+
978+ <child>
979+ <widget class="GtkMenuItem" id="help1">
980+ <property name="visible">True</property>
981+ <property name="stock_item">GNOMEUIINFO_MENU_HELP_TREE</property>
982+
983+ <child>
984+ <widget class="GtkMenu" id="help1_menu">
985+
986+ <child>
987+ <widget class="GtkImageMenuItem" id="about">
988+ <property name="visible">True</property>
989+ <property name="stock_item">GNOMEUIINFO_MENU_ABOUT_ITEM</property>
990+ <signal name="activate" handler="on_about_activate" last_modification_time="Fri, 06 Oct 2006 13:58:02 GMT"/>
991+ </widget>
992+ </child>
993+ </widget>
994+ </child>
995+ </widget>
996+ </child>
997+ </widget>
998+ </child>
999+ </widget>
1000+ <packing>
1001+ <property name="placement">BONOBO_DOCK_TOP</property>
1002+ <property name="band">0</property>
1003+ <property name="position">0</property>
1004+ <property name="offset">0</property>
1005+ <property name="behavior">BONOBO_DOCK_ITEM_BEH_EXCLUSIVE|BONOBO_DOCK_ITEM_BEH_NEVER_VERTICAL|BONOBO_DOCK_ITEM_BEH_LOCKED</property>
1006+ </packing>
1007+ </child>
1008+
1009+ <child>
1010+ <widget class="GtkHPaned" id="hpaned1">
1011+ <property name="visible">True</property>
1012+ <property name="can_focus">True</property>
1013+ <property name="position">0</property>
1014+
1015+ <child>
1016+ <widget class="GtkFrame" id="frame1">
1017+ <property name="border_width">5</property>
1018+ <property name="visible">True</property>
1019+ <property name="label_xalign">0</property>
1020+ <property name="label_yalign">0.5</property>
1021+ <property name="shadow_type">GTK_SHADOW_NONE</property>
1022+
1023+ <child>
1024+ <widget class="GtkAlignment" id="alignment1">
1025+ <property name="visible">True</property>
1026+ <property name="xalign">0.5</property>
1027+ <property name="yalign">0.5</property>
1028+ <property name="xscale">1</property>
1029+ <property name="yscale">1</property>
1030+ <property name="top_padding">0</property>
1031+ <property name="bottom_padding">0</property>
1032+ <property name="left_padding">12</property>
1033+ <property name="right_padding">0</property>
1034+
1035+ <child>
1036+ <widget class="GtkScrolledWindow" id="scrolledwindow21">
1037+ <property name="visible">True</property>
1038+ <property name="can_focus">True</property>
1039+ <property name="hscrollbar_policy">GTK_POLICY_ALWAYS</property>
1040+ <property name="vscrollbar_policy">GTK_POLICY_ALWAYS</property>
1041+ <property name="shadow_type">GTK_SHADOW_NONE</property>
1042+ <property name="window_placement">GTK_CORNER_TOP_LEFT</property>
1043+
1044+ <child>
1045+ <widget class="GtkTreeView" id="booleanView">
1046+ <property name="width_request">300</property>
1047+ <property name="visible">True</property>
1048+ <property name="tooltip" translatable="yes">Select Management Object</property>
1049+ <property name="can_focus">True</property>
1050+ <property name="headers_visible">False</property>
1051+ <property name="rules_hint">False</property>
1052+ <property name="reorderable">False</property>
1053+ <property name="enable_search">True</property>
1054+ <property name="fixed_height_mode">False</property>
1055+ <property name="hover_selection">False</property>
1056+ <property name="hover_expand">False</property>
1057+ </widget>
1058+ </child>
1059+ </widget>
1060+ </child>
1061+ </widget>
1062+ </child>
1063+
1064+ <child>
1065+ <widget class="GtkLabel" id="label45">
1066+ <property name="visible">True</property>
1067+ <property name="label" translatable="yes">&lt;b&gt;Select:&lt;/b&gt;</property>
1068+ <property name="use_underline">False</property>
1069+ <property name="use_markup">True</property>
1070+ <property name="justify">GTK_JUSTIFY_LEFT</property>
1071+ <property name="wrap">False</property>
1072+ <property name="selectable">False</property>
1073+ <property name="xalign">0.5</property>
1074+ <property name="yalign">0.5</property>
1075+ <property name="xpad">0</property>
1076+ <property name="ypad">0</property>
1077+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
1078+ <property name="width_chars">-1</property>
1079+ <property name="single_line_mode">False</property>
1080+ <property name="angle">0</property>
1081+ </widget>
1082+ <packing>
1083+ <property name="type">label_item</property>
1084+ </packing>
1085+ </child>
1086+ </widget>
1087+ <packing>
1088+ <property name="shrink">False</property>
1089+ <property name="resize">False</property>
1090+ </packing>
1091+ </child>
1092+
1093+ <child>
1094+ <widget class="GtkVBox" id="vbox1">
1095+ <property name="homogeneous">False</property>
1096+ <property name="spacing">0</property>
1097+
1098+ <child>
1099+ <widget class="GtkVBox" id="radio_vbox">
1100+ <property name="visible">True</property>
1101+ <property name="homogeneous">False</property>
1102+ <property name="spacing">0</property>
1103+
1104+ <child>
1105+ <widget class="GtkScrolledWindow" id="html_scrolledwindow">
1106+ <property name="visible">True</property>
1107+ <property name="can_focus">True</property>
1108+ <property name="hscrollbar_policy">GTK_POLICY_ALWAYS</property>
1109+ <property name="vscrollbar_policy">GTK_POLICY_ALWAYS</property>
1110+ <property name="shadow_type">GTK_SHADOW_NONE</property>
1111+ <property name="window_placement">GTK_CORNER_TOP_LEFT</property>
1112+
1113+ <child>
1114+ <placeholder/>
1115+ </child>
1116+ </widget>
1117+ <packing>
1118+ <property name="padding">0</property>
1119+ <property name="expand">True</property>
1120+ <property name="fill">True</property>
1121+ </packing>
1122+ </child>
1123+
1124+ <child>
1125+ <widget class="GtkHButtonBox" id="savebox">
1126+ <property name="visible">True</property>
1127+ <property name="layout_style">GTK_BUTTONBOX_END</property>
1128+ <property name="spacing">0</property>
1129+
1130+ <child>
1131+ <widget class="GtkButton" id="button4">
1132+ <property name="visible">True</property>
1133+ <property name="can_default">True</property>
1134+ <property name="can_focus">True</property>
1135+ <property name="label">gtk-apply</property>
1136+ <property name="use_stock">True</property>
1137+ <property name="relief">GTK_RELIEF_NORMAL</property>
1138+ <property name="focus_on_click">True</property>
1139+ <signal name="clicked" handler="on_apply_clicked" last_modification_time="Thu, 03 Jul 2008 12:39:08 GMT"/>
1140+ </widget>
1141+ </child>
1142+
1143+ <child>
1144+ <widget class="GtkButton" id="savebutton">
1145+ <property name="visible">True</property>
1146+ <property name="can_default">True</property>
1147+ <property name="can_focus">True</property>
1148+ <property name="label">gtk-save-as</property>
1149+ <property name="use_stock">True</property>
1150+ <property name="relief">GTK_RELIEF_NORMAL</property>
1151+ <property name="focus_on_click">True</property>
1152+ <signal name="clicked" handler="on_save_clicked" last_modification_time="Thu, 03 Jul 2008 12:38:54 GMT"/>
1153+ </widget>
1154+ </child>
1155+ </widget>
1156+ <packing>
1157+ <property name="padding">0</property>
1158+ <property name="expand">False</property>
1159+ <property name="fill">False</property>
1160+ <property name="pack_type">GTK_PACK_END</property>
1161+ </packing>
1162+ </child>
1163+
1164+ <child>
1165+ <widget class="GtkHBox" id="radiobox">
1166+ <property name="homogeneous">True</property>
1167+ <property name="spacing">0</property>
1168+
1169+ <child>
1170+ <widget class="GtkRadioButton" id="enable_radiobutton">
1171+ <property name="visible">True</property>
1172+ <property name="can_focus">True</property>
1173+ <property name="relief">GTK_RELIEF_NORMAL</property>
1174+ <property name="focus_on_click">True</property>
1175+ <property name="active">False</property>
1176+ <property name="inconsistent">False</property>
1177+ <property name="draw_indicator">True</property>
1178+
1179+ <child>
1180+ <widget class="GtkAlignment" id="alignment2">
1181+ <property name="visible">True</property>
1182+ <property name="xalign">0.5</property>
1183+ <property name="yalign">0.5</property>
1184+ <property name="xscale">0</property>
1185+ <property name="yscale">0</property>
1186+ <property name="top_padding">0</property>
1187+ <property name="bottom_padding">0</property>
1188+ <property name="left_padding">0</property>
1189+ <property name="right_padding">0</property>
1190+
1191+ <child>
1192+ <widget class="GtkHBox" id="hbox15">
1193+ <property name="visible">True</property>
1194+ <property name="homogeneous">False</property>
1195+ <property name="spacing">2</property>
1196+
1197+ <child>
1198+ <widget class="GtkImage" id="image20">
1199+ <property name="visible">True</property>
1200+ <property name="stock">gtk-yes</property>
1201+ <property name="icon_size">4</property>
1202+ <property name="xalign">0.5</property>
1203+ <property name="yalign">0.5</property>
1204+ <property name="xpad">0</property>
1205+ <property name="ypad">0</property>
1206+ </widget>
1207+ <packing>
1208+ <property name="padding">0</property>
1209+ <property name="expand">False</property>
1210+ <property name="fill">False</property>
1211+ </packing>
1212+ </child>
1213+
1214+ <child>
1215+ <widget class="GtkLabel" id="button1">
1216+ <property name="label" translatable="yes">Enable</property>
1217+ <property name="use_underline">True</property>
1218+ <property name="use_markup">False</property>
1219+ <property name="justify">GTK_JUSTIFY_LEFT</property>
1220+ <property name="wrap">False</property>
1221+ <property name="selectable">False</property>
1222+ <property name="xalign">0.5</property>
1223+ <property name="yalign">0.5</property>
1224+ <property name="xpad">0</property>
1225+ <property name="ypad">0</property>
1226+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
1227+ <property name="width_chars">-1</property>
1228+ <property name="single_line_mode">False</property>
1229+ <property name="angle">0</property>
1230+ </widget>
1231+ <packing>
1232+ <property name="padding">0</property>
1233+ <property name="expand">False</property>
1234+ <property name="fill">False</property>
1235+ </packing>
1236+ </child>
1237+ </widget>
1238+ </child>
1239+ </widget>
1240+ </child>
1241+ </widget>
1242+ <packing>
1243+ <property name="padding">0</property>
1244+ <property name="expand">False</property>
1245+ <property name="fill">False</property>
1246+ </packing>
1247+ </child>
1248+
1249+ <child>
1250+ <widget class="GtkRadioButton" id="disable_radiobutton">
1251+ <property name="visible">True</property>
1252+ <property name="can_focus">True</property>
1253+ <property name="relief">GTK_RELIEF_NORMAL</property>
1254+ <property name="focus_on_click">True</property>
1255+ <property name="active">False</property>
1256+ <property name="inconsistent">False</property>
1257+ <property name="draw_indicator">True</property>
1258+ <property name="group">enable_radiobutton</property>
1259+
1260+ <child>
1261+ <widget class="GtkAlignment" id="alignment3">
1262+ <property name="visible">True</property>
1263+ <property name="xalign">0.5</property>
1264+ <property name="yalign">0.5</property>
1265+ <property name="xscale">0</property>
1266+ <property name="yscale">0</property>
1267+ <property name="top_padding">0</property>
1268+ <property name="bottom_padding">0</property>
1269+ <property name="left_padding">0</property>
1270+ <property name="right_padding">0</property>
1271+
1272+ <child>
1273+ <widget class="GtkHBox" id="hbox16">
1274+ <property name="visible">True</property>
1275+ <property name="homogeneous">False</property>
1276+ <property name="spacing">2</property>
1277+
1278+ <child>
1279+ <widget class="GtkImage" id="image21">
1280+ <property name="visible">True</property>
1281+ <property name="stock">gtk-no</property>
1282+ <property name="icon_size">4</property>
1283+ <property name="xalign">0.5</property>
1284+ <property name="yalign">0.5</property>
1285+ <property name="xpad">0</property>
1286+ <property name="ypad">0</property>
1287+ </widget>
1288+ <packing>
1289+ <property name="padding">0</property>
1290+ <property name="expand">False</property>
1291+ <property name="fill">False</property>
1292+ </packing>
1293+ </child>
1294+
1295+ <child>
1296+ <widget class="GtkLabel" id="label60">
1297+ <property name="visible">True</property>
1298+ <property name="label" translatable="yes">Disable</property>
1299+ <property name="use_underline">True</property>
1300+ <property name="use_markup">False</property>
1301+ <property name="justify">GTK_JUSTIFY_LEFT</property>
1302+ <property name="wrap">False</property>
1303+ <property name="selectable">False</property>
1304+ <property name="xalign">0.5</property>
1305+ <property name="yalign">0.5</property>
1306+ <property name="xpad">0</property>
1307+ <property name="ypad">0</property>
1308+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
1309+ <property name="width_chars">-1</property>
1310+ <property name="single_line_mode">False</property>
1311+ <property name="angle">0</property>
1312+ </widget>
1313+ <packing>
1314+ <property name="padding">0</property>
1315+ <property name="expand">False</property>
1316+ <property name="fill">False</property>
1317+ </packing>
1318+ </child>
1319+ </widget>
1320+ </child>
1321+ </widget>
1322+ </child>
1323+ </widget>
1324+ <packing>
1325+ <property name="padding">0</property>
1326+ <property name="expand">False</property>
1327+ <property name="fill">False</property>
1328+ </packing>
1329+ </child>
1330+
1331+ <child>
1332+ <widget class="GtkRadioButton" id="default_radiobutton">
1333+ <property name="visible">True</property>
1334+ <property name="can_focus">True</property>
1335+ <property name="relief">GTK_RELIEF_NORMAL</property>
1336+ <property name="focus_on_click">True</property>
1337+ <property name="active">False</property>
1338+ <property name="inconsistent">False</property>
1339+ <property name="draw_indicator">True</property>
1340+ <property name="group">enable_radiobutton</property>
1341+
1342+ <child>
1343+ <widget class="GtkAlignment" id="alignment4">
1344+ <property name="visible">True</property>
1345+ <property name="xalign">0.5</property>
1346+ <property name="yalign">0.5</property>
1347+ <property name="xscale">0</property>
1348+ <property name="yscale">0</property>
1349+ <property name="top_padding">0</property>
1350+ <property name="bottom_padding">0</property>
1351+ <property name="left_padding">0</property>
1352+ <property name="right_padding">0</property>
1353+
1354+ <child>
1355+ <widget class="GtkHBox" id="hbox17">
1356+ <property name="visible">True</property>
1357+ <property name="homogeneous">False</property>
1358+ <property name="spacing">2</property>
1359+
1360+ <child>
1361+ <widget class="GtkImage" id="image22">
1362+ <property name="visible">True</property>
1363+ <property name="stock">gtk-undo</property>
1364+ <property name="icon_size">4</property>
1365+ <property name="xalign">0.5</property>
1366+ <property name="yalign">0.5</property>
1367+ <property name="xpad">0</property>
1368+ <property name="ypad">0</property>
1369+ </widget>
1370+ <packing>
1371+ <property name="padding">0</property>
1372+ <property name="expand">False</property>
1373+ <property name="fill">False</property>
1374+ </packing>
1375+ </child>
1376+
1377+ <child>
1378+ <widget class="GtkLabel" id="label61">
1379+ <property name="visible">True</property>
1380+ <property name="label" translatable="yes">Default</property>
1381+ <property name="use_underline">True</property>
1382+ <property name="use_markup">False</property>
1383+ <property name="justify">GTK_JUSTIFY_LEFT</property>
1384+ <property name="wrap">False</property>
1385+ <property name="selectable">False</property>
1386+ <property name="xalign">0.5</property>
1387+ <property name="yalign">0.5</property>
1388+ <property name="xpad">0</property>
1389+ <property name="ypad">0</property>
1390+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
1391+ <property name="width_chars">-1</property>
1392+ <property name="single_line_mode">False</property>
1393+ <property name="angle">0</property>
1394+ </widget>
1395+ <packing>
1396+ <property name="padding">0</property>
1397+ <property name="expand">False</property>
1398+ <property name="fill">False</property>
1399+ </packing>
1400+ </child>
1401+ </widget>
1402+ </child>
1403+ </widget>
1404+ </child>
1405+ </widget>
1406+ <packing>
1407+ <property name="padding">0</property>
1408+ <property name="expand">False</property>
1409+ <property name="fill">False</property>
1410+ </packing>
1411+ </child>
1412+ </widget>
1413+ <packing>
1414+ <property name="padding">11</property>
1415+ <property name="expand">False</property>
1416+ <property name="fill">False</property>
1417+ </packing>
1418+ </child>
1419+
1420+ <child>
1421+ <widget class="GtkHButtonBox" id="hbuttonbox4">
1422+ <property name="visible">True</property>
1423+ <property name="layout_style">GTK_BUTTONBOX_END</property>
1424+ <property name="spacing">0</property>
1425+
1426+ <child>
1427+ <widget class="GtkButton" id="cancelButton">
1428+ <property name="visible">True</property>
1429+ <property name="can_default">True</property>
1430+ <property name="can_focus">True</property>
1431+ <property name="label">gtk-quit</property>
1432+ <property name="use_stock">True</property>
1433+ <property name="relief">GTK_RELIEF_NORMAL</property>
1434+ <property name="focus_on_click">True</property>
1435+ <signal name="clicked" handler="on_cancel_clicked" last_modification_time="Thu, 24 Apr 2008 10:14:10 GMT"/>
1436+ </widget>
1437+ </child>
1438+
1439+ <child>
1440+ <widget class="GtkButton" id="previousButton">
1441+ <property name="visible">True</property>
1442+ <property name="can_default">True</property>
1443+ <property name="can_focus">True</property>
1444+ <property name="label">gtk-media-previous</property>
1445+ <property name="use_stock">True</property>
1446+ <property name="relief">GTK_RELIEF_NORMAL</property>
1447+ <property name="focus_on_click">True</property>
1448+ <signal name="clicked" handler="on_previous_clicked" last_modification_time="Thu, 24 Apr 2008 10:14:23 GMT"/>
1449+ </widget>
1450+ </child>
1451+
1452+ <child>
1453+ <widget class="GtkButton" id="forwardButton">
1454+ <property name="visible">True</property>
1455+ <property name="can_default">True</property>
1456+ <property name="can_focus">True</property>
1457+ <property name="label">gtk-media-forward</property>
1458+ <property name="use_stock">True</property>
1459+ <property name="relief">GTK_RELIEF_NORMAL</property>
1460+ <property name="focus_on_click">True</property>
1461+ <signal name="clicked" handler="on_forward_clicked" last_modification_time="Thu, 24 Apr 2008 10:14:38 GMT"/>
1462+ </widget>
1463+ </child>
1464+ </widget>
1465+ <packing>
1466+ <property name="padding">0</property>
1467+ <property name="expand">False</property>
1468+ <property name="fill">False</property>
1469+ </packing>
1470+ </child>
1471+ </widget>
1472+ <packing>
1473+ <property name="padding">0</property>
1474+ <property name="expand">True</property>
1475+ <property name="fill">True</property>
1476+ </packing>
1477+ </child>
1478+ </widget>
1479+ <packing>
1480+ <property name="shrink">True</property>
1481+ <property name="resize">True</property>
1482+ </packing>
1483+ </child>
1484+ </widget>
1485+ </child>
1486+ </widget>
1487+ <packing>
1488+ <property name="padding">0</property>
1489+ <property name="expand">True</property>
1490+ <property name="fill">True</property>
1491+ </packing>
1492+ </child>
1493+
1494+ <child internal-child="appbar">
1495+ <widget class="GnomeAppBar" id="appbar2">
1496+ <property name="visible">True</property>
1497+ <property name="has_progress">True</property>
1498+ <property name="has_status">True</property>
1499+ </widget>
1500+ <packing>
1501+ <property name="padding">0</property>
1502+ <property name="expand">True</property>
1503+ <property name="fill">True</property>
1504+ </packing>
1505+ </child>
1506+</widget>
1507+
1508+<widget class="GtkFileChooserDialog" id="filechooserdialog">
1509+ <property name="border_width">5</property>
1510+ <property name="tooltip" translatable="yes">Select file name to save boolean settings.</property>
1511+ <property name="action">GTK_FILE_CHOOSER_ACTION_SAVE</property>
1512+ <property name="local_only">True</property>
1513+ <property name="select_multiple">False</property>
1514+ <property name="show_hidden">False</property>
1515+ <property name="do_overwrite_confirmation">False</property>
1516+ <property name="title" translatable="yes">Save Boolean Configuration File</property>
1517+ <property name="type">GTK_WINDOW_TOPLEVEL</property>
1518+ <property name="window_position">GTK_WIN_POS_MOUSE</property>
1519+ <property name="modal">False</property>
1520+ <property name="resizable">True</property>
1521+ <property name="destroy_with_parent">False</property>
1522+ <property name="decorated">True</property>
1523+ <property name="skip_taskbar_hint">False</property>
1524+ <property name="skip_pager_hint">False</property>
1525+ <property name="type_hint">GDK_WINDOW_TYPE_HINT_DIALOG</property>
1526+ <property name="gravity">GDK_GRAVITY_NORTH_WEST</property>
1527+ <property name="focus_on_map">True</property>
1528+ <property name="urgency_hint">False</property>
1529+
1530+ <child internal-child="vbox">
1531+ <widget class="GtkVBox" id="dialog-vbox1">
1532+ <property name="visible">True</property>
1533+ <property name="homogeneous">False</property>
1534+ <property name="spacing">2</property>
1535+
1536+ <child internal-child="action_area">
1537+ <widget class="GtkHButtonBox" id="dialog-action_area1">
1538+ <property name="visible">True</property>
1539+ <property name="layout_style">GTK_BUTTONBOX_END</property>
1540+
1541+ <child>
1542+ <widget class="GtkButton" id="button7">
1543+ <property name="visible">True</property>
1544+ <property name="can_default">True</property>
1545+ <property name="can_focus">True</property>
1546+ <property name="label">gtk-cancel</property>
1547+ <property name="use_stock">True</property>
1548+ <property name="relief">GTK_RELIEF_NORMAL</property>
1549+ <property name="focus_on_click">True</property>
1550+ <property name="response_id">-6</property>
1551+ </widget>
1552+ </child>
1553+
1554+ <child>
1555+ <widget class="GtkButton" id="button8">
1556+ <property name="visible">True</property>
1557+ <property name="can_default">True</property>
1558+ <property name="has_default">True</property>
1559+ <property name="can_focus">True</property>
1560+ <property name="label">gtk-save</property>
1561+ <property name="use_stock">True</property>
1562+ <property name="relief">GTK_RELIEF_NORMAL</property>
1563+ <property name="focus_on_click">True</property>
1564+ <property name="response_id">-5</property>
1565+ </widget>
1566+ </child>
1567+ </widget>
1568+ <packing>
1569+ <property name="padding">0</property>
1570+ <property name="expand">False</property>
1571+ <property name="fill">True</property>
1572+ <property name="pack_type">GTK_PACK_END</property>
1573+ </packing>
1574+ </child>
1575+ </widget>
1576+ </child>
1577+</widget>
1578+
1579+</glade-interface>
1580diff -up policycoreutils-2.1.8/gui/lockdown.gladep.gui policycoreutils-2.1.8/gui/lockdown.gladep
1581--- policycoreutils-2.1.8/gui/lockdown.gladep.gui 2011-11-07 15:12:01.896834226 -0500
1582+++ policycoreutils-2.1.8/gui/lockdown.gladep 2011-11-07 15:12:01.896834226 -0500
1583@@ -0,0 +1,7 @@
1584+<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*-->
1585+<!DOCTYPE glade-project SYSTEM "http://glade.gnome.org/glade-project-2.0.dtd">
1586+
1587+<glade-project>
1588+ <name></name>
1589+ <program_name></program_name>
1590+</glade-project>
1591diff -up policycoreutils-2.1.8/gui/lockdown.py.gui policycoreutils-2.1.8/gui/lockdown.py
1592--- policycoreutils-2.1.8/gui/lockdown.py.gui 2011-11-07 15:12:01.897834227 -0500
1593+++ policycoreutils-2.1.8/gui/lockdown.py 2011-11-07 15:12:01.897834227 -0500
1594@@ -0,0 +1,375 @@
1595+#!/usr/bin/python
1596+#
1597+# lockdown.py - GUI for Booleans page in system-config-securitylevel
1598+#
1599+# Dan Walsh <dwalsh@redhat.com>
1600+#
1601+# Copyright 2008 Red Hat, Inc.
1602+#
1603+# This program is free software; you can redistribute it and/or modify
1604+# it under the terms of the GNU General Public License as published by
1605+# the Free Software Foundation; either version 2 of the License, or
1606+# (at your option) any later version.
1607+#
1608+# This program is distributed in the hope that it will be useful,
1609+# but WITHOUT ANY WARRANTY; without even the implied warranty of
1610+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
1611+# GNU General Public License for more details.
1612+#
1613+# You should have received a copy of the GNU General Public License
1614+# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
1615+#
1616+import signal
1617+import string
1618+import gtk
1619+import gtk.glade
1620+import os
1621+import gobject
1622+import gnome
1623+import sys
1624+import selinux
1625+import seobject
1626+import webkit
1627+import commands
1628+import tempfile
1629+
1630+from html_util import *
1631+
1632+gnome.program_init("SELinux Boolean Lockdown Tool", "5")
1633+
1634+INSTALLPATH='/usr/share/system-config-selinux'
1635+sys.path.append(INSTALLPATH)
1636+
1637+##
1638+## I18N
1639+##
1640+PROGNAME="policycoreutils"
1641+
1642+import gettext
1643+gettext.bindtextdomain(PROGNAME, "/usr/share/locale")
1644+gettext.textdomain(PROGNAME)
1645+try:
1646+ gettext.install(PROGNAME,
1647+ localedir="/usr/share/locale",
1648+ unicode=False,
1649+ codeset = 'utf-8')
1650+except IOError:
1651+ import __builtin__
1652+ __builtin__.__dict__['_'] = unicode
1653+
1654+from glob import fnmatch
1655+
1656+STATUS=(_("Disable"), _("Enable"), _("Default"))
1657+DISABLE = 0
1658+ENABLE = 1
1659+DEFAULT = 2
1660+
1661+def idle_func():
1662+ while gtk.events_pending():
1663+ gtk.main_iteration()
1664+
1665+def td_fmt(val):
1666+ return '<td>%s</td>' % val
1667+
1668+tr_fmt = '<tr>%s</tr>\n'
1669+
1670+p_fmt = '<p>%s\n'
1671+
1672+##
1673+## Pull in the Glade file
1674+##
1675+if os.access("system-config-selinux.glade", os.F_OK):
1676+ xml = gtk.glade.XML ("lockdown.glade", domain=PROGNAME)
1677+else:
1678+ xml = gtk.glade.XML ("/usr/share/system-config-selinux/lockdown.glade", domain=PROGNAME)
1679+BOOLEAN = 0
1680+class booleanWindow:
1681+ def __init__(self):
1682+ self.tabs=[]
1683+ self.xml = xml
1684+ xml.signal_connect("on_cancel_clicked", self.cancel)
1685+ xml.signal_connect("on_forward_clicked", self.forward)
1686+ xml.signal_connect("on_previous_clicked", self.previous)
1687+ xml.signal_connect("on_save_clicked", self.save)
1688+ xml.signal_connect("on_apply_clicked", self.apply)
1689+ self.xml = xml
1690+ self.mainWindow = self.xml.get_widget("mainWindow")
1691+ self.forwardbutton = self.xml.get_widget("forwardButton")
1692+ self.window = self.xml.get_widget("mainWindow").get_root_window()
1693+ self.busy_cursor = gtk.gdk.Cursor(gtk.gdk.WATCH)
1694+ self.ready_cursor = gtk.gdk.Cursor(gtk.gdk.LEFT_PTR)
1695+ self.radiobox = self.xml.get_widget("radiobox")
1696+ self.savebox = self.xml.get_widget("savebox")
1697+ self.file_dialog = self.xml.get_widget("filechooserdialog")
1698+ self.vbox = self.xml.get_widget("vbox")
1699+ self.enable_radiobutton = self.xml.get_widget("enable_radiobutton")
1700+ self.enable_radiobutton.connect("toggled", self.toggled)
1701+ self.disable_radiobutton = self.xml.get_widget("disable_radiobutton")
1702+ self.disable_radiobutton.connect("toggled", self.toggled)
1703+ self.default_radiobutton = self.xml.get_widget("default_radiobutton")
1704+ self.default_radiobutton.connect("toggled", self.toggled)
1705+ self.html_scrolledwindow = self.xml.get_widget("html_scrolledwindow")
1706+ self.view = xml.get_widget("booleanView")
1707+ self.view.get_selection().connect("changed", self.itemSelected)
1708+
1709+ self.store = gtk.TreeStore(gobject.TYPE_STRING)
1710+ self.view.set_model(self.store)
1711+
1712+ col = gtk.TreeViewColumn("Boolean", gtk.CellRendererText(), text=BOOLEAN)
1713+ col.set_sort_column_id(BOOLEAN)
1714+ col.set_resizable(True)
1715+ self.view.append_column(col)
1716+
1717+ self.html_view = self.create_htmlview(self.html_scrolledwindow)
1718+ self.load()
1719+ self.view.get_selection().select_path ((0,))
1720+
1721+ def create_htmlview(self, container):
1722+ view = webkit.WebView()
1723+ container.add(view)
1724+ return (view)
1725+
1726+ def wait(self):
1727+ self.window.set_cursor(self.busy_cursor)
1728+ idle_func()
1729+
1730+ def ready(self):
1731+ self.window.set_cursor(self.ready_cursor)
1732+ idle_func()
1733+
1734+ def load(self):
1735+ self.store.clear()
1736+ self.booleans = seobject.booleanRecords()
1737+ booleansList = self.booleans.get_all(0)
1738+ self.booldict = {}
1739+ for name in booleansList:
1740+ cat = self.booleans.get_category(name)
1741+ if cat not in self.booldict:
1742+ self.booldict[cat] = {}
1743+
1744+ rec = booleansList[name]
1745+ self.booldict[cat][name]= [rec[2], self.booleans.get_desc(name)]
1746+
1747+ cats = self.booldict.keys()
1748+ cats.sort()
1749+
1750+ citer = self.store.append(None)
1751+ self.store.set_value(citer, BOOLEAN, "Begin")
1752+ for cat in cats:
1753+ citer = self.store.append(None)
1754+ self.store.set_value(citer, BOOLEAN, cat)
1755+ bools = self.booldict[cat].keys()
1756+ for bool in bools:
1757+ biter = self.store.append(citer)
1758+ self.store.set_value(biter, BOOLEAN, bool)
1759+ biter = self.store.append(citer)
1760+ self.store.set_value(biter, BOOLEAN, "Finish")
1761+ citer = self.store.append(None)
1762+ self.store.set_value(citer, BOOLEAN, "Finish")
1763+
1764+ def on_about_activate(self, args):
1765+ dlg = xml.get_widget ("aboutWindow")
1766+ dlg.run ()
1767+ dlg.hide ()
1768+
1769+ def cancel(self, args):
1770+ gtk.main_quit()
1771+
1772+ def error(self, message):
1773+ dlg = gtk.MessageDialog(None, 0, gtk.MESSAGE_ERROR,
1774+ gtk.BUTTONS_CLOSE,
1775+ message)
1776+ dlg.set_position(gtk.WIN_POS_MOUSE)
1777+ dlg.show_all()
1778+ dlg.run()
1779+ dlg.destroy()
1780+
1781+ def __out(self):
1782+ out = ''
1783+ for c in self.booldict.keys():
1784+ for b in self.booldict[c]:
1785+ out += "%s=%s\n" % (b, self.booldict[c][b][0])
1786+ return out
1787+
1788+ def save(self, args):
1789+ self.file_dialog.set_action(gtk.FILE_CHOOSER_ACTION_SAVE)
1790+ rc = self.file_dialog.run()
1791+ self.file_dialog.hide()
1792+ if rc == gtk.RESPONSE_OK:
1793+ try:
1794+ fd = open(self.file_dialog.get_filename(), "w")
1795+ fd.write(self.__out())
1796+ fd.close()
1797+
1798+ except IOError, e:
1799+ self.error(e)
1800+
1801+ def apply(self, args):
1802+ fd = tempfile.NamedTemporaryFile(dir = "/var/lib/selinux")
1803+ fd.write(self.__out())
1804+ fd.flush()
1805+ self.wait()
1806+ rc, err = commands.getstatusoutput("semanage boolean -m -F %s" % fd.name)
1807+ self.ready()
1808+ fd.close()
1809+ if rc != 0:
1810+ self.error(err)
1811+
1812+ def forward(self, args):
1813+ selection = self.view.get_selection()
1814+ store, iter = selection.get_selected()
1815+ if self.store.iter_has_child(iter):
1816+ store, rows = selection.get_selected_rows()
1817+ self.view.expand_to_path(rows[0])
1818+ niter = self.store.iter_nth_child(iter, 0)
1819+ else:
1820+ niter = store.iter_next(iter)
1821+
1822+ if niter == None:
1823+ piter = self.store.iter_parent(iter)
1824+ if piter == None:
1825+ return
1826+ niter = store.iter_next(piter)
1827+
1828+ if niter != None:
1829+ selection.select_iter(niter)
1830+ store, rows = selection.get_selected_rows()
1831+ self.view.scroll_to_cell(rows[0])
1832+ else:
1833+ print "Finish"
1834+
1835+ def toggled(self, button):
1836+ if button.get_active() == False:
1837+ return
1838+ if self.cat == None:
1839+ return
1840+ if self.disable_radiobutton == button:
1841+ self.booldict[self.cat][self.name][0] = DISABLE
1842+ if self.enable_radiobutton == button:
1843+ self.booldict[self.cat][self.name][0] = ENABLE
1844+ if self.default_radiobutton == button:
1845+ self.booldict[self.cat][self.name][0] = DEFAULT
1846+
1847+ def previous(self, args):
1848+ selection = self.view.get_selection()
1849+ store, iter = selection.get_selected()
1850+ store, rows = selection.get_selected_rows()
1851+ row = rows[0]
1852+ if len(row) == 1 or self.store.iter_has_child(iter):
1853+ if row[0] == 0:
1854+ return
1855+ nrow = row[0] - 1
1856+ iter = self.store.get_iter((nrow,))
1857+ if self.store.iter_has_child(iter):
1858+ self.view.expand_to_path((nrow,))
1859+ n = store.iter_n_children(iter) -1
1860+ piter = store.iter_nth_child(iter, n)
1861+ else:
1862+ piter = iter
1863+ else:
1864+ if row[1] == 0:
1865+ piter = self.store.iter_parent(iter)
1866+ else:
1867+ r0 = row[0]
1868+ r1 = row[1] - 1
1869+ piter = self.store.get_iter((r0,r1))
1870+ if piter != None:
1871+ selection.select_iter(piter)
1872+ store, rows = selection.get_selected_rows()
1873+ self.view.scroll_to_cell(rows[0])
1874+ else:
1875+ print "Finish"
1876+
1877+ def html_cat(self, cat):
1878+ html = ""
1879+ row = td_fmt(_("<b>Boolean</b>")) + td_fmt(_("<b>Description</b>")) + td_fmt(_("<b>Status</b>"))
1880+ html += tr_fmt % row
1881+
1882+ for b in self.booldict[cat]:
1883+ row = td_fmt(b) + td_fmt(self.booleans.get_desc(b)) + td_fmt(STATUS[self.booldict[cat][b][0]])
1884+ html += tr_fmt % row
1885+ return html
1886+
1887+ def html_table(self, title, body):
1888+ html = self.html_head(title)
1889+ html += '<table width="100%" cellspacing="1" cellpadding="2">\n'
1890+ html += body
1891+ html += '</table>'
1892+ return html
1893+
1894+ def html_head(self, val):
1895+ # Wrap entire alert in one table
1896+ # 1st table: primary Information
1897+
1898+ html = '<b>%s</b>\n\n\n' % val
1899+ return html
1900+
1901+ def html_all(self):
1902+ html = ""
1903+ cats = self.booldict.keys()
1904+ cats.sort()
1905+ for cat in cats:
1906+ html += self.html_table((_("Category: %s <br>") % cat), self.html_cat(cat))
1907+ return html
1908+
1909+ def itemSelected(self, selection):
1910+ store, iter = selection.get_selected()
1911+ if iter == None:
1912+ return
1913+
1914+ piter = self.store.iter_parent(iter)
1915+ if piter != None:
1916+ self.cat = store.get_value(piter, BOOLEAN)
1917+ else:
1918+ self.cat = None
1919+
1920+ self.name = store.get_value(iter, BOOLEAN)
1921+
1922+ html = ''
1923+
1924+ self.radiobox.hide()
1925+ self.savebox.hide()
1926+
1927+ if self.name == _("Begin"):
1928+ html += self.html_head(_("Welcome to the SELinux Lockdown Tool.<br> <br>This tool can be used to lockdown SELinux booleans.The tool will generate a configuration file which can be used to lockdown this system or other SELinux systems.<br>"))
1929+ html += self.html_all()
1930+ else:
1931+ if self.name == _("Finish"):
1932+ if self.cat != None:
1933+ html += self.html_head(_("Category %s booleans completed <br><br>") % self.cat)
1934+ html += self.html_table(_("Current settings:<br><br>"), self.html_cat(self.cat))
1935+ else:
1936+ html += self.html_head(_("Finish: <br><br>"))
1937+ html += self.html_all()
1938+ self.savebox.show()
1939+ else:
1940+ if self.store.iter_has_child(iter):
1941+ html += self.html_table(_("Category: %s<br><br>Current Settings<br><br>") % self.name, self.html_cat(self.name))
1942+ else:
1943+ self.radiobox.show()
1944+ html += self.html_table(_("Boolean: %s<br><br>") % self.name, tr_fmt % td_fmt(self.booleans.get_desc(self.name)))
1945+ if self.booldict[self.cat][self.name][0] == ENABLE:
1946+ self.enable_radiobutton.set_active(True)
1947+ if self.booldict[self.cat][self.name][0] == DISABLE:
1948+ self.disable_radiobutton.set_active(True)
1949+ if self.booldict[self.cat][self.name][0] == DEFAULT:
1950+ self.default_radiobutton.set_active(True)
1951+ html_doc= html_document(html)
1952+
1953+ self.html_view.load_html_string(html, "")
1954+
1955+ def stand_alone(self):
1956+ desktopName = _("Lockdown SELinux Booleans")
1957+
1958+ self.mainWindow.connect("destroy", self.cancel)
1959+
1960+ self.mainWindow.show_all()
1961+ self.radiobox.hide()
1962+ self.savebox.hide()
1963+ gtk.main()
1964+
1965+if __name__ == "__main__":
1966+ signal.signal (signal.SIGINT, signal.SIG_DFL)
1967+
1968+ app = booleanWindow()
1969+ app.stand_alone()
1970diff -up policycoreutils-2.1.8/gui/loginsPage.py.gui policycoreutils-2.1.8/gui/loginsPage.py
1971--- policycoreutils-2.1.8/gui/loginsPage.py.gui 2011-11-07 15:12:01.898834228 -0500
1972+++ policycoreutils-2.1.8/gui/loginsPage.py 2011-11-07 15:12:01.898834228 -0500
1973@@ -0,0 +1,185 @@
1974+## loginsPage.py - show selinux mappings
1975+## Copyright (C) 2006 Red Hat, Inc.
1976+
1977+## This program is free software; you can redistribute it and/or modify
1978+## it under the terms of the GNU General Public License as published by
1979+## the Free Software Foundation; either version 2 of the License, or
1980+## (at your option) any later version.
1981+
1982+## This program is distributed in the hope that it will be useful,
1983+## but WITHOUT ANY WARRANTY; without even the implied warranty of
1984+## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
1985+## GNU General Public License for more details.
1986+
1987+## You should have received a copy of the GNU General Public License
1988+## along with this program; if not, write to the Free Software
1989+## Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
1990+
1991+## Author: Dan Walsh
1992+import string
1993+import gtk
1994+import gtk.glade
1995+import os
1996+import gobject
1997+import sys
1998+import commands
1999+import seobject
2000+from semanagePage import *;
2001+
2002+##
2003+## I18N
2004+##
2005+PROGNAME="policycoreutils"
2006+import gettext
2007+gettext.bindtextdomain(PROGNAME, "/usr/share/locale")
2008+gettext.textdomain(PROGNAME)
2009+try:
2010+ gettext.install(PROGNAME,
2011+ localedir="/usr/share/locale",
2012+ unicode=False,
2013+ codeset = 'utf-8')
2014+except IOError:
2015+ import __builtin__
2016+ __builtin__.__dict__['_'] = unicode
2017+
2018+class loginsPage(semanagePage):
2019+ def __init__(self, xml):
2020+ self.firstTime = False
2021+ semanagePage.__init__(self, xml, "logins", _("User Mapping"))
2022+ self.store = gtk.ListStore(gobject.TYPE_STRING, gobject.TYPE_STRING, gobject.TYPE_STRING)
2023+ self.view.set_model(self.store)
2024+ self.store.set_sort_column_id(0, gtk.SORT_ASCENDING)
2025+ col = gtk.TreeViewColumn(_("Login\nName"), gtk.CellRendererText(), text = 0)
2026+ col.set_sort_column_id(0)
2027+ col.set_resizable(True)
2028+ self.view.append_column(col)
2029+ col = gtk.TreeViewColumn(_("SELinux\nUser"), gtk.CellRendererText(), text = 1)
2030+ col.set_resizable(True)
2031+ self.view.append_column(col)
2032+ col = gtk.TreeViewColumn(_("MLS/\nMCS Range"), gtk.CellRendererText(), text = 2)
2033+ col.set_resizable(True)
2034+ self.view.append_column(col)
2035+ self.load()
2036+ self.loginsNameEntry = xml.get_widget("loginsNameEntry")
2037+ self.loginsSelinuxUserCombo = xml.get_widget("loginsSelinuxUserCombo")
2038+ self.loginsMLSEntry = xml.get_widget("loginsMLSEntry")
2039+
2040+ def load(self, filter = ""):
2041+ self.filter=filter
2042+ self.login = seobject.loginRecords()
2043+ dict = self.login.get_all(0)
2044+ keys = dict.keys()
2045+ keys.sort()
2046+ self.store.clear()
2047+ for k in keys:
2048+ range = seobject.translate(dict[k][1])
2049+ if not (self.match(k, filter) or self.match(dict[k][0], filter) or self.match(range, filter)):
2050+ continue
2051+ iter = self.store.append()
2052+ self.store.set_value(iter, 0, k)
2053+ self.store.set_value(iter, 1, dict[k][0])
2054+ self.store.set_value(iter, 2, range)
2055+ self.view.get_selection().select_path ((0,))
2056+
2057+ def __dialogSetup(self):
2058+ if self.firstTime == True:
2059+ return
2060+ self.firstTime = True
2061+ liststore = gtk.ListStore(gobject.TYPE_STRING)
2062+ self.loginsSelinuxUserCombo.set_model(liststore)
2063+ cell = gtk.CellRendererText()
2064+ self.loginsSelinuxUserCombo.pack_start(cell, True)
2065+ self.loginsSelinuxUserCombo.add_attribute(cell, 'text', 0)
2066+
2067+ selusers = seobject.seluserRecords().get_all(0)
2068+ keys = selusers.keys()
2069+ keys.sort()
2070+ for k in keys:
2071+ if k != "system_u":
2072+ self.loginsSelinuxUserCombo.append_text(k)
2073+
2074+ iter = liststore.get_iter_first()
2075+ while liststore.get_value(iter,0) != "user_u":
2076+ iter = liststore.iter_next(iter)
2077+ self.loginsSelinuxUserCombo.set_active_iter(iter)
2078+
2079+ def dialogInit(self):
2080+ self.__dialogSetup()
2081+ store, iter = self.view.get_selection().get_selected()
2082+ self.loginsNameEntry.set_text(store.get_value(iter, 0))
2083+ self.loginsNameEntry.set_sensitive(False)
2084+
2085+ self.loginsMLSEntry.set_text(store.get_value(iter, 2))
2086+ seuser = store.get_value(iter, 1)
2087+ liststore = self.loginsSelinuxUserCombo.get_model()
2088+ iter = liststore.get_iter_first()
2089+ while iter != None and liststore.get_value(iter,0) != seuser:
2090+ iter = liststore.iter_next(iter)
2091+ if iter != None:
2092+ self.loginsSelinuxUserCombo.set_active_iter(iter)
2093+
2094+
2095+ def dialogClear(self):
2096+ self.__dialogSetup()
2097+ self.loginsNameEntry.set_text("")
2098+ self.loginsNameEntry.set_sensitive(True)
2099+ self.loginsMLSEntry.set_text("s0")
2100+
2101+ def delete(self):
2102+ store, iter = self.view.get_selection().get_selected()
2103+ try:
2104+ login=store.get_value(iter, 0)
2105+ if login == "root" or login == "__default__":
2106+ raise ValueError(_("Login '%s' is required") % login)
2107+
2108+ self.wait()
2109+ (rc, out) = commands.getstatusoutput("semanage login -d %s" % login)
2110+ self.ready()
2111+ if rc != 0:
2112+ self.error(out)
2113+ return False
2114+ store.remove(iter)
2115+ self.view.get_selection().select_path ((0,))
2116+ except ValueError, e:
2117+ self.error(e.args[0])
2118+
2119+ def add(self):
2120+ target=self.loginsNameEntry.get_text().strip()
2121+ serange=self.loginsMLSEntry.get_text().strip()
2122+ if serange == "":
2123+ serange="s0"
2124+ list_model=self.loginsSelinuxUserCombo.get_model()
2125+ iter = self.loginsSelinuxUserCombo.get_active_iter()
2126+ seuser = list_model.get_value(iter,0)
2127+ self.wait()
2128+ (rc, out) = commands.getstatusoutput("semanage login -a -s %s -r %s %s" % (seuser, serange, target))
2129+ self.ready()
2130+ if rc != 0:
2131+ self.error(out)
2132+ return False
2133+
2134+ iter = self.store.append()
2135+ self.store.set_value(iter, 0, target)
2136+ self.store.set_value(iter, 1, seuser)
2137+ self.store.set_value(iter, 2, seobject.translate(serange))
2138+
2139+ def modify(self):
2140+ target=self.loginsNameEntry.get_text().strip()
2141+ serange=self.loginsMLSEntry.get_text().strip()
2142+ if serange == "":
2143+ serange = "s0"
2144+ list_model = self.loginsSelinuxUserCombo.get_model()
2145+ iter = self.loginsSelinuxUserCombo.get_active_iter()
2146+ seuser=list_model.get_value(iter,0)
2147+ self.wait()
2148+ (rc, out) = commands.getstatusoutput("semanage login -m -s %s -r %s %s" % (seuser, serange, target))
2149+ self.ready()
2150+ if rc != 0:
2151+ self.error(out)
2152+ return False
2153+
2154+ store, iter = self.view.get_selection().get_selected()
2155+ self.store.set_value(iter, 0, target)
2156+ self.store.set_value(iter, 1, seuser)
2157+ self.store.set_value(iter, 2, seobject.translate(serange))
2158+
2159diff -up policycoreutils-2.1.8/gui/Makefile.gui policycoreutils-2.1.8/gui/Makefile
2160--- policycoreutils-2.1.8/gui/Makefile.gui 2011-11-07 15:12:01.898834228 -0500
2161+++ policycoreutils-2.1.8/gui/Makefile 2011-11-07 15:12:01.898834228 -0500
2162@@ -0,0 +1,40 @@
2163+# Installation directories.
2164+PREFIX ?= ${DESTDIR}/usr
2165+BINDIR ?= $(PREFIX)/bin
2166+SHAREDIR ?= $(PREFIX)/share/system-config-selinux
2167+
2168+TARGETS= \
2169+booleansPage.py \
2170+domainsPage.py \
2171+fcontextPage.py \
2172+html_util.py \
2173+loginsPage.py \
2174+mappingsPage.py \
2175+modulesPage.py \
2176+polgen.glade \
2177+portsPage.py \
2178+lockdown.glade \
2179+semanagePage.py \
2180+statusPage.py \
2181+system-config-selinux.glade \
2182+usersPage.py \
2183+selinux.tbl
2184+
2185+all: $(TARGETS) system-config-selinux.py polgengui.py templates lockdown.py polgen.py
2186+
2187+install: all
2188+ -mkdir -p $(SHAREDIR)/templates
2189+ -mkdir -p $(BINDIR)
2190+ install -m 755 system-config-selinux.py $(SHAREDIR)
2191+ install -m 755 polgengui.py $(SHAREDIR)
2192+ install -m 755 polgen.py $(SHAREDIR)
2193+ (cd $(BINDIR); ln -fs ../share/system-config-selinux/polgen.py sepolgen)
2194+ install -m 755 lockdown.py $(SHAREDIR)
2195+ install -m 644 $(TARGETS) $(SHAREDIR)
2196+ install -m 644 templates/*.py $(SHAREDIR)/templates/
2197+
2198+clean:
2199+
2200+indent:
2201+
2202+relabel:
2203diff -up policycoreutils-2.1.8/gui/mappingsPage.py.gui policycoreutils-2.1.8/gui/mappingsPage.py
2204--- policycoreutils-2.1.8/gui/mappingsPage.py.gui 2011-11-07 15:12:01.899834229 -0500
2205+++ policycoreutils-2.1.8/gui/mappingsPage.py 2011-11-07 15:12:01.899834229 -0500
2206@@ -0,0 +1,56 @@
2207+## mappingsPage.py - show selinux mappings
2208+## Copyright (C) 2006 Red Hat, Inc.
2209+
2210+## This program is free software; you can redistribute it and/or modify
2211+## it under the terms of the GNU General Public License as published by
2212+## the Free Software Foundation; either version 2 of the License, or
2213+## (at your option) any later version.
2214+
2215+## This program is distributed in the hope that it will be useful,
2216+## but WITHOUT ANY WARRANTY; without even the implied warranty of
2217+## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
2218+## GNU General Public License for more details.
2219+
2220+## You should have received a copy of the GNU General Public License
2221+## along with this program; if not, write to the Free Software
2222+## Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
2223+
2224+## Author: Dan Walsh
2225+import string
2226+import gtk
2227+import gtk.glade
2228+import os
2229+import gobject
2230+import sys
2231+import seobject
2232+
2233+##
2234+## I18N
2235+##
2236+PROGNAME="policycoreutils"
2237+import gettext
2238+gettext.bindtextdomain(PROGNAME, "/usr/share/locale")
2239+gettext.textdomain(PROGNAME)
2240+try:
2241+ gettext.install(PROGNAME,
2242+ localedir="/usr/share/locale",
2243+ unicode=False,
2244+ codeset = 'utf-8')
2245+except IOError:
2246+ import __builtin__
2247+ __builtin__.__dict__['_'] = unicode
2248+
2249+class loginsPage:
2250+ def __init__(self, xml):
2251+ self.xml = xml
2252+ self.view = xml.get_widget("mappingsView")
2253+ self.store = gtk.ListStore(gobject.TYPE_STRING, gobject.TYPE_STRING, gobject.TYPE_STRING)
2254+ self.store.set_sort_column_id(0, gtk.SORT_ASCENDING)
2255+ self.view.set_model(self.store)
2256+ self.login = loginRecords()
2257+ dict = self.login.get_all(0)
2258+ keys = dict.keys()
2259+ keys.sort()
2260+ for k in keys:
2261+ print "%-25s %-25s %-25s" % (k, dict[k][0], translate(dict[k][1]))
2262+
2263diff -up policycoreutils-2.1.8/gui/modulesPage.py.gui policycoreutils-2.1.8/gui/modulesPage.py
2264--- policycoreutils-2.1.8/gui/modulesPage.py.gui 2011-11-07 15:12:01.899834229 -0500
2265+++ policycoreutils-2.1.8/gui/modulesPage.py 2011-11-07 15:12:01.899834229 -0500
2266@@ -0,0 +1,190 @@
2267+## modulesPage.py - show selinux mappings
2268+## Copyright (C) 2006-2009 Red Hat, Inc.
2269+
2270+## This program is free software; you can redistribute it and/or modify
2271+## it under the terms of the GNU General Public License as published by
2272+## the Free Software Foundation; either version 2 of the License, or
2273+## (at your option) any later version.
2274+
2275+## This program is distributed in the hope that it will be useful,
2276+## but WITHOUT ANY WARRANTY; without even the implied warranty of
2277+## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
2278+## GNU General Public License for more details.
2279+
2280+## You should have received a copy of the GNU General Public License
2281+## along with this program; if not, write to the Free Software
2282+## Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
2283+
2284+## Author: Dan Walsh
2285+import string
2286+import gtk
2287+import gtk.glade
2288+import os
2289+import commands
2290+import gobject
2291+import sys
2292+import seobject
2293+import selinux
2294+from semanagePage import *;
2295+
2296+##
2297+## I18N
2298+##
2299+PROGNAME="policycoreutils"
2300+import gettext
2301+gettext.bindtextdomain(PROGNAME, "/usr/share/locale")
2302+gettext.textdomain(PROGNAME)
2303+try:
2304+ gettext.install(PROGNAME,
2305+ localedir="/usr/share/locale",
2306+ unicode=False,
2307+ codeset = 'utf-8')
2308+except IOError:
2309+ import __builtin__
2310+ __builtin__.__dict__['_'] = unicode
2311+
2312+class modulesPage(semanagePage):
2313+ def __init__(self, xml):
2314+ semanagePage.__init__(self, xml, "modules", _("Policy Module"))
2315+ self.module_filter = xml.get_widget("modulesFilterEntry")
2316+ self.module_filter.connect("focus_out_event", self.filter_changed)
2317+ self.module_filter.connect("activate", self.filter_changed)
2318+ self.audit_enabled = False
2319+
2320+ self.store = gtk.ListStore(gobject.TYPE_STRING, gobject.TYPE_STRING)
2321+ self.view.set_model(self.store)
2322+ self.store.set_sort_column_id(0, gtk.SORT_ASCENDING)
2323+ col = gtk.TreeViewColumn(_("Module Name"), gtk.CellRendererText(), text = 0)
2324+ col.set_sort_column_id(0)
2325+ col.set_resizable(True)
2326+ self.view.append_column(col)
2327+ self.store.set_sort_column_id(0, gtk.SORT_ASCENDING)
2328+ col = gtk.TreeViewColumn(_("Version"), gtk.CellRendererText(), text = 1)
2329+ self.enable_audit_button = xml.get_widget("enableAuditButton")
2330+ self.enable_audit_button.connect("clicked", self.enable_audit)
2331+ self.new_button = xml.get_widget("newModuleButton")
2332+ self.new_button.connect("clicked", self.new_module)
2333+ col.set_sort_column_id(1)
2334+ col.set_resizable(True)
2335+ self.view.append_column(col)
2336+ self.store.set_sort_func(1,self.sort_int, "")
2337+ status, self.policy_type = selinux.selinux_getpolicytype()
2338+
2339+ self.load()
2340+
2341+ def sort_int(self, treemodel, iter1, iter2, user_data):
2342+ try:
2343+ p1 = int(treemodel.get_value(iter1,1))
2344+ p2 = int(treemodel.get_value(iter1,1))
2345+ if p1 > p2:
2346+ return 1
2347+ if p1 == p2:
2348+ return 0
2349+ return -1
2350+ except:
2351+ return 0
2352+
2353+ def load(self, filter=""):
2354+ self.filter=filter
2355+ self.store.clear()
2356+ try:
2357+ fd=os.popen("semodule -l")
2358+ l = fd.readlines()
2359+ fd.close()
2360+ for i in l:
2361+ module, ver, newline = i.split('\t')
2362+ if not (self.match(module, filter) or self.match(ver, filter)):
2363+ continue
2364+ iter = self.store.append()
2365+ self.store.set_value(iter, 0, module.strip())
2366+ self.store.set_value(iter, 1, ver.strip())
2367+ except:
2368+ pass
2369+ self.view.get_selection().select_path ((0,))
2370+
2371+
2372+ def new_module(self, args):
2373+ try:
2374+ os.spawnl(os.P_NOWAIT, "/usr/share/system-config-selinux/polgengui.py")
2375+ except ValueError, e:
2376+ self.error(e.args[0])
2377+
2378+ def delete(self):
2379+ store, iter = self.view.get_selection().get_selected()
2380+ module = store.get_value(iter, 0)
2381+ try:
2382+ self.wait()
2383+ status, output = commands.getstatusoutput("semodule -r %s" % module)
2384+ self.ready()
2385+ if status != 0:
2386+ self.error(output)
2387+ else:
2388+ store.remove(iter)
2389+ self.view.get_selection().select_path ((0,))
2390+
2391+ except ValueError, e:
2392+ self.error(e.args[0])
2393+
2394+ def enable_audit(self, button):
2395+ self.audit_enabled = not self.audit_enabled
2396+ try:
2397+ self.wait()
2398+ if self.audit_enabled:
2399+ status, output =commands.getstatusoutput("semodule -DB")
2400+ button.set_label(_("Disable Audit"))
2401+ else:
2402+ status, output =commands.getstatusoutput("semodule -B")
2403+ button.set_label(_("Enable Audit"))
2404+ self.ready()
2405+
2406+ if status != 0:
2407+ self.error(output)
2408+
2409+ except ValueError, e:
2410+ self.error(e.args[0])
2411+
2412+ def disable_audit(self, button):
2413+ try:
2414+ self.wait()
2415+ status, output =commands.getstatusoutput("semodule -B")
2416+ self.ready()
2417+ if status != 0:
2418+ self.error(output)
2419+
2420+ except ValueError, e:
2421+ self.error(e.args[0])
2422+
2423+ def propertiesDialog(self):
2424+ # Do nothing
2425+ return
2426+
2427+ def addDialog(self):
2428+ dialog = gtk.FileChooserDialog(_("Load Policy Module"),
2429+ None,
2430+ gtk.FILE_CHOOSER_ACTION_OPEN,
2431+ (gtk.STOCK_CANCEL, gtk.RESPONSE_CANCEL,
2432+ gtk.STOCK_OPEN, gtk.RESPONSE_OK))
2433+ dialog.set_default_response(gtk.RESPONSE_OK)
2434+
2435+ filter = gtk.FileFilter()
2436+ filter.set_name("Policy Files")
2437+ filter.add_pattern("*.pp")
2438+ dialog.add_filter(filter)
2439+
2440+ response = dialog.run()
2441+ if response == gtk.RESPONSE_OK:
2442+ self.add(dialog.get_filename())
2443+ dialog.destroy()
2444+
2445+ def add(self, file):
2446+ try:
2447+ self.wait()
2448+ status, output =commands.getstatusoutput("semodule -i %s" % file)
2449+ self.ready()
2450+ if status != 0:
2451+ self.error(output)
2452+ else:
2453+ self.load()
2454+
2455+ except ValueError, e:
2456+ self.error(e.args[0])
2457diff -up policycoreutils-2.1.8/gui/polgen.glade.gui policycoreutils-2.1.8/gui/polgen.glade
2458--- policycoreutils-2.1.8/gui/polgen.glade.gui 2011-11-07 15:12:01.902834231 -0500
2459+++ policycoreutils-2.1.8/gui/polgen.glade 2011-11-07 15:12:01.903834231 -0500
2460@@ -0,0 +1,3432 @@
2461+<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*-->
2462+<!DOCTYPE glade-interface SYSTEM "http://glade.gnome.org/glade-2.0.dtd">
2463+
2464+<glade-interface>
2465+<requires lib="gnome"/>
2466+
2467+<widget class="GtkFileChooserDialog" id="filechooserdialog">
2468+ <property name="border_width">5</property>
2469+ <property name="action">GTK_FILE_CHOOSER_ACTION_OPEN</property>
2470+ <property name="local_only">True</property>
2471+ <property name="select_multiple">True</property>
2472+ <property name="show_hidden">True</property>
2473+ <property name="do_overwrite_confirmation">False</property>
2474+ <property name="type">GTK_WINDOW_TOPLEVEL</property>
2475+ <property name="window_position">GTK_WIN_POS_MOUSE</property>
2476+ <property name="modal">False</property>
2477+ <property name="resizable">True</property>
2478+ <property name="destroy_with_parent">False</property>
2479+ <property name="decorated">True</property>
2480+ <property name="skip_taskbar_hint">False</property>
2481+ <property name="skip_pager_hint">False</property>
2482+ <property name="type_hint">GDK_WINDOW_TYPE_HINT_DIALOG</property>
2483+ <property name="gravity">GDK_GRAVITY_NORTH_WEST</property>
2484+ <property name="focus_on_map">True</property>
2485+ <property name="urgency_hint">False</property>
2486+
2487+ <child internal-child="vbox">
2488+ <widget class="GtkVBox" id="dialog-vbox1">
2489+ <property name="visible">True</property>
2490+ <property name="homogeneous">False</property>
2491+ <property name="spacing">24</property>
2492+
2493+ <child internal-child="action_area">
2494+ <widget class="GtkHButtonBox" id="dialog-action_area1">
2495+ <property name="visible">True</property>
2496+ <property name="layout_style">GTK_BUTTONBOX_END</property>
2497+
2498+ <child>
2499+ <widget class="GtkButton" id="button5">
2500+ <property name="visible">True</property>
2501+ <property name="can_default">True</property>
2502+ <property name="can_focus">True</property>
2503+ <property name="label">gtk-cancel</property>
2504+ <property name="use_stock">True</property>
2505+ <property name="relief">GTK_RELIEF_NORMAL</property>
2506+ <property name="focus_on_click">True</property>
2507+ <property name="response_id">-6</property>
2508+ </widget>
2509+ </child>
2510+
2511+ <child>
2512+ <widget class="GtkButton" id="button6">
2513+ <property name="visible">True</property>
2514+ <property name="can_default">True</property>
2515+ <property name="has_default">True</property>
2516+ <property name="can_focus">True</property>
2517+ <property name="label">gtk-add</property>
2518+ <property name="use_stock">True</property>
2519+ <property name="relief">GTK_RELIEF_NORMAL</property>
2520+ <property name="focus_on_click">True</property>
2521+ <property name="response_id">-5</property>
2522+ </widget>
2523+ </child>
2524+ </widget>
2525+ <packing>
2526+ <property name="padding">0</property>
2527+ <property name="expand">False</property>
2528+ <property name="fill">True</property>
2529+ <property name="pack_type">GTK_PACK_END</property>
2530+ </packing>
2531+ </child>
2532+ </widget>
2533+ </child>
2534+</widget>
2535+
2536+<widget class="GtkAboutDialog" id="about_dialog">
2537+ <property name="border_width">5</property>
2538+ <property name="destroy_with_parent">False</property>
2539+ <property name="name" translatable="yes">Polgen</property>
2540+ <property name="copyright" translatable="yes">Red Hat 2007</property>
2541+ <property name="license" translatable="yes">GPL</property>
2542+ <property name="wrap_license">False</property>
2543+ <property name="website">www.redhat.com</property>
2544+ <property name="authors">Daniel Walsh &lt;dwalsh@redhat.com&gt;</property>
2545+ <property name="translator_credits" translatable="yes" comments="TRANSLATORS: Replace this string with your names, one name per line.">translator-credits</property>
2546+</widget>
2547+
2548+<widget class="GtkWindow" id="main_window">
2549+ <property name="visible">True</property>
2550+ <property name="title" translatable="yes">SELinux Policy Generation Tool</property>
2551+ <property name="type">GTK_WINDOW_TOPLEVEL</property>
2552+ <property name="window_position">GTK_WIN_POS_NONE</property>
2553+ <property name="modal">False</property>
2554+ <property name="resizable">True</property>
2555+ <property name="destroy_with_parent">False</property>
2556+ <property name="decorated">True</property>
2557+ <property name="skip_taskbar_hint">False</property>
2558+ <property name="skip_pager_hint">False</property>
2559+ <property name="type_hint">GDK_WINDOW_TYPE_HINT_NORMAL</property>
2560+ <property name="gravity">GDK_GRAVITY_NORTH_WEST</property>
2561+ <property name="focus_on_map">True</property>
2562+ <property name="urgency_hint">False</property>
2563+
2564+ <child>
2565+ <widget class="GtkVBox" id="vbox11">
2566+ <property name="visible">True</property>
2567+ <property name="homogeneous">False</property>
2568+ <property name="spacing">18</property>
2569+
2570+ <child>
2571+ <widget class="GtkNotebook" id="notebook">
2572+ <property name="visible">True</property>
2573+ <property name="show_tabs">False</property>
2574+ <property name="show_border">True</property>
2575+ <property name="tab_pos">GTK_POS_LEFT</property>
2576+ <property name="scrollable">False</property>
2577+ <property name="enable_popup">False</property>
2578+
2579+ <child>
2580+ <widget class="GtkVBox" id="vbox59">
2581+ <property name="visible">True</property>
2582+ <property name="homogeneous">False</property>
2583+ <property name="spacing">0</property>
2584+
2585+ <child>
2586+ <widget class="GtkLabel" id="select_type_label">
2587+ <property name="visible">True</property>
2588+ <property name="label" translatable="yes">&lt;b&gt;Select the policy type for the application or user role you want to confine:&lt;/b&gt;</property>
2589+ <property name="use_underline">False</property>
2590+ <property name="use_markup">True</property>
2591+ <property name="justify">GTK_JUSTIFY_LEFT</property>
2592+ <property name="wrap">False</property>
2593+ <property name="selectable">False</property>
2594+ <property name="xalign">0</property>
2595+ <property name="yalign">0.5</property>
2596+ <property name="xpad">0</property>
2597+ <property name="ypad">0</property>
2598+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
2599+ <property name="width_chars">-1</property>
2600+ <property name="single_line_mode">False</property>
2601+ <property name="angle">0</property>
2602+ </widget>
2603+ <packing>
2604+ <property name="padding">5</property>
2605+ <property name="expand">False</property>
2606+ <property name="fill">False</property>
2607+ </packing>
2608+ </child>
2609+
2610+ <child>
2611+ <widget class="GtkVBox" id="vbox58">
2612+ <property name="visible">True</property>
2613+ <property name="homogeneous">False</property>
2614+ <property name="spacing">0</property>
2615+
2616+ <child>
2617+ <widget class="GtkVBox" id="vbox14">
2618+ <property name="visible">True</property>
2619+ <property name="homogeneous">False</property>
2620+ <property name="spacing">0</property>
2621+
2622+ <child>
2623+ <widget class="GtkHBox" id="hbox16">
2624+ <property name="visible">True</property>
2625+ <property name="homogeneous">False</property>
2626+ <property name="spacing">12</property>
2627+
2628+ <child>
2629+ <widget class="GtkVBox" id="vbox18">
2630+ <property name="visible">True</property>
2631+ <property name="homogeneous">False</property>
2632+ <property name="spacing">6</property>
2633+
2634+ <child>
2635+ <widget class="GtkLabel" id="label41">
2636+ <property name="visible">True</property>
2637+ <property name="label" translatable="yes">&lt;b&gt;Applications&lt;/b&gt;</property>
2638+ <property name="use_underline">False</property>
2639+ <property name="use_markup">True</property>
2640+ <property name="justify">GTK_JUSTIFY_LEFT</property>
2641+ <property name="wrap">False</property>
2642+ <property name="selectable">False</property>
2643+ <property name="xalign">0</property>
2644+ <property name="yalign">0.5</property>
2645+ <property name="xpad">0</property>
2646+ <property name="ypad">0</property>
2647+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
2648+ <property name="width_chars">-1</property>
2649+ <property name="single_line_mode">False</property>
2650+ <property name="angle">0</property>
2651+ </widget>
2652+ <packing>
2653+ <property name="padding">0</property>
2654+ <property name="expand">False</property>
2655+ <property name="fill">False</property>
2656+ </packing>
2657+ </child>
2658+
2659+ <child>
2660+ <widget class="GtkHBox" id="hbox17">
2661+ <property name="visible">True</property>
2662+ <property name="homogeneous">False</property>
2663+ <property name="spacing">0</property>
2664+
2665+ <child>
2666+ <widget class="GtkLabel" id="label52">
2667+ <property name="visible">True</property>
2668+ <property name="label"> </property>
2669+ <property name="use_underline">False</property>
2670+ <property name="use_markup">False</property>
2671+ <property name="justify">GTK_JUSTIFY_LEFT</property>
2672+ <property name="wrap">False</property>
2673+ <property name="selectable">False</property>
2674+ <property name="xalign">0.5</property>
2675+ <property name="yalign">0.5</property>
2676+ <property name="xpad">0</property>
2677+ <property name="ypad">0</property>
2678+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
2679+ <property name="width_chars">-1</property>
2680+ <property name="single_line_mode">False</property>
2681+ <property name="angle">0</property>
2682+ </widget>
2683+ <packing>
2684+ <property name="padding">0</property>
2685+ <property name="expand">False</property>
2686+ <property name="fill">False</property>
2687+ </packing>
2688+ </child>
2689+
2690+ <child>
2691+ <widget class="GtkVBox" id="vbox6">
2692+ <property name="visible">True</property>
2693+ <property name="homogeneous">False</property>
2694+ <property name="spacing">6</property>
2695+
2696+ <child>
2697+ <widget class="GtkRadioButton" id="init_radiobutton">
2698+ <property name="visible">True</property>
2699+ <property name="tooltip" translatable="yes">Standard Init Daemon are daemons started on boot via init scripts. Usually requires a script in /etc/rc.d/init.d</property>
2700+ <property name="can_focus">True</property>
2701+ <property name="label" translatable="yes">Standard Init Daemon</property>
2702+ <property name="use_underline">True</property>
2703+ <property name="relief">GTK_RELIEF_NORMAL</property>
2704+ <property name="focus_on_click">True</property>
2705+ <property name="active">False</property>
2706+ <property name="inconsistent">False</property>
2707+ <property name="draw_indicator">True</property>
2708+ </widget>
2709+ <packing>
2710+ <property name="padding">0</property>
2711+ <property name="expand">False</property>
2712+ <property name="fill">False</property>
2713+ </packing>
2714+ </child>
2715+
2716+ <child>
2717+ <widget class="GtkRadioButton" id="dbus_radiobutton">
2718+ <property name="visible">True</property>
2719+ <property name="tooltip" translatable="yes">Standard Init Daemon are daemons started on boot via init scripts. Usually requires a script in /etc/rc.d/init.d</property>
2720+ <property name="can_focus">True</property>
2721+ <property name="label" translatable="yes">DBUS System Daemon</property>
2722+ <property name="use_underline">True</property>
2723+ <property name="relief">GTK_RELIEF_NORMAL</property>
2724+ <property name="focus_on_click">True</property>
2725+ <property name="active">False</property>
2726+ <property name="inconsistent">False</property>
2727+ <property name="draw_indicator">True</property>
2728+ <property name="group">init_radiobutton</property>
2729+ </widget>
2730+ <packing>
2731+ <property name="padding">0</property>
2732+ <property name="expand">False</property>
2733+ <property name="fill">False</property>
2734+ </packing>
2735+ </child>
2736+
2737+ <child>
2738+ <widget class="GtkRadioButton" id="inetd_radiobutton">
2739+ <property name="visible">True</property>
2740+ <property name="tooltip" translatable="yes">Internet Services Daemon are daemons started by xinetd</property>
2741+ <property name="can_focus">True</property>
2742+ <property name="label" translatable="yes">Internet Services Daemon (inetd)</property>
2743+ <property name="use_underline">True</property>
2744+ <property name="relief">GTK_RELIEF_NORMAL</property>
2745+ <property name="focus_on_click">True</property>
2746+ <property name="active">False</property>
2747+ <property name="inconsistent">False</property>
2748+ <property name="draw_indicator">True</property>
2749+ <property name="group">init_radiobutton</property>
2750+ </widget>
2751+ <packing>
2752+ <property name="padding">0</property>
2753+ <property name="expand">False</property>
2754+ <property name="fill">False</property>
2755+ </packing>
2756+ </child>
2757+
2758+ <child>
2759+ <widget class="GtkRadioButton" id="cgi_radiobutton">
2760+ <property name="visible">True</property>
2761+ <property name="tooltip" translatable="yes">Web Applications/Script (CGI) CGI scripts started by the web server (apache)</property>
2762+ <property name="can_focus">True</property>
2763+ <property name="label" translatable="yes">Web Application/Script (CGI)</property>
2764+ <property name="use_underline">True</property>
2765+ <property name="relief">GTK_RELIEF_NORMAL</property>
2766+ <property name="focus_on_click">True</property>
2767+ <property name="active">False</property>
2768+ <property name="inconsistent">False</property>
2769+ <property name="draw_indicator">True</property>
2770+ <property name="group">init_radiobutton</property>
2771+ </widget>
2772+ <packing>
2773+ <property name="padding">0</property>
2774+ <property name="expand">False</property>
2775+ <property name="fill">False</property>
2776+ </packing>
2777+ </child>
2778+
2779+ <child>
2780+ <widget class="GtkRadioButton" id="user_radiobutton">
2781+ <property name="visible">True</property>
2782+ <property name="tooltip" translatable="yes">User Application are any application that you would like to confine that is started by a user</property>
2783+ <property name="can_focus">True</property>
2784+ <property name="label" translatable="yes">User Application</property>
2785+ <property name="use_underline">True</property>
2786+ <property name="relief">GTK_RELIEF_NORMAL</property>
2787+ <property name="focus_on_click">True</property>
2788+ <property name="active">False</property>
2789+ <property name="inconsistent">False</property>
2790+ <property name="draw_indicator">True</property>
2791+ <property name="group">init_radiobutton</property>
2792+ </widget>
2793+ <packing>
2794+ <property name="padding">0</property>
2795+ <property name="expand">False</property>
2796+ <property name="fill">False</property>
2797+ </packing>
2798+ </child>
2799+
2800+ <child>
2801+ <widget class="GtkRadioButton" id="sandbox_radiobutton">
2802+ <property name="visible">True</property>
2803+ <property name="tooltip" translatable="yes">User Application are any application that you would like to confine that is started by a user</property>
2804+ <property name="can_focus">True</property>
2805+ <property name="label" translatable="yes">Sandbox</property>
2806+ <property name="use_underline">True</property>
2807+ <property name="relief">GTK_RELIEF_NORMAL</property>
2808+ <property name="focus_on_click">True</property>
2809+ <property name="active">False</property>
2810+ <property name="inconsistent">False</property>
2811+ <property name="draw_indicator">True</property>
2812+ <property name="group">init_radiobutton</property>
2813+ </widget>
2814+ <packing>
2815+ <property name="padding">0</property>
2816+ <property name="expand">False</property>
2817+ <property name="fill">False</property>
2818+ </packing>
2819+ </child>
2820+ </widget>
2821+ <packing>
2822+ <property name="padding">0</property>
2823+ <property name="expand">False</property>
2824+ <property name="fill">False</property>
2825+ </packing>
2826+ </child>
2827+ </widget>
2828+ <packing>
2829+ <property name="padding">0</property>
2830+ <property name="expand">True</property>
2831+ <property name="fill">True</property>
2832+ </packing>
2833+ </child>
2834+ </widget>
2835+ <packing>
2836+ <property name="padding">0</property>
2837+ <property name="expand">False</property>
2838+ <property name="fill">True</property>
2839+ </packing>
2840+ </child>
2841+
2842+ <child>
2843+ <widget class="GtkVBox" id="vbox19">
2844+ <property name="visible">True</property>
2845+ <property name="homogeneous">False</property>
2846+ <property name="spacing">6</property>
2847+
2848+ <child>
2849+ <widget class="GtkLabel" id="label42">
2850+ <property name="visible">True</property>
2851+ <property name="label" translatable="yes">&lt;b&gt;Login Users&lt;/b&gt;</property>
2852+ <property name="use_underline">False</property>
2853+ <property name="use_markup">True</property>
2854+ <property name="justify">GTK_JUSTIFY_LEFT</property>
2855+ <property name="wrap">False</property>
2856+ <property name="selectable">False</property>
2857+ <property name="xalign">0</property>
2858+ <property name="yalign">0.5</property>
2859+ <property name="xpad">0</property>
2860+ <property name="ypad">0</property>
2861+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
2862+ <property name="width_chars">-1</property>
2863+ <property name="single_line_mode">False</property>
2864+ <property name="angle">0</property>
2865+ </widget>
2866+ <packing>
2867+ <property name="padding">0</property>
2868+ <property name="expand">False</property>
2869+ <property name="fill">False</property>
2870+ </packing>
2871+ </child>
2872+
2873+ <child>
2874+ <widget class="GtkHBox" id="hbox18">
2875+ <property name="visible">True</property>
2876+ <property name="homogeneous">False</property>
2877+ <property name="spacing">0</property>
2878+
2879+ <child>
2880+ <widget class="GtkLabel" id="label53">
2881+ <property name="visible">True</property>
2882+ <property name="label"> </property>
2883+ <property name="use_underline">False</property>
2884+ <property name="use_markup">False</property>
2885+ <property name="justify">GTK_JUSTIFY_LEFT</property>
2886+ <property name="wrap">False</property>
2887+ <property name="selectable">False</property>
2888+ <property name="xalign">0.5</property>
2889+ <property name="yalign">0.5</property>
2890+ <property name="xpad">0</property>
2891+ <property name="ypad">0</property>
2892+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
2893+ <property name="width_chars">-1</property>
2894+ <property name="single_line_mode">False</property>
2895+ <property name="angle">0</property>
2896+ </widget>
2897+ <packing>
2898+ <property name="padding">0</property>
2899+ <property name="expand">False</property>
2900+ <property name="fill">False</property>
2901+ </packing>
2902+ </child>
2903+
2904+ <child>
2905+ <widget class="GtkVBox" id="vbox15">
2906+ <property name="visible">True</property>
2907+ <property name="homogeneous">False</property>
2908+ <property name="spacing">6</property>
2909+
2910+ <child>
2911+ <widget class="GtkRadioButton" id="existing_user_radiobutton">
2912+ <property name="visible">True</property>
2913+ <property name="tooltip" translatable="yes">Modify an existing login user record.</property>
2914+ <property name="can_focus">True</property>
2915+ <property name="label" translatable="yes">Existing User Roles</property>
2916+ <property name="use_underline">True</property>
2917+ <property name="relief">GTK_RELIEF_NORMAL</property>
2918+ <property name="focus_on_click">True</property>
2919+ <property name="active">False</property>
2920+ <property name="inconsistent">False</property>
2921+ <property name="draw_indicator">True</property>
2922+ <property name="group">init_radiobutton</property>
2923+ </widget>
2924+ <packing>
2925+ <property name="padding">0</property>
2926+ <property name="expand">False</property>
2927+ <property name="fill">False</property>
2928+ </packing>
2929+ </child>
2930+
2931+ <child>
2932+ <widget class="GtkRadioButton" id="terminal_user_radiobutton">
2933+ <property name="visible">True</property>
2934+ <property name="tooltip" translatable="yes">This user will login to a machine only via a terminal or remote login. By default this user will have no setuid, no networking, no su, no sudo.</property>
2935+ <property name="can_focus">True</property>
2936+ <property name="label" translatable="yes">Minimal Terminal User Role</property>
2937+ <property name="use_underline">True</property>
2938+ <property name="relief">GTK_RELIEF_NORMAL</property>
2939+ <property name="focus_on_click">True</property>
2940+ <property name="active">False</property>
2941+ <property name="inconsistent">False</property>
2942+ <property name="draw_indicator">True</property>
2943+ <property name="group">init_radiobutton</property>
2944+ </widget>
2945+ <packing>
2946+ <property name="padding">0</property>
2947+ <property name="expand">False</property>
2948+ <property name="fill">False</property>
2949+ </packing>
2950+ </child>
2951+
2952+ <child>
2953+ <widget class="GtkRadioButton" id="xwindows_user_radiobutton">
2954+ <property name="visible">True</property>
2955+ <property name="tooltip" translatable="yes">This user can login to a machine via X or terminal. By default this user will have no setuid, no networking, no sudo, no su</property>
2956+ <property name="can_focus">True</property>
2957+ <property name="label" translatable="yes">Minimal X Windows User Role</property>
2958+ <property name="use_underline">True</property>
2959+ <property name="relief">GTK_RELIEF_NORMAL</property>
2960+ <property name="focus_on_click">True</property>
2961+ <property name="active">False</property>
2962+ <property name="inconsistent">False</property>
2963+ <property name="draw_indicator">True</property>
2964+ <property name="group">init_radiobutton</property>
2965+ </widget>
2966+ <packing>
2967+ <property name="padding">0</property>
2968+ <property name="expand">False</property>
2969+ <property name="fill">False</property>
2970+ </packing>
2971+ </child>
2972+
2973+ <child>
2974+ <widget class="GtkRadioButton" id="login_user_radiobutton">
2975+ <property name="visible">True</property>
2976+ <property name="tooltip" translatable="yes">User with full networking, no setuid applications without transition, no sudo, no su.</property>
2977+ <property name="can_focus">True</property>
2978+ <property name="label" translatable="yes">User Role</property>
2979+ <property name="use_underline">True</property>
2980+ <property name="relief">GTK_RELIEF_NORMAL</property>
2981+ <property name="focus_on_click">True</property>
2982+ <property name="active">False</property>
2983+ <property name="inconsistent">False</property>
2984+ <property name="draw_indicator">True</property>
2985+ <property name="group">init_radiobutton</property>
2986+ </widget>
2987+ <packing>
2988+ <property name="padding">0</property>
2989+ <property name="expand">False</property>
2990+ <property name="fill">False</property>
2991+ </packing>
2992+ </child>
2993+
2994+ <child>
2995+ <widget class="GtkRadioButton" id="admin_user_radiobutton">
2996+ <property name="visible">True</property>
2997+ <property name="tooltip" translatable="yes">User with full networking, no setuid applications without transition, no su, can sudo to Root Administration Roles</property>
2998+ <property name="can_focus">True</property>
2999+ <property name="label" translatable="yes">Admin User Role</property>
3000+ <property name="use_underline">True</property>
3001+ <property name="relief">GTK_RELIEF_NORMAL</property>
3002+ <property name="focus_on_click">True</property>
3003+ <property name="active">False</property>
3004+ <property name="inconsistent">False</property>
3005+ <property name="draw_indicator">True</property>
3006+ <property name="group">init_radiobutton</property>
3007+ </widget>
3008+ <packing>
3009+ <property name="padding">0</property>
3010+ <property name="expand">False</property>
3011+ <property name="fill">False</property>
3012+ </packing>
3013+ </child>
3014+ </widget>
3015+ <packing>
3016+ <property name="padding">0</property>
3017+ <property name="expand">True</property>
3018+ <property name="fill">False</property>
3019+ </packing>
3020+ </child>
3021+ </widget>
3022+ <packing>
3023+ <property name="padding">0</property>
3024+ <property name="expand">True</property>
3025+ <property name="fill">True</property>
3026+ </packing>
3027+ </child>
3028+ </widget>
3029+ <packing>
3030+ <property name="padding">0</property>
3031+ <property name="expand">False</property>
3032+ <property name="fill">True</property>
3033+ </packing>
3034+ </child>
3035+
3036+ <child>
3037+ <widget class="GtkVBox" id="vbox20">
3038+ <property name="visible">True</property>
3039+ <property name="homogeneous">False</property>
3040+ <property name="spacing">6</property>
3041+
3042+ <child>
3043+ <widget class="GtkLabel" id="label50">
3044+ <property name="visible">True</property>
3045+ <property name="label" translatable="yes">&lt;b&gt;Root Users&lt;/b&gt;</property>
3046+ <property name="use_underline">False</property>
3047+ <property name="use_markup">True</property>
3048+ <property name="justify">GTK_JUSTIFY_LEFT</property>
3049+ <property name="wrap">False</property>
3050+ <property name="selectable">False</property>
3051+ <property name="xalign">0</property>
3052+ <property name="yalign">0.5</property>
3053+ <property name="xpad">0</property>
3054+ <property name="ypad">0</property>
3055+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
3056+ <property name="width_chars">-1</property>
3057+ <property name="single_line_mode">False</property>
3058+ <property name="angle">0</property>
3059+ </widget>
3060+ <packing>
3061+ <property name="padding">0</property>
3062+ <property name="expand">False</property>
3063+ <property name="fill">False</property>
3064+ </packing>
3065+ </child>
3066+
3067+ <child>
3068+ <widget class="GtkHBox" id="hbox19">
3069+ <property name="visible">True</property>
3070+ <property name="homogeneous">False</property>
3071+ <property name="spacing">0</property>
3072+
3073+ <child>
3074+ <widget class="GtkLabel" id="label54">
3075+ <property name="visible">True</property>
3076+ <property name="label"> </property>
3077+ <property name="use_underline">False</property>
3078+ <property name="use_markup">False</property>
3079+ <property name="justify">GTK_JUSTIFY_LEFT</property>
3080+ <property name="wrap">False</property>
3081+ <property name="selectable">False</property>
3082+ <property name="xalign">0.5</property>
3083+ <property name="yalign">0.5</property>
3084+ <property name="xpad">0</property>
3085+ <property name="ypad">0</property>
3086+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
3087+ <property name="width_chars">-1</property>
3088+ <property name="single_line_mode">False</property>
3089+ <property name="angle">0</property>
3090+ </widget>
3091+ <packing>
3092+ <property name="padding">0</property>
3093+ <property name="expand">False</property>
3094+ <property name="fill">False</property>
3095+ </packing>
3096+ </child>
3097+
3098+ <child>
3099+ <widget class="GtkVBox" id="vbox21">
3100+ <property name="visible">True</property>
3101+ <property name="homogeneous">False</property>
3102+ <property name="spacing">0</property>
3103+
3104+ <child>
3105+ <widget class="GtkRadioButton" id="root_user_radiobutton">
3106+ <property name="visible">True</property>
3107+ <property name="tooltip" translatable="yes">Select Root Administrator User Role, if this user will be used to administer the machine while running as root. This user will not be able to login to the system directly.</property>
3108+ <property name="can_focus">True</property>
3109+ <property name="label" translatable="yes">Root Admin User Role</property>
3110+ <property name="use_underline">True</property>
3111+ <property name="relief">GTK_RELIEF_NORMAL</property>
3112+ <property name="focus_on_click">True</property>
3113+ <property name="active">False</property>
3114+ <property name="inconsistent">False</property>
3115+ <property name="draw_indicator">True</property>
3116+ <property name="group">init_radiobutton</property>
3117+ </widget>
3118+ <packing>
3119+ <property name="padding">0</property>
3120+ <property name="expand">False</property>
3121+ <property name="fill">False</property>
3122+ </packing>
3123+ </child>
3124+ </widget>
3125+ <packing>
3126+ <property name="padding">0</property>
3127+ <property name="expand">False</property>
3128+ <property name="fill">False</property>
3129+ </packing>
3130+ </child>
3131+ </widget>
3132+ <packing>
3133+ <property name="padding">0</property>
3134+ <property name="expand">True</property>
3135+ <property name="fill">True</property>
3136+ </packing>
3137+ </child>
3138+ </widget>
3139+ <packing>
3140+ <property name="padding">0</property>
3141+ <property name="expand">True</property>
3142+ <property name="fill">True</property>
3143+ </packing>
3144+ </child>
3145+ </widget>
3146+ <packing>
3147+ <property name="padding">0</property>
3148+ <property name="expand">True</property>
3149+ <property name="fill">True</property>
3150+ </packing>
3151+ </child>
3152+ </widget>
3153+ <packing>
3154+ <property name="padding">0</property>
3155+ <property name="expand">True</property>
3156+ <property name="fill">True</property>
3157+ </packing>
3158+ </child>
3159+ </widget>
3160+ <packing>
3161+ <property name="padding">0</property>
3162+ <property name="expand">True</property>
3163+ <property name="fill">True</property>
3164+ </packing>
3165+ </child>
3166+ </widget>
3167+ <packing>
3168+ <property name="tab_expand">True</property>
3169+ <property name="tab_fill">True</property>
3170+ </packing>
3171+ </child>
3172+
3173+ <child>
3174+ <widget class="GtkLabel" id="label104">
3175+ <property name="visible">True</property>
3176+ <property name="label" translatable="yes">label104</property>
3177+ <property name="use_underline">False</property>
3178+ <property name="use_markup">False</property>
3179+ <property name="justify">GTK_JUSTIFY_LEFT</property>
3180+ <property name="wrap">False</property>
3181+ <property name="selectable">False</property>
3182+ <property name="xalign">0.5</property>
3183+ <property name="yalign">0.5</property>
3184+ <property name="xpad">0</property>
3185+ <property name="ypad">0</property>
3186+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
3187+ <property name="width_chars">-1</property>
3188+ <property name="single_line_mode">False</property>
3189+ <property name="angle">0</property>
3190+ </widget>
3191+ <packing>
3192+ <property name="type">tab</property>
3193+ </packing>
3194+ </child>
3195+
3196+ <child>
3197+ <widget class="GtkVBox" id="vbox60">
3198+ <property name="visible">True</property>
3199+ <property name="homogeneous">False</property>
3200+ <property name="spacing">0</property>
3201+
3202+ <child>
3203+ <widget class="GtkLabel" id="select_name_label">
3204+ <property name="visible">True</property>
3205+ <property name="label" translatable="yes">&lt;b&gt;Enter name of application or user role:&lt;/b&gt;</property>
3206+ <property name="use_underline">False</property>
3207+ <property name="use_markup">True</property>
3208+ <property name="justify">GTK_JUSTIFY_LEFT</property>
3209+ <property name="wrap">False</property>
3210+ <property name="selectable">False</property>
3211+ <property name="xalign">0</property>
3212+ <property name="yalign">0.5</property>
3213+ <property name="xpad">0</property>
3214+ <property name="ypad">0</property>
3215+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
3216+ <property name="width_chars">-1</property>
3217+ <property name="single_line_mode">False</property>
3218+ <property name="angle">0</property>
3219+ </widget>
3220+ <packing>
3221+ <property name="padding">5</property>
3222+ <property name="expand">False</property>
3223+ <property name="fill">False</property>
3224+ </packing>
3225+ </child>
3226+
3227+ <child>
3228+ <widget class="GtkTable" id="table5">
3229+ <property name="visible">True</property>
3230+ <property name="n_rows">3</property>
3231+ <property name="n_columns">3</property>
3232+ <property name="homogeneous">False</property>
3233+ <property name="row_spacing">6</property>
3234+ <property name="column_spacing">12</property>
3235+
3236+ <child>
3237+ <widget class="GtkLabel" id="label1">
3238+ <property name="visible">True</property>
3239+ <property name="label" translatable="yes">Name</property>
3240+ <property name="use_underline">False</property>
3241+ <property name="use_markup">False</property>
3242+ <property name="justify">GTK_JUSTIFY_LEFT</property>
3243+ <property name="wrap">False</property>
3244+ <property name="selectable">False</property>
3245+ <property name="xalign">0</property>
3246+ <property name="yalign">0.5</property>
3247+ <property name="xpad">0</property>
3248+ <property name="ypad">0</property>
3249+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
3250+ <property name="width_chars">-1</property>
3251+ <property name="single_line_mode">False</property>
3252+ <property name="angle">0</property>
3253+ </widget>
3254+ <packing>
3255+ <property name="left_attach">0</property>
3256+ <property name="right_attach">1</property>
3257+ <property name="top_attach">0</property>
3258+ <property name="bottom_attach">1</property>
3259+ <property name="x_options">fill</property>
3260+ <property name="y_options"></property>
3261+ </packing>
3262+ </child>
3263+
3264+ <child>
3265+ <widget class="GtkEntry" id="exec_entry">
3266+ <property name="visible">True</property>
3267+ <property name="tooltip" translatable="yes">Enter complete path for executable to be confined.</property>
3268+ <property name="can_focus">True</property>
3269+ <property name="editable">True</property>
3270+ <property name="visibility">True</property>
3271+ <property name="max_length">0</property>
3272+ <property name="text" translatable="yes"></property>
3273+ <property name="has_frame">True</property>
3274+ <property name="invisible_char">•</property>
3275+ <property name="activates_default">False</property>
3276+ </widget>
3277+ <packing>
3278+ <property name="left_attach">1</property>
3279+ <property name="right_attach">2</property>
3280+ <property name="top_attach">1</property>
3281+ <property name="bottom_attach">2</property>
3282+ <property name="y_options"></property>
3283+ </packing>
3284+ </child>
3285+
3286+ <child>
3287+ <widget class="GtkButton" id="exec_button">
3288+ <property name="visible">True</property>
3289+ <property name="can_focus">True</property>
3290+ <property name="label" translatable="yes">...</property>
3291+ <property name="use_underline">True</property>
3292+ <property name="relief">GTK_RELIEF_NORMAL</property>
3293+ <property name="focus_on_click">True</property>
3294+ <signal name="clicked" handler="on_exec_select_clicked" last_modification_time="Wed, 21 Feb 2007 18:45:26 GMT"/>
3295+ </widget>
3296+ <packing>
3297+ <property name="left_attach">2</property>
3298+ <property name="right_attach">3</property>
3299+ <property name="top_attach">1</property>
3300+ <property name="bottom_attach">2</property>
3301+ <property name="x_options">fill</property>
3302+ <property name="y_options"></property>
3303+ </packing>
3304+ </child>
3305+
3306+ <child>
3307+ <widget class="GtkEntry" id="name_entry">
3308+ <property name="visible">True</property>
3309+ <property name="tooltip" translatable="yes">Enter unique name for the confined application or user role.</property>
3310+ <property name="can_focus">True</property>
3311+ <property name="editable">True</property>
3312+ <property name="visibility">True</property>
3313+ <property name="max_length">0</property>
3314+ <property name="text" translatable="yes"></property>
3315+ <property name="has_frame">True</property>
3316+ <property name="invisible_char">•</property>
3317+ <property name="activates_default">False</property>
3318+ </widget>
3319+ <packing>
3320+ <property name="left_attach">1</property>
3321+ <property name="right_attach">3</property>
3322+ <property name="top_attach">0</property>
3323+ <property name="bottom_attach">1</property>
3324+ <property name="y_options"></property>
3325+ </packing>
3326+ </child>
3327+
3328+ <child>
3329+ <widget class="GtkLabel" id="label2">
3330+ <property name="visible">True</property>
3331+ <property name="label" translatable="yes">Executable</property>
3332+ <property name="use_underline">False</property>
3333+ <property name="use_markup">False</property>
3334+ <property name="justify">GTK_JUSTIFY_LEFT</property>
3335+ <property name="wrap">False</property>
3336+ <property name="selectable">False</property>
3337+ <property name="xalign">0</property>
3338+ <property name="yalign">0.5</property>
3339+ <property name="xpad">0</property>
3340+ <property name="ypad">0</property>
3341+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
3342+ <property name="width_chars">-1</property>
3343+ <property name="single_line_mode">False</property>
3344+ <property name="angle">0</property>
3345+ </widget>
3346+ <packing>
3347+ <property name="left_attach">0</property>
3348+ <property name="right_attach">1</property>
3349+ <property name="top_attach">1</property>
3350+ <property name="bottom_attach">2</property>
3351+ <property name="x_options">fill</property>
3352+ <property name="y_options"></property>
3353+ </packing>
3354+ </child>
3355+
3356+ <child>
3357+ <widget class="GtkLabel" id="label40">
3358+ <property name="visible">True</property>
3359+ <property name="label" translatable="yes">Init script</property>
3360+ <property name="use_underline">False</property>
3361+ <property name="use_markup">False</property>
3362+ <property name="justify">GTK_JUSTIFY_LEFT</property>
3363+ <property name="wrap">False</property>
3364+ <property name="selectable">False</property>
3365+ <property name="xalign">0</property>
3366+ <property name="yalign">0.5</property>
3367+ <property name="xpad">0</property>
3368+ <property name="ypad">0</property>
3369+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
3370+ <property name="width_chars">-1</property>
3371+ <property name="single_line_mode">False</property>
3372+ <property name="angle">0</property>
3373+ </widget>
3374+ <packing>
3375+ <property name="left_attach">0</property>
3376+ <property name="right_attach">1</property>
3377+ <property name="top_attach">2</property>
3378+ <property name="bottom_attach">3</property>
3379+ <property name="x_options">fill</property>
3380+ <property name="y_options"></property>
3381+ </packing>
3382+ </child>
3383+
3384+ <child>
3385+ <widget class="GtkEntry" id="init_script_entry">
3386+ <property name="visible">True</property>
3387+ <property name="tooltip" translatable="yes">Enter complete path to init script used to start the confined application.</property>
3388+ <property name="can_focus">True</property>
3389+ <property name="editable">True</property>
3390+ <property name="visibility">True</property>
3391+ <property name="max_length">0</property>
3392+ <property name="text" translatable="yes"></property>
3393+ <property name="has_frame">True</property>
3394+ <property name="invisible_char">•</property>
3395+ <property name="activates_default">False</property>
3396+ </widget>
3397+ <packing>
3398+ <property name="left_attach">1</property>
3399+ <property name="right_attach">2</property>
3400+ <property name="top_attach">2</property>
3401+ <property name="bottom_attach">3</property>
3402+ <property name="y_options"></property>
3403+ </packing>
3404+ </child>
3405+
3406+ <child>
3407+ <widget class="GtkButton" id="init_script_button">
3408+ <property name="visible">True</property>
3409+ <property name="can_focus">True</property>
3410+ <property name="label" translatable="yes">...</property>
3411+ <property name="use_underline">True</property>
3412+ <property name="relief">GTK_RELIEF_NORMAL</property>
3413+ <property name="focus_on_click">True</property>
3414+ <signal name="clicked" handler="on_init_script_select_clicked" last_modification_time="Thu, 30 Aug 2007 15:36:47 GMT"/>
3415+ </widget>
3416+ <packing>
3417+ <property name="left_attach">2</property>
3418+ <property name="right_attach">3</property>
3419+ <property name="top_attach">2</property>
3420+ <property name="bottom_attach">3</property>
3421+ <property name="x_options">fill</property>
3422+ <property name="y_options"></property>
3423+ </packing>
3424+ </child>
3425+ </widget>
3426+ <packing>
3427+ <property name="padding">0</property>
3428+ <property name="expand">True</property>
3429+ <property name="fill">True</property>
3430+ </packing>
3431+ </child>
3432+ </widget>
3433+ <packing>
3434+ <property name="tab_expand">False</property>
3435+ <property name="tab_fill">True</property>
3436+ </packing>
3437+ </child>
3438+
3439+ <child>
3440+ <widget class="GtkLabel" id="select_name_label">
3441+ <property name="visible">True</property>
3442+ <property name="label" translatable="yes">label105</property>
3443+ <property name="use_underline">False</property>
3444+ <property name="use_markup">False</property>
3445+ <property name="justify">GTK_JUSTIFY_LEFT</property>
3446+ <property name="wrap">False</property>
3447+ <property name="selectable">False</property>
3448+ <property name="xalign">0.5</property>
3449+ <property name="yalign">0.5</property>
3450+ <property name="xpad">0</property>
3451+ <property name="ypad">0</property>
3452+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
3453+ <property name="width_chars">-1</property>
3454+ <property name="single_line_mode">False</property>
3455+ <property name="angle">0</property>
3456+ </widget>
3457+ <packing>
3458+ <property name="type">tab</property>
3459+ </packing>
3460+ </child>
3461+
3462+ <child>
3463+ <widget class="GtkVBox" id="vbox61">
3464+ <property name="visible">True</property>
3465+ <property name="homogeneous">False</property>
3466+ <property name="spacing">0</property>
3467+
3468+ <child>
3469+ <widget class="GtkLabel" id="select_existing_role_label">
3470+ <property name="visible">True</property>
3471+ <property name="label" translatable="yes">&lt;b&gt;Select existing role to modify:&lt;/b&gt;</property>
3472+ <property name="use_underline">False</property>
3473+ <property name="use_markup">True</property>
3474+ <property name="justify">GTK_JUSTIFY_LEFT</property>
3475+ <property name="wrap">False</property>
3476+ <property name="selectable">False</property>
3477+ <property name="xalign">0</property>
3478+ <property name="yalign">0.5</property>
3479+ <property name="xpad">0</property>
3480+ <property name="ypad">0</property>
3481+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
3482+ <property name="width_chars">-1</property>
3483+ <property name="single_line_mode">False</property>
3484+ <property name="angle">0</property>
3485+ </widget>
3486+ <packing>
3487+ <property name="padding">5</property>
3488+ <property name="expand">False</property>
3489+ <property name="fill">False</property>
3490+ </packing>
3491+ </child>
3492+
3493+ <child>
3494+ <widget class="GtkScrolledWindow" id="scrolledwindow5">
3495+ <property name="visible">True</property>
3496+ <property name="can_focus">True</property>
3497+ <property name="hscrollbar_policy">GTK_POLICY_AUTOMATIC</property>
3498+ <property name="vscrollbar_policy">GTK_POLICY_AUTOMATIC</property>
3499+ <property name="shadow_type">GTK_SHADOW_IN</property>
3500+ <property name="window_placement">GTK_CORNER_TOP_LEFT</property>
3501+
3502+ <child>
3503+ <widget class="GtkTreeView" id="existing_user_treeview">
3504+ <property name="visible">True</property>
3505+ <property name="tooltip" translatable="yes">Select the user roles that will transiton to the %s domain.</property>
3506+ <property name="can_focus">True</property>
3507+ <property name="headers_visible">False</property>
3508+ <property name="rules_hint">False</property>
3509+ <property name="reorderable">False</property>
3510+ <property name="enable_search">True</property>
3511+ <property name="fixed_height_mode">False</property>
3512+ <property name="hover_selection">False</property>
3513+ <property name="hover_expand">False</property>
3514+ </widget>
3515+ </child>
3516+ </widget>
3517+ <packing>
3518+ <property name="padding">0</property>
3519+ <property name="expand">True</property>
3520+ <property name="fill">True</property>
3521+ </packing>
3522+ </child>
3523+ </widget>
3524+ <packing>
3525+ <property name="tab_expand">False</property>
3526+ <property name="tab_fill">True</property>
3527+ </packing>
3528+ </child>
3529+
3530+ <child>
3531+ <widget class="GtkLabel" id="label106">
3532+ <property name="visible">True</property>
3533+ <property name="label" translatable="yes">label106</property>
3534+ <property name="use_underline">False</property>
3535+ <property name="use_markup">False</property>
3536+ <property name="justify">GTK_JUSTIFY_LEFT</property>
3537+ <property name="wrap">False</property>
3538+ <property name="selectable">False</property>
3539+ <property name="xalign">0.5</property>
3540+ <property name="yalign">0.5</property>
3541+ <property name="xpad">0</property>
3542+ <property name="ypad">0</property>
3543+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
3544+ <property name="width_chars">-1</property>
3545+ <property name="single_line_mode">False</property>
3546+ <property name="angle">0</property>
3547+ </widget>
3548+ <packing>
3549+ <property name="type">tab</property>
3550+ </packing>
3551+ </child>
3552+
3553+ <child>
3554+ <widget class="GtkVBox" id="vbox62">
3555+ <property name="visible">True</property>
3556+ <property name="homogeneous">False</property>
3557+ <property name="spacing">0</property>
3558+
3559+ <child>
3560+ <widget class="GtkLabel" id="select_label">
3561+ <property name="visible">True</property>
3562+ <property name="label" translatable="yes">&lt;b&gt;Select roles that %s will transition to:&lt;/b&gt;</property>
3563+ <property name="use_underline">False</property>
3564+ <property name="use_markup">True</property>
3565+ <property name="justify">GTK_JUSTIFY_LEFT</property>
3566+ <property name="wrap">False</property>
3567+ <property name="selectable">False</property>
3568+ <property name="xalign">0</property>
3569+ <property name="yalign">0.5</property>
3570+ <property name="xpad">0</property>
3571+ <property name="ypad">0</property>
3572+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
3573+ <property name="width_chars">-1</property>
3574+ <property name="single_line_mode">False</property>
3575+ <property name="angle">0</property>
3576+ </widget>
3577+ <packing>
3578+ <property name="padding">5</property>
3579+ <property name="expand">False</property>
3580+ <property name="fill">False</property>
3581+ </packing>
3582+ </child>
3583+
3584+ <child>
3585+ <widget class="GtkScrolledWindow" id="scrolledwindow12">
3586+ <property name="visible">True</property>
3587+ <property name="can_focus">True</property>
3588+ <property name="hscrollbar_policy">GTK_POLICY_ALWAYS</property>
3589+ <property name="vscrollbar_policy">GTK_POLICY_ALWAYS</property>
3590+ <property name="shadow_type">GTK_SHADOW_NONE</property>
3591+ <property name="window_placement">GTK_CORNER_TOP_LEFT</property>
3592+
3593+ <child>
3594+ <widget class="GtkTreeView" id="transition_treeview">
3595+ <property name="visible">True</property>
3596+ <property name="tooltip" translatable="yes">Select applications domains that %s will transition to.</property>
3597+ <property name="can_focus">True</property>
3598+ <property name="headers_visible">False</property>
3599+ <property name="rules_hint">False</property>
3600+ <property name="reorderable">False</property>
3601+ <property name="enable_search">True</property>
3602+ <property name="fixed_height_mode">False</property>
3603+ <property name="hover_selection">False</property>
3604+ <property name="hover_expand">False</property>
3605+ </widget>
3606+ </child>
3607+ </widget>
3608+ <packing>
3609+ <property name="padding">0</property>
3610+ <property name="expand">True</property>
3611+ <property name="fill">True</property>
3612+ </packing>
3613+ </child>
3614+ </widget>
3615+ <packing>
3616+ <property name="tab_expand">False</property>
3617+ <property name="tab_fill">True</property>
3618+ </packing>
3619+ </child>
3620+
3621+ <child>
3622+ <widget class="GtkLabel" id="label107">
3623+ <property name="visible">True</property>
3624+ <property name="label" translatable="yes">label107</property>
3625+ <property name="use_underline">False</property>
3626+ <property name="use_markup">False</property>
3627+ <property name="justify">GTK_JUSTIFY_LEFT</property>
3628+ <property name="wrap">False</property>
3629+ <property name="selectable">False</property>
3630+ <property name="xalign">0.5</property>
3631+ <property name="yalign">0.5</property>
3632+ <property name="xpad">0</property>
3633+ <property name="ypad">0</property>
3634+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
3635+ <property name="width_chars">-1</property>
3636+ <property name="single_line_mode">False</property>
3637+ <property name="angle">0</property>
3638+ </widget>
3639+ <packing>
3640+ <property name="type">tab</property>
3641+ </packing>
3642+ </child>
3643+
3644+ <child>
3645+ <widget class="GtkVBox" id="vbox63">
3646+ <property name="visible">True</property>
3647+ <property name="homogeneous">False</property>
3648+ <property name="spacing">0</property>
3649+
3650+ <child>
3651+ <widget class="GtkLabel" id="select_user_roles_label">
3652+ <property name="visible">True</property>
3653+ <property name="label" translatable="yes">&lt;b&gt;Select the user_roles that will transition to %s:&lt;/b&gt;</property>
3654+ <property name="use_underline">False</property>
3655+ <property name="use_markup">True</property>
3656+ <property name="justify">GTK_JUSTIFY_LEFT</property>
3657+ <property name="wrap">False</property>
3658+ <property name="selectable">False</property>
3659+ <property name="xalign">0</property>
3660+ <property name="yalign">0.5</property>
3661+ <property name="xpad">0</property>
3662+ <property name="ypad">0</property>
3663+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
3664+ <property name="width_chars">-1</property>
3665+ <property name="single_line_mode">False</property>
3666+ <property name="angle">0</property>
3667+ </widget>
3668+ <packing>
3669+ <property name="padding">5</property>
3670+ <property name="expand">False</property>
3671+ <property name="fill">False</property>
3672+ </packing>
3673+ </child>
3674+
3675+ <child>
3676+ <widget class="GtkScrolledWindow" id="scrolledwindow13">
3677+ <property name="visible">True</property>
3678+ <property name="can_focus">True</property>
3679+ <property name="hscrollbar_policy">GTK_POLICY_ALWAYS</property>
3680+ <property name="vscrollbar_policy">GTK_POLICY_ALWAYS</property>
3681+ <property name="shadow_type">GTK_SHADOW_NONE</property>
3682+ <property name="window_placement">GTK_CORNER_TOP_LEFT</property>
3683+
3684+ <child>
3685+ <widget class="GtkTreeView" id="user_transition_treeview">
3686+ <property name="visible">True</property>
3687+ <property name="tooltip" translatable="yes">Select the user roles that will transiton to this applications domains.</property>
3688+ <property name="can_focus">True</property>
3689+ <property name="headers_visible">False</property>
3690+ <property name="rules_hint">False</property>
3691+ <property name="reorderable">False</property>
3692+ <property name="enable_search">True</property>
3693+ <property name="fixed_height_mode">False</property>
3694+ <property name="hover_selection">False</property>
3695+ <property name="hover_expand">False</property>
3696+ </widget>
3697+ </child>
3698+ </widget>
3699+ <packing>
3700+ <property name="padding">0</property>
3701+ <property name="expand">True</property>
3702+ <property name="fill">True</property>
3703+ </packing>
3704+ </child>
3705+ </widget>
3706+ <packing>
3707+ <property name="tab_expand">False</property>
3708+ <property name="tab_fill">True</property>
3709+ </packing>
3710+ </child>
3711+
3712+ <child>
3713+ <widget class="GtkLabel" id="label108">
3714+ <property name="visible">True</property>
3715+ <property name="label" translatable="yes">label108</property>
3716+ <property name="use_underline">False</property>
3717+ <property name="use_markup">False</property>
3718+ <property name="justify">GTK_JUSTIFY_LEFT</property>
3719+ <property name="wrap">False</property>
3720+ <property name="selectable">False</property>
3721+ <property name="xalign">0.5</property>
3722+ <property name="yalign">0.5</property>
3723+ <property name="xpad">0</property>
3724+ <property name="ypad">0</property>
3725+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
3726+ <property name="width_chars">-1</property>
3727+ <property name="single_line_mode">False</property>
3728+ <property name="angle">0</property>
3729+ </widget>
3730+ <packing>
3731+ <property name="type">tab</property>
3732+ </packing>
3733+ </child>
3734+
3735+ <child>
3736+ <widget class="GtkVBox" id="vbox64">
3737+ <property name="visible">True</property>
3738+ <property name="homogeneous">False</property>
3739+ <property name="spacing">0</property>
3740+
3741+ <child>
3742+ <widget class="GtkLabel" id="select_domain_admin_label">
3743+ <property name="visible">True</property>
3744+ <property name="label" translatable="yes">&lt;b&gt;Select domains that %s will administer:&lt;/b&gt;</property>
3745+ <property name="use_underline">False</property>
3746+ <property name="use_markup">True</property>
3747+ <property name="justify">GTK_JUSTIFY_LEFT</property>
3748+ <property name="wrap">False</property>
3749+ <property name="selectable">False</property>
3750+ <property name="xalign">0</property>
3751+ <property name="yalign">0.5</property>
3752+ <property name="xpad">0</property>
3753+ <property name="ypad">0</property>
3754+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
3755+ <property name="width_chars">-1</property>
3756+ <property name="single_line_mode">False</property>
3757+ <property name="angle">0</property>
3758+ </widget>
3759+ <packing>
3760+ <property name="padding">5</property>
3761+ <property name="expand">False</property>
3762+ <property name="fill">False</property>
3763+ </packing>
3764+ </child>
3765+
3766+ <child>
3767+ <widget class="GtkScrolledWindow" id="scrolledwindow14">
3768+ <property name="visible">True</property>
3769+ <property name="can_focus">True</property>
3770+ <property name="hscrollbar_policy">GTK_POLICY_ALWAYS</property>
3771+ <property name="vscrollbar_policy">GTK_POLICY_ALWAYS</property>
3772+ <property name="shadow_type">GTK_SHADOW_NONE</property>
3773+ <property name="window_placement">GTK_CORNER_TOP_LEFT</property>
3774+
3775+ <child>
3776+ <widget class="GtkTreeView" id="admin_treeview">
3777+ <property name="visible">True</property>
3778+ <property name="tooltip" translatable="yes">Select the domains that you would like this user administer.</property>
3779+ <property name="can_focus">True</property>
3780+ <property name="headers_visible">False</property>
3781+ <property name="rules_hint">False</property>
3782+ <property name="reorderable">False</property>
3783+ <property name="enable_search">True</property>
3784+ <property name="fixed_height_mode">False</property>
3785+ <property name="hover_selection">False</property>
3786+ <property name="hover_expand">False</property>
3787+ </widget>
3788+ </child>
3789+ </widget>
3790+ <packing>
3791+ <property name="padding">0</property>
3792+ <property name="expand">True</property>
3793+ <property name="fill">True</property>
3794+ </packing>
3795+ </child>
3796+ </widget>
3797+ <packing>
3798+ <property name="tab_expand">False</property>
3799+ <property name="tab_fill">True</property>
3800+ </packing>
3801+ </child>
3802+
3803+ <child>
3804+ <widget class="GtkLabel" id="label109">
3805+ <property name="visible">True</property>
3806+ <property name="label" translatable="yes">label109</property>
3807+ <property name="use_underline">False</property>
3808+ <property name="use_markup">False</property>
3809+ <property name="justify">GTK_JUSTIFY_LEFT</property>
3810+ <property name="wrap">False</property>
3811+ <property name="selectable">False</property>
3812+ <property name="xalign">0.5</property>
3813+ <property name="yalign">0.5</property>
3814+ <property name="xpad">0</property>
3815+ <property name="ypad">0</property>
3816+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
3817+ <property name="width_chars">-1</property>
3818+ <property name="single_line_mode">False</property>
3819+ <property name="angle">0</property>
3820+ </widget>
3821+ <packing>
3822+ <property name="type">tab</property>
3823+ </packing>
3824+ </child>
3825+
3826+ <child>
3827+ <widget class="GtkVBox" id="vbox65">
3828+ <property name="visible">True</property>
3829+ <property name="homogeneous">False</property>
3830+ <property name="spacing">0</property>
3831+
3832+ <child>
3833+ <widget class="GtkLabel" id="select_role_label">
3834+ <property name="visible">True</property>
3835+ <property name="label" translatable="yes">&lt;b&gt;Select additional roles for %s:&lt;/b&gt;</property>
3836+ <property name="use_underline">False</property>
3837+ <property name="use_markup">True</property>
3838+ <property name="justify">GTK_JUSTIFY_LEFT</property>
3839+ <property name="wrap">False</property>
3840+ <property name="selectable">False</property>
3841+ <property name="xalign">0</property>
3842+ <property name="yalign">0.5</property>
3843+ <property name="xpad">0</property>
3844+ <property name="ypad">0</property>
3845+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
3846+ <property name="width_chars">-1</property>
3847+ <property name="single_line_mode">False</property>
3848+ <property name="angle">0</property>
3849+ </widget>
3850+ <packing>
3851+ <property name="padding">5</property>
3852+ <property name="expand">False</property>
3853+ <property name="fill">False</property>
3854+ </packing>
3855+ </child>
3856+
3857+ <child>
3858+ <widget class="GtkScrolledWindow" id="scrolledwindow15">
3859+ <property name="visible">True</property>
3860+ <property name="can_focus">True</property>
3861+ <property name="hscrollbar_policy">GTK_POLICY_ALWAYS</property>
3862+ <property name="vscrollbar_policy">GTK_POLICY_ALWAYS</property>
3863+ <property name="shadow_type">GTK_SHADOW_NONE</property>
3864+ <property name="window_placement">GTK_CORNER_TOP_LEFT</property>
3865+
3866+ <child>
3867+ <widget class="GtkTreeView" id="role_treeview">
3868+ <property name="visible">True</property>
3869+ <property name="tooltip" translatable="yes">Select the domains that you would like this user administer.</property>
3870+ <property name="can_focus">True</property>
3871+ <property name="headers_visible">False</property>
3872+ <property name="rules_hint">False</property>
3873+ <property name="reorderable">False</property>
3874+ <property name="enable_search">True</property>
3875+ <property name="fixed_height_mode">False</property>
3876+ <property name="hover_selection">False</property>
3877+ <property name="hover_expand">False</property>
3878+ </widget>
3879+ </child>
3880+ </widget>
3881+ <packing>
3882+ <property name="padding">0</property>
3883+ <property name="expand">True</property>
3884+ <property name="fill">True</property>
3885+ </packing>
3886+ </child>
3887+ </widget>
3888+ <packing>
3889+ <property name="tab_expand">False</property>
3890+ <property name="tab_fill">True</property>
3891+ </packing>
3892+ </child>
3893+
3894+ <child>
3895+ <widget class="GtkLabel" id="in_net_page">
3896+ <property name="visible">True</property>
3897+ <property name="label" translatable="yes">label111</property>
3898+ <property name="use_underline">False</property>
3899+ <property name="use_markup">False</property>
3900+ <property name="justify">GTK_JUSTIFY_LEFT</property>
3901+ <property name="wrap">False</property>
3902+ <property name="selectable">False</property>
3903+ <property name="xalign">0.5</property>
3904+ <property name="yalign">0.5</property>
3905+ <property name="xpad">0</property>
3906+ <property name="ypad">0</property>
3907+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
3908+ <property name="width_chars">-1</property>
3909+ <property name="single_line_mode">False</property>
3910+ <property name="angle">0</property>
3911+ </widget>
3912+ <packing>
3913+ <property name="type">tab</property>
3914+ </packing>
3915+ </child>
3916+
3917+ <child>
3918+ <widget class="GtkVBox" id="in_net_page">
3919+ <property name="visible">True</property>
3920+ <property name="homogeneous">False</property>
3921+ <property name="spacing">0</property>
3922+
3923+ <child>
3924+ <widget class="GtkLabel" id="select_in_label">
3925+ <property name="visible">True</property>
3926+ <property name="label" translatable="yes">&lt;b&gt;Enter network ports that %s binds on:&lt;/b&gt;</property>
3927+ <property name="use_underline">False</property>
3928+ <property name="use_markup">True</property>
3929+ <property name="justify">GTK_JUSTIFY_LEFT</property>
3930+ <property name="wrap">False</property>
3931+ <property name="selectable">False</property>
3932+ <property name="xalign">0</property>
3933+ <property name="yalign">0.5</property>
3934+ <property name="xpad">0</property>
3935+ <property name="ypad">0</property>
3936+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
3937+ <property name="width_chars">-1</property>
3938+ <property name="single_line_mode">False</property>
3939+ <property name="angle">0</property>
3940+ </widget>
3941+ <packing>
3942+ <property name="padding">5</property>
3943+ <property name="expand">False</property>
3944+ <property name="fill">False</property>
3945+ </packing>
3946+ </child>
3947+
3948+ <child>
3949+ <widget class="GtkVBox" id="vbox22">
3950+ <property name="visible">True</property>
3951+ <property name="homogeneous">False</property>
3952+ <property name="spacing">6</property>
3953+
3954+ <child>
3955+ <widget class="GtkLabel" id="label55">
3956+ <property name="visible">True</property>
3957+ <property name="label" translatable="yes">&lt;b&gt;TCP Ports&lt;/b&gt;</property>
3958+ <property name="use_underline">False</property>
3959+ <property name="use_markup">True</property>
3960+ <property name="justify">GTK_JUSTIFY_LEFT</property>
3961+ <property name="wrap">False</property>
3962+ <property name="selectable">False</property>
3963+ <property name="xalign">0</property>
3964+ <property name="yalign">0.5</property>
3965+ <property name="xpad">0</property>
3966+ <property name="ypad">0</property>
3967+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
3968+ <property name="width_chars">-1</property>
3969+ <property name="single_line_mode">False</property>
3970+ <property name="angle">0</property>
3971+ </widget>
3972+ <packing>
3973+ <property name="padding">0</property>
3974+ <property name="expand">False</property>
3975+ <property name="fill">False</property>
3976+ </packing>
3977+ </child>
3978+
3979+ <child>
3980+ <widget class="GtkHBox" id="hbox20">
3981+ <property name="visible">True</property>
3982+ <property name="homogeneous">False</property>
3983+ <property name="spacing">0</property>
3984+
3985+ <child>
3986+ <widget class="GtkLabel" id="label56">
3987+ <property name="visible">True</property>
3988+ <property name="label"> </property>
3989+ <property name="use_underline">False</property>
3990+ <property name="use_markup">False</property>
3991+ <property name="justify">GTK_JUSTIFY_LEFT</property>
3992+ <property name="wrap">False</property>
3993+ <property name="selectable">False</property>
3994+ <property name="xalign">0.5</property>
3995+ <property name="yalign">0.5</property>
3996+ <property name="xpad">0</property>
3997+ <property name="ypad">0</property>
3998+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
3999+ <property name="width_chars">-1</property>
4000+ <property name="single_line_mode">False</property>
4001+ <property name="angle">0</property>
4002+ </widget>
4003+ <packing>
4004+ <property name="padding">0</property>
4005+ <property name="expand">False</property>
4006+ <property name="fill">False</property>
4007+ </packing>
4008+ </child>
4009+
4010+ <child>
4011+ <widget class="GtkVBox" id="vbox23">
4012+ <property name="visible">True</property>
4013+ <property name="homogeneous">False</property>
4014+ <property name="spacing">6</property>
4015+
4016+ <child>
4017+ <widget class="GtkHBox" id="hbox21">
4018+ <property name="visible">True</property>
4019+ <property name="homogeneous">False</property>
4020+ <property name="spacing">12</property>
4021+
4022+ <child>
4023+ <widget class="GtkCheckButton" id="in_tcp_all_checkbutton">
4024+ <property name="visible">True</property>
4025+ <property name="tooltip" translatable="yes">Allows %s to bind to any udp port</property>
4026+ <property name="can_focus">True</property>
4027+ <property name="label" translatable="yes">All</property>
4028+ <property name="use_underline">True</property>
4029+ <property name="relief">GTK_RELIEF_NORMAL</property>
4030+ <property name="focus_on_click">True</property>
4031+ <property name="active">False</property>
4032+ <property name="inconsistent">False</property>
4033+ <property name="draw_indicator">True</property>
4034+ </widget>
4035+ <packing>
4036+ <property name="padding">10</property>
4037+ <property name="expand">False</property>
4038+ <property name="fill">False</property>
4039+ </packing>
4040+ </child>
4041+
4042+ <child>
4043+ <widget class="GtkCheckButton" id="in_tcp_reserved_checkbutton">
4044+ <property name="visible">True</property>
4045+ <property name="tooltip" translatable="yes">Allow %s to call bindresvport with 0. Binding to port 600-1024</property>
4046+ <property name="can_focus">True</property>
4047+ <property name="label" translatable="yes">600-1024</property>
4048+ <property name="use_underline">True</property>
4049+ <property name="relief">GTK_RELIEF_NORMAL</property>
4050+ <property name="focus_on_click">True</property>
4051+ <property name="active">False</property>
4052+ <property name="inconsistent">False</property>
4053+ <property name="draw_indicator">True</property>
4054+ </widget>
4055+ <packing>
4056+ <property name="padding">10</property>
4057+ <property name="expand">False</property>
4058+ <property name="fill">False</property>
4059+ </packing>
4060+ </child>
4061+
4062+ <child>
4063+ <widget class="GtkCheckButton" id="in_tcp_unreserved_checkbutton">
4064+ <property name="visible">True</property>
4065+ <property name="tooltip" translatable="yes">Enter a comma separated list of udp ports or ranges of ports that %s binds to. Example: 612, 650-660</property>
4066+ <property name="can_focus">True</property>
4067+ <property name="label" translatable="yes">Unreserved Ports (&gt;1024)</property>
4068+ <property name="use_underline">True</property>
4069+ <property name="relief">GTK_RELIEF_NORMAL</property>
4070+ <property name="focus_on_click">True</property>
4071+ <property name="active">False</property>
4072+ <property name="inconsistent">False</property>
4073+ <property name="draw_indicator">True</property>
4074+ </widget>
4075+ <packing>
4076+ <property name="padding">10</property>
4077+ <property name="expand">False</property>
4078+ <property name="fill">False</property>
4079+ </packing>
4080+ </child>
4081+ </widget>
4082+ <packing>
4083+ <property name="padding">0</property>
4084+ <property name="expand">True</property>
4085+ <property name="fill">True</property>
4086+ </packing>
4087+ </child>
4088+
4089+ <child>
4090+ <widget class="GtkHBox" id="hbox22">
4091+ <property name="visible">True</property>
4092+ <property name="homogeneous">False</property>
4093+ <property name="spacing">12</property>
4094+
4095+ <child>
4096+ <widget class="GtkLabel" id="label57">
4097+ <property name="visible">True</property>
4098+ <property name="label" translatable="yes">Select Ports</property>
4099+ <property name="use_underline">False</property>
4100+ <property name="use_markup">False</property>
4101+ <property name="justify">GTK_JUSTIFY_LEFT</property>
4102+ <property name="wrap">False</property>
4103+ <property name="selectable">False</property>
4104+ <property name="xalign">0</property>
4105+ <property name="yalign">0.5</property>
4106+ <property name="xpad">0</property>
4107+ <property name="ypad">0</property>
4108+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
4109+ <property name="width_chars">-1</property>
4110+ <property name="single_line_mode">False</property>
4111+ <property name="angle">0</property>
4112+ </widget>
4113+ <packing>
4114+ <property name="padding">5</property>
4115+ <property name="expand">False</property>
4116+ <property name="fill">False</property>
4117+ </packing>
4118+ </child>
4119+
4120+ <child>
4121+ <widget class="GtkEntry" id="in_tcp_entry">
4122+ <property name="visible">True</property>
4123+ <property name="tooltip" translatable="yes">Allows %s to bind to any udp ports &gt; 1024</property>
4124+ <property name="can_focus">True</property>
4125+ <property name="editable">True</property>
4126+ <property name="visibility">True</property>
4127+ <property name="max_length">0</property>
4128+ <property name="text" translatable="yes"></property>
4129+ <property name="has_frame">True</property>
4130+ <property name="invisible_char">•</property>
4131+ <property name="activates_default">False</property>
4132+ </widget>
4133+ <packing>
4134+ <property name="padding">0</property>
4135+ <property name="expand">True</property>
4136+ <property name="fill">True</property>
4137+ </packing>
4138+ </child>
4139+ </widget>
4140+ <packing>
4141+ <property name="padding">0</property>
4142+ <property name="expand">True</property>
4143+ <property name="fill">True</property>
4144+ </packing>
4145+ </child>
4146+ </widget>
4147+ <packing>
4148+ <property name="padding">0</property>
4149+ <property name="expand">True</property>
4150+ <property name="fill">True</property>
4151+ </packing>
4152+ </child>
4153+ </widget>
4154+ <packing>
4155+ <property name="padding">0</property>
4156+ <property name="expand">True</property>
4157+ <property name="fill">True</property>
4158+ </packing>
4159+ </child>
4160+ </widget>
4161+ <packing>
4162+ <property name="padding">0</property>
4163+ <property name="expand">True</property>
4164+ <property name="fill">True</property>
4165+ </packing>
4166+ </child>
4167+
4168+ <child>
4169+ <widget class="GtkVBox" id="vbox24">
4170+ <property name="visible">True</property>
4171+ <property name="homogeneous">False</property>
4172+ <property name="spacing">6</property>
4173+
4174+ <child>
4175+ <widget class="GtkLabel" id="label58">
4176+ <property name="visible">True</property>
4177+ <property name="label" translatable="yes">&lt;b&gt;UDP Ports&lt;/b&gt;</property>
4178+ <property name="use_underline">False</property>
4179+ <property name="use_markup">True</property>
4180+ <property name="justify">GTK_JUSTIFY_LEFT</property>
4181+ <property name="wrap">False</property>
4182+ <property name="selectable">False</property>
4183+ <property name="xalign">0</property>
4184+ <property name="yalign">0.5</property>
4185+ <property name="xpad">0</property>
4186+ <property name="ypad">0</property>
4187+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
4188+ <property name="width_chars">-1</property>
4189+ <property name="single_line_mode">False</property>
4190+ <property name="angle">0</property>
4191+ </widget>
4192+ <packing>
4193+ <property name="padding">0</property>
4194+ <property name="expand">False</property>
4195+ <property name="fill">False</property>
4196+ </packing>
4197+ </child>
4198+
4199+ <child>
4200+ <widget class="GtkHBox" id="hbox23">
4201+ <property name="visible">True</property>
4202+ <property name="homogeneous">False</property>
4203+ <property name="spacing">0</property>
4204+
4205+ <child>
4206+ <widget class="GtkLabel" id="label59">
4207+ <property name="visible">True</property>
4208+ <property name="label"> </property>
4209+ <property name="use_underline">False</property>
4210+ <property name="use_markup">False</property>
4211+ <property name="justify">GTK_JUSTIFY_LEFT</property>
4212+ <property name="wrap">False</property>
4213+ <property name="selectable">False</property>
4214+ <property name="xalign">0.5</property>
4215+ <property name="yalign">0.5</property>
4216+ <property name="xpad">0</property>
4217+ <property name="ypad">0</property>
4218+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
4219+ <property name="width_chars">-1</property>
4220+ <property name="single_line_mode">False</property>
4221+ <property name="angle">0</property>
4222+ </widget>
4223+ <packing>
4224+ <property name="padding">0</property>
4225+ <property name="expand">False</property>
4226+ <property name="fill">False</property>
4227+ </packing>
4228+ </child>
4229+
4230+ <child>
4231+ <widget class="GtkVBox" id="vbox25">
4232+ <property name="visible">True</property>
4233+ <property name="homogeneous">False</property>
4234+ <property name="spacing">6</property>
4235+
4236+ <child>
4237+ <widget class="GtkHBox" id="hbox24">
4238+ <property name="visible">True</property>
4239+ <property name="homogeneous">False</property>
4240+ <property name="spacing">12</property>
4241+
4242+ <child>
4243+ <widget class="GtkCheckButton" id="in_udp_all_checkbutton">
4244+ <property name="visible">True</property>
4245+ <property name="tooltip" translatable="yes">Allows %s to bind to any udp port</property>
4246+ <property name="can_focus">True</property>
4247+ <property name="label" translatable="yes">All</property>
4248+ <property name="use_underline">True</property>
4249+ <property name="relief">GTK_RELIEF_NORMAL</property>
4250+ <property name="focus_on_click">True</property>
4251+ <property name="active">False</property>
4252+ <property name="inconsistent">False</property>
4253+ <property name="draw_indicator">True</property>
4254+ </widget>
4255+ <packing>
4256+ <property name="padding">10</property>
4257+ <property name="expand">False</property>
4258+ <property name="fill">False</property>
4259+ </packing>
4260+ </child>
4261+
4262+ <child>
4263+ <widget class="GtkCheckButton" id="in_udp_reserved_checkbutton">
4264+ <property name="visible">True</property>
4265+ <property name="tooltip" translatable="yes">Allow %s to call bindresvport with 0. Binding to port 600-1024</property>
4266+ <property name="can_focus">True</property>
4267+ <property name="label" translatable="yes">600-1024</property>
4268+ <property name="use_underline">True</property>
4269+ <property name="relief">GTK_RELIEF_NORMAL</property>
4270+ <property name="focus_on_click">True</property>
4271+ <property name="active">False</property>
4272+ <property name="inconsistent">False</property>
4273+ <property name="draw_indicator">True</property>
4274+ </widget>
4275+ <packing>
4276+ <property name="padding">10</property>
4277+ <property name="expand">False</property>
4278+ <property name="fill">False</property>
4279+ </packing>
4280+ </child>
4281+
4282+ <child>
4283+ <widget class="GtkCheckButton" id="in_udp_unreserved_checkbutton">
4284+ <property name="visible">True</property>
4285+ <property name="tooltip" translatable="yes">Enter a comma separated list of udp ports or ranges of ports that %s binds to. Example: 612, 650-660</property>
4286+ <property name="can_focus">True</property>
4287+ <property name="label" translatable="yes">Unreserved Ports (&gt;1024)</property>
4288+ <property name="use_underline">True</property>
4289+ <property name="relief">GTK_RELIEF_NORMAL</property>
4290+ <property name="focus_on_click">True</property>
4291+ <property name="active">False</property>
4292+ <property name="inconsistent">False</property>
4293+ <property name="draw_indicator">True</property>
4294+ </widget>
4295+ <packing>
4296+ <property name="padding">10</property>
4297+ <property name="expand">False</property>
4298+ <property name="fill">False</property>
4299+ </packing>
4300+ </child>
4301+ </widget>
4302+ <packing>
4303+ <property name="padding">0</property>
4304+ <property name="expand">True</property>
4305+ <property name="fill">True</property>
4306+ </packing>
4307+ </child>
4308+
4309+ <child>
4310+ <widget class="GtkHBox" id="hbox25">
4311+ <property name="visible">True</property>
4312+ <property name="homogeneous">False</property>
4313+ <property name="spacing">12</property>
4314+
4315+ <child>
4316+ <widget class="GtkLabel" id="label60">
4317+ <property name="visible">True</property>
4318+ <property name="label" translatable="yes">Select Ports</property>
4319+ <property name="use_underline">False</property>
4320+ <property name="use_markup">False</property>
4321+ <property name="justify">GTK_JUSTIFY_LEFT</property>
4322+ <property name="wrap">False</property>
4323+ <property name="selectable">False</property>
4324+ <property name="xalign">0</property>
4325+ <property name="yalign">0.5</property>
4326+ <property name="xpad">0</property>
4327+ <property name="ypad">0</property>
4328+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
4329+ <property name="width_chars">-1</property>
4330+ <property name="single_line_mode">False</property>
4331+ <property name="angle">0</property>
4332+ </widget>
4333+ <packing>
4334+ <property name="padding">5</property>
4335+ <property name="expand">False</property>
4336+ <property name="fill">False</property>
4337+ </packing>
4338+ </child>
4339+
4340+ <child>
4341+ <widget class="GtkEntry" id="in_udp_entry">
4342+ <property name="visible">True</property>
4343+ <property name="tooltip" translatable="yes">Allows %s to bind to any udp ports &gt; 1024</property>
4344+ <property name="can_focus">True</property>
4345+ <property name="editable">True</property>
4346+ <property name="visibility">True</property>
4347+ <property name="max_length">0</property>
4348+ <property name="text" translatable="yes"></property>
4349+ <property name="has_frame">True</property>
4350+ <property name="invisible_char">•</property>
4351+ <property name="activates_default">False</property>
4352+ </widget>
4353+ <packing>
4354+ <property name="padding">0</property>
4355+ <property name="expand">True</property>
4356+ <property name="fill">True</property>
4357+ </packing>
4358+ </child>
4359+ </widget>
4360+ <packing>
4361+ <property name="padding">0</property>
4362+ <property name="expand">True</property>
4363+ <property name="fill">True</property>
4364+ </packing>
4365+ </child>
4366+ </widget>
4367+ <packing>
4368+ <property name="padding">0</property>
4369+ <property name="expand">True</property>
4370+ <property name="fill">True</property>
4371+ </packing>
4372+ </child>
4373+ </widget>
4374+ <packing>
4375+ <property name="padding">0</property>
4376+ <property name="expand">True</property>
4377+ <property name="fill">True</property>
4378+ </packing>
4379+ </child>
4380+ </widget>
4381+ <packing>
4382+ <property name="padding">0</property>
4383+ <property name="expand">True</property>
4384+ <property name="fill">True</property>
4385+ </packing>
4386+ </child>
4387+ </widget>
4388+ <packing>
4389+ <property name="tab_expand">False</property>
4390+ <property name="tab_fill">True</property>
4391+ </packing>
4392+ </child>
4393+
4394+ <child>
4395+ <widget class="GtkLabel" id="label113">
4396+ <property name="visible">True</property>
4397+ <property name="label" translatable="yes">label113</property>
4398+ <property name="use_underline">False</property>
4399+ <property name="use_markup">False</property>
4400+ <property name="justify">GTK_JUSTIFY_LEFT</property>
4401+ <property name="wrap">False</property>
4402+ <property name="selectable">False</property>
4403+ <property name="xalign">0.5</property>
4404+ <property name="yalign">0.5</property>
4405+ <property name="xpad">0</property>
4406+ <property name="ypad">0</property>
4407+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
4408+ <property name="width_chars">-1</property>
4409+ <property name="single_line_mode">False</property>
4410+ <property name="angle">0</property>
4411+ </widget>
4412+ <packing>
4413+ <property name="type">tab</property>
4414+ </packing>
4415+ </child>
4416+
4417+ <child>
4418+ <widget class="GtkVBox" id="vbox75">
4419+ <property name="visible">True</property>
4420+ <property name="homogeneous">False</property>
4421+ <property name="spacing">0</property>
4422+
4423+ <child>
4424+ <widget class="GtkLabel" id="select_out_label">
4425+ <property name="visible">True</property>
4426+ <property name="label" translatable="yes">&lt;b&gt;Select network ports that %s connects to:&lt;/b&gt;</property>
4427+ <property name="use_underline">False</property>
4428+ <property name="use_markup">True</property>
4429+ <property name="justify">GTK_JUSTIFY_LEFT</property>
4430+ <property name="wrap">False</property>
4431+ <property name="selectable">False</property>
4432+ <property name="xalign">0</property>
4433+ <property name="yalign">0.5</property>
4434+ <property name="xpad">0</property>
4435+ <property name="ypad">0</property>
4436+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
4437+ <property name="width_chars">-1</property>
4438+ <property name="single_line_mode">False</property>
4439+ <property name="angle">0</property>
4440+ </widget>
4441+ <packing>
4442+ <property name="padding">5</property>
4443+ <property name="expand">False</property>
4444+ <property name="fill">False</property>
4445+ </packing>
4446+ </child>
4447+
4448+ <child>
4449+ <widget class="GtkVBox" id="vbox26">
4450+ <property name="visible">True</property>
4451+ <property name="homogeneous">False</property>
4452+ <property name="spacing">6</property>
4453+
4454+ <child>
4455+ <widget class="GtkLabel" id="label37">
4456+ <property name="visible">True</property>
4457+ <property name="label" translatable="yes">&lt;b&gt;TCP Ports&lt;/b&gt;</property>
4458+ <property name="use_underline">False</property>
4459+ <property name="use_markup">True</property>
4460+ <property name="justify">GTK_JUSTIFY_LEFT</property>
4461+ <property name="wrap">False</property>
4462+ <property name="selectable">False</property>
4463+ <property name="xalign">0</property>
4464+ <property name="yalign">0.5</property>
4465+ <property name="xpad">0</property>
4466+ <property name="ypad">0</property>
4467+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
4468+ <property name="width_chars">-1</property>
4469+ <property name="single_line_mode">False</property>
4470+ <property name="angle">0</property>
4471+ </widget>
4472+ <packing>
4473+ <property name="padding">0</property>
4474+ <property name="expand">False</property>
4475+ <property name="fill">False</property>
4476+ </packing>
4477+ </child>
4478+
4479+ <child>
4480+ <widget class="GtkHBox" id="hbox26">
4481+ <property name="visible">True</property>
4482+ <property name="homogeneous">False</property>
4483+ <property name="spacing">0</property>
4484+
4485+ <child>
4486+ <widget class="GtkLabel" id="label61">
4487+ <property name="visible">True</property>
4488+ <property name="label"> </property>
4489+ <property name="use_underline">False</property>
4490+ <property name="use_markup">False</property>
4491+ <property name="justify">GTK_JUSTIFY_LEFT</property>
4492+ <property name="wrap">False</property>
4493+ <property name="selectable">False</property>
4494+ <property name="xalign">0.5</property>
4495+ <property name="yalign">0.5</property>
4496+ <property name="xpad">0</property>
4497+ <property name="ypad">0</property>
4498+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
4499+ <property name="width_chars">-1</property>
4500+ <property name="single_line_mode">False</property>
4501+ <property name="angle">0</property>
4502+ </widget>
4503+ <packing>
4504+ <property name="padding">0</property>
4505+ <property name="expand">False</property>
4506+ <property name="fill">False</property>
4507+ </packing>
4508+ </child>
4509+
4510+ <child>
4511+ <widget class="GtkHBox" id="hbox15">
4512+ <property name="visible">True</property>
4513+ <property name="homogeneous">False</property>
4514+ <property name="spacing">12</property>
4515+
4516+ <child>
4517+ <widget class="GtkCheckButton" id="out_tcp_all_checkbutton">
4518+ <property name="tooltip" translatable="yes">Allows %s to connect to any tcp port</property>
4519+ <property name="visible">True</property>
4520+ <property name="can_focus">True</property>
4521+ <property name="label" translatable="yes">All</property>
4522+ <property name="use_underline">True</property>
4523+ <property name="relief">GTK_RELIEF_NORMAL</property>
4524+ <property name="focus_on_click">True</property>
4525+ <property name="active">False</property>
4526+ <property name="inconsistent">False</property>
4527+ <property name="draw_indicator">True</property>
4528+ </widget>
4529+ <packing>
4530+ <property name="padding">10</property>
4531+ <property name="expand">False</property>
4532+ <property name="fill">False</property>
4533+ </packing>
4534+ </child>
4535+
4536+ <child>
4537+ <widget class="GtkLabel" id="label38">
4538+ <property name="visible">True</property>
4539+ <property name="label" translatable="yes">Select Ports</property>
4540+ <property name="use_underline">False</property>
4541+ <property name="use_markup">False</property>
4542+ <property name="justify">GTK_JUSTIFY_LEFT</property>
4543+ <property name="wrap">False</property>
4544+ <property name="selectable">False</property>
4545+ <property name="xalign">0</property>
4546+ <property name="yalign">0.5</property>
4547+ <property name="xpad">0</property>
4548+ <property name="ypad">0</property>
4549+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
4550+ <property name="width_chars">-1</property>
4551+ <property name="single_line_mode">False</property>
4552+ <property name="angle">0</property>
4553+ </widget>
4554+ <packing>
4555+ <property name="padding">5</property>
4556+ <property name="expand">False</property>
4557+ <property name="fill">False</property>
4558+ </packing>
4559+ </child>
4560+
4561+ <child>
4562+ <widget class="GtkEntry" id="out_tcp_entry">
4563+ <property name="visible">True</property>
4564+ <property name="tooltip" translatable="yes">Enter a comma separated list of tcp ports or ranges of ports that %s connects to. Example: 612, 650-660</property>
4565+ <property name="can_focus">True</property>
4566+ <property name="editable">True</property>
4567+ <property name="visibility">True</property>
4568+ <property name="max_length">0</property>
4569+ <property name="text" translatable="yes"></property>
4570+ <property name="has_frame">True</property>
4571+ <property name="invisible_char">•</property>
4572+ <property name="activates_default">False</property>
4573+ </widget>
4574+ <packing>
4575+ <property name="padding">0</property>
4576+ <property name="expand">True</property>
4577+ <property name="fill">True</property>
4578+ </packing>
4579+ </child>
4580+ </widget>
4581+ <packing>
4582+ <property name="padding">0</property>
4583+ <property name="expand">True</property>
4584+ <property name="fill">True</property>
4585+ </packing>
4586+ </child>
4587+ </widget>
4588+ <packing>
4589+ <property name="padding">0</property>
4590+ <property name="expand">True</property>
4591+ <property name="fill">True</property>
4592+ </packing>
4593+ </child>
4594+ </widget>
4595+ <packing>
4596+ <property name="padding">0</property>
4597+ <property name="expand">True</property>
4598+ <property name="fill">True</property>
4599+ </packing>
4600+ </child>
4601+
4602+ <child>
4603+ <widget class="GtkVBox" id="vbox27">
4604+ <property name="visible">True</property>
4605+ <property name="homogeneous">False</property>
4606+ <property name="spacing">6</property>
4607+
4608+ <child>
4609+ <widget class="GtkLabel" id="label23">
4610+ <property name="visible">True</property>
4611+ <property name="label" translatable="yes">&lt;b&gt;UDP Ports&lt;/b&gt;</property>
4612+ <property name="use_underline">False</property>
4613+ <property name="use_markup">True</property>
4614+ <property name="justify">GTK_JUSTIFY_LEFT</property>
4615+ <property name="wrap">False</property>
4616+ <property name="selectable">False</property>
4617+ <property name="xalign">0</property>
4618+ <property name="yalign">0.5</property>
4619+ <property name="xpad">0</property>
4620+ <property name="ypad">0</property>
4621+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
4622+ <property name="width_chars">-1</property>
4623+ <property name="single_line_mode">False</property>
4624+ <property name="angle">0</property>
4625+ </widget>
4626+ <packing>
4627+ <property name="padding">0</property>
4628+ <property name="expand">False</property>
4629+ <property name="fill">False</property>
4630+ </packing>
4631+ </child>
4632+
4633+ <child>
4634+ <widget class="GtkHBox" id="hbox27">
4635+ <property name="visible">True</property>
4636+ <property name="homogeneous">False</property>
4637+ <property name="spacing">0</property>
4638+
4639+ <child>
4640+ <widget class="GtkLabel" id="label62">
4641+ <property name="visible">True</property>
4642+ <property name="label"> </property>
4643+ <property name="use_underline">False</property>
4644+ <property name="use_markup">False</property>
4645+ <property name="justify">GTK_JUSTIFY_LEFT</property>
4646+ <property name="wrap">False</property>
4647+ <property name="selectable">False</property>
4648+ <property name="xalign">0.5</property>
4649+ <property name="yalign">0.5</property>
4650+ <property name="xpad">0</property>
4651+ <property name="ypad">0</property>
4652+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
4653+ <property name="width_chars">-1</property>
4654+ <property name="single_line_mode">False</property>
4655+ <property name="angle">0</property>
4656+ </widget>
4657+ <packing>
4658+ <property name="padding">0</property>
4659+ <property name="expand">False</property>
4660+ <property name="fill">False</property>
4661+ </packing>
4662+ </child>
4663+
4664+ <child>
4665+ <widget class="GtkHBox" id="hbox12">
4666+ <property name="visible">True</property>
4667+ <property name="homogeneous">False</property>
4668+ <property name="spacing">12</property>
4669+
4670+ <child>
4671+ <widget class="GtkCheckButton" id="out_udp_all_checkbutton">
4672+ <property name="tooltip" translatable="yes">Allows %s to connect to any udp port</property>
4673+ <property name="visible">True</property>
4674+ <property name="can_focus">True</property>
4675+ <property name="label" translatable="yes">All</property>
4676+ <property name="use_underline">True</property>
4677+ <property name="relief">GTK_RELIEF_NORMAL</property>
4678+ <property name="focus_on_click">True</property>
4679+ <property name="active">False</property>
4680+ <property name="inconsistent">False</property>
4681+ <property name="draw_indicator">True</property>
4682+ </widget>
4683+ <packing>
4684+ <property name="padding">10</property>
4685+ <property name="expand">False</property>
4686+ <property name="fill">False</property>
4687+ </packing>
4688+ </child>
4689+
4690+ <child>
4691+ <widget class="GtkLabel" id="label22">
4692+ <property name="visible">True</property>
4693+ <property name="label" translatable="yes">Select Ports</property>
4694+ <property name="use_underline">False</property>
4695+ <property name="use_markup">False</property>
4696+ <property name="justify">GTK_JUSTIFY_LEFT</property>
4697+ <property name="wrap">False</property>
4698+ <property name="selectable">False</property>
4699+ <property name="xalign">0</property>
4700+ <property name="yalign">0.5</property>
4701+ <property name="xpad">0</property>
4702+ <property name="ypad">0</property>
4703+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
4704+ <property name="width_chars">-1</property>
4705+ <property name="single_line_mode">False</property>
4706+ <property name="angle">0</property>
4707+ </widget>
4708+ <packing>
4709+ <property name="padding">5</property>
4710+ <property name="expand">False</property>
4711+ <property name="fill">False</property>
4712+ </packing>
4713+ </child>
4714+
4715+ <child>
4716+ <widget class="GtkEntry" id="out_udp_entry">
4717+ <property name="visible">True</property>
4718+ <property name="tooltip" translatable="yes">Enter a comma separated list of udp ports or ranges of ports that %s connects to. Example: 612, 650-660</property>
4719+ <property name="can_focus">True</property>
4720+ <property name="editable">True</property>
4721+ <property name="visibility">True</property>
4722+ <property name="max_length">0</property>
4723+ <property name="text" translatable="yes"></property>
4724+ <property name="has_frame">True</property>
4725+ <property name="invisible_char">•</property>
4726+ <property name="activates_default">False</property>
4727+ </widget>
4728+ <packing>
4729+ <property name="padding">0</property>
4730+ <property name="expand">True</property>
4731+ <property name="fill">True</property>
4732+ </packing>
4733+ </child>
4734+ </widget>
4735+ <packing>
4736+ <property name="padding">0</property>
4737+ <property name="expand">True</property>
4738+ <property name="fill">True</property>
4739+ </packing>
4740+ </child>
4741+ </widget>
4742+ <packing>
4743+ <property name="padding">0</property>
4744+ <property name="expand">True</property>
4745+ <property name="fill">True</property>
4746+ </packing>
4747+ </child>
4748+ </widget>
4749+ <packing>
4750+ <property name="padding">0</property>
4751+ <property name="expand">True</property>
4752+ <property name="fill">True</property>
4753+ </packing>
4754+ </child>
4755+ </widget>
4756+ <packing>
4757+ <property name="tab_expand">False</property>
4758+ <property name="tab_fill">True</property>
4759+ </packing>
4760+ </child>
4761+
4762+ <child>
4763+ <widget class="GtkLabel" id="label114">
4764+ <property name="visible">True</property>
4765+ <property name="label" translatable="yes">label114</property>
4766+ <property name="use_underline">False</property>
4767+ <property name="use_markup">False</property>
4768+ <property name="justify">GTK_JUSTIFY_LEFT</property>
4769+ <property name="wrap">False</property>
4770+ <property name="selectable">False</property>
4771+ <property name="xalign">0.5</property>
4772+ <property name="yalign">0.5</property>
4773+ <property name="xpad">0</property>
4774+ <property name="ypad">0</property>
4775+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
4776+ <property name="width_chars">-1</property>
4777+ <property name="single_line_mode">False</property>
4778+ <property name="angle">0</property>
4779+ </widget>
4780+ <packing>
4781+ <property name="type">tab</property>
4782+ </packing>
4783+ </child>
4784+
4785+ <child>
4786+ <widget class="GtkVBox" id="vbox68">
4787+ <property name="visible">True</property>
4788+ <property name="homogeneous">False</property>
4789+ <property name="spacing">0</property>
4790+
4791+ <child>
4792+ <widget class="GtkLabel" id="select_common_label">
4793+ <property name="visible">True</property>
4794+ <property name="label" translatable="yes">&lt;b&gt;Select common application traits for %s:&lt;/b&gt;</property>
4795+ <property name="use_underline">False</property>
4796+ <property name="use_markup">True</property>
4797+ <property name="justify">GTK_JUSTIFY_LEFT</property>
4798+ <property name="wrap">False</property>
4799+ <property name="selectable">False</property>
4800+ <property name="xalign">0</property>
4801+ <property name="yalign">0.5</property>
4802+ <property name="xpad">0</property>
4803+ <property name="ypad">0</property>
4804+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
4805+ <property name="width_chars">-1</property>
4806+ <property name="single_line_mode">False</property>
4807+ <property name="angle">0</property>
4808+ </widget>
4809+ <packing>
4810+ <property name="padding">5</property>
4811+ <property name="expand">False</property>
4812+ <property name="fill">False</property>
4813+ </packing>
4814+ </child>
4815+
4816+ <child>
4817+ <widget class="GtkVBox" id="vbox4">
4818+ <property name="visible">True</property>
4819+ <property name="homogeneous">False</property>
4820+ <property name="spacing">6</property>
4821+
4822+ <child>
4823+ <widget class="GtkCheckButton" id="syslog_checkbutton">
4824+ <property name="visible">True</property>
4825+ <property name="can_focus">True</property>
4826+ <property name="label" translatable="yes">Writes syslog messages </property>
4827+ <property name="use_underline">True</property>
4828+ <property name="relief">GTK_RELIEF_NORMAL</property>
4829+ <property name="focus_on_click">True</property>
4830+ <property name="active">False</property>
4831+ <property name="inconsistent">False</property>
4832+ <property name="draw_indicator">True</property>
4833+ </widget>
4834+ <packing>
4835+ <property name="padding">0</property>
4836+ <property name="expand">False</property>
4837+ <property name="fill">False</property>
4838+ </packing>
4839+ </child>
4840+
4841+ <child>
4842+ <widget class="GtkCheckButton" id="tmp_checkbutton">
4843+ <property name="visible">True</property>
4844+ <property name="can_focus">True</property>
4845+ <property name="label" translatable="yes">Create/Manipulate temporary files in /tmp</property>
4846+ <property name="use_underline">True</property>
4847+ <property name="relief">GTK_RELIEF_NORMAL</property>
4848+ <property name="focus_on_click">True</property>
4849+ <property name="active">False</property>
4850+ <property name="inconsistent">False</property>
4851+ <property name="draw_indicator">True</property>
4852+ </widget>
4853+ <packing>
4854+ <property name="padding">0</property>
4855+ <property name="expand">False</property>
4856+ <property name="fill">False</property>
4857+ </packing>
4858+ </child>
4859+
4860+ <child>
4861+ <widget class="GtkCheckButton" id="pam_checkbutton">
4862+ <property name="visible">True</property>
4863+ <property name="can_focus">True</property>
4864+ <property name="label" translatable="yes">Uses Pam for authentication</property>
4865+ <property name="use_underline">True</property>
4866+ <property name="relief">GTK_RELIEF_NORMAL</property>
4867+ <property name="focus_on_click">True</property>
4868+ <property name="active">False</property>
4869+ <property name="inconsistent">False</property>
4870+ <property name="draw_indicator">True</property>
4871+ </widget>
4872+ <packing>
4873+ <property name="padding">0</property>
4874+ <property name="expand">False</property>
4875+ <property name="fill">False</property>
4876+ </packing>
4877+ </child>
4878+
4879+ <child>
4880+ <widget class="GtkCheckButton" id="uid_checkbutton">
4881+ <property name="visible">True</property>
4882+ <property name="can_focus">True</property>
4883+ <property name="label" translatable="yes">Uses nsswitch or getpw* calls</property>
4884+ <property name="use_underline">True</property>
4885+ <property name="relief">GTK_RELIEF_NORMAL</property>
4886+ <property name="focus_on_click">True</property>
4887+ <property name="active">False</property>
4888+ <property name="inconsistent">False</property>
4889+ <property name="draw_indicator">True</property>
4890+ </widget>
4891+ <packing>
4892+ <property name="padding">0</property>
4893+ <property name="expand">False</property>
4894+ <property name="fill">False</property>
4895+ </packing>
4896+ </child>
4897+
4898+ <child>
4899+ <widget class="GtkCheckButton" id="dbus_checkbutton">
4900+ <property name="visible">True</property>
4901+ <property name="can_focus">True</property>
4902+ <property name="label" translatable="yes">Uses dbus</property>
4903+ <property name="use_underline">True</property>
4904+ <property name="relief">GTK_RELIEF_NORMAL</property>
4905+ <property name="focus_on_click">True</property>
4906+ <property name="active">False</property>
4907+ <property name="inconsistent">False</property>
4908+ <property name="draw_indicator">True</property>
4909+ </widget>
4910+ <packing>
4911+ <property name="padding">0</property>
4912+ <property name="expand">False</property>
4913+ <property name="fill">False</property>
4914+ </packing>
4915+ </child>
4916+
4917+ <child>
4918+ <widget class="GtkCheckButton" id="audit_checkbutton">
4919+ <property name="visible">True</property>
4920+ <property name="can_focus">True</property>
4921+ <property name="label" translatable="yes">Sends audit messages</property>
4922+ <property name="use_underline">True</property>
4923+ <property name="relief">GTK_RELIEF_NORMAL</property>
4924+ <property name="focus_on_click">True</property>
4925+ <property name="active">False</property>
4926+ <property name="inconsistent">False</property>
4927+ <property name="draw_indicator">True</property>
4928+ </widget>
4929+ <packing>
4930+ <property name="padding">0</property>
4931+ <property name="expand">False</property>
4932+ <property name="fill">False</property>
4933+ </packing>
4934+ </child>
4935+
4936+ <child>
4937+ <widget class="GtkCheckButton" id="terminal_checkbutton">
4938+ <property name="visible">True</property>
4939+ <property name="can_focus">True</property>
4940+ <property name="label" translatable="yes">Interacts with the terminal</property>
4941+ <property name="use_underline">True</property>
4942+ <property name="relief">GTK_RELIEF_NORMAL</property>
4943+ <property name="focus_on_click">True</property>
4944+ <property name="active">False</property>
4945+ <property name="inconsistent">False</property>
4946+ <property name="draw_indicator">True</property>
4947+ </widget>
4948+ <packing>
4949+ <property name="padding">0</property>
4950+ <property name="expand">False</property>
4951+ <property name="fill">False</property>
4952+ </packing>
4953+ </child>
4954+
4955+ <child>
4956+ <widget class="GtkCheckButton" id="mail_checkbutton">
4957+ <property name="visible">True</property>
4958+ <property name="can_focus">True</property>
4959+ <property name="label" translatable="yes">Sends email</property>
4960+ <property name="use_underline">True</property>
4961+ <property name="relief">GTK_RELIEF_NORMAL</property>
4962+ <property name="focus_on_click">True</property>
4963+ <property name="active">False</property>
4964+ <property name="inconsistent">False</property>
4965+ <property name="draw_indicator">True</property>
4966+ </widget>
4967+ <packing>
4968+ <property name="padding">0</property>
4969+ <property name="expand">False</property>
4970+ <property name="fill">False</property>
4971+ </packing>
4972+ </child>
4973+ </widget>
4974+ <packing>
4975+ <property name="padding">0</property>
4976+ <property name="expand">True</property>
4977+ <property name="fill">True</property>
4978+ </packing>
4979+ </child>
4980+ </widget>
4981+ <packing>
4982+ <property name="tab_expand">False</property>
4983+ <property name="tab_fill">True</property>
4984+ </packing>
4985+ </child>
4986+
4987+ <child>
4988+ <widget class="GtkLabel" id="label115">
4989+ <property name="visible">True</property>
4990+ <property name="label" translatable="yes">label115</property>
4991+ <property name="use_underline">False</property>
4992+ <property name="use_markup">False</property>
4993+ <property name="justify">GTK_JUSTIFY_LEFT</property>
4994+ <property name="wrap">False</property>
4995+ <property name="selectable">False</property>
4996+ <property name="xalign">0.5</property>
4997+ <property name="yalign">0.5</property>
4998+ <property name="xpad">0</property>
4999+ <property name="ypad">0</property>
5000+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
5001+ <property name="width_chars">-1</property>
5002+ <property name="single_line_mode">False</property>
5003+ <property name="angle">0</property>
5004+ </widget>
5005+ <packing>
5006+ <property name="type">tab</property>
5007+ </packing>
5008+ </child>
5009+
5010+ <child>
5011+ <widget class="GtkVBox" id="vbox69">
5012+ <property name="visible">True</property>
5013+ <property name="homogeneous">False</property>
5014+ <property name="spacing">0</property>
5015+
5016+ <child>
5017+ <widget class="GtkLabel" id="select_manages_label">
5018+ <property name="visible">True</property>
5019+ <property name="label" translatable="yes">&lt;b&gt;Add files/directories that %s manages&lt;/b&gt;</property>
5020+ <property name="use_underline">False</property>
5021+ <property name="use_markup">True</property>
5022+ <property name="justify">GTK_JUSTIFY_LEFT</property>
5023+ <property name="wrap">False</property>
5024+ <property name="selectable">False</property>
5025+ <property name="xalign">0</property>
5026+ <property name="yalign">0.5</property>
5027+ <property name="xpad">0</property>
5028+ <property name="ypad">0</property>
5029+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
5030+ <property name="width_chars">-1</property>
5031+ <property name="single_line_mode">False</property>
5032+ <property name="angle">0</property>
5033+ </widget>
5034+ <packing>
5035+ <property name="padding">5</property>
5036+ <property name="expand">False</property>
5037+ <property name="fill">False</property>
5038+ </packing>
5039+ </child>
5040+
5041+ <child>
5042+ <widget class="GtkHBox" id="hbox1">
5043+ <property name="visible">True</property>
5044+ <property name="homogeneous">False</property>
5045+ <property name="spacing">12</property>
5046+
5047+ <child>
5048+ <widget class="GtkVBox" id="vbox3">
5049+ <property name="visible">True</property>
5050+ <property name="homogeneous">False</property>
5051+ <property name="spacing">6</property>
5052+
5053+ <child>
5054+ <widget class="GtkButton" id="button2">
5055+ <property name="visible">True</property>
5056+ <property name="can_focus">True</property>
5057+ <property name="relief">GTK_RELIEF_NORMAL</property>
5058+ <property name="focus_on_click">True</property>
5059+ <signal name="clicked" handler="on_add_clicked" last_modification_time="Wed, 21 Feb 2007 18:47:51 GMT"/>
5060+
5061+ <child>
5062+ <widget class="GtkAlignment" id="alignment6">
5063+ <property name="visible">True</property>
5064+ <property name="xalign">0.5</property>
5065+ <property name="yalign">0.5</property>
5066+ <property name="xscale">0</property>
5067+ <property name="yscale">0</property>
5068+ <property name="top_padding">0</property>
5069+ <property name="bottom_padding">0</property>
5070+ <property name="left_padding">0</property>
5071+ <property name="right_padding">0</property>
5072+
5073+ <child>
5074+ <widget class="GtkHBox" id="hbox4">
5075+ <property name="visible">True</property>
5076+ <property name="homogeneous">False</property>
5077+ <property name="spacing">2</property>
5078+
5079+ <child>
5080+ <widget class="GtkImage" id="image3">
5081+ <property name="visible">True</property>
5082+ <property name="stock">gtk-add</property>
5083+ <property name="icon_size">4</property>
5084+ <property name="xalign">0.5</property>
5085+ <property name="yalign">0.5</property>
5086+ <property name="xpad">0</property>
5087+ <property name="ypad">0</property>
5088+ </widget>
5089+ <packing>
5090+ <property name="padding">0</property>
5091+ <property name="expand">False</property>
5092+ <property name="fill">False</property>
5093+ </packing>
5094+ </child>
5095+
5096+ <child>
5097+ <widget class="GtkLabel" id="label17">
5098+ <property name="visible">True</property>
5099+ <property name="label">Add File</property>
5100+ <property name="use_underline">True</property>
5101+ <property name="use_markup">False</property>
5102+ <property name="justify">GTK_JUSTIFY_LEFT</property>
5103+ <property name="wrap">False</property>
5104+ <property name="selectable">False</property>
5105+ <property name="xalign">0.5</property>
5106+ <property name="yalign">0.5</property>
5107+ <property name="xpad">0</property>
5108+ <property name="ypad">0</property>
5109+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
5110+ <property name="width_chars">-1</property>
5111+ <property name="single_line_mode">False</property>
5112+ <property name="angle">0</property>
5113+ </widget>
5114+ <packing>
5115+ <property name="padding">0</property>
5116+ <property name="expand">False</property>
5117+ <property name="fill">False</property>
5118+ </packing>
5119+ </child>
5120+ </widget>
5121+ </child>
5122+ </widget>
5123+ </child>
5124+ </widget>
5125+ <packing>
5126+ <property name="padding">0</property>
5127+ <property name="expand">False</property>
5128+ <property name="fill">False</property>
5129+ </packing>
5130+ </child>
5131+
5132+ <child>
5133+ <widget class="GtkButton" id="button9">
5134+ <property name="visible">True</property>
5135+ <property name="can_focus">True</property>
5136+ <property name="relief">GTK_RELIEF_NORMAL</property>
5137+ <property name="focus_on_click">True</property>
5138+ <signal name="clicked" handler="on_add_dir_clicked" last_modification_time="Wed, 21 Feb 2007 22:15:43 GMT"/>
5139+
5140+ <child>
5141+ <widget class="GtkAlignment" id="alignment5">
5142+ <property name="visible">True</property>
5143+ <property name="xalign">0.5</property>
5144+ <property name="yalign">0.5</property>
5145+ <property name="xscale">0</property>
5146+ <property name="yscale">0</property>
5147+ <property name="top_padding">0</property>
5148+ <property name="bottom_padding">0</property>
5149+ <property name="left_padding">0</property>
5150+ <property name="right_padding">0</property>
5151+
5152+ <child>
5153+ <widget class="GtkHBox" id="hbox3">
5154+ <property name="visible">True</property>
5155+ <property name="homogeneous">False</property>
5156+ <property name="spacing">2</property>
5157+
5158+ <child>
5159+ <widget class="GtkImage" id="image2">
5160+ <property name="visible">True</property>
5161+ <property name="stock">gtk-add</property>
5162+ <property name="icon_size">4</property>
5163+ <property name="xalign">0.5</property>
5164+ <property name="yalign">0.5</property>
5165+ <property name="xpad">0</property>
5166+ <property name="ypad">0</property>
5167+ </widget>
5168+ <packing>
5169+ <property name="padding">0</property>
5170+ <property name="expand">False</property>
5171+ <property name="fill">False</property>
5172+ </packing>
5173+ </child>
5174+
5175+ <child>
5176+ <widget class="GtkLabel" id="label16">
5177+ <property name="visible">True</property>
5178+ <property name="label">Add Directory</property>
5179+ <property name="use_underline">True</property>
5180+ <property name="use_markup">False</property>
5181+ <property name="justify">GTK_JUSTIFY_LEFT</property>
5182+ <property name="wrap">False</property>
5183+ <property name="selectable">False</property>
5184+ <property name="xalign">0.5</property>
5185+ <property name="yalign">0.5</property>
5186+ <property name="xpad">0</property>
5187+ <property name="ypad">0</property>
5188+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
5189+ <property name="width_chars">-1</property>
5190+ <property name="single_line_mode">False</property>
5191+ <property name="angle">0</property>
5192+ </widget>
5193+ <packing>
5194+ <property name="padding">0</property>
5195+ <property name="expand">False</property>
5196+ <property name="fill">False</property>
5197+ </packing>
5198+ </child>
5199+ </widget>
5200+ </child>
5201+ </widget>
5202+ </child>
5203+ </widget>
5204+ <packing>
5205+ <property name="padding">0</property>
5206+ <property name="expand">False</property>
5207+ <property name="fill">False</property>
5208+ </packing>
5209+ </child>
5210+
5211+ <child>
5212+ <widget class="GtkButton" id="button4">
5213+ <property name="visible">True</property>
5214+ <property name="can_focus">True</property>
5215+ <property name="label">gtk-delete</property>
5216+ <property name="use_stock">True</property>
5217+ <property name="relief">GTK_RELIEF_NORMAL</property>
5218+ <property name="focus_on_click">True</property>
5219+ <signal name="clicked" handler="on_delete_clicked" last_modification_time="Wed, 21 Feb 2007 18:48:10 GMT"/>
5220+ <accelerator key="Delete" modifiers="0" signal="clicked"/>
5221+ </widget>
5222+ <packing>
5223+ <property name="padding">0</property>
5224+ <property name="expand">False</property>
5225+ <property name="fill">False</property>
5226+ </packing>
5227+ </child>
5228+ </widget>
5229+ <packing>
5230+ <property name="padding">4</property>
5231+ <property name="expand">False</property>
5232+ <property name="fill">False</property>
5233+ </packing>
5234+ </child>
5235+
5236+ <child>
5237+ <widget class="GtkScrolledWindow" id="scrolledwindow2">
5238+ <property name="visible">True</property>
5239+ <property name="can_focus">True</property>
5240+ <property name="hscrollbar_policy">GTK_POLICY_AUTOMATIC</property>
5241+ <property name="vscrollbar_policy">GTK_POLICY_AUTOMATIC</property>
5242+ <property name="shadow_type">GTK_SHADOW_IN</property>
5243+ <property name="window_placement">GTK_CORNER_TOP_LEFT</property>
5244+
5245+ <child>
5246+ <widget class="GtkTreeView" id="write_treeview">
5247+ <property name="visible">True</property>
5248+ <property name="tooltip" translatable="yes">Files/Directories which the %s &quot;manages&quot;. Pid Files, Log Files, /var/lib Files ...</property>
5249+ <property name="can_focus">True</property>
5250+ <property name="headers_visible">False</property>
5251+ <property name="rules_hint">False</property>
5252+ <property name="reorderable">False</property>
5253+ <property name="enable_search">True</property>
5254+ <property name="fixed_height_mode">False</property>
5255+ <property name="hover_selection">False</property>
5256+ <property name="hover_expand">False</property>
5257+ </widget>
5258+ </child>
5259+ </widget>
5260+ <packing>
5261+ <property name="padding">0</property>
5262+ <property name="expand">True</property>
5263+ <property name="fill">True</property>
5264+ </packing>
5265+ </child>
5266+ </widget>
5267+ <packing>
5268+ <property name="padding">0</property>
5269+ <property name="expand">True</property>
5270+ <property name="fill">True</property>
5271+ </packing>
5272+ </child>
5273+ </widget>
5274+ <packing>
5275+ <property name="tab_expand">False</property>
5276+ <property name="tab_fill">True</property>
5277+ </packing>
5278+ </child>
5279+
5280+ <child>
5281+ <widget class="GtkLabel" id="label116">
5282+ <property name="visible">True</property>
5283+ <property name="label" translatable="yes">label116</property>
5284+ <property name="use_underline">False</property>
5285+ <property name="use_markup">False</property>
5286+ <property name="justify">GTK_JUSTIFY_LEFT</property>
5287+ <property name="wrap">False</property>
5288+ <property name="selectable">False</property>
5289+ <property name="xalign">0.5</property>
5290+ <property name="yalign">0.5</property>
5291+ <property name="xpad">0</property>
5292+ <property name="ypad">0</property>
5293+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
5294+ <property name="width_chars">-1</property>
5295+ <property name="single_line_mode">False</property>
5296+ <property name="angle">0</property>
5297+ </widget>
5298+ <packing>
5299+ <property name="type">tab</property>
5300+ </packing>
5301+ </child>
5302+
5303+ <child>
5304+ <widget class="GtkVBox" id="vbox70">
5305+ <property name="visible">True</property>
5306+ <property name="homogeneous">False</property>
5307+ <property name="spacing">0</property>
5308+
5309+ <child>
5310+ <widget class="GtkLabel" id="select_booleans_label">
5311+ <property name="visible">True</property>
5312+ <property name="label" translatable="yes">&lt;b&gt;Add booleans from the %s policy:&lt;/b&gt;</property>
5313+ <property name="use_underline">False</property>
5314+ <property name="use_markup">True</property>
5315+ <property name="justify">GTK_JUSTIFY_LEFT</property>
5316+ <property name="wrap">False</property>
5317+ <property name="selectable">False</property>
5318+ <property name="xalign">0</property>
5319+ <property name="yalign">0.5</property>
5320+ <property name="xpad">0</property>
5321+ <property name="ypad">0</property>
5322+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
5323+ <property name="width_chars">-1</property>
5324+ <property name="single_line_mode">False</property>
5325+ <property name="angle">0</property>
5326+ </widget>
5327+ <packing>
5328+ <property name="padding">5</property>
5329+ <property name="expand">False</property>
5330+ <property name="fill">False</property>
5331+ </packing>
5332+ </child>
5333+
5334+ <child>
5335+ <widget class="GtkHBox" id="hbox1">
5336+ <property name="visible">True</property>
5337+ <property name="homogeneous">False</property>
5338+ <property name="spacing">12</property>
5339+
5340+ <child>
5341+ <widget class="GtkVBox" id="vbox3">
5342+ <property name="visible">True</property>
5343+ <property name="homogeneous">False</property>
5344+ <property name="spacing">6</property>
5345+
5346+ <child>
5347+ <widget class="GtkButton" id="button2">
5348+ <property name="visible">True</property>
5349+ <property name="can_focus">True</property>
5350+ <property name="relief">GTK_RELIEF_NORMAL</property>
5351+ <property name="focus_on_click">True</property>
5352+ <signal name="clicked" handler="on_add_boolean_clicked" last_modification_time="Wed, 17 Oct 2007 00:02:27 GMT"/>
5353+
5354+ <child>
5355+ <widget class="GtkAlignment" id="alignment6">
5356+ <property name="visible">True</property>
5357+ <property name="xalign">0.5</property>
5358+ <property name="yalign">0.5</property>
5359+ <property name="xscale">0</property>
5360+ <property name="yscale">0</property>
5361+ <property name="top_padding">0</property>
5362+ <property name="bottom_padding">0</property>
5363+ <property name="left_padding">0</property>
5364+ <property name="right_padding">0</property>
5365+
5366+ <child>
5367+ <widget class="GtkHBox" id="hbox4">
5368+ <property name="visible">True</property>
5369+ <property name="homogeneous">False</property>
5370+ <property name="spacing">2</property>
5371+
5372+ <child>
5373+ <widget class="GtkImage" id="image3">
5374+ <property name="visible">True</property>
5375+ <property name="stock">gtk-add</property>
5376+ <property name="icon_size">4</property>
5377+ <property name="xalign">0.5</property>
5378+ <property name="yalign">0.5</property>
5379+ <property name="xpad">0</property>
5380+ <property name="ypad">0</property>
5381+ </widget>
5382+ <packing>
5383+ <property name="padding">0</property>
5384+ <property name="expand">False</property>
5385+ <property name="fill">False</property>
5386+ </packing>
5387+ </child>
5388+
5389+ <child>
5390+ <widget class="GtkLabel" id="label17">
5391+ <property name="visible">True</property>
5392+ <property name="label">Add Boolean</property>
5393+ <property name="use_underline">True</property>
5394+ <property name="use_markup">False</property>
5395+ <property name="justify">GTK_JUSTIFY_LEFT</property>
5396+ <property name="wrap">False</property>
5397+ <property name="selectable">False</property>
5398+ <property name="xalign">0.5</property>
5399+ <property name="yalign">0.5</property>
5400+ <property name="xpad">0</property>
5401+ <property name="ypad">0</property>
5402+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
5403+ <property name="width_chars">-1</property>
5404+ <property name="single_line_mode">False</property>
5405+ <property name="angle">0</property>
5406+ </widget>
5407+ <packing>
5408+ <property name="padding">0</property>
5409+ <property name="expand">False</property>
5410+ <property name="fill">False</property>
5411+ </packing>
5412+ </child>
5413+ </widget>
5414+ </child>
5415+ </widget>
5416+ </child>
5417+ </widget>
5418+ <packing>
5419+ <property name="padding">0</property>
5420+ <property name="expand">False</property>
5421+ <property name="fill">False</property>
5422+ </packing>
5423+ </child>
5424+
5425+ <child>
5426+ <widget class="GtkButton" id="button4">
5427+ <property name="visible">True</property>
5428+ <property name="can_focus">True</property>
5429+ <property name="label">gtk-delete</property>
5430+ <property name="use_stock">True</property>
5431+ <property name="relief">GTK_RELIEF_NORMAL</property>
5432+ <property name="focus_on_click">True</property>
5433+ <signal name="clicked" handler="on_delete_boolean_clicked" last_modification_time="Wed, 17 Oct 2007 00:02:39 GMT"/>
5434+ <accelerator key="Delete" modifiers="0" signal="clicked"/>
5435+ </widget>
5436+ <packing>
5437+ <property name="padding">0</property>
5438+ <property name="expand">False</property>
5439+ <property name="fill">False</property>
5440+ </packing>
5441+ </child>
5442+ </widget>
5443+ <packing>
5444+ <property name="padding">4</property>
5445+ <property name="expand">False</property>
5446+ <property name="fill">True</property>
5447+ </packing>
5448+ </child>
5449+
5450+ <child>
5451+ <widget class="GtkScrolledWindow" id="scrolledwindow2">
5452+ <property name="visible">True</property>
5453+ <property name="can_focus">True</property>
5454+ <property name="hscrollbar_policy">GTK_POLICY_AUTOMATIC</property>
5455+ <property name="vscrollbar_policy">GTK_POLICY_AUTOMATIC</property>
5456+ <property name="shadow_type">GTK_SHADOW_IN</property>
5457+ <property name="window_placement">GTK_CORNER_TOP_LEFT</property>
5458+
5459+ <child>
5460+ <widget class="GtkTreeView" id="boolean_treeview">
5461+ <property name="visible">True</property>
5462+ <property name="tooltip" translatable="yes">Add/Remove booleans used by the %s domain</property>
5463+ <property name="can_focus">True</property>
5464+ <property name="headers_visible">True</property>
5465+ <property name="rules_hint">False</property>
5466+ <property name="reorderable">False</property>
5467+ <property name="enable_search">True</property>
5468+ <property name="fixed_height_mode">False</property>
5469+ <property name="hover_selection">False</property>
5470+ <property name="hover_expand">False</property>
5471+ </widget>
5472+ </child>
5473+ </widget>
5474+ <packing>
5475+ <property name="padding">0</property>
5476+ <property name="expand">True</property>
5477+ <property name="fill">True</property>
5478+ </packing>
5479+ </child>
5480+ </widget>
5481+ <packing>
5482+ <property name="padding">0</property>
5483+ <property name="expand">True</property>
5484+ <property name="fill">True</property>
5485+ </packing>
5486+ </child>
5487+ </widget>
5488+ <packing>
5489+ <property name="tab_expand">False</property>
5490+ <property name="tab_fill">True</property>
5491+ </packing>
5492+ </child>
5493+
5494+ <child>
5495+ <widget class="GtkLabel" id="GtkLabel">
5496+ <property name="visible">True</property>
5497+ <property name="label" translatable="yes"></property>
5498+ <property name="use_underline">False</property>
5499+ <property name="use_markup">False</property>
5500+ <property name="justify">GTK_JUSTIFY_LEFT</property>
5501+ <property name="wrap">False</property>
5502+ <property name="selectable">False</property>
5503+ <property name="xalign">0.5</property>
5504+ <property name="yalign">0.5</property>
5505+ <property name="xpad">0</property>
5506+ <property name="ypad">0</property>
5507+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
5508+ <property name="width_chars">-1</property>
5509+ <property name="single_line_mode">False</property>
5510+ <property name="angle">0</property>
5511+ </widget>
5512+ <packing>
5513+ <property name="type">tab</property>
5514+ </packing>
5515+ </child>
5516+
5517+ <child>
5518+ <widget class="GtkVBox" id="vbox71">
5519+ <property name="visible">True</property>
5520+ <property name="homogeneous">False</property>
5521+ <property name="spacing">0</property>
5522+
5523+ <child>
5524+ <widget class="GtkLabel" id="select_dir_label">
5525+ <property name="visible">True</property>
5526+ <property name="label" translatable="yes">&lt;b&gt;Which directory you will generate the %s policy?&lt;/b&gt;</property>
5527+ <property name="use_underline">False</property>
5528+ <property name="use_markup">True</property>
5529+ <property name="justify">GTK_JUSTIFY_LEFT</property>
5530+ <property name="wrap">False</property>
5531+ <property name="selectable">False</property>
5532+ <property name="xalign">0</property>
5533+ <property name="yalign">0.5</property>
5534+ <property name="xpad">0</property>
5535+ <property name="ypad">0</property>
5536+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
5537+ <property name="width_chars">-1</property>
5538+ <property name="single_line_mode">False</property>
5539+ <property name="angle">0</property>
5540+ </widget>
5541+ <packing>
5542+ <property name="padding">0</property>
5543+ <property name="expand">False</property>
5544+ <property name="fill">False</property>
5545+ </packing>
5546+ </child>
5547+
5548+ <child>
5549+ <widget class="GtkHBox" id="hbox6">
5550+ <property name="visible">True</property>
5551+ <property name="homogeneous">False</property>
5552+ <property name="spacing">12</property>
5553+
5554+ <child>
5555+ <widget class="GtkLabel" id="label18">
5556+ <property name="visible">True</property>
5557+ <property name="label" translatable="yes">Policy Directory</property>
5558+ <property name="use_underline">False</property>
5559+ <property name="use_markup">False</property>
5560+ <property name="justify">GTK_JUSTIFY_LEFT</property>
5561+ <property name="wrap">False</property>
5562+ <property name="selectable">False</property>
5563+ <property name="xalign">0.5</property>
5564+ <property name="yalign">0.5</property>
5565+ <property name="xpad">0</property>
5566+ <property name="ypad">0</property>
5567+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
5568+ <property name="width_chars">-1</property>
5569+ <property name="single_line_mode">False</property>
5570+ <property name="angle">0</property>
5571+ </widget>
5572+ <packing>
5573+ <property name="padding">5</property>
5574+ <property name="expand">False</property>
5575+ <property name="fill">False</property>
5576+ </packing>
5577+ </child>
5578+
5579+ <child>
5580+ <widget class="GtkEntry" id="output_entry">
5581+ <property name="visible">True</property>
5582+ <property name="can_focus">True</property>
5583+ <property name="editable">True</property>
5584+ <property name="visibility">True</property>
5585+ <property name="max_length">0</property>
5586+ <property name="text" translatable="yes"></property>
5587+ <property name="has_frame">True</property>
5588+ <property name="invisible_char">•</property>
5589+ <property name="activates_default">False</property>
5590+ </widget>
5591+ <packing>
5592+ <property name="padding">0</property>
5593+ <property name="expand">True</property>
5594+ <property name="fill">True</property>
5595+ </packing>
5596+ </child>
5597+
5598+ <child>
5599+ <widget class="GtkButton" id="output_button">
5600+ <property name="visible">True</property>
5601+ <property name="can_focus">True</property>
5602+ <property name="label" translatable="yes">...</property>
5603+ <property name="use_underline">True</property>
5604+ <property name="relief">GTK_RELIEF_NORMAL</property>
5605+ <property name="focus_on_click">True</property>
5606+ </widget>
5607+ <packing>
5608+ <property name="padding">0</property>
5609+ <property name="expand">False</property>
5610+ <property name="fill">False</property>
5611+ </packing>
5612+ </child>
5613+ </widget>
5614+ <packing>
5615+ <property name="padding">12</property>
5616+ <property name="expand">False</property>
5617+ <property name="fill">False</property>
5618+ </packing>
5619+ </child>
5620+ </widget>
5621+ <packing>
5622+ <property name="tab_expand">False</property>
5623+ <property name="tab_fill">True</property>
5624+ </packing>
5625+ </child>
5626+
5627+ <child>
5628+ <widget class="GtkLabel" id="GtkLabel">
5629+ <property name="visible">True</property>
5630+ <property name="label" translatable="yes"></property>
5631+ <property name="use_underline">False</property>
5632+ <property name="use_markup">False</property>
5633+ <property name="justify">GTK_JUSTIFY_LEFT</property>
5634+ <property name="wrap">False</property>
5635+ <property name="selectable">False</property>
5636+ <property name="xalign">0.5</property>
5637+ <property name="yalign">0.5</property>
5638+ <property name="xpad">0</property>
5639+ <property name="ypad">0</property>
5640+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
5641+ <property name="width_chars">-1</property>
5642+ <property name="single_line_mode">False</property>
5643+ <property name="angle">0</property>
5644+ </widget>
5645+ <packing>
5646+ <property name="type">tab</property>
5647+ </packing>
5648+ </child>
5649+ </widget>
5650+ <packing>
5651+ <property name="padding">0</property>
5652+ <property name="expand">True</property>
5653+ <property name="fill">True</property>
5654+ </packing>
5655+ </child>
5656+
5657+ <child>
5658+ <widget class="GtkHButtonBox" id="hbuttonbox2">
5659+ <property name="visible">True</property>
5660+ <property name="layout_style">GTK_BUTTONBOX_END</property>
5661+ <property name="spacing">0</property>
5662+
5663+ <child>
5664+ <widget class="GtkButton" id="cancel_button">
5665+ <property name="visible">True</property>
5666+ <property name="can_default">True</property>
5667+ <property name="can_focus">True</property>
5668+ <property name="label">gtk-cancel</property>
5669+ <property name="use_stock">True</property>
5670+ <property name="relief">GTK_RELIEF_NORMAL</property>
5671+ <property name="focus_on_click">True</property>
5672+ <signal name="activate" handler="on_cancel_activate" last_modification_time="Wed, 02 Feb 2011 21:21:29 GMT"/>
5673+ </widget>
5674+ </child>
5675+
5676+ <child>
5677+ <widget class="GtkButton" id="back_button">
5678+ <property name="visible">True</property>
5679+ <property name="can_default">True</property>
5680+ <property name="can_focus">True</property>
5681+ <property name="label">gtk-go-back</property>
5682+ <property name="use_stock">True</property>
5683+ <property name="relief">GTK_RELIEF_NORMAL</property>
5684+ <property name="focus_on_click">True</property>
5685+ <signal name="activate" handler="on_back_activate" last_modification_time="Wed, 02 Feb 2011 21:22:00 GMT"/>
5686+ </widget>
5687+ </child>
5688+
5689+ <child>
5690+ <widget class="GtkButton" id="forward_button">
5691+ <property name="visible">True</property>
5692+ <property name="can_default">True</property>
5693+ <property name="can_focus">True</property>
5694+ <property name="label">gtk-media-forward</property>
5695+ <property name="use_stock">True</property>
5696+ <property name="relief">GTK_RELIEF_NORMAL</property>
5697+ <property name="focus_on_click">True</property>
5698+ <signal name="activate" handler="on_forward_activate" last_modification_time="Wed, 02 Feb 2011 21:22:32 GMT"/>
5699+ </widget>
5700+ </child>
5701+ </widget>
5702+ <packing>
5703+ <property name="padding">5</property>
5704+ <property name="expand">False</property>
5705+ <property name="fill">False</property>
5706+ </packing>
5707+ </child>
5708+ </widget>
5709+ </child>
5710+</widget>
5711+
5712+<widget class="GtkDialog" id="boolean_dialog">
5713+ <property name="border_width">12</property>
5714+ <property name="title" translatable="yes">Add Booleans Dialog</property>
5715+ <property name="type">GTK_WINDOW_TOPLEVEL</property>
5716+ <property name="window_position">GTK_WIN_POS_MOUSE</property>
5717+ <property name="modal">False</property>
5718+ <property name="default_width">400</property>
5719+ <property name="resizable">True</property>
5720+ <property name="destroy_with_parent">False</property>
5721+ <property name="decorated">True</property>
5722+ <property name="skip_taskbar_hint">False</property>
5723+ <property name="skip_pager_hint">False</property>
5724+ <property name="type_hint">GDK_WINDOW_TYPE_HINT_DIALOG</property>
5725+ <property name="gravity">GDK_GRAVITY_NORTH_WEST</property>
5726+ <property name="focus_on_map">True</property>
5727+ <property name="urgency_hint">False</property>
5728+ <property name="has_separator">False</property>
5729+
5730+ <child internal-child="vbox">
5731+ <widget class="GtkVBox" id="dialog-vbox2">
5732+ <property name="visible">True</property>
5733+ <property name="homogeneous">False</property>
5734+ <property name="spacing">6</property>
5735+
5736+ <child internal-child="action_area">
5737+ <widget class="GtkHButtonBox" id="dialog-action_area2">
5738+ <property name="visible">True</property>
5739+ <property name="layout_style">GTK_BUTTONBOX_END</property>
5740+
5741+ <child>
5742+ <widget class="GtkButton" id="cancelbutton1">
5743+ <property name="visible">True</property>
5744+ <property name="can_default">True</property>
5745+ <property name="can_focus">True</property>
5746+ <property name="label">gtk-cancel</property>
5747+ <property name="use_stock">True</property>
5748+ <property name="relief">GTK_RELIEF_NORMAL</property>
5749+ <property name="focus_on_click">True</property>
5750+ <property name="response_id">-6</property>
5751+ </widget>
5752+ </child>
5753+
5754+ <child>
5755+ <widget class="GtkButton" id="okbutton1">
5756+ <property name="visible">True</property>
5757+ <property name="can_default">True</property>
5758+ <property name="can_focus">True</property>
5759+ <property name="label">gtk-add</property>
5760+ <property name="use_stock">True</property>
5761+ <property name="relief">GTK_RELIEF_NORMAL</property>
5762+ <property name="focus_on_click">True</property>
5763+ <property name="response_id">-5</property>
5764+ </widget>
5765+ </child>
5766+ </widget>
5767+ <packing>
5768+ <property name="padding">0</property>
5769+ <property name="expand">False</property>
5770+ <property name="fill">True</property>
5771+ <property name="pack_type">GTK_PACK_END</property>
5772+ </packing>
5773+ </child>
5774+
5775+ <child>
5776+ <widget class="GtkTable" id="table6">
5777+ <property name="visible">True</property>
5778+ <property name="n_rows">2</property>
5779+ <property name="n_columns">2</property>
5780+ <property name="homogeneous">False</property>
5781+ <property name="row_spacing">6</property>
5782+ <property name="column_spacing">12</property>
5783+
5784+ <child>
5785+ <widget class="GtkLabel" id="label48">
5786+ <property name="visible">True</property>
5787+ <property name="label" translatable="yes">Boolean Name</property>
5788+ <property name="use_underline">False</property>
5789+ <property name="use_markup">False</property>
5790+ <property name="justify">GTK_JUSTIFY_LEFT</property>
5791+ <property name="wrap">False</property>
5792+ <property name="selectable">False</property>
5793+ <property name="xalign">0</property>
5794+ <property name="yalign">0.5</property>
5795+ <property name="xpad">0</property>
5796+ <property name="ypad">0</property>
5797+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
5798+ <property name="width_chars">-1</property>
5799+ <property name="single_line_mode">False</property>
5800+ <property name="angle">0</property>
5801+ </widget>
5802+ <packing>
5803+ <property name="left_attach">0</property>
5804+ <property name="right_attach">1</property>
5805+ <property name="top_attach">0</property>
5806+ <property name="bottom_attach">1</property>
5807+ <property name="x_options">fill</property>
5808+ <property name="y_options"></property>
5809+ </packing>
5810+ </child>
5811+
5812+ <child>
5813+ <widget class="GtkLabel" id="label49">
5814+ <property name="visible">True</property>
5815+ <property name="label" translatable="yes">Description</property>
5816+ <property name="use_underline">False</property>
5817+ <property name="use_markup">False</property>
5818+ <property name="justify">GTK_JUSTIFY_LEFT</property>
5819+ <property name="wrap">False</property>
5820+ <property name="selectable">False</property>
5821+ <property name="xalign">0</property>
5822+ <property name="yalign">0.5</property>
5823+ <property name="xpad">0</property>
5824+ <property name="ypad">0</property>
5825+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
5826+ <property name="width_chars">-1</property>
5827+ <property name="single_line_mode">False</property>
5828+ <property name="angle">0</property>
5829+ </widget>
5830+ <packing>
5831+ <property name="left_attach">0</property>
5832+ <property name="right_attach">1</property>
5833+ <property name="top_attach">1</property>
5834+ <property name="bottom_attach">2</property>
5835+ <property name="x_options">fill</property>
5836+ <property name="y_options"></property>
5837+ </packing>
5838+ </child>
5839+
5840+ <child>
5841+ <widget class="GtkEntry" id="boolean_name_entry">
5842+ <property name="visible">True</property>
5843+ <property name="can_focus">True</property>
5844+ <property name="editable">True</property>
5845+ <property name="visibility">True</property>
5846+ <property name="max_length">0</property>
5847+ <property name="text" translatable="yes"></property>
5848+ <property name="has_frame">True</property>
5849+ <property name="invisible_char">•</property>
5850+ <property name="activates_default">False</property>
5851+ </widget>
5852+ <packing>
5853+ <property name="left_attach">1</property>
5854+ <property name="right_attach">2</property>
5855+ <property name="top_attach">0</property>
5856+ <property name="bottom_attach">1</property>
5857+ <property name="y_options"></property>
5858+ </packing>
5859+ </child>
5860+
5861+ <child>
5862+ <widget class="GtkEntry" id="boolean_description_entry">
5863+ <property name="visible">True</property>
5864+ <property name="can_focus">True</property>
5865+ <property name="editable">True</property>
5866+ <property name="visibility">True</property>
5867+ <property name="max_length">0</property>
5868+ <property name="text" translatable="yes"></property>
5869+ <property name="has_frame">True</property>
5870+ <property name="invisible_char">•</property>
5871+ <property name="activates_default">False</property>
5872+ </widget>
5873+ <packing>
5874+ <property name="left_attach">1</property>
5875+ <property name="right_attach">2</property>
5876+ <property name="top_attach">1</property>
5877+ <property name="bottom_attach">2</property>
5878+ <property name="y_options"></property>
5879+ </packing>
5880+ </child>
5881+ </widget>
5882+ <packing>
5883+ <property name="padding">0</property>
5884+ <property name="expand">True</property>
5885+ <property name="fill">True</property>
5886+ </packing>
5887+ </child>
5888+ </widget>
5889+ </child>
5890+</widget>
5891+
5892+</glade-interface>
5893diff -up policycoreutils-2.1.8/gui/polgen.gladep.gui policycoreutils-2.1.8/gui/polgen.gladep
5894--- policycoreutils-2.1.8/gui/polgen.gladep.gui 2011-11-07 15:12:01.903834231 -0500
5895+++ policycoreutils-2.1.8/gui/polgen.gladep 2011-11-07 15:12:01.903834231 -0500
5896@@ -0,0 +1,7 @@
5897+<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*-->
5898+<!DOCTYPE glade-project SYSTEM "http://glade.gnome.org/glade-project-2.0.dtd">
5899+
5900+<glade-project>
5901+ <name></name>
5902+ <program_name></program_name>
5903+</glade-project>
5904diff -up policycoreutils-2.1.8/gui/polgengui.py.gui policycoreutils-2.1.8/gui/polgengui.py
5905--- policycoreutils-2.1.8/gui/polgengui.py.gui 2011-11-07 15:12:01.904834232 -0500
5906+++ policycoreutils-2.1.8/gui/polgengui.py 2011-11-07 15:12:01.904834232 -0500
5907@@ -0,0 +1,750 @@
5908+#!/usr/bin/python -Es
5909+#
5910+# polgengui.py - GUI for SELinux Config tool in system-config-selinux
5911+#
5912+# Dan Walsh <dwalsh@redhat.com>
5913+#
5914+# Copyright (C) 2007-2011 Red Hat
5915+#
5916+# This program is free software; you can redistribute it and/or modify
5917+# it under the terms of the GNU General Public License as published by
5918+# the Free Software Foundation; either version 2 of the License, or
5919+# (at your option) any later version.
5920+#
5921+# This program is distributed in the hope that it will be useful,
5922+# but WITHOUT ANY WARRANTY; without even the implied warranty of
5923+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
5924+# GNU General Public License for more details.
5925+#
5926+# You should have received a copy of the GNU General Public License
5927+# along with this program; if not, write to the Free Software
5928+# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
5929+#
5930+import signal
5931+import string
5932+import gtk
5933+import gtk.glade
5934+import os
5935+import gobject
5936+import gnome
5937+import sys
5938+import polgen
5939+import re
5940+
5941+
5942+##
5943+## I18N
5944+##
5945+PROGNAME="policycoreutils"
5946+
5947+import gettext
5948+gettext.bindtextdomain(PROGNAME, "/usr/share/locale")
5949+gettext.textdomain(PROGNAME)
5950+try:
5951+ gettext.install(PROGNAME,
5952+ localedir="/usr/share/locale",
5953+ unicode=False,
5954+ codeset = 'utf-8')
5955+except IOError:
5956+ import __builtin__
5957+ __builtin__.__dict__['_'] = unicode
5958+
5959+gnome.program_init("SELinux Policy Generation Tool", "5")
5960+
5961+version = "1.0"
5962+
5963+sys.path.append('/usr/share/system-config-selinux')
5964+sys.path.append('.')
5965+
5966+# From John Hunter http://www.daa.com.au/pipermail/pygtk/2003-February/004454.html
5967+def foreach(model, path, iter, selected):
5968+ selected.append(model.get_value(iter, 0))
5969+
5970+##
5971+## Pull in the Glade file
5972+##
5973+if os.access("polgen.glade", os.F_OK):
5974+ xml = gtk.glade.XML ("polgen.glade", domain=PROGNAME)
5975+else:
5976+ xml = gtk.glade.XML ("/usr/share/system-config-selinux/polgen.glade", domain=PROGNAME)
5977+
5978+FILE = 1
5979+DIR = 2
5980+
5981+class childWindow:
5982+ START_PAGE = 0
5983+ SELECT_TYPE_PAGE = 0
5984+ APP_PAGE = 1
5985+ EXISTING_USER_PAGE = 2
5986+ TRANSITION_PAGE = 3
5987+ USER_TRANSITION_PAGE = 4
5988+ ADMIN_PAGE = 5
5989+ ROLE_PAGE = 6
5990+ IN_NET_PAGE = 7
5991+ OUT_NET_PAGE = 8
5992+ COMMON_APPS_PAGE = 9
5993+ FILES_PAGE = 10
5994+ BOOLEAN_PAGE = 11
5995+ SELECT_DIR_PAGE = 12
5996+ FINISH_PAGE = 12
5997+
5998+ def __init__(self):
5999+ self.xml = xml
6000+ self.notebook = xml.get_widget ("notebook")
6001+ self.label_dict = {}
6002+ self.tooltip_dict = {}
6003+ label = xml.get_widget ("select_label")
6004+ self.label_dict[label] = label.get_text()
6005+
6006+ label = xml.get_widget ("select_user_roles_label")
6007+ self.label_dict[label] = label.get_text()
6008+
6009+ label = xml.get_widget ("select_dir_label")
6010+ self.label_dict[label] = label.get_text()
6011+
6012+ label = xml.get_widget ("select_domain_admin_label")
6013+ self.label_dict[label] = label.get_text()
6014+
6015+ label = xml.get_widget ("select_in_label")
6016+ self.label_dict[label] = label.get_text()
6017+
6018+ label = xml.get_widget ("select_out_label")
6019+ self.label_dict[label] = label.get_text()
6020+
6021+ label = xml.get_widget ("select_common_label")
6022+ self.label_dict[label] = label.get_text()
6023+
6024+ label = xml.get_widget ("select_manages_label")
6025+ self.label_dict[label] = label.get_text()
6026+
6027+ label = xml.get_widget ("select_booleans_label")
6028+ self.label_dict[label] = label.get_text()
6029+
6030+ label = xml.get_widget ("existing_user_treeview")
6031+ self.tooltip_dict[label] = label.get_tooltip_text()
6032+
6033+ label = xml.get_widget ("transition_treeview")
6034+ self.tooltip_dict[label] = label.get_tooltip_text()
6035+
6036+ label = xml.get_widget ("in_tcp_all_checkbutton")
6037+ self.tooltip_dict[label] = label.get_tooltip_text()
6038+
6039+ label = xml.get_widget ("in_tcp_reserved_checkbutton")
6040+ self.tooltip_dict[label] = label.get_tooltip_text()
6041+
6042+ label = xml.get_widget ("in_tcp_unreserved_checkbutton")
6043+ self.tooltip_dict[label] = label.get_tooltip_text()
6044+
6045+ label = xml.get_widget ("in_tcp_entry")
6046+ self.tooltip_dict[label] = label.get_tooltip_text()
6047+
6048+ label = xml.get_widget ("in_udp_all_checkbutton")
6049+ self.tooltip_dict[label] = label.get_tooltip_text()
6050+
6051+ label = xml.get_widget ("in_udp_reserved_checkbutton")
6052+ self.tooltip_dict[label] = label.get_tooltip_text()
6053+
6054+ label = xml.get_widget ("in_udp_unreserved_checkbutton")
6055+ self.tooltip_dict[label] = label.get_tooltip_text()
6056+
6057+ label = xml.get_widget ("in_udp_entry")
6058+ self.tooltip_dict[label] = label.get_tooltip_text()
6059+
6060+ label = xml.get_widget ("out_tcp_entry")
6061+ self.tooltip_dict[label] = label.get_tooltip_text()
6062+
6063+ label = xml.get_widget ("out_udp_entry")
6064+ self.tooltip_dict[label] = label.get_tooltip_text()
6065+
6066+ label = xml.get_widget ("out_tcp_all_checkbutton")
6067+ self.tooltip_dict[label] = label.get_tooltip_text()
6068+
6069+ label = xml.get_widget ("out_udp_all_checkbutton")
6070+ self.tooltip_dict[label] = label.get_tooltip_text()
6071+
6072+ label = xml.get_widget ("boolean_treeview")
6073+ self.tooltip_dict[label] = label.get_tooltip_text()
6074+
6075+ label = xml.get_widget ("write_treeview")
6076+ self.tooltip_dict[label] = label.get_tooltip_text()
6077+
6078+ try:
6079+ self.all_types = polgen.get_all_types()
6080+ self.all_modules = polgen.get_all_modules()
6081+ self.all_roles = polgen.get_all_roles()
6082+ self.all_users = polgen.get_all_users()
6083+ except RuntimeError, e:
6084+ self.all_types = []
6085+ self.all_modules = []
6086+ self.all_roles = []
6087+ self.all_users = []
6088+ self.error(str(e))
6089+
6090+ self.name=""
6091+ xml.signal_connect("on_delete_clicked", self.delete)
6092+ xml.signal_connect("on_delete_boolean_clicked", self.delete_boolean)
6093+ xml.signal_connect("on_exec_select_clicked", self.exec_select)
6094+ xml.signal_connect("on_init_script_select_clicked", self.init_script_select)
6095+ xml.signal_connect("on_add_clicked", self.add)
6096+ xml.signal_connect("on_add_boolean_clicked", self.add_boolean)
6097+ xml.signal_connect("on_add_dir_clicked", self.add_dir)
6098+ xml.signal_connect("on_about_clicked", self.on_about_clicked)
6099+ xml.get_widget ("cancel_button").connect("clicked",self.quit)
6100+ self.forward_button = xml.get_widget ("forward_button")
6101+ self.forward_button.connect("clicked",self.forward)
6102+ self.back_button = xml.get_widget ("back_button")
6103+ self.back_button.connect("clicked",self.back)
6104+
6105+ self.boolean_dialog = xml.get_widget ("boolean_dialog")
6106+ self.boolean_name_entry = xml.get_widget ("boolean_name_entry")
6107+ self.boolean_description_entry = xml.get_widget ("boolean_description_entry")
6108+
6109+ self.pages={}
6110+ for i in polgen.USERS:
6111+ self.pages[i] = [ self.SELECT_TYPE_PAGE, self.APP_PAGE, self.TRANSITION_PAGE, self.ROLE_PAGE, self.IN_NET_PAGE, self.OUT_NET_PAGE, self.BOOLEAN_PAGE, self.SELECT_DIR_PAGE ]
6112+ self.pages[polgen.RUSER] = [ self.SELECT_TYPE_PAGE, self.APP_PAGE, self.ADMIN_PAGE, self.USER_TRANSITION_PAGE, self.BOOLEAN_PAGE, self.SELECT_DIR_PAGE ]
6113+ self.pages[polgen.LUSER] = [ self.SELECT_TYPE_PAGE, self.APP_PAGE, self.TRANSITION_PAGE, self.IN_NET_PAGE, self.OUT_NET_PAGE, self.BOOLEAN_PAGE, self.SELECT_DIR_PAGE ]
6114+ self.pages[polgen.SANDBOX] = [ self.SELECT_TYPE_PAGE, self.APP_PAGE, self.IN_NET_PAGE, self.OUT_NET_PAGE, self.BOOLEAN_PAGE, self.SELECT_DIR_PAGE]
6115+ self.pages[polgen.EUSER] = [ self.SELECT_TYPE_PAGE, self.EXISTING_USER_PAGE, self.TRANSITION_PAGE, self.ROLE_PAGE, self.IN_NET_PAGE, self.OUT_NET_PAGE, self.BOOLEAN_PAGE, self.SELECT_DIR_PAGE ]
6116+
6117+ for i in polgen.APPLICATIONS:
6118+ self.pages[i] = [ self.SELECT_TYPE_PAGE, self.APP_PAGE, self.IN_NET_PAGE, self.OUT_NET_PAGE, self.COMMON_APPS_PAGE, self.FILES_PAGE, self.BOOLEAN_PAGE, self.SELECT_DIR_PAGE]
6119+ self.pages[polgen.USER] = [ self.SELECT_TYPE_PAGE, self.APP_PAGE, self.USER_TRANSITION_PAGE, self.IN_NET_PAGE, self.OUT_NET_PAGE, self.COMMON_APPS_PAGE, self.FILES_PAGE, self.BOOLEAN_PAGE, self.SELECT_DIR_PAGE ]
6120+
6121+ self.current_page = 0
6122+ self.back_button.set_sensitive(0)
6123+
6124+ self.network_buttons = {}
6125+
6126+ self.in_tcp_all_checkbutton = xml.get_widget ("in_tcp_all_checkbutton")
6127+ self.in_tcp_reserved_checkbutton = xml.get_widget ("in_tcp_reserved_checkbutton")
6128+ self.in_tcp_unreserved_checkbutton = xml.get_widget ("in_tcp_unreserved_checkbutton")
6129+ self.in_tcp_entry = self.xml.get_widget("in_tcp_entry")
6130+ self.network_buttons[self.in_tcp_all_checkbutton] = [ self.in_tcp_reserved_checkbutton, self.in_tcp_unreserved_checkbutton, self.in_tcp_entry ]
6131+
6132+
6133+ self.out_tcp_all_checkbutton = xml.get_widget ("out_tcp_all_checkbutton")
6134+ self.out_tcp_reserved_checkbutton = xml.get_widget ("out_tcp_reserved_checkbutton")
6135+ self.out_tcp_unreserved_checkbutton = xml.get_widget ("out_tcp_unreserved_checkbutton")
6136+ self.out_tcp_entry = self.xml.get_widget("out_tcp_entry")
6137+
6138+ self.network_buttons[self.out_tcp_all_checkbutton] = [ self.out_tcp_entry ]
6139+
6140+ self.in_udp_all_checkbutton = xml.get_widget ("in_udp_all_checkbutton")
6141+ self.in_udp_reserved_checkbutton = xml.get_widget ("in_udp_reserved_checkbutton")
6142+ self.in_udp_unreserved_checkbutton = xml.get_widget ("in_udp_unreserved_checkbutton")
6143+ self.in_udp_entry = self.xml.get_widget("in_udp_entry")
6144+
6145+ self.network_buttons[self.in_udp_all_checkbutton] = [ self.in_udp_reserved_checkbutton, self.in_udp_unreserved_checkbutton, self.in_udp_entry ]
6146+
6147+ self.out_udp_all_checkbutton = xml.get_widget ("out_udp_all_checkbutton")
6148+ self.out_udp_entry = self.xml.get_widget("out_udp_entry")
6149+ self.network_buttons[self.out_udp_all_checkbutton] = [ self.out_udp_entry ]
6150+
6151+ for b in self.network_buttons.keys():
6152+ b.connect("clicked",self.network_all_clicked)
6153+
6154+ self.boolean_treeview = self.xml.get_widget("boolean_treeview")
6155+ self.boolean_store = gtk.ListStore(gobject.TYPE_STRING,gobject.TYPE_STRING)
6156+ self.boolean_treeview.set_model(self.boolean_store)
6157+ self.boolean_store.set_sort_column_id(0, gtk.SORT_ASCENDING)
6158+ col = gtk.TreeViewColumn(_("Name"), gtk.CellRendererText(), text = 0)
6159+ self.boolean_treeview.append_column(col)
6160+ col = gtk.TreeViewColumn(_("Description"), gtk.CellRendererText(), text = 1)
6161+ self.boolean_treeview.append_column(col)
6162+
6163+ self.role_treeview = self.xml.get_widget("role_treeview")
6164+ self.role_store = gtk.ListStore(gobject.TYPE_STRING)
6165+ self.role_treeview.set_model(self.role_store)
6166+ self.role_treeview.get_selection().set_mode(gtk.SELECTION_MULTIPLE)
6167+ self.role_store.set_sort_column_id(0, gtk.SORT_ASCENDING)
6168+ col = gtk.TreeViewColumn(_("Role"), gtk.CellRendererText(), text = 0)
6169+ self.role_treeview.append_column(col)
6170+
6171+ self.existing_user_treeview = self.xml.get_widget("existing_user_treeview")
6172+ self.existing_user_store = gtk.ListStore(gobject.TYPE_STRING)
6173+ self.existing_user_treeview.set_model(self.existing_user_store)
6174+ self.existing_user_store.set_sort_column_id(0, gtk.SORT_ASCENDING)
6175+ col = gtk.TreeViewColumn(_("Existing_User"), gtk.CellRendererText(), text = 0)
6176+ self.existing_user_treeview.append_column(col)
6177+
6178+ for i in self.all_roles:
6179+ iter = self.role_store.append()
6180+ self.role_store.set_value(iter, 0, i[:-2])
6181+
6182+ self.in_tcp_reserved_checkbutton = xml.get_widget ("in_tcp_reserved_checkbutton")
6183+
6184+ self.transition_treeview = self.xml.get_widget("transition_treeview")
6185+ self.transition_store = gtk.ListStore(gobject.TYPE_STRING)
6186+ self.transition_treeview.set_model(self.transition_store)
6187+ self.transition_treeview.get_selection().set_mode(gtk.SELECTION_MULTIPLE)
6188+ self.transition_store.set_sort_column_id(0, gtk.SORT_ASCENDING)
6189+ col = gtk.TreeViewColumn(_("Application"), gtk.CellRendererText(), text = 0)
6190+ self.transition_treeview.append_column(col)
6191+
6192+ self.user_transition_treeview = self.xml.get_widget("user_transition_treeview")
6193+ self.user_transition_store = gtk.ListStore(gobject.TYPE_STRING)
6194+ self.user_transition_treeview.set_model(self.user_transition_store)
6195+ self.user_transition_treeview.get_selection().set_mode(gtk.SELECTION_MULTIPLE)
6196+ self.user_transition_store.set_sort_column_id(0, gtk.SORT_ASCENDING)
6197+ col = gtk.TreeViewColumn(_("Application"), gtk.CellRendererText(), text = 0)
6198+ self.user_transition_treeview.append_column(col)
6199+
6200+ for i in self.all_users:
6201+ iter = self.user_transition_store.append()
6202+ self.user_transition_store.set_value(iter, 0, i[:-2])
6203+ iter = self.existing_user_store.append()
6204+ self.existing_user_store.set_value(iter, 0, i[:-2])
6205+
6206+ self.admin_treeview = self.xml.get_widget("admin_treeview")
6207+ self.admin_store = gtk.ListStore(gobject.TYPE_STRING)
6208+ self.admin_treeview.set_model(self.admin_store)
6209+ self.admin_treeview.get_selection().set_mode(gtk.SELECTION_MULTIPLE)
6210+ self.admin_store.set_sort_column_id(0, gtk.SORT_ASCENDING)
6211+ col = gtk.TreeViewColumn(_("Application"), gtk.CellRendererText(), text = 0)
6212+ self.admin_treeview.append_column(col)
6213+
6214+ for i in polgen.methods:
6215+ m = re.findall("(.*)%s" % polgen.USER_TRANSITION_INTERFACE, i)
6216+ if len(m) > 0:
6217+ if "%s_exec_t" % m[0] in self.all_types:
6218+ iter = self.transition_store.append()
6219+ self.transition_store.set_value(iter, 0, m[0])
6220+ continue
6221+
6222+ m = re.findall("(.*)%s" % polgen.ADMIN_TRANSITION_INTERFACE, i)
6223+ if len(m) > 0:
6224+ iter = self.admin_store.append()
6225+ self.admin_store.set_value(iter, 0, m[0])
6226+ continue
6227+
6228+ def confine_application(self):
6229+ return self.get_type() in polgen.APPLICATIONS
6230+
6231+ def forward(self, arg):
6232+ type = self.get_type()
6233+ if self.current_page == self.START_PAGE:
6234+ self.back_button.set_sensitive(1)
6235+
6236+ if self.pages[type][self.current_page] == self.SELECT_TYPE_PAGE:
6237+ if self.on_select_type_page_next():
6238+ return
6239+
6240+ if self.pages[type][self.current_page] == self.IN_NET_PAGE:
6241+ if self.on_in_net_page_next():
6242+ return
6243+
6244+ if self.pages[type][self.current_page] == self.OUT_NET_PAGE:
6245+ if self.on_out_net_page_next():
6246+ return
6247+
6248+ if self.pages[type][self.current_page] == self.APP_PAGE:
6249+ if self.on_name_page_next():
6250+ return
6251+
6252+ if self.pages[type][self.current_page] == self.EXISTING_USER_PAGE:
6253+ if self.on_existing_user_page_next():
6254+ return
6255+
6256+ if self.pages[type][self.current_page] == self.SELECT_DIR_PAGE:
6257+ outputdir = self.output_entry.get_text()
6258+ if not os.path.isdir(outputdir):
6259+ self.error(_("%s must be a directory") % outputdir )
6260+ return False
6261+
6262+ if self.pages[type][self.current_page] == self.FINISH_PAGE:
6263+ self.generate_policy()
6264+ self.xml.get_widget ("cancel_button").set_label(gtk.STOCK_CLOSE)
6265+ else:
6266+ self.current_page = self.current_page + 1
6267+ self.notebook.set_current_page(self.pages[type][self.current_page])
6268+ if self.pages[type][self.current_page] == self.FINISH_PAGE:
6269+ self.forward_button.set_label(gtk.STOCK_APPLY)
6270+
6271+ def back(self,arg):
6272+ type = self.get_type()
6273+ if self.pages[type][self.current_page] == self.FINISH_PAGE:
6274+ self.forward_button.set_label(gtk.STOCK_GO_FORWARD)
6275+
6276+ self.current_page = self.current_page - 1
6277+ self.notebook.set_current_page(self.pages[type][self.current_page])
6278+ if self.pages[type][self.current_page] == self.START_PAGE:
6279+ self.back_button.set_sensitive(0)
6280+
6281+ def network_all_clicked(self, button):
6282+ active = button.get_active()
6283+ for b in self.network_buttons[button]:
6284+ b.set_sensitive(not active)
6285+
6286+ def verify(self, message, title="" ):
6287+ dlg = gtk.MessageDialog(None, 0, gtk.MESSAGE_INFO,
6288+ gtk.BUTTONS_YES_NO,
6289+ message)
6290+ dlg.set_title(title)
6291+ dlg.set_position(gtk.WIN_POS_MOUSE)
6292+ dlg.show_all()
6293+ rc = dlg.run()
6294+ dlg.destroy()
6295+ return rc
6296+
6297+ def info(self, message):
6298+ dlg = gtk.MessageDialog(None, 0, gtk.MESSAGE_INFO,
6299+ gtk.BUTTONS_OK,
6300+ message)
6301+ dlg.set_position(gtk.WIN_POS_MOUSE)
6302+ dlg.show_all()
6303+ dlg.run()
6304+ dlg.destroy()
6305+
6306+ def error(self, message):
6307+ dlg = gtk.MessageDialog(None, 0, gtk.MESSAGE_ERROR,
6308+ gtk.BUTTONS_CLOSE,
6309+ message)
6310+ dlg.set_position(gtk.WIN_POS_MOUSE)
6311+ dlg.show_all()
6312+ dlg.run()
6313+ dlg.destroy()
6314+
6315+ def get_name(self):
6316+ if self.existing_user_radiobutton.get_active():
6317+ store, iter = self.existing_user_treeview.get_selection().get_selected()
6318+ if iter == None:
6319+ raise ValueError(_("You must select a user"))
6320+ return store.get_value(iter, 0)
6321+ else:
6322+ return self.name_entry.get_text()
6323+
6324+ def get_type(self):
6325+ if self.sandbox_radiobutton.get_active():
6326+ return polgen.SANDBOX
6327+ if self.cgi_radiobutton.get_active():
6328+ return polgen.CGI
6329+ if self.user_radiobutton.get_active():
6330+ return polgen.USER
6331+ if self.init_radiobutton.get_active():
6332+ return polgen.DAEMON
6333+ if self.dbus_radiobutton.get_active():
6334+ return polgen.DBUS
6335+ if self.inetd_radiobutton.get_active():
6336+ return polgen.INETD
6337+ if self.login_user_radiobutton.get_active():
6338+ return polgen.LUSER
6339+ if self.admin_user_radiobutton.get_active():
6340+ return polgen.AUSER
6341+ if self.xwindows_user_radiobutton.get_active():
6342+ return polgen.XUSER
6343+ if self.terminal_user_radiobutton.get_active():
6344+ return polgen.TUSER
6345+ if self.root_user_radiobutton.get_active():
6346+ return polgen.RUSER
6347+ if self.existing_user_radiobutton.get_active():
6348+ return polgen.EUSER
6349+
6350+ def generate_policy(self, *args):
6351+ outputdir = self.output_entry.get_text()
6352+ try:
6353+ my_policy=polgen.policy(self.get_name(), self.get_type())
6354+
6355+ iter= self.boolean_store.get_iter_first()
6356+ while(iter):
6357+ my_policy.add_boolean(self.boolean_store.get_value(iter, 0), self.boolean_store.get_value(iter, 1))
6358+ iter= self.boolean_store.iter_next(iter)
6359+
6360+ if self.get_type() in polgen.APPLICATIONS:
6361+ my_policy.set_program(self.exec_entry.get_text())
6362+ my_policy.gen_symbols()
6363+
6364+ my_policy.set_use_syslog(self.syslog_checkbutton.get_active() == 1)
6365+ my_policy.set_use_tmp(self.tmp_checkbutton.get_active() == 1)
6366+ my_policy.set_use_uid(self.uid_checkbutton.get_active() == 1)
6367+ my_policy.set_use_pam(self.pam_checkbutton.get_active() == 1)
6368+
6369+ my_policy.set_use_dbus(self.dbus_checkbutton.get_active() == 1)
6370+ my_policy.set_use_audit(self.audit_checkbutton.get_active() == 1)
6371+ my_policy.set_use_terminal(self.terminal_checkbutton.get_active() == 1)
6372+ my_policy.set_use_mail(self.mail_checkbutton.get_active() == 1)
6373+ if self.get_type() is polgen.DAEMON:
6374+ my_policy.set_init_script(self.init_script_entry.get_text())
6375+ if self.get_type() == polgen.USER:
6376+ selected = []
6377+ self.user_transition_treeview.get_selection().selected_foreach(foreach, selected)
6378+ my_policy.set_transition_users(selected)
6379+ else:
6380+ if self.get_type() == polgen.RUSER:
6381+ selected = []
6382+ self.admin_treeview.get_selection().selected_foreach(foreach, selected)
6383+ my_policy.set_admin_domains(selected)
6384+ selected = []
6385+ self.user_transition_treeview.get_selection().selected_foreach(foreach, selected)
6386+ my_policy.set_transition_users(selected)
6387+ else:
6388+ selected = []
6389+ self.transition_treeview.get_selection().selected_foreach(foreach, selected)
6390+ my_policy.set_transition_domains(selected)
6391+
6392+ selected = []
6393+ self.role_treeview.get_selection().selected_foreach(foreach, selected)
6394+ my_policy.set_admin_roles(selected)
6395+
6396+ my_policy.set_in_tcp(self.in_tcp_all_checkbutton.get_active(), self.in_tcp_reserved_checkbutton.get_active(), self.in_tcp_unreserved_checkbutton.get_active(), self.in_tcp_entry.get_text())
6397+ my_policy.set_in_udp(self.in_udp_all_checkbutton.get_active(), self.in_udp_reserved_checkbutton.get_active(), self.in_udp_unreserved_checkbutton.get_active(), self.in_udp_entry.get_text())
6398+ my_policy.set_out_tcp(self.out_tcp_all_checkbutton.get_active(), self.out_tcp_entry.get_text())
6399+ my_policy.set_out_udp(self.out_udp_all_checkbutton.get_active(), self.out_udp_entry.get_text())
6400+
6401+ iter= self.store.get_iter_first()
6402+ while(iter):
6403+ if self.store.get_value(iter, 1) == FILE:
6404+ my_policy.add_file(self.store.get_value(iter, 0))
6405+ else:
6406+ my_policy.add_dir(self.store.get_value(iter, 0))
6407+ iter= self.store.iter_next(iter)
6408+
6409+ self.info(my_policy.generate(outputdir))
6410+ return False
6411+ except ValueError, e:
6412+ self.error(e.message)
6413+
6414+ def delete(self, args):
6415+ store, iter = self.view.get_selection().get_selected()
6416+ if iter != None:
6417+ store.remove(iter)
6418+ self.view.get_selection().select_path ((0,))
6419+
6420+ def delete_boolean(self, args):
6421+ store, iter = self.boolean_treeview.get_selection().get_selected()
6422+ if iter != None:
6423+ store.remove(iter)
6424+ self.boolean_treeview.get_selection().select_path ((0,))
6425+
6426+ def add_boolean(self,type):
6427+ self.boolean_name_entry.set_text("")
6428+ self.boolean_description_entry.set_text("")
6429+ rc = self.boolean_dialog.run()
6430+ self.boolean_dialog.hide()
6431+ if rc == gtk.RESPONSE_CANCEL:
6432+ return
6433+ iter = self.boolean_store.append()
6434+ self.boolean_store.set_value(iter, 0, self.boolean_name_entry.get_text())
6435+ self.boolean_store.set_value(iter, 1, self.boolean_description_entry.get_text())
6436+
6437+ def __add(self,type):
6438+ rc = self.file_dialog.run()
6439+ self.file_dialog.hide()
6440+ if rc == gtk.RESPONSE_CANCEL:
6441+ return
6442+ for i in self.file_dialog.get_filenames():
6443+ iter = self.store.append()
6444+ self.store.set_value(iter, 0, i)
6445+ self.store.set_value(iter, 1, type)
6446+
6447+ def exec_select(self, args):
6448+ self.file_dialog.set_select_multiple(0)
6449+ self.file_dialog.set_title(_("Select executable file to be confined."))
6450+ self.file_dialog.set_action(gtk.FILE_CHOOSER_ACTION_OPEN)
6451+ self.file_dialog.set_current_folder("/usr/sbin")
6452+ rc = self.file_dialog.run()
6453+ self.file_dialog.hide()
6454+ if rc == gtk.RESPONSE_CANCEL:
6455+ return
6456+ self.exec_entry.set_text(self.file_dialog.get_filename())
6457+
6458+ def init_script_select(self, args):
6459+ self.file_dialog.set_select_multiple(0)
6460+ self.file_dialog.set_title(_("Select init script file to be confined."))
6461+ self.file_dialog.set_action(gtk.FILE_CHOOSER_ACTION_OPEN)
6462+ self.file_dialog.set_current_folder("/etc/rc.d/init.d")
6463+ rc = self.file_dialog.run()
6464+ self.file_dialog.hide()
6465+ if rc == gtk.RESPONSE_CANCEL:
6466+ return
6467+ self.init_script_entry.set_text(self.file_dialog.get_filename())
6468+
6469+ def add(self, args):
6470+ self.file_dialog.set_title(_("Select file(s) that confined application creates or writes"))
6471+ self.file_dialog.set_current_folder("/")
6472+ self.file_dialog.set_action(gtk.FILE_CHOOSER_ACTION_OPEN)
6473+ self.file_dialog.set_select_multiple(1)
6474+ self.__add(FILE)
6475+
6476+ def add_dir(self, args):
6477+ self.file_dialog.set_title(_("Select directory(s) that the confined application owns and writes into"))
6478+ self.file_dialog.set_current_folder("/")
6479+ self.file_dialog.set_select_multiple(1)
6480+ self.file_dialog.set_action(gtk.FILE_CHOOSER_ACTION_SELECT_FOLDER)
6481+ self.__add(DIR)
6482+
6483+ def on_about_clicked(self, args):
6484+ dlg = xml.get_widget ("about_dialog")
6485+ dlg.run ()
6486+ dlg.hide ()
6487+
6488+ def quit(self, args):
6489+ gtk.main_quit()
6490+
6491+ def setupScreen(self):
6492+ # Bring in widgets from glade file.
6493+ self.mainWindow = self.xml.get_widget("main_window")
6494+ self.druid = self.xml.get_widget("druid")
6495+ self.type = 0
6496+ self.name_entry = self.xml.get_widget("name_entry")
6497+ self.name_entry.connect("insert_text",self.on_name_entry_changed)
6498+ self.name_entry.connect("focus_out_event",self.on_focus_out_event)
6499+ self.exec_entry = self.xml.get_widget("exec_entry")
6500+ self.exec_button = self.xml.get_widget("exec_button")
6501+ self.init_script_entry = self.xml.get_widget("init_script_entry")
6502+ self.init_script_button = self.xml.get_widget("init_script_button")
6503+ self.output_entry = self.xml.get_widget("output_entry")
6504+ self.output_entry.set_text(os.getcwd())
6505+ self.xml.get_widget("output_button").connect("clicked",self.output_button_clicked)
6506+
6507+ self.xwindows_user_radiobutton = self.xml.get_widget("xwindows_user_radiobutton")
6508+ self.terminal_user_radiobutton = self.xml.get_widget("terminal_user_radiobutton")
6509+ self.root_user_radiobutton = self.xml.get_widget("root_user_radiobutton")
6510+ self.login_user_radiobutton = self.xml.get_widget("login_user_radiobutton")
6511+ self.admin_user_radiobutton = self.xml.get_widget("admin_user_radiobutton")
6512+ self.existing_user_radiobutton = self.xml.get_widget("existing_user_radiobutton")
6513+
6514+ self.user_radiobutton = self.xml.get_widget("user_radiobutton")
6515+ self.init_radiobutton = self.xml.get_widget("init_radiobutton")
6516+ self.inetd_radiobutton = self.xml.get_widget("inetd_radiobutton")
6517+ self.dbus_radiobutton = self.xml.get_widget("dbus_radiobutton")
6518+ self.cgi_radiobutton = self.xml.get_widget("cgi_radiobutton")
6519+ self.sandbox_radiobutton = self.xml.get_widget("sandbox_radiobutton")
6520+ self.tmp_checkbutton = self.xml.get_widget("tmp_checkbutton")
6521+ self.uid_checkbutton = self.xml.get_widget("uid_checkbutton")
6522+ self.pam_checkbutton = self.xml.get_widget("pam_checkbutton")
6523+ self.dbus_checkbutton = self.xml.get_widget("dbus_checkbutton")
6524+ self.audit_checkbutton = self.xml.get_widget("audit_checkbutton")
6525+ self.terminal_checkbutton = self.xml.get_widget("terminal_checkbutton")
6526+ self.mail_checkbutton = self.xml.get_widget("mail_checkbutton")
6527+ self.syslog_checkbutton = self.xml.get_widget("syslog_checkbutton")
6528+ self.view = self.xml.get_widget("write_treeview")
6529+ self.file_dialog = self.xml.get_widget("filechooserdialog")
6530+
6531+ self.store = gtk.ListStore(gobject.TYPE_STRING, gobject.TYPE_INT)
6532+ self.view.set_model(self.store)
6533+ col = gtk.TreeViewColumn("", gtk.CellRendererText(), text = 0)
6534+ col.set_resizable(True)
6535+ self.view.append_column(col)
6536+ self.view.get_selection().select_path ((0,))
6537+
6538+ def output_button_clicked(self, *args):
6539+ self.file_dialog.set_title(_("Select directory to generate policy files in"))
6540+ self.file_dialog.set_action(gtk.FILE_CHOOSER_ACTION_SELECT_FOLDER)
6541+ self.file_dialog.set_select_multiple(0)
6542+ rc = self.file_dialog.run()
6543+ self.file_dialog.hide()
6544+ if rc == gtk.RESPONSE_CANCEL:
6545+ return
6546+ self.output_entry.set_text(self.file_dialog.get_filename())
6547+
6548+ def on_name_entry_changed(self, entry, text, size, position):
6549+ if text.find(" ") >= 0:
6550+ entry.emit_stop_by_name("insert_text")
6551+
6552+ def on_focus_out_event(self, entry, third):
6553+ name = entry.get_text()
6554+ if self.name != name:
6555+ if name in self.all_types:
6556+ if self.verify(_("Type %s_t already defined in current policy.\nDo you want to continue?") % name, _("Verify Name")) == gtk.RESPONSE_NO:
6557+ entry.set_text("")
6558+ return False
6559+ if name in self.all_modules:
6560+ if self.verify(_("Module %s.pp already loaded in current policy.\nDo you want to continue?") % name, _("Verify Name")) == gtk.RESPONSE_NO:
6561+ entry.set_text("")
6562+ return False
6563+
6564+ file = "/etc/rc.d/init.d/" + name
6565+ if os.path.isfile(file) and self.init_script_entry.get_text() == "":
6566+ self.init_script_entry.set_text(file)
6567+
6568+ file = "/usr/sbin/" + name
6569+ if os.path.isfile(file) and self.exec_entry.get_text() == "":
6570+ self.exec_entry.set_text(file)
6571+
6572+ self.name = name
6573+ return False
6574+
6575+ def on_in_net_page_next(self, *args):
6576+ try:
6577+ polgen.verify_ports(self.in_tcp_entry.get_text())
6578+ polgen.verify_ports(self.in_udp_entry.get_text())
6579+ except ValueError, e:
6580+ self.error(e.message)
6581+ return True
6582+
6583+ def on_out_net_page_next(self, *args):
6584+ try:
6585+ polgen.verify_ports(self.out_tcp_entry.get_text())
6586+ polgen.verify_ports(self.out_udp_entry.get_text())
6587+ except ValueError, e:
6588+ self.error(e.message)
6589+ return True
6590+
6591+ def on_select_type_page_next(self, *args):
6592+ self.exec_entry.set_sensitive(self.confine_application())
6593+ self.exec_button.set_sensitive(self.confine_application())
6594+ self.init_script_entry.set_sensitive(self.init_radiobutton.get_active())
6595+ self.init_script_button.set_sensitive(self.init_radiobutton.get_active())
6596+
6597+ def on_existing_user_page_next(self, *args):
6598+ store, iter = self.view.get_selection().get_selected()
6599+ if iter != None:
6600+ self.error(_("You must select a user"))
6601+ return True
6602+
6603+ def on_name_page_next(self, *args):
6604+ name=self.name_entry.get_text()
6605+ if not name.isalnum():
6606+ self.error(_("You must add a name made up of letters and numbers and containing no spaces."))
6607+ return True
6608+
6609+ for i in self.label_dict:
6610+ text = '<b>%s</b>' % (self.label_dict[i] % ("'" + name + "'"))
6611+ i.set_markup(text)
6612+
6613+ for i in self.tooltip_dict:
6614+ text = self.tooltip_dict[i] % ("'" + name + "'")
6615+ i.set_tooltip_text(text)
6616+
6617+ if self.confine_application():
6618+ exe = self.exec_entry.get_text()
6619+ if exe == "":
6620+ self.error(_("You must enter a executable"))
6621+ return True
6622+ policy=polgen.policy(name, self.get_type())
6623+ policy.set_program(exe)
6624+ policy.gen_writeable()
6625+ policy.gen_symbols()
6626+ for f in policy.files.keys():
6627+ iter = self.store.append()
6628+ self.store.set_value(iter, 0, f)
6629+ self.store.set_value(iter, 1, FILE)
6630+
6631+ for f in policy.dirs.keys():
6632+ iter = self.store.append()
6633+ self.store.set_value(iter, 0, f)
6634+ self.store.set_value(iter, 1, DIR)
6635+ self.tmp_checkbutton.set_active(policy.use_tmp)
6636+ self.uid_checkbutton.set_active(policy.use_uid)
6637+ self.pam_checkbutton.set_active(policy.use_pam)
6638+ self.dbus_checkbutton.set_active(policy.use_dbus)
6639+ self.audit_checkbutton.set_active(policy.use_audit)
6640+ self.terminal_checkbutton.set_active(policy.use_terminal)
6641+ self.mail_checkbutton.set_active(policy.use_mail)
6642+ self.syslog_checkbutton.set_active(policy.use_syslog)
6643+
6644+ def stand_alone(self):
6645+ desktopName = _("Configue SELinux")
6646+
6647+ self.setupScreen()
6648+ self.mainWindow.connect("destroy", self.quit)
6649+
6650+ self.mainWindow.show_all()
6651+ gtk.main()
6652+
6653+if __name__ == "__main__":
6654+ signal.signal (signal.SIGINT, signal.SIG_DFL)
6655+
6656+ app = childWindow()
6657+ app.stand_alone()
6658diff -up policycoreutils-2.1.8/gui/polgen.py.gui policycoreutils-2.1.8/gui/polgen.py
6659--- policycoreutils-2.1.8/gui/polgen.py.gui 2011-11-07 15:12:01.905834233 -0500
6660+++ policycoreutils-2.1.8/gui/polgen.py 2011-11-07 15:12:39.045857808 -0500
6661@@ -0,0 +1,1351 @@
6662+#!/usr/bin/python -Es
6663+#
6664+# Copyright (C) 2007-2011 Red Hat
6665+# see file 'COPYING' for use and warranty information
6666+#
6667+# policygentool is a tool for the initial generation of SELinux policy
6668+#
6669+# This program is free software; you can redistribute it and/or
6670+# modify it under the terms of the GNU General Public License as
6671+# published by the Free Software Foundation; either version 2 of
6672+# the License, or (at your option) any later version.
6673+#
6674+# This program is distributed in the hope that it will be useful,
6675+# but WITHOUT ANY WARRANTY; without even the implied warranty of
6676+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
6677+# GNU General Public License for more details.
6678+#
6679+# You should have received a copy of the GNU General Public License
6680+# along with this program; if not, write to the Free Software
6681+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
6682+# 02111-1307 USA
6683+#
6684+#
6685+import os, sys, stat
6686+import re
6687+import commands
6688+import setools
6689+
6690+from templates import executable
6691+from templates import boolean
6692+from templates import etc_rw
6693+from templates import var_cache
6694+from templates import var_spool
6695+from templates import var_lib
6696+from templates import var_log
6697+from templates import var_run
6698+from templates import tmp
6699+from templates import rw
6700+from templates import network
6701+from templates import script
6702+from templates import user
6703+import sepolgen.interfaces as interfaces
6704+import sepolgen.defaults as defaults
6705+
6706+##
6707+## I18N
6708+##
6709+PROGNAME="policycoreutils"
6710+
6711+import gettext
6712+gettext.bindtextdomain(PROGNAME, "/usr/share/locale")
6713+gettext.textdomain(PROGNAME)
6714+try:
6715+ gettext.install(PROGNAME,
6716+ localedir="/usr/share/locale",
6717+ unicode=False,
6718+ codeset = 'utf-8')
6719+except IOError:
6720+ import __builtin__
6721+ __builtin__.__dict__['_'] = unicode
6722+
6723+methods = []
6724+fn = defaults.interface_info()
6725+try:
6726+ fd = open(fn)
6727+ # List of per_role_template interfaces
6728+ ifs = interfaces.InterfaceSet()
6729+ ifs.from_file(fd)
6730+ methods = ifs.interfaces.keys()
6731+ fd.close()
6732+except:
6733+ sys.stderr.write("could not open interface info [%s]\n" % fn)
6734+ sys.exit(1)
6735+
6736+all_types = None
6737+def get_all_types():
6738+ global all_types
6739+ if all_types == None:
6740+ all_types = map(lambda x: x['name'], setools.seinfo(setools.TYPE))
6741+ return all_types
6742+
6743+def get_all_ports():
6744+ dict = {}
6745+ for p in setools.seinfo(setools.PORT):
6746+ if p['type'] == "reserved_port_t" or \
6747+ p['type'] == "port_t" or \
6748+ p['type'] == "hi_reserved_port_t":
6749+ continue
6750+ dict[(p['low'], p['high'], p['protocol'])]=(p['type'], p['range'])
6751+ return dict
6752+
6753+def get_all_roles():
6754+ roles = map(lambda x: x['name'], setools.seinfo(setools.ROLE))
6755+ roles.remove("object_r")
6756+ roles.sort()
6757+ return roles
6758+
6759+def get_all_attributes():
6760+ attributes = map(lambda x: x['name'], setools.seinfo(setools.ATTRIBUTE))
6761+ attributes.sort()
6762+ return attributes
6763+
6764+def get_all_domains():
6765+ all_domains = []
6766+ types=get_all_types()
6767+ types.sort()
6768+ for i in types:
6769+ m = re.findall("(.*)%s" % "_exec_t$", i)
6770+ if len(m) > 0:
6771+ if len(re.findall("(.*)%s" % "_initrc$", m[0])) == 0 and m[0] not in all_domains:
6772+ all_domains.append(m[0])
6773+ return all_domains
6774+
6775+def get_all_modules():
6776+ try:
6777+ all_modules = []
6778+ rc, output=commands.getstatusoutput("semodule -l 2>/dev/null")
6779+ if rc == 0:
6780+ l = output.split("\n")
6781+ for i in l:
6782+ all_modules.append(i.split()[0])
6783+ except:
6784+ pass
6785+
6786+ return all_modules
6787+
6788+def get_all_users():
6789+ users = map(lambda x: x['name'], setools.seinfo(setools.USER))
6790+ users.remove("system_u")
6791+ users.remove("root")
6792+ users.sort()
6793+ return users
6794+
6795+ALL = 0
6796+RESERVED = 1
6797+UNRESERVED = 2
6798+PORTS = 3
6799+ADMIN_TRANSITION_INTERFACE = "_admin$"
6800+USER_TRANSITION_INTERFACE = "_role$"
6801+
6802+DAEMON = 0
6803+DBUS = 1
6804+INETD = 2
6805+USER = 3
6806+CGI = 4
6807+XUSER = 5
6808+TUSER = 6
6809+LUSER = 7
6810+AUSER = 8
6811+EUSER = 9
6812+RUSER = 10
6813+SANDBOX = 11
6814+
6815+poltype={}
6816+poltype[DAEMON] = _("Standard Init Daemon")
6817+poltype[DBUS] = _("DBUS System Daemon")
6818+poltype[INETD] = _("Internet Services Daemon")
6819+poltype[CGI] = _("Web Application/Script (CGI)")
6820+poltype[USER] = _("User Application")
6821+poltype[TUSER] = _("Minimal Terminal User Role")
6822+poltype[XUSER] = _("Minimal X Windows User Role")
6823+poltype[LUSER] = _("User Role")
6824+poltype[AUSER] = _("Admin User Role")
6825+poltype[RUSER] = _("Root Admin User Role")
6826+poltype[SANDBOX] = _("Sandbox")
6827+
6828+APPLICATIONS = [ DAEMON, DBUS, INETD, USER, CGI ]
6829+USERS = [ XUSER, TUSER, LUSER, AUSER, EUSER, RUSER]
6830+
6831+def verify_ports(ports):
6832+ if ports == "":
6833+ return []
6834+ max_port=2**16
6835+ try:
6836+ temp = []
6837+ for a in ports.split(","):
6838+ r = a.split("-")
6839+ if len(r) > 2:
6840+ raise ValueError
6841+ if len(r) == 1:
6842+ begin = int (r[0])
6843+ end = int (r[0])
6844+ else:
6845+ begin = int (r[0])
6846+ end = int (r[1])
6847+
6848+ if begin > end:
6849+ raise ValueError
6850+
6851+ for p in range(begin, end + 1):
6852+ if p < 1 or p > max_port:
6853+ raise ValueError
6854+ temp.append(p)
6855+ return temp
6856+ except ValueError:
6857+ raise ValueError(_("Ports must be numbers or ranges of numbers from 1 to %d " % max_port ))
6858+
6859+class policy:
6860+
6861+ def __init__(self, name, type):
6862+ self.ports = []
6863+ try:
6864+ self.ports = get_all_ports()
6865+ except ValueError, e:
6866+ print "Can not get port types, must be root for this information"
6867+ except RuntimeError, e:
6868+ print "Can not get port types", e
6869+
6870+ self.symbols = {}
6871+ self.symbols["openlog"] = "set_use_kerberos(True)"
6872+ self.symbols["openlog"] = "set_use_kerb_rcache(True)"
6873+ self.symbols["openlog"] = "set_use_syslog(True)"
6874+ self.symbols["gethostby"] = "set_use_resolve(True)"
6875+ self.symbols["getaddrinfo"] = "set_use_resolve(True)"
6876+ self.symbols["getnameinfo"] = "set_use_resolve(True)"
6877+ self.symbols["krb"] = "set_use_kerberos(True)"
6878+ self.symbols["gss_accept_sec_context"] = "set_manage_krb5_rcache(True)"
6879+ self.symbols["krb5_verify_init_creds"] = "set_manage_krb5_rcache(True)"
6880+ self.symbols["krb5_rd_req"] = "set_manage_krb5_rcache(True)"
6881+ self.symbols["__syslog_chk"] = "set_use_syslog(True)"
6882+ self.symbols["getpwnam"] = "set_use_uid(True)"
6883+ self.symbols["getpwuid"] = "set_use_uid(True)"
6884+ self.symbols["dbus_"] = "set_use_dbus(True)"
6885+ self.symbols["pam_"] = "set_use_pam(True)"
6886+ self.symbols["pam_"] = "set_use_audit(True)"
6887+ self.symbols["fork"] = "add_process('fork')"
6888+ self.symbols["transition"] = "add_process('transition')"
6889+ self.symbols["sigchld"] = "add_process('sigchld')"
6890+ self.symbols["sigkill"] = "add_process('sigkill')"
6891+ self.symbols["sigstop"] = "add_process('sigstop')"
6892+ self.symbols["signull"] = "add_process('signull')"
6893+ self.symbols["signal"] = "add_process('signal')"
6894+ self.symbols["ptrace"] = "add_process('ptrace')"
6895+ self.symbols["getsched"] = "add_process('getsched')"
6896+ self.symbols["setsched"] = "add_process('setsched')"
6897+ self.symbols["getsession"] = "add_process('getsession')"
6898+ self.symbols["getpgid"] = "add_process('getpgid')"
6899+ self.symbols["setpgid"] = "add_process('setpgid')"
6900+ self.symbols["getcap"] = "add_process('getcap')"
6901+ self.symbols["setcap"] = "add_process('setcap')"
6902+ self.symbols["share"] = "add_process('share')"
6903+ self.symbols["getattr"] = "add_process('getattr')"
6904+ self.symbols["setexec"] = "add_process('setexec')"
6905+ self.symbols["setfscreate"] = "add_process('setfscreate')"
6906+ self.symbols["noatsecure"] = "add_process('noatsecure')"
6907+ self.symbols["siginh"] = "add_process('siginh')"
6908+ self.symbols["setrlimit"] = "add_process('setrlimit')"
6909+ self.symbols["rlimitinh"] = "add_process('rlimitinh')"
6910+ self.symbols["dyntransition"] = "add_process('dyntransition')"
6911+ self.symbols["setcurrent"] = "add_process('setcurrent')"
6912+ self.symbols["execmem"] = "add_process('execmem')"
6913+ self.symbols["execstack"] = "add_process('execstack')"
6914+ self.symbols["execheap"] = "add_process('execheap')"
6915+ self.symbols["setkeycreate"] = "add_process('setkeycreate')"
6916+ self.symbols["setsockcreate"] = "add_process('setsockcreate')"
6917+
6918+ self.symbols["chown"] = "add_capability('chown')"
6919+ self.symbols["dac_override"] = "add_capability('dac_override')"
6920+ self.symbols["dac_read_search"] = "add_capability('dac_read_search')"
6921+ self.symbols["fowner"] = "add_capability('fowner')"
6922+ self.symbols["fsetid"] = "add_capability('fsetid')"
6923+ self.symbols["kill"] = "add_capability('kill')"
6924+ self.symbols["setgid"] = "add_capability('setgid')"
6925+ self.symbols["setresuid"] = "add_capability('setuid')"
6926+ self.symbols["setuid"] = "add_capability('setuid')"
6927+ self.symbols["setpcap"] = "add_capability('setpcap')"
6928+ self.symbols["linux_immutable"] = "add_capability('linux_immutable')"
6929+ self.symbols["net_bind_service"] = "add_capability('net_bind_service')"
6930+ self.symbols["net_broadcast"] = "add_capability('net_broadcast')"
6931+ self.symbols["net_admin"] = "add_capability('net_admin')"
6932+ self.symbols["net_raw"] = "add_capability('net_raw')"
6933+ self.symbols["ipc_lock"] = "add_capability('ipc_lock')"
6934+ self.symbols["ipc_owner"] = "add_capability('ipc_owner')"
6935+ self.symbols["sys_module"] = "add_capability('sys_module')"
6936+ self.symbols["sys_rawio"] = "add_capability('sys_rawio')"
6937+ self.symbols["chroot"] = "add_capability('sys_chroot')"
6938+ self.symbols["sys_chroot"] = "add_capability('sys_chroot')"
6939+ self.symbols["sys_ptrace"] = "add_capability('sys_ptrace')"
6940+ self.symbols["sys_pacct"] = "add_capability('sys_pacct')"
6941+ self.symbols["mount"] = "add_capability('sys_admin')"
6942+ self.symbols["unshare"] = "add_capability('sys_admin')"
6943+ self.symbols["sys_admin"] = "add_capability('sys_admin')"
6944+ self.symbols["sys_boot"] = "add_capability('sys_boot')"
6945+ self.symbols["sys_nice"] = "add_capability('sys_nice')"
6946+ self.symbols["sys_resource"] = "add_capability('sys_resource')"
6947+ self.symbols["sys_time"] = "add_capability('sys_time')"
6948+ self.symbols["sys_tty_config"] = "add_capability('sys_tty_config')"
6949+ self.symbols["mknod"] = "add_capability('mknod')"
6950+ self.symbols["lease"] = "add_capability('lease')"
6951+ self.symbols["audit_write"] = "add_capability('audit_write')"
6952+ self.symbols["audit_control"] = "add_capability('audit_control')"
6953+ self.symbols["setfcap"] = "add_capability('setfcap')"
6954+
6955+ self.DEFAULT_DIRS = {}
6956+ self.DEFAULT_DIRS["/etc"] = ["etc_rw", [], etc_rw];
6957+ self.DEFAULT_DIRS["/tmp"] = ["tmp", [], tmp];
6958+ self.DEFAULT_DIRS["rw"] = ["rw", [], rw];
6959+ self.DEFAULT_DIRS["/var/cache"] = ["var_cache", [], var_cache];
6960+ self.DEFAULT_DIRS["/var/lib"] = ["var_lib", [], var_lib];
6961+ self.DEFAULT_DIRS["/var/log"] = ["var_log", [], var_log];
6962+ self.DEFAULT_DIRS["/var/run"] = ["var_run", [], var_run];
6963+ self.DEFAULT_DIRS["/var/spool"] = ["var_spool", [], var_spool];
6964+
6965+ self.DEFAULT_KEYS=["/etc", "/var/cache", "/var/log", "/tmp", "rw", "/var/lib", "/var/run", "/var/spool"]
6966+
6967+ self.DEFAULT_TYPES = (\
6968+( self.generate_daemon_types, self.generate_daemon_rules), \
6969+( self.generate_dbusd_types, self.generate_dbusd_rules), \
6970+( self.generate_inetd_types, self.generate_inetd_rules), \
6971+( self.generate_userapp_types, self.generate_userapp_rules), \
6972+( self.generate_cgi_types, self.generate_cgi_rules), \
6973+( self.generate_x_login_user_types, self.generate_x_login_user_rules), \
6974+( self.generate_min_login_user_types, self.generate_login_user_rules), \
6975+( self.generate_login_user_types, self.generate_login_user_rules), \
6976+( self.generate_admin_user_types, self.generate_login_user_rules), \
6977+( self.generate_existing_user_types, self.generate_existing_user_rules), \
6978+( self.generate_root_user_types, self.generate_root_user_rules), \
6979+( self.generate_sandbox_types, self.generate_sandbox_rules))
6980+ if name == "":
6981+ raise ValueError(_("You must enter a name for your confined process/user"))
6982+ if not name.isalnum():
6983+ raise ValueError(_("Name must be alpha numberic with no spaces. Consider using option \"-n MODULENAME\""))
6984+
6985+ if type == CGI:
6986+ self.name = "httpd_%s_script" % name
6987+ else:
6988+ self.name = name
6989+
6990+ self.file_name = name
6991+
6992+ self.capabilities = []
6993+ self.processes = []
6994+ self.type = type
6995+ self.initscript = ""
6996+ self.program = ""
6997+ self.in_tcp = [False, False, False, []]
6998+ self.in_udp = [False, False, False, []]
6999+ self.out_tcp = [False, False, False, []]
7000+ self.out_udp = [False, False, False, []]
7001+ self.use_resolve = False
7002+ self.use_tmp = False
7003+ self.use_uid = False
7004+ self.use_syslog = False
7005+ self.use_kerberos = False
7006+ self.manage_krb5_rcache = False
7007+ self.use_pam = False
7008+ self.use_dbus = False
7009+ self.use_audit = False
7010+ self.use_etc = True
7011+ self.use_localization = True
7012+ self.use_fd = True
7013+ self.use_terminal = False
7014+ self.use_mail = False
7015+ self.booleans = {}
7016+ self.files = {}
7017+ self.dirs = {}
7018+ self.found_tcp_ports=[]
7019+ self.found_udp_ports=[]
7020+ self.need_tcp_type=False
7021+ self.need_udp_type=False
7022+ self.admin_domains = []
7023+ self.transition_domains = []
7024+ self.transition_users = []
7025+ self.roles = []
7026+
7027+ def __isnetset(self, l):
7028+ return l[ALL] or l[RESERVED] or l[UNRESERVED] or len(l[PORTS]) > 0
7029+
7030+ def set_admin_domains(self, admin_domains):
7031+ self.admin_domains = admin_domains
7032+
7033+ def set_admin_roles(self, roles):
7034+ self.roles = roles
7035+
7036+ def set_transition_domains(self, transition_domains):
7037+ self.transition_domains = transition_domains
7038+
7039+ def set_transition_users(self, transition_users):
7040+ self.transition_users = transition_users
7041+
7042+ def use_in_udp(self):
7043+ return self.__isnetset(self.in_udp)
7044+
7045+ def use_out_udp(self):
7046+ return self.__isnetset(self.out_udp)
7047+
7048+ def use_udp(self):
7049+ return self.use_in_udp() or self.use_out_udp()
7050+
7051+ def use_in_tcp(self):
7052+ return self.__isnetset(self.in_tcp)
7053+
7054+ def use_out_tcp(self):
7055+ return self.__isnetset(self.out_tcp)
7056+
7057+ def use_tcp(self):
7058+ return self.use_in_tcp() or self.use_out_tcp()
7059+
7060+ def use_network(self):
7061+ return self.use_tcp() or self.use_udp()
7062+
7063+ def find_port(self, port, protocol="tcp"):
7064+ for begin,end,p in self.ports.keys():
7065+ if port >= begin and port <= end and protocol == p:
7066+ return self.ports[begin, end, protocol]
7067+ return None
7068+
7069+ def set_program(self, program):
7070+ if self.type not in APPLICATIONS:
7071+ raise ValueError(_("User Role types can not be assigned executables."))
7072+
7073+ self.program = program
7074+
7075+ def set_init_script(self, initscript):
7076+ if self.type != DAEMON:
7077+ raise ValueError(_("Only Daemon apps can use an init script.."))
7078+
7079+ self.initscript = initscript
7080+
7081+ def set_in_tcp(self, all, reserved, unreserved, ports):
7082+ self.in_tcp = [ all, reserved, unreserved, verify_ports(ports)]
7083+
7084+ def set_in_udp(self, all, reserved, unreserved, ports):
7085+ self.in_udp = [ all, reserved, unreserved, verify_ports(ports)]
7086+
7087+ def set_out_tcp(self, all, ports):
7088+ self.out_tcp = [ all , False, False, verify_ports(ports) ]
7089+
7090+ def set_out_udp(self, all, ports):
7091+ self.out_udp = [ all , False, False, verify_ports(ports) ]
7092+
7093+ def set_use_resolve(self, val):
7094+ if val != True and val != False:
7095+ raise ValueError(_("use_resolve must be a boolean value "))
7096+
7097+ self.use_resolve = val
7098+
7099+ def set_use_syslog(self, val):
7100+ if val != True and val != False:
7101+ raise ValueError(_("use_syslog must be a boolean value "))
7102+
7103+ self.use_syslog = val
7104+
7105+ def set_use_kerberos(self, val):
7106+ if val != True and val != False:
7107+ raise ValueError(_("use_kerberos must be a boolean value "))
7108+
7109+ self.use_kerberos = val
7110+
7111+ def set_manage_krb5_rcache(self, val):
7112+ if val != True and val != False:
7113+ raise ValueError(_("manage_krb5_rcache must be a boolean value "))
7114+
7115+ self.manage_krb5_rcache = val
7116+
7117+ def set_use_pam(self, val):
7118+ self.use_pam = val == True
7119+
7120+ def set_use_dbus(self, val):
7121+ self.use_dbus = val == True
7122+
7123+ def set_use_audit(self, val):
7124+ self.use_audit = val == True
7125+
7126+ def set_use_etc(self, val):
7127+ self.use_etc = val == True
7128+
7129+ def set_use_localization(self, val):
7130+ self.use_localization = val == True
7131+
7132+ def set_use_fd(self, val):
7133+ self.use_fd = val == True
7134+
7135+ def set_use_terminal(self, val):
7136+ self.use_terminal = val == True
7137+
7138+ def set_use_mail(self, val):
7139+ self.use_mail = val == True
7140+
7141+ def set_use_tmp(self, val):
7142+ if self.type in USERS:
7143+ raise ValueError(_("USER Types automatically get a tmp type"))
7144+
7145+ if val:
7146+ self.DEFAULT_DIRS["/tmp"][1].append("/tmp");
7147+ else:
7148+ self.DEFAULT_DIRS["/tmp"][1]=[]
7149+
7150+ def set_use_uid(self, val):
7151+ self.use_uid = val == True
7152+
7153+ def generate_uid_rules(self):
7154+ if self.use_uid:
7155+ return re.sub("TEMPLATETYPE", self.name, executable.te_uid_rules)
7156+ else:
7157+ return ""
7158+
7159+ def generate_syslog_rules(self):
7160+ if self.use_syslog:
7161+ return re.sub("TEMPLATETYPE", self.name, executable.te_syslog_rules)
7162+ else:
7163+ return ""
7164+
7165+ def generate_resolve_rules(self):
7166+ if self.use_resolve:
7167+ return re.sub("TEMPLATETYPE", self.name, executable.te_resolve_rules)
7168+ else:
7169+ return ""
7170+
7171+ def generate_kerberos_rules(self):
7172+ if self.use_kerberos:
7173+ return re.sub("TEMPLATETYPE", self.name, executable.te_kerberos_rules)
7174+ else:
7175+ return ""
7176+
7177+ def generate_manage_krb5_rcache_rules(self):
7178+ if self.manage_krb5_rcache:
7179+ return re.sub("TEMPLATETYPE", self.name, executable.te_manage_krb5_rcache_rules)
7180+ else:
7181+ return ""
7182+
7183+ def generate_pam_rules(self):
7184+ newte =""
7185+ if self.use_pam:
7186+ newte = re.sub("TEMPLATETYPE", self.name, executable.te_pam_rules)
7187+ return newte
7188+
7189+ def generate_audit_rules(self):
7190+ newte =""
7191+ if self.use_audit:
7192+ newte = re.sub("TEMPLATETYPE", self.name, executable.te_audit_rules)
7193+ return newte
7194+
7195+ def generate_etc_rules(self):
7196+ newte =""
7197+ if self.use_etc:
7198+ newte = re.sub("TEMPLATETYPE", self.name, executable.te_etc_rules)
7199+ return newte
7200+
7201+ def generate_fd_rules(self):
7202+ newte =""
7203+ if self.use_fd:
7204+ newte = re.sub("TEMPLATETYPE", self.name, executable.te_fd_rules)
7205+ return newte
7206+
7207+ def generate_localization_rules(self):
7208+ newte =""
7209+ if self.use_localization:
7210+ newte = re.sub("TEMPLATETYPE", self.name, executable.te_localization_rules)
7211+ return newte
7212+
7213+ def generate_dbus_rules(self):
7214+ newte =""
7215+ if self.type != DBUS and self.use_dbus:
7216+ newte = re.sub("TEMPLATETYPE", self.name, executable.te_dbus_rules)
7217+ return newte
7218+
7219+ def generate_mail_rules(self):
7220+ newte =""
7221+ if self.use_mail:
7222+ newte = re.sub("TEMPLATETYPE", self.name, executable.te_mail_rules)
7223+ return newte
7224+
7225+ def generate_network_action(self, protocol, action, port_name):
7226+ line = ""
7227+ method = "corenet_%s_%s_%s" % (protocol, action, port_name)
7228+ if method in methods:
7229+ line = "%s(%s_t)\n" % (method, self.name)
7230+ else:
7231+ line = """
7232+gen_require(`
7233+ type %s_t;
7234+')
7235+allow %s_t %s_t:%s_socket name_%s;
7236+""" % (port_name, self.name, port_name, protocol, action)
7237+ return line
7238+
7239+ def generate_network_types(self):
7240+ for i in self.in_tcp[PORTS]:
7241+ rec = self.find_port(int(i), "tcp")
7242+ if rec == None:
7243+ self.need_tcp_type = True;
7244+ else:
7245+ port_name = rec[0][:-2]
7246+ line = self.generate_network_action("tcp", "bind", port_name)
7247+# line = "corenet_tcp_bind_%s(%s_t)\n" % (port_name, self.name)
7248+ if line not in self.found_tcp_ports:
7249+ self.found_tcp_ports.append(line)
7250+
7251+ for i in self.out_tcp[PORTS]:
7252+ rec = self.find_port(int(i), "tcp")
7253+ if rec == None:
7254+ self.need_tcp_type = True;
7255+ else:
7256+ port_name = rec[0][:-2]
7257+ line = self.generate_network_action("tcp", "connect", port_name)
7258+# line = "corenet_tcp_connect_%s(%s_t)\n" % (port_name, self.name)
7259+ if line not in self.found_tcp_ports:
7260+ self.found_tcp_ports.append(line)
7261+
7262+ for i in self.in_udp[PORTS]:
7263+ rec = self.find_port(int(i),"udp")
7264+ if rec == None:
7265+ self.need_udp_type = True;
7266+ else:
7267+ port_name = rec[0][:-2]
7268+ line = self.generate_network_action("udp", "bind", port_name)
7269+# line = "corenet_udp_bind_%s(%s_t)\n" % (port_name, self.name)
7270+ if line not in self.found_udp_ports:
7271+ self.found_udp_ports.append(line)
7272+
7273+ if self.need_udp_type == True or self.need_tcp_type == True:
7274+ return re.sub("TEMPLATETYPE", self.name, network.te_port_types)
7275+ return ""
7276+
7277+ def __find_path(self, file):
7278+ for d in self.DEFAULT_DIRS:
7279+ if file.find(d) == 0:
7280+ self.DEFAULT_DIRS[d][1].append(file)
7281+ return self.DEFAULT_DIRS[d]
7282+ self.DEFAULT_DIRS["rw"][1].append(file)
7283+ return self.DEFAULT_DIRS["rw"]
7284+
7285+ def add_capability(self, capability):
7286+ if capability not in self.capabilities:
7287+ self.capabilities.append(capability)
7288+
7289+ def add_process(self, process):
7290+ if process not in self.processes:
7291+ self.processes.append(process)
7292+
7293+ def add_boolean(self, name, description):
7294+ self.booleans[name] = description
7295+
7296+ def add_file(self, file):
7297+ self.files[file] = self.__find_path(file)
7298+
7299+ def add_dir(self, file):
7300+ self.dirs[file] = self.__find_path(file)
7301+
7302+ def generate_capabilities(self):
7303+ newte = ""
7304+ self.capabilities.sort()
7305+ if len(self.capabilities) > 0:
7306+ newte = "allow %s_t self:capability { %s };\n" % (self.name, " ".join(self.capabilities))
7307+ return newte
7308+
7309+ def generate_process(self):
7310+ newte = ""
7311+ self.processes.sort()
7312+ if len(self.processes) > 0:
7313+ newte = "allow %s_t self:process { %s };\n" % (self.name, " ".join(self.processes))
7314+ return newte
7315+
7316+
7317+ def generate_network_rules(self):
7318+ newte = ""
7319+ if self.use_network():
7320+ newte = "\n"
7321+
7322+ newte += re.sub("TEMPLATETYPE", self.name, network.te_network)
7323+
7324+ if self.use_tcp():
7325+ newte += "\n"
7326+ newte += re.sub("TEMPLATETYPE", self.name, network.te_tcp)
7327+
7328+ if self.use_in_tcp():
7329+ newte += re.sub("TEMPLATETYPE", self.name, network.te_in_tcp)
7330+
7331+ if self.need_tcp_type and len(self.in_tcp[PORTS]) > 0:
7332+ newte += re.sub("TEMPLATETYPE", self.name, network.te_in_need_port_tcp)
7333+
7334+ if self.need_tcp_type and len(self.out_tcp[PORTS]) > 0:
7335+ newte += re.sub("TEMPLATETYPE", self.name, network.te_out_need_port_tcp)
7336+
7337+
7338+ if self.in_tcp[ALL]:
7339+ newte += re.sub("TEMPLATETYPE", self.name, network.te_in_all_ports_tcp)
7340+ if self.in_tcp[RESERVED]:
7341+ newte += re.sub("TEMPLATETYPE", self.name, network.te_in_reserved_ports_tcp)
7342+ if self.in_tcp[UNRESERVED]:
7343+ newte += re.sub("TEMPLATETYPE", self.name, network.te_in_unreserved_ports_tcp)
7344+
7345+ if self.out_tcp[ALL]:
7346+ newte += re.sub("TEMPLATETYPE", self.name, network.te_out_all_ports_tcp)
7347+ if self.out_tcp[RESERVED]:
7348+ newte += re.sub("TEMPLATETYPE", self.name, network.te_out_reserved_ports_tcp)
7349+ if self.out_tcp[UNRESERVED]:
7350+ newte += re.sub("TEMPLATETYPE", self.name, network.te_out_unreserved_ports_tcp)
7351+
7352+ for i in self.found_tcp_ports:
7353+ newte += i
7354+
7355+ if self.use_udp():
7356+ newte += "\n"
7357+ newte += re.sub("TEMPLATETYPE", self.name, network.te_udp)
7358+
7359+ if self.need_udp_type:
7360+ newte += re.sub("TEMPLATETYPE", self.name, network.te_in_need_port_udp)
7361+ if self.use_in_udp():
7362+ newte += re.sub("TEMPLATETYPE", self.name, network.te_in_udp)
7363+ if self.in_udp[ALL]:
7364+ newte += re.sub("TEMPLATETYPE", self.name, network.te_in_all_ports_udp)
7365+ if self.in_udp[RESERVED]:
7366+ newte += re.sub("TEMPLATETYPE", self.name, network.te_in_reserved_ports_udp)
7367+ if self.in_udp[UNRESERVED]:
7368+ newte += re.sub("TEMPLATETYPE", self.name, network.te_in_unreserved_ports_udp)
7369+
7370+ for i in self.found_udp_ports:
7371+ newte += i
7372+ return newte
7373+
7374+ def generate_transition_rules(self):
7375+ newte = ""
7376+ for app in self.transition_domains:
7377+ tmp = re.sub("TEMPLATETYPE", self.name, user.te_transition_rules)
7378+ newte += re.sub("APPLICATION", app, tmp)
7379+
7380+ if self.type == USER:
7381+ for u in self.transition_users:
7382+ temp = re.sub("TEMPLATETYPE", self.name, executable.te_run_rules)
7383+ newte += re.sub("USER", u.split("_u")[0], temp)
7384+
7385+ return newte
7386+
7387+ def generate_admin_rules(self):
7388+ newte = ""
7389+ if self.type == RUSER:
7390+ newte += re.sub("TEMPLATETYPE", self.name, user.te_admin_rules)
7391+
7392+ for app in self.admin_domains:
7393+ tmp = re.sub("TEMPLATETYPE", self.name, user.te_admin_domain_rules)
7394+ newte += re.sub("APPLICATION", app, tmp)
7395+
7396+ all_roles = []
7397+ try:
7398+ all_roles = get_all_roles()
7399+ except ValueError, e:
7400+ print "Can not get all roles, must be root for this information"
7401+ except RuntimeError, e:
7402+ print "Can not get all roles", e
7403+
7404+ for u in self.transition_users:
7405+ role = u.split("_u")[0]
7406+
7407+ if (role + "_r") in all_roles:
7408+ tmp = re.sub("TEMPLATETYPE", self.name, user.te_admin_trans_rules)
7409+ newte += re.sub("USER", role, tmp)
7410+
7411+ return newte
7412+
7413+ def generate_dbus_if(self):
7414+ newif = ""
7415+ if self.use_dbus:
7416+ newif = re.sub("TEMPLATETYPE", self.name, executable.if_dbus_rules)
7417+ return newif
7418+
7419+ def generate_sandbox_if(self):
7420+ newif = ""
7421+ if self.type != SANDBOX:
7422+ return newif
7423+ newif = re.sub("TEMPLATETYPE", self.name, executable.if_sandbox_rules)
7424+ return newif
7425+
7426+
7427+ def generate_admin_if(self):
7428+ newif = ""
7429+ newtypes = ""
7430+ if self.initscript != "":
7431+ newtypes += re.sub("TEMPLATETYPE", self.name, executable.if_initscript_admin_types)
7432+ newif += re.sub("TEMPLATETYPE", self.name, executable.if_initscript_admin)
7433+ for d in self.DEFAULT_KEYS:
7434+ if len(self.DEFAULT_DIRS[d][1]) > 0:
7435+ newtypes += re.sub("TEMPLATETYPE", self.name, self.DEFAULT_DIRS[d][2].if_admin_types)
7436+ newif += re.sub("TEMPLATETYPE", self.name, self.DEFAULT_DIRS[d][2].if_admin_rules)
7437+
7438+ if newif != "":
7439+ ret = re.sub("TEMPLATETYPE", self.name, executable.if_begin_admin)
7440+ ret += newtypes
7441+
7442+ ret += re.sub("TEMPLATETYPE", self.name, executable.if_middle_admin)
7443+ ret += newif
7444+ ret += re.sub("TEMPLATETYPE", self.name, executable.if_end_admin)
7445+ return ret
7446+
7447+ return ""
7448+
7449+ def generate_cgi_types(self):
7450+ return re.sub("TEMPLATETYPE", self.file_name, executable.te_cgi_types)
7451+
7452+ def generate_sandbox_types(self):
7453+ return re.sub("TEMPLATETYPE", self.file_name, executable.te_sandbox_types)
7454+
7455+ def generate_userapp_types(self):
7456+ return re.sub("TEMPLATETYPE", self.name, executable.te_userapp_types)
7457+
7458+ def generate_inetd_types(self):
7459+ return re.sub("TEMPLATETYPE", self.name, executable.te_inetd_types)
7460+
7461+ def generate_dbusd_types(self):
7462+ return re.sub("TEMPLATETYPE", self.name, executable.te_dbusd_types)
7463+
7464+ def generate_min_login_user_types(self):
7465+ return re.sub("TEMPLATETYPE", self.name, user.te_min_login_user_types)
7466+
7467+ def generate_login_user_types(self):
7468+ return re.sub("TEMPLATETYPE", self.name, user.te_login_user_types)
7469+
7470+ def generate_admin_user_types(self):
7471+ return re.sub("TEMPLATETYPE", self.name, user.te_admin_user_types)
7472+
7473+ def generate_existing_user_types(self):
7474+ return re.sub("TEMPLATETYPE", self.name, user.te_existing_user_types)
7475+
7476+ def generate_x_login_user_types(self):
7477+ return re.sub("TEMPLATETYPE", self.name, user.te_x_login_user_types)
7478+
7479+ def generate_root_user_types(self):
7480+ return re.sub("TEMPLATETYPE", self.name, user.te_root_user_types)
7481+
7482+ def generate_daemon_types(self):
7483+ newte = re.sub("TEMPLATETYPE", self.name, executable.te_daemon_types)
7484+ if self.initscript != "":
7485+ newte += re.sub("TEMPLATETYPE", self.name, executable.te_initscript_types)
7486+ return newte
7487+
7488+ def generate_tmp_types(self):
7489+ if self.use_tmp:
7490+ return re.sub("TEMPLATETYPE", self.name, tmp.te_types)
7491+ else:
7492+ return ""
7493+
7494+ def generate_booleans(self):
7495+ newte = ""
7496+ for b in self.booleans:
7497+ tmp = re.sub("BOOLEAN", b, boolean.te_boolean)
7498+ newte += re.sub("DESCRIPTION", self.booleans[b], tmp)
7499+ return newte
7500+
7501+ def generate_boolean_rules(self):
7502+ newte = ""
7503+ for b in self.booleans:
7504+ newte += re.sub("BOOLEAN", b, boolean.te_rules)
7505+ return newte
7506+
7507+ def generate_sandbox_te(self):
7508+ return re.sub("TEMPLATETYPE", self.name, executable.te_sandbox_types)
7509+
7510+ def generate_cgi_te(self):
7511+ return re.sub("TEMPLATETYPE", self.name, executable.te_cgi_types)
7512+
7513+ def generate_daemon_rules(self):
7514+ newif = re.sub("TEMPLATETYPE", self.name, executable.te_daemon_rules)
7515+
7516+ return newif
7517+
7518+ def generate_login_user_rules(self):
7519+ return re.sub("TEMPLATETYPE", self.name, user.te_login_user_rules)
7520+
7521+ def generate_existing_user_rules(self):
7522+ return re.sub("TEMPLATETYPE", self.name, user.te_existing_user_rules)
7523+
7524+ def generate_x_login_user_rules(self):
7525+ return re.sub("TEMPLATETYPE", self.name, user.te_x_login_user_rules)
7526+
7527+ def generate_root_user_rules(self):
7528+ newte =re.sub("TEMPLATETYPE", self.name, user.te_root_user_rules)
7529+ return newte
7530+
7531+ def generate_userapp_rules(self):
7532+ return re.sub("TEMPLATETYPE", self.name, executable.te_userapp_rules)
7533+
7534+ def generate_inetd_rules(self):
7535+ return re.sub("TEMPLATETYPE", self.name, executable.te_inetd_rules)
7536+
7537+ def generate_dbusd_rules(self):
7538+ return re.sub("TEMPLATETYPE", self.name, executable.te_dbusd_rules)
7539+
7540+ def generate_tmp_rules(self):
7541+ if self.use_tmp:
7542+ return re.sub("TEMPLATETYPE", self.name, tmp.te_rules)
7543+ else:
7544+ return ""
7545+
7546+ def generate_cgi_rules(self):
7547+ newte = ""
7548+ newte += re.sub("TEMPLATETYPE", self.name, executable.te_cgi_rules)
7549+ return newte
7550+
7551+ def generate_sandbox_rules(self):
7552+ newte = ""
7553+ newte += re.sub("TEMPLATETYPE", self.name, executable.te_sandbox_rules)
7554+ return newte
7555+
7556+ def generate_user_if(self):
7557+ newif =""
7558+ if self.use_terminal or self.type == USER:
7559+ newif = re.sub("TEMPLATETYPE", self.name, executable.if_user_program_rules)
7560+
7561+ if self.type in ( TUSER, XUSER, AUSER, LUSER):
7562+ newif += re.sub("TEMPLATETYPE", self.name, executable.if_role_change_rules)
7563+ return newif
7564+
7565+ def generate_if(self):
7566+ newif = ""
7567+ newif += re.sub("TEMPLATETYPE", self.name, executable.if_heading_rules)
7568+ if self.program != "":
7569+ newif += re.sub("TEMPLATETYPE", self.name, executable.if_program_rules)
7570+ if self.initscript != "":
7571+ newif += re.sub("TEMPLATETYPE", self.name, executable.if_initscript_rules)
7572+
7573+ for d in self.DEFAULT_KEYS:
7574+ if len(self.DEFAULT_DIRS[d][1]) > 0:
7575+ newif += re.sub("TEMPLATETYPE", self.name, self.DEFAULT_DIRS[d][2].if_rules)
7576+ for i in self.DEFAULT_DIRS[d][1]:
7577+ if os.path.exists(i) and stat.S_ISSOCK(os.stat(i)[stat.ST_MODE]):
7578+ newif += re.sub("TEMPLATETYPE", self.name, self.DEFAULT_DIRS[d][2].if_stream_rules)
7579+ break
7580+ newif += self.generate_user_if()
7581+ newif += self.generate_dbus_if()
7582+ newif += self.generate_admin_if()
7583+ newif += self.generate_sandbox_if()
7584+
7585+ return newif
7586+
7587+ def generate_default_types(self):
7588+ return self.DEFAULT_TYPES[self.type][0]()
7589+
7590+ def generate_default_rules(self):
7591+ return self.DEFAULT_TYPES[self.type][1]()
7592+
7593+ def generate_roles_rules(self):
7594+ newte = ""
7595+ if self.type in ( TUSER, XUSER, AUSER, LUSER, EUSER):
7596+ roles = ""
7597+ if len(self.roles) > 0:
7598+ newte += re.sub("TEMPLATETYPE", self.name, user.te_sudo_rules)
7599+ newte += re.sub("TEMPLATETYPE", self.name, user.te_newrole_rules)
7600+ for role in self.roles:
7601+ tmp = re.sub("TEMPLATETYPE", self.name, user.te_roles_rules)
7602+ newte += re.sub("ROLE", role, tmp)
7603+ return newte
7604+
7605+ def generate_te(self):
7606+ newte = self.generate_default_types()
7607+ for d in self.DEFAULT_KEYS:
7608+ if len(self.DEFAULT_DIRS[d][1]) > 0:
7609+ # CGI scripts already have a rw_t
7610+ if self.type != CGI or d != "rw":
7611+ newte += re.sub("TEMPLATETYPE", self.name, self.DEFAULT_DIRS[d][2].te_types)
7612+
7613+ newte +="""
7614+########################################
7615+#
7616+# %s local policy
7617+#
7618+""" % self.name
7619+ newte += self.generate_capabilities()
7620+ newte += self.generate_process()
7621+ newte += self.generate_network_types()
7622+ newte += self.generate_tmp_types()
7623+ newte += self.generate_booleans()
7624+ newte += self.generate_default_rules()
7625+ newte += self.generate_boolean_rules()
7626+
7627+ for d in self.DEFAULT_KEYS:
7628+ if len(self.DEFAULT_DIRS[d][1]) > 0:
7629+ newte += re.sub("TEMPLATETYPE", self.name, self.DEFAULT_DIRS[d][2].te_rules)
7630+ for i in self.DEFAULT_DIRS[d][1]:
7631+ if os.path.exists(i) and stat.S_ISSOCK(os.stat(i)[stat.ST_MODE]):
7632+ newte += re.sub("TEMPLATETYPE", self.name, self.DEFAULT_DIRS[d][2].te_stream_rules)
7633+ break
7634+
7635+ newte += self.generate_tmp_rules()
7636+ newte += self.generate_network_rules()
7637+ newte += self.generate_fd_rules()
7638+ newte += self.generate_etc_rules()
7639+ newte += self.generate_pam_rules()
7640+ newte += self.generate_uid_rules()
7641+ newte += self.generate_audit_rules()
7642+ newte += self.generate_syslog_rules()
7643+ newte += self.generate_localization_rules()
7644+ newte += self.generate_resolve_rules()
7645+ newte += self.generate_roles_rules()
7646+ newte += self.generate_mail_rules()
7647+ newte += self.generate_transition_rules()
7648+ newte += self.generate_admin_rules()
7649+ newte += self.generate_dbus_rules()
7650+ newte += self.generate_kerberos_rules()
7651+ newte += self.generate_manage_krb5_rcache_rules()
7652+
7653+ return newte
7654+
7655+ def generate_fc(self):
7656+ newfc = ""
7657+ fclist = []
7658+ if self.type in USERS + [ SANDBOX ]:
7659+ return re.sub("EXECUTABLE", self.program, executable.fc_user)
7660+ if self.program == "":
7661+ raise ValueError(_("You must enter the executable path for your confined process"))
7662+
7663+ t1 = re.sub("EXECUTABLE", self.program, executable.fc_program)
7664+ fclist.append(re.sub("TEMPLATETYPE", self.name, t1))
7665+
7666+ if self.initscript != "":
7667+ t1 = re.sub("EXECUTABLE", self.initscript, executable.fc_initscript)
7668+ fclist.append(re.sub("TEMPLATETYPE", self.name, t1))
7669+
7670+ for i in self.files.keys():
7671+ if os.path.exists(i) and stat.S_ISSOCK(os.stat(i)[stat.ST_MODE]):
7672+ t1 = re.sub("TEMPLATETYPE", self.name, self.files[i][2].fc_sock_file)
7673+ else:
7674+ t1 = re.sub("TEMPLATETYPE", self.name, self.files[i][2].fc_file)
7675+ t2 = re.sub("FILENAME", i, t1)
7676+ fclist.append(re.sub("FILETYPE", self.files[i][0], t2))
7677+
7678+ for i in self.dirs.keys():
7679+ t1 = re.sub("TEMPLATETYPE", self.name, self.dirs[i][2].fc_dir)
7680+ t2 = re.sub("FILENAME", i, t1)
7681+ fclist.append(re.sub("FILETYPE", self.dirs[i][0], t2))
7682+
7683+ fclist.sort()
7684+ newfc="\n".join(fclist)
7685+ return newfc
7686+
7687+ def generate_user_sh(self):
7688+ newsh = ""
7689+ if self.type not in ( TUSER, XUSER, AUSER, LUSER, EUSER):
7690+ return newsh
7691+
7692+ roles = ""
7693+ for role in self.roles:
7694+ roles += " %s_r" % role
7695+ if roles != "":
7696+ roles += " system_r"
7697+ if self.type == EUSER:
7698+ tmp = re.sub("TEMPLATETYPE", self.name, script.eusers)
7699+ else:
7700+ tmp = re.sub("TEMPLATETYPE", self.name, script.users)
7701+ newsh += re.sub("ROLES", roles, tmp)
7702+
7703+ if self.type == RUSER:
7704+ for u in self.transition_users:
7705+ tmp = re.sub("TEMPLATETYPE", self.name, script.admin_trans)
7706+ newsh += re.sub("USER", u, tmp)
7707+
7708+ if self.type == LUSER:
7709+ newsh += re.sub("TEMPLATETYPE", self.name, script.min_login_user_default_context)
7710+ else:
7711+ newsh += re.sub("TEMPLATETYPE", self.name, script.x_login_user_default_context)
7712+
7713+
7714+ return newsh
7715+
7716+ def generate_sh(self):
7717+ temp = re.sub("TEMPLATETYPE", self.file_name, script.compile)
7718+ if self.type == EUSER:
7719+ newsh = re.sub("TEMPLATEFILE", "my%s" % self.file_name, temp)
7720+ else:
7721+ newsh = re.sub("TEMPLATEFILE", self.file_name, temp)
7722+ if self.program != "":
7723+ newsh += re.sub("FILENAME", self.program, script.restorecon)
7724+ if self.initscript != "":
7725+ newsh += re.sub("FILENAME", self.initscript, script.restorecon)
7726+
7727+ for i in self.files.keys():
7728+ newsh += re.sub("FILENAME", i, script.restorecon)
7729+
7730+ for i in self.dirs.keys():
7731+ newsh += re.sub("FILENAME", i, script.restorecon)
7732+
7733+ for i in self.in_tcp[PORTS] + self.out_tcp[PORTS]:
7734+ if self.find_port(i,"tcp") == None:
7735+ t1 = re.sub("PORTNUM", "%d" % i, script.tcp_ports)
7736+ newsh += re.sub("TEMPLATETYPE", self.name, t1)
7737+
7738+ for i in self.in_udp[PORTS]:
7739+ if self.find_port(i,"udp") == None:
7740+ t1 = re.sub("PORTNUM", "%d" % i, script.udp_ports)
7741+ newsh += re.sub("TEMPLATETYPE", self.name, t1)
7742+
7743+ newsh += self.generate_user_sh()
7744+
7745+ return newsh
7746+
7747+ def write_te(self, out_dir):
7748+ if self.type == EUSER:
7749+ tefile = "%s/my%s.te" % (out_dir, self.file_name)
7750+ else:
7751+ tefile = "%s/%s.te" % (out_dir, self.file_name)
7752+ fd = open(tefile, "w")
7753+ fd.write(self.generate_te())
7754+ fd.close()
7755+ return tefile
7756+
7757+ def write_sh(self, out_dir):
7758+ if self.type == EUSER:
7759+ shfile = "%s/my%s.sh" % (out_dir, self.file_name)
7760+ else:
7761+ shfile = "%s/%s.sh" % (out_dir, self.file_name)
7762+ fd = open(shfile, "w")
7763+ fd.write(self.generate_sh())
7764+ fd.close()
7765+ os.chmod(shfile, 0750)
7766+ return shfile
7767+
7768+ def write_if(self, out_dir):
7769+ if self.type == EUSER:
7770+ iffile = "%s/my%s.if" % (out_dir, self.file_name)
7771+ else:
7772+ iffile = "%s/%s.if" % (out_dir, self.file_name)
7773+ fd = open(iffile, "w")
7774+ fd.write(self.generate_if())
7775+ fd.close()
7776+ return iffile
7777+
7778+ def write_fc(self,out_dir):
7779+ if self.type == EUSER:
7780+ fcfile = "%s/my%s.fc" % (out_dir, self.file_name)
7781+ else:
7782+ fcfile = "%s/%s.fc" % (out_dir, self.file_name)
7783+ fd = open(fcfile, "w")
7784+ fd.write(self.generate_fc())
7785+ fd.close()
7786+ return fcfile
7787+
7788+ def gen_writeable(self):
7789+ fd = os.popen("rpm -qlf %s" % self.program)
7790+ for f in fd.read().split():
7791+ for b in self.DEFAULT_DIRS:
7792+ if b == "/etc":
7793+ continue
7794+ if f.startswith(b):
7795+ if os.path.isfile(f):
7796+ self.add_file(f)
7797+ else:
7798+ self.add_dir(f)
7799+ fd.close()
7800+ if os.path.isfile("/var/run/%s.pid" % self.name):
7801+ self.add_file("/var/run/%s.pid" % self.name)
7802+
7803+ if os.path.isfile("/etc/rc.d/init.d/%s" % self.name):
7804+ self.set_init_script("/etc/rc\.d/init\.d/%s" % self.name)
7805+
7806+
7807+ def gen_symbols(self):
7808+ if self.type not in APPLICATIONS:
7809+ return
7810+
7811+ fd = os.popen("nm -D %s | grep U" % self.program)
7812+ for s in fd.read().split():
7813+ for b in self.symbols:
7814+ if s.startswith(b):
7815+ exec "self.%s" % self.symbols[b]
7816+ fd.close()
7817+
7818+ def generate(self, out_dir = "."):
7819+ self.write_te(out_dir)
7820+ self.write_if(out_dir)
7821+ self.write_fc(out_dir)
7822+ self.write_sh(out_dir)
7823+ out = "Created the following files in:\n%s/\n" % out_dir
7824+ out += "%s.te # %s\n" % (self.file_name, _("Type Enforcement file"))
7825+ out += "%s.if # %s\n" % (self.file_name, _("Interface file"))
7826+ out += "%s.fc # %s\n" % (self.file_name, _("File Contexts file"))
7827+ out += "%s.sh # %s\n" % (self.file_name, _("Setup Script"))
7828+ return out
7829+
7830+def errorExit(error):
7831+ sys.stderr.write("%s: " % sys.argv[0])
7832+ sys.stderr.write("%s\n" % error)
7833+ sys.stderr.flush()
7834+ sys.exit(1)
7835+
7836+def test():
7837+ import tempfile
7838+
7839+ tmpdir = tempfile.mkdtemp(prefix="polgen_")
7840+
7841+ mypolicy = policy("myrwho", DAEMON)
7842+ mypolicy.set_program("/usr/sbin/myrwhod")
7843+ mypolicy.set_init_script("/etc/init.d/myrwhod")
7844+ mypolicy.add_dir("/etc/nasd")
7845+ mypolicy.set_in_tcp(1, 0, 0, "513")
7846+ mypolicy.set_use_uid(True)
7847+ mypolicy.set_use_tmp(True)
7848+ mypolicy.set_use_syslog(True)
7849+ mypolicy.set_use_pam(True)
7850+ mypolicy.add_dir("/var/run/myrwho")
7851+ mypolicy.add_dir("/var/lib/myrwho")
7852+ print mypolicy.generate(tmpdir)
7853+
7854+ mypolicy = policy("mywhois", USER)
7855+ mypolicy.set_program("/usr/bin/jwhois")
7856+ mypolicy.set_out_tcp(0, "43,63,4321")
7857+ mypolicy.set_out_udp(0, "43,63,4321")
7858+ mypolicy.add_dir("/var/cache/jwhois")
7859+ mypolicy.set_transition_users(["staff_u"])
7860+ print mypolicy.generate(tmpdir)
7861+
7862+ mypolicy = policy("mytuser", TUSER)
7863+ mypolicy.set_admin_roles(["mydbadm"])
7864+ mypolicy.add_boolean("allow_mytuser_setuid", "Allow mytuser users to run setuid applications")
7865+ print mypolicy.generate(tmpdir)
7866+
7867+ mypolicy = policy("mycgi", CGI)
7868+ mypolicy.set_program("/var/www/cgi-bin/cgi")
7869+ mypolicy.set_in_tcp(1, 0, 0, "512, 55000-55000")
7870+ mypolicy.set_in_udp(1, 0, 0, "1513")
7871+ mypolicy.set_use_uid(True)
7872+ mypolicy.set_use_tmp(False)
7873+ mypolicy.set_use_syslog(True)
7874+ mypolicy.set_use_pam(True)
7875+ mypolicy.set_out_tcp(0,"8000")
7876+ print mypolicy.generate(tmpdir)
7877+
7878+ mypolicy = policy("myinetd", INETD)
7879+ mypolicy.set_program("/usr/bin/mytest")
7880+ mypolicy.set_in_tcp(1, 0, 0, "513")
7881+ mypolicy.set_in_udp(1, 0, 0, "1513")
7882+ mypolicy.set_use_uid(True)
7883+ mypolicy.set_use_tmp(True)
7884+ mypolicy.set_use_syslog(True)
7885+ mypolicy.set_use_pam(True)
7886+ mypolicy.add_file("/var/lib/mysql/mysql.sock")
7887+ mypolicy.add_file("/var/run/rpcbind.sock")
7888+ mypolicy.add_file("/var/run/daemon.pub")
7889+ mypolicy.add_file("/var/log/daemon.log")
7890+ mypolicy.add_dir("/var/lib/daemon")
7891+ mypolicy.add_dir("/etc/daemon")
7892+ mypolicy.add_dir("/etc/daemon/special")
7893+ mypolicy.set_use_uid(True)
7894+ mypolicy.set_use_syslog(True)
7895+ mypolicy.set_use_pam(True)
7896+ mypolicy.set_use_audit(True)
7897+ mypolicy.set_use_dbus(True)
7898+ mypolicy.set_use_terminal(True)
7899+ mypolicy.set_use_mail(True)
7900+ mypolicy.set_out_tcp(0,"8000")
7901+ print mypolicy.generate(tmpdir)
7902+
7903+
7904+ mypolicy = policy("mydbus", DBUS)
7905+ mypolicy.set_program("/usr/libexec/mydbus")
7906+ mypolicy.set_in_tcp(1, 0, 0, "513")
7907+ mypolicy.set_in_udp(1, 0, 0, "1513")
7908+ mypolicy.set_use_uid(True)
7909+ mypolicy.set_use_tmp(True)
7910+ mypolicy.set_use_syslog(True)
7911+ mypolicy.set_use_pam(True)
7912+ print mypolicy.generate(tmpdir)
7913+
7914+ mypolicy = policy("myxuser", XUSER)
7915+ mypolicy.set_in_tcp(1, 1, 1, "28920")
7916+ mypolicy.set_in_udp(0, 0, 1, "1513")
7917+ mypolicy.set_transition_domains(["mozilla"])
7918+ print mypolicy.generate(tmpdir)
7919+
7920+ mypolicy = policy("myuser", USER)
7921+ mypolicy.set_program("/usr/bin/myuser")
7922+ mypolicy.set_in_tcp(1, 0, 0, "513")
7923+ mypolicy.set_in_udp(1, 0, 0, "1513")
7924+ mypolicy.set_use_uid(True)
7925+ mypolicy.set_use_tmp(True)
7926+ mypolicy.set_use_syslog(True)
7927+ mypolicy.set_use_pam(True)
7928+ mypolicy.add_file("/var/lib/myuser/myuser.sock")
7929+ mypolicy.set_out_tcp(0,"8000")
7930+ mypolicy.set_transition_users(["unconfined_u", "staff_u"])
7931+ print mypolicy.generate(tmpdir)
7932+
7933+ mypolicy = policy("mysandbox", SANDBOX)
7934+ mypolicy.set_out_udp(0, "993")
7935+ print mypolicy.generate("/tmp")
7936+
7937+ mypolicy = policy("mydbadm", RUSER)
7938+ mypolicy.set_admin_domains(["postgresql", "mysql"])
7939+ print mypolicy.generate(tmpdir)
7940+ os.chdir(tmpdir)
7941+ rc, output=commands.getstatusoutput("make -f /usr/share/selinux/devel/Makefile")
7942+ print output
7943+ sys.exit(os.WEXITSTATUS(rc))
7944+
7945+import os, sys, getopt, socket, random, fcntl
7946+
7947+def usage(msg):
7948+ print _("""
7949+%s
7950+
7951+sepolgen [ -n moduleName ] [ -m ] [ -t type ] [ executable | Name ]
7952+valid Types:
7953+""") % msg
7954+ keys=poltype.keys()
7955+ for i in keys:
7956+ print "\t%s\t%s" % (i, poltype[i])
7957+ sys.exit(-1)
7958+
7959+if __name__ == '__main__':
7960+ setype = DAEMON
7961+ name = None
7962+ try:
7963+ gopts, cmds = getopt.getopt(sys.argv[1:], "ht:mn:",
7964+ ["type=",
7965+ "mount",
7966+ "test",
7967+ "name=",
7968+ "help"])
7969+ for o, a in gopts:
7970+ if o == "-t" or o == "--type":
7971+ try:
7972+ if int(a) not in poltype:
7973+ usage ("invalid type %s" % a )
7974+ except:
7975+ usage ("invalid type %s" % a )
7976+
7977+ setype = int(a)
7978+
7979+ if o == "-m" or o == "--mount":
7980+ mount_ind = True
7981+
7982+ if o == "-n" or o == "--name":
7983+ name = a
7984+
7985+ if o == "-h" or o == "--help":
7986+ usage("")
7987+
7988+ if o == "--test":
7989+ test()
7990+ sys.exit(0)
7991+
7992+ except getopt.error, error:
7993+ usage(_("Options Error %s ") % error.msg)
7994+
7995+ if len(cmds) == 0:
7996+ usage(_("Executable or Name required"))
7997+
7998+ try:
7999+ if not name:
8000+ name = os.path.basename(cmds[0]).replace("-","_")
8001+ cmd = cmds[0]
8002+ mypolicy = policy(name, setype)
8003+ if setype not in USERS + [ SANDBOX ]:
8004+ mypolicy.set_program(cmd)
8005+
8006+ if setype in APPLICATIONS:
8007+ mypolicy.gen_writeable()
8008+ mypolicy.gen_symbols()
8009+ print mypolicy.generate()
8010+ sys.exit(0)
8011+ except ValueError, e:
8012+ usage(e)
8013diff -up policycoreutils-2.1.8/gui/portsPage.py.gui policycoreutils-2.1.8/gui/portsPage.py
8014--- policycoreutils-2.1.8/gui/portsPage.py.gui 2011-11-07 15:12:01.906834233 -0500
8015+++ policycoreutils-2.1.8/gui/portsPage.py 2011-11-07 15:12:01.906834233 -0500
8016@@ -0,0 +1,259 @@
8017+## portsPage.py - show selinux mappings
8018+## Copyright (C) 2006 Red Hat, Inc.
8019+
8020+## This program is free software; you can redistribute it and/or modify
8021+## it under the terms of the GNU General Public License as published by
8022+## the Free Software Foundation; either version 2 of the License, or
8023+## (at your option) any later version.
8024+
8025+## This program is distributed in the hope that it will be useful,
8026+## but WITHOUT ANY WARRANTY; without even the implied warranty of
8027+## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
8028+## GNU General Public License for more details.
8029+
8030+## You should have received a copy of the GNU General Public License
8031+## along with this program; if not, write to the Free Software
8032+## Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
8033+
8034+## Author: Dan Walsh
8035+import string
8036+import gtk
8037+import gtk.glade
8038+import os
8039+import gobject
8040+import sys
8041+import seobject
8042+import commands
8043+from semanagePage import *;
8044+
8045+##
8046+## I18N
8047+##
8048+PROGNAME = "policycoreutils"
8049+import gettext
8050+gettext.bindtextdomain(PROGNAME, "/usr/share/locale")
8051+gettext.textdomain(PROGNAME)
8052+TYPE_COL = 0
8053+PROTOCOL_COL = 1
8054+MLS_COL = 2
8055+PORT_COL = 3
8056+try:
8057+ gettext.install(PROGNAME,
8058+ localedir="/usr/share/locale",
8059+ unicode=False,
8060+ codeset = 'utf-8')
8061+except IOError:
8062+ import __builtin__
8063+ __builtin__.__dict__['_'] = unicode
8064+
8065+class portsPage(semanagePage):
8066+ def __init__(self, xml):
8067+ semanagePage.__init__(self, xml, "ports", _("Network Port"))
8068+ xml.signal_connect("on_group_clicked", self.on_group_clicked)
8069+ self.group = False
8070+ self.ports_filter = xml.get_widget("portsFilterEntry")
8071+ self.ports_filter.connect("focus_out_event", self.filter_changed)
8072+ self.ports_filter.connect("activate", self.filter_changed)
8073+ self.ports_name_entry = xml.get_widget("portsNameEntry")
8074+ self.ports_protocol_combo = xml.get_widget("portsProtocolCombo")
8075+ self.ports_number_entry = xml.get_widget("portsNumberEntry")
8076+ self.ports_mls_entry = xml.get_widget("portsMLSEntry")
8077+ self.ports_add_button = xml.get_widget("portsAddButton")
8078+ self.ports_properties_button = xml.get_widget("portsPropertiesButton")
8079+ self.ports_delete_button = xml.get_widget("portsDeleteButton")
8080+ liststore = self.ports_protocol_combo.get_model()
8081+ iter = liststore.get_iter_first()
8082+ self.ports_protocol_combo.set_active_iter(iter)
8083+ self.init_store()
8084+ self.edit = True
8085+ self.load()
8086+
8087+ def filter_changed(self, *arg):
8088+ filter = arg[0].get_text()
8089+ if filter != self.filter:
8090+ if self.edit:
8091+ self.load(filter)
8092+ else:
8093+ self.group_load(filter)
8094+
8095+ def init_store(self):
8096+ self.store = gtk.ListStore(gobject.TYPE_STRING, gobject.TYPE_STRING, gobject.TYPE_STRING , gobject.TYPE_STRING)
8097+ self.view.set_model(self.store)
8098+ self.store.set_sort_column_id(0, gtk.SORT_ASCENDING)
8099+
8100+ self.view.set_search_equal_func(self.search)
8101+ col = gtk.TreeViewColumn(_("SELinux Port\nType"), gtk.CellRendererText(), text = TYPE_COL)
8102+ col.set_sort_column_id(TYPE_COL)
8103+ col.set_resizable(True)
8104+ self.view.append_column(col)
8105+ self.store.set_sort_column_id(TYPE_COL, gtk.SORT_ASCENDING)
8106+
8107+ col = gtk.TreeViewColumn(_("Protocol"), gtk.CellRendererText(), text = PROTOCOL_COL)
8108+ col.set_sort_column_id(PROTOCOL_COL)
8109+ col.set_resizable(True)
8110+ self.view.append_column(col)
8111+
8112+ self.mls_col = gtk.TreeViewColumn(_("MLS/MCS\nLevel"), gtk.CellRendererText(), text = MLS_COL)
8113+ self.mls_col.set_resizable(True)
8114+ self.mls_col.set_sort_column_id(MLS_COL)
8115+ self.view.append_column(self.mls_col)
8116+
8117+ col = gtk.TreeViewColumn(_("Port"), gtk.CellRendererText(), text = PORT_COL)
8118+ col.set_sort_column_id(PORT_COL)
8119+ col.set_resizable(True)
8120+ self.view.append_column(col)
8121+ self.store.set_sort_func(PORT_COL,self.sort_int, "")
8122+
8123+ def sort_int(self, treemodel, iter1, iter2, user_data):
8124+ try:
8125+ p1 = int(treemodel.get_value(iter1,PORT_COL).split('-')[0])
8126+ p2 = int(treemodel.get_value(iter2,PORT_COL).split('-')[0])
8127+ if p1 > p2:
8128+ return 1
8129+ if p1 == p2:
8130+ return 0
8131+ return -1
8132+ except:
8133+ return 0
8134+
8135+ def load(self,filter = ""):
8136+ self.filter=filter
8137+ self.port = seobject.portRecords()
8138+ dict = self.port.get_all(self.local)
8139+ keys = dict.keys()
8140+ keys.sort()
8141+ self.store.clear()
8142+ for k in keys:
8143+ if not (self.match(str(k[0]), filter) or self.match(dict[k][0], filter) or self.match(k[2], filter) or self.match(dict[k][1], filter) or self.match(dict[k][1], filter)):
8144+ continue
8145+ iter = self.store.append()
8146+ if k[0] == k[1]:
8147+ self.store.set_value(iter, PORT_COL, k[0])
8148+ else:
8149+ rec = "%s-%s" % k[:2]
8150+ self.store.set_value(iter, PORT_COL, rec)
8151+ self.store.set_value(iter, TYPE_COL, dict[k][0])
8152+ self.store.set_value(iter, PROTOCOL_COL, k[2])
8153+ self.store.set_value(iter, MLS_COL, dict[k][1])
8154+ self.view.get_selection().select_path ((0,))
8155+
8156+ def group_load(self, filter = ""):
8157+ self.filter=filter
8158+ self.port = seobject.portRecords()
8159+ dict = self.port.get_all_by_type(self.local)
8160+ keys = dict.keys()
8161+ keys.sort()
8162+ self.store.clear()
8163+ for k in keys:
8164+ ports_string = ", ".join(dict[k])
8165+ if not (self.match(ports_string, filter) or self.match(k[0], filter) or self.match(k[1], filter) ):
8166+ continue
8167+ iter = self.store.append()
8168+ self.store.set_value(iter, TYPE_COL, k[0])
8169+ self.store.set_value(iter, PROTOCOL_COL, k[1])
8170+ self.store.set_value(iter, PORT_COL, ports_string)
8171+ self.store.set_value(iter, MLS_COL, "")
8172+ self.view.get_selection().select_path ((0,))
8173+
8174+ def propertiesDialog(self):
8175+ if self.edit:
8176+ semanagePage.propertiesDialog(self)
8177+
8178+ def dialogInit(self):
8179+ store, iter = self.view.get_selection().get_selected()
8180+ self.ports_number_entry.set_text(store.get_value(iter, PORT_COL))
8181+ self.ports_number_entry.set_sensitive(False)
8182+ self.ports_protocol_combo.set_sensitive(False)
8183+ self.ports_name_entry.set_text(store.get_value(iter, TYPE_COL))
8184+ self.ports_mls_entry.set_text(store.get_value(iter, MLS_COL))
8185+ protocol = store.get_value(iter, PROTOCOL_COL)
8186+ liststore = self.ports_protocol_combo.get_model()
8187+ iter = liststore.get_iter_first()
8188+ while iter != None and liststore.get_value(iter,0) != protocol:
8189+ iter = liststore.iter_next(iter)
8190+ if iter != None:
8191+ self.ports_protocol_combo.set_active_iter(iter)
8192+
8193+ def dialogClear(self):
8194+ self.ports_number_entry.set_text("")
8195+ self.ports_number_entry.set_sensitive(True)
8196+ self.ports_protocol_combo.set_sensitive(True)
8197+ self.ports_name_entry.set_text("")
8198+ self.ports_mls_entry.set_text("s0")
8199+
8200+ def delete(self):
8201+ store, iter = self.view.get_selection().get_selected()
8202+ port = store.get_value(iter, PORT_COL)
8203+ protocol = store.get_value(iter, 1)
8204+ try:
8205+ self.wait()
8206+ (rc, out) = commands.getstatusoutput("semanage port -d -p %s %s" % (protocol, port))
8207+ self.ready()
8208+ if rc != 0:
8209+ return self.error(out)
8210+ store.remove(iter)
8211+ self.view.get_selection().select_path ((0,))
8212+ except ValueError, e:
8213+ self.error(e.args[0])
8214+
8215+ def add(self):
8216+ target = self.ports_name_entry.get_text().strip()
8217+ mls = self.ports_mls_entry.get_text().strip()
8218+ port_number = self.ports_number_entry.get_text().strip()
8219+ if port_number == "":
8220+ port_number = "1"
8221+ for i in port_number.split("-"):
8222+ if not i.isdigit():
8223+ self.error(_("Port number \"%s\" is not valid. 0 < PORT_NUMBER < 65536 ") % port_number )
8224+ return False
8225+ list_model = self.ports_protocol_combo.get_model()
8226+ iter = self.ports_protocol_combo.get_active_iter()
8227+ protocol = list_model.get_value(iter,0)
8228+ self.wait()
8229+ (rc, out) = commands.getstatusoutput("semanage port -a -p %s -r %s -t %s %s" % (protocol, mls, target, port_number))
8230+ self.ready()
8231+ if rc != 0:
8232+ self.error(out)
8233+ return False
8234+ iter = self.store.append()
8235+
8236+ self.store.set_value(iter, TYPE_COL, target)
8237+ self.store.set_value(iter, PORT_COL, port_number)
8238+ self.store.set_value(iter, PROTOCOL_COL, protocol)
8239+ self.store.set_value(iter, MLS_COL, mls)
8240+
8241+ def modify(self):
8242+ target = self.ports_name_entry.get_text().strip()
8243+ mls = self.ports_mls_entry.get_text().strip()
8244+ port_number = self.ports_number_entry.get_text().strip()
8245+ list_model = self.ports_protocol_combo.get_model()
8246+ iter = self.ports_protocol_combo.get_active_iter()
8247+ protocol = list_model.get_value(iter,0)
8248+ self.wait()
8249+ (rc, out) = commands.getstatusoutput("semanage port -m -p %s -r %s -t %s %s" % (protocol, mls, target, port_number))
8250+ self.ready()
8251+ if rc != 0:
8252+ self.error(out)
8253+ return False
8254+ store, iter = self.view.get_selection().get_selected()
8255+ self.store.set_value(iter, TYPE_COL, target)
8256+ self.store.set_value(iter, PORT_COL, port_number)
8257+ self.store.set_value(iter, PROTOCOL_COL, protocol)
8258+ self.store.set_value(iter, MLS_COL, mls)
8259+
8260+ def on_group_clicked(self, button):
8261+ self.ports_add_button.set_sensitive(self.group)
8262+ self.ports_properties_button.set_sensitive(self.group)
8263+ self.ports_delete_button.set_sensitive(self.group)
8264+ self.mls_col.set_visible(self.group)
8265+
8266+ self.group = not self.group
8267+ if self.group:
8268+ button.set_label(_("List View"))
8269+ self.group_load(self.filter)
8270+ else:
8271+ button.set_label(_("Group View"))
8272+ self.load(self.filter)
8273+
8274+ return True
8275+
8276diff -up policycoreutils-2.1.8/gui/selinux.tbl.gui policycoreutils-2.1.8/gui/selinux.tbl
8277--- policycoreutils-2.1.8/gui/selinux.tbl.gui 2011-11-07 15:12:01.907834233 -0500
8278+++ policycoreutils-2.1.8/gui/selinux.tbl 2011-11-07 15:12:01.907834233 -0500
8279@@ -0,0 +1,234 @@
8280+acct_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for acct daemon")
8281+allow_daemons_dump_core _("Admin") _("Allow all daemons to write corefiles to /")
8282+allow_daemons_use_tty _("Admin") _("Allow all daemons the ability to use unallocated ttys")
8283+allow_gadmin_exec_content _("User Privs") _("Allow gadmin SELinux user account to execute files in home directory or /tmp")
8284+allow_guest_exec_content _("User Privs") _("Allow guest SELinux user account to execute files in home directory or /tmp")
8285+allow_java_execstack _("Memory Protection") _("Allow java executable stack")
8286+allow_mount_anyfile _("Mount") _("Allow mount to mount any file")
8287+allow_mounton_anydir _("Mount") _("Allow mount to mount any directory")
8288+allow_mplayer_execstack _("Memory Protection") _("Allow mplayer executable stack")
8289+allow_ssh_keysign _("SSH") _("Allow ssh to run ssh-keysign")
8290+allow_staff_exec_content _("User Privs") _("Allow staff SELinux user account to execute files in home directory or /tmp")
8291+allow_sysadm_exec_content _("User Privs") _("Allow sysadm SELinux user account to execute files in home directory or /tmp")
8292+allow_unconfined_exec_content _("User Privs") _("Allow unconfined SELinux user account to execute files in home directory or /tmp")
8293+allow_unlabeled_packets _("Network Configuration") _("Allow unlabeled packets to flow on the network")
8294+allow_user_exec_content _("User Privs") _("Allow user SELinux user account to execute files in home directory or /tmp")
8295+allow_unconfined_execmem_dyntrans _("Memory Protection") _("Allow unconfined to dyntrans to unconfined_execmem")
8296+allow_user_mysql_connect _("Databases") _("Allow user to connect to mysql socket")
8297+allow_user_postgresql_connect _("Databases") _("Allow user to connect to postgres socket")
8298+allow_write_xshm _("XServer") _("Allow clients to write to X shared memory")
8299+allow_xguest_exec_content _("User Privs") _("Allow xguest SELinux user account to execute files in home directory or /tmp")
8300+allow_ypbind _("NIS") _("Allow daemons to run with NIS")
8301+browser_confine_staff _("Web Applications") _("Transition staff SELinux user to Web Browser Domain")
8302+browser_confine_sysadm _("Web Applications") _("Transition sysadm SELinux user to Web Browser Domain")
8303+browser_confine_user _("Web Applications") _("Transition user SELinux user to Web Browser Domain")
8304+browser_confine_xguest _("Web Applications") _("Transition xguest SELinux user to Web Browser Domain")
8305+browser_write_staff_data _("Web Applications") _("Allow staff Web Browsers to write to home directories")
8306+browser_write_sysadm_data _("Web Applications") _("Allow staff Web Browsers to write to home directories")
8307+browser_write_user_data _("Web Applications") _("Allow staff Web Browsers to write to home directories")
8308+browser_write_xguest_data _("Web Applications") _("Allow staff Web Browsers to write to home directories")
8309+amanda_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for amanda")
8310+amavis_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for amavis")
8311+apmd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for apmd daemon")
8312+arpwatch_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for arpwatch daemon")
8313+auditd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for auditd daemon")
8314+automount_disable_trans _("Mount") _("Disable SELinux protection for automount daemon")
8315+avahi_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for avahi")
8316+bluetooth_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for bluetooth daemon")
8317+canna_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for canna daemon")
8318+cardmgr_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for cardmgr daemon")
8319+ccs_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for Cluster Server")
8320+cdrecord_read_content _("User Privs") _("Allow cdrecord to read various content. nfs, samba, removable devices, user temp and untrusted content files")
8321+ciped_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for ciped daemon")
8322+clamd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for clamd daemon")
8323+clamscan_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for clamscan")
8324+clvmd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for clvmd")
8325+comsat_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for comsat daemon")
8326+courier_authdaemon_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for courier daemon")
8327+courier_pcp_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for courier daemon")
8328+courier_pop_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for courier daemon")
8329+courier_sqwebmail_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for courier daemon")
8330+courier_tcpd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for courier daemon")
8331+cpucontrol_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for cpucontrol daemon")
8332+cpuspeed_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for cpuspeed daemon")
8333+crond_disable_trans _("Cron") _("Disable SELinux protection for crond daemon")
8334+cupsd_config_disable_trans _("Printing") _("Disable SELinux protection for cupsd back end server")
8335+cupsd_disable_trans _("Printing") _("Disable SELinux protection for cupsd daemon")
8336+cupsd_lpd_disable_trans _("Printing") _("Disable SELinux protection for cupsd_lpd")
8337+cvs_disable_trans _("CVS") _("Disable SELinux protection for cvs daemon")
8338+cyrus_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for cyrus daemon")
8339+dbskkd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for dbskkd daemon")
8340+dbusd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for dbusd daemon")
8341+dccd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for dccd")
8342+dccifd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for dccifd")
8343+dccm_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for dccm")
8344+ddt_client_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for ddt daemon")
8345+devfsd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for devfsd daemon")
8346+dhcpc_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for dhcpc daemon")
8347+dhcpd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for dhcpd daemon")
8348+dictd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for dictd daemon")
8349+direct_sysadm_daemon _("Admin") _("Allow sysadm_t to directly start daemons")
8350+disable_evolution_trans _("Web Applications") _("Disable SELinux protection for Evolution")
8351+disable_games_trans _("Games") _("Disable SELinux protection for games")
8352+disable_mozilla_trans _("Web Applications") _("Disable SELinux protection for the web browsers")
8353+disable_thunderbird_trans _("Web Applications") _("Disable SELinux protection for Thunderbird")
8354+distccd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for distccd daemon")
8355+dmesg_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for dmesg daemon")
8356+dnsmasq_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for dnsmasq daemon")
8357+dovecot_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for dovecot daemon")
8358+entropyd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for entropyd daemon")
8359+fetchmail_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for fetchmail")
8360+fingerd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for fingerd daemon")
8361+freshclam_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for freshclam daemon")
8362+fsdaemon_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for fsdaemon daemon")
8363+gpm_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for gpm daemon")
8364+gssd_disable_trans _("NFS") _("Disable SELinux protection for gss daemon")
8365+hald_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for Hal daemon")
8366+hide_broken_symptoms _("Compatibility") _("Do not audit things that we know to be broken but which are not security risks")
8367+hostname_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for hostname daemon")
8368+hotplug_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for hotplug daemon")
8369+howl_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for howl daemon")
8370+hplip_disable_trans _("Printing") _("Disable SELinux protection for cups hplip daemon")
8371+httpd_rotatelogs_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for httpd rotatelogs")
8372+httpd_suexec_disable_trans _("HTTPD Service") _("Disable SELinux protection for http suexec")
8373+hwclock_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for hwclock daemon")
8374+i18n_input_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for i18n daemon")
8375+imazesrv_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for imazesrv daemon")
8376+inetd_child_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for inetd child daemons")
8377+inetd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for inetd daemon")
8378+innd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for innd daemon")
8379+iptables_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for iptables daemon")
8380+ircd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for ircd daemon")
8381+irqbalance_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for irqbalance daemon")
8382+iscsid_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for iscsi daemon")
8383+jabberd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for jabberd daemon")
8384+kadmind_disable_trans _("Kerberos") _("Disable SELinux protection for kadmind daemon")
8385+klogd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for klogd daemon")
8386+krb5kdc_disable_trans _("Kerberos") _("Disable SELinux protection for krb5kdc daemon")
8387+ktalkd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for ktalk daemons")
8388+kudzu_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for kudzu daemon")
8389+locate_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for locate daemon")
8390+lpd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for lpd daemon")
8391+lrrd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for lrrd daemon")
8392+lvm_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for lvm daemon")
8393+mailman_mail_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for mailman")
8394+mail_read_content _("Web Applications") _("Allow evolution and thunderbird to read user files")
8395+mdadm_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for mdadm daemon")
8396+monopd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for monopd daemon")
8397+mozilla_read_content _("Web Applications") _("Allow the mozilla browser to read user files")
8398+mrtg_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for mrtg daemon")
8399+mysqld_disable_trans _("Databases") _("Disable SELinux protection for mysqld daemon")
8400+nagios_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for nagios daemon")
8401+named_disable_trans _("Name Service") _("Disable SELinux protection for named daemon")
8402+nessusd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for nessusd daemon")
8403+NetworkManager_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for NetworkManager")
8404+nfsd_disable_trans _("NFS") _("Disable SELinux protection for nfsd daemon")
8405+nmbd_disable_trans _("Samba") _("Disable SELinux protection for nmbd daemon")
8406+nrpe_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for nrpe daemon")
8407+nscd_disable_trans _("Name Service") _("Disable SELinux protection for nscd daemon")
8408+nsd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for nsd daemon")
8409+ntpd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for ntpd daemon")
8410+oddjob_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for oddjob")
8411+oddjob_mkhomedir_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for oddjob_mkhomedir")
8412+openvpn_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for openvpn daemon")
8413+pam_console_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for pam daemon")
8414+pegasus_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for pegasus")
8415+perdition_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for perdition daemon")
8416+portmap_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for portmap daemon")
8417+portslave_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for portslave daemon")
8418+postfix_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for postfix")
8419+postgresql_disable_trans _("Databases") _("Disable SELinux protection for postgresql daemon")
8420+pppd_for_user _("pppd") _("Allow pppd to be run for a regular user")
8421+pptp_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for pptp")
8422+prelink_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for prelink daemon")
8423+privoxy_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for privoxy daemon")
8424+ptal_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for ptal daemon")
8425+pxe_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for pxe daemon")
8426+pyzord_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for pyzord")
8427+quota_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for quota daemon")
8428+radiusd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for radiusd daemon")
8429+radvd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for radvd daemon")
8430+rdisc_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for rdisc")
8431+readahead_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for readahead")
8432+read_default_t _("Admin") _("Allow programs to read files in non-standard locations (default_t)")
8433+restorecond_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for restorecond")
8434+rhgb_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for rhgb daemon")
8435+ricci_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for ricci")
8436+ricci_modclusterd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for ricci_modclusterd")
8437+rlogind_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for rlogind daemon")
8438+rpcd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for rpcd daemon")
8439+rshd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for rshd")
8440+rsync_disable_trans _("rsync") _("Disable SELinux protection for rsync daemon")
8441+run_ssh_inetd _("SSH") _("Allow ssh to run from inetd instead of as a daemon")
8442+samba_share_nfs _("Samba") _("Allow Samba to share nfs directories")
8443+allow_saslauthd_read_shadow _("SASL authentication server") _("Allow sasl authentication server to read /etc/shadow")
8444+allow_xserver_execmem _("XServer") _("Allow X-Windows server to map a memory region as both executable and writable")
8445+saslauthd_disable_trans _("SASL authentication server") _("Disable SELinux protection for saslauthd daemon")
8446+scannerdaemon_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for scannerdaemon daemon")
8447+secure_mode _("Admin") _("Do not allow transition to sysadm_t, sudo and su effected")
8448+secure_mode_insmod _("Admin") _("Do not allow any processes to load kernel modules")
8449+secure_mode_policyload _("Admin") _("Do not allow any processes to modify kernel SELinux policy")
8450+sendmail_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for sendmail daemon")
8451+setrans_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for setrans")
8452+setroubleshootd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for setroubleshoot daemon")
8453+slapd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for slapd daemon")
8454+slrnpull_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for slrnpull daemon")
8455+smbd_disable_trans _("Samba") _("Disable SELinux protection for smbd daemon")
8456+snmpd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for snmpd daemon")
8457+snort_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for snort daemon")
8458+soundd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for soundd daemon")
8459+sound_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for sound daemon")
8460+spamd_disable_trans _("Spam Protection") _("Disable SELinux protection for spamd daemon")
8461+spamd_enable_home_dirs _("Spam Protection") _("Allow spamd to access home directories")
8462+spamassassin_can_network _("Spam Protection") _("Allow Spam Assassin daemon network access")
8463+speedmgmt_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for speedmgmt daemon")
8464+squid_connect_any _("Squid") _("Allow squid daemon to connect to the network")
8465+squid_disable_trans _("Squid") _("Disable SELinux protection for squid daemon")
8466+ssh_keygen_disable_trans _("SSH") _("Disable SELinux protection for ssh daemon")
8467+ssh_sysadm_login _("SSH") _("Allow ssh logins as sysadm_r:sysadm_t")
8468+staff_read_sysadm_file _("Admin") _("Allow staff_r users to search the sysadm home dir and read files (such as ~/.bashrc)")
8469+stunnel_disable_trans _("Universal SSL tunnel") _("Disable SELinux protection for stunnel daemon")
8470+stunnel_is_daemon _("Universal SSL tunnel") _("Allow stunnel daemon to run as standalone, outside of xinetd")
8471+swat_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for swat daemon")
8472+sxid_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for sxid daemon")
8473+syslogd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for syslogd daemon")
8474+system_crond_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for system cron jobs")
8475+tcpd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for tcp daemon")
8476+telnetd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for telnet daemon")
8477+tftpd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for tftpd daemon")
8478+transproxy_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for transproxy daemon")
8479+udev_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for udev daemon")
8480+uml_switch_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for uml daemon")
8481+unlimitedInetd _("Admin") _("Allow xinetd to run unconfined, including any services it starts that do not have a domain transition explicitly defined")
8482+unlimitedRC _("Admin") _("Allow rc scripts to run unconfined, including any daemon started by an rc script that does not have a domain transition explicitly defined")
8483+unlimitedRPM _("Admin") _("Allow rpm to run unconfined")
8484+unlimitedUtils _("Admin") _("Allow privileged utilities like hotplug and insmod to run unconfined")
8485+updfstab_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for updfstab daemon")
8486+uptimed_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for uptimed daemon")
8487+user_canbe_sysadm _("User Privs") _("Allow user_r to reach sysadm_r via su, sudo, or userhelper. Otherwise, only staff_r can do so")
8488+user_can_mount _("Mount") _("Allow users to execute the mount command")
8489+user_direct_mouse _("User Privs") _("Allow regular users direct mouse access (only allow the X server)")
8490+user_dmesg _("User Privs") _("Allow users to run the dmesg command")
8491+user_net_control _("User Privs") _("Allow users to control network interfaces (also needs USERCTL=true)")
8492+user_ping _("User Privs") _("Allow normal user to execute ping")
8493+user_rw_noexattrfile _("User Privs") _("Allow user to r/w noextattrfile (FAT, CDROM, FLOPPY)")
8494+user_rw_usb _("User Privs") _("Allow users to rw usb devices")
8495+user_tcp_server _("User Privs") _("Allow users to run TCP servers (bind to ports and accept connection from the same domain and outside users) disabling this forces FTP passive mode and may change other protocols")
8496+user_ttyfile_stat _("User Privs") _("Allow user to stat ttyfiles")
8497+uucpd_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for uucpd daemon")
8498+vmware_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for vmware daemon")
8499+watchdog_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for watchdog daemon")
8500+winbind_disable_trans _("Samba") _("Disable SELinux protection for winbind daemon")
8501+xdm_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for xdm daemon")
8502+xdm_sysadm_login _("XServer") _("Allow xdm logins as sysadm_r:sysadm_t")
8503+xend_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for xen daemon")
8504+xen_use_raw_disk _("XEN") _("Allow xen to read/write physical disk devices")
8505+xfs_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for xfs daemon")
8506+xm_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for xen control")
8507+ypbind_disable_trans _("NIS") _("Disable SELinux protection for ypbind daemon")
8508+yppasswdd_disable_trans _("NIS") _("Disable SELinux protection for NIS Password Daemon")
8509+ypserv_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for ypserv daemon")
8510+ypxfr_disable_trans _("NIS") _("Disable SELinux protection for NIS Transfer Daemon")
8511+webadm_manage_user_files _("HTTPD Service") _("Allow SELinux webadm user to manage unprivileged users home directories")
8512+webadm_read_user_files _("HTTPD Service") _("Allow SELinux webadm user to read unprivileged users home directories")
8513+
8514diff -up policycoreutils-2.1.8/gui/semanagePage.py.gui policycoreutils-2.1.8/gui/semanagePage.py
8515--- policycoreutils-2.1.8/gui/semanagePage.py.gui 2011-11-07 15:12:01.908834234 -0500
8516+++ policycoreutils-2.1.8/gui/semanagePage.py 2011-11-07 15:12:01.908834234 -0500
8517@@ -0,0 +1,168 @@
8518+## semanagePage.py - show selinux mappings
8519+## Copyright (C) 2006 Red Hat, Inc.
8520+
8521+## This program is free software; you can redistribute it and/or modify
8522+## it under the terms of the GNU General Public License as published by
8523+## the Free Software Foundation; either version 2 of the License, or
8524+## (at your option) any later version.
8525+
8526+## This program is distributed in the hope that it will be useful,
8527+## but WITHOUT ANY WARRANTY; without even the implied warranty of
8528+## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
8529+## GNU General Public License for more details.
8530+
8531+## You should have received a copy of the GNU General Public License
8532+## along with this program; if not, write to the Free Software
8533+## Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
8534+
8535+## Author: Dan Walsh
8536+import string
8537+import gtk
8538+import gtk.glade
8539+import os
8540+import gobject
8541+import sys
8542+import seobject
8543+
8544+##
8545+## I18N
8546+##
8547+PROGNAME="policycoreutils"
8548+import gettext
8549+gettext.bindtextdomain(PROGNAME, "/usr/share/locale")
8550+gettext.textdomain(PROGNAME)
8551+try:
8552+ gettext.install(PROGNAME,
8553+ localedir="/usr/share/locale",
8554+ unicode=False,
8555+ codeset = 'utf-8')
8556+except IOError:
8557+ import __builtin__
8558+ __builtin__.__dict__['_'] = unicode
8559+
8560+def idle_func():
8561+ while gtk.events_pending():
8562+ gtk.main_iteration()
8563+
8564+class semanagePage:
8565+ def __init__(self, xml, name, description):
8566+ self.xml = xml
8567+ self.window = self.xml.get_widget("mainWindow").get_root_window()
8568+ self.busy_cursor = gtk.gdk.Cursor(gtk.gdk.WATCH)
8569+ self.ready_cursor = gtk.gdk.Cursor(gtk.gdk.LEFT_PTR)
8570+
8571+ self.local = False
8572+ self.view = xml.get_widget("%sView" % name)
8573+ self.dialog = xml.get_widget("%sDialog" % name)
8574+ self.filter_entry = xml.get_widget("%sFilterEntry" % name )
8575+ self.filter_entry.connect("focus_out_event", self.filter_changed)
8576+ self.filter_entry.connect("activate", self.filter_changed)
8577+
8578+ self.view.connect("row_activated", self.rowActivated)
8579+ self.view.get_selection().connect("changed", self.itemSelected)
8580+ self.description = description;
8581+
8582+ def wait(self):
8583+ self.window.set_cursor(self.busy_cursor)
8584+ idle_func()
8585+
8586+ def ready(self):
8587+ self.window.set_cursor(self.ready_cursor)
8588+ idle_func()
8589+
8590+ def get_description(self):
8591+ return self.description
8592+
8593+ def itemSelected(self, args):
8594+ return
8595+
8596+ def filter_changed(self, *arg):
8597+ filter = arg[0].get_text()
8598+ if filter != self.filter:
8599+ self.load(filter)
8600+
8601+ def search(self, model, col, key, i):
8602+ sort_col = self.store.get_sort_column_id()[0]
8603+ val = model.get_value(i,sort_col)
8604+ if val.lower().startswith(key.lower()):
8605+ return False
8606+ return True
8607+
8608+ def match(self, target, filter):
8609+ try:
8610+ f=filter.lower()
8611+ t=target.lower()
8612+ if t.find(f) >= 0:
8613+ return True
8614+ except:
8615+ pass
8616+ return False
8617+
8618+ def rowActivated(self, view, row, Column):
8619+ self.propertiesDialog()
8620+
8621+ def verify(self, message, title="" ):
8622+ dlg = gtk.MessageDialog(None, 0, gtk.MESSAGE_INFO,
8623+ gtk.BUTTONS_YES_NO,
8624+ message)
8625+ dlg.set_title(title)
8626+ dlg.set_position(gtk.WIN_POS_MOUSE)
8627+ dlg.show_all()
8628+ rc = dlg.run()
8629+ dlg.destroy()
8630+ return rc
8631+
8632+ def error(self, message):
8633+ dlg = gtk.MessageDialog(None, 0, gtk.MESSAGE_ERROR,
8634+ gtk.BUTTONS_CLOSE,
8635+ message)
8636+ dlg.set_position(gtk.WIN_POS_MOUSE)
8637+ dlg.show_all()
8638+ dlg.run()
8639+ dlg.destroy()
8640+
8641+ def deleteDialog(self):
8642+ store, iter = self.view.get_selection().get_selected()
8643+ if self.verify(_("Are you sure you want to delete %s '%s'?" % (self.description, store.get_value(iter, 0))), _("Delete %s" % self.description)) == gtk.RESPONSE_YES:
8644+ self.delete()
8645+
8646+ def use_menus(self):
8647+ return True
8648+
8649+ def addDialog(self):
8650+ self.dialogClear()
8651+ self.dialog.set_title(_("Add %s" % self.description))
8652+ self.dialog.set_position(gtk.WIN_POS_MOUSE)
8653+
8654+ while self.dialog.run() == gtk.RESPONSE_OK:
8655+ try:
8656+ if self.add() == False:
8657+ continue
8658+ break;
8659+ except ValueError, e:
8660+ self.error(e.args[0])
8661+ self.dialog.hide()
8662+
8663+ def propertiesDialog(self):
8664+ self.dialogInit()
8665+ self.dialog.set_title(_("Modify %s" % self.description))
8666+ self.dialog.set_position(gtk.WIN_POS_MOUSE)
8667+ while self.dialog.run() == gtk.RESPONSE_OK:
8668+ try:
8669+ if self.modify() == False:
8670+ continue
8671+ break;
8672+ except ValueError, e:
8673+ self.error(e.args[0])
8674+ self.dialog.hide()
8675+
8676+ def on_local_clicked(self, button):
8677+ self.local = not self.local
8678+ if self.local:
8679+ button.set_label(_("all"))
8680+ else:
8681+ button.set_label(_("Customized"))
8682+
8683+ self.load(self.filter)
8684+ return True
8685+
8686diff -up policycoreutils-2.1.8/gui/statusPage.py.gui policycoreutils-2.1.8/gui/statusPage.py
8687--- policycoreutils-2.1.8/gui/statusPage.py.gui 2011-11-07 15:12:01.909834235 -0500
8688+++ policycoreutils-2.1.8/gui/statusPage.py 2011-11-07 15:12:01.909834235 -0500
8689@@ -0,0 +1,190 @@
8690+# statusPage.py - show selinux status
8691+## Copyright (C) 2006-2009 Red Hat, Inc.
8692+
8693+## This program is free software; you can redistribute it and/or modify
8694+## it under the terms of the GNU General Public License as published by
8695+## the Free Software Foundation; either version 2 of the License, or
8696+## (at your option) any later version.
8697+
8698+## This program is distributed in the hope that it will be useful,
8699+## but WITHOUT ANY WARRANTY; without even the implied warranty of
8700+## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
8701+## GNU General Public License for more details.
8702+
8703+## You should have received a copy of the GNU General Public License
8704+## along with this program; if not, write to the Free Software
8705+## Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
8706+
8707+## Author: Dan Walsh
8708+import string
8709+import gtk
8710+import gtk.glade
8711+import os
8712+import gobject
8713+import sys
8714+import tempfile
8715+
8716+INSTALLPATH = '/usr/share/system-config-selinux'
8717+sys.path.append(INSTALLPATH)
8718+
8719+import commands
8720+ENFORCING = 1
8721+PERMISSIVE = 0
8722+DISABLED = -1
8723+modearray = ( "disabled", "permissive", "enforcing" )
8724+
8725+SELINUXDIR = "/etc/selinux/"
8726+RELABELFILE = "/.autorelabel"
8727+
8728+##
8729+## I18N
8730+##
8731+PROGNAME="policycoreutils"
8732+import gettext
8733+gettext.bindtextdomain(PROGNAME, "/usr/share/locale")
8734+gettext.textdomain(PROGNAME)
8735+import selinux
8736+try:
8737+ gettext.install(PROGNAME, localedir="/usr/share/locale", unicode=1)
8738+except IOError:
8739+ import __builtin__
8740+ __builtin__.__dict__['_'] = unicode
8741+
8742+class statusPage:
8743+ def __init__(self, xml):
8744+ self.xml = xml
8745+ self.needRelabel = False
8746+
8747+ self.type = selinux.selinux_getpolicytype()
8748+ # Bring in widgets from glade file.
8749+ self.typeHBox = xml.get_widget("typeHBox")
8750+ self.selinuxTypeOptionMenu = xml.get_widget("selinuxTypeOptionMenu")
8751+ self.typeLabel = xml.get_widget("typeLabel")
8752+ self.enabledOptionMenu = xml.get_widget("enabledOptionMenu")
8753+ self.currentOptionMenu = xml.get_widget("currentOptionMenu")
8754+ self.relabel_checkbutton = xml.get_widget("relabelCheckbutton")
8755+ self.relabel_checkbutton.set_active(self.is_relabel())
8756+ self.relabel_checkbutton.connect("toggled", self.on_relabel_toggle)
8757+ if self.get_current_mode() == ENFORCING or self.get_current_mode() == PERMISSIVE:
8758+ self.currentOptionMenu.append_text(_("Permissive"))
8759+ self.currentOptionMenu.append_text(_("Enforcing"))
8760+ self.currentOptionMenu.set_active(self.get_current_mode())
8761+ self.currentOptionMenu.connect("changed", self.set_current_mode)
8762+ self.currentOptionMenu.set_sensitive(True)
8763+ else:
8764+ self.currentOptionMenu.append_text(_("Disabled"))
8765+ self.currentOptionMenu.set_active(0)
8766+ self.currentOptionMenu.set_sensitive(False)
8767+
8768+ if self.read_selinux_config() == None:
8769+ self.selinuxsupport = False
8770+ else:
8771+ self.enabledOptionMenu.connect("changed", self.enabled_changed)
8772+ #
8773+ # This line must come after read_selinux_config
8774+ #
8775+ self.selinuxTypeOptionMenu.connect("changed", self.typemenu_changed)
8776+
8777+ self.typeLabel.set_mnemonic_widget(self.selinuxTypeOptionMenu)
8778+
8779+ def use_menus(self):
8780+ return False
8781+
8782+ def get_description(self):
8783+ return _("Status")
8784+
8785+ def get_current_mode(self):
8786+ if selinux.is_selinux_enabled():
8787+ if selinux.security_getenforce() > 0:
8788+ return ENFORCING
8789+ else:
8790+ return PERMISSIVE
8791+ else:
8792+ return DISABLED
8793+
8794+ def set_current_mode(self,menu):
8795+ selinux.security_setenforce(menu.get_active() == 1)
8796+
8797+ def is_relabel(self):
8798+ return os.access(RELABELFILE, os.F_OK) != 0
8799+
8800+ def on_relabel_toggle(self,button):
8801+ if button.get_active():
8802+ fd = open(RELABELFILE,"w")
8803+ fd.close()
8804+ else:
8805+ if os.access(RELABELFILE, os.F_OK) != 0:
8806+ os.unlink(RELABELFILE)
8807+
8808+ def verify(self, message):
8809+ dlg = gtk.MessageDialog(None, 0, gtk.MESSAGE_INFO,
8810+ gtk.BUTTONS_YES_NO,
8811+ message)
8812+ dlg.set_position(gtk.WIN_POS_MOUSE)
8813+ dlg.show_all()
8814+ rc = dlg.run()
8815+ dlg.destroy()
8816+ return rc
8817+
8818+ def typemenu_changed(self, menu):
8819+ type = self.get_type()
8820+ enabled = self.enabledOptionMenu.get_active()
8821+ if self.initialtype != type:
8822+ if self.verify(_("Changing the policy type will cause a relabel of the entire file system on the next boot. Relabeling takes a long time depending on the size of the file system. Do you wish to continue?")) == gtk.RESPONSE_NO:
8823+ menu.set_active(self.typeHistory)
8824+ return None
8825+
8826+ self.relabel_checkbutton.set_active(True)
8827+
8828+ self.write_selinux_config(modearray[enabled], type )
8829+ self.typeHistory = menu.get_active()
8830+
8831+ def enabled_changed(self, combo):
8832+ enabled = combo.get_active()
8833+ type = self.get_type()
8834+
8835+ if self.initEnabled != DISABLED and enabled == DISABLED:
8836+ if self.verify(_("Changing to SELinux disabled requires a reboot. It is not recommended. If you later decide to turn SELinux back on, the system will be required to relabel. If you just want to see if SELinux is causing a problem on your system, you can go to permissive mode which will only log errors and not enforce SELinux policy. Permissive mode does not require a reboot Do you wish to continue?")) == gtk.RESPONSE_NO:
8837+ combo.set_active(self.enabled)
8838+ return None
8839+
8840+ if self.initEnabled == DISABLED and enabled < 2:
8841+ if self.verify(_("Changing to SELinux enabled will cause a relabel of the entire file system on the next boot. Relabeling takes a long time depending on the size of the file system. Do you wish to continue?")) == gtk.RESPONSE_NO:
8842+ combo.set_active(self.enabled)
8843+ return None
8844+ self.relabel_checkbutton.set_active(True)
8845+
8846+ self.write_selinux_config(modearray[enabled], type )
8847+ self.enabled = enabled
8848+
8849+ def write_selinux_config(self, enforcing, type):
8850+ import commands
8851+ commands.getstatusoutput("/usr/sbin/lokkit --selinuxtype=%s --selinux=%s" % (type, enforcing))
8852+
8853+ def read_selinux_config(self):
8854+ self.initialtype = selinux.selinux_getpolicytype()[1]
8855+ self.initEnabled = selinux.selinux_getenforcemode()[1]
8856+ self.enabled = self.initEnabled
8857+ self.enabledOptionMenu.set_active(self.enabled + 1 )
8858+
8859+ self.types = []
8860+
8861+ n = 0
8862+ current = n
8863+
8864+ for i in os.listdir(SELINUXDIR):
8865+ if os.path.isdir(SELINUXDIR+i) and os.path.isdir(SELINUXDIR+i+"/policy"):
8866+ self.types.append(i)
8867+ self.selinuxTypeOptionMenu.append_text(i)
8868+ if i == self.initialtype:
8869+ current = n
8870+ n = n+1
8871+ self.selinuxTypeOptionMenu.set_active(current)
8872+ self.typeHistory = current
8873+
8874+ return 0
8875+
8876+ def get_type(self):
8877+ return self.types[self.selinuxTypeOptionMenu.get_active()]
8878+
8879+
8880diff -up policycoreutils-2.1.8/gui/system-config-selinux.glade.gui policycoreutils-2.1.8/gui/system-config-selinux.glade
8881--- policycoreutils-2.1.8/gui/system-config-selinux.glade.gui 2011-11-07 15:12:01.913834238 -0500
8882+++ policycoreutils-2.1.8/gui/system-config-selinux.glade 2011-11-07 15:12:01.913834238 -0500
8883@@ -0,0 +1,3024 @@
8884+<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*-->
8885+<!DOCTYPE glade-interface SYSTEM "http://glade.gnome.org/glade-2.0.dtd">
8886+
8887+<glade-interface>
8888+<requires lib="gnome"/>
8889+<requires lib="bonobo"/>
8890+
8891+<widget class="GtkAboutDialog" id="aboutWindow">
8892+ <property name="border_width">5</property>
8893+ <property name="destroy_with_parent">False</property>
8894+ <property name="name" translatable="yes">system-config-selinux</property>
8895+ <property name="copyright" translatable="yes">Copyright (c)2006 Red Hat, Inc.
8896+Copyright (c) 2006 Dan Walsh &lt;dwalsh@redhat.com&gt;</property>
8897+ <property name="wrap_license">False</property>
8898+ <property name="authors">Daniel Walsh &lt;dwalsh@redhat.com&gt;
8899+</property>
8900+ <property name="translator_credits" translatable="yes" comments="TRANSLATORS: Replace this string with your names, one name per line.">translator-credits</property>
8901+ <property name="logo">system-config-selinux.png</property>
8902+</widget>
8903+
8904+<widget class="GtkDialog" id="loginsDialog">
8905+ <property name="title" translatable="yes">Add SELinux Login Mapping</property>
8906+ <property name="type">GTK_WINDOW_TOPLEVEL</property>
8907+ <property name="window_position">GTK_WIN_POS_NONE</property>
8908+ <property name="modal">False</property>
8909+ <property name="resizable">True</property>
8910+ <property name="destroy_with_parent">False</property>
8911+ <property name="decorated">True</property>
8912+ <property name="skip_taskbar_hint">False</property>
8913+ <property name="skip_pager_hint">False</property>
8914+ <property name="type_hint">GDK_WINDOW_TYPE_HINT_DIALOG</property>
8915+ <property name="gravity">GDK_GRAVITY_NORTH_WEST</property>
8916+ <property name="focus_on_map">True</property>
8917+ <property name="urgency_hint">False</property>
8918+ <property name="has_separator">True</property>
8919+
8920+ <child internal-child="vbox">
8921+ <widget class="GtkVBox" id="dialog-vbox1">
8922+ <property name="visible">True</property>
8923+ <property name="homogeneous">False</property>
8924+ <property name="spacing">0</property>
8925+
8926+ <child internal-child="action_area">
8927+ <widget class="GtkHButtonBox" id="dialog-action_area1">
8928+ <property name="visible">True</property>
8929+ <property name="layout_style">GTK_BUTTONBOX_END</property>
8930+
8931+ <child>
8932+ <widget class="GtkButton" id="cancelbutton1">
8933+ <property name="visible">True</property>
8934+ <property name="can_default">True</property>
8935+ <property name="can_focus">True</property>
8936+ <property name="label">gtk-cancel</property>
8937+ <property name="use_stock">True</property>
8938+ <property name="relief">GTK_RELIEF_NORMAL</property>
8939+ <property name="focus_on_click">True</property>
8940+ <property name="response_id">-6</property>
8941+ </widget>
8942+ </child>
8943+
8944+ <child>
8945+ <widget class="GtkButton" id="okbutton1">
8946+ <property name="visible">True</property>
8947+ <property name="can_default">True</property>
8948+ <property name="can_focus">True</property>
8949+ <property name="label">gtk-ok</property>
8950+ <property name="use_stock">True</property>
8951+ <property name="relief">GTK_RELIEF_NORMAL</property>
8952+ <property name="focus_on_click">True</property>
8953+ <property name="response_id">-5</property>
8954+ </widget>
8955+ </child>
8956+ </widget>
8957+ <packing>
8958+ <property name="padding">0</property>
8959+ <property name="expand">False</property>
8960+ <property name="fill">True</property>
8961+ <property name="pack_type">GTK_PACK_END</property>
8962+ </packing>
8963+ </child>
8964+
8965+ <child>
8966+ <widget class="GtkVBox" id="vbox2">
8967+ <property name="visible">True</property>
8968+ <property name="homogeneous">False</property>
8969+ <property name="spacing">0</property>
8970+
8971+ <child>
8972+ <widget class="GtkTable" id="table1">
8973+ <property name="visible">True</property>
8974+ <property name="n_rows">3</property>
8975+ <property name="n_columns">2</property>
8976+ <property name="homogeneous">False</property>
8977+ <property name="row_spacing">4</property>
8978+ <property name="column_spacing">6</property>
8979+
8980+ <child>
8981+ <widget class="GtkLabel" id="label15">
8982+ <property name="visible">True</property>
8983+ <property name="label" translatable="yes">Login Name</property>
8984+ <property name="use_underline">False</property>
8985+ <property name="use_markup">False</property>
8986+ <property name="justify">GTK_JUSTIFY_LEFT</property>
8987+ <property name="wrap">False</property>
8988+ <property name="selectable">False</property>
8989+ <property name="xalign">0</property>
8990+ <property name="yalign">0.5</property>
8991+ <property name="xpad">0</property>
8992+ <property name="ypad">0</property>
8993+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
8994+ <property name="width_chars">-1</property>
8995+ <property name="single_line_mode">False</property>
8996+ <property name="angle">0</property>
8997+ </widget>
8998+ <packing>
8999+ <property name="left_attach">0</property>
9000+ <property name="right_attach">1</property>
9001+ <property name="top_attach">0</property>
9002+ <property name="bottom_attach">1</property>
9003+ <property name="x_options">fill</property>
9004+ <property name="y_options"></property>
9005+ </packing>
9006+ </child>
9007+
9008+ <child>
9009+ <widget class="GtkLabel" id="label16">
9010+ <property name="visible">True</property>
9011+ <property name="label" translatable="yes">SELinux User</property>
9012+ <property name="use_underline">False</property>
9013+ <property name="use_markup">False</property>
9014+ <property name="justify">GTK_JUSTIFY_LEFT</property>
9015+ <property name="wrap">False</property>
9016+ <property name="selectable">False</property>
9017+ <property name="xalign">0</property>
9018+ <property name="yalign">0.5</property>
9019+ <property name="xpad">0</property>
9020+ <property name="ypad">0</property>
9021+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
9022+ <property name="width_chars">-1</property>
9023+ <property name="single_line_mode">False</property>
9024+ <property name="angle">0</property>
9025+ </widget>
9026+ <packing>
9027+ <property name="left_attach">0</property>
9028+ <property name="right_attach">1</property>
9029+ <property name="top_attach">1</property>
9030+ <property name="bottom_attach">2</property>
9031+ <property name="x_options">fill</property>
9032+ <property name="y_options"></property>
9033+ </packing>
9034+ </child>
9035+
9036+ <child>
9037+ <widget class="GtkLabel" id="label17">
9038+ <property name="visible">True</property>
9039+ <property name="label" translatable="yes">MLS/MCS Range</property>
9040+ <property name="use_underline">False</property>
9041+ <property name="use_markup">False</property>
9042+ <property name="justify">GTK_JUSTIFY_LEFT</property>
9043+ <property name="wrap">False</property>
9044+ <property name="selectable">False</property>
9045+ <property name="xalign">0</property>
9046+ <property name="yalign">0.5</property>
9047+ <property name="xpad">0</property>
9048+ <property name="ypad">0</property>
9049+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
9050+ <property name="width_chars">-1</property>
9051+ <property name="single_line_mode">False</property>
9052+ <property name="angle">0</property>
9053+ </widget>
9054+ <packing>
9055+ <property name="left_attach">0</property>
9056+ <property name="right_attach">1</property>
9057+ <property name="top_attach">2</property>
9058+ <property name="bottom_attach">3</property>
9059+ <property name="x_options">fill</property>
9060+ <property name="y_options"></property>
9061+ </packing>
9062+ </child>
9063+
9064+ <child>
9065+ <widget class="GtkEntry" id="loginsNameEntry">
9066+ <property name="visible">True</property>
9067+ <property name="can_focus">True</property>
9068+ <property name="editable">True</property>
9069+ <property name="visibility">True</property>
9070+ <property name="max_length">0</property>
9071+ <property name="text" translatable="yes"></property>
9072+ <property name="has_frame">True</property>
9073+ <property name="invisible_char">*</property>
9074+ <property name="activates_default">False</property>
9075+ </widget>
9076+ <packing>
9077+ <property name="left_attach">1</property>
9078+ <property name="right_attach">2</property>
9079+ <property name="top_attach">0</property>
9080+ <property name="bottom_attach">1</property>
9081+ <property name="y_options"></property>
9082+ </packing>
9083+ </child>
9084+
9085+ <child>
9086+ <widget class="GtkComboBox" id="loginsSelinuxUserCombo">
9087+ <property name="visible">True</property>
9088+ <property name="add_tearoffs">False</property>
9089+ <property name="focus_on_click">True</property>
9090+ </widget>
9091+ <packing>
9092+ <property name="left_attach">1</property>
9093+ <property name="right_attach">2</property>
9094+ <property name="top_attach">1</property>
9095+ <property name="bottom_attach">2</property>
9096+ <property name="x_options">fill</property>
9097+ <property name="y_options">fill</property>
9098+ </packing>
9099+ </child>
9100+
9101+ <child>
9102+ <widget class="GtkEntry" id="loginsMLSEntry">
9103+ <property name="visible">True</property>
9104+ <property name="can_focus">True</property>
9105+ <property name="editable">True</property>
9106+ <property name="visibility">True</property>
9107+ <property name="max_length">0</property>
9108+ <property name="text" translatable="yes"></property>
9109+ <property name="has_frame">True</property>
9110+ <property name="invisible_char">*</property>
9111+ <property name="activates_default">False</property>
9112+ </widget>
9113+ <packing>
9114+ <property name="left_attach">1</property>
9115+ <property name="right_attach">2</property>
9116+ <property name="top_attach">2</property>
9117+ <property name="bottom_attach">3</property>
9118+ <property name="y_options"></property>
9119+ </packing>
9120+ </child>
9121+ </widget>
9122+ <packing>
9123+ <property name="padding">5</property>
9124+ <property name="expand">True</property>
9125+ <property name="fill">True</property>
9126+ </packing>
9127+ </child>
9128+ </widget>
9129+ <packing>
9130+ <property name="padding">0</property>
9131+ <property name="expand">True</property>
9132+ <property name="fill">True</property>
9133+ </packing>
9134+ </child>
9135+ </widget>
9136+ </child>
9137+</widget>
9138+
9139+<widget class="GtkDialog" id="portsDialog">
9140+ <property name="title" translatable="yes">Add SELinux Network Ports</property>
9141+ <property name="type">GTK_WINDOW_TOPLEVEL</property>
9142+ <property name="window_position">GTK_WIN_POS_NONE</property>
9143+ <property name="modal">False</property>
9144+ <property name="resizable">True</property>
9145+ <property name="destroy_with_parent">False</property>
9146+ <property name="decorated">True</property>
9147+ <property name="skip_taskbar_hint">False</property>
9148+ <property name="skip_pager_hint">False</property>
9149+ <property name="type_hint">GDK_WINDOW_TYPE_HINT_DIALOG</property>
9150+ <property name="gravity">GDK_GRAVITY_NORTH_WEST</property>
9151+ <property name="focus_on_map">True</property>
9152+ <property name="urgency_hint">False</property>
9153+ <property name="has_separator">True</property>
9154+
9155+ <child internal-child="vbox">
9156+ <widget class="GtkVBox" id="vbox3">
9157+ <property name="visible">True</property>
9158+ <property name="homogeneous">False</property>
9159+ <property name="spacing">0</property>
9160+
9161+ <child internal-child="action_area">
9162+ <widget class="GtkHButtonBox" id="hbuttonbox1">
9163+ <property name="visible">True</property>
9164+ <property name="layout_style">GTK_BUTTONBOX_END</property>
9165+
9166+ <child>
9167+ <widget class="GtkButton" id="button1">
9168+ <property name="visible">True</property>
9169+ <property name="can_default">True</property>
9170+ <property name="can_focus">True</property>
9171+ <property name="label">gtk-cancel</property>
9172+ <property name="use_stock">True</property>
9173+ <property name="relief">GTK_RELIEF_NORMAL</property>
9174+ <property name="focus_on_click">True</property>
9175+ <property name="response_id">-6</property>
9176+ </widget>
9177+ </child>
9178+
9179+ <child>
9180+ <widget class="GtkButton" id="button2">
9181+ <property name="visible">True</property>
9182+ <property name="can_default">True</property>
9183+ <property name="can_focus">True</property>
9184+ <property name="label">gtk-ok</property>
9185+ <property name="use_stock">True</property>
9186+ <property name="relief">GTK_RELIEF_NORMAL</property>
9187+ <property name="focus_on_click">True</property>
9188+ <property name="response_id">-5</property>
9189+ </widget>
9190+ </child>
9191+ </widget>
9192+ <packing>
9193+ <property name="padding">0</property>
9194+ <property name="expand">False</property>
9195+ <property name="fill">True</property>
9196+ <property name="pack_type">GTK_PACK_END</property>
9197+ </packing>
9198+ </child>
9199+
9200+ <child>
9201+ <widget class="GtkVBox" id="vbox4">
9202+ <property name="visible">True</property>
9203+ <property name="homogeneous">False</property>
9204+ <property name="spacing">0</property>
9205+
9206+ <child>
9207+ <widget class="GtkTable" id="table2">
9208+ <property name="visible">True</property>
9209+ <property name="n_rows">4</property>
9210+ <property name="n_columns">2</property>
9211+ <property name="homogeneous">False</property>
9212+ <property name="row_spacing">4</property>
9213+ <property name="column_spacing">6</property>
9214+
9215+ <child>
9216+ <widget class="GtkLabel" id="label18">
9217+ <property name="visible">True</property>
9218+ <property name="label" translatable="yes">Port Number</property>
9219+ <property name="use_underline">False</property>
9220+ <property name="use_markup">False</property>
9221+ <property name="justify">GTK_JUSTIFY_LEFT</property>
9222+ <property name="wrap">False</property>
9223+ <property name="selectable">False</property>
9224+ <property name="xalign">0</property>
9225+ <property name="yalign">0.5</property>
9226+ <property name="xpad">0</property>
9227+ <property name="ypad">0</property>
9228+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
9229+ <property name="width_chars">-1</property>
9230+ <property name="single_line_mode">False</property>
9231+ <property name="angle">0</property>
9232+ </widget>
9233+ <packing>
9234+ <property name="left_attach">0</property>
9235+ <property name="right_attach">1</property>
9236+ <property name="top_attach">0</property>
9237+ <property name="bottom_attach">1</property>
9238+ <property name="x_options">fill</property>
9239+ <property name="y_options"></property>
9240+ </packing>
9241+ </child>
9242+
9243+ <child>
9244+ <widget class="GtkLabel" id="label19">
9245+ <property name="visible">True</property>
9246+ <property name="label" translatable="yes">Protocol</property>
9247+ <property name="use_underline">False</property>
9248+ <property name="use_markup">False</property>
9249+ <property name="justify">GTK_JUSTIFY_LEFT</property>
9250+ <property name="wrap">False</property>
9251+ <property name="selectable">False</property>
9252+ <property name="xalign">0</property>
9253+ <property name="yalign">0.5</property>
9254+ <property name="xpad">0</property>
9255+ <property name="ypad">0</property>
9256+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
9257+ <property name="width_chars">-1</property>
9258+ <property name="single_line_mode">False</property>
9259+ <property name="angle">0</property>
9260+ </widget>
9261+ <packing>
9262+ <property name="left_attach">0</property>
9263+ <property name="right_attach">1</property>
9264+ <property name="top_attach">1</property>
9265+ <property name="bottom_attach">2</property>
9266+ <property name="x_options">fill</property>
9267+ <property name="y_options"></property>
9268+ </packing>
9269+ </child>
9270+
9271+ <child>
9272+ <widget class="GtkLabel" id="label20">
9273+ <property name="visible">True</property>
9274+ <property name="label" translatable="yes">SELinux Type</property>
9275+ <property name="use_underline">False</property>
9276+ <property name="use_markup">False</property>
9277+ <property name="justify">GTK_JUSTIFY_LEFT</property>
9278+ <property name="wrap">False</property>
9279+ <property name="selectable">False</property>
9280+ <property name="xalign">0</property>
9281+ <property name="yalign">0.5</property>
9282+ <property name="xpad">0</property>
9283+ <property name="ypad">0</property>
9284+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
9285+ <property name="width_chars">-1</property>
9286+ <property name="single_line_mode">False</property>
9287+ <property name="angle">0</property>
9288+ </widget>
9289+ <packing>
9290+ <property name="left_attach">0</property>
9291+ <property name="right_attach">1</property>
9292+ <property name="top_attach">2</property>
9293+ <property name="bottom_attach">3</property>
9294+ <property name="x_options">fill</property>
9295+ <property name="y_options"></property>
9296+ </packing>
9297+ </child>
9298+
9299+ <child>
9300+ <widget class="GtkEntry" id="portsNumberEntry">
9301+ <property name="visible">True</property>
9302+ <property name="can_focus">True</property>
9303+ <property name="editable">True</property>
9304+ <property name="visibility">True</property>
9305+ <property name="max_length">0</property>
9306+ <property name="text" translatable="yes"></property>
9307+ <property name="has_frame">True</property>
9308+ <property name="invisible_char">*</property>
9309+ <property name="activates_default">False</property>
9310+ </widget>
9311+ <packing>
9312+ <property name="left_attach">1</property>
9313+ <property name="right_attach">2</property>
9314+ <property name="top_attach">0</property>
9315+ <property name="bottom_attach">1</property>
9316+ <property name="y_options"></property>
9317+ </packing>
9318+ </child>
9319+
9320+ <child>
9321+ <widget class="GtkComboBox" id="portsProtocolCombo">
9322+ <property name="visible">True</property>
9323+ <property name="items">tcp
9324+udp</property>
9325+ <property name="add_tearoffs">False</property>
9326+ <property name="focus_on_click">True</property>
9327+ </widget>
9328+ <packing>
9329+ <property name="left_attach">1</property>
9330+ <property name="right_attach">2</property>
9331+ <property name="top_attach">1</property>
9332+ <property name="bottom_attach">2</property>
9333+ <property name="x_options">fill</property>
9334+ <property name="y_options">fill</property>
9335+ </packing>
9336+ </child>
9337+
9338+ <child>
9339+ <widget class="GtkEntry" id="portsNameEntry">
9340+ <property name="visible">True</property>
9341+ <property name="can_focus">True</property>
9342+ <property name="editable">True</property>
9343+ <property name="visibility">True</property>
9344+ <property name="max_length">0</property>
9345+ <property name="text" translatable="yes"></property>
9346+ <property name="has_frame">True</property>
9347+ <property name="invisible_char">*</property>
9348+ <property name="activates_default">False</property>
9349+ </widget>
9350+ <packing>
9351+ <property name="left_attach">1</property>
9352+ <property name="right_attach">2</property>
9353+ <property name="top_attach">2</property>
9354+ <property name="bottom_attach">3</property>
9355+ <property name="y_options"></property>
9356+ </packing>
9357+ </child>
9358+
9359+ <child>
9360+ <widget class="GtkLabel" id="label21">
9361+ <property name="visible">True</property>
9362+ <property name="label" translatable="yes">MLS/MCS
9363+Level</property>
9364+ <property name="use_underline">False</property>
9365+ <property name="use_markup">False</property>
9366+ <property name="justify">GTK_JUSTIFY_LEFT</property>
9367+ <property name="wrap">False</property>
9368+ <property name="selectable">False</property>
9369+ <property name="xalign">0</property>
9370+ <property name="yalign">0.5</property>
9371+ <property name="xpad">0</property>
9372+ <property name="ypad">0</property>
9373+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
9374+ <property name="width_chars">-1</property>
9375+ <property name="single_line_mode">False</property>
9376+ <property name="angle">0</property>
9377+ </widget>
9378+ <packing>
9379+ <property name="left_attach">0</property>
9380+ <property name="right_attach">1</property>
9381+ <property name="top_attach">3</property>
9382+ <property name="bottom_attach">4</property>
9383+ <property name="x_options">fill</property>
9384+ <property name="y_options"></property>
9385+ </packing>
9386+ </child>
9387+
9388+ <child>
9389+ <widget class="GtkEntry" id="portsMLSEntry">
9390+ <property name="visible">True</property>
9391+ <property name="can_focus">True</property>
9392+ <property name="editable">True</property>
9393+ <property name="visibility">True</property>
9394+ <property name="max_length">0</property>
9395+ <property name="text" translatable="yes"></property>
9396+ <property name="has_frame">True</property>
9397+ <property name="invisible_char">*</property>
9398+ <property name="activates_default">False</property>
9399+ </widget>
9400+ <packing>
9401+ <property name="left_attach">1</property>
9402+ <property name="right_attach">2</property>
9403+ <property name="top_attach">3</property>
9404+ <property name="bottom_attach">4</property>
9405+ <property name="y_options"></property>
9406+ </packing>
9407+ </child>
9408+ </widget>
9409+ <packing>
9410+ <property name="padding">5</property>
9411+ <property name="expand">True</property>
9412+ <property name="fill">True</property>
9413+ </packing>
9414+ </child>
9415+ </widget>
9416+ <packing>
9417+ <property name="padding">0</property>
9418+ <property name="expand">True</property>
9419+ <property name="fill">True</property>
9420+ </packing>
9421+ </child>
9422+ </widget>
9423+ </child>
9424+</widget>
9425+
9426+<widget class="GtkDialog" id="fcontextDialog">
9427+ <property name="title" translatable="yes">Add SELinux Login Mapping</property>
9428+ <property name="type">GTK_WINDOW_TOPLEVEL</property>
9429+ <property name="window_position">GTK_WIN_POS_NONE</property>
9430+ <property name="modal">False</property>
9431+ <property name="resizable">True</property>
9432+ <property name="destroy_with_parent">False</property>
9433+ <property name="decorated">True</property>
9434+ <property name="skip_taskbar_hint">False</property>
9435+ <property name="skip_pager_hint">False</property>
9436+ <property name="type_hint">GDK_WINDOW_TYPE_HINT_DIALOG</property>
9437+ <property name="gravity">GDK_GRAVITY_NORTH_WEST</property>
9438+ <property name="focus_on_map">True</property>
9439+ <property name="urgency_hint">False</property>
9440+ <property name="has_separator">True</property>
9441+
9442+ <child internal-child="vbox">
9443+ <widget class="GtkVBox" id="vbox7">
9444+ <property name="visible">True</property>
9445+ <property name="homogeneous">False</property>
9446+ <property name="spacing">0</property>
9447+
9448+ <child internal-child="action_area">
9449+ <widget class="GtkHButtonBox" id="hbuttonbox3">
9450+ <property name="visible">True</property>
9451+ <property name="layout_style">GTK_BUTTONBOX_END</property>
9452+
9453+ <child>
9454+ <widget class="GtkButton" id="button5">
9455+ <property name="visible">True</property>
9456+ <property name="can_default">True</property>
9457+ <property name="can_focus">True</property>
9458+ <property name="label">gtk-cancel</property>
9459+ <property name="use_stock">True</property>
9460+ <property name="relief">GTK_RELIEF_NORMAL</property>
9461+ <property name="focus_on_click">True</property>
9462+ <property name="response_id">-6</property>
9463+ </widget>
9464+ </child>
9465+
9466+ <child>
9467+ <widget class="GtkButton" id="button6">
9468+ <property name="visible">True</property>
9469+ <property name="can_default">True</property>
9470+ <property name="can_focus">True</property>
9471+ <property name="label">gtk-ok</property>
9472+ <property name="use_stock">True</property>
9473+ <property name="relief">GTK_RELIEF_NORMAL</property>
9474+ <property name="focus_on_click">True</property>
9475+ <property name="response_id">-5</property>
9476+ </widget>
9477+ </child>
9478+ </widget>
9479+ <packing>
9480+ <property name="padding">0</property>
9481+ <property name="expand">False</property>
9482+ <property name="fill">True</property>
9483+ <property name="pack_type">GTK_PACK_END</property>
9484+ </packing>
9485+ </child>
9486+
9487+ <child>
9488+ <widget class="GtkVBox" id="vbox8">
9489+ <property name="visible">True</property>
9490+ <property name="homogeneous">False</property>
9491+ <property name="spacing">0</property>
9492+
9493+ <child>
9494+ <widget class="GtkTable" id="table4">
9495+ <property name="visible">True</property>
9496+ <property name="n_rows">4</property>
9497+ <property name="n_columns">2</property>
9498+ <property name="homogeneous">False</property>
9499+ <property name="row_spacing">4</property>
9500+ <property name="column_spacing">6</property>
9501+
9502+ <child>
9503+ <widget class="GtkLabel" id="label25">
9504+ <property name="visible">True</property>
9505+ <property name="label" translatable="yes">File Specification</property>
9506+ <property name="use_underline">False</property>
9507+ <property name="use_markup">False</property>
9508+ <property name="justify">GTK_JUSTIFY_LEFT</property>
9509+ <property name="wrap">False</property>
9510+ <property name="selectable">False</property>
9511+ <property name="xalign">0</property>
9512+ <property name="yalign">0.5</property>
9513+ <property name="xpad">0</property>
9514+ <property name="ypad">0</property>
9515+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
9516+ <property name="width_chars">-1</property>
9517+ <property name="single_line_mode">False</property>
9518+ <property name="angle">0</property>
9519+ </widget>
9520+ <packing>
9521+ <property name="left_attach">0</property>
9522+ <property name="right_attach">1</property>
9523+ <property name="top_attach">0</property>
9524+ <property name="bottom_attach">1</property>
9525+ <property name="x_options">fill</property>
9526+ <property name="y_options"></property>
9527+ </packing>
9528+ </child>
9529+
9530+ <child>
9531+ <widget class="GtkLabel" id="label26">
9532+ <property name="visible">True</property>
9533+ <property name="label" translatable="yes">File Type</property>
9534+ <property name="use_underline">False</property>
9535+ <property name="use_markup">False</property>
9536+ <property name="justify">GTK_JUSTIFY_LEFT</property>
9537+ <property name="wrap">False</property>
9538+ <property name="selectable">False</property>
9539+ <property name="xalign">0</property>
9540+ <property name="yalign">0.5</property>
9541+ <property name="xpad">0</property>
9542+ <property name="ypad">0</property>
9543+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
9544+ <property name="width_chars">-1</property>
9545+ <property name="single_line_mode">False</property>
9546+ <property name="angle">0</property>
9547+ </widget>
9548+ <packing>
9549+ <property name="left_attach">0</property>
9550+ <property name="right_attach">1</property>
9551+ <property name="top_attach">1</property>
9552+ <property name="bottom_attach">2</property>
9553+ <property name="x_options">fill</property>
9554+ <property name="y_options"></property>
9555+ </packing>
9556+ </child>
9557+
9558+ <child>
9559+ <widget class="GtkLabel" id="label27">
9560+ <property name="visible">True</property>
9561+ <property name="label" translatable="yes">SELinux Type</property>
9562+ <property name="use_underline">False</property>
9563+ <property name="use_markup">False</property>
9564+ <property name="justify">GTK_JUSTIFY_LEFT</property>
9565+ <property name="wrap">False</property>
9566+ <property name="selectable">False</property>
9567+ <property name="xalign">0</property>
9568+ <property name="yalign">0.5</property>
9569+ <property name="xpad">0</property>
9570+ <property name="ypad">0</property>
9571+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
9572+ <property name="width_chars">-1</property>
9573+ <property name="single_line_mode">False</property>
9574+ <property name="angle">0</property>
9575+ </widget>
9576+ <packing>
9577+ <property name="left_attach">0</property>
9578+ <property name="right_attach">1</property>
9579+ <property name="top_attach">2</property>
9580+ <property name="bottom_attach">3</property>
9581+ <property name="x_options">fill</property>
9582+ <property name="y_options"></property>
9583+ </packing>
9584+ </child>
9585+
9586+ <child>
9587+ <widget class="GtkEntry" id="fcontextEntry">
9588+ <property name="visible">True</property>
9589+ <property name="can_focus">True</property>
9590+ <property name="editable">True</property>
9591+ <property name="visibility">True</property>
9592+ <property name="max_length">0</property>
9593+ <property name="text" translatable="yes"></property>
9594+ <property name="has_frame">True</property>
9595+ <property name="invisible_char">*</property>
9596+ <property name="activates_default">False</property>
9597+ </widget>
9598+ <packing>
9599+ <property name="left_attach">1</property>
9600+ <property name="right_attach">2</property>
9601+ <property name="top_attach">0</property>
9602+ <property name="bottom_attach">1</property>
9603+ <property name="y_options"></property>
9604+ </packing>
9605+ </child>
9606+
9607+ <child>
9608+ <widget class="GtkComboBox" id="fcontextFileTypeCombo">
9609+ <property name="visible">True</property>
9610+ <property name="items" translatable="yes">all files
9611+regular file
9612+directory
9613+character device
9614+block device
9615+socket
9616+symbolic link
9617+named pipe
9618+</property>
9619+ <property name="add_tearoffs">False</property>
9620+ <property name="focus_on_click">True</property>
9621+ </widget>
9622+ <packing>
9623+ <property name="left_attach">1</property>
9624+ <property name="right_attach">2</property>
9625+ <property name="top_attach">1</property>
9626+ <property name="bottom_attach">2</property>
9627+ <property name="x_options">fill</property>
9628+ <property name="y_options">fill</property>
9629+ </packing>
9630+ </child>
9631+
9632+ <child>
9633+ <widget class="GtkEntry" id="fcontextTypeEntry">
9634+ <property name="visible">True</property>
9635+ <property name="can_focus">True</property>
9636+ <property name="editable">True</property>
9637+ <property name="visibility">True</property>
9638+ <property name="max_length">0</property>
9639+ <property name="text" translatable="yes"></property>
9640+ <property name="has_frame">True</property>
9641+ <property name="invisible_char">*</property>
9642+ <property name="activates_default">False</property>
9643+ </widget>
9644+ <packing>
9645+ <property name="left_attach">1</property>
9646+ <property name="right_attach">2</property>
9647+ <property name="top_attach">2</property>
9648+ <property name="bottom_attach">3</property>
9649+ <property name="y_options"></property>
9650+ </packing>
9651+ </child>
9652+
9653+ <child>
9654+ <widget class="GtkLabel" id="label31">
9655+ <property name="visible">True</property>
9656+ <property name="label" translatable="yes">MLS</property>
9657+ <property name="use_underline">False</property>
9658+ <property name="use_markup">False</property>
9659+ <property name="justify">GTK_JUSTIFY_LEFT</property>
9660+ <property name="wrap">False</property>
9661+ <property name="selectable">False</property>
9662+ <property name="xalign">0</property>
9663+ <property name="yalign">0.5</property>
9664+ <property name="xpad">0</property>
9665+ <property name="ypad">0</property>
9666+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
9667+ <property name="width_chars">-1</property>
9668+ <property name="single_line_mode">False</property>
9669+ <property name="angle">0</property>
9670+ </widget>
9671+ <packing>
9672+ <property name="left_attach">0</property>
9673+ <property name="right_attach">1</property>
9674+ <property name="top_attach">3</property>
9675+ <property name="bottom_attach">4</property>
9676+ <property name="x_options">fill</property>
9677+ <property name="y_options"></property>
9678+ </packing>
9679+ </child>
9680+
9681+ <child>
9682+ <widget class="GtkEntry" id="fcontextMLSEntry">
9683+ <property name="visible">True</property>
9684+ <property name="can_focus">True</property>
9685+ <property name="editable">True</property>
9686+ <property name="visibility">True</property>
9687+ <property name="max_length">0</property>
9688+ <property name="text" translatable="yes"></property>
9689+ <property name="has_frame">True</property>
9690+ <property name="invisible_char">*</property>
9691+ <property name="activates_default">False</property>
9692+ </widget>
9693+ <packing>
9694+ <property name="left_attach">1</property>
9695+ <property name="right_attach">2</property>
9696+ <property name="top_attach">3</property>
9697+ <property name="bottom_attach">4</property>
9698+ <property name="y_options"></property>
9699+ </packing>
9700+ </child>
9701+ </widget>
9702+ <packing>
9703+ <property name="padding">5</property>
9704+ <property name="expand">True</property>
9705+ <property name="fill">True</property>
9706+ </packing>
9707+ </child>
9708+ </widget>
9709+ <packing>
9710+ <property name="padding">0</property>
9711+ <property name="expand">True</property>
9712+ <property name="fill">True</property>
9713+ </packing>
9714+ </child>
9715+ </widget>
9716+ </child>
9717+</widget>
9718+
9719+<widget class="GtkDialog" id="usersDialog">
9720+ <property name="title" translatable="yes">Add SELinux User</property>
9721+ <property name="type">GTK_WINDOW_TOPLEVEL</property>
9722+ <property name="window_position">GTK_WIN_POS_NONE</property>
9723+ <property name="modal">False</property>
9724+ <property name="resizable">True</property>
9725+ <property name="destroy_with_parent">False</property>
9726+ <property name="decorated">True</property>
9727+ <property name="skip_taskbar_hint">False</property>
9728+ <property name="skip_pager_hint">False</property>
9729+ <property name="type_hint">GDK_WINDOW_TYPE_HINT_DIALOG</property>
9730+ <property name="gravity">GDK_GRAVITY_NORTH_WEST</property>
9731+ <property name="focus_on_map">True</property>
9732+ <property name="urgency_hint">False</property>
9733+ <property name="has_separator">True</property>
9734+
9735+ <child internal-child="vbox">
9736+ <widget class="GtkVBox" id="vbox9">
9737+ <property name="visible">True</property>
9738+ <property name="homogeneous">False</property>
9739+ <property name="spacing">0</property>
9740+
9741+ <child internal-child="action_area">
9742+ <widget class="GtkHButtonBox" id="hbuttonbox4">
9743+ <property name="visible">True</property>
9744+ <property name="layout_style">GTK_BUTTONBOX_END</property>
9745+
9746+ <child>
9747+ <widget class="GtkButton" id="button7">
9748+ <property name="visible">True</property>
9749+ <property name="can_default">True</property>
9750+ <property name="can_focus">True</property>
9751+ <property name="label">gtk-cancel</property>
9752+ <property name="use_stock">True</property>
9753+ <property name="relief">GTK_RELIEF_NORMAL</property>
9754+ <property name="focus_on_click">True</property>
9755+ <property name="response_id">-6</property>
9756+ </widget>
9757+ </child>
9758+
9759+ <child>
9760+ <widget class="GtkButton" id="button8">
9761+ <property name="visible">True</property>
9762+ <property name="can_default">True</property>
9763+ <property name="can_focus">True</property>
9764+ <property name="label">gtk-ok</property>
9765+ <property name="use_stock">True</property>
9766+ <property name="relief">GTK_RELIEF_NORMAL</property>
9767+ <property name="focus_on_click">True</property>
9768+ <property name="response_id">-5</property>
9769+ </widget>
9770+ </child>
9771+ </widget>
9772+ <packing>
9773+ <property name="padding">0</property>
9774+ <property name="expand">False</property>
9775+ <property name="fill">True</property>
9776+ <property name="pack_type">GTK_PACK_END</property>
9777+ </packing>
9778+ </child>
9779+
9780+ <child>
9781+ <widget class="GtkVBox" id="vbox10">
9782+ <property name="visible">True</property>
9783+ <property name="homogeneous">False</property>
9784+ <property name="spacing">0</property>
9785+
9786+ <child>
9787+ <widget class="GtkTable" id="table5">
9788+ <property name="visible">True</property>
9789+ <property name="n_rows">3</property>
9790+ <property name="n_columns">2</property>
9791+ <property name="homogeneous">False</property>
9792+ <property name="row_spacing">4</property>
9793+ <property name="column_spacing">6</property>
9794+
9795+ <child>
9796+ <widget class="GtkLabel" id="label32">
9797+ <property name="visible">True</property>
9798+ <property name="label" translatable="yes">SELinux User</property>
9799+ <property name="use_underline">False</property>
9800+ <property name="use_markup">False</property>
9801+ <property name="justify">GTK_JUSTIFY_LEFT</property>
9802+ <property name="wrap">False</property>
9803+ <property name="selectable">False</property>
9804+ <property name="xalign">0</property>
9805+ <property name="yalign">0.5</property>
9806+ <property name="xpad">0</property>
9807+ <property name="ypad">0</property>
9808+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
9809+ <property name="width_chars">-1</property>
9810+ <property name="single_line_mode">False</property>
9811+ <property name="angle">0</property>
9812+ </widget>
9813+ <packing>
9814+ <property name="left_attach">0</property>
9815+ <property name="right_attach">1</property>
9816+ <property name="top_attach">0</property>
9817+ <property name="bottom_attach">1</property>
9818+ <property name="x_options">fill</property>
9819+ <property name="y_options"></property>
9820+ </packing>
9821+ </child>
9822+
9823+ <child>
9824+ <widget class="GtkLabel" id="label34">
9825+ <property name="visible">True</property>
9826+ <property name="label" translatable="yes">MLS/MCS Range</property>
9827+ <property name="use_underline">False</property>
9828+ <property name="use_markup">False</property>
9829+ <property name="justify">GTK_JUSTIFY_LEFT</property>
9830+ <property name="wrap">False</property>
9831+ <property name="selectable">False</property>
9832+ <property name="xalign">0</property>
9833+ <property name="yalign">0.5</property>
9834+ <property name="xpad">0</property>
9835+ <property name="ypad">0</property>
9836+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
9837+ <property name="width_chars">-1</property>
9838+ <property name="single_line_mode">False</property>
9839+ <property name="angle">0</property>
9840+ </widget>
9841+ <packing>
9842+ <property name="left_attach">0</property>
9843+ <property name="right_attach">1</property>
9844+ <property name="top_attach">1</property>
9845+ <property name="bottom_attach">2</property>
9846+ <property name="x_options">fill</property>
9847+ <property name="y_options"></property>
9848+ </packing>
9849+ </child>
9850+
9851+ <child>
9852+ <widget class="GtkEntry" id="mlsRangeEntry">
9853+ <property name="visible">True</property>
9854+ <property name="can_focus">True</property>
9855+ <property name="editable">True</property>
9856+ <property name="visibility">True</property>
9857+ <property name="max_length">0</property>
9858+ <property name="text" translatable="yes"></property>
9859+ <property name="has_frame">True</property>
9860+ <property name="invisible_char">*</property>
9861+ <property name="activates_default">False</property>
9862+ </widget>
9863+ <packing>
9864+ <property name="left_attach">1</property>
9865+ <property name="right_attach">2</property>
9866+ <property name="top_attach">1</property>
9867+ <property name="bottom_attach">2</property>
9868+ <property name="y_options"></property>
9869+ </packing>
9870+ </child>
9871+
9872+ <child>
9873+ <widget class="GtkLabel" id="label36">
9874+ <property name="visible">True</property>
9875+ <property name="label" translatable="yes">SELinux Roles</property>
9876+ <property name="use_underline">False</property>
9877+ <property name="use_markup">False</property>
9878+ <property name="justify">GTK_JUSTIFY_LEFT</property>
9879+ <property name="wrap">False</property>
9880+ <property name="selectable">False</property>
9881+ <property name="xalign">0</property>
9882+ <property name="yalign">0.5</property>
9883+ <property name="xpad">0</property>
9884+ <property name="ypad">0</property>
9885+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
9886+ <property name="width_chars">-1</property>
9887+ <property name="single_line_mode">False</property>
9888+ <property name="angle">0</property>
9889+ </widget>
9890+ <packing>
9891+ <property name="left_attach">0</property>
9892+ <property name="right_attach">1</property>
9893+ <property name="top_attach">2</property>
9894+ <property name="bottom_attach">3</property>
9895+ <property name="x_options">fill</property>
9896+ <property name="y_options"></property>
9897+ </packing>
9898+ </child>
9899+
9900+ <child>
9901+ <widget class="GtkEntry" id="selinuxRolesEntry">
9902+ <property name="visible">True</property>
9903+ <property name="can_focus">True</property>
9904+ <property name="editable">True</property>
9905+ <property name="visibility">True</property>
9906+ <property name="max_length">0</property>
9907+ <property name="text" translatable="yes"></property>
9908+ <property name="has_frame">True</property>
9909+ <property name="invisible_char">*</property>
9910+ <property name="activates_default">False</property>
9911+ </widget>
9912+ <packing>
9913+ <property name="left_attach">1</property>
9914+ <property name="right_attach">2</property>
9915+ <property name="top_attach">2</property>
9916+ <property name="bottom_attach">3</property>
9917+ <property name="y_options"></property>
9918+ </packing>
9919+ </child>
9920+
9921+ <child>
9922+ <widget class="GtkEntry" id="selinuxUserEntry">
9923+ <property name="visible">True</property>
9924+ <property name="can_focus">True</property>
9925+ <property name="editable">True</property>
9926+ <property name="visibility">True</property>
9927+ <property name="max_length">0</property>
9928+ <property name="text" translatable="yes"></property>
9929+ <property name="has_frame">True</property>
9930+ <property name="invisible_char">*</property>
9931+ <property name="activates_default">False</property>
9932+ </widget>
9933+ <packing>
9934+ <property name="left_attach">1</property>
9935+ <property name="right_attach">2</property>
9936+ <property name="top_attach">0</property>
9937+ <property name="bottom_attach">1</property>
9938+ <property name="y_options"></property>
9939+ </packing>
9940+ </child>
9941+ </widget>
9942+ <packing>
9943+ <property name="padding">5</property>
9944+ <property name="expand">True</property>
9945+ <property name="fill">True</property>
9946+ </packing>
9947+ </child>
9948+ </widget>
9949+ <packing>
9950+ <property name="padding">0</property>
9951+ <property name="expand">True</property>
9952+ <property name="fill">True</property>
9953+ </packing>
9954+ </child>
9955+ </widget>
9956+ </child>
9957+</widget>
9958+
9959+<widget class="GnomeApp" id="mainWindow">
9960+ <property name="width_request">800</property>
9961+ <property name="height_request">500</property>
9962+ <property name="title" translatable="yes">SELinux Administration</property>
9963+ <property name="type">GTK_WINDOW_TOPLEVEL</property>
9964+ <property name="window_position">GTK_WIN_POS_NONE</property>
9965+ <property name="modal">False</property>
9966+ <property name="resizable">True</property>
9967+ <property name="destroy_with_parent">False</property>
9968+ <property name="icon">system-config-selinux.png</property>
9969+ <property name="decorated">True</property>
9970+ <property name="skip_taskbar_hint">False</property>
9971+ <property name="skip_pager_hint">False</property>
9972+ <property name="type_hint">GDK_WINDOW_TYPE_HINT_NORMAL</property>
9973+ <property name="gravity">GDK_GRAVITY_NORTH_WEST</property>
9974+ <property name="focus_on_map">True</property>
9975+ <property name="urgency_hint">False</property>
9976+ <property name="enable_layout_config">True</property>
9977+
9978+ <child internal-child="dock">
9979+ <widget class="BonoboDock" id="bonobodock2">
9980+ <property name="visible">True</property>
9981+ <property name="allow_floating">True</property>
9982+
9983+ <child>
9984+ <widget class="BonoboDockItem" id="bonobodockitem3">
9985+ <property name="visible">True</property>
9986+ <property name="shadow_type">GTK_SHADOW_NONE</property>
9987+
9988+ <child>
9989+ <widget class="GtkMenuBar" id="menubar1">
9990+ <property name="visible">True</property>
9991+ <property name="pack_direction">GTK_PACK_DIRECTION_LTR</property>
9992+ <property name="child_pack_direction">GTK_PACK_DIRECTION_LTR</property>
9993+
9994+ <child>
9995+ <widget class="GtkMenuItem" id="file1">
9996+ <property name="visible">True</property>
9997+ <property name="stock_item">GNOMEUIINFO_MENU_FILE_TREE</property>
9998+
9999+ <child>
10000+ <widget class="GtkMenu" id="file1_menu">
10001+
10002+ <child>
10003+ <widget class="GtkImageMenuItem" id="add_menu_item">
10004+ <property name="visible">True</property>
10005+ <property name="label" translatable="yes">Add</property>
10006+ <property name="use_underline">True</property>
10007+ <signal name="activate" handler="on_add_clicked" last_modification_time="Sat, 17 Mar 2007 12:21:12 GMT"/>
10008+ <accelerator key="a" modifiers="GDK_CONTROL_MASK" signal="activate"/>
10009+
10010+ <child internal-child="image">
10011+ <widget class="GtkImage" id="image13">
10012+ <property name="visible">True</property>
10013+ <property name="stock">gtk-add</property>
10014+ <property name="icon_size">1</property>
10015+ <property name="xalign">0.5</property>
10016+ <property name="yalign">0.5</property>
10017+ <property name="xpad">0</property>
10018+ <property name="ypad">0</property>
10019+ </widget>
10020+ </child>
10021+ </widget>
10022+ </child>
10023+
10024+ <child>
10025+ <widget class="GtkImageMenuItem" id="properties_menu_item">
10026+ <property name="visible">True</property>
10027+ <property name="label" translatable="yes">_Properties</property>
10028+ <property name="use_underline">True</property>
10029+ <signal name="activate" handler="on_properties_clicked" last_modification_time="Sat, 17 Mar 2007 12:21:12 GMT"/>
10030+ <accelerator key="p" modifiers="GDK_CONTROL_MASK" signal="activate"/>
10031+
10032+ <child internal-child="image">
10033+ <widget class="GtkImage" id="image14">
10034+ <property name="visible">True</property>
10035+ <property name="stock">gtk-properties</property>
10036+ <property name="icon_size">1</property>
10037+ <property name="xalign">0.5</property>
10038+ <property name="yalign">0.5</property>
10039+ <property name="xpad">0</property>
10040+ <property name="ypad">0</property>
10041+ </widget>
10042+ </child>
10043+ </widget>
10044+ </child>
10045+
10046+ <child>
10047+ <widget class="GtkImageMenuItem" id="delete_menu_item">
10048+ <property name="visible">True</property>
10049+ <property name="label" translatable="yes">_Delete</property>
10050+ <property name="use_underline">True</property>
10051+ <signal name="activate" handler="on_delete_clicked" last_modification_time="Sat, 17 Mar 2007 12:21:12 GMT"/>
10052+ <accelerator key="Delete" modifiers="0" signal="activate"/>
10053+
10054+ <child internal-child="image">
10055+ <widget class="GtkImage" id="image15">
10056+ <property name="visible">True</property>
10057+ <property name="stock">gtk-delete</property>
10058+ <property name="icon_size">1</property>
10059+ <property name="xalign">0.5</property>
10060+ <property name="yalign">0.5</property>
10061+ <property name="xpad">0</property>
10062+ <property name="ypad">0</property>
10063+ </widget>
10064+ </child>
10065+ </widget>
10066+ </child>
10067+
10068+ <child>
10069+ <widget class="GtkImageMenuItem" id="quit">
10070+ <property name="visible">True</property>
10071+ <property name="stock_item">GNOMEUIINFO_MENU_EXIT_ITEM</property>
10072+ <signal name="activate" handler="on_quit_activate" last_modification_time="Fri, 06 Oct 2006 13:58:19 GMT"/>
10073+ </widget>
10074+ </child>
10075+ </widget>
10076+ </child>
10077+ </widget>
10078+ </child>
10079+
10080+ <child>
10081+ <widget class="GtkMenuItem" id="help1">
10082+ <property name="visible">True</property>
10083+ <property name="stock_item">GNOMEUIINFO_MENU_HELP_TREE</property>
10084+
10085+ <child>
10086+ <widget class="GtkMenu" id="help1_menu">
10087+
10088+ <child>
10089+ <widget class="GtkImageMenuItem" id="about">
10090+ <property name="visible">True</property>
10091+ <property name="stock_item">GNOMEUIINFO_MENU_ABOUT_ITEM</property>
10092+ <signal name="activate" handler="on_about_activate" last_modification_time="Fri, 06 Oct 2006 13:58:02 GMT"/>
10093+ </widget>
10094+ </child>
10095+ </widget>
10096+ </child>
10097+ </widget>
10098+ </child>
10099+ </widget>
10100+ </child>
10101+ </widget>
10102+ <packing>
10103+ <property name="placement">BONOBO_DOCK_TOP</property>
10104+ <property name="band">0</property>
10105+ <property name="position">0</property>
10106+ <property name="offset">0</property>
10107+ <property name="behavior">BONOBO_DOCK_ITEM_BEH_EXCLUSIVE|BONOBO_DOCK_ITEM_BEH_NEVER_VERTICAL|BONOBO_DOCK_ITEM_BEH_LOCKED</property>
10108+ </packing>
10109+ </child>
10110+
10111+ <child>
10112+ <widget class="GtkHPaned" id="hpaned1">
10113+ <property name="visible">True</property>
10114+ <property name="can_focus">True</property>
10115+ <property name="position">0</property>
10116+
10117+ <child>
10118+ <widget class="GtkFrame" id="frame1">
10119+ <property name="border_width">5</property>
10120+ <property name="visible">True</property>
10121+ <property name="label_xalign">0</property>
10122+ <property name="label_yalign">0.5</property>
10123+ <property name="shadow_type">GTK_SHADOW_NONE</property>
10124+
10125+ <child>
10126+ <widget class="GtkAlignment" id="alignment1">
10127+ <property name="visible">True</property>
10128+ <property name="xalign">0.5</property>
10129+ <property name="yalign">0.5</property>
10130+ <property name="xscale">1</property>
10131+ <property name="yscale">1</property>
10132+ <property name="top_padding">0</property>
10133+ <property name="bottom_padding">0</property>
10134+ <property name="left_padding">12</property>
10135+ <property name="right_padding">0</property>
10136+
10137+ <child>
10138+ <widget class="GtkTreeView" id="selectView">
10139+ <property name="visible">True</property>
10140+ <property name="tooltip" translatable="yes">Select Management Object</property>
10141+ <property name="can_focus">True</property>
10142+ <property name="headers_visible">False</property>
10143+ <property name="rules_hint">False</property>
10144+ <property name="reorderable">False</property>
10145+ <property name="enable_search">True</property>
10146+ <property name="fixed_height_mode">False</property>
10147+ <property name="hover_selection">False</property>
10148+ <property name="hover_expand">False</property>
10149+ </widget>
10150+ </child>
10151+ </widget>
10152+ </child>
10153+
10154+ <child>
10155+ <widget class="GtkLabel" id="label45">
10156+ <property name="visible">True</property>
10157+ <property name="label" translatable="yes">&lt;b&gt;Select:&lt;/b&gt;</property>
10158+ <property name="use_underline">False</property>
10159+ <property name="use_markup">True</property>
10160+ <property name="justify">GTK_JUSTIFY_LEFT</property>
10161+ <property name="wrap">False</property>
10162+ <property name="selectable">False</property>
10163+ <property name="xalign">0.5</property>
10164+ <property name="yalign">0.5</property>
10165+ <property name="xpad">0</property>
10166+ <property name="ypad">0</property>
10167+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
10168+ <property name="width_chars">-1</property>
10169+ <property name="single_line_mode">False</property>
10170+ <property name="angle">0</property>
10171+ </widget>
10172+ <packing>
10173+ <property name="type">label_item</property>
10174+ </packing>
10175+ </child>
10176+ </widget>
10177+ <packing>
10178+ <property name="shrink">False</property>
10179+ <property name="resize">True</property>
10180+ </packing>
10181+ </child>
10182+
10183+ <child>
10184+ <widget class="GtkNotebook" id="notebook">
10185+ <property name="visible">True</property>
10186+ <property name="show_tabs">False</property>
10187+ <property name="show_border">True</property>
10188+ <property name="tab_pos">GTK_POS_TOP</property>
10189+ <property name="scrollable">False</property>
10190+ <property name="enable_popup">False</property>
10191+
10192+ <child>
10193+ <widget class="GtkVBox" id="vbox1">
10194+ <property name="visible">True</property>
10195+ <property name="homogeneous">False</property>
10196+ <property name="spacing">0</property>
10197+
10198+ <child>
10199+ <widget class="GtkTable" id="table6">
10200+ <property name="visible">True</property>
10201+ <property name="n_rows">4</property>
10202+ <property name="n_columns">2</property>
10203+ <property name="homogeneous">False</property>
10204+ <property name="row_spacing">5</property>
10205+ <property name="column_spacing">5</property>
10206+
10207+ <child>
10208+ <widget class="GtkLabel" id="label29">
10209+ <property name="visible">True</property>
10210+ <property name="label" translatable="yes">System Default Enforcing Mode</property>
10211+ <property name="use_underline">False</property>
10212+ <property name="use_markup">False</property>
10213+ <property name="justify">GTK_JUSTIFY_LEFT</property>
10214+ <property name="wrap">False</property>
10215+ <property name="selectable">False</property>
10216+ <property name="xalign">0.5</property>
10217+ <property name="yalign">0.5</property>
10218+ <property name="xpad">0</property>
10219+ <property name="ypad">0</property>
10220+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
10221+ <property name="width_chars">-1</property>
10222+ <property name="single_line_mode">False</property>
10223+ <property name="angle">0</property>
10224+ </widget>
10225+ <packing>
10226+ <property name="left_attach">0</property>
10227+ <property name="right_attach">1</property>
10228+ <property name="top_attach">0</property>
10229+ <property name="bottom_attach">1</property>
10230+ <property name="x_options">fill</property>
10231+ <property name="y_options"></property>
10232+ </packing>
10233+ </child>
10234+
10235+ <child>
10236+ <widget class="GtkComboBox" id="enabledOptionMenu">
10237+ <property name="visible">True</property>
10238+ <property name="items" translatable="yes">Disabled
10239+Permissive
10240+Enforcing
10241+</property>
10242+ <property name="add_tearoffs">False</property>
10243+ <property name="focus_on_click">True</property>
10244+ </widget>
10245+ <packing>
10246+ <property name="left_attach">1</property>
10247+ <property name="right_attach">2</property>
10248+ <property name="top_attach">0</property>
10249+ <property name="bottom_attach">1</property>
10250+ <property name="y_options">fill</property>
10251+ </packing>
10252+ </child>
10253+
10254+ <child>
10255+ <widget class="GtkLabel" id="label48">
10256+ <property name="visible">True</property>
10257+ <property name="label" translatable="yes">Current Enforcing Mode</property>
10258+ <property name="use_underline">False</property>
10259+ <property name="use_markup">False</property>
10260+ <property name="justify">GTK_JUSTIFY_LEFT</property>
10261+ <property name="wrap">False</property>
10262+ <property name="selectable">False</property>
10263+ <property name="xalign">0.5</property>
10264+ <property name="yalign">0.5</property>
10265+ <property name="xpad">0</property>
10266+ <property name="ypad">0</property>
10267+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
10268+ <property name="width_chars">-1</property>
10269+ <property name="single_line_mode">False</property>
10270+ <property name="angle">0</property>
10271+ </widget>
10272+ <packing>
10273+ <property name="left_attach">0</property>
10274+ <property name="right_attach">1</property>
10275+ <property name="top_attach">1</property>
10276+ <property name="bottom_attach">2</property>
10277+ <property name="x_options">fill</property>
10278+ <property name="y_options"></property>
10279+ </packing>
10280+ </child>
10281+
10282+ <child>
10283+ <widget class="GtkComboBox" id="currentOptionMenu">
10284+ <property name="visible">True</property>
10285+ <property name="items" translatable="yes"></property>
10286+ <property name="add_tearoffs">False</property>
10287+ <property name="focus_on_click">True</property>
10288+ </widget>
10289+ <packing>
10290+ <property name="left_attach">1</property>
10291+ <property name="right_attach">2</property>
10292+ <property name="top_attach">1</property>
10293+ <property name="bottom_attach">2</property>
10294+ <property name="x_options">fill</property>
10295+ <property name="y_options">fill</property>
10296+ </packing>
10297+ </child>
10298+
10299+ <child>
10300+ <widget class="GtkLabel" id="typeLabel">
10301+ <property name="visible">True</property>
10302+ <property name="label" translatable="yes">System Default Policy Type: </property>
10303+ <property name="use_underline">False</property>
10304+ <property name="use_markup">False</property>
10305+ <property name="justify">GTK_JUSTIFY_LEFT</property>
10306+ <property name="wrap">False</property>
10307+ <property name="selectable">False</property>
10308+ <property name="xalign">0.5</property>
10309+ <property name="yalign">0.5</property>
10310+ <property name="xpad">0</property>
10311+ <property name="ypad">0</property>
10312+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
10313+ <property name="width_chars">-1</property>
10314+ <property name="single_line_mode">False</property>
10315+ <property name="angle">0</property>
10316+ </widget>
10317+ <packing>
10318+ <property name="left_attach">0</property>
10319+ <property name="right_attach">1</property>
10320+ <property name="top_attach">2</property>
10321+ <property name="bottom_attach">3</property>
10322+ <property name="x_options">fill</property>
10323+ <property name="y_options"></property>
10324+ </packing>
10325+ </child>
10326+
10327+ <child>
10328+ <widget class="GtkComboBox" id="selinuxTypeOptionMenu">
10329+ <property name="visible">True</property>
10330+ <property name="items" translatable="yes"></property>
10331+ <property name="add_tearoffs">False</property>
10332+ <property name="focus_on_click">True</property>
10333+ </widget>
10334+ <packing>
10335+ <property name="left_attach">1</property>
10336+ <property name="right_attach">2</property>
10337+ <property name="top_attach">2</property>
10338+ <property name="bottom_attach">3</property>
10339+ <property name="x_options">fill</property>
10340+ <property name="y_options">fill</property>
10341+ </packing>
10342+ </child>
10343+
10344+ <child>
10345+ <widget class="GtkCheckButton" id="relabelCheckbutton">
10346+ <property name="visible">True</property>
10347+ <property name="tooltip" translatable="yes">Select if you wish to relabel then entire file system on next reboot. Relabeling can take a very long time, depending on the size of the system. If you are changing policy types or going from disabled to enforcing, a relabel is required.</property>
10348+ <property name="can_focus">True</property>
10349+ <property name="relief">GTK_RELIEF_NORMAL</property>
10350+ <property name="focus_on_click">True</property>
10351+ <property name="active">False</property>
10352+ <property name="inconsistent">False</property>
10353+ <property name="draw_indicator">True</property>
10354+
10355+ <child>
10356+ <widget class="GtkAlignment" id="alignment4">
10357+ <property name="visible">True</property>
10358+ <property name="xalign">0.5</property>
10359+ <property name="yalign">0.5</property>
10360+ <property name="xscale">0</property>
10361+ <property name="yscale">0</property>
10362+ <property name="top_padding">0</property>
10363+ <property name="bottom_padding">0</property>
10364+ <property name="left_padding">0</property>
10365+ <property name="right_padding">0</property>
10366+
10367+ <child>
10368+ <widget class="GtkHBox" id="hbox6">
10369+ <property name="visible">True</property>
10370+ <property name="homogeneous">False</property>
10371+ <property name="spacing">2</property>
10372+
10373+ <child>
10374+ <widget class="GtkImage" id="image2">
10375+ <property name="visible">True</property>
10376+ <property name="stock">gtk-refresh</property>
10377+ <property name="icon_size">4</property>
10378+ <property name="xalign">0.5</property>
10379+ <property name="yalign">0.5</property>
10380+ <property name="xpad">0</property>
10381+ <property name="ypad">0</property>
10382+ </widget>
10383+ <packing>
10384+ <property name="padding">0</property>
10385+ <property name="expand">False</property>
10386+ <property name="fill">False</property>
10387+ </packing>
10388+ </child>
10389+
10390+ <child>
10391+ <widget class="GtkLabel" id="label49">
10392+ <property name="visible">True</property>
10393+ <property name="label" translatable="yes">Relabel on next reboot.</property>
10394+ <property name="use_underline">True</property>
10395+ <property name="use_markup">False</property>
10396+ <property name="justify">GTK_JUSTIFY_LEFT</property>
10397+ <property name="wrap">False</property>
10398+ <property name="selectable">False</property>
10399+ <property name="xalign">0.5</property>
10400+ <property name="yalign">0.5</property>
10401+ <property name="xpad">0</property>
10402+ <property name="ypad">0</property>
10403+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
10404+ <property name="width_chars">-1</property>
10405+ <property name="single_line_mode">False</property>
10406+ <property name="angle">0</property>
10407+ </widget>
10408+ <packing>
10409+ <property name="padding">0</property>
10410+ <property name="expand">False</property>
10411+ <property name="fill">False</property>
10412+ </packing>
10413+ </child>
10414+ </widget>
10415+ </child>
10416+ </widget>
10417+ </child>
10418+ </widget>
10419+ <packing>
10420+ <property name="left_attach">0</property>
10421+ <property name="right_attach">2</property>
10422+ <property name="top_attach">3</property>
10423+ <property name="bottom_attach">4</property>
10424+ <property name="x_options">fill</property>
10425+ <property name="y_options">fill</property>
10426+ </packing>
10427+ </child>
10428+ </widget>
10429+ <packing>
10430+ <property name="padding">0</property>
10431+ <property name="expand">True</property>
10432+ <property name="fill">True</property>
10433+ </packing>
10434+ </child>
10435+ </widget>
10436+ <packing>
10437+ <property name="tab_expand">False</property>
10438+ <property name="tab_fill">True</property>
10439+ </packing>
10440+ </child>
10441+
10442+ <child>
10443+ <widget class="GtkLabel" id="label37">
10444+ <property name="visible">True</property>
10445+ <property name="label" translatable="yes">label37</property>
10446+ <property name="use_underline">False</property>
10447+ <property name="use_markup">False</property>
10448+ <property name="justify">GTK_JUSTIFY_LEFT</property>
10449+ <property name="wrap">False</property>
10450+ <property name="selectable">False</property>
10451+ <property name="xalign">0.5</property>
10452+ <property name="yalign">0.5</property>
10453+ <property name="xpad">0</property>
10454+ <property name="ypad">0</property>
10455+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
10456+ <property name="width_chars">-1</property>
10457+ <property name="single_line_mode">False</property>
10458+ <property name="angle">0</property>
10459+ </widget>
10460+ <packing>
10461+ <property name="type">tab</property>
10462+ </packing>
10463+ </child>
10464+
10465+ <child>
10466+ <widget class="GtkVBox" id="vbox18">
10467+ <property name="visible">True</property>
10468+ <property name="homogeneous">False</property>
10469+ <property name="spacing">0</property>
10470+
10471+ <child>
10472+ <widget class="GtkToolbar" id="toolbar9">
10473+ <property name="visible">True</property>
10474+ <property name="orientation">GTK_ORIENTATION_HORIZONTAL</property>
10475+ <property name="toolbar_style">GTK_TOOLBAR_BOTH</property>
10476+ <property name="tooltips">True</property>
10477+ <property name="show_arrow">True</property>
10478+
10479+ <child>
10480+ <widget class="GtkToolButton" id="booleanRevertButton">
10481+ <property name="visible">True</property>
10482+ <property name="tooltip" translatable="yes">Revert boolean setting to system default</property>
10483+ <property name="stock_id">gtk-revert-to-saved</property>
10484+ <property name="visible_horizontal">True</property>
10485+ <property name="visible_vertical">True</property>
10486+ <property name="is_important">False</property>
10487+ <signal name="clicked" handler="on_delete_clicked" last_modification_time="Mon, 16 Jan 2006 18:26:29 GMT"/>
10488+ </widget>
10489+ <packing>
10490+ <property name="expand">False</property>
10491+ <property name="homogeneous">True</property>
10492+ </packing>
10493+ </child>
10494+
10495+ <child>
10496+ <widget class="GtkToolButton" id="toolbutton34">
10497+ <property name="visible">True</property>
10498+ <property name="tooltip" translatable="yes">Toggle between Customized and All Booleans</property>
10499+ <property name="label" translatable="yes">Customized</property>
10500+ <property name="use_underline">True</property>
10501+ <property name="stock_id">gtk-find</property>
10502+ <property name="visible_horizontal">True</property>
10503+ <property name="visible_vertical">True</property>
10504+ <property name="is_important">False</property>
10505+ <signal name="clicked" handler="on_local_clicked" last_modification_time="Wed, 19 Sep 2007 19:14:08 GMT"/>
10506+ </widget>
10507+ <packing>
10508+ <property name="expand">False</property>
10509+ <property name="homogeneous">True</property>
10510+ </packing>
10511+ </child>
10512+
10513+ <child>
10514+ <widget class="GtkToolButton" id="toolbutton36">
10515+ <property name="visible">True</property>
10516+ <property name="tooltip" translatable="yes">Run booleans lockdown wizard</property>
10517+ <property name="label" translatable="yes">Lockdown...</property>
10518+ <property name="use_underline">True</property>
10519+ <property name="stock_id">gtk-print-error</property>
10520+ <property name="visible_horizontal">True</property>
10521+ <property name="visible_vertical">True</property>
10522+ <property name="is_important">False</property>
10523+ <signal name="clicked" handler="on_lockdown_clicked" last_modification_time="Thu, 03 Jul 2008 16:51:17 GMT"/>
10524+ </widget>
10525+ <packing>
10526+ <property name="expand">False</property>
10527+ <property name="homogeneous">True</property>
10528+ </packing>
10529+ </child>
10530+ </widget>
10531+ <packing>
10532+ <property name="padding">0</property>
10533+ <property name="expand">False</property>
10534+ <property name="fill">False</property>
10535+ </packing>
10536+ </child>
10537+
10538+ <child>
10539+ <widget class="GtkHBox" id="hbox7">
10540+ <property name="visible">True</property>
10541+ <property name="homogeneous">False</property>
10542+ <property name="spacing">0</property>
10543+
10544+ <child>
10545+ <widget class="GtkLabel" id="label51">
10546+ <property name="visible">True</property>
10547+ <property name="label" translatable="yes">Filter</property>
10548+ <property name="use_underline">False</property>
10549+ <property name="use_markup">False</property>
10550+ <property name="justify">GTK_JUSTIFY_LEFT</property>
10551+ <property name="wrap">False</property>
10552+ <property name="selectable">False</property>
10553+ <property name="xalign">0.5</property>
10554+ <property name="yalign">0.5</property>
10555+ <property name="xpad">0</property>
10556+ <property name="ypad">0</property>
10557+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
10558+ <property name="width_chars">-1</property>
10559+ <property name="single_line_mode">False</property>
10560+ <property name="angle">0</property>
10561+ </widget>
10562+ <packing>
10563+ <property name="padding">10</property>
10564+ <property name="expand">False</property>
10565+ <property name="fill">False</property>
10566+ </packing>
10567+ </child>
10568+
10569+ <child>
10570+ <widget class="GtkEntry" id="booleansFilter">
10571+ <property name="visible">True</property>
10572+ <property name="can_focus">True</property>
10573+ <property name="editable">True</property>
10574+ <property name="visibility">True</property>
10575+ <property name="max_length">0</property>
10576+ <property name="text" translatable="yes"></property>
10577+ <property name="has_frame">True</property>
10578+ <property name="invisible_char">•</property>
10579+ <property name="activates_default">False</property>
10580+ <signal name="changed" handler="on_booleansFilter_changed" last_modification_time="Fri, 06 Apr 2007 12:39:26 GMT"/>
10581+ </widget>
10582+ <packing>
10583+ <property name="padding">0</property>
10584+ <property name="expand">True</property>
10585+ <property name="fill">True</property>
10586+ </packing>
10587+ </child>
10588+ </widget>
10589+ <packing>
10590+ <property name="padding">10</property>
10591+ <property name="expand">False</property>
10592+ <property name="fill">True</property>
10593+ </packing>
10594+ </child>
10595+
10596+ <child>
10597+ <widget class="GtkScrolledWindow" id="scrolledwindow18">
10598+ <property name="visible">True</property>
10599+ <property name="can_focus">True</property>
10600+ <property name="hscrollbar_policy">GTK_POLICY_ALWAYS</property>
10601+ <property name="vscrollbar_policy">GTK_POLICY_ALWAYS</property>
10602+ <property name="shadow_type">GTK_SHADOW_NONE</property>
10603+ <property name="window_placement">GTK_CORNER_TOP_LEFT</property>
10604+
10605+ <child>
10606+ <widget class="GtkTreeView" id="booleansView">
10607+ <property name="visible">True</property>
10608+ <property name="tooltip" translatable="yes">Boolean</property>
10609+ <property name="can_focus">True</property>
10610+ <property name="headers_visible">True</property>
10611+ <property name="rules_hint">False</property>
10612+ <property name="reorderable">False</property>
10613+ <property name="enable_search">True</property>
10614+ <property name="fixed_height_mode">False</property>
10615+ <property name="hover_selection">False</property>
10616+ <property name="hover_expand">False</property>
10617+ </widget>
10618+ </child>
10619+ </widget>
10620+ <packing>
10621+ <property name="padding">0</property>
10622+ <property name="expand">True</property>
10623+ <property name="fill">True</property>
10624+ </packing>
10625+ </child>
10626+ </widget>
10627+ <packing>
10628+ <property name="tab_expand">False</property>
10629+ <property name="tab_fill">True</property>
10630+ </packing>
10631+ </child>
10632+
10633+ <child>
10634+ <widget class="GtkLabel" id="label50">
10635+ <property name="visible">True</property>
10636+ <property name="label" translatable="yes">label50</property>
10637+ <property name="use_underline">False</property>
10638+ <property name="use_markup">False</property>
10639+ <property name="justify">GTK_JUSTIFY_LEFT</property>
10640+ <property name="wrap">False</property>
10641+ <property name="selectable">False</property>
10642+ <property name="xalign">0.5</property>
10643+ <property name="yalign">0.5</property>
10644+ <property name="xpad">0</property>
10645+ <property name="ypad">0</property>
10646+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
10647+ <property name="width_chars">-1</property>
10648+ <property name="single_line_mode">False</property>
10649+ <property name="angle">0</property>
10650+ </widget>
10651+ <packing>
10652+ <property name="type">tab</property>
10653+ </packing>
10654+ </child>
10655+
10656+ <child>
10657+ <widget class="GtkVBox" id="vbox11">
10658+ <property name="visible">True</property>
10659+ <property name="homogeneous">False</property>
10660+ <property name="spacing">0</property>
10661+
10662+ <child>
10663+ <widget class="GtkToolbar" id="toolbar2">
10664+ <property name="visible">True</property>
10665+ <property name="orientation">GTK_ORIENTATION_HORIZONTAL</property>
10666+ <property name="toolbar_style">GTK_TOOLBAR_BOTH</property>
10667+ <property name="tooltips">True</property>
10668+ <property name="show_arrow">True</property>
10669+
10670+ <child>
10671+ <widget class="GtkToolButton" id="toolbutton5">
10672+ <property name="visible">True</property>
10673+ <property name="tooltip" translatable="yes">Add File Context</property>
10674+ <property name="stock_id">gtk-add</property>
10675+ <property name="visible_horizontal">True</property>
10676+ <property name="visible_vertical">True</property>
10677+ <property name="is_important">False</property>
10678+ <signal name="clicked" handler="on_add_clicked" last_modification_time="Mon, 16 Jan 2006 18:27:03 GMT"/>
10679+ </widget>
10680+ <packing>
10681+ <property name="expand">False</property>
10682+ <property name="homogeneous">True</property>
10683+ </packing>
10684+ </child>
10685+
10686+ <child>
10687+ <widget class="GtkToolButton" id="toolbutton6">
10688+ <property name="visible">True</property>
10689+ <property name="tooltip" translatable="yes">Modify File Context</property>
10690+ <property name="stock_id">gtk-properties</property>
10691+ <property name="visible_horizontal">True</property>
10692+ <property name="visible_vertical">True</property>
10693+ <property name="is_important">False</property>
10694+ <signal name="clicked" handler="on_properties_clicked" last_modification_time="Mon, 16 Jan 2006 18:26:51 GMT"/>
10695+ </widget>
10696+ <packing>
10697+ <property name="expand">False</property>
10698+ <property name="homogeneous">True</property>
10699+ </packing>
10700+ </child>
10701+
10702+ <child>
10703+ <widget class="GtkToolButton" id="toolbutton7">
10704+ <property name="visible">True</property>
10705+ <property name="tooltip" translatable="yes">Delete File Context</property>
10706+ <property name="stock_id">gtk-delete</property>
10707+ <property name="visible_horizontal">True</property>
10708+ <property name="visible_vertical">True</property>
10709+ <property name="is_important">False</property>
10710+ <signal name="clicked" handler="on_delete_clicked" last_modification_time="Mon, 16 Jan 2006 18:26:29 GMT"/>
10711+ </widget>
10712+ <packing>
10713+ <property name="expand">False</property>
10714+ <property name="homogeneous">True</property>
10715+ </packing>
10716+ </child>
10717+
10718+ <child>
10719+ <widget class="GtkToolButton" id="customizedButton">
10720+ <property name="visible">True</property>
10721+ <property name="tooltip" translatable="yes">Toggle between all and customized file context</property>
10722+ <property name="label" translatable="yes">Customized</property>
10723+ <property name="use_underline">True</property>
10724+ <property name="stock_id">gtk-find</property>
10725+ <property name="visible_horizontal">True</property>
10726+ <property name="visible_vertical">True</property>
10727+ <property name="is_important">False</property>
10728+ <signal name="clicked" handler="on_local_clicked" last_modification_time="Wed, 19 Sep 2007 19:14:08 GMT"/>
10729+ </widget>
10730+ <packing>
10731+ <property name="expand">False</property>
10732+ <property name="homogeneous">True</property>
10733+ </packing>
10734+ </child>
10735+ </widget>
10736+ <packing>
10737+ <property name="padding">0</property>
10738+ <property name="expand">False</property>
10739+ <property name="fill">False</property>
10740+ </packing>
10741+ </child>
10742+
10743+ <child>
10744+ <widget class="GtkHBox" id="hbox14">
10745+ <property name="visible">True</property>
10746+ <property name="homogeneous">False</property>
10747+ <property name="spacing">0</property>
10748+
10749+ <child>
10750+ <widget class="GtkLabel" id="label58">
10751+ <property name="visible">True</property>
10752+ <property name="label" translatable="yes">Filter</property>
10753+ <property name="use_underline">False</property>
10754+ <property name="use_markup">False</property>
10755+ <property name="justify">GTK_JUSTIFY_LEFT</property>
10756+ <property name="wrap">False</property>
10757+ <property name="selectable">False</property>
10758+ <property name="xalign">0.5</property>
10759+ <property name="yalign">0.5</property>
10760+ <property name="xpad">0</property>
10761+ <property name="ypad">0</property>
10762+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
10763+ <property name="width_chars">-1</property>
10764+ <property name="single_line_mode">False</property>
10765+ <property name="angle">0</property>
10766+ </widget>
10767+ <packing>
10768+ <property name="padding">10</property>
10769+ <property name="expand">False</property>
10770+ <property name="fill">False</property>
10771+ </packing>
10772+ </child>
10773+
10774+ <child>
10775+ <widget class="GtkEntry" id="fcontextFilterEntry">
10776+ <property name="visible">True</property>
10777+ <property name="can_focus">True</property>
10778+ <property name="editable">True</property>
10779+ <property name="visibility">True</property>
10780+ <property name="max_length">0</property>
10781+ <property name="text" translatable="yes"></property>
10782+ <property name="has_frame">True</property>
10783+ <property name="invisible_char">•</property>
10784+ <property name="activates_default">False</property>
10785+ <signal name="changed" handler="on_fcontextFilter_changed" last_modification_time="Mon, 05 Nov 2007 21:22:11 GMT"/>
10786+ </widget>
10787+ <packing>
10788+ <property name="padding">0</property>
10789+ <property name="expand">True</property>
10790+ <property name="fill">True</property>
10791+ </packing>
10792+ </child>
10793+ </widget>
10794+ <packing>
10795+ <property name="padding">0</property>
10796+ <property name="expand">False</property>
10797+ <property name="fill">False</property>
10798+ </packing>
10799+ </child>
10800+
10801+ <child>
10802+ <widget class="GtkScrolledWindow" id="scrolledwindow19">
10803+ <property name="visible">True</property>
10804+ <property name="can_focus">True</property>
10805+ <property name="hscrollbar_policy">GTK_POLICY_ALWAYS</property>
10806+ <property name="vscrollbar_policy">GTK_POLICY_ALWAYS</property>
10807+ <property name="shadow_type">GTK_SHADOW_NONE</property>
10808+ <property name="window_placement">GTK_CORNER_TOP_LEFT</property>
10809+
10810+ <child>
10811+ <widget class="GtkTreeView" id="fcontextView">
10812+ <property name="visible">True</property>
10813+ <property name="tooltip" translatable="yes">File Labeling</property>
10814+ <property name="can_focus">True</property>
10815+ <property name="headers_visible">True</property>
10816+ <property name="rules_hint">False</property>
10817+ <property name="reorderable">False</property>
10818+ <property name="enable_search">True</property>
10819+ <property name="fixed_height_mode">False</property>
10820+ <property name="hover_selection">False</property>
10821+ <property name="hover_expand">False</property>
10822+ </widget>
10823+ </child>
10824+ </widget>
10825+ <packing>
10826+ <property name="padding">0</property>
10827+ <property name="expand">True</property>
10828+ <property name="fill">True</property>
10829+ </packing>
10830+ </child>
10831+ </widget>
10832+ <packing>
10833+ <property name="tab_expand">False</property>
10834+ <property name="tab_fill">True</property>
10835+ </packing>
10836+ </child>
10837+
10838+ <child>
10839+ <widget class="GtkLabel" id="label38">
10840+ <property name="visible">True</property>
10841+ <property name="label" translatable="yes">label38</property>
10842+ <property name="use_underline">False</property>
10843+ <property name="use_markup">False</property>
10844+ <property name="justify">GTK_JUSTIFY_LEFT</property>
10845+ <property name="wrap">False</property>
10846+ <property name="selectable">False</property>
10847+ <property name="xalign">0.5</property>
10848+ <property name="yalign">0.5</property>
10849+ <property name="xpad">0</property>
10850+ <property name="ypad">0</property>
10851+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
10852+ <property name="width_chars">-1</property>
10853+ <property name="single_line_mode">False</property>
10854+ <property name="angle">0</property>
10855+ </widget>
10856+ <packing>
10857+ <property name="type">tab</property>
10858+ </packing>
10859+ </child>
10860+
10861+ <child>
10862+ <widget class="GtkVBox" id="vbox12">
10863+ <property name="visible">True</property>
10864+ <property name="homogeneous">False</property>
10865+ <property name="spacing">0</property>
10866+
10867+ <child>
10868+ <widget class="GtkToolbar" id="toolbar3">
10869+ <property name="visible">True</property>
10870+ <property name="orientation">GTK_ORIENTATION_HORIZONTAL</property>
10871+ <property name="toolbar_style">GTK_TOOLBAR_BOTH</property>
10872+ <property name="tooltips">True</property>
10873+ <property name="show_arrow">True</property>
10874+
10875+ <child>
10876+ <widget class="GtkToolButton" id="toolbutton8">
10877+ <property name="visible">True</property>
10878+ <property name="tooltip" translatable="yes">Add SELinux User Mapping</property>
10879+ <property name="stock_id">gtk-add</property>
10880+ <property name="visible_horizontal">True</property>
10881+ <property name="visible_vertical">True</property>
10882+ <property name="is_important">False</property>
10883+ <signal name="clicked" handler="on_add_clicked" last_modification_time="Mon, 16 Jan 2006 18:27:03 GMT"/>
10884+ </widget>
10885+ <packing>
10886+ <property name="expand">False</property>
10887+ <property name="homogeneous">True</property>
10888+ </packing>
10889+ </child>
10890+
10891+ <child>
10892+ <widget class="GtkToolButton" id="toolbutton29">
10893+ <property name="visible">True</property>
10894+ <property name="tooltip" translatable="yes">Modify SELinux User Mapping</property>
10895+ <property name="stock_id">gtk-properties</property>
10896+ <property name="visible_horizontal">True</property>
10897+ <property name="visible_vertical">True</property>
10898+ <property name="is_important">False</property>
10899+ <signal name="clicked" handler="on_properties_clicked" last_modification_time="Wed, 15 Nov 2006 16:38:33 GMT"/>
10900+ </widget>
10901+ <packing>
10902+ <property name="expand">False</property>
10903+ <property name="homogeneous">True</property>
10904+ </packing>
10905+ </child>
10906+
10907+ <child>
10908+ <widget class="GtkToolButton" id="toolbutton10">
10909+ <property name="visible">True</property>
10910+ <property name="tooltip" translatable="yes">Delete SELinux User Mapping</property>
10911+ <property name="stock_id">gtk-delete</property>
10912+ <property name="visible_horizontal">True</property>
10913+ <property name="visible_vertical">True</property>
10914+ <property name="is_important">False</property>
10915+ <signal name="clicked" handler="on_delete_clicked" last_modification_time="Mon, 16 Jan 2006 18:26:29 GMT"/>
10916+ </widget>
10917+ <packing>
10918+ <property name="expand">False</property>
10919+ <property name="homogeneous">True</property>
10920+ </packing>
10921+ </child>
10922+ </widget>
10923+ <packing>
10924+ <property name="padding">0</property>
10925+ <property name="expand">False</property>
10926+ <property name="fill">False</property>
10927+ </packing>
10928+ </child>
10929+
10930+ <child>
10931+ <widget class="GtkHBox" id="hbox13">
10932+ <property name="visible">True</property>
10933+ <property name="homogeneous">False</property>
10934+ <property name="spacing">0</property>
10935+
10936+ <child>
10937+ <widget class="GtkLabel" id="label57">
10938+ <property name="visible">True</property>
10939+ <property name="label" translatable="yes">Filter</property>
10940+ <property name="use_underline">False</property>
10941+ <property name="use_markup">False</property>
10942+ <property name="justify">GTK_JUSTIFY_LEFT</property>
10943+ <property name="wrap">False</property>
10944+ <property name="selectable">False</property>
10945+ <property name="xalign">0.5</property>
10946+ <property name="yalign">0.5</property>
10947+ <property name="xpad">0</property>
10948+ <property name="ypad">0</property>
10949+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
10950+ <property name="width_chars">-1</property>
10951+ <property name="single_line_mode">False</property>
10952+ <property name="angle">0</property>
10953+ </widget>
10954+ <packing>
10955+ <property name="padding">10</property>
10956+ <property name="expand">False</property>
10957+ <property name="fill">False</property>
10958+ </packing>
10959+ </child>
10960+
10961+ <child>
10962+ <widget class="GtkEntry" id="loginsFilterEntry">
10963+ <property name="visible">True</property>
10964+ <property name="can_focus">True</property>
10965+ <property name="editable">True</property>
10966+ <property name="visibility">True</property>
10967+ <property name="max_length">0</property>
10968+ <property name="text" translatable="yes"></property>
10969+ <property name="has_frame">True</property>
10970+ <property name="invisible_char">•</property>
10971+ <property name="activates_default">False</property>
10972+ <signal name="changed" handler="on_booleansFilter_changed" last_modification_time="Fri, 06 Apr 2007 12:39:26 GMT"/>
10973+ </widget>
10974+ <packing>
10975+ <property name="padding">0</property>
10976+ <property name="expand">True</property>
10977+ <property name="fill">True</property>
10978+ </packing>
10979+ </child>
10980+ </widget>
10981+ <packing>
10982+ <property name="padding">5</property>
10983+ <property name="expand">False</property>
10984+ <property name="fill">True</property>
10985+ </packing>
10986+ </child>
10987+
10988+ <child>
10989+ <widget class="GtkScrolledWindow" id="scrolledwindow16">
10990+ <property name="visible">True</property>
10991+ <property name="can_focus">True</property>
10992+ <property name="hscrollbar_policy">GTK_POLICY_ALWAYS</property>
10993+ <property name="vscrollbar_policy">GTK_POLICY_ALWAYS</property>
10994+ <property name="shadow_type">GTK_SHADOW_NONE</property>
10995+ <property name="window_placement">GTK_CORNER_TOP_LEFT</property>
10996+
10997+ <child>
10998+ <widget class="GtkTreeView" id="loginsView">
10999+ <property name="visible">True</property>
11000+ <property name="tooltip" translatable="yes">User Mapping</property>
11001+ <property name="can_focus">True</property>
11002+ <property name="headers_visible">True</property>
11003+ <property name="rules_hint">False</property>
11004+ <property name="reorderable">False</property>
11005+ <property name="enable_search">True</property>
11006+ <property name="fixed_height_mode">False</property>
11007+ <property name="hover_selection">False</property>
11008+ <property name="hover_expand">False</property>
11009+ </widget>
11010+ </child>
11011+ </widget>
11012+ <packing>
11013+ <property name="padding">0</property>
11014+ <property name="expand">True</property>
11015+ <property name="fill">True</property>
11016+ </packing>
11017+ </child>
11018+ </widget>
11019+ <packing>
11020+ <property name="tab_expand">False</property>
11021+ <property name="tab_fill">True</property>
11022+ </packing>
11023+ </child>
11024+
11025+ <child>
11026+ <widget class="GtkLabel" id="label39">
11027+ <property name="visible">True</property>
11028+ <property name="label" translatable="yes">label39</property>
11029+ <property name="use_underline">False</property>
11030+ <property name="use_markup">False</property>
11031+ <property name="justify">GTK_JUSTIFY_LEFT</property>
11032+ <property name="wrap">False</property>
11033+ <property name="selectable">False</property>
11034+ <property name="xalign">0.5</property>
11035+ <property name="yalign">0.5</property>
11036+ <property name="xpad">0</property>
11037+ <property name="ypad">0</property>
11038+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
11039+ <property name="width_chars">-1</property>
11040+ <property name="single_line_mode">False</property>
11041+ <property name="angle">0</property>
11042+ </widget>
11043+ <packing>
11044+ <property name="type">tab</property>
11045+ </packing>
11046+ </child>
11047+
11048+ <child>
11049+ <widget class="GtkVBox" id="vbox14">
11050+ <property name="visible">True</property>
11051+ <property name="homogeneous">False</property>
11052+ <property name="spacing">0</property>
11053+
11054+ <child>
11055+ <widget class="GtkToolbar" id="toolbar5">
11056+ <property name="visible">True</property>
11057+ <property name="orientation">GTK_ORIENTATION_HORIZONTAL</property>
11058+ <property name="toolbar_style">GTK_TOOLBAR_BOTH</property>
11059+ <property name="tooltips">True</property>
11060+ <property name="show_arrow">True</property>
11061+
11062+ <child>
11063+ <widget class="GtkToolButton" id="toolbutton14">
11064+ <property name="visible">True</property>
11065+ <property name="tooltip" translatable="yes">Add User</property>
11066+ <property name="stock_id">gtk-add</property>
11067+ <property name="visible_horizontal">True</property>
11068+ <property name="visible_vertical">True</property>
11069+ <property name="is_important">False</property>
11070+ <signal name="clicked" handler="on_add_clicked" last_modification_time="Mon, 16 Jan 2006 18:27:03 GMT"/>
11071+ </widget>
11072+ <packing>
11073+ <property name="expand">False</property>
11074+ <property name="homogeneous">True</property>
11075+ </packing>
11076+ </child>
11077+
11078+ <child>
11079+ <widget class="GtkToolButton" id="toolbutton15">
11080+ <property name="visible">True</property>
11081+ <property name="tooltip" translatable="yes">Modify User</property>
11082+ <property name="stock_id">gtk-properties</property>
11083+ <property name="visible_horizontal">True</property>
11084+ <property name="visible_vertical">True</property>
11085+ <property name="is_important">False</property>
11086+ <signal name="clicked" handler="on_properties_clicked" last_modification_time="Mon, 16 Jan 2006 18:26:51 GMT"/>
11087+ </widget>
11088+ <packing>
11089+ <property name="expand">False</property>
11090+ <property name="homogeneous">True</property>
11091+ </packing>
11092+ </child>
11093+
11094+ <child>
11095+ <widget class="GtkToolButton" id="toolbutton16">
11096+ <property name="visible">True</property>
11097+ <property name="tooltip" translatable="yes">Delete User</property>
11098+ <property name="stock_id">gtk-delete</property>
11099+ <property name="visible_horizontal">True</property>
11100+ <property name="visible_vertical">True</property>
11101+ <property name="is_important">False</property>
11102+ <signal name="clicked" handler="on_delete_clicked" last_modification_time="Mon, 16 Jan 2006 18:26:29 GMT"/>
11103+ </widget>
11104+ <packing>
11105+ <property name="expand">False</property>
11106+ <property name="homogeneous">True</property>
11107+ </packing>
11108+ </child>
11109+ </widget>
11110+ <packing>
11111+ <property name="padding">0</property>
11112+ <property name="expand">False</property>
11113+ <property name="fill">False</property>
11114+ </packing>
11115+ </child>
11116+
11117+ <child>
11118+ <widget class="GtkHBox" id="hbox12">
11119+ <property name="visible">True</property>
11120+ <property name="homogeneous">False</property>
11121+ <property name="spacing">0</property>
11122+
11123+ <child>
11124+ <widget class="GtkLabel" id="label56">
11125+ <property name="visible">True</property>
11126+ <property name="label" translatable="yes">Filter</property>
11127+ <property name="use_underline">False</property>
11128+ <property name="use_markup">False</property>
11129+ <property name="justify">GTK_JUSTIFY_LEFT</property>
11130+ <property name="wrap">False</property>
11131+ <property name="selectable">False</property>
11132+ <property name="xalign">0.5</property>
11133+ <property name="yalign">0.5</property>
11134+ <property name="xpad">0</property>
11135+ <property name="ypad">0</property>
11136+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
11137+ <property name="width_chars">-1</property>
11138+ <property name="single_line_mode">False</property>
11139+ <property name="angle">0</property>
11140+ </widget>
11141+ <packing>
11142+ <property name="padding">10</property>
11143+ <property name="expand">False</property>
11144+ <property name="fill">False</property>
11145+ </packing>
11146+ </child>
11147+
11148+ <child>
11149+ <widget class="GtkEntry" id="usersFilterEntry">
11150+ <property name="visible">True</property>
11151+ <property name="can_focus">True</property>
11152+ <property name="editable">True</property>
11153+ <property name="visibility">True</property>
11154+ <property name="max_length">0</property>
11155+ <property name="text" translatable="yes"></property>
11156+ <property name="has_frame">True</property>
11157+ <property name="invisible_char">•</property>
11158+ <property name="activates_default">False</property>
11159+ <signal name="changed" handler="on_booleansFilter_changed" last_modification_time="Fri, 06 Apr 2007 12:39:26 GMT"/>
11160+ </widget>
11161+ <packing>
11162+ <property name="padding">0</property>
11163+ <property name="expand">True</property>
11164+ <property name="fill">True</property>
11165+ </packing>
11166+ </child>
11167+ </widget>
11168+ <packing>
11169+ <property name="padding">5</property>
11170+ <property name="expand">False</property>
11171+ <property name="fill">True</property>
11172+ </packing>
11173+ </child>
11174+
11175+ <child>
11176+ <widget class="GtkScrolledWindow" id="scrolledwindow11">
11177+ <property name="visible">True</property>
11178+ <property name="can_focus">True</property>
11179+ <property name="hscrollbar_policy">GTK_POLICY_ALWAYS</property>
11180+ <property name="vscrollbar_policy">GTK_POLICY_ALWAYS</property>
11181+ <property name="shadow_type">GTK_SHADOW_NONE</property>
11182+ <property name="window_placement">GTK_CORNER_TOP_LEFT</property>
11183+
11184+ <child>
11185+ <widget class="GtkTreeView" id="usersView">
11186+ <property name="visible">True</property>
11187+ <property name="tooltip" translatable="yes">SELinux User</property>
11188+ <property name="can_focus">True</property>
11189+ <property name="headers_visible">True</property>
11190+ <property name="rules_hint">False</property>
11191+ <property name="reorderable">False</property>
11192+ <property name="enable_search">True</property>
11193+ <property name="fixed_height_mode">False</property>
11194+ <property name="hover_selection">False</property>
11195+ <property name="hover_expand">False</property>
11196+ </widget>
11197+ </child>
11198+ </widget>
11199+ <packing>
11200+ <property name="padding">0</property>
11201+ <property name="expand">True</property>
11202+ <property name="fill">True</property>
11203+ </packing>
11204+ </child>
11205+ </widget>
11206+ <packing>
11207+ <property name="tab_expand">False</property>
11208+ <property name="tab_fill">True</property>
11209+ </packing>
11210+ </child>
11211+
11212+ <child>
11213+ <widget class="GtkLabel" id="label41">
11214+ <property name="visible">True</property>
11215+ <property name="label" translatable="yes">label41</property>
11216+ <property name="use_underline">False</property>
11217+ <property name="use_markup">False</property>
11218+ <property name="justify">GTK_JUSTIFY_LEFT</property>
11219+ <property name="wrap">False</property>
11220+ <property name="selectable">False</property>
11221+ <property name="xalign">0.5</property>
11222+ <property name="yalign">0.5</property>
11223+ <property name="xpad">0</property>
11224+ <property name="ypad">0</property>
11225+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
11226+ <property name="width_chars">-1</property>
11227+ <property name="single_line_mode">False</property>
11228+ <property name="angle">0</property>
11229+ </widget>
11230+ <packing>
11231+ <property name="type">tab</property>
11232+ </packing>
11233+ </child>
11234+
11235+ <child>
11236+ <widget class="GtkVBox" id="vbox15">
11237+ <property name="visible">True</property>
11238+ <property name="homogeneous">False</property>
11239+ <property name="spacing">0</property>
11240+
11241+ <child>
11242+ <widget class="GtkToolbar" id="toolbar6">
11243+ <property name="visible">True</property>
11244+ <property name="orientation">GTK_ORIENTATION_HORIZONTAL</property>
11245+ <property name="toolbar_style">GTK_TOOLBAR_BOTH</property>
11246+ <property name="tooltips">False</property>
11247+ <property name="show_arrow">True</property>
11248+
11249+ <child>
11250+ <widget class="GtkToolButton" id="portsAddButton">
11251+ <property name="visible">True</property>
11252+ <property name="tooltip" translatable="yes">Add Network Port</property>
11253+ <property name="stock_id">gtk-add</property>
11254+ <property name="visible_horizontal">True</property>
11255+ <property name="visible_vertical">True</property>
11256+ <property name="is_important">False</property>
11257+ <signal name="clicked" handler="on_add_clicked" last_modification_time="Mon, 16 Jan 2006 18:27:03 GMT"/>
11258+ </widget>
11259+ <packing>
11260+ <property name="expand">False</property>
11261+ <property name="homogeneous">True</property>
11262+ </packing>
11263+ </child>
11264+
11265+ <child>
11266+ <widget class="GtkToolButton" id="portsPropertiesButton">
11267+ <property name="visible">True</property>
11268+ <property name="tooltip" translatable="yes">Edit Network Port</property>
11269+ <property name="stock_id">gtk-properties</property>
11270+ <property name="visible_horizontal">True</property>
11271+ <property name="visible_vertical">True</property>
11272+ <property name="is_important">False</property>
11273+ <signal name="clicked" handler="on_properties_clicked" last_modification_time="Mon, 16 Jan 2006 18:26:51 GMT"/>
11274+ </widget>
11275+ <packing>
11276+ <property name="expand">False</property>
11277+ <property name="homogeneous">True</property>
11278+ </packing>
11279+ </child>
11280+
11281+ <child>
11282+ <widget class="GtkToolButton" id="portsDeleteButton">
11283+ <property name="visible">True</property>
11284+ <property name="tooltip" translatable="yes">Delete Network Port</property>
11285+ <property name="stock_id">gtk-delete</property>
11286+ <property name="visible_horizontal">True</property>
11287+ <property name="visible_vertical">True</property>
11288+ <property name="is_important">False</property>
11289+ <signal name="clicked" handler="on_delete_clicked" last_modification_time="Mon, 16 Jan 2006 18:26:29 GMT"/>
11290+ </widget>
11291+ <packing>
11292+ <property name="expand">False</property>
11293+ <property name="homogeneous">True</property>
11294+ </packing>
11295+ </child>
11296+
11297+ <child>
11298+ <widget class="GtkToolItem" id="toolitem2">
11299+ <property name="visible">True</property>
11300+ <property name="visible_horizontal">True</property>
11301+ <property name="visible_vertical">True</property>
11302+ <property name="is_important">False</property>
11303+
11304+ <child>
11305+ <widget class="GtkVSeparator" id="vseparator1">
11306+ <property name="width_request">32</property>
11307+ <property name="visible">True</property>
11308+ </widget>
11309+ </child>
11310+ </widget>
11311+ <packing>
11312+ <property name="expand">False</property>
11313+ <property name="homogeneous">False</property>
11314+ </packing>
11315+ </child>
11316+
11317+ <child>
11318+ <widget class="GtkToolButton" id="listViewButton">
11319+ <property name="visible">True</property>
11320+ <property name="tooltip" translatable="yes">Toggle between Customized and All Ports</property>
11321+ <property name="label" translatable="yes">Group View</property>
11322+ <property name="use_underline">True</property>
11323+ <property name="stock_id">gtk-indent</property>
11324+ <property name="visible_horizontal">True</property>
11325+ <property name="visible_vertical">True</property>
11326+ <property name="is_important">False</property>
11327+ <signal name="clicked" handler="on_group_clicked" last_modification_time="Mon, 01 Oct 2007 21:31:19 GMT"/>
11328+ </widget>
11329+ <packing>
11330+ <property name="expand">False</property>
11331+ <property name="homogeneous">True</property>
11332+ </packing>
11333+ </child>
11334+
11335+ <child>
11336+ <widget class="GtkToolButton" id="toolbutton35">
11337+ <property name="visible">True</property>
11338+ <property name="tooltip" translatable="yes">Toggle between Customized and All Ports</property>
11339+ <property name="label" translatable="yes">Customized</property>
11340+ <property name="use_underline">True</property>
11341+ <property name="stock_id">gtk-find</property>
11342+ <property name="visible_horizontal">True</property>
11343+ <property name="visible_vertical">True</property>
11344+ <property name="is_important">False</property>
11345+ <signal name="clicked" handler="on_local_clicked" last_modification_time="Wed, 19 Sep 2007 19:14:08 GMT"/>
11346+ </widget>
11347+ <packing>
11348+ <property name="expand">False</property>
11349+ <property name="homogeneous">True</property>
11350+ </packing>
11351+ </child>
11352+ </widget>
11353+ <packing>
11354+ <property name="padding">0</property>
11355+ <property name="expand">False</property>
11356+ <property name="fill">False</property>
11357+ </packing>
11358+ </child>
11359+
11360+ <child>
11361+ <widget class="GtkHBox" id="hbox9">
11362+ <property name="visible">True</property>
11363+ <property name="homogeneous">False</property>
11364+ <property name="spacing">0</property>
11365+
11366+ <child>
11367+ <widget class="GtkLabel" id="label53">
11368+ <property name="visible">True</property>
11369+ <property name="label" translatable="yes">Filter</property>
11370+ <property name="use_underline">False</property>
11371+ <property name="use_markup">False</property>
11372+ <property name="justify">GTK_JUSTIFY_LEFT</property>
11373+ <property name="wrap">False</property>
11374+ <property name="selectable">False</property>
11375+ <property name="xalign">0.5</property>
11376+ <property name="yalign">0.5</property>
11377+ <property name="xpad">0</property>
11378+ <property name="ypad">0</property>
11379+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
11380+ <property name="width_chars">-1</property>
11381+ <property name="single_line_mode">False</property>
11382+ <property name="angle">0</property>
11383+ </widget>
11384+ <packing>
11385+ <property name="padding">10</property>
11386+ <property name="expand">False</property>
11387+ <property name="fill">False</property>
11388+ </packing>
11389+ </child>
11390+
11391+ <child>
11392+ <widget class="GtkEntry" id="portsFilterEntry">
11393+ <property name="visible">True</property>
11394+ <property name="can_focus">True</property>
11395+ <property name="editable">True</property>
11396+ <property name="visibility">True</property>
11397+ <property name="max_length">0</property>
11398+ <property name="text" translatable="yes"></property>
11399+ <property name="has_frame">True</property>
11400+ <property name="invisible_char">•</property>
11401+ <property name="activates_default">False</property>
11402+ <signal name="changed" handler="on_booleansFilter_changed" last_modification_time="Fri, 06 Apr 2007 12:39:26 GMT"/>
11403+ </widget>
11404+ <packing>
11405+ <property name="padding">0</property>
11406+ <property name="expand">True</property>
11407+ <property name="fill">True</property>
11408+ </packing>
11409+ </child>
11410+ </widget>
11411+ <packing>
11412+ <property name="padding">5</property>
11413+ <property name="expand">False</property>
11414+ <property name="fill">True</property>
11415+ </packing>
11416+ </child>
11417+
11418+ <child>
11419+ <widget class="GtkScrolledWindow" id="scrolledwindow13">
11420+ <property name="visible">True</property>
11421+ <property name="can_focus">True</property>
11422+ <property name="hscrollbar_policy">GTK_POLICY_ALWAYS</property>
11423+ <property name="vscrollbar_policy">GTK_POLICY_ALWAYS</property>
11424+ <property name="shadow_type">GTK_SHADOW_NONE</property>
11425+ <property name="window_placement">GTK_CORNER_TOP_LEFT</property>
11426+
11427+ <child>
11428+ <widget class="GtkTreeView" id="portsView">
11429+ <property name="visible">True</property>
11430+ <property name="tooltip" translatable="yes">Network Port</property>
11431+ <property name="can_focus">True</property>
11432+ <property name="headers_visible">True</property>
11433+ <property name="rules_hint">False</property>
11434+ <property name="reorderable">False</property>
11435+ <property name="enable_search">True</property>
11436+ <property name="fixed_height_mode">False</property>
11437+ <property name="hover_selection">False</property>
11438+ <property name="hover_expand">False</property>
11439+ </widget>
11440+ </child>
11441+ </widget>
11442+ <packing>
11443+ <property name="padding">0</property>
11444+ <property name="expand">True</property>
11445+ <property name="fill">True</property>
11446+ </packing>
11447+ </child>
11448+ </widget>
11449+ <packing>
11450+ <property name="tab_expand">False</property>
11451+ <property name="tab_fill">True</property>
11452+ </packing>
11453+ </child>
11454+
11455+ <child>
11456+ <widget class="GtkLabel" id="label42">
11457+ <property name="visible">True</property>
11458+ <property name="label" translatable="yes">label42</property>
11459+ <property name="use_underline">False</property>
11460+ <property name="use_markup">False</property>
11461+ <property name="justify">GTK_JUSTIFY_LEFT</property>
11462+ <property name="wrap">False</property>
11463+ <property name="selectable">False</property>
11464+ <property name="xalign">0.5</property>
11465+ <property name="yalign">0.5</property>
11466+ <property name="xpad">0</property>
11467+ <property name="ypad">0</property>
11468+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
11469+ <property name="width_chars">-1</property>
11470+ <property name="single_line_mode">False</property>
11471+ <property name="angle">0</property>
11472+ </widget>
11473+ <packing>
11474+ <property name="type">tab</property>
11475+ </packing>
11476+ </child>
11477+
11478+ <child>
11479+ <widget class="GtkVBox" id="vbox17">
11480+ <property name="visible">True</property>
11481+ <property name="homogeneous">False</property>
11482+ <property name="spacing">0</property>
11483+
11484+ <child>
11485+ <widget class="GtkToolbar" id="toolbar8">
11486+ <property name="visible">True</property>
11487+ <property name="orientation">GTK_ORIENTATION_HORIZONTAL</property>
11488+ <property name="toolbar_style">GTK_TOOLBAR_BOTH</property>
11489+ <property name="tooltips">True</property>
11490+ <property name="show_arrow">True</property>
11491+
11492+ <child>
11493+ <widget class="GtkToolButton" id="newModuleButton">
11494+ <property name="visible">True</property>
11495+ <property name="tooltip" translatable="yes">Generate new policy module</property>
11496+ <property name="stock_id">gtk-new</property>
11497+ <property name="visible_horizontal">True</property>
11498+ <property name="visible_vertical">True</property>
11499+ <property name="is_important">False</property>
11500+ <signal name="clicked" handler="on_new_clicked" last_modification_time="Sat, 17 Mar 2007 15:53:29 GMT"/>
11501+ </widget>
11502+ <packing>
11503+ <property name="expand">False</property>
11504+ <property name="homogeneous">True</property>
11505+ </packing>
11506+ </child>
11507+
11508+ <child>
11509+ <widget class="GtkToolButton" id="toolbutton23">
11510+ <property name="visible">True</property>
11511+ <property name="tooltip" translatable="yes">Load policy module</property>
11512+ <property name="stock_id">gtk-add</property>
11513+ <property name="visible_horizontal">True</property>
11514+ <property name="visible_vertical">True</property>
11515+ <property name="is_important">False</property>
11516+ <signal name="clicked" handler="on_add_clicked" last_modification_time="Mon, 16 Jan 2006 18:27:03 GMT"/>
11517+ </widget>
11518+ <packing>
11519+ <property name="expand">False</property>
11520+ <property name="homogeneous">True</property>
11521+ </packing>
11522+ </child>
11523+
11524+ <child>
11525+ <widget class="GtkToolButton" id="toolbutton25">
11526+ <property name="visible">True</property>
11527+ <property name="tooltip" translatable="yes">Remove loadable policy module</property>
11528+ <property name="stock_id">gtk-remove</property>
11529+ <property name="visible_horizontal">True</property>
11530+ <property name="visible_vertical">True</property>
11531+ <property name="is_important">False</property>
11532+ <signal name="clicked" handler="on_delete_clicked" last_modification_time="Mon, 16 Jan 2006 18:26:29 GMT"/>
11533+ </widget>
11534+ <packing>
11535+ <property name="expand">False</property>
11536+ <property name="homogeneous">True</property>
11537+ </packing>
11538+ </child>
11539+
11540+ <child>
11541+ <widget class="GtkToolItem" id="toolitem3">
11542+ <property name="visible">True</property>
11543+ <property name="visible_horizontal">True</property>
11544+ <property name="visible_vertical">True</property>
11545+ <property name="is_important">False</property>
11546+
11547+ <child>
11548+ <widget class="GtkVSeparator" id="vseparator2">
11549+ <property name="width_request">10</property>
11550+ <property name="visible">True</property>
11551+ </widget>
11552+ </child>
11553+ </widget>
11554+ <packing>
11555+ <property name="expand">False</property>
11556+ <property name="homogeneous">False</property>
11557+ </packing>
11558+ </child>
11559+
11560+ <child>
11561+ <widget class="GtkToolButton" id="enableAuditButton">
11562+ <property name="visible">True</property>
11563+ <property name="tooltip" translatable="yes">Enable/Disable additional audit rules, that are normally not reported in the log files.</property>
11564+ <property name="label" translatable="yes">Enable Audit</property>
11565+ <property name="use_underline">True</property>
11566+ <property name="stock_id">gtk-zoom-in</property>
11567+ <property name="visible_horizontal">True</property>
11568+ <property name="visible_vertical">True</property>
11569+ <property name="is_important">False</property>
11570+ <signal name="clicked" handler="on_disable_audit_clicked" last_modification_time="Wed, 15 Nov 2006 16:29:34 GMT"/>
11571+ </widget>
11572+ <packing>
11573+ <property name="expand">False</property>
11574+ <property name="homogeneous">True</property>
11575+ </packing>
11576+ </child>
11577+ </widget>
11578+ <packing>
11579+ <property name="padding">0</property>
11580+ <property name="expand">False</property>
11581+ <property name="fill">False</property>
11582+ </packing>
11583+ </child>
11584+
11585+ <child>
11586+ <widget class="GtkHBox" id="hbox11">
11587+ <property name="visible">True</property>
11588+ <property name="homogeneous">False</property>
11589+ <property name="spacing">0</property>
11590+
11591+ <child>
11592+ <widget class="GtkLabel" id="label55">
11593+ <property name="visible">True</property>
11594+ <property name="label" translatable="yes">Filter</property>
11595+ <property name="use_underline">False</property>
11596+ <property name="use_markup">False</property>
11597+ <property name="justify">GTK_JUSTIFY_LEFT</property>
11598+ <property name="wrap">False</property>
11599+ <property name="selectable">False</property>
11600+ <property name="xalign">0.5</property>
11601+ <property name="yalign">0.5</property>
11602+ <property name="xpad">0</property>
11603+ <property name="ypad">0</property>
11604+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
11605+ <property name="width_chars">-1</property>
11606+ <property name="single_line_mode">False</property>
11607+ <property name="angle">0</property>
11608+ </widget>
11609+ <packing>
11610+ <property name="padding">10</property>
11611+ <property name="expand">False</property>
11612+ <property name="fill">False</property>
11613+ </packing>
11614+ </child>
11615+
11616+ <child>
11617+ <widget class="GtkEntry" id="modulesFilterEntry">
11618+ <property name="visible">True</property>
11619+ <property name="can_focus">True</property>
11620+ <property name="editable">True</property>
11621+ <property name="visibility">True</property>
11622+ <property name="max_length">0</property>
11623+ <property name="text" translatable="yes"></property>
11624+ <property name="has_frame">True</property>
11625+ <property name="invisible_char">•</property>
11626+ <property name="activates_default">False</property>
11627+ <signal name="changed" handler="on_booleansFilter_changed" last_modification_time="Fri, 06 Apr 2007 12:39:26 GMT"/>
11628+ </widget>
11629+ <packing>
11630+ <property name="padding">0</property>
11631+ <property name="expand">True</property>
11632+ <property name="fill">True</property>
11633+ </packing>
11634+ </child>
11635+ </widget>
11636+ <packing>
11637+ <property name="padding">5</property>
11638+ <property name="expand">False</property>
11639+ <property name="fill">True</property>
11640+ </packing>
11641+ </child>
11642+
11643+ <child>
11644+ <widget class="GtkScrolledWindow" id="scrolledwindow15">
11645+ <property name="visible">True</property>
11646+ <property name="can_focus">True</property>
11647+ <property name="hscrollbar_policy">GTK_POLICY_ALWAYS</property>
11648+ <property name="vscrollbar_policy">GTK_POLICY_ALWAYS</property>
11649+ <property name="shadow_type">GTK_SHADOW_NONE</property>
11650+ <property name="window_placement">GTK_CORNER_TOP_LEFT</property>
11651+
11652+ <child>
11653+ <widget class="GtkTreeView" id="modulesView">
11654+ <property name="visible">True</property>
11655+ <property name="tooltip" translatable="yes">Policy Module</property>
11656+ <property name="can_focus">True</property>
11657+ <property name="headers_visible">True</property>
11658+ <property name="rules_hint">False</property>
11659+ <property name="reorderable">False</property>
11660+ <property name="enable_search">True</property>
11661+ <property name="fixed_height_mode">False</property>
11662+ <property name="hover_selection">False</property>
11663+ <property name="hover_expand">False</property>
11664+ </widget>
11665+ </child>
11666+ </widget>
11667+ <packing>
11668+ <property name="padding">0</property>
11669+ <property name="expand">True</property>
11670+ <property name="fill">True</property>
11671+ </packing>
11672+ </child>
11673+ </widget>
11674+ <packing>
11675+ <property name="tab_expand">False</property>
11676+ <property name="tab_fill">True</property>
11677+ </packing>
11678+ </child>
11679+
11680+ <child>
11681+ <widget class="GtkLabel" id="label44">
11682+ <property name="visible">True</property>
11683+ <property name="label" translatable="yes">label44</property>
11684+ <property name="use_underline">False</property>
11685+ <property name="use_markup">False</property>
11686+ <property name="justify">GTK_JUSTIFY_LEFT</property>
11687+ <property name="wrap">False</property>
11688+ <property name="selectable">False</property>
11689+ <property name="xalign">0.5</property>
11690+ <property name="yalign">0.5</property>
11691+ <property name="xpad">0</property>
11692+ <property name="ypad">0</property>
11693+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
11694+ <property name="width_chars">-1</property>
11695+ <property name="single_line_mode">False</property>
11696+ <property name="angle">0</property>
11697+ </widget>
11698+ <packing>
11699+ <property name="type">tab</property>
11700+ </packing>
11701+ </child>
11702+
11703+ <child>
11704+ <widget class="GtkVBox" id="vbox19">
11705+ <property name="visible">True</property>
11706+ <property name="homogeneous">False</property>
11707+ <property name="spacing">0</property>
11708+
11709+ <child>
11710+ <widget class="GtkToolbar" id="toolbar10">
11711+ <property name="visible">True</property>
11712+ <property name="orientation">GTK_ORIENTATION_HORIZONTAL</property>
11713+ <property name="toolbar_style">GTK_TOOLBAR_BOTH</property>
11714+ <property name="tooltips">True</property>
11715+ <property name="show_arrow">True</property>
11716+
11717+ <child>
11718+ <widget class="GtkToolButton" id="permissiveButton">
11719+ <property name="visible">True</property>
11720+ <property name="tooltip" translatable="yes">Change process mode to permissive.</property>
11721+ <property name="label" translatable="yes">Permissive</property>
11722+ <property name="use_underline">True</property>
11723+ <property name="stock_id">gtk-dialog-warning</property>
11724+ <property name="visible_horizontal">True</property>
11725+ <property name="visible_vertical">True</property>
11726+ <property name="is_important">False</property>
11727+ <signal name="clicked" handler="on_add_clicked" last_modification_time="Mon, 16 Jan 2006 18:27:03 GMT"/>
11728+ </widget>
11729+ <packing>
11730+ <property name="expand">False</property>
11731+ <property name="homogeneous">True</property>
11732+ </packing>
11733+ </child>
11734+
11735+ <child>
11736+ <widget class="GtkToolButton" id="enforcingButton">
11737+ <property name="visible">True</property>
11738+ <property name="tooltip" translatable="yes">Change process mode to enforcing</property>
11739+ <property name="label" translatable="yes">Enforcing</property>
11740+ <property name="use_underline">True</property>
11741+ <property name="stock_id">gtk-dialog-error</property>
11742+ <property name="visible_horizontal">True</property>
11743+ <property name="visible_vertical">True</property>
11744+ <property name="is_important">False</property>
11745+ <signal name="clicked" handler="on_delete_clicked" last_modification_time="Mon, 16 Jan 2006 18:26:29 GMT"/>
11746+ </widget>
11747+ <packing>
11748+ <property name="expand">False</property>
11749+ <property name="homogeneous">True</property>
11750+ </packing>
11751+ </child>
11752+ </widget>
11753+ <packing>
11754+ <property name="padding">0</property>
11755+ <property name="expand">False</property>
11756+ <property name="fill">False</property>
11757+ </packing>
11758+ </child>
11759+
11760+ <child>
11761+ <widget class="GtkHBox" id="hbox15">
11762+ <property name="visible">True</property>
11763+ <property name="homogeneous">False</property>
11764+ <property name="spacing">0</property>
11765+
11766+ <child>
11767+ <widget class="GtkLabel" id="label60">
11768+ <property name="visible">True</property>
11769+ <property name="label" translatable="yes">Filter</property>
11770+ <property name="use_underline">False</property>
11771+ <property name="use_markup">False</property>
11772+ <property name="justify">GTK_JUSTIFY_LEFT</property>
11773+ <property name="wrap">False</property>
11774+ <property name="selectable">False</property>
11775+ <property name="xalign">0.5</property>
11776+ <property name="yalign">0.5</property>
11777+ <property name="xpad">0</property>
11778+ <property name="ypad">0</property>
11779+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
11780+ <property name="width_chars">-1</property>
11781+ <property name="single_line_mode">False</property>
11782+ <property name="angle">0</property>
11783+ </widget>
11784+ <packing>
11785+ <property name="padding">10</property>
11786+ <property name="expand">False</property>
11787+ <property name="fill">False</property>
11788+ </packing>
11789+ </child>
11790+
11791+ <child>
11792+ <widget class="GtkEntry" id="domainsFilterEntry">
11793+ <property name="visible">True</property>
11794+ <property name="can_focus">True</property>
11795+ <property name="editable">True</property>
11796+ <property name="visibility">True</property>
11797+ <property name="max_length">0</property>
11798+ <property name="text" translatable="yes"></property>
11799+ <property name="has_frame">True</property>
11800+ <property name="invisible_char">•</property>
11801+ <property name="activates_default">False</property>
11802+ <signal name="changed" handler="on_booleansFilter_changed" last_modification_time="Fri, 06 Apr 2007 12:39:26 GMT"/>
11803+ </widget>
11804+ <packing>
11805+ <property name="padding">0</property>
11806+ <property name="expand">True</property>
11807+ <property name="fill">True</property>
11808+ </packing>
11809+ </child>
11810+ </widget>
11811+ <packing>
11812+ <property name="padding">5</property>
11813+ <property name="expand">False</property>
11814+ <property name="fill">True</property>
11815+ </packing>
11816+ </child>
11817+
11818+ <child>
11819+ <widget class="GtkScrolledWindow" id="scrolledwindow20">
11820+ <property name="visible">True</property>
11821+ <property name="can_focus">True</property>
11822+ <property name="hscrollbar_policy">GTK_POLICY_ALWAYS</property>
11823+ <property name="vscrollbar_policy">GTK_POLICY_ALWAYS</property>
11824+ <property name="shadow_type">GTK_SHADOW_NONE</property>
11825+ <property name="window_placement">GTK_CORNER_TOP_LEFT</property>
11826+
11827+ <child>
11828+ <widget class="GtkTreeView" id="domainsView">
11829+ <property name="visible">True</property>
11830+ <property name="tooltip" translatable="yes">Process Domain</property>
11831+ <property name="can_focus">True</property>
11832+ <property name="headers_visible">True</property>
11833+ <property name="rules_hint">False</property>
11834+ <property name="reorderable">False</property>
11835+ <property name="enable_search">True</property>
11836+ <property name="fixed_height_mode">False</property>
11837+ <property name="hover_selection">False</property>
11838+ <property name="hover_expand">False</property>
11839+ </widget>
11840+ </child>
11841+ </widget>
11842+ <packing>
11843+ <property name="padding">0</property>
11844+ <property name="expand">True</property>
11845+ <property name="fill">True</property>
11846+ </packing>
11847+ </child>
11848+ </widget>
11849+ <packing>
11850+ <property name="tab_expand">False</property>
11851+ <property name="tab_fill">True</property>
11852+ </packing>
11853+ </child>
11854+
11855+ <child>
11856+ <widget class="GtkLabel" id="label59">
11857+ <property name="visible">True</property>
11858+ <property name="label" translatable="yes">label59</property>
11859+ <property name="use_underline">False</property>
11860+ <property name="use_markup">False</property>
11861+ <property name="justify">GTK_JUSTIFY_LEFT</property>
11862+ <property name="wrap">False</property>
11863+ <property name="selectable">False</property>
11864+ <property name="xalign">0.5</property>
11865+ <property name="yalign">0.5</property>
11866+ <property name="xpad">0</property>
11867+ <property name="ypad">0</property>
11868+ <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
11869+ <property name="width_chars">-1</property>
11870+ <property name="single_line_mode">False</property>
11871+ <property name="angle">0</property>
11872+ </widget>
11873+ <packing>
11874+ <property name="type">tab</property>
11875+ </packing>
11876+ </child>
11877+ </widget>
11878+ <packing>
11879+ <property name="shrink">True</property>
11880+ <property name="resize">True</property>
11881+ </packing>
11882+ </child>
11883+ </widget>
11884+ </child>
11885+ </widget>
11886+ <packing>
11887+ <property name="padding">0</property>
11888+ <property name="expand">True</property>
11889+ <property name="fill">True</property>
11890+ </packing>
11891+ </child>
11892+
11893+ <child internal-child="appbar">
11894+ <widget class="GnomeAppBar" id="appbar2">
11895+ <property name="visible">True</property>
11896+ <property name="has_progress">True</property>
11897+ <property name="has_status">True</property>
11898+ </widget>
11899+ <packing>
11900+ <property name="padding">0</property>
11901+ <property name="expand">True</property>
11902+ <property name="fill">True</property>
11903+ </packing>
11904+ </child>
11905+</widget>
11906+
11907+</glade-interface>
11908diff -up policycoreutils-2.1.8/gui/system-config-selinux.gladep.gui policycoreutils-2.1.8/gui/system-config-selinux.gladep
11909--- policycoreutils-2.1.8/gui/system-config-selinux.gladep.gui 2011-11-07 15:12:01.914834238 -0500
11910+++ policycoreutils-2.1.8/gui/system-config-selinux.gladep 2011-11-07 15:12:01.914834238 -0500
11911@@ -0,0 +1,7 @@
11912+<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*-->
11913+<!DOCTYPE glade-project SYSTEM "http://glade.gnome.org/glade-project-2.0.dtd">
11914+
11915+<glade-project>
11916+ <name></name>
11917+ <program_name></program_name>
11918+</glade-project>
11919diff -up policycoreutils-2.1.8/gui/system-config-selinux.py.gui policycoreutils-2.1.8/gui/system-config-selinux.py
11920--- policycoreutils-2.1.8/gui/system-config-selinux.py.gui 2011-11-07 15:12:01.914834238 -0500
11921+++ policycoreutils-2.1.8/gui/system-config-selinux.py 2011-11-07 15:12:01.915834239 -0500
11922@@ -0,0 +1,187 @@
11923+#!/usr/bin/python -Es
11924+#
11925+# system-config-selinux.py - GUI for SELinux Config tool in system-config-selinux
11926+#
11927+# Dan Walsh <dwalsh@redhat.com>
11928+#
11929+# Copyright 2006-2009 Red Hat, Inc.
11930+#
11931+# This program is free software; you can redistribute it and/or modify
11932+# it under the terms of the GNU General Public License as published by
11933+# the Free Software Foundation; either version 2 of the License, or
11934+# (at your option) any later version.
11935+#
11936+# This program is distributed in the hope that it will be useful,
11937+# but WITHOUT ANY WARRANTY; without even the implied warranty of
11938+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11939+# GNU General Public License for more details.
11940+#
11941+# You should have received a copy of the GNU General Public License
11942+# along with this program; if not, write to the Free Software
11943+# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
11944+#
11945+import signal
11946+import string
11947+import gtk
11948+import gtk.glade
11949+import os
11950+import gobject
11951+import gnome
11952+import sys
11953+import statusPage
11954+import booleansPage
11955+import loginsPage
11956+import usersPage
11957+import portsPage
11958+import modulesPage
11959+import domainsPage
11960+import fcontextPage
11961+import selinux
11962+##
11963+## I18N
11964+##
11965+PROGNAME="policycoreutils"
11966+
11967+import gettext
11968+gettext.bindtextdomain(PROGNAME, "/usr/share/locale")
11969+gettext.textdomain(PROGNAME)
11970+try:
11971+ gettext.install(PROGNAME,
11972+ localedir="/usr/share/locale",
11973+ unicode=False,
11974+ codeset = 'utf-8')
11975+except IOError:
11976+ import __builtin__
11977+ __builtin__.__dict__['_'] = unicode
11978+
11979+gnome.program_init("SELinux Management Tool", "5")
11980+
11981+version = "1.0"
11982+
11983+sys.path.append('/usr/share/system-config-selinux')
11984+
11985+
11986+
11987+##
11988+## Pull in the Glade file
11989+##
11990+if os.access("system-config-selinux.glade", os.F_OK):
11991+ xml = gtk.glade.XML ("system-config-selinux.glade", domain=PROGNAME)
11992+else:
11993+ xml = gtk.glade.XML ("/usr/share/system-config-selinux/system-config-selinux.glade", domain=PROGNAME)
11994+
11995+class childWindow:
11996+ def __init__(self):
11997+ self.tabs=[]
11998+ self.xml = xml
11999+ xml.signal_connect("on_quit_activate", self.destroy)
12000+ xml.signal_connect("on_delete_clicked", self.delete)
12001+ xml.signal_connect("on_add_clicked", self.add)
12002+ xml.signal_connect("on_properties_clicked", self.properties)
12003+ xml.signal_connect("on_local_clicked", self.on_local_clicked)
12004+ self.add_page(statusPage.statusPage(xml))
12005+ if selinux.is_selinux_enabled() > 0:
12006+ try:
12007+ self.add_page(booleansPage.booleansPage(xml))
12008+ self.add_page(fcontextPage.fcontextPage(xml))
12009+ self.add_page(loginsPage.loginsPage(xml))
12010+ self.add_page(usersPage.usersPage(xml))
12011+ self.add_page(portsPage.portsPage(xml))
12012+ self.add_page(modulesPage.modulesPage(xml)) # modules
12013+ self.add_page(domainsPage.domainsPage(xml)) # domains
12014+ except ValueError, e:
12015+ self.error(e.message)
12016+
12017+ xml.signal_connect("on_quit_activate", self.destroy)
12018+ xml.signal_connect("on_policy_activate", self.policy)
12019+ xml.signal_connect("on_logging_activate", self.logging)
12020+ xml.signal_connect("on_about_activate", self.on_about_activate)
12021+
12022+ self.add_menu = xml.get_widget("add_menu_item")
12023+ self.properties_menu = xml.get_widget("properties_menu_item")
12024+ self.delete_menu = xml.get_widget("delete_menu_item")
12025+
12026+ def error(self, message):
12027+ dlg = gtk.MessageDialog(None, 0, gtk.MESSAGE_ERROR,
12028+ gtk.BUTTONS_CLOSE,
12029+ message)
12030+ dlg.set_position(gtk.WIN_POS_MOUSE)
12031+ dlg.show_all()
12032+ dlg.run()
12033+ dlg.destroy()
12034+
12035+ def add_page(self, page):
12036+ self.tabs.append(page)
12037+
12038+ def policy(self, args):
12039+ os.spawnl(os.P_NOWAIT, "/usr/share/system-config-selinux/semanagegui.py")
12040+ def logging(self, args):
12041+ os.spawnl(os.P_NOWAIT, "/usr/bin/seaudit")
12042+
12043+ def delete(self, args):
12044+ self.tabs[self.notebook.get_current_page()].deleteDialog()
12045+
12046+ def add(self, args):
12047+ self.tabs[self.notebook.get_current_page()].addDialog()
12048+
12049+ def properties(self, args):
12050+ self.tabs[self.notebook.get_current_page()].propertiesDialog()
12051+
12052+ def on_local_clicked(self, button):
12053+ self.tabs[self.notebook.get_current_page()].on_local_clicked(button)
12054+
12055+ def on_about_activate(self, args):
12056+ dlg = xml.get_widget ("aboutWindow")
12057+ dlg.run ()
12058+ dlg.hide ()
12059+
12060+ def destroy(self, args):
12061+ gtk.main_quit()
12062+
12063+ def use_menus(self, use_menus):
12064+ self.add_menu.set_sensitive(use_menus)
12065+ self.properties_menu.set_sensitive(use_menus)
12066+ self.delete_menu.set_sensitive(use_menus)
12067+
12068+ def itemSelected(self, selection):
12069+ store, rows = selection.get_selected_rows()
12070+ if store != None and len(rows) > 0:
12071+ self.notebook.set_current_page(rows[0][0])
12072+ self.use_menus(self.tabs[rows[0][0]].use_menus())
12073+ else:
12074+ self.notebook.set_current_page(0)
12075+ self.use_menus(self.tabs[0].use_menus())
12076+
12077+
12078+ def setupScreen(self):
12079+ # Bring in widgets from glade file.
12080+ self.mainWindow = self.xml.get_widget("mainWindow")
12081+ self.notebook = self.xml.get_widget("notebook")
12082+ self.view = self.xml.get_widget("selectView")
12083+ self.view.get_selection().connect("changed", self.itemSelected)
12084+ self.store = gtk.ListStore(gobject.TYPE_STRING)
12085+ self.view.set_model(self.store)
12086+ col = gtk.TreeViewColumn("", gtk.CellRendererText(), text = 0)
12087+ col.set_resizable(True)
12088+ self.view.append_column(col)
12089+
12090+ for page in self.tabs:
12091+ iter = self.store.append()
12092+ self.store.set_value(iter, 0, page.get_description())
12093+ self.view.get_selection().select_path ((0,))
12094+
12095+ def stand_alone(self):
12096+ desktopName = _("Configue SELinux")
12097+
12098+ self.setupScreen()
12099+
12100+ self.mainWindow.connect("destroy", self.destroy)
12101+
12102+ self.mainWindow.show_all()
12103+ gtk.main()
12104+
12105+if __name__ == "__main__":
12106+ signal.signal (signal.SIGINT, signal.SIG_DFL)
12107+
12108+ app = childWindow()
12109+ app.stand_alone()
12110diff -up policycoreutils-2.1.8/gui/templates/boolean.py.gui policycoreutils-2.1.8/gui/templates/boolean.py
12111--- policycoreutils-2.1.8/gui/templates/boolean.py.gui 2011-11-07 15:12:01.915834239 -0500
12112+++ policycoreutils-2.1.8/gui/templates/boolean.py 2011-11-07 15:12:01.916834240 -0500
12113@@ -0,0 +1,40 @@
12114+# Copyright (C) 2007-2011 Red Hat
12115+# see file 'COPYING' for use and warranty information
12116+#
12117+# policygentool is a tool for the initial generation of SELinux policy
12118+#
12119+# This program is free software; you can redistribute it and/or
12120+# modify it under the terms of the GNU General Public License as
12121+# published by the Free Software Foundation; either version 2 of
12122+# the License, or (at your option) any later version.
12123+#
12124+# This program is distributed in the hope that it will be useful,
12125+# but WITHOUT ANY WARRANTY; without even the implied warranty of
12126+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12127+# GNU General Public License for more details.
12128+#
12129+# You should have received a copy of the GNU General Public License
12130+# along with this program; if not, write to the Free Software
12131+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
12132+# 02111-1307 USA
12133+#
12134+#
12135+########################### boolean Template File ###########################
12136+
12137+te_boolean="""
12138+## <desc>
12139+## <p>
12140+## DESCRIPTION
12141+## </p>
12142+## </desc>
12143+gen_tunable(BOOLEAN, false)
12144+"""
12145+
12146+te_rules="""
12147+tunable_policy(`BOOLEAN',`
12148+#TRUE
12149+',`
12150+#FALSE
12151+')
12152+"""
12153+
12154diff -up policycoreutils-2.1.8/gui/templates/etc_rw.py.gui policycoreutils-2.1.8/gui/templates/etc_rw.py
12155--- policycoreutils-2.1.8/gui/templates/etc_rw.py.gui 2011-11-07 15:12:01.916834240 -0500
12156+++ policycoreutils-2.1.8/gui/templates/etc_rw.py 2011-11-07 15:12:01.916834240 -0500
12157@@ -0,0 +1,112 @@
12158+# Copyright (C) 2007-2011 Red Hat
12159+# see file 'COPYING' for use and warranty information
12160+#
12161+# policygentool is a tool for the initial generation of SELinux policy
12162+#
12163+# This program is free software; you can redistribute it and/or
12164+# modify it under the terms of the GNU General Public License as
12165+# published by the Free Software Foundation; either version 2 of
12166+# the License, or (at your option) any later version.
12167+#
12168+# This program is distributed in the hope that it will be useful,
12169+# but WITHOUT ANY WARRANTY; without even the implied warranty of
12170+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12171+# GNU General Public License for more details.
12172+#
12173+# You should have received a copy of the GNU General Public License
12174+# along with this program; if not, write to the Free Software
12175+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
12176+# 02111-1307 USA
12177+#
12178+#
12179+########################### etc_rw Template File #############################
12180+
12181+########################### Type Enforcement File #############################
12182+te_types="""
12183+type TEMPLATETYPE_etc_rw_t;
12184+files_type(TEMPLATETYPE_etc_rw_t)
12185+"""
12186+te_rules="""
12187+manage_dirs_pattern(TEMPLATETYPE_t, TEMPLATETYPE_etc_rw_t, TEMPLATETYPE_etc_rw_t)
12188+manage_files_pattern(TEMPLATETYPE_t, TEMPLATETYPE_etc_rw_t, TEMPLATETYPE_etc_rw_t)
12189+files_etc_filetrans(TEMPLATETYPE_t, TEMPLATETYPE_etc_rw_t, { dir file })
12190+"""
12191+
12192+########################### Interface File #############################
12193+if_rules="""
12194+########################################
12195+## <summary>
12196+## Search TEMPLATETYPE conf directories.
12197+## </summary>
12198+## <param name="domain">
12199+## <summary>
12200+## Domain allowed access.
12201+## </summary>
12202+## </param>
12203+#
12204+interface(`TEMPLATETYPE_search_conf',`
12205+ gen_require(`
12206+ type TEMPLATETYPE_etc_rw_t;
12207+ ')
12208+
12209+ allow $1 TEMPLATETYPE_etc_rw_t:dir search_dir_perms;
12210+ files_search_etc($1)
12211+')
12212+
12213+########################################
12214+## <summary>
12215+## Read TEMPLATETYPE conf files.
12216+## </summary>
12217+## <param name="domain">
12218+## <summary>
12219+## Domain allowed access.
12220+## </summary>
12221+## </param>
12222+#
12223+interface(`TEMPLATETYPE_read_conf_files',`
12224+ gen_require(`
12225+ type TEMPLATETYPE_etc_rw_t;
12226+ ')
12227+
12228+ allow $1 TEMPLATETYPE_etc_rw_t:file read_file_perms;
12229+ allow $1 TEMPLATETYPE_etc_rw_t:dir list_dir_perms;
12230+ files_search_etc($1)
12231+')
12232+
12233+########################################
12234+## <summary>
12235+## Manage TEMPLATETYPE conf files.
12236+## </summary>
12237+## <param name="domain">
12238+## <summary>
12239+## Domain allowed access.
12240+## </summary>
12241+## </param>
12242+#
12243+interface(`TEMPLATETYPE_manage_conf_files',`
12244+ gen_require(`
12245+ type TEMPLATETYPE_etc_rw_t;
12246+ ')
12247+
12248+ manage_files_pattern($1, TEMPLATETYPE_etc_rw_t, TEMPLATETYPE_etc_rw_t)
12249+ files_search_etc($1)
12250+')
12251+
12252+"""
12253+
12254+if_admin_types="""
12255+ type TEMPLATETYPE_etc_rw_t;"""
12256+
12257+if_admin_rules="""
12258+ files_search_etc($1)
12259+ admin_pattern($1, TEMPLATETYPE_etc_rw_t)
12260+"""
12261+
12262+########################### File Context ##################################
12263+fc_file="""\
12264+FILENAME -- gen_context(system_u:object_r:TEMPLATETYPE_etc_rw_t,s0)
12265+"""
12266+
12267+fc_dir="""\
12268+FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_etc_rw_t,s0)
12269+"""
12270diff -up policycoreutils-2.1.8/gui/templates/executable.py.gui policycoreutils-2.1.8/gui/templates/executable.py
12271--- policycoreutils-2.1.8/gui/templates/executable.py.gui 2011-11-07 15:12:01.916834240 -0500
12272+++ policycoreutils-2.1.8/gui/templates/executable.py 2011-11-07 15:12:01.917834240 -0500
12273@@ -0,0 +1,451 @@
12274+# Copyright (C) 2007-2011 Red Hat
12275+# see file 'COPYING' for use and warranty information
12276+#
12277+# policygentool is a tool for the initial generation of SELinux policy
12278+#
12279+# This program is free software; you can redistribute it and/or
12280+# modify it under the terms of the GNU General Public License as
12281+# published by the Free Software Foundation; either version 2 of
12282+# the License, or (at your option) any later version.
12283+#
12284+# This program is distributed in the hope that it will be useful,
12285+# but WITHOUT ANY WARRANTY; without even the implied warranty of
12286+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12287+# GNU General Public License for more details.
12288+#
12289+# You should have received a copy of the GNU General Public License
12290+# along with this program; if not, write to the Free Software
12291+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
12292+# 02111-1307 USA
12293+#
12294+#
12295+########################### Type Enforcement File #############################
12296+te_daemon_types="""\
12297+policy_module(TEMPLATETYPE, 1.0.0)
12298+
12299+########################################
12300+#
12301+# Declarations
12302+#
12303+
12304+type TEMPLATETYPE_t;
12305+type TEMPLATETYPE_exec_t;
12306+init_daemon_domain(TEMPLATETYPE_t, TEMPLATETYPE_exec_t)
12307+
12308+permissive TEMPLATETYPE_t;
12309+"""
12310+
12311+te_initscript_types="""
12312+type TEMPLATETYPE_initrc_exec_t;
12313+init_script_file(TEMPLATETYPE_initrc_exec_t)
12314+"""
12315+
12316+te_dbusd_types="""\
12317+policy_module(TEMPLATETYPE, 1.0.0)
12318+
12319+########################################
12320+#
12321+# Declarations
12322+#
12323+
12324+type TEMPLATETYPE_t;
12325+type TEMPLATETYPE_exec_t;
12326+dbus_system_domain(TEMPLATETYPE_t, TEMPLATETYPE_exec_t)
12327+
12328+permissive TEMPLATETYPE_t;
12329+"""
12330+
12331+te_inetd_types="""\
12332+policy_module(TEMPLATETYPE, 1.0.0)
12333+
12334+########################################
12335+#
12336+# Declarations
12337+#
12338+
12339+type TEMPLATETYPE_t;
12340+type TEMPLATETYPE_exec_t;
12341+inetd_service_domain(TEMPLATETYPE_t, TEMPLATETYPE_exec_t)
12342+
12343+permissive TEMPLATETYPE_t;
12344+"""
12345+
12346+te_userapp_types="""\
12347+policy_module(TEMPLATETYPE, 1.0.0)
12348+
12349+########################################
12350+#
12351+# Declarations
12352+#
12353+
12354+type TEMPLATETYPE_t;
12355+type TEMPLATETYPE_exec_t;
12356+application_domain(TEMPLATETYPE_t, TEMPLATETYPE_exec_t)
12357+role system_r types TEMPLATETYPE_t;
12358+
12359+permissive TEMPLATETYPE_t;
12360+"""
12361+
12362+te_sandbox_types="""\
12363+policy_module(TEMPLATETYPE, 1.0.0)
12364+
12365+########################################
12366+#
12367+# Declarations
12368+#
12369+
12370+sandbox_x_domain_template(TEMPLATETYPE)
12371+
12372+permissive TEMPLATETYPE_t;
12373+permissive TEMPLATETYPE_client_t;
12374+
12375+"""
12376+
12377+te_cgi_types="""\
12378+policy_module(TEMPLATETYPE, 1.0.0)
12379+
12380+########################################
12381+#
12382+# Declarations
12383+#
12384+
12385+apache_content_template(TEMPLATETYPE)
12386+
12387+permissive httpd_TEMPLATETYPE_script_t;
12388+"""
12389+
12390+te_daemon_rules="""
12391+allow TEMPLATETYPE_t self:fifo_file rw_fifo_file_perms;
12392+allow TEMPLATETYPE_t self:unix_stream_socket create_stream_socket_perms;
12393+"""
12394+
12395+te_inetd_rules="""
12396+"""
12397+
12398+te_dbusd_rules="""
12399+"""
12400+
12401+te_userapp_rules="""
12402+allow TEMPLATETYPE_t self:fifo_file manage_fifo_file_perms;
12403+allow TEMPLATETYPE_t self:unix_stream_socket create_stream_socket_perms;
12404+"""
12405+
12406+te_cgi_rules="""
12407+"""
12408+
12409+te_sandbox_rules="""
12410+"""
12411+
12412+te_uid_rules="""
12413+auth_use_nsswitch(TEMPLATETYPE_t)
12414+"""
12415+
12416+te_syslog_rules="""
12417+logging_send_syslog_msg(TEMPLATETYPE_t)
12418+"""
12419+
12420+te_resolve_rules="""
12421+sysnet_dns_name_resolve(TEMPLATETYPE_t)
12422+"""
12423+
12424+te_pam_rules="""
12425+auth_domtrans_chk_passwd(TEMPLATETYPE_t)
12426+"""
12427+
12428+te_mail_rules="""
12429+mta_send_mail(TEMPLATETYPE_t)
12430+"""
12431+
12432+te_dbus_rules="""
12433+optional_policy(`
12434+ dbus_system_bus_client(TEMPLATETYPE_t)
12435+ dbus_connect_system_bus(TEMPLATETYPE_t)
12436+')
12437+"""
12438+
12439+te_kerberos_rules="""
12440+optional_policy(`
12441+ kerberos_use(TEMPLATETYPE_t)
12442+')
12443+"""
12444+
12445+te_manage_krb5_rcache_rules="""
12446+optional_policy(`
12447+ kerberos_keytab_template(TEMPLATETYPE, TEMPLATETYPE_t)
12448+ kerberos_manage_host_rcache(TEMPLATETYPE_t)
12449+')
12450+"""
12451+
12452+te_audit_rules="""
12453+logging_send_audit_msgs(TEMPLATETYPE_t)
12454+"""
12455+
12456+te_run_rules="""
12457+optional_policy(`
12458+ gen_require(`
12459+ type USER_t;
12460+ role USER_r;
12461+ ')
12462+
12463+ TEMPLATETYPE_run(USER_t, USER_r)
12464+')
12465+"""
12466+
12467+te_fd_rules="""
12468+domain_use_interactive_fds(TEMPLATETYPE_t)
12469+"""
12470+
12471+te_etc_rules="""
12472+files_read_etc_files(TEMPLATETYPE_t)
12473+"""
12474+
12475+te_localization_rules="""
12476+miscfiles_read_localization(TEMPLATETYPE_t)
12477+"""
12478+
12479+########################### Interface File #############################
12480+
12481+if_heading_rules="""
12482+## <summary>policy for TEMPLATETYPE</summary>
12483+"""
12484+
12485+if_program_rules="""
12486+
12487+########################################
12488+## <summary>
12489+## Transition to TEMPLATETYPE.
12490+## </summary>
12491+## <param name=\"domain\">
12492+## <summary>
12493+## Domain allowed to transition.
12494+## </summary>
12495+## </param>
12496+#
12497+interface(`TEMPLATETYPE_domtrans',`
12498+ gen_require(`
12499+ type TEMPLATETYPE_t, TEMPLATETYPE_exec_t;
12500+ ')
12501+
12502+ corecmd_search_bin($1)
12503+ domtrans_pattern($1, TEMPLATETYPE_exec_t, TEMPLATETYPE_t)
12504+')
12505+
12506+"""
12507+
12508+if_user_program_rules="""
12509+########################################
12510+## <summary>
12511+## Execute TEMPLATETYPE in the TEMPLATETYPE domain, and
12512+## allow the specified role the TEMPLATETYPE domain.
12513+## </summary>
12514+## <param name="domain">
12515+## <summary>
12516+## Domain allowed to transition
12517+## </summary>
12518+## </param>
12519+## <param name="role">
12520+## <summary>
12521+## The role to be allowed the TEMPLATETYPE domain.
12522+## </summary>
12523+## </param>
12524+#
12525+interface(`TEMPLATETYPE_run',`
12526+ gen_require(`
12527+ type TEMPLATETYPE_t;
12528+ ')
12529+
12530+ TEMPLATETYPE_domtrans($1)
12531+ role $2 types TEMPLATETYPE_t;
12532+')
12533+
12534+########################################
12535+## <summary>
12536+## Role access for TEMPLATETYPE
12537+## </summary>
12538+## <param name="role">
12539+## <summary>
12540+## Role allowed access
12541+## </summary>
12542+## </param>
12543+## <param name="domain">
12544+## <summary>
12545+## User domain for the role
12546+## </summary>
12547+## </param>
12548+#
12549+interface(`TEMPLATETYPE_role',`
12550+ gen_require(`
12551+ type TEMPLATETYPE_t;
12552+ ')
12553+
12554+ role $1 types TEMPLATETYPE_t;
12555+
12556+ TEMPLATETYPE_domtrans($2)
12557+
12558+ ps_process_pattern($2, TEMPLATETYPE_t)
12559+ allow $2 TEMPLATETYPE_t:process signal;
12560+')
12561+
12562+"""
12563+
12564+if_sandbox_rules="""
12565+########################################
12566+## <summary>
12567+## Execute sandbox in the TEMPLATETYPE_t domain, and
12568+## allow the specified role the TEMPLATETYPE_t domain.
12569+## </summary>
12570+## <param name="domain">
12571+## <summary>
12572+## Domain allowed to transition.
12573+## </summary>
12574+## </param>
12575+## <param name="role">
12576+## <summary>
12577+## The role to be allowed the TEMPLATETYPE_t domain.
12578+## </summary>
12579+## </param>
12580+#
12581+interface(`TEMPLATETYPE_transition',`
12582+ gen_require(`
12583+ type TEMPLATETYPE_t;
12584+ type TEMPLATETYPE_client_t;
12585+ ')
12586+
12587+ allow $1 TEMPLATETYPE_t:process { signal_perms transition };
12588+ dontaudit $1 TEMPLATETYPE_t:process { noatsecure siginh rlimitinh };
12589+ role $2 types TEMPLATETYPE_t;
12590+ role $2 types TEMPLATETYPE_client_t;
12591+
12592+ allow TEMPLATETYPE_t $1:process { sigchld signull };
12593+ allow TEMPLATETYPE_t $1:fifo_file rw_inherited_fifo_file_perms;
12594+ allow TEMPLATETYPE_client_t $1:process { sigchld signull };
12595+ allow TEMPLATETYPE_client_t $1:fifo_file rw_inherited_fifo_file_perms;
12596+')
12597+
12598+"""
12599+
12600+if_role_change_rules="""
12601+########################################
12602+## <summary>
12603+## Change to the TEMPLATETYPE role.
12604+## </summary>
12605+## <param name="role">
12606+## <summary>
12607+## Role allowed access.
12608+## </summary>
12609+## </param>
12610+## <rolecap/>
12611+#
12612+interface(`TEMPLATETYPE_role_change',`
12613+ gen_require(`
12614+ role TEMPLATETYPE_r;
12615+ ')
12616+
12617+ allow $1 TEMPLATETYPE_r;
12618+')
12619+
12620+"""
12621+
12622+if_initscript_rules="""
12623+########################################
12624+## <summary>
12625+## Execute TEMPLATETYPE server in the TEMPLATETYPE domain.
12626+## </summary>
12627+## <param name="domain">
12628+## <summary>
12629+## Domain allowed access.
12630+## </summary>
12631+## </param>
12632+#
12633+interface(`TEMPLATETYPE_initrc_domtrans',`
12634+ gen_require(`
12635+ type TEMPLATETYPE_initrc_exec_t;
12636+ ')
12637+
12638+ init_labeled_script_domtrans($1, TEMPLATETYPE_initrc_exec_t)
12639+')
12640+
12641+"""
12642+
12643+if_dbus_rules="""
12644+########################################
12645+## <summary>
12646+## Send and receive messages from
12647+## TEMPLATETYPE over dbus.
12648+## </summary>
12649+## <param name="domain">
12650+## <summary>
12651+## Domain allowed access.
12652+## </summary>
12653+## </param>
12654+#
12655+interface(`TEMPLATETYPE_dbus_chat',`
12656+ gen_require(`
12657+ type TEMPLATETYPE_t;
12658+ class dbus send_msg;
12659+ ')
12660+
12661+ allow $1 TEMPLATETYPE_t:dbus send_msg;
12662+ allow TEMPLATETYPE_t $1:dbus send_msg;
12663+')
12664+
12665+"""
12666+
12667+if_begin_admin="""
12668+########################################
12669+## <summary>
12670+## All of the rules required to administrate
12671+## an TEMPLATETYPE environment
12672+## </summary>
12673+## <param name="domain">
12674+## <summary>
12675+## Domain allowed access.
12676+## </summary>
12677+## </param>
12678+## <param name="role">
12679+## <summary>
12680+## Role allowed access.
12681+## </summary>
12682+## </param>
12683+## <rolecap/>
12684+#
12685+interface(`TEMPLATETYPE_admin',`
12686+ gen_require(`
12687+ type TEMPLATETYPE_t;"""
12688+
12689+if_middle_admin="""
12690+ ')
12691+
12692+ allow $1 TEMPLATETYPE_t:process { ptrace signal_perms };
12693+ ps_process_pattern($1, TEMPLATETYPE_t)
12694+"""
12695+
12696+if_initscript_admin_types="""
12697+ type TEMPLATETYPE_initrc_exec_t;"""
12698+
12699+if_initscript_admin="""
12700+ TEMPLATETYPE_initrc_domtrans($1)
12701+ domain_system_change_exemption($1)
12702+ role_transition $2 TEMPLATETYPE_initrc_exec_t system_r;
12703+ allow $2 system_r;
12704+"""
12705+
12706+if_end_admin="""
12707+')
12708+
12709+"""
12710+
12711+########################### File Context ##################################
12712+fc_program="""\
12713+
12714+EXECUTABLE -- gen_context(system_u:object_r:TEMPLATETYPE_exec_t,s0)
12715+"""
12716+
12717+fc_user="""\
12718+# Users do not have file context, leave blank
12719+"""
12720+
12721+fc_initscript="""\
12722+
12723+EXECUTABLE -- gen_context(system_u:object_r:TEMPLATETYPE_initrc_exec_t,s0)
12724+"""
12725diff -up policycoreutils-2.1.8/gui/templates/__init__.py.gui policycoreutils-2.1.8/gui/templates/__init__.py
12726--- policycoreutils-2.1.8/gui/templates/__init__.py.gui 2011-11-07 15:12:01.917834240 -0500
12727+++ policycoreutils-2.1.8/gui/templates/__init__.py 2011-11-07 15:12:01.917834240 -0500
12728@@ -0,0 +1,18 @@
12729+#
12730+# Copyright (C) 2007-2011 Red Hat
12731+#
12732+# This program is free software; you can redistribute it and/or modify
12733+# it under the terms of the GNU General Public License as published by
12734+# the Free Software Foundation; either version 2 of the License, or
12735+# (at your option) any later version.
12736+#
12737+# This program is distributed in the hope that it will be useful,
12738+# but WITHOUT ANY WARRANTY; without even the implied warranty of
12739+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12740+# GNU General Public License for more details.
12741+#
12742+# You should have received a copy of the GNU General Public License
12743+# along with this program; if not, write to the Free Software
12744+# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
12745+#
12746+
12747diff -up policycoreutils-2.1.8/gui/templates/network.py.gui policycoreutils-2.1.8/gui/templates/network.py
12748--- policycoreutils-2.1.8/gui/templates/network.py.gui 2011-11-07 15:12:01.917834240 -0500
12749+++ policycoreutils-2.1.8/gui/templates/network.py 2011-11-07 15:12:01.918834240 -0500
12750@@ -0,0 +1,102 @@
12751+# Copyright (C) 2007-2011 Red Hat
12752+# see file 'COPYING' for use and warranty information
12753+#
12754+# policygentool is a tool for the initial generation of SELinux policy
12755+#
12756+# This program is free software; you can redistribute it and/or
12757+# modify it under the terms of the GNU General Public License as
12758+# published by the Free Software Foundation; either version 2 of
12759+# the License, or (at your option) any later version.
12760+#
12761+# This program is distributed in the hope that it will be useful,
12762+# but WITHOUT ANY WARRANTY; without even the implied warranty of
12763+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12764+# GNU General Public License for more details.
12765+#
12766+# You should have received a copy of the GNU General Public License
12767+# along with this program; if not, write to the Free Software
12768+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
12769+# 02111-1307 USA
12770+#
12771+#
12772+########################### Type Enforcement File #############################
12773+te_port_types="""
12774+type TEMPLATETYPE_port_t;
12775+corenet_port(TEMPLATETYPE_port_t)
12776+"""
12777+
12778+te_network="""\
12779+sysnet_dns_name_resolve(TEMPLATETYPE_t)
12780+corenet_all_recvfrom_unlabeled(TEMPLATETYPE_t)
12781+"""
12782+
12783+te_tcp="""\
12784+allow TEMPLATETYPE_t self:tcp_socket create_stream_socket_perms;
12785+corenet_tcp_sendrecv_generic_if(TEMPLATETYPE_t)
12786+corenet_tcp_sendrecv_generic_node(TEMPLATETYPE_t)
12787+corenet_tcp_sendrecv_all_ports(TEMPLATETYPE_t)
12788+"""
12789+
12790+te_in_tcp="""\
12791+corenet_tcp_bind_generic_node(TEMPLATETYPE_t)
12792+"""
12793+
12794+te_in_need_port_tcp="""\
12795+allow TEMPLATETYPE_t TEMPLATETYPE_port_t:tcp_socket name_bind;
12796+"""
12797+
12798+te_out_need_port_tcp="""\
12799+allow TEMPLATETYPE_t TEMPLATETYPE_port_t:tcp_socket name_connect;
12800+"""
12801+
12802+te_udp="""\
12803+allow TEMPLATETYPE_t self:udp_socket { create_socket_perms listen };
12804+corenet_udp_sendrecv_generic_if(TEMPLATETYPE_t)
12805+corenet_udp_sendrecv_generic_node(TEMPLATETYPE_t)
12806+corenet_udp_sendrecv_all_ports(TEMPLATETYPE_t)
12807+"""
12808+
12809+te_in_udp="""\
12810+corenet_udp_bind_generic_node(TEMPLATETYPE_t)
12811+"""
12812+
12813+te_in_need_port_udp="""\
12814+allow TEMPLATETYPE_t TEMPLATETYPE_port_t:udp_socket name_bind;
12815+"""
12816+
12817+te_out_all_ports_tcp="""\
12818+corenet_tcp_connect_all_ports(TEMPLATETYPE_t)
12819+"""
12820+
12821+te_out_reserved_ports_tcp="""\
12822+corenet_tcp_connect_all_rpc_ports(TEMPLATETYPE_t)
12823+"""
12824+
12825+te_out_unreserved_ports_tcp="""\
12826+corenet_tcp_connect_all_unreserved_ports(TEMPLATETYPE_t)
12827+"""
12828+
12829+te_in_all_ports_tcp="""\
12830+corenet_tcp_bind_all_ports(TEMPLATETYPE_t)
12831+"""
12832+
12833+te_in_reserved_ports_tcp="""\
12834+corenet_tcp_bind_all_rpc_ports(TEMPLATETYPE_t)
12835+"""
12836+
12837+te_in_unreserved_ports_tcp="""\
12838+corenet_tcp_bind_all_unreserved_ports(TEMPLATETYPE_t)
12839+"""
12840+
12841+te_in_all_ports_udp="""\
12842+corenet_udp_bind_all_ports(TEMPLATETYPE_t)
12843+"""
12844+
12845+te_in_reserved_ports_udp="""\
12846+corenet_udp_bind_all_rpc_ports(TEMPLATETYPE_t)
12847+"""
12848+
12849+te_in_unreserved_ports_udp="""\
12850+corenet_udp_bind_all_unreserved_ports(TEMPLATETYPE_t)
12851+"""
12852+
12853diff -up policycoreutils-2.1.8/gui/templates/rw.py.gui policycoreutils-2.1.8/gui/templates/rw.py
12854--- policycoreutils-2.1.8/gui/templates/rw.py.gui 2011-11-07 15:12:01.918834240 -0500
12855+++ policycoreutils-2.1.8/gui/templates/rw.py 2011-11-07 15:12:01.918834240 -0500
12856@@ -0,0 +1,129 @@
12857+# Copyright (C) 2007-2011 Red Hat
12858+# see file 'COPYING' for use and warranty information
12859+#
12860+# policygentool is a tool for the initial generation of SELinux policy
12861+#
12862+# This program is free software; you can redistribute it and/or
12863+# modify it under the terms of the GNU General Public License as
12864+# published by the Free Software Foundation; either version 2 of
12865+# the License, or (at your option) any later version.
12866+#
12867+# This program is distributed in the hope that it will be useful,
12868+# but WITHOUT ANY WARRANTY; without even the implied warranty of
12869+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12870+# GNU General Public License for more details.
12871+#
12872+# You should have received a copy of the GNU General Public License
12873+# along with this program; if not, write to the Free Software
12874+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
12875+# 02111-1307 USA
12876+#
12877+#
12878+
12879+########################### tmp Template File #############################
12880+te_types="""
12881+type TEMPLATETYPE_rw_t;
12882+files_type(TEMPLATETYPE_rw_t)
12883+"""
12884+
12885+te_rules="""
12886+manage_dirs_pattern(TEMPLATETYPE_t, TEMPLATETYPE_rw_t, TEMPLATETYPE_rw_t)
12887+manage_files_pattern(TEMPLATETYPE_t, TEMPLATETYPE_rw_t, TEMPLATETYPE_rw_t)
12888+"""
12889+
12890+########################### Interface File #############################
12891+if_rules="""
12892+########################################
12893+## <summary>
12894+## Search TEMPLATETYPE rw directories.
12895+## </summary>
12896+## <param name="domain">
12897+## <summary>
12898+## Domain allowed access.
12899+## </summary>
12900+## </param>
12901+#
12902+interface(`TEMPLATETYPE_search_rw_dir',`
12903+ gen_require(`
12904+ type TEMPLATETYPE_rw_t;
12905+ ')
12906+
12907+ allow $1 TEMPLATETYPE_rw_t:dir search_dir_perms;
12908+ files_search_rw($1)
12909+')
12910+
12911+########################################
12912+## <summary>
12913+## Read TEMPLATETYPE rw files.
12914+## </summary>
12915+## <param name="domain">
12916+## <summary>
12917+## Domain allowed access.
12918+## </summary>
12919+## </param>
12920+#
12921+interface(`TEMPLATETYPE_read_rw_files',`
12922+ gen_require(`
12923+ type TEMPLATETYPE_rw_t;
12924+ ')
12925+
12926+ allow $1 TEMPLATETYPE_rw_t:file read_file_perms;
12927+ allow $1 TEMPLATETYPE_rw_t:dir list_dir_perms;
12928+ files_search_rw($1)
12929+')
12930+
12931+########################################
12932+## <summary>
12933+## Manage TEMPLATETYPE rw files.
12934+## </summary>
12935+## <param name="domain">
12936+## <summary>
12937+## Domain allowed access.
12938+## </summary>
12939+## </param>
12940+#
12941+interface(`TEMPLATETYPE_manage_rw_files',`
12942+ gen_require(`
12943+ type TEMPLATETYPE_rw_t;
12944+ ')
12945+
12946+ manage_files_pattern($1, TEMPLATETYPE_rw_t, TEMPLATETYPE_rw_t)
12947+')
12948+
12949+########################################
12950+## <summary>
12951+## Create, read, write, and delete
12952+## TEMPLATETYPE rw dirs.
12953+## </summary>
12954+## <param name="domain">
12955+## <summary>
12956+## Domain allowed access.
12957+## </summary>
12958+## </param>
12959+#
12960+interface(`TEMPLATETYPE_manage_rw_dirs',`
12961+ gen_require(`
12962+ type TEMPLATETYPE_rw_t;
12963+ ')
12964+
12965+ manage_dirs_pattern($1, TEMPLATETYPE_rw_t, TEMPLATETYPE_rw_t)
12966+')
12967+
12968+"""
12969+
12970+if_admin_types="""
12971+ type TEMPLATETYPE_rw_t;"""
12972+
12973+if_admin_rules="""
12974+ files_search_etc($1)
12975+ admin_pattern($1, TEMPLATETYPE_rw_t)
12976+"""
12977+
12978+########################### File Context ##################################
12979+fc_file="""
12980+FILENAME -- gen_context(system_u:object_r:TEMPLATETYPE_rw_t,s0)
12981+"""
12982+
12983+fc_dir="""
12984+FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_rw_t,s0)
12985+"""
12986diff -up policycoreutils-2.1.8/gui/templates/script.py.gui policycoreutils-2.1.8/gui/templates/script.py
12987--- policycoreutils-2.1.8/gui/templates/script.py.gui 2011-11-07 15:12:01.918834240 -0500
12988+++ policycoreutils-2.1.8/gui/templates/script.py 2011-11-07 15:12:01.919834241 -0500
12989@@ -0,0 +1,126 @@
12990+# Copyright (C) 2007-2011 Red Hat
12991+# see file 'COPYING' for use and warranty information
12992+#
12993+# policygentool is a tool for the initial generation of SELinux policy
12994+#
12995+# This program is free software; you can redistribute it and/or
12996+# modify it under the terms of the GNU General Public License as
12997+# published by the Free Software Foundation; either version 2 of
12998+# the License, or (at your option) any later version.
12999+#
13000+# This program is distributed in the hope that it will be useful,
13001+# but WITHOUT ANY WARRANTY; without even the implied warranty of
13002+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13003+# GNU General Public License for more details.
13004+#
13005+# You should have received a copy of the GNU General Public License
13006+# along with this program; if not, write to the Free Software
13007+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
13008+# 02111-1307 USA
13009+#
13010+#
13011+
13012+########################### tmp Template File #############################
13013+compile="""\
13014+#!/bin/sh -e
13015+
13016+DIRNAME=`dirname $0`
13017+cd $DIRNAME
13018+USAGE="$0 [ --update ]"
13019+if [ `id -u` != 0 ]; then
13020+echo 'You must be root to run this script'
13021+exit 1
13022+fi
13023+
13024+if [ $# -eq 1 ]; then
13025+ if [ "$1" = "--update" ] ; then
13026+ time=`ls -l --time-style="+%x %X" TEMPLATEFILE.te | awk '{ printf "%s %s", $6, $7 }'`
13027+ rules=`ausearch --start $time -m avc --raw -se TEMPLATETYPE`
13028+ if [ x"$rules" != "x" ] ; then
13029+ echo "Found avc's to update policy with"
13030+ echo -e "$rules" | audit2allow -R
13031+ echo "Do you want these changes added to policy [y/n]?"
13032+ read ANS
13033+ if [ "$ANS" = "y" -o "$ANS" = "Y" ] ; then
13034+ echo "Updating policy"
13035+ echo -e "$rules" | audit2allow -R >> TEMPLATEFILE.te
13036+ # Fall though and rebuild policy
13037+ else
13038+ exit 0
13039+ fi
13040+ else
13041+ echo "No new avcs found"
13042+ exit 0
13043+ fi
13044+ else
13045+ echo -e $USAGE
13046+ exit 1
13047+ fi
13048+elif [ $# -ge 2 ] ; then
13049+ echo -e $USAGE
13050+ exit 1
13051+fi
13052+
13053+echo "Building and Loading Policy"
13054+set -x
13055+make -f /usr/share/selinux/devel/Makefile || exit
13056+/usr/sbin/semodule -i TEMPLATEFILE.pp
13057+
13058+"""
13059+
13060+restorecon="""\
13061+# Fixing the file context on FILENAME
13062+/sbin/restorecon -F -R -v FILENAME
13063+"""
13064+
13065+tcp_ports="""\
13066+# Adding SELinux tcp port to port PORTNUM
13067+/usr/sbin/semanage port -a -t TEMPLATETYPE_port_t -p tcp PORTNUM
13068+"""
13069+
13070+udp_ports="""\
13071+# Adding SELinux udp port to port PORTNUM
13072+/usr/sbin/semanage port -a -t TEMPLATETYPE_port_t -p udp PORTNUM
13073+"""
13074+
13075+users="""\
13076+# Adding SELinux user TEMPLATETYPE_u
13077+/usr/sbin/semanage user -a -R "TEMPLATETYPE_rROLES" TEMPLATETYPE_u
13078+"""
13079+
13080+eusers="""\
13081+# Adding roles to SELinux user TEMPLATETYPE_u
13082+/usr/sbin/semanage user -m -R "TEMPLATETYPE_rROLES" TEMPLATETYPE_u
13083+"""
13084+
13085+admin_trans="""\
13086+# Adding roles to SELinux user USER
13087+/usr/sbin/semanage user -m -R +TEMPLATETYPE_r USER
13088+"""
13089+
13090+min_login_user_default_context="""\
13091+if [ ! -f /etc/selinux/targeted/contexts/users/TEMPLATETYPE_u ]; then
13092+cat > /etc/selinux/targeted/contexts/users/TEMPLATETYPE_u << _EOF
13093+TEMPLATETYPE_r:TEMPLATETYPE_t:s0 TEMPLATETYPE_r:TEMPLATETYPE_t
13094+system_r:crond_t TEMPLATETYPE_r:TEMPLATETYPE_t
13095+system_r:initrc_su_t TEMPLATETYPE_r:TEMPLATETYPE_t
13096+system_r:local_login_t TEMPLATETYPE_r:TEMPLATETYPE_t
13097+system_r:remote_login_t TEMPLATETYPE_r:TEMPLATETYPE_t
13098+system_r:sshd_t TEMPLATETYPE_r:TEMPLATETYPE_t
13099+_EOF
13100+fi
13101+"""
13102+
13103+x_login_user_default_context="""\
13104+if [ ! -f /etc/selinux/targeted/contexts/users/TEMPLATETYPE_u ]; then
13105+cat > /etc/selinux/targeted/contexts/users/TEMPLATETYPE_u << _EOF
13106+TEMPLATETYPE_r:TEMPLATETYPE_t TEMPLATETYPE_r:TEMPLATETYPE_t
13107+system_r:crond_t TEMPLATETYPE_r:TEMPLATETYPE_t
13108+system_r:initrc_su_t TEMPLATETYPE_r:TEMPLATETYPE_t
13109+system_r:local_login_t TEMPLATETYPE_r:TEMPLATETYPE_t
13110+system_r:remote_login_t TEMPLATETYPE_r:TEMPLATETYPE_t
13111+system_r:sshd_t TEMPLATETYPE_r:TEMPLATETYPE_t
13112+system_r:xdm_t TEMPLATETYPE_r:TEMPLATETYPE_t
13113+_EOF
13114+fi
13115+"""
13116diff -up policycoreutils-2.1.8/gui/templates/semodule.py.gui policycoreutils-2.1.8/gui/templates/semodule.py
13117--- policycoreutils-2.1.8/gui/templates/semodule.py.gui 2011-11-07 15:12:01.919834241 -0500
13118+++ policycoreutils-2.1.8/gui/templates/semodule.py 2011-11-07 15:12:01.919834241 -0500
13119@@ -0,0 +1,41 @@
13120+# Copyright (C) 2007-2011 Red Hat
13121+# see file 'COPYING' for use and warranty information
13122+#
13123+# policygentool is a tool for the initial generation of SELinux policy
13124+#
13125+# This program is free software; you can redistribute it and/or
13126+# modify it under the terms of the GNU General Public License as
13127+# published by the Free Software Foundation; either version 2 of
13128+# the License, or (at your option) any later version.
13129+#
13130+# This program is distributed in the hope that it will be useful,
13131+# but WITHOUT ANY WARRANTY; without even the implied warranty of
13132+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13133+# GNU General Public License for more details.
13134+#
13135+# You should have received a copy of the GNU General Public License
13136+# along with this program; if not, write to the Free Software
13137+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
13138+# 02111-1307 USA
13139+#
13140+#
13141+
13142+########################### tmp Template File #############################
13143+compile="""
13144+#!/bin/sh
13145+make -f /usr/share/selinux/devel/Makefile
13146+semodule -i TEMPLATETYPE.pp
13147+"""
13148+
13149+restorecon="""
13150+restorecon -R -v FILENAME
13151+"""
13152+
13153+tcp_ports="""
13154+semanage ports -a -t TEMPLATETYPE_port_t -p tcp PORTNUM
13155+"""
13156+
13157+udp_ports="""
13158+semanage ports -a -t TEMPLATETYPE_port_t -p udp PORTNUM
13159+"""
13160+
13161diff -up policycoreutils-2.1.8/gui/templates/tmp.py.gui policycoreutils-2.1.8/gui/templates/tmp.py
13162--- policycoreutils-2.1.8/gui/templates/tmp.py.gui 2011-11-07 15:12:01.919834241 -0500
13163+++ policycoreutils-2.1.8/gui/templates/tmp.py 2011-11-07 15:12:01.920834242 -0500
13164@@ -0,0 +1,102 @@
13165+# Copyright (C) 2007-2011 Red Hat
13166+# see file 'COPYING' for use and warranty information
13167+#
13168+# policygentool is a tool for the initial generation of SELinux policy
13169+#
13170+# This program is free software; you can redistribute it and/or
13171+# modify it under the terms of the GNU General Public License as
13172+# published by the Free Software Foundation; either version 2 of
13173+# the License, or (at your option) any later version.
13174+#
13175+# This program is distributed in the hope that it will be useful,
13176+# but WITHOUT ANY WARRANTY; without even the implied warranty of
13177+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13178+# GNU General Public License for more details.
13179+#
13180+# You should have received a copy of the GNU General Public License
13181+# along with this program; if not, write to the Free Software
13182+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
13183+# 02111-1307 USA
13184+#
13185+#
13186+########################### tmp Template File #############################
13187+
13188+te_types="""
13189+type TEMPLATETYPE_tmp_t;
13190+files_tmp_file(TEMPLATETYPE_tmp_t)
13191+"""
13192+
13193+te_rules="""
13194+manage_dirs_pattern(TEMPLATETYPE_t, TEMPLATETYPE_tmp_t, TEMPLATETYPE_tmp_t)
13195+manage_files_pattern(TEMPLATETYPE_t, TEMPLATETYPE_tmp_t, TEMPLATETYPE_tmp_t)
13196+files_tmp_filetrans(TEMPLATETYPE_t, TEMPLATETYPE_tmp_t, { dir file })
13197+"""
13198+
13199+if_rules="""
13200+########################################
13201+## <summary>
13202+## Do not audit attempts to read,
13203+## TEMPLATETYPE tmp files
13204+## </summary>
13205+## <param name="domain">
13206+## <summary>
13207+## Domain to not audit.
13208+## </summary>
13209+## </param>
13210+#
13211+interface(`TEMPLATETYPE_dontaudit_read_tmp_files',`
13212+ gen_require(`
13213+ type TEMPLATETYPE_tmp_t;
13214+ ')
13215+
13216+ dontaudit $1 TEMPLATETYPE_tmp_t:file read_file_perms;
13217+')
13218+
13219+########################################
13220+## <summary>
13221+## Read TEMPLATETYPE tmp files
13222+## </summary>
13223+## <param name="domain">
13224+## <summary>
13225+## Domain allowed access.
13226+## </summary>
13227+## </param>
13228+#
13229+interface(`TEMPLATETYPE_read_tmp_files',`
13230+ gen_require(`
13231+ type TEMPLATETYPE_tmp_t;
13232+ ')
13233+
13234+ files_search_tmp($1)
13235+ allow $1 TEMPLATETYPE_tmp_t:file read_file_perms;
13236+')
13237+
13238+########################################
13239+## <summary>
13240+## Manage TEMPLATETYPE tmp files
13241+## </summary>
13242+## <param name="domain">
13243+## <summary>
13244+## Domain allowed access.
13245+## </summary>
13246+## </param>
13247+#
13248+interface(`TEMPLATETYPE_manage_tmp',`
13249+ gen_require(`
13250+ type TEMPLATETYPE_tmp_t;
13251+ ')
13252+
13253+ files_search_tmp($1)
13254+ manage_dirs_pattern($1, TEMPLATETYPE_tmp_t, TEMPLATETYPE_tmp_t)
13255+ manage_files_pattern($1, TEMPLATETYPE_tmp_t, TEMPLATETYPE_tmp_t)
13256+ manage_lnk_files_pattern($1, TEMPLATETYPE_tmp_t, TEMPLATETYPE_tmp_t)
13257+')
13258+"""
13259+
13260+if_admin_types="""
13261+ type TEMPLATETYPE_tmp_t;"""
13262+
13263+if_admin_rules="""
13264+ files_search_tmp($1)
13265+ admin_pattern($1, TEMPLATETYPE_tmp_t)
13266+"""
13267diff -up policycoreutils-2.1.8/gui/templates/user.py.gui policycoreutils-2.1.8/gui/templates/user.py
13268--- policycoreutils-2.1.8/gui/templates/user.py.gui 2011-11-07 15:12:01.920834242 -0500
13269+++ policycoreutils-2.1.8/gui/templates/user.py 2011-11-07 15:12:01.920834242 -0500
13270@@ -0,0 +1,204 @@
13271+# Copyright (C) 2007-2011 Red Hat
13272+# see file 'COPYING' for use and warranty information
13273+#
13274+# policygentool is a tool for the initial generation of SELinux policy
13275+#
13276+# This program is free software; you can redistribute it and/or
13277+# modify it under the terms of the GNU General Public License as
13278+# published by the Free Software Foundation; either version 2 of
13279+# the License, or (at your option) any later version.
13280+#
13281+# This program is distributed in the hope that it will be useful,
13282+# but WITHOUT ANY WARRANTY; without even the implied warranty of
13283+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13284+# GNU General Public License for more details.
13285+#
13286+# You should have received a copy of the GNU General Public License
13287+# along with this program; if not, write to the Free Software
13288+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
13289+# 02111-1307 USA
13290+#
13291+#
13292+########################### Type Enforcement File #############################
13293+
13294+te_login_user_types="""\
13295+policy_module(TEMPLATETYPE, 1.0.0)
13296+
13297+########################################
13298+#
13299+# Declarations
13300+#
13301+
13302+userdom_unpriv_user_template(TEMPLATETYPE)
13303+"""
13304+
13305+te_admin_user_types="""\
13306+policy_module(TEMPLATETYPE, 1.0.0)
13307+
13308+########################################
13309+#
13310+# Declarations
13311+#
13312+
13313+userdom_admin_user_template(TEMPLATETYPE)
13314+"""
13315+
13316+te_min_login_user_types="""\
13317+policy_module(TEMPLATETYPE, 1.0.0)
13318+
13319+########################################
13320+#
13321+# Declarations
13322+#
13323+
13324+userdom_restricted_user_template(TEMPLATETYPE)
13325+"""
13326+
13327+te_x_login_user_types="""\
13328+policy_module(TEMPLATETYPE, 1.0.0)
13329+
13330+########################################
13331+#
13332+# Declarations
13333+#
13334+
13335+userdom_restricted_xwindows_user_template(TEMPLATETYPE)
13336+"""
13337+
13338+te_existing_user_types="""\
13339+policy_module(myTEMPLATETYPE, 1.0.0)
13340+
13341+gen_require(`
13342+ type TEMPLATETYPE_t, TEMPLATETYPE_devpts_t;
13343+ role TEMPLATETYPE_r;
13344+')
13345+
13346+"""
13347+
13348+te_root_user_types="""\
13349+policy_module(TEMPLATETYPE, 1.0.0)
13350+
13351+########################################
13352+#
13353+# Declarations
13354+#
13355+
13356+userdom_base_user_template(TEMPLATETYPE)
13357+"""
13358+
13359+te_login_user_rules="""\
13360+
13361+########################################
13362+#
13363+# TEMPLATETYPE local policy
13364+#
13365+
13366+"""
13367+
13368+te_existing_user_rules="""\
13369+
13370+########################################
13371+#
13372+# TEMPLATETYPE customized policy
13373+#
13374+
13375+"""
13376+
13377+te_x_login_user_rules="""\
13378+
13379+########################################
13380+#
13381+# TEMPLATETYPE local policy
13382+#
13383+"""
13384+
13385+te_root_user_rules="""\
13386+
13387+########################################
13388+#
13389+# TEMPLATETYPE local policy
13390+#
13391+"""
13392+
13393+te_transition_rules="""
13394+optional_policy(`
13395+ APPLICATION_role(TEMPLATETYPE_r, TEMPLATETYPE_t)
13396+')
13397+"""
13398+
13399+te_user_trans_rules="""
13400+optional_policy(`
13401+ gen_require(`
13402+ role USER_r;
13403+ ')
13404+
13405+ TEMPLATETYPE_role_change(USER_r)
13406+')
13407+"""
13408+
13409+te_admin_rules="""
13410+allow TEMPLATETYPE_t self:capability { dac_override dac_read_search kill sys_ptrace sys_nice };
13411+files_dontaudit_search_all_dirs(TEMPLATETYPE_t)
13412+
13413+selinux_get_enforce_mode(TEMPLATETYPE_t)
13414+seutil_domtrans_setfiles(TEMPLATETYPE_t)
13415+seutil_search_default_contexts(TEMPLATETYPE_t)
13416+
13417+logging_send_syslog_msg(TEMPLATETYPE_t)
13418+
13419+kernel_read_system_state(TEMPLATETYPE_t)
13420+
13421+domain_dontaudit_search_all_domains_state(TEMPLATETYPE_t)
13422+domain_dontaudit_ptrace_all_domains(TEMPLATETYPE_t)
13423+
13424+userdom_dontaudit_search_admin_dir(TEMPLATETYPE_t)
13425+userdom_dontaudit_search_user_home_dirs(TEMPLATETYPE_t)
13426+
13427+bool TEMPLATETYPE_read_user_files false;
13428+bool TEMPLATETYPE_manage_user_files false;
13429+
13430+if (TEMPLATETYPE_read_user_files) {
13431+ userdom_read_user_home_content_files(TEMPLATETYPE_t)
13432+ userdom_read_user_tmp_files(TEMPLATETYPE_t)
13433+}
13434+
13435+if (TEMPLATETYPE_manage_user_files) {
13436+ userdom_manage_user_home_content(TEMPLATETYPE_t)
13437+ userdom_manage_user_tmp_files(TEMPLATETYPE_t)
13438+}
13439+
13440+"""
13441+
13442+te_admin_trans_rules="""
13443+gen_require(`
13444+ role USER_r;
13445+')
13446+
13447+allow USER_r TEMPLATETYPE_r;
13448+"""
13449+
13450+te_admin_domain_rules="""
13451+optional_policy(`
13452+ APPLICATION_admin(TEMPLATETYPE_t, TEMPLATETYPE_r)
13453+')
13454+"""
13455+
13456+te_roles_rules="""
13457+optional_policy(`
13458+ gen_require(`
13459+ role ROLE_r;
13460+ ')
13461+
13462+ allow TEMPLATETYPE_r ROLE_r;
13463+')
13464+"""
13465+
13466+te_sudo_rules="""
13467+optional_policy(`
13468+ sudo_role_template(TEMPLATETYPE, TEMPLATETYPE_r, TEMPLATETYPE_t)
13469+')
13470+"""
13471+
13472+te_newrole_rules="""
13473+seutil_run_newrole(TEMPLATETYPE_t, TEMPLATETYPE_r)
13474+"""
13475diff -up policycoreutils-2.1.8/gui/templates/var_cache.py.gui policycoreutils-2.1.8/gui/templates/var_cache.py
13476--- policycoreutils-2.1.8/gui/templates/var_cache.py.gui 2011-11-07 15:12:01.920834242 -0500
13477+++ policycoreutils-2.1.8/gui/templates/var_cache.py 2011-11-07 15:12:01.921834243 -0500
13478@@ -0,0 +1,132 @@
13479+# Copyright (C) 2007-2011 Red Hat
13480+# see file 'COPYING' for use and warranty information
13481+#
13482+# policygentool is a tool for the initial generation of SELinux policy
13483+#
13484+# This program is free software; you can redistribute it and/or
13485+# modify it under the terms of the GNU General Public License as
13486+# published by the Free Software Foundation; either version 2 of
13487+# the License, or (at your option) any later version.
13488+#
13489+# This program is distributed in the hope that it will be useful,
13490+# but WITHOUT ANY WARRANTY; without even the implied warranty of
13491+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13492+# GNU General Public License for more details.
13493+#
13494+# You should have received a copy of the GNU General Public License
13495+# along with this program; if not, write to the Free Software
13496+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
13497+# 02111-1307 USA
13498+#
13499+#
13500+########################### cache Template File #############################
13501+
13502+########################### Type Enforcement File #############################
13503+te_types="""
13504+type TEMPLATETYPE_cache_t;
13505+files_type(TEMPLATETYPE_cache_t)
13506+"""
13507+te_rules="""
13508+manage_dirs_pattern(TEMPLATETYPE_t, TEMPLATETYPE_cache_t, TEMPLATETYPE_cache_t)
13509+manage_files_pattern(TEMPLATETYPE_t, TEMPLATETYPE_cache_t, TEMPLATETYPE_cache_t)
13510+manage_lnk_files_pattern(TEMPLATETYPE_t, TEMPLATETYPE_cache_t, TEMPLATETYPE_cache_t)
13511+files_var_filetrans(TEMPLATETYPE_t, TEMPLATETYPE_cache_t, { dir file })
13512+"""
13513+
13514+########################### Interface File #############################
13515+if_rules="""
13516+########################################
13517+## <summary>
13518+## Search TEMPLATETYPE cache directories.
13519+## </summary>
13520+## <param name="domain">
13521+## <summary>
13522+## Domain allowed access.
13523+## </summary>
13524+## </param>
13525+#
13526+interface(`TEMPLATETYPE_search_cache',`
13527+ gen_require(`
13528+ type TEMPLATETYPE_cache_t;
13529+ ')
13530+
13531+ allow $1 TEMPLATETYPE_cache_t:dir search_dir_perms;
13532+ files_search_var($1)
13533+')
13534+
13535+########################################
13536+## <summary>
13537+## Read TEMPLATETYPE cache files.
13538+## </summary>
13539+## <param name="domain">
13540+## <summary>
13541+## Domain allowed access.
13542+## </summary>
13543+## </param>
13544+#
13545+interface(`TEMPLATETYPE_read_cache_files',`
13546+ gen_require(`
13547+ type TEMPLATETYPE_cache_t;
13548+ ')
13549+
13550+ files_search_var($1)
13551+ read_files_pattern($1, TEMPLATETYPE_cache_t TEMPLATETYPE_cache_t)
13552+')
13553+
13554+########################################
13555+## <summary>
13556+## Create, read, write, and delete
13557+## TEMPLATETYPE cache files.
13558+## </summary>
13559+## <param name="domain">
13560+## <summary>
13561+## Domain allowed access.
13562+## </summary>
13563+## </param>
13564+#
13565+interface(`TEMPLATETYPE_manage_cache_files',`
13566+ gen_require(`
13567+ type TEMPLATETYPE_cache_t;
13568+ ')
13569+
13570+ files_search_var($1)
13571+ manage_files_pattern($1, TEMPLATETYPE_cache_t, TEMPLATETYPE_cache_t)
13572+')
13573+
13574+########################################
13575+## <summary>
13576+## Manage TEMPLATETYPE cache dirs.
13577+## </summary>
13578+## <param name="domain">
13579+## <summary>
13580+## Domain allowed access.
13581+## </summary>
13582+## </param>
13583+#
13584+interface(`TEMPLATETYPE_manage_cache_dirs',`
13585+ gen_require(`
13586+ type TEMPLATETYPE_cache_t;
13587+ ')
13588+
13589+ files_search_var($1)
13590+ manage_dirs_pattern($1, TEMPLATETYPE_cache_t, TEMPLATETYPE_cache_t)
13591+')
13592+
13593+"""
13594+
13595+if_admin_types="""
13596+ type TEMPLATETYPE_cache_t;"""
13597+
13598+if_admin_rules="""
13599+ files_search_var($1)
13600+ admin_pattern($1, TEMPLATETYPE_cache_t)
13601+"""
13602+
13603+########################### File Context ##################################
13604+fc_file="""\
13605+FILENAME -- gen_context(system_u:object_r:TEMPLATETYPE_cache_t,s0)
13606+"""
13607+
13608+fc_dir="""\
13609+FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_cache_t,s0)
13610+"""
13611diff -up policycoreutils-2.1.8/gui/templates/var_lib.py.gui policycoreutils-2.1.8/gui/templates/var_lib.py
13612--- policycoreutils-2.1.8/gui/templates/var_lib.py.gui 2011-11-07 15:12:01.921834243 -0500
13613+++ policycoreutils-2.1.8/gui/templates/var_lib.py 2011-11-07 15:12:01.921834243 -0500
13614@@ -0,0 +1,160 @@
13615+# Copyright (C) 2007-2011 Red Hat
13616+# see file 'COPYING' for use and warranty information
13617+#
13618+# policygentool is a tool for the initial generation of SELinux policy
13619+#
13620+# This program is free software; you can redistribute it and/or
13621+# modify it under the terms of the GNU General Public License as
13622+# published by the Free Software Foundation; either version 2 of
13623+# the License, or (at your option) any later version.
13624+#
13625+# This program is distributed in the hope that it will be useful,
13626+# but WITHOUT ANY WARRANTY; without even the implied warranty of
13627+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13628+# GNU General Public License for more details.
13629+#
13630+# You should have received a copy of the GNU General Public License
13631+# along with this program; if not, write to the Free Software
13632+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
13633+# 02111-1307 USA
13634+#
13635+#
13636+########################### var_lib Template File #############################
13637+
13638+########################### Type Enforcement File #############################
13639+te_types="""
13640+type TEMPLATETYPE_var_lib_t;
13641+files_type(TEMPLATETYPE_var_lib_t)
13642+"""
13643+te_rules="""
13644+manage_dirs_pattern(TEMPLATETYPE_t, TEMPLATETYPE_var_lib_t, TEMPLATETYPE_var_lib_t)
13645+manage_files_pattern(TEMPLATETYPE_t, TEMPLATETYPE_var_lib_t, TEMPLATETYPE_var_lib_t)
13646+files_var_lib_filetrans(TEMPLATETYPE_t, TEMPLATETYPE_var_lib_t, { dir file })
13647+"""
13648+
13649+te_stream_rules="""\
13650+allow TEMPLATETYPE_t TEMPLATETYPE_var_lib_t:sock_file manage_sock_file_perms;
13651+files_var_lib_filetrans(TEMPLATETYPE_t, TEMPLATETYPE_var_lib_t, sock_file)
13652+"""
13653+
13654+
13655+########################### Interface File #############################
13656+if_rules="""
13657+########################################
13658+## <summary>
13659+## Search TEMPLATETYPE lib directories.
13660+## </summary>
13661+## <param name="domain">
13662+## <summary>
13663+## Domain allowed access.
13664+## </summary>
13665+## </param>
13666+#
13667+interface(`TEMPLATETYPE_search_lib',`
13668+ gen_require(`
13669+ type TEMPLATETYPE_var_lib_t;
13670+ ')
13671+
13672+ allow $1 TEMPLATETYPE_var_lib_t:dir search_dir_perms;
13673+ files_search_var_lib($1)
13674+')
13675+
13676+########################################
13677+## <summary>
13678+## Read TEMPLATETYPE lib files.
13679+## </summary>
13680+## <param name="domain">
13681+## <summary>
13682+## Domain allowed access.
13683+## </summary>
13684+## </param>
13685+#
13686+interface(`TEMPLATETYPE_read_lib_files',`
13687+ gen_require(`
13688+ type TEMPLATETYPE_var_lib_t;
13689+ ')
13690+
13691+ files_search_var_lib($1)
13692+ read_files_pattern($1, TEMPLATETYPE_var_lib_t, TEMPLATETYPE_var_lib_t)
13693+')
13694+
13695+########################################
13696+## <summary>
13697+## Manage TEMPLATETYPE lib files.
13698+## </summary>
13699+## <param name="domain">
13700+## <summary>
13701+## Domain allowed access.
13702+## </summary>
13703+## </param>
13704+#
13705+interface(`TEMPLATETYPE_manage_lib_files',`
13706+ gen_require(`
13707+ type TEMPLATETYPE_var_lib_t;
13708+ ')
13709+
13710+ files_search_var_lib($1)
13711+ manage_files_pattern($1, TEMPLATETYPE_var_lib_t, TEMPLATETYPE_var_lib_t)
13712+')
13713+
13714+########################################
13715+## <summary>
13716+## Manage TEMPLATETYPE lib directories.
13717+## </summary>
13718+## <param name="domain">
13719+## <summary>
13720+## Domain allowed access.
13721+## </summary>
13722+## </param>
13723+#
13724+interface(`TEMPLATETYPE_manage_lib_dirs',`
13725+ gen_require(`
13726+ type TEMPLATETYPE_var_lib_t;
13727+ ')
13728+
13729+ files_search_var_lib($1)
13730+ manage_dirs_pattern($1, TEMPLATETYPE_var_lib_t, TEMPLATETYPE_var_lib_t)
13731+')
13732+
13733+"""
13734+
13735+if_stream_rules="""
13736+########################################
13737+## <summary>
13738+## Connect to TEMPLATETYPE over an unix stream socket.
13739+## </summary>
13740+## <param name="domain">
13741+## <summary>
13742+## Domain allowed access.
13743+## </summary>
13744+## </param>
13745+#
13746+interface(`TEMPLATETYPE_stream_connect',`
13747+ gen_require(`
13748+ type TEMPLATETYPE_t, TEMPLATETYPE_var_lib_t;
13749+ ')
13750+
13751+ stream_connect_pattern($1, TEMPLATETYPE_var_lib_t, TEMPLATETYPE_var_lib_t)
13752+')
13753+"""
13754+
13755+if_admin_types="""
13756+ type TEMPLATETYPE_var_lib_t;"""
13757+
13758+if_admin_rules="""
13759+ files_search_var_lib($1)
13760+ admin_pattern($1, TEMPLATETYPE_var_lib_t)
13761+"""
13762+
13763+########################### File Context ##################################
13764+fc_file="""\
13765+FILENAME -- gen_context(system_u:object_r:TEMPLATETYPE_var_lib_t,s0)
13766+"""
13767+
13768+fc_sock_file="""\
13769+FILENAME -s gen_context(system_u:object_r:TEMPLATETYPE_var_lib_t,s0)
13770+"""
13771+
13772+fc_dir="""\
13773+FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_var_lib_t,s0)
13774+"""
13775diff -up policycoreutils-2.1.8/gui/templates/var_log.py.gui policycoreutils-2.1.8/gui/templates/var_log.py
13776--- policycoreutils-2.1.8/gui/templates/var_log.py.gui 2011-11-07 15:12:01.921834243 -0500
13777+++ policycoreutils-2.1.8/gui/templates/var_log.py 2011-11-07 15:12:01.922834244 -0500
13778@@ -0,0 +1,114 @@
13779+# Copyright (C) 2007-2011 Red Hat
13780+# see file 'COPYING' for use and warranty information
13781+#
13782+# policygentool is a tool for the initial generation of SELinux policy
13783+#
13784+# This program is free software; you can redistribute it and/or
13785+# modify it under the terms of the GNU General Public License as
13786+# published by the Free Software Foundation; either version 2 of
13787+# the License, or (at your option) any later version.
13788+#
13789+# This program is distributed in the hope that it will be useful,
13790+# but WITHOUT ANY WARRANTY; without even the implied warranty of
13791+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13792+# GNU General Public License for more details.
13793+#
13794+# You should have received a copy of the GNU General Public License
13795+# along with this program; if not, write to the Free Software
13796+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
13797+# 02111-1307 USA
13798+#
13799+#
13800+########################### var_log Template File #############################
13801+
13802+########################### Type Enforcement File #############################
13803+te_types="""
13804+type TEMPLATETYPE_log_t;
13805+logging_log_file(TEMPLATETYPE_log_t)
13806+"""
13807+
13808+te_rules="""
13809+manage_dirs_pattern(TEMPLATETYPE_t, TEMPLATETYPE_log_t, TEMPLATETYPE_log_t)
13810+manage_files_pattern(TEMPLATETYPE_t, TEMPLATETYPE_log_t, TEMPLATETYPE_log_t)
13811+logging_log_filetrans(TEMPLATETYPE_t, TEMPLATETYPE_log_t, { dir file })
13812+"""
13813+
13814+########################### Interface File #############################
13815+if_rules="""
13816+########################################
13817+## <summary>
13818+## Read TEMPLATETYPE's log files.
13819+## </summary>
13820+## <param name="domain">
13821+## <summary>
13822+## Domain allowed access.
13823+## </summary>
13824+## </param>
13825+## <rolecap/>
13826+#
13827+interface(`TEMPLATETYPE_read_log',`
13828+ gen_require(`
13829+ type TEMPLATETYPE_log_t;
13830+ ')
13831+
13832+ logging_search_logs($1)
13833+ read_files_pattern($1, TEMPLATETYPE_log_t, TEMPLATETYPE_log_t)
13834+')
13835+
13836+########################################
13837+## <summary>
13838+## Append to TEMPLATETYPE log files.
13839+## </summary>
13840+## <param name="domain">
13841+## <summary>
13842+## Domain allowed access.
13843+## </summary>
13844+## </param>
13845+#
13846+interface(`TEMPLATETYPE_append_log',`
13847+ gen_require(`
13848+ type TEMPLATETYPE_log_t;
13849+ ')
13850+
13851+ logging_search_logs($1)
13852+ append_files_pattern($1, TEMPLATETYPE_log_t, TEMPLATETYPE_log_t)
13853+')
13854+
13855+########################################
13856+## <summary>
13857+## Manage TEMPLATETYPE log files
13858+## </summary>
13859+## <param name="domain">
13860+## <summary>
13861+## Domain allowed access.
13862+## </summary>
13863+## </param>
13864+#
13865+interface(`TEMPLATETYPE_manage_log',`
13866+ gen_require(`
13867+ type TEMPLATETYPE_log_t;
13868+ ')
13869+
13870+ logging_search_logs($1)
13871+ manage_dirs_pattern($1, TEMPLATETYPE_log_t, TEMPLATETYPE_log_t)
13872+ manage_files_pattern($1, TEMPLATETYPE_log_t, TEMPLATETYPE_log_t)
13873+ manage_lnk_files_pattern($1, TEMPLATETYPE_log_t, TEMPLATETYPE_log_t)
13874+')
13875+"""
13876+
13877+if_admin_types="""
13878+ type TEMPLATETYPE_log_t;"""
13879+
13880+if_admin_rules="""
13881+ logging_search_logs($1)
13882+ admin_pattern($1, TEMPLATETYPE_log_t)
13883+"""
13884+
13885+########################### File Context ##################################
13886+fc_file="""\
13887+FILENAME -- gen_context(system_u:object_r:TEMPLATETYPE_log_t,s0)
13888+"""
13889+
13890+fc_dir="""\
13891+FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_log_t,s0)
13892+"""
13893diff -up policycoreutils-2.1.8/gui/templates/var_run.py.gui policycoreutils-2.1.8/gui/templates/var_run.py
13894--- policycoreutils-2.1.8/gui/templates/var_run.py.gui 2011-11-07 15:12:01.922834244 -0500
13895+++ policycoreutils-2.1.8/gui/templates/var_run.py 2011-11-07 15:12:01.922834244 -0500
13896@@ -0,0 +1,101 @@
13897+# Copyright (C) 2007-2011 Red Hat
13898+# see file 'COPYING' for use and warranty information
13899+#
13900+# policygentool is a tool for the initial generation of SELinux policy
13901+#
13902+# This program is free software; you can redistribute it and/or
13903+# modify it under the terms of the GNU General Public License as
13904+# published by the Free Software Foundation; either version 2 of
13905+# the License, or (at your option) any later version.
13906+#
13907+# This program is distributed in the hope that it will be useful,
13908+# but WITHOUT ANY WARRANTY; without even the implied warranty of
13909+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13910+# GNU General Public License for more details.
13911+#
13912+# You should have received a copy of the GNU General Public License
13913+# along with this program; if not, write to the Free Software
13914+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
13915+# 02111-1307 USA
13916+#
13917+#
13918+########################### var_run Template File #############################
13919+
13920+te_types="""
13921+type TEMPLATETYPE_var_run_t;
13922+files_pid_file(TEMPLATETYPE_var_run_t)
13923+"""
13924+
13925+te_rules="""
13926+manage_dirs_pattern(TEMPLATETYPE_t, TEMPLATETYPE_var_run_t, TEMPLATETYPE_var_run_t)
13927+manage_files_pattern(TEMPLATETYPE_t, TEMPLATETYPE_var_run_t, TEMPLATETYPE_var_run_t)
13928+files_pid_filetrans(TEMPLATETYPE_t, TEMPLATETYPE_var_run_t, { dir file })
13929+"""
13930+
13931+te_stream_rules="""
13932+allow TEMPLATETYPE_t TEMPLATETYPE_var_run_t:sock_file manage_sock_file_perms;
13933+files_pid_filetrans(TEMPLATETYPE_t, TEMPLATETYPE_var_run_t, sock_file)
13934+"""
13935+
13936+if_rules="""
13937+########################################
13938+## <summary>
13939+## Read TEMPLATETYPE PID files.
13940+## </summary>
13941+## <param name="domain">
13942+## <summary>
13943+## Domain allowed access.
13944+## </summary>
13945+## </param>
13946+#
13947+interface(`TEMPLATETYPE_read_pid_files',`
13948+ gen_require(`
13949+ type TEMPLATETYPE_var_run_t;
13950+ ')
13951+
13952+ files_search_pids($1)
13953+ allow $1 TEMPLATETYPE_var_run_t:file read_file_perms;
13954+')
13955+
13956+"""
13957+
13958+if_stream_rules="""\
13959+########################################
13960+## <summary>
13961+## Connect to TEMPLATETYPE over an unix stream socket.
13962+## </summary>
13963+## <param name="domain">
13964+## <summary>
13965+## Domain allowed access.
13966+## </summary>
13967+## </param>
13968+#
13969+interface(`TEMPLATETYPE_stream_connect',`
13970+ gen_require(`
13971+ type TEMPLATETYPE_t, TEMPLATETYPE_var_run_t;
13972+ ')
13973+
13974+ files_search_pids($1)
13975+ stream_connect_pattern($1, TEMPLATETYPE_var_run_t, TEMPLATETYPE_var_run_t, TEMPLATETYPE_t)
13976+')
13977+"""
13978+
13979+if_admin_types="""
13980+ type TEMPLATETYPE_var_run_t;"""
13981+
13982+if_admin_rules="""
13983+ files_search_pids($1)
13984+ admin_pattern($1, TEMPLATETYPE_var_run_t)
13985+"""
13986+
13987+fc_file="""\
13988+FILENAME -- gen_context(system_u:object_r:TEMPLATETYPE_var_run_t,s0)
13989+"""
13990+
13991+fc_sock_file="""\
13992+FILENAME -s gen_context(system_u:object_r:TEMPLATETYPE_var_run_t,s0)
13993+"""
13994+
13995+fc_dir="""\
13996+FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_var_run_t,s0)
13997+"""
13998diff -up policycoreutils-2.1.8/gui/templates/var_spool.py.gui policycoreutils-2.1.8/gui/templates/var_spool.py
13999--- policycoreutils-2.1.8/gui/templates/var_spool.py.gui 2011-11-07 15:12:01.922834244 -0500
14000+++ policycoreutils-2.1.8/gui/templates/var_spool.py 2011-11-07 15:12:01.923834245 -0500
14001@@ -0,0 +1,131 @@
14002+# Copyright (C) 2007-2011 Red Hat
14003+# see file 'COPYING' for use and warranty information
14004+#
14005+# policygentool is a tool for the initial generation of SELinux policy
14006+#
14007+# This program is free software; you can redistribute it and/or
14008+# modify it under the terms of the GNU General Public License as
14009+# published by the Free Software Foundation; either version 2 of
14010+# the License, or (at your option) any later version.
14011+#
14012+# This program is distributed in the hope that it will be useful,
14013+# but WITHOUT ANY WARRANTY; without even the implied warranty of
14014+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14015+# GNU General Public License for more details.
14016+#
14017+# You should have received a copy of the GNU General Public License
14018+# along with this program; if not, write to the Free Software
14019+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
14020+# 02111-1307 USA
14021+#
14022+#
14023+########################### var_spool Template File #############################
14024+
14025+########################### Type Enforcement File #############################
14026+te_types="""
14027+type TEMPLATETYPE_spool_t;
14028+files_type(TEMPLATETYPE_spool_t)
14029+"""
14030+te_rules="""
14031+manage_dirs_pattern(TEMPLATETYPE_t, TEMPLATETYPE_spool_t, TEMPLATETYPE_spool_t)
14032+manage_files_pattern(TEMPLATETYPE_t, TEMPLATETYPE_spool_t, TEMPLATETYPE_spool_t)
14033+manage_lnk_files_pattern(TEMPLATETYPE_t, TEMPLATETYPE_spool_t, TEMPLATETYPE_spool_t)
14034+files_spool_filetrans(TEMPLATETYPE_t, TEMPLATETYPE_spool_t, { dir file })
14035+"""
14036+
14037+########################### Interface File #############################
14038+if_rules="""
14039+########################################
14040+## <summary>
14041+## Search TEMPLATETYPE spool directories.
14042+## </summary>
14043+## <param name="domain">
14044+## <summary>
14045+## Domain allowed access.
14046+## </summary>
14047+## </param>
14048+#
14049+interface(`TEMPLATETYPE_search_spool',`
14050+ gen_require(`
14051+ type TEMPLATETYPE_spool_t;
14052+ ')
14053+
14054+ allow $1 TEMPLATETYPE_spool_t:dir search_dir_perms;
14055+ files_search_spool($1)
14056+')
14057+
14058+########################################
14059+## <summary>
14060+## Read TEMPLATETYPE spool files.
14061+## </summary>
14062+## <param name="domain">
14063+## <summary>
14064+## Domain allowed access.
14065+## </summary>
14066+## </param>
14067+#
14068+interface(`TEMPLATETYPE_read_spool_files',`
14069+ gen_require(`
14070+ type TEMPLATETYPE_spool_t;
14071+ ')
14072+
14073+ files_search_spool($1)
14074+ read_files_pattern($1, TEMPLATETYPE_spool_t, TEMPLATETYPE_spool_t)
14075+')
14076+
14077+########################################
14078+## <summary>
14079+## Manage TEMPLATETYPE spool files.
14080+## </summary>
14081+## <param name="domain">
14082+## <summary>
14083+## Domain allowed access.
14084+## </summary>
14085+## </param>
14086+#
14087+interface(`TEMPLATETYPE_manage_spool_files',`
14088+ gen_require(`
14089+ type TEMPLATETYPE_spool_t;
14090+ ')
14091+
14092+ files_search_spool($1)
14093+ manage_files_pattern($1, TEMPLATETYPE_spool_t, TEMPLATETYPE_spool_t)
14094+')
14095+
14096+########################################
14097+## <summary>
14098+## Manage TEMPLATETYPE spool dirs.
14099+## </summary>
14100+## <param name="domain">
14101+## <summary>
14102+## Domain allowed access.
14103+## </summary>
14104+## </param>
14105+#
14106+interface(`TEMPLATETYPE_manage_spool_dirs',`
14107+ gen_require(`
14108+ type TEMPLATETYPE_spool_t;
14109+ ')
14110+
14111+ files_search_spool($1)
14112+ manage_dirs_pattern($1, TEMPLATETYPE_spool_t, TEMPLATETYPE_spool_t)
14113+')
14114+
14115+"""
14116+
14117+if_admin_types="""
14118+ type TEMPLATETYPE_spool_t;"""
14119+
14120+if_admin_rules="""
14121+ files_search_spool($1)
14122+ admin_pattern($1, TEMPLATETYPE_spool_t)
14123+"""
14124+
14125+########################### File Context ##################################
14126+fc_file="""\
14127+FILENAME -- gen_context(system_u:object_r:TEMPLATETYPE_spool_t,s0)
14128+"""
14129+
14130+fc_dir="""\
14131+FILENAME(/.*)? gen_context(system_u:object_r:TEMPLATETYPE_spool_t,s0)
14132+"""
14133diff -up policycoreutils-2.1.8/gui/usersPage.py.gui policycoreutils-2.1.8/gui/usersPage.py
14134--- policycoreutils-2.1.8/gui/usersPage.py.gui 2011-11-07 15:12:01.923834245 -0500
14135+++ policycoreutils-2.1.8/gui/usersPage.py 2011-11-07 15:12:01.923834245 -0500
14136@@ -0,0 +1,150 @@
14137+## usersPage.py - show selinux mappings
14138+## Copyright (C) 2006,2007,2008 Red Hat, Inc.
14139+
14140+## This program is free software; you can redistribute it and/or modify
14141+## it under the terms of the GNU General Public License as published by
14142+## the Free Software Foundation; either version 2 of the License, or
14143+## (at your option) any later version.
14144+
14145+## This program is distributed in the hope that it will be useful,
14146+## but WITHOUT ANY WARRANTY; without even the implied warranty of
14147+## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14148+## GNU General Public License for more details.
14149+
14150+## You should have received a copy of the GNU General Public License
14151+## along with this program; if not, write to the Free Software
14152+## Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
14153+
14154+## Author: Dan Walsh
14155+import string
14156+import gtk
14157+import gtk.glade
14158+import os
14159+import gobject
14160+import sys
14161+import commands
14162+import seobject
14163+from semanagePage import *;
14164+
14165+##
14166+## I18N
14167+##
14168+PROGNAME="policycoreutils"
14169+import gettext
14170+gettext.bindtextdomain(PROGNAME, "/usr/share/locale")
14171+gettext.textdomain(PROGNAME)
14172+try:
14173+ gettext.install(PROGNAME, localedir="/usr/share/locale", unicode=1)
14174+except IOError:
14175+ import __builtin__
14176+ __builtin__.__dict__['_'] = unicode
14177+
14178+class usersPage(semanagePage):
14179+ def __init__(self, xml):
14180+ semanagePage.__init__(self, xml, "users", _("SELinux User"))
14181+
14182+ self.store = gtk.ListStore(gobject.TYPE_STRING, gobject.TYPE_STRING, gobject.TYPE_STRING, gobject.TYPE_STRING, gobject.TYPE_STRING)
14183+ self.view.set_model(self.store)
14184+ self.store.set_sort_column_id(0, gtk.SORT_ASCENDING)
14185+
14186+ col = gtk.TreeViewColumn(_("SELinux\nUser"), gtk.CellRendererText(), text = 0)
14187+ col.set_sort_column_id(0)
14188+ col.set_resizable(True)
14189+ self.view.append_column(col)
14190+
14191+ col = gtk.TreeViewColumn(_("MLS/\nMCS Range"), gtk.CellRendererText(), text = 1)
14192+ col.set_resizable(True)
14193+ self.view.append_column(col)
14194+
14195+ col = gtk.TreeViewColumn(_("SELinux Roles"), gtk.CellRendererText(), text = 2)
14196+ col.set_resizable(True)
14197+ self.view.append_column(col)
14198+
14199+ self.load()
14200+ self.selinuxUserEntry = xml.get_widget("selinuxUserEntry")
14201+ self.mlsRangeEntry = xml.get_widget("mlsRangeEntry")
14202+ self.selinuxRolesEntry = xml.get_widget("selinuxRolesEntry")
14203+
14204+ def load(self, filter = ""):
14205+ self.filter=filter
14206+ self.user = seobject.seluserRecords()
14207+ dict = self.user.get_all()
14208+ keys = dict.keys()
14209+ keys.sort()
14210+ self.store.clear()
14211+ for k in keys:
14212+ range = seobject.translate(dict[k][2])
14213+ if not (self.match(k, filter) or self.match(dict[k][0], filter) or self.match(range, filter) or self.match(dict[k][3], filter)):
14214+ continue
14215+
14216+ iter = self.store.append()
14217+ self.store.set_value(iter, 0, k)
14218+ self.store.set_value(iter, 1, range)
14219+ self.store.set_value(iter, 2, dict[k][3])
14220+ self.view.get_selection().select_path ((0,))
14221+
14222+ def delete(self):
14223+ if semanagePage.delete(self) == gtk.RESPONSE_NO:
14224+ return None
14225+
14226+ def dialogInit(self):
14227+ store, iter = self.view.get_selection().get_selected()
14228+ self.selinuxUserEntry.set_text(store.get_value(iter, 0))
14229+ self.selinuxUserEntry.set_sensitive(False)
14230+ self.mlsRangeEntry.set_text(store.get_value(iter, 1))
14231+ self.selinuxRolesEntry.set_text(store.get_value(iter, 2))
14232+
14233+ def dialogClear(self):
14234+ self.selinuxUserEntry.set_text("")
14235+ self.selinuxUserEntry.set_sensitive(True)
14236+ self.mlsRangeEntry.set_text("s0")
14237+ self.selinuxRolesEntry.set_text("")
14238+
14239+ def add(self):
14240+ user = self.selinuxUserEntry.get_text()
14241+ range = self.mlsRangeEntry.get_text()
14242+ roles = self.selinuxRolesEntry.get_text()
14243+
14244+ self.wait()
14245+ (rc, out) = commands.getstatusoutput("semanage user -a -R '%s' -r %s %s" % (roles, range, user))
14246+ self.ready()
14247+ if rc != 0:
14248+ self.error(out)
14249+ return False
14250+ iter = self.store.append()
14251+ self.store.set_value(iter, 0, user)
14252+ self.store.set_value(iter, 1, range)
14253+ self.store.set_value(iter, 2, roles)
14254+
14255+ def modify(self):
14256+ user = self.selinuxUserEntry.get_text()
14257+ range = self.mlsRangeEntry.get_text()
14258+ roles = self.selinuxRolesEntry.get_text()
14259+
14260+ self.wait()
14261+ (rc, out) = commands.getstatusoutput("semanage user -m -R '%s' -r %s %s" % (roles, range, user))
14262+ self.ready()
14263+
14264+ if rc != 0:
14265+ self.error(out)
14266+ return False
14267+ self.load(self.filter)
14268+
14269+ def delete(self):
14270+ store, iter = self.view.get_selection().get_selected()
14271+ try:
14272+ user=store.get_value(iter, 0)
14273+ if user == "root" or user == "user_u":
14274+ raise ValueError(_("SELinux user '%s' is required") % user)
14275+
14276+ self.wait()
14277+ (rc, out) = commands.getstatusoutput("semanage user -d %s" % user)
14278+ self.ready()
14279+ if rc != 0:
14280+ self.error(out)
14281+ return False
14282+ store.remove(iter)
14283+ self.view.get_selection().select_path ((0,))
14284+ except ValueError, e:
14285+ self.error(e.args[0])
14286+
Alex's tree of IPFire 3.x