diff --git a/libsemanage/src/Makefile b/libsemanage/src/Makefile

index d21e972..d9120c0 100644

--- a/libsemanage/src/Makefile

+++ b/libsemanage/src/Makefile

@@ -10,7 +10,8 @@ LIBDIR ?= $(PREFIX)/lib

 SHLIBDIR ?= $(PREFIX)/lib

 INCLUDEDIR ?= $(PREFIX)/include

 PYLIBVER ?= $(shell $(PYTHON) -c 'import sys;print("python%d.%d" % sys.version_info[0:2])')

-PYINC ?= $(shell pkg-config --cflags `basename $(PYTHON)`)

+PYINC ?= $(shell pkg-config --cflags $(PYPREFIX))

+PYTHONLIBDIR ?= $(shell pkg-config --libs $(PYPREFIX))

 PYLIBDIR ?= $(LIBDIR)/$(PYLIBVER)

 RUBYLIBVER ?= $(shell ruby -e 'print RUBY_VERSION.split(".")[0..1].join(".")')

 RUBYPLATFORM ?= $(shell ruby -e 'print RUBY_PLATFORM')

@@ -76,7 +77,7 @@ $(SWIGRUBYLOBJ): $(SWIGRUBYCOUT)

 	$(CC) $(filter-out -Werror, $(CFLAGS)) -I$(RUBYINC) -fPIC -DSHARED -c -o $@ $<

 $(SWIGSO): $(SWIGLOBJ)

-	$(CC) $(CFLAGS) $(LDFLAGS) -shared -o $@ $< -L. -lsemanage -L$(LIBDIR) -Wl,-soname,$@,-z,defs

+	$(CC) $(CFLAGS) $(LDFLAGS) -shared -o $@ $< -L. -lsemanage -L$(LIBDIR) $(PYTHONLIBDIR) -Wl,-soname,$@,-z,defs

 $(SWIGRUBYSO): $(SWIGRUBYLOBJ)

 	$(CC) $(CFLAGS) $(LDFLAGS) -shared -o $@ $^ -L. -lsemanage -L$(LIBDIR) -Wl,-soname,$@

diff --git a/libsemanage/src/direct_api.c b/libsemanage/src/direct_api.c

index aac1974..3dfa279 100644

--- a/libsemanage/src/direct_api.c

+++ b/libsemanage/src/direct_api.c

@@ -353,17 +353,11 @@ static int parse_module_headers(semanage_handle_t * sh, char *module_data,

 	     semanage_path(SEMANAGE_TMP, SEMANAGE_MODULES)) == NULL) {

 		return -1;

 	}

-	if (asprintf(filename, "%s/%s.pp%s", module_path, *module_name, DISABLESTR) == -1) {

+	if (asprintf(filename, "%s/%s.pp", module_path, *module_name) == -1) {

 		ERR(sh, "Out of memory!");

 		return -1;

 	}

-	if (access(*filename, F_OK) == -1) {

-		char *ptr = *filename;

-		int len = strlen(ptr) - strlen(DISABLESTR);

-		if (len > 0) ptr[len]='\0';

-	}

-

 	return 0;

 }

@@ -1307,29 +1301,12 @@ static int semanage_direct_enable(semanage_handle_t * sh, char *module_name)

 		base++;

 		if (memcmp(module_name, base, name_len) == 0) {

-			if(strcmp(base + name_len + 3, DISABLESTR) != 0) {

-				ERR(sh, "Module %s is already enabled.", module_name);

+			if (semanage_enable_module(module_filenames[i]) < 0) {

+				ERR(sh, "Could not enable module %s.", module_name);

 				retval = -2;

 				goto cleanup;

 			}

-

-			int len = strlen(module_filenames[i]) - strlen(DISABLESTR);

-			char *enabled_name = calloc(1, len+1);

-			if (!enabled_name) {

-				ERR(sh, "Could not allocate memory");

-				retval = -1;

-				goto cleanup;

-			}

-

-			strncpy(enabled_name, module_filenames[i],len);

-

-			if (rename(module_filenames[i], enabled_name) == -1) {

-				ERR(sh, "Could not enable module file %s.",

-				    enabled_name);

-				retval = -2;

-			}

 			retval = 0;

-			free(enabled_name);

 			goto cleanup;

 		}

 	}

@@ -1363,28 +1340,14 @@ static int semanage_direct_disable(semanage_handle_t * sh, char *module_name)

 			goto cleanup;

 		}

 		base++;

-		if (memcmp(module_name, base, name_len) == 0) {

-			if (strcmp(base + name_len + 3, DISABLESTR) == 0) {

-				ERR(sh, "Module %s is already disabled.", module_name);

+		if ((memcmp(module_name, base, name_len) == 0) &&

+		    (strcmp(base + name_len, ".pp") == 0)) {

+			if (semanage_disable_module(module_filenames[i]) < 0) {

 				retval = -2;

 				goto cleanup;

-			} else if (strcmp(base + name_len, ".pp") == 0) {

-				char disabled_name[PATH_MAX];

-				if (snprintf(disabled_name, PATH_MAX, "%s%s", 

-							module_filenames[i], DISABLESTR) == PATH_MAX) {

-					ERR(sh, "Could not disable module file %s.",

-							module_filenames[i]);

-					retval = -2;

-					goto cleanup;

-				}

-				if (rename(module_filenames[i], disabled_name) == -1) {

-					ERR(sh, "Could not disable module file %s.",

-							module_filenames[i]);

-					retval = -2;

-				}

-				retval = 0;

-				goto cleanup;

 			}

+			retval=0;

+			goto cleanup;

 		}

 	}

 	ERR(sh, "Module %s was not found.", module_name);

@@ -1418,6 +1381,7 @@ static int semanage_direct_remove(semanage_handle_t * sh, char *module_name)

 		}

 		base++;

 		if (memcmp(module_name, base, name_len) == 0) {

+			semanage_enable_module(module_filenames[i]);

 			if (unlink(module_filenames[i]) == -1) {

 				ERR(sh, "Could not remove module file %s.",

 				    module_filenames[i]);

diff --git a/libsemanage/src/genhomedircon.c b/libsemanage/src/genhomedircon.c

index 847d87e..2870fa8 100644

--- a/libsemanage/src/genhomedircon.c

+++ b/libsemanage/src/genhomedircon.c

@@ -314,6 +314,8 @@ static semanage_list_t *get_home_dirs(genhomedircon_settings_t * s)

 		}

 		if (strcmp(pwbuf->pw_dir, "/") == 0)

 			continue;

+		if (strcmp(pwbuf->pw_dir, "/root") == 0)

+			continue;

 		if (semanage_str_count(pwbuf->pw_dir, '/') <= 1)

 			continue;

 		if (!(path = strdup(pwbuf->pw_dir))) {

@@ -829,6 +831,8 @@ static genhomedircon_user_entry_t *get_users(genhomedircon_settings_t * s,

 			 * /root */

 			continue;

 		}

+		if (strcmp(pwent->pw_dir, "/root") == 0)

+			continue;

 		if (push_user_entry(&head, name, seuname,

 				    prefix, pwent->pw_dir, level) != STATUS_SUCCESS) {

 			*errors = STATUS_ERR;

diff --git a/libsemanage/src/semanage_store.c b/libsemanage/src/semanage_store.c

index 8d6ff1c..37b0c7a 100644

--- a/libsemanage/src/semanage_store.c

+++ b/libsemanage/src/semanage_store.c

@@ -57,7 +57,7 @@ typedef struct dbase_policydb dbase_t;

 #include "debug.h"

-const char *DISABLESTR=".disabled";

+static const char *DISABLESTR="disabled";

 #define SEMANAGE_CONF_FILE "semanage.conf"

 /* relative path names to enum semanage_paths to special files and

@@ -425,6 +425,13 @@ int semanage_store_access_check(void)

 /********************* other I/O functions *********************/

+static int is_disabled_file(const char *file) {

+	char *ptr = strrchr(file, '.');

+	if (! ptr) return 0;

+	ptr++;

+	return (strcmp(ptr, DISABLESTR) == 0);

+}

+

 /* Callback used by scandir() to select files. */

 static int semanage_filename_select(const struct dirent *d)

 {

@@ -435,11 +442,41 @@ static int semanage_filename_select(const struct dirent *d)

 	return 1;

 }

+int semanage_disable_module(const char *file) {

+	char path[PATH_MAX];

+	int in;

+	int n = snprintf(path, PATH_MAX, "%s.%s", file, DISABLESTR);

+	if (n < 0 || n >= PATH_MAX)

+		return -1;

+	if ((in = open(path, O_WRONLY | O_CREAT, S_IRUSR | S_IWUSR)) == -1) {

+		return -1;

+	}

+	close(in);

+	return 0;

+}

+

+int semanage_enable_module(const char *file) {

+	char path[PATH_MAX];

+	int n = snprintf(path, PATH_MAX, "%s.%s", file, DISABLESTR);

+	if (n < 0 || n >= PATH_MAX)

+		return 1;

+

+	if ((unlink(path) < 0) && (errno != ENOENT))

+		return -1;

+	return 0;

+}

+

 int semanage_module_enabled(const char *file) {

-	int len = strlen(file) - strlen(DISABLESTR);

-	return (len < 0 || strcmp(&file[len], DISABLESTR) != 0);

+	char path[PATH_MAX];

+	if (is_disabled_file(file)) return 0;

+	int n = snprintf(path, PATH_MAX, "%s.%s", file, DISABLESTR);

+	if (n < 0 || n >= PATH_MAX)

+		return 1;

+

+	return (access(path, F_OK ) != 0);

 }

+/* Callback used by scandir() to select module files. */

 static int semanage_modulename_select(const struct dirent *d)

 {

 	if (d->d_name[0] == '.'

@@ -447,7 +484,7 @@ static int semanage_modulename_select(const struct dirent *d)

 		|| (d->d_name[1] == '.' && d->d_name[2] == '\0')))

 		return 0;

-	return semanage_module_enabled(d->d_name);

+	return (! is_disabled_file(d->d_name));

 }

 /* Copies a file from src to dst.  If dst already exists then

@@ -684,7 +721,7 @@ int semanage_get_modules_names(semanage_handle_t * sh, char ***filenames,

 			       int *len)

 {

 	return semanage_get_modules_names_filter(sh, filenames,

-						 len, semanage_filename_select);

+						 len, semanage_modulename_select);

 }

 /* Scans the modules directory for the current semanage handler.  This

@@ -697,8 +734,25 @@ int semanage_get_modules_names(semanage_handle_t * sh, char ***filenames,

 int semanage_get_active_modules_names(semanage_handle_t * sh, char ***filenames,

 			       int *len)

 {

-	return semanage_get_modules_names_filter(sh, filenames,

-						 len, semanage_modulename_select);

+

+	int rc = semanage_get_modules_names_filter(sh, filenames,

+						   len, semanage_modulename_select);

+	if ( rc != 0 ) return rc;

+

+	int i = 0, num_modules = *len;

+	char **names=*filenames;

+

+	while ( i < num_modules ) {

+		if (! semanage_module_enabled(names[i])) {

+			free(names[i]);

+			names[i]=names[num_modules-1];

+			names[num_modules-1] = NULL;

+			num_modules--;

+		}

+		i++;

+	}

+	*len = num_modules;

+	return 0;

 }

 /******************* routines that run external programs *******************/

diff --git a/libsemanage/src/semanage_store.h b/libsemanage/src/semanage_store.h

index a0b2dd8..e980cdc 100644

--- a/libsemanage/src/semanage_store.h

+++ b/libsemanage/src/semanage_store.h

@@ -85,6 +85,8 @@ int semanage_get_modules_names(semanage_handle_t * sh,

 			       char ***filenames, int *len);

 int semanage_module_enabled(const char *file);

+int semanage_enable_module(const char *file);

+int semanage_disable_module(const char *file);

 /* lock file routines */

 int semanage_get_trans_lock(semanage_handle_t * sh);

 int semanage_get_active_lock(semanage_handle_t * sh);

@@ -129,6 +131,4 @@ int semanage_nc_sort(semanage_handle_t * sh,

 		     size_t buf_len,

 		     char **sorted_buf, size_t * sorted_buf_len);

-extern const char *DISABLESTR;

-

 #endif