diff --git a/policycoreutils-rhat.patch b/policycoreutils-rhat.patch
index 6756a5b..30d0218 100644
--- a/policycoreutils-rhat.patch
+++ b/policycoreutils-rhat.patch
@@ -148,6 +148,19 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
 +    audit2why.init()
      app = AuditToPolicy()
      app.main()
+diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/audit2allow/audit2allow.1 policycoreutils-2.0.78/audit2allow/audit2allow.1
+--- nsapolicycoreutils/audit2allow/audit2allow.1	2009-02-18 16:44:47.000000000 -0500
++++ policycoreutils-2.0.78/audit2allow/audit2allow.1	2010-01-25 15:55:32.000000000 -0500
+@@ -44,6 +44,9 @@
+ Note that all audit messages are not available via dmesg when
+ auditd is running; use "ausearch -m avc | audit2allow"  or "-a" instead.
+ .TP
++.B "\-D" | "\-\-dontaudit"
++Generate dontaudit rules rather then allow rules
++.TP
+ .B "\-h" | "\-\-help"
+ Print a short usage message
+ .TP
 diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/Makefile policycoreutils-2.0.78/Makefile
 --- nsapolicycoreutils/Makefile	2008-08-28 09:34:24.000000000 -0400
 +++ policycoreutils-2.0.78/Makefile	2009-12-08 17:05:49.000000000 -0500
@@ -1700,8 +1713,8 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
 +relabel:
 diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/sandbox policycoreutils-2.0.78/sandbox/sandbox
 --- nsapolicycoreutils/sandbox/sandbox	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.78/sandbox/sandbox	2010-01-19 11:58:50.000000000 -0500
-@@ -0,0 +1,323 @@
++++ policycoreutils-2.0.78/sandbox/sandbox	2010-01-27 16:39:26.000000000 -0500
+@@ -0,0 +1,357 @@
 +#! /usr/bin/python -E
 +# Authors: Dan Walsh <dwalsh@redhat.com>
 +# Authors: Josh Cogliati
@@ -1727,6 +1740,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
 +import selinux
 +import signal
 +from tempfile import mkdtemp
++import pwd
 +
 +PROGNAME = "policycoreutils"
 +
@@ -1823,7 +1837,6 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
 +              X_FILES[file] = (dest, os.path.getmtime(dest))
 +
 +def copyfiles(newhomedir, newtmpdir, files):
-+       import pwd
 +       homedir=pwd.getpwuid(os.getuid()).pw_dir
 +       for f in files:
 +              copyfile(f,homedir, newhomedir)
@@ -1850,6 +1863,29 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
 +       if(copy):
 +              shutil.copy2(new,orig)
 +
++def setup_executable(execfile, command):
++       fd = open(execfile, "w+")
++       fd.write("""
++#! /bin/sh
++/usr/bin/test -r ~/.xmodmap && /usr/bin/xmodmap ~/.xmodmap
++/usr/bin/matchbox-window-manager -use_titlebar no &
++WM_PID=$!
++%s
++kill -TERM $WM_PID  2> /dev/null
++""" % command)
++       fd.close()
++       os.chmod(execfile, 0700)
++
++def setup_session(execfile, command="/etc/gdm/Xsession"):
++       fd = open(execfile, "w+")
++       fd.write("""
++#!/bin/sh
++/usr/bin/test -r ~/.xmodmap && /usr/bin/xmodmap ~/.xmodmap
++%s
++""" % command)
++       fd.close()
++       os.chmod(execfile, 0700)
++
 +if __name__ == '__main__':
 +    setup_sighandlers()
 +    if selinux.is_selinux_enabled() != 1:
@@ -1859,7 +1895,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
 +
 +    def usage(message = ""):
 +        text = _("""
-+sandbox [-h] [-[X|M] [-H homedir] [-T tempdir]] [-I includefile ] [[-i file ] ...] [ -t type ] command
++sandbox [-h] [-[X|M] [-S] [-l level ] [-H homedir] [-T tempdir]] [-I includefile ] [[-i file ] ...] [ -t type ] command
 +""")
 +        error_exit("%s\n%s" % (message, text))
 +
@@ -1871,8 +1907,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
 +    newtmpdir = None
 +    existing_home = False
 +    existing_temp = False
++    session = False
 +    try:
-+           gopts, cmds = getopt.getopt(sys.argv[1:], "l:i:ht:XI:MH:T:", 
++           gopts, cmds = getopt.getopt(sys.argv[1:], "l:i:hSt:XI:MH:T:", 
 +                                       ["help",
 +                                        "include=", 
 +                                        "includefile=", 
@@ -1880,6 +1917,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
 +                                        "mount",
 +                                        "homedir=",
 +                                        "tmpdir=",
++                                        "session",
 +                                        "level="
 +                                        ])
 +           for o, a in gopts:
@@ -1920,6 +1958,11 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
 +                         newtempdir = a
 +                  if o == "-h" or o == "--help":
 +                         usage(_("Usage"));
++
++                  if o == "-S" or o == "--session":
++                         session = True
++                         homedir=pwd.getpwuid(os.getuid()).pw_dir
++
 +            
 +           if len(cmds) == 0:
 +                  usage(_("Command required"))
@@ -1946,23 +1989,29 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
 +                         if existing_home:
 +                                if not os.path.isdir(newhomedir):
 +                                       raise IOError("Home directory "+newhomedir+" not found")
-+                                if not level:
++                                if not level and not session:
 +                                       chcon =  ("/usr/bin/chcon -R %s %s" % (filecon, newhomedir)).split()
 +                                       rc = os.spawnvp(os.P_WAIT, chcon[0], chcon)
 +                         else:
 +                                newhomedir = mkdtemp(dir=".", prefix=".sandbox")
-+                                chcon =  ("/usr/bin/chcon %s %s" % (filecon, newhomedir)).split()
++                                if session:
++                                       chcon =  ("/usr/bin/chcon --reference %s %s" %( homedir,  (newhomedir))).split()
++                                else:
++                                       chcon =  ("/usr/bin/chcon %s %s" % (filecon, newhomedir)).split()
 +                                rc = os.spawnvp(os.P_WAIT, chcon[0], chcon)
 +
 +                         if existing_temp:
 +                                if not os.path.isdir(newtempdir):
 +                                       raise IOError("Temp directory "+newtempdir+" not found")                
-+                                if not level:
++                                if not level and not session:
 +                                       chcon =  ("/usr/bin/chcon -R %s %s" % (filecon, newtmpdir)).split()
 +                                       rc = os.spawnvp(os.P_WAIT, chcon[0], chcon)
 +                         else:
 +                                newtmpdir = mkdtemp(dir="/tmp", prefix=".sandbox")
-+                                chcon =  ("/usr/bin/chcon %s %s" % (filecon, newtmpdir)).split()
++                                if session:
++                                       chcon =  ("/usr/bin/chcon --reference /tmp %s" % (newtmpdir)).split()
++                                else:
++                                       chcon =  ("/usr/bin/chcon %s %s" % (filecon, newtmpdir)).split()
 +                                rc = os.spawnvp(os.P_WAIT, chcon[0], chcon)
 +
 +                         warnings.resetwarnings()
@@ -1982,12 +2031,11 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
 +                                xd.close()
 +
 +                                execfile = newhomedir + "/.sandboxrc"
-+                                fd = open(execfile, "w+")
-+                                fd.write("""#! /bin/sh
-+%s
-+""" % " ".join(paths))
-+                                fd.close()
-+                                os.chmod(execfile, 0700)
++                                if session:
++                                       setup_session(execfile, " ".join(paths))
++                                else:
++                                       setup_executable(execfile, " ".join(paths))
++
 +                                cmds =  ("/usr/sbin/seunshare -t %s -h %s -- %s /usr/share/sandbox/sandboxX.sh" % (newtmpdir, newhomedir, execcon)).split()
 +                                rc = os.spawnvp(os.P_WAIT, cmds[0], cmds)
 +                         else:
@@ -2019,12 +2067,11 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
 +    except KeyError, error:
 +           error_exit(_("Invalid value %s") % error.args[0])
 +    except IOError, error:
-+           error_exit(error.args[1])
++           error_exit(error.message)
 +    except KeyboardInterrupt:
 +           rc = 0
 +           
 +    sys.exit(rc)
-+
 diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/sandbox.8 policycoreutils-2.0.78/sandbox/sandbox.8
 --- nsapolicycoreutils/sandbox/sandbox.8	1969-12-31 19:00:00.000000000 -0500
 +++ policycoreutils-2.0.78/sandbox/sandbox.8	2009-12-18 07:37:35.000000000 -0500
@@ -2079,29 +2126,390 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
 +.TP
 +runcon(1)
 +.PP
+diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/.sandboxSKnKBc/.esd_auth policycoreutils-2.0.78/sandbox/.sandboxSKnKBc/.esd_auth
+--- nsapolicycoreutils/sandbox/.sandboxSKnKBc/.esd_auth	1969-12-31 19:00:00.000000000 -0500
++++ policycoreutils-2.0.78/sandbox/.sandboxSKnKBc/.esd_auth	2010-01-25 17:24:41.000000000 -0500
+@@ -0,0 +1 @@
++��h�~��H||��#x�
+\ No newline at end of file
+diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/.sandboxSKnKBc/.gconf/apps/panel/applets/clock/prefs/%gconf.xml policycoreutils-2.0.78/sandbox/.sandboxSKnKBc/.gconf/apps/panel/applets/clock/prefs/%gconf.xml
+--- nsapolicycoreutils/sandbox/.sandboxSKnKBc/.gconf/apps/panel/applets/clock/prefs/%gconf.xml	1969-12-31 19:00:00.000000000 -0500
++++ policycoreutils-2.0.78/sandbox/.sandboxSKnKBc/.gconf/apps/panel/applets/clock/prefs/%gconf.xml	2010-01-25 17:25:15.000000000 -0500
+@@ -0,0 +1,24 @@
++<?xml version="1.0"?>
++<gconf>
++	<entry name="hour_format" mtime="1264458282" schema="/schemas/apps/clock_applet/prefs/hour_format"/>
++	<entry name="temperature_unit" mtime="1264458282" schema="/schemas/apps/clock_applet/prefs/temperature_unit"/>
++	<entry name="expand_locations" mtime="1264458282" schema="/schemas/apps/clock_applet/prefs/expand_locations"/>
++	<entry name="unix_time" mtime="1264458282" schema="/schemas/apps/clock_applet/prefs/unix_time"/>
++	<entry name="show_temperature" mtime="1264458282" schema="/schemas/apps/clock_applet/prefs/show_temperature"/>
++	<entry name="format" mtime="1264458282" schema="/schemas/apps/clock_applet/prefs/format"/>
++	<entry name="config_tool" mtime="1264458282" schema="/schemas/apps/clock_applet/prefs/config_tool"/>
++	<entry name="expand_birthdays" mtime="1264458282" schema="/schemas/apps/clock_applet/prefs/expand_birthdays"/>
++	<entry name="show_date" mtime="1264458282" schema="/schemas/apps/clock_applet/prefs/show_date"/>
++	<entry name="expand_appointments" mtime="1264458282" schema="/schemas/apps/clock_applet/prefs/expand_appointments"/>
++	<entry name="speed_unit" mtime="1264458282" schema="/schemas/apps/clock_applet/prefs/speed_unit"/>
++	<entry name="expand_weather" mtime="1264458282" schema="/schemas/apps/clock_applet/prefs/expand_weather"/>
++	<entry name="show_seconds" mtime="1264458282" schema="/schemas/apps/clock_applet/prefs/show_seconds"/>
++	<entry name="internet_time" mtime="1264458282" schema="/schemas/apps/clock_applet/prefs/internet_time"/>
++	<entry name="show_week_numbers" mtime="1264458282" schema="/schemas/apps/clock_applet/prefs/show_week_numbers"/>
++	<entry name="expand_tasks" mtime="1264458282" schema="/schemas/apps/clock_applet/prefs/expand_tasks"/>
++	<entry name="show_weather" mtime="1264458282" schema="/schemas/apps/clock_applet/prefs/show_weather"/>
++	<entry name="gmt_time" mtime="1264458282" schema="/schemas/apps/clock_applet/prefs/gmt_time"/>
++	<entry name="show_tooltip" mtime="1264458282" schema="/schemas/apps/clock_applet/prefs/show_tooltip"/>
++	<entry name="custom_format" mtime="1264458282" schema="/schemas/apps/clock_applet/prefs/custom_format"/>
++	<entry name="cities" mtime="1264458282" schema="/schemas/apps/clock_applet/prefs/cities"/>
++</gconf>
+diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/.sandboxSKnKBc/.gconf/apps/panel/applets/window_list/prefs/%gconf.xml policycoreutils-2.0.78/sandbox/.sandboxSKnKBc/.gconf/apps/panel/applets/window_list/prefs/%gconf.xml
+--- nsapolicycoreutils/sandbox/.sandboxSKnKBc/.gconf/apps/panel/applets/window_list/prefs/%gconf.xml	1969-12-31 19:00:00.000000000 -0500
++++ policycoreutils-2.0.78/sandbox/.sandboxSKnKBc/.gconf/apps/panel/applets/window_list/prefs/%gconf.xml	2010-01-25 17:25:15.000000000 -0500
+@@ -0,0 +1,8 @@
++<?xml version="1.0"?>
++<gconf>
++	<entry name="minimum_size" mtime="1264458281" schema="/schemas/apps/window_list_applet/prefs/minimum_size"/>
++	<entry name="move_unminimized_windows" mtime="1264458281" schema="/schemas/apps/window_list_applet/prefs/move_unminimized_windows"/>
++	<entry name="maximum_size" mtime="1264458281" schema="/schemas/apps/window_list_applet/prefs/maximum_size"/>
++	<entry name="group_windows" mtime="1264458281" schema="/schemas/apps/window_list_applet/prefs/group_windows"/>
++	<entry name="display_all_workspaces" mtime="1264458281" schema="/schemas/apps/window_list_applet/prefs/display_all_workspaces"/>
++</gconf>
+diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/.sandboxSKnKBc/.gconf/apps/panel/applets/workspace_switcher/prefs/%gconf.xml policycoreutils-2.0.78/sandbox/.sandboxSKnKBc/.gconf/apps/panel/applets/workspace_switcher/prefs/%gconf.xml
+--- nsapolicycoreutils/sandbox/.sandboxSKnKBc/.gconf/apps/panel/applets/workspace_switcher/prefs/%gconf.xml	1969-12-31 19:00:00.000000000 -0500
++++ policycoreutils-2.0.78/sandbox/.sandboxSKnKBc/.gconf/apps/panel/applets/workspace_switcher/prefs/%gconf.xml	2010-01-25 17:25:15.000000000 -0500
+@@ -0,0 +1,6 @@
++<?xml version="1.0"?>
++<gconf>
++	<entry name="display_workspace_names" mtime="1264458282" schema="/schemas/apps/workspace_switcher_applet/prefs/display_workspace_names"/>
++	<entry name="num_rows" mtime="1264458282" schema="/schemas/apps/workspace_switcher_applet/prefs/num_rows"/>
++	<entry name="display_all_workspaces" mtime="1264458282" schema="/schemas/apps/workspace_switcher_applet/prefs/display_all_workspaces"/>
++</gconf>
+diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/.sandboxSKnKBc/.gconf/desktop/gnome/accessibility/keyboard/%gconf.xml policycoreutils-2.0.78/sandbox/.sandboxSKnKBc/.gconf/desktop/gnome/accessibility/keyboard/%gconf.xml
+--- nsapolicycoreutils/sandbox/.sandboxSKnKBc/.gconf/desktop/gnome/accessibility/keyboard/%gconf.xml	1969-12-31 19:00:00.000000000 -0500
++++ policycoreutils-2.0.78/sandbox/.sandboxSKnKBc/.gconf/desktop/gnome/accessibility/keyboard/%gconf.xml	2010-01-25 17:24:41.000000000 -0500
+@@ -0,0 +1,23 @@
++<?xml version="1.0"?>
++<gconf>
++	<entry name="mousekeys_enable" mtime="1264458281" type="bool" value="false"/>
++	<entry name="stickykeys_two_key_off" mtime="1264458281" type="bool" value="true"/>
++	<entry name="mousekeys_max_speed" mtime="1264458281" type="int" value="750"/>
++	<entry name="timeout" mtime="1264458281" type="int" value="120"/>
++	<entry name="timeout_enable" mtime="1264458281" type="bool" value="false"/>
++	<entry name="bouncekeys_beep_reject" mtime="1264458281" type="bool" value="true"/>
++	<entry name="mousekeys_accel_time" mtime="1264458281" type="int" value="1200"/>
++	<entry name="mousekeys_init_delay" mtime="1264458281" type="int" value="160"/>
++	<entry name="slowkeys_beep_reject" mtime="1264458281" type="bool" value="false"/>
++	<entry name="slowkeys_beep_accept" mtime="1264458281" type="bool" value="true"/>
++	<entry name="slowkeys_enable" mtime="1264458281" type="bool" value="false"/>
++	<entry name="stickykeys_modifier_beep" mtime="1264458281" type="bool" value="true"/>
++	<entry name="bouncekeys_enable" mtime="1264458281" type="bool" value="false"/>
++	<entry name="togglekeys_enable" mtime="1264458281" type="bool" value="false"/>
++	<entry name="stickykeys_enable" mtime="1264458281" type="bool" value="false"/>
++	<entry name="slowkeys_beep_press" mtime="1264458281" type="bool" value="true"/>
++	<entry name="bouncekeys_delay" mtime="1264458281" type="int" value="300"/>
++	<entry name="slowkeys_delay" mtime="1264458281" type="int" value="300"/>
++	<entry name="feature_state_change_beep" mtime="1264458281" type="bool" value="false"/>
++	<entry name="enable" mtime="1264458281" type="bool" value="false"/>
++</gconf>
+diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/.sandboxSKnKBc/.gconf/desktop/gnome/interface/%gconf.xml policycoreutils-2.0.78/sandbox/.sandboxSKnKBc/.gconf/desktop/gnome/interface/%gconf.xml
+--- nsapolicycoreutils/sandbox/.sandboxSKnKBc/.gconf/desktop/gnome/interface/%gconf.xml	1969-12-31 19:00:00.000000000 -0500
++++ policycoreutils-2.0.78/sandbox/.sandboxSKnKBc/.gconf/desktop/gnome/interface/%gconf.xml	2010-01-25 17:25:15.000000000 -0500
+@@ -0,0 +1,6 @@
++<?xml version="1.0"?>
++<gconf>
++	<entry name="gtk-im-module" mtime="1264458283" type="string">
++		<stringvalue>gtk-im-context-simple</stringvalue>
++	</entry>
++</gconf>
+diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/.sandboxSKnKBc/.gconf/desktop/gnome/peripherals/keyboard/%gconf.xml policycoreutils-2.0.78/sandbox/.sandboxSKnKBc/.gconf/desktop/gnome/peripherals/keyboard/%gconf.xml
+--- nsapolicycoreutils/sandbox/.sandboxSKnKBc/.gconf/desktop/gnome/peripherals/keyboard/%gconf.xml	1969-12-31 19:00:00.000000000 -0500
++++ policycoreutils-2.0.78/sandbox/.sandboxSKnKBc/.gconf/desktop/gnome/peripherals/keyboard/%gconf.xml	2010-01-25 17:25:15.000000000 -0500
+@@ -0,0 +1,4 @@
++<?xml version="1.0"?>
++<gconf>
++	<entry name="disable_xmm_and_xkb_warning" mtime="1264458288" type="bool" value="true"/>
++</gconf>
+diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/.sandboxSKnKBc/.gconf/desktop/gnome/peripherals/keyboard/general/%gconf.xml policycoreutils-2.0.78/sandbox/.sandboxSKnKBc/.gconf/desktop/gnome/peripherals/keyboard/general/%gconf.xml
+--- nsapolicycoreutils/sandbox/.sandboxSKnKBc/.gconf/desktop/gnome/peripherals/keyboard/general/%gconf.xml	1969-12-31 19:00:00.000000000 -0500
++++ policycoreutils-2.0.78/sandbox/.sandboxSKnKBc/.gconf/desktop/gnome/peripherals/keyboard/general/%gconf.xml	2010-01-25 17:24:41.000000000 -0500
+@@ -0,0 +1,8 @@
++<?xml version="1.0"?>
++<gconf>
++	<entry name="known_file_list" mtime="1264458281" type="list" ltype="string">
++		<li type="string">
++			<stringvalue>.xmodmap</stringvalue>
++		</li>
++	</entry>
++</gconf>
+diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/.sandboxSKnKBc/.xmodmap policycoreutils-2.0.78/sandbox/.sandboxSKnKBc/.xmodmap
+--- nsapolicycoreutils/sandbox/.sandboxSKnKBc/.xmodmap	1969-12-31 19:00:00.000000000 -0500
++++ policycoreutils-2.0.78/sandbox/.sandboxSKnKBc/.xmodmap	2010-01-25 17:24:30.000000000 -0500
+@@ -0,0 +1,248 @@
++keycode   8 =
++keycode   9 = Escape NoSymbol Escape
++keycode  10 = 1 exclam 1 exclam
++keycode  11 = 2 at 2 at
++keycode  12 = 3 numbersign 3 numbersign
++keycode  13 = 4 dollar 4 dollar
++keycode  14 = 5 percent 5 percent
++keycode  15 = 6 asciicircum 6 asciicircum
++keycode  16 = 7 ampersand 7 ampersand
++keycode  17 = 8 asterisk 8 asterisk
++keycode  18 = 9 parenleft 9 parenleft
++keycode  19 = 0 parenright 0 parenright
++keycode  20 = minus underscore minus underscore
++keycode  21 = equal plus equal plus
++keycode  22 = BackSpace NoSymbol BackSpace
++keycode  23 = Tab ISO_Left_Tab Tab ISO_Left_Tab
++keycode  24 = q Q q Q
++keycode  25 = w W w W
++keycode  26 = e E e E
++keycode  27 = r R r R
++keycode  28 = t T t T
++keycode  29 = y Y y Y
++keycode  30 = u U u U
++keycode  31 = i I i I
++keycode  32 = o O o O
++keycode  33 = p P p P
++keycode  34 = bracketleft braceleft bracketleft braceleft
++keycode  35 = bracketright braceright bracketright braceright
++keycode  36 = Return NoSymbol Return
++keycode  37 = Control_L NoSymbol Control_L
++keycode  38 = a A a A
++keycode  39 = s S s S
++keycode  40 = d D d D
++keycode  41 = f F f F
++keycode  42 = g G g G
++keycode  43 = h H h H
++keycode  44 = j J j J
++keycode  45 = k K k K
++keycode  46 = l L l L
++keycode  47 = semicolon colon semicolon colon
++keycode  48 = apostrophe quotedbl apostrophe quotedbl
++keycode  49 = grave asciitilde grave asciitilde
++keycode  50 = Shift_L NoSymbol Shift_L
++keycode  51 = backslash bar backslash bar
++keycode  52 = z Z z Z
++keycode  53 = x X x X
++keycode  54 = c C c C
++keycode  55 = v V v V
++keycode  56 = b B b B
++keycode  57 = n N n N
++keycode  58 = m M m M
++keycode  59 = comma less comma less
++keycode  60 = period greater period greater
++keycode  61 = slash question slash question
++keycode  62 = Shift_R NoSymbol Shift_R
++keycode  63 = KP_Multiply XF86_ClearGrab KP_Multiply XF86_ClearGrab
++keycode  64 = Alt_L Meta_L Alt_L Meta_L
++keycode  65 = space NoSymbol space
++keycode  66 = Caps_Lock NoSymbol Caps_Lock
++keycode  67 = F1 XF86_Switch_VT_1 F1 XF86_Switch_VT_1
++keycode  68 = F2 XF86_Switch_VT_2 F2 XF86_Switch_VT_2
++keycode  69 = F3 XF86_Switch_VT_3 F3 XF86_Switch_VT_3
++keycode  70 = F4 XF86_Switch_VT_4 F4 XF86_Switch_VT_4
++keycode  71 = F5 XF86_Switch_VT_5 F5 XF86_Switch_VT_5
++keycode  72 = F6 XF86_Switch_VT_6 F6 XF86_Switch_VT_6
++keycode  73 = F7 XF86_Switch_VT_7 F7 XF86_Switch_VT_7
++keycode  74 = F8 XF86_Switch_VT_8 F8 XF86_Switch_VT_8
++keycode  75 = F9 XF86_Switch_VT_9 F9 XF86_Switch_VT_9
++keycode  76 = F10 XF86_Switch_VT_10 F10 XF86_Switch_VT_10
++keycode  77 = Num_Lock Pointer_EnableKeys Num_Lock Pointer_EnableKeys
++keycode  78 = Scroll_Lock NoSymbol Scroll_Lock
++keycode  79 = KP_Home KP_7 KP_Home KP_7
++keycode  80 = KP_Up KP_8 KP_Up KP_8
++keycode  81 = KP_Prior KP_9 KP_Prior KP_9
++keycode  82 = KP_Subtract XF86_Prev_VMode KP_Subtract XF86_Prev_VMode
++keycode  83 = KP_Left KP_4 KP_Left KP_4
++keycode  84 = KP_Begin KP_5 KP_Begin KP_5
++keycode  85 = KP_Right KP_6 KP_Right KP_6
++keycode  86 = KP_Add XF86_Next_VMode KP_Add XF86_Next_VMode
++keycode  87 = KP_End KP_1 KP_End KP_1
++keycode  88 = KP_Down KP_2 KP_Down KP_2
++keycode  89 = KP_Next KP_3 KP_Next KP_3
++keycode  90 = KP_Insert KP_0 KP_Insert KP_0
++keycode  91 = KP_Delete KP_Decimal KP_Delete KP_Decimal
++keycode  92 = ISO_Level3_Shift NoSymbol ISO_Level3_Shift
++keycode  93 =
++keycode  94 = less greater less greater bar brokenbar
++keycode  95 = F11 XF86_Switch_VT_11 F11 XF86_Switch_VT_11
++keycode  96 = F12 XF86_Switch_VT_12 F12 XF86_Switch_VT_12
++keycode  97 =
++keycode  98 = Katakana NoSymbol Katakana
++keycode  99 = Hiragana NoSymbol Hiragana
++keycode 100 = Henkan_Mode NoSymbol Henkan_Mode
++keycode 101 = Hiragana_Katakana NoSymbol Hiragana_Katakana
++keycode 102 = Muhenkan NoSymbol Muhenkan
++keycode 103 =
++keycode 104 = KP_Enter NoSymbol KP_Enter
++keycode 105 = Control_R NoSymbol Control_R
++keycode 106 = KP_Divide XF86_Ungrab KP_Divide XF86_Ungrab
++keycode 107 = Print Sys_Req Print Sys_Req
++keycode 108 = Alt_R Meta_R Alt_R Meta_R
++keycode 109 = Linefeed NoSymbol Linefeed
++keycode 110 = Home NoSymbol Home
++keycode 111 = Up NoSymbol Up
++keycode 112 = Prior NoSymbol Prior
++keycode 113 = Left NoSymbol Left
++keycode 114 = Right NoSymbol Right
++keycode 115 = End NoSymbol End
++keycode 116 = Down NoSymbol Down
++keycode 117 = Next NoSymbol Next
++keycode 118 = Insert NoSymbol Insert
++keycode 119 = Delete NoSymbol Delete
++keycode 120 =
++keycode 121 = XF86AudioMute NoSymbol XF86AudioMute
++keycode 122 = XF86AudioLowerVolume NoSymbol XF86AudioLowerVolume
++keycode 123 = XF86AudioRaiseVolume NoSymbol XF86AudioRaiseVolume
++keycode 124 = XF86PowerOff NoSymbol XF86PowerOff
++keycode 125 = KP_Equal NoSymbol KP_Equal
++keycode 126 = plusminus NoSymbol plusminus
++keycode 127 = Pause Break Pause Break
++keycode 128 =
++keycode 129 = KP_Decimal NoSymbol KP_Decimal
++keycode 130 = Hangul NoSymbol Hangul
++keycode 131 = Hangul_Hanja NoSymbol Hangul_Hanja
++keycode 132 =
++keycode 133 = Super_L NoSymbol Super_L
++keycode 134 = Super_R NoSymbol Super_R
++keycode 135 = Menu NoSymbol Menu
++keycode 136 = Cancel NoSymbol Cancel
++keycode 137 = Redo NoSymbol Redo
++keycode 138 = SunProps NoSymbol SunProps
++keycode 139 = Undo NoSymbol Undo
++keycode 140 = SunFront NoSymbol SunFront
++keycode 141 = XF86Copy NoSymbol XF86Copy
++keycode 142 = SunOpen NoSymbol SunOpen
++keycode 143 = XF86Paste NoSymbol XF86Paste
++keycode 144 = Find NoSymbol Find
++keycode 145 = XF86Cut NoSymbol XF86Cut
++keycode 146 = Help NoSymbol Help
++keycode 147 = XF86MenuKB NoSymbol XF86MenuKB
++keycode 148 = XF86Calculator NoSymbol XF86Calculator
++keycode 149 =
++keycode 150 = XF86Sleep NoSymbol XF86Sleep
++keycode 151 = XF86WakeUp NoSymbol XF86WakeUp
++keycode 152 = XF86Explorer NoSymbol XF86Explorer
++keycode 153 = XF86Send NoSymbol XF86Send
++keycode 154 =
++keycode 155 = XF86Xfer NoSymbol XF86Xfer
++keycode 156 = XF86Launch1 NoSymbol XF86Launch1
++keycode 157 = XF86Launch2 NoSymbol XF86Launch2
++keycode 158 = XF86WWW NoSymbol XF86WWW
++keycode 159 = XF86DOS NoSymbol XF86DOS
++keycode 160 = XF86ScreenSaver NoSymbol XF86ScreenSaver
++keycode 161 =
++keycode 162 = XF86RotateWindows NoSymbol XF86RotateWindows
++keycode 163 = XF86Mail NoSymbol XF86Mail
++keycode 164 = XF86Favorites NoSymbol XF86Favorites
++keycode 165 = XF86MyComputer NoSymbol XF86MyComputer
++keycode 166 = XF86Back NoSymbol XF86Back
++keycode 167 = XF86Forward NoSymbol XF86Forward
++keycode 168 =
++keycode 169 = XF86Eject NoSymbol XF86Eject
++keycode 170 = XF86Eject XF86Eject XF86Eject XF86Eject
++keycode 171 = XF86AudioNext NoSymbol XF86AudioNext
++keycode 172 = XF86AudioPlay XF86AudioPause XF86AudioPlay XF86AudioPause
++keycode 173 = XF86AudioPrev NoSymbol XF86AudioPrev
++keycode 174 = XF86AudioStop XF86Eject XF86AudioStop XF86Eject
++keycode 175 = XF86AudioRecord NoSymbol XF86AudioRecord
++keycode 176 = XF86AudioRewind NoSymbol XF86AudioRewind
++keycode 177 = XF86Phone NoSymbol XF86Phone
++keycode 178 =
++keycode 179 = XF86Tools NoSymbol XF86Tools
++keycode 180 = XF86HomePage NoSymbol XF86HomePage
++keycode 181 = XF86Reload NoSymbol XF86Reload
++keycode 182 = XF86Close NoSymbol XF86Close
++keycode 183 =
++keycode 184 =
++keycode 185 = XF86ScrollUp NoSymbol XF86ScrollUp
++keycode 186 = XF86ScrollDown NoSymbol XF86ScrollDown
++keycode 187 = parenleft NoSymbol parenleft
++keycode 188 = parenright NoSymbol parenright
++keycode 189 = XF86New NoSymbol XF86New
++keycode 190 = Redo NoSymbol Redo
++keycode 191 =
++keycode 192 =
++keycode 193 =
++keycode 194 =
++keycode 195 =
++keycode 196 =
++keycode 197 =
++keycode 198 =
++keycode 199 =
++keycode 200 = XF86TouchpadToggle NoSymbol XF86TouchpadToggle
++keycode 201 =
++keycode 202 =
++keycode 203 = Mode_switch NoSymbol Mode_switch
++keycode 204 = NoSymbol Alt_L NoSymbol Alt_L
++keycode 205 = NoSymbol Meta_L NoSymbol Meta_L
++keycode 206 = NoSymbol Super_L NoSymbol Super_L
++keycode 207 = NoSymbol Hyper_L NoSymbol Hyper_L
++keycode 208 = XF86AudioPlay NoSymbol XF86AudioPlay
++keycode 209 = XF86AudioPause NoSymbol XF86AudioPause
++keycode 210 = XF86Launch3 NoSymbol XF86Launch3
++keycode 211 = XF86Launch4 NoSymbol XF86Launch4
++keycode 212 =
++keycode 213 = XF86Suspend NoSymbol XF86Suspend
++keycode 214 = XF86Close NoSymbol XF86Close
++keycode 215 = XF86AudioPlay NoSymbol XF86AudioPlay
++keycode 216 = XF86AudioForward NoSymbol XF86AudioForward
++keycode 217 =
++keycode 218 = Print NoSymbol Print
++keycode 219 =
++keycode 220 = XF86WebCam NoSymbol XF86WebCam
++keycode 221 =
++keycode 222 =
++keycode 223 = XF86Mail NoSymbol XF86Mail
++keycode 224 =
++keycode 225 = XF86Search NoSymbol XF86Search
++keycode 226 =
++keycode 227 = XF86Finance NoSymbol XF86Finance
++keycode 228 =
++keycode 229 = XF86Shop NoSymbol XF86Shop
++keycode 230 =
++keycode 231 = Cancel NoSymbol Cancel
++keycode 232 = XF86MonBrightnessDown NoSymbol XF86MonBrightnessDown
++keycode 233 = XF86MonBrightnessUp NoSymbol XF86MonBrightnessUp
++keycode 234 = XF86AudioMedia NoSymbol XF86AudioMedia
++keycode 235 = XF86Display NoSymbol XF86Display
++keycode 236 = XF86KbdLightOnOff NoSymbol XF86KbdLightOnOff
++keycode 237 = XF86KbdBrightnessDown NoSymbol XF86KbdBrightnessDown
++keycode 238 = XF86KbdBrightnessUp NoSymbol XF86KbdBrightnessUp
++keycode 239 = XF86Send NoSymbol XF86Send
++keycode 240 = XF86Reply NoSymbol XF86Reply
++keycode 241 = XF86MailForward NoSymbol XF86MailForward
++keycode 242 = XF86Save NoSymbol XF86Save
++keycode 243 = XF86Documents NoSymbol XF86Documents
++keycode 244 = XF86Battery NoSymbol XF86Battery
++keycode 245 = XF86Bluetooth NoSymbol XF86Bluetooth
++keycode 246 = XF86WLAN NoSymbol XF86WLAN
++keycode 247 =
++keycode 248 =
++keycode 249 =
++keycode 250 =
++keycode 251 =
++keycode 252 =
++keycode 253 =
++keycode 254 =
++keycode 255 =
 diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/sandboxX.sh policycoreutils-2.0.78/sandbox/sandboxX.sh
 --- nsapolicycoreutils/sandbox/sandboxX.sh	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.78/sandbox/sandboxX.sh	2010-01-19 12:20:41.000000000 -0500
-@@ -0,0 +1,19 @@
++++ policycoreutils-2.0.78/sandbox/sandboxX.sh	2010-01-27 16:49:23.000000000 -0500
+@@ -0,0 +1,14 @@
 +#!/bin/bash 
-+export TITLE="Sandbox: `/usr/bin/tail -1 ~/.sandboxrc | /usr/bin/cut -b1-70`"
-+
++export TITLE="Sandbox: `/usr/bin/tail -1 ~/.sandboxrc | /usr/bin/cut -b1-70` Running as `secon -t -l -P`"
++export SCREENSIZE="1000x700"
++#export SCREENSIZE=`xdpyinfo | awk  '/dimensions/ {  print $2 }'`
 +trap "exit 0" HUP
 +
-+(/usr/bin/Xephyr -title "$TITLE" -terminate -screen 1000x700 -displayfd 5 5>&1 2>/dev/null) | while read D; do 
++(/usr/bin/Xephyr -title "$TITLE" -terminate -screen $SCREENSIZE -displayfd 5 5>&1 2>/dev/null) | while read D; do 
 +    export DISPLAY=:$D
-+    (/usr/bin/test -r ~/.xmodmap && /usr/bin/xmodmap ~/.xmodmap) &
-+    /usr/bin/matchbox-window-manager -use_titlebar no &
-+    WM_PID=$!
-+    ~/.sandboxrc &
-+    CLIENT_PID=$!
-+    wait $CLIENT_PID
++    python -c 'import gtk, os; os.system("%s/.sandboxrc" % os.environ["HOME"])'
 +    export EXITCODE=$?
-+    kill -TERM $WM_PID  2> /dev/null
 +    kill -HUP 0
 +    break
 +done
 +exit 0
+Binary files nsapolicycoreutils/sandbox/seunshare and policycoreutils-2.0.78/sandbox/seunshare differ
 diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/seunshare.c policycoreutils-2.0.78/sandbox/seunshare.c
 --- nsapolicycoreutils/sandbox/seunshare.c	1969-12-31 19:00:00.000000000 -0500
 +++ policycoreutils-2.0.78/sandbox/seunshare.c	2010-01-19 12:15:41.000000000 -0500
@@ -2371,6 +2779,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
 +
 +	return status;
 +}
+Binary files nsapolicycoreutils/sandbox/seunshare.o and policycoreutils-2.0.78/sandbox/seunshare.o differ
 diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/semanage policycoreutils-2.0.78/semanage/semanage
 --- nsapolicycoreutils/semanage/semanage	2009-11-18 17:06:03.000000000 -0500
 +++ policycoreutils-2.0.78/semanage/semanage	2010-01-08 09:24:07.000000000 -0500
diff --git a/policycoreutils.spec b/policycoreutils.spec
index 799f9be..9633a17 100644
--- a/policycoreutils.spec
+++ b/policycoreutils.spec
@@ -6,7 +6,7 @@
 Summary: SELinux policy core utilities
 Name:	 policycoreutils
 Version: 2.0.78
-Release: 13%{?dist}
+Release: 14%{?dist}
 License: GPLv2+
 Group:	 System Environment/Base
 Source:	 http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz
@@ -297,6 +297,10 @@ fi
 exit 0
 
 %changelog
+* Wed Jan 27 2010 Dan Walsh <dwalsh@redhat.com> 2.0.78-14
+- Add session capability to sandbox 
+- sandbox -SX -H ~/.homedir -t unconfined_t -l s0:c15 /etc/gdm/Xsession
+
 * Thu Jan 21 2010 Dan Walsh <dwalsh@redhat.com> 2.0.78-13
 - Fix executable template for fifo files