diff --git a/.cvsignore b/.cvsignore
index 37c1a33..d9c68a9 100644
--- a/.cvsignore
+++ b/.cvsignore
@@ -122,3 +122,4 @@ policycoreutils-1.33.5.tgz
 policycoreutils-1.33.6.tgz
 policycoreutils-1.33.7.tgz
 policycoreutils-1.33.8.tgz
+policycoreutils-1.33.10.tgz
diff --git a/policycoreutils-rhat.patch b/policycoreutils-rhat.patch
index 7eec794..1c9a0f8 100644
--- a/policycoreutils-rhat.patch
+++ b/policycoreutils-rhat.patch
@@ -1,6 +1,6 @@
-diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/booleansPage.py policycoreutils-1.33.8/gui/booleansPage.py
+diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/booleansPage.py policycoreutils-1.33.10/gui/booleansPage.py
 --- nsapolicycoreutils/gui/booleansPage.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-1.33.8/gui/booleansPage.py	2007-01-04 17:10:20.000000000 -0500
++++ policycoreutils-1.33.10/gui/booleansPage.py	2007-01-09 09:13:43.000000000 -0500
 @@ -0,0 +1,199 @@
 +#
 +# booleansPage.py - GUI for Booleans page in system-config-securitylevel
@@ -201,9 +201,9 @@ diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.
 +
 +        setsebool="/usr/sbin/setsebool -P %s=%d" % (key, not val)
 +        commands.getstatusoutput(setsebool)
-diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/fcontextPage.py policycoreutils-1.33.8/gui/fcontextPage.py
+diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/fcontextPage.py policycoreutils-1.33.10/gui/fcontextPage.py
 --- nsapolicycoreutils/gui/fcontextPage.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-1.33.8/gui/fcontextPage.py	2007-01-04 17:10:20.000000000 -0500
++++ policycoreutils-1.33.10/gui/fcontextPage.py	2007-01-09 09:13:43.000000000 -0500
 @@ -0,0 +1,158 @@
 +## fcontextPage.py - show selinux mappings
 +## Copyright (C) 2006 Red Hat, Inc.
@@ -363,9 +363,9 @@ diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.
 +        self.store.set_value(iter, 0, fspec)
 +        self.store.set_value(iter, 2, ftype)
 +        self.store.set_value(iter, 1, "system_u:object_r:%s:%s" % (type, mls))
-diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/loginsPage.py policycoreutils-1.33.8/gui/loginsPage.py
+diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/loginsPage.py policycoreutils-1.33.10/gui/loginsPage.py
 --- nsapolicycoreutils/gui/loginsPage.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-1.33.8/gui/loginsPage.py	2007-01-04 17:10:20.000000000 -0500
++++ policycoreutils-1.33.10/gui/loginsPage.py	2007-01-09 09:13:43.000000000 -0500
 @@ -0,0 +1,161 @@
 +## loginsPage.py - show selinux mappings
 +## Copyright (C) 2006 Red Hat, Inc.
@@ -528,9 +528,9 @@ diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.
 +        self.store.set_value(iter, 1, seuser)
 +        self.store.set_value(iter, 2, seobject.translate(serange))
 +
-diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/Makefile policycoreutils-1.33.8/gui/Makefile
+diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/Makefile policycoreutils-1.33.10/gui/Makefile
 --- nsapolicycoreutils/gui/Makefile	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-1.33.8/gui/Makefile	2007-01-04 17:10:20.000000000 -0500
++++ policycoreutils-1.33.10/gui/Makefile	2007-01-09 09:13:43.000000000 -0500
 @@ -0,0 +1,30 @@
 +# Installation directories.
 +PREFIX ?= ${DESTDIR}/usr
@@ -562,9 +562,9 @@ diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.
 +indent:
 +
 +relabel:
-diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/mappingsPage.py policycoreutils-1.33.8/gui/mappingsPage.py
+diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/mappingsPage.py policycoreutils-1.33.10/gui/mappingsPage.py
 --- nsapolicycoreutils/gui/mappingsPage.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-1.33.8/gui/mappingsPage.py	2007-01-04 17:10:20.000000000 -0500
++++ policycoreutils-1.33.10/gui/mappingsPage.py	2007-01-09 09:13:43.000000000 -0500
 @@ -0,0 +1,54 @@
 +## mappingsPage.py - show selinux mappings
 +## Copyright (C) 2006 Red Hat, Inc.
@@ -620,9 +620,9 @@ diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.
 +        for k in keys:
 +            print "%-25s %-25s %-25s" % (k, dict[k][0], translate(dict[k][1]))
 +
-diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/modulesPage.py policycoreutils-1.33.8/gui/modulesPage.py
+diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/modulesPage.py policycoreutils-1.33.10/gui/modulesPage.py
 --- nsapolicycoreutils/gui/modulesPage.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-1.33.8/gui/modulesPage.py	2007-01-04 17:10:20.000000000 -0500
++++ policycoreutils-1.33.10/gui/modulesPage.py	2007-01-09 09:13:43.000000000 -0500
 @@ -0,0 +1,161 @@
 +## modulesPage.py - show selinux mappings
 +## Copyright (C) 2006 Red Hat, Inc.
@@ -785,9 +785,9 @@ diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.
 +        
 +
 +
-diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/portsPage.py policycoreutils-1.33.8/gui/portsPage.py
+diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/portsPage.py policycoreutils-1.33.10/gui/portsPage.py
 --- nsapolicycoreutils/gui/portsPage.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-1.33.8/gui/portsPage.py	2007-01-04 17:10:20.000000000 -0500
++++ policycoreutils-1.33.10/gui/portsPage.py	2007-01-09 09:13:43.000000000 -0500
 @@ -0,0 +1,214 @@
 +## portsPage.py - show selinux mappings
 +## Copyright (C) 2006 Red Hat, Inc.
@@ -1003,9 +1003,9 @@ diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.
 +        self.store.set_value(iter, MLS_COL, mls)
 +
 +
-diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/selinux.tbl policycoreutils-1.33.8/gui/selinux.tbl
+diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/selinux.tbl policycoreutils-1.33.10/gui/selinux.tbl
 --- nsapolicycoreutils/gui/selinux.tbl	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-1.33.8/gui/selinux.tbl	2007-01-04 17:10:20.000000000 -0500
++++ policycoreutils-1.33.10/gui/selinux.tbl	2007-01-09 09:13:43.000000000 -0500
 @@ -0,0 +1,265 @@
 +acct_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for acct daemon")
 +allow_cvs_read_shadow  _("CVS") _("Allow cvs daemon to read shadow")
@@ -1272,9 +1272,9 @@ diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.
 +ypserv_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for ypserv daemon")
 +ypxfr_disable_trans _("NIS") _("Disable SELinux protection for NIS Transfer Daemon")
 +zebra_disable_trans _("SELinux Service Protection") _("Disable SELinux protection for zebra daemon")
-diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/semanagePage.py policycoreutils-1.33.8/gui/semanagePage.py
+diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/semanagePage.py policycoreutils-1.33.10/gui/semanagePage.py
 --- nsapolicycoreutils/gui/semanagePage.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-1.33.8/gui/semanagePage.py	2007-01-04 17:10:20.000000000 -0500
++++ policycoreutils-1.33.10/gui/semanagePage.py	2007-01-09 09:13:43.000000000 -0500
 @@ -0,0 +1,109 @@
 +## semanagePage.py - show selinux mappings
 +## Copyright (C) 2006 Red Hat, Inc.
@@ -1385,9 +1385,9 @@ diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.
 +        self.dialog.hide()
 +
 +    
-diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/statusPage.py policycoreutils-1.33.8/gui/statusPage.py
+diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/statusPage.py policycoreutils-1.33.10/gui/statusPage.py
 --- nsapolicycoreutils/gui/statusPage.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-1.33.8/gui/statusPage.py	2007-01-04 17:10:20.000000000 -0500
++++ policycoreutils-1.33.10/gui/statusPage.py	2007-01-09 09:13:43.000000000 -0500
 @@ -0,0 +1,213 @@
 +## statusPage.py - show selinux status
 +## Copyright (C) 2006 Red Hat, Inc.
@@ -1602,9 +1602,9 @@ diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.
 +        return self.types[self.selinuxTypeOptionMenu.get_active()]
 +
 +
-diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/system-config-selinux.glade policycoreutils-1.33.8/gui/system-config-selinux.glade
+diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/system-config-selinux.glade policycoreutils-1.33.10/gui/system-config-selinux.glade
 --- nsapolicycoreutils/gui/system-config-selinux.glade	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-1.33.8/gui/system-config-selinux.glade	2007-01-04 17:10:20.000000000 -0500
++++ policycoreutils-1.33.10/gui/system-config-selinux.glade	2007-01-09 09:13:43.000000000 -0500
 @@ -0,0 +1,2803 @@
 +<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*-->
 +<!DOCTYPE glade-interface SYSTEM "http://glade.gnome.org/glade-2.0.dtd">
@@ -4409,9 +4409,9 @@ diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.
 +</widget>
 +
 +</glade-interface>
-diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/system-config-selinux.py policycoreutils-1.33.8/gui/system-config-selinux.py
+diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/system-config-selinux.py policycoreutils-1.33.10/gui/system-config-selinux.py
 --- nsapolicycoreutils/gui/system-config-selinux.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-1.33.8/gui/system-config-selinux.py	2007-01-04 17:10:20.000000000 -0500
++++ policycoreutils-1.33.10/gui/system-config-selinux.py	2007-01-09 09:13:43.000000000 -0500
 @@ -0,0 +1,156 @@
 +#!/usr/bin/python
 +#
@@ -4569,9 +4569,9 @@ diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.
 +
 +    app = childWindow()
 +    app.stand_alone()
-diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/translationsPage.py policycoreutils-1.33.8/gui/translationsPage.py
+diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/translationsPage.py policycoreutils-1.33.10/gui/translationsPage.py
 --- nsapolicycoreutils/gui/translationsPage.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-1.33.8/gui/translationsPage.py	2007-01-04 17:10:20.000000000 -0500
++++ policycoreutils-1.33.10/gui/translationsPage.py	2007-01-09 09:13:43.000000000 -0500
 @@ -0,0 +1,109 @@
 +## translationsPage.py - show selinux translations
 +## Copyright (C) 2006 Red Hat, Inc.
@@ -4682,9 +4682,9 @@ diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.
 +        store, iter = self.view.get_selection().get_selected()
 +        self.store.set_value(iter, 0, level)
 +        self.store.set_value(iter, 1, translation)
-diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/usersPage.py policycoreutils-1.33.8/gui/usersPage.py
+diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/usersPage.py policycoreutils-1.33.10/gui/usersPage.py
 --- nsapolicycoreutils/gui/usersPage.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-1.33.8/gui/usersPage.py	2007-01-04 17:10:20.000000000 -0500
++++ policycoreutils-1.33.10/gui/usersPage.py	2007-01-09 09:13:43.000000000 -0500
 @@ -0,0 +1,155 @@
 +## usersPage.py - show selinux mappings
 +## Copyright (C) 2006 Red Hat, Inc.
@@ -4841,66 +4841,45 @@ diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.
 +        except ValueError, e:
 +            self.error(e.args[0])
 +
-diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/Makefile policycoreutils-1.33.8/Makefile
+diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/Makefile policycoreutils-1.33.10/Makefile
 --- nsapolicycoreutils/Makefile	2006-11-16 17:15:00.000000000 -0500
-+++ policycoreutils-1.33.8/Makefile	2007-01-04 17:10:20.000000000 -0500
++++ policycoreutils-1.33.10/Makefile	2007-01-09 09:13:43.000000000 -0500
 @@ -1,4 +1,4 @@
 -SUBDIRS=setfiles semanage load_policy newrole run_init restorecon restorecond secon audit2allow audit2why scripts sestatus semodule_package semodule semodule_link semodule_expand semodule_deps setsebool po
 +SUBDIRS=setfiles semanage load_policy newrole run_init restorecon restorecond secon audit2allow audit2why scripts sestatus semodule_package semodule semodule_link semodule_expand semodule_deps setsebool po gui
  
  all install relabel clean indent:
  	@for subdir in $(SUBDIRS); do \
-Binary files nsapolicycoreutils/newrole/newrole and policycoreutils-1.33.8/newrole/newrole differ
-diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/newrole/newrole.c policycoreutils-1.33.8/newrole/newrole.c
+diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/newrole/newrole.c policycoreutils-1.33.10/newrole/newrole.c
 --- nsapolicycoreutils/newrole/newrole.c	2007-01-04 17:01:41.000000000 -0500
-+++ policycoreutils-1.33.8/newrole/newrole.c	2007-01-05 11:17:36.000000000 -0500
-@@ -67,6 +67,7 @@
- #include <selinux/get_context_list.h>	/* for SELINUX_DEFAULTUSER */
- #include <signal.h>
- #include <unistd.h>		/* for getuid(), exit(), getopt() */
-+#include <sys/stat.h>
- #ifdef USE_AUDIT
- #include <libaudit.h>
- #endif
-@@ -733,6 +734,7 @@
- 					security_context_t *new_context,
- 					int *preserve_environment)
- {
-+	int i;		        /* index for open file descriptors */
- 	int flag_index;		/* flag index in argv[] */
- 	int clflag;		/* holds codes for command line flags */
- 	char *role_s = NULL;	/* role spec'd by user in argv[] */
-@@ -741,6 +743,8 @@
++++ policycoreutils-1.33.10/newrole/newrole.c	2007-01-09 09:13:43.000000000 -0500
+@@ -741,6 +741,7 @@
  	char *level_s = NULL;	/* level spec'd by user in argv[] */
  	char *range_ptr = NULL;
  	security_context_t new_con = NULL;
 +	security_context_t tty_con = NULL;
-+	int securetty=0;
  	context_t context = NULL; /* manipulatable form of new_context */
  	const struct option long_options[] = {
  		{"role", 1, 0, 'r'},
-@@ -793,6 +797,18 @@
+@@ -793,6 +794,15 @@
  					"specified\n"));
  				return -1;
  			}
-+			for (i=0; i < 3; i++) {
-+				securetty=0;
-+				if (fgetfilecon(i,&tty_con) >= 0) {
-+					securetty = (selinux_check_securetty_context(tty_con) == 1);
-+					freecon(tty_con);
-+				}
-+				if (!securetty) {
++			if (fgetfilecon(0,&tty_con) >= 0) {
++				if (selinux_check_securetty_context(tty_con) != 1) {
 +					fprintf(stderr, "Error: you are not allowed to change levels on a non secure terminal\n");
++					freecon(tty_con);
 +					return -1;
 +				}
++				freecon(tty_con);
 +			}
 +
  			level_s = optarg;
  			break;
  		default:
-diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/restorecond/restorecond.c policycoreutils-1.33.8/restorecond/restorecond.c
+diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/restorecond/restorecond.c policycoreutils-1.33.10/restorecond/restorecond.c
 --- nsapolicycoreutils/restorecond/restorecond.c	2006-11-16 17:14:28.000000000 -0500
-+++ policycoreutils-1.33.8/restorecond/restorecond.c	2007-01-04 17:10:20.000000000 -0500
++++ policycoreutils-1.33.10/restorecond/restorecond.c	2007-01-09 09:13:43.000000000 -0500
 @@ -210,9 +210,10 @@
  			}
  
@@ -4927,18 +4906,18 @@ diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.
  	}
  	free(scontext);
  	close(fd);
-diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/restorecond/restorecond.conf policycoreutils-1.33.8/restorecond/restorecond.conf
+diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/restorecond/restorecond.conf policycoreutils-1.33.10/restorecond/restorecond.conf
 --- nsapolicycoreutils/restorecond/restorecond.conf	2006-11-20 12:19:55.000000000 -0500
-+++ policycoreutils-1.33.8/restorecond/restorecond.conf	2007-01-04 17:10:20.000000000 -0500
++++ policycoreutils-1.33.10/restorecond/restorecond.conf	2007-01-09 09:13:43.000000000 -0500
 @@ -1,4 +1,5 @@
  /etc/resolv.conf
 +/etc/localtime
  /etc/samba/secrets.tdb
  /etc/mtab
  /var/run/utmp
-diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/scripts/fixfiles policycoreutils-1.33.8/scripts/fixfiles
+diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/scripts/fixfiles policycoreutils-1.33.10/scripts/fixfiles
 --- nsapolicycoreutils/scripts/fixfiles	2006-11-16 17:14:27.000000000 -0500
-+++ policycoreutils-1.33.8/scripts/fixfiles	2007-01-04 17:10:20.000000000 -0500
++++ policycoreutils-1.33.10/scripts/fixfiles	2007-01-09 09:13:43.000000000 -0500
 @@ -29,6 +29,9 @@
  RPMILES=""
  OUTFILES=""
@@ -4949,9 +4928,9 @@ diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.
  SYSLOGFLAG="-l"
  LOGGER=/usr/sbin/logger
  SETFILES=/sbin/setfiles
-diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/semanage/seobject.py policycoreutils-1.33.8/semanage/seobject.py
---- nsapolicycoreutils/semanage/seobject.py	2006-11-16 17:14:26.000000000 -0500
-+++ policycoreutils-1.33.8/semanage/seobject.py	2007-01-04 17:10:20.000000000 -0500
+diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/semanage/seobject.py policycoreutils-1.33.10/semanage/seobject.py
+--- nsapolicycoreutils/semanage/seobject.py	2007-01-09 09:06:59.000000000 -0500
++++ policycoreutils-1.33.10/semanage/seobject.py	2007-01-09 09:21:32.000000000 -0500
 @@ -94,23 +94,25 @@
  	return re.search("^" + reg +"$",raw)
  
@@ -4963,8 +4942,7 @@ diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.
 +		context = "%s%s" % (filler,raw)
  	else:
  		context = raw
--	(rc, trans) = selinux.selinux_raw_to_trans_context(context)
-+ 	(rc, trans) = selinux.selinux_raw_to_trans_context(context)
+ 	(rc, trans) = selinux.selinux_raw_to_trans_context(context)
  	if rc != 0:
  		return raw
  	if prepend:
@@ -5011,7 +4989,7 @@ diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.
  class semanageRecords:
  	def __init__(self):
  		self.sh = semanage_handle_create()
-@@ -456,7 +459,8 @@
+@@ -459,7 +462,8 @@
  				rc = semanage_user_set_mlslevel(self.sh, u, selevel)
  				if rc < 0:
  					raise ValueError(_("Could not set MLS level for %s") % name)
@@ -5021,7 +4999,7 @@ diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.
  			rc = semanage_user_set_prefix(self.sh, u, prefix)
  			if rc < 0:
  				raise ValueError(_("Could not add prefix %s for %s") % (r, prefix))
-@@ -522,11 +526,17 @@
+@@ -525,7 +529,9 @@
  				semanage_user_set_mlslevel(self.sh, u, untranslate(selevel))
  
  			if prefix != "":
@@ -5031,14 +5009,4 @@ diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.
 +                               semanage_user_set_prefix(self.sh, u, prefix)
  
  			if len(roles) != 0:
--				for r in roles:
--					semanage_user_add_role(self.sh, u, r)
-+                               for r in rlist:
-+                                      if r not in roles:
-+                                             semanage_user_del_role(u, r)
-+                               for r in roles:
-+                                      if r not in rlist:
-+                                             semanage_user_add_role(self.sh, u, r)
- 
- 			rc = semanage_begin_transaction(self.sh)
- 			if rc < 0:
+                                for r in rlist:
diff --git a/policycoreutils.spec b/policycoreutils.spec
index 2424b07..c7b93f5 100644
--- a/policycoreutils.spec
+++ b/policycoreutils.spec
@@ -4,7 +4,7 @@
 %define libselinuxver 1.33.3-2
 Summary: SELinux policy core utilities.
 Name: policycoreutils
-Version: 1.33.8
+Version: 1.33.10
 Release: 1%{?dist}
 License: GPL
 Group: System Environment/Base
@@ -17,9 +17,9 @@ Patch: policycoreutils-rhat.patch
 Patch1: policycoreutils-po.patch
 
 BuildRequires: pam-devel libsepol-devel >= %{libsepolver} libsemanage-devel >= %{libsemanagever} libselinux-devel >= %{libselinuxver}  libcap-devel audit-libs-devel gettext
-Requires: /bin/mount /bin/egrep /bin/awk /usr/bin/diff
+Requires: /bin/mount /bin/egrep /bin/awk /usr/bin/diff /bin/rpm
 Requires: libsepol >= %{libsepolver} libsemanage >= %{libsemanagever} libselinux-python coreutils audit-libs-python >=  %{libauditver} 
-Requires(post): /sbin/service /sbin/chkconfig
+Requires(post): /sbin/service /sbin/chkconfig 
 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 
 %description
@@ -168,6 +168,12 @@ fi
 [ -x /sbin/service ] && /sbin/service restorecond condrestart  > /dev/null
 
 %changelog
+* Tue Jan 9 2007 Dan Walsh <dwalsh@redhat.com> 1.33.10-1
+- Update to upstream
+	* Merged patch to correctly handle a failure during semanage handle
+	  creation from Karl MacMillan.
+	* Merged patch to fix seobject role modification from Dan Walsh.
+
 * Fri Jan 5 2007 Dan Walsh <dwalsh@redhat.com> 1.33.8-2
 - Stop newrole -l from working on non secure ttys
 Resolves: #200110
diff --git a/sources b/sources
index 0bbea7d..24a3a2c 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-c4c3ebbaf1c11e122441da38fd11478c  policycoreutils-1.33.8.tgz
+131eadefb07d3e320d860136177578e4  policycoreutils-1.33.10.tgz