--- nautilus-2.19.2/src/file-manager/fm-error-reporting.c.selinux	2007-04-03 06:08:04.000000000 -0400

+++ nautilus-2.19.2/src/file-manager/fm-error-reporting.c	2007-05-19 22:20:22.000000000 -0400

@@ -252,6 +252,38 @@ fm_report_error_setting_permissions (Nau

 	g_free (message);

 }		

+void

+fm_report_error_setting_selinux (NautilusFile *file,

+				 GnomeVFSResult error,

+				 GtkWindow *parent_window)

+{

+	char *file_name;

+	char *message;

+

+	if (error == GNOME_VFS_OK) {

+		return;

+	}

+

+	file_name = nautilus_file_get_display_name (file);

+

+	switch (error) {

+	case GNOME_VFS_ERROR_READ_ONLY_FILE_SYSTEM:

+		message = g_strdup_printf (_("Couldn't change the SELinux security context of \"%s\" because it is on a read-only disk"),

+					   file_name);

+		break;

+	default:

+		/* We should invent decent error messages for every case we actually experience. */

+		g_warning ("Hit unhandled case %d (%s) in fm_report_error_setting_permissions", 

+			   error, gnome_vfs_result_to_string (error));

+		message = g_strdup_printf (_("Sorry, couldn't change the permissions of \"%s\"."), file_name);

+	}

+

+	eel_show_error_dialog (_("The SELinux security context could not be changed."), message, parent_window);

+

+	g_free (file_name);

+	g_free (message);

+}

+

 typedef struct _FMRenameData {

 	char *name;

 	NautilusFileOperationCallback callback;

--- nautilus-2.19.2/src/file-manager/fm-error-reporting.h.selinux	2007-04-03 06:08:04.000000000 -0400

+++ nautilus-2.19.2/src/file-manager/fm-error-reporting.h	2007-05-19 22:20:22.000000000 -0400

@@ -39,7 +39,10 @@ void fm_report_error_renaming_file      

 					  GnomeVFSResult  error_code,

 					  GtkWindow	 *parent_window);

 void fm_report_error_setting_permissions (NautilusFile   *file,

-					  GnomeVFSResult  error_code,			    

+					  GnomeVFSResult  error_code,

+					  GtkWindow	 *parent_window);

+void fm_report_error_setting_selinux     (NautilusFile   *file,

+					  GnomeVFSResult  error_code,

 					  GtkWindow	 *parent_window);

 void fm_report_error_setting_owner       (NautilusFile   *file,

 					  GnomeVFSResult  error_code,  

--- nautilus-2.19.2/src/file-manager/fm-properties-window.c.selinux	2007-05-02 08:40:07.000000000 -0400

+++ nautilus-2.19.2/src/file-manager/fm-properties-window.c	2007-05-19 22:22:52.000000000 -0400

@@ -111,6 +111,10 @@

 #define FREE_STROKE_G  0.396078431

 #define FREE_STROKE_B  0.643137255

+#ifdef HAVE_SELINUX

+# include <selinux/selinux.h>

+#endif

+

 #define PREVIEW_IMAGE_WIDTH 96

 #define ROW_PAD 6

@@ -130,7 +134,7 @@ struct FMPropertiesWindowDetails {	

 	GtkWidget *icon_button;

 	GtkWidget *icon_image;

-	GtkWidget *icon_chooser;

+        GtkWidget *icon_chooser;

 	GtkWidget *name_label;

 	GtkWidget *name_field;

@@ -152,12 +156,15 @@ struct FMPropertiesWindowDetails {	

 	unsigned int  owner_change_timeout;

 	GList *permission_buttons;

-	GList *permission_combos;

+	GList *permission_combos; /* how is this deallocated???? */

+	GList *selinux_combo;

 	GHashTable *initial_permissions;

 	gboolean has_recursive_apply;

 	GList *value_fields;

+	GList *edit_fields;

+

 	GList *mime_list;

 	gboolean deep_count_finished;

@@ -239,6 +246,10 @@ static void permission_combo_update     

 						   GtkComboBox        *combo);

 static void value_field_update                    (FMPropertiesWindow *window,

 						   GtkLabel           *field);

+static void edit_field_update                     (FMPropertiesWindow *window,

+						   GtkEntry           *field);

+static void popup_field_update                    (FMPropertiesWindow *window,

+						   GtkComboBox        *entry);

 static void properties_window_update              (FMPropertiesWindow *window,

 						   GList              *files);

 static void is_directory_ready_callback           (NautilusFile       *file,

@@ -269,9 +280,31 @@ static GtkLabel *attach_ellipsizing_valu

 static GtkWidget* create_pie_widget 		  (FMPropertiesWindow *window);

+static void attach_selinux_data_edit_field        (GtkEntry *entry,

+						   char *attr_value,

+						   char *def_attr_value);

+static void attach_selinux_data_popup_field       (GtkComboBox *comb,

+						   char *attr_val,

+						   char *def_attr_val);

+

 G_DEFINE_TYPE (FMPropertiesWindow, fm_properties_window, GTK_TYPE_WINDOW);

 #define parent_class fm_properties_window_parent_class 

+static void

+maybe_gtk_entry_set_text (GtkEntry *entry, const char *val)

+{

+	char *old_val;

+

+	g_assert (GTK_IS_ENTRY (entry));

+

+	old_val = gtk_editable_get_chars (GTK_EDITABLE (entry), 0, -1);

+

+	if (strcmp (old_val, val) != 0) {

+		gtk_entry_set_text (entry, val);

+	}

+	g_free(old_val);

+}

+

 static gboolean

 is_multi_file_window (FMPropertiesWindow *window)

 {

@@ -292,6 +325,39 @@ is_multi_file_window (FMPropertiesWindow

 	return FALSE;

 }

+static gboolean

+multi_have_same_selinux_context (FMPropertiesWindow *window)

+{

+	GList *l;

+        char *cntx;

+

+	cntx = NULL;

+	for (l = window->details->original_files; l != NULL; l = l->next) {

+		NautilusFile *file;

+

+		file = NAUTILUS_FILE (l->data);

+		if (!nautilus_file_is_gone (file)) {

+		        char *tmp;

+

+			tmp = nautilus_file_get_string_attribute_with_default (file, "selinux_context");

+		        if (!cntx) {

+			         cntx = tmp;

+			} else if (strcmp (cntx, tmp)) {

+				 g_free (tmp);

+				 g_free (cntx);

+				 return FALSE;

+			}

+			else {

+			         g_free (tmp);

+			}

+		}

+	}

+

+	g_free (cntx);

+	

+	return TRUE;

+}

+

 static int

 get_not_gone_original_file_count (FMPropertiesWindow *window)

 {

@@ -529,7 +595,7 @@ fm_properties_window_drag_data_received 

 		return;

 	}

-	uris = g_strsplit (selection_data->data, "\r\n", 0);

+	uris = g_strsplit ((char *) selection_data->data, "\r\n", 0);

 	exactly_one = uris[0] != NULL && (uris[1] == NULL || uris[1][0] == '\0');

@@ -610,7 +676,7 @@ create_image_widget (FMPropertiesWindow 

 static void

 set_name_field (FMPropertiesWindow *window, const gchar *original_name,

-					 const gchar *name)

+		const gchar *name)

 {

 	gboolean new_widget;

 	gboolean use_label;

@@ -676,11 +742,7 @@ set_name_field (FMPropertiesWindow *wind

 			 * currently showing. This causes minimal ripples (e.g.

 			 * selection change).

 			 */

-			gchar *displayed_name = gtk_editable_get_chars (GTK_EDITABLE (window->details->name_field), 0, -1);

-			if (strcmp (displayed_name, name) != 0) {

-				gtk_entry_set_text (GTK_ENTRY (window->details->name_field), name);

-			}

-			g_free (displayed_name);

+		        maybe_gtk_entry_set_text (GTK_ENTRY (window->details->name_field), name);

 		}

 	}

 }

@@ -756,7 +818,6 @@ static void

 name_field_restore_original_name (NautilusEntry *name_field)

 {

 	const char *original_name;

-	char *displayed_name;

 	original_name = (const char *) g_object_get_data (G_OBJECT (name_field),

 							  "original_name");

@@ -765,14 +826,8 @@ name_field_restore_original_name (Nautil

 		return;

 	}

-	displayed_name = gtk_editable_get_chars (GTK_EDITABLE (name_field), 0, -1);

-

-	if (strcmp (original_name, displayed_name) != 0) {

-		gtk_entry_set_text (GTK_ENTRY (name_field), original_name);

-	}

+	maybe_gtk_entry_set_text (GTK_ENTRY (name_field), original_name);

 	nautilus_entry_select_all (name_field);

-

-	g_free (displayed_name);

 }

 static void

@@ -885,7 +940,7 @@ file_has_keyword (NautilusFile *file, co

 	word = g_list_find_custom (keywords, keyword, (GCompareFunc) strcmp);

 	eel_g_list_free_deep (keywords);

-	return (word != NULL);

+	return word != NULL;

 }

 static void

@@ -1152,7 +1207,7 @@ mime_list_equal (GList *a, GList *b)

 		b = b->next;

 	}

-	return (a == b);

+	return a == b;

 }

 static GList *

@@ -1234,6 +1289,14 @@ properties_window_update (FMPropertiesWi

 		for (l = window->details->value_fields; l != NULL; l = l->next) {

 			value_field_update (window, GTK_LABEL (l->data));

 		}

+		

+		for (l = window->details->edit_fields; l != NULL; l = l->next) {

+			edit_field_update (window, GTK_ENTRY (l->data));

+		}

+		

+		for (l = window->details->selinux_combo; l != NULL; l = l->next) {

+		        popup_field_update (window, GTK_COMBO_BOX (l->data));

+		}		

 	}

 	mime_list = get_mime_list (window);

@@ -1403,6 +1466,111 @@ value_field_update (FMPropertiesWindow *

 				      window->details->target_files));

 }

+static void

+edit_field_update_internal (GtkEntry *entry, 

+			    GList *file_list)

+{

+	const char *attr_name;

+	char *attr_value;

+	char *def_attr_value;

+	char *inconsistent_string;

+	

+	g_assert (GTK_IS_ENTRY (entry));

+

+	attr_name = g_object_get_data (G_OBJECT (entry), "file_attribute");

+	inconsistent_string = g_object_get_data (G_OBJECT (entry),

+						 "inconsistent_string");

+	def_attr_value = g_object_get_data (G_OBJECT (entry),

+					    "matchpathcon_cntx");

+	

+	attr_value = file_list_get_string_attribute (file_list, attr_name,

+						     inconsistent_string);

+

+	maybe_gtk_entry_set_text (GTK_ENTRY (entry), attr_value);

+

+	/* JFIXME: this isn't generic, *sigh* ... */

+	attach_selinux_data_edit_field (entry, attr_value, def_attr_value);

+	g_free (attr_value);

+}

+

+static void

+edit_field_update (FMPropertiesWindow *window, GtkEntry *entry)

+{

+	gboolean use_original;	

+

+	if (gtk_widget_is_focus (GTK_WIDGET (entry))) {

+	        return;

+	}

+	

+	use_original = GPOINTER_TO_INT (g_object_get_data (G_OBJECT (entry), "show_original"));

+

+	edit_field_update_internal (entry, 

+				    (use_original ?

+				     window->details->original_files : 

+				     window->details->target_files));

+}

+

+static void

+popup_field_update_internal (GtkComboBox *combo,

+			     GList *file_list)

+{

+	const char *attr_name;

+	char *attr_value;

+	char *def_attr_value;

+	char *inconsistent_string;

+	char *cntx_type;

+	GtkTreeIter iter;

+	

+	g_assert (GTK_IS_COMBO_BOX (combo));

+

+	if (gtk_widget_is_focus (GTK_WIDGET (combo))) {

+	        return;

+	}

+	

+	attr_name = g_object_get_data (G_OBJECT (combo), "file_attribute");

+	inconsistent_string = g_object_get_data (G_OBJECT (combo),

+						 "inconsistent_string");

+	def_attr_value = g_object_get_data (G_OBJECT (combo),

+					    "matchpathcon_cntx");

+	

+	attr_value = file_list_get_string_attribute (file_list, attr_name,

+						     inconsistent_string);

+

+	/* JFIXME: this isn't generic, *sigh* ... */

+

+	if (gtk_combo_box_get_active_iter (combo, &iter)) {

+	        GtkTreeModel *model = gtk_combo_box_get_model (combo);

+

+		/* don't update, if it's identical */

+		gtk_tree_model_get (model, &iter, 0, &cntx_type, -1);

+		if (cntx_type && strcmp (cntx_type, attr_value) == 0) {

+			g_free (attr_value);

+		        return;

+		}

+	}

+

+	attach_selinux_data_popup_field (combo, attr_value, def_attr_value);

+

+	g_free (attr_value);

+}

+

+static void

+popup_field_update (FMPropertiesWindow *window, GtkComboBox *combo)

+{

+	gboolean use_original;	

+

+	if (window->details->selinux_combo) {

+	        return; /* FIXME: must be true: horrible UI, if working */

+	}

+	

+	use_original = GPOINTER_TO_INT (g_object_get_data (G_OBJECT (combo), "show_original"));

+

+	popup_field_update_internal (combo,

+				     (use_original ?

+				      window->details->original_files : 

+				      window->details->target_files));	

+}

+

 static GtkLabel *

 attach_label (GtkTable *table,

 	      int row,

@@ -1457,6 +1625,45 @@ attach_value_label (GtkTable *table,

 	return attach_label (table, row, column, initial_text, FALSE, FALSE, FALSE, TRUE, FALSE);

 }

+static GtkEntry *

+attach_edit (GtkTable *table,

+	     int row,

+	     int column,

+	     const char *initial_text,

+	     gboolean right_aligned,

+	     gboolean bold,

+	     gboolean ellipsize_text,

+	     gboolean selectable,

+	     gboolean mnemonic)

+{

+	GtkWidget *entry_field;

+

+	entry_field = nautilus_entry_new ();

+	gtk_entry_set_text (GTK_ENTRY (entry_field), initial_text);

+

+	gtk_entry_set_alignment (GTK_ENTRY (entry_field), right_aligned ? 1 : 0);

+	gtk_widget_show (entry_field);

+	gtk_table_attach (table, entry_field,

+			  column, column + 1,

+			  row, row + 1,

+			  ellipsize_text

+			    ? GTK_FILL | GTK_EXPAND

+			    : GTK_FILL,

+			  0,

+			  0, 0);

+

+	return GTK_ENTRY (entry_field);

+}	      

+

+static GtkEntry *

+attach_edit_label (GtkTable *table,

+		   int row,

+		   int column,

+		   const char *initial_text)

+{

+	return attach_edit (table, row, column, initial_text, FALSE, FALSE, FALSE, TRUE, FALSE);

+}

+

 static GtkLabel *

 attach_ellipsizing_value_label (GtkTable *table,

 				int row,

@@ -1515,6 +1722,672 @@ attach_value_field (FMPropertiesWindow *

 				     FALSE);

 }

+static void

+start_long_operation (FMPropertiesWindow *window)

+{

+	if (window->details->long_operation_underway == 0) {

+		/* start long operation */

+		GdkCursor * cursor;

+		

+		cursor = gdk_cursor_new (GDK_WATCH);

+		gdk_window_set_cursor (GTK_WIDGET (window)->window, cursor);

+		gdk_cursor_unref (cursor);

+	}

+	window->details->long_operation_underway ++;

+}

+

+static void

+end_long_operation (FMPropertiesWindow *window)

+{

+	if (GTK_WIDGET (window)->window != NULL &&

+	    window->details->long_operation_underway == 1) {

+		/* finished !! */

+		gdk_window_set_cursor (GTK_WIDGET (window)->window, NULL);

+	}

+	window->details->long_operation_underway--;

+}

+

+static void

+selinux_change_callback (NautilusFile *file, GnomeVFSResult result, gpointer callback_data)

+{

+	FMPropertiesWindow *window;

+	g_assert (callback_data != NULL);

+

+	window = FM_PROPERTIES_WINDOW (callback_data);

+	end_long_operation (window);

+	

+	/* Report the error if it's an error. */

+	fm_report_error_setting_selinux (file, result, NULL);

+

+	g_object_unref (window);

+}

+

+static void

+selinux_done_editing (FMPropertiesWindow *window, char *selinux_context)

+{

+	GList *l;

+	

+	/* Accept changes. */

+	for (l = window->details->target_files; l != NULL; l = l->next) {

+		NautilusFile *file;

+

+		file = NAUTILUS_FILE (l->data);

+

+		start_long_operation (window);

+		g_object_ref (window);

+		nautilus_file_set_selinux_context (file, selinux_context,

+						   selinux_change_callback,

+						   window);

+	}

+}

+

+static gboolean

+selinux_focus_out (NautilusEntry *entry, GdkEventFocus *event, gpointer cb_data)

+{

+	g_assert (NAUTILUS_IS_ENTRY (entry));

+	g_assert (FM_IS_PROPERTIES_WINDOW (cb_data));

+

+	if (GTK_WIDGET_SENSITIVE (entry)) {	

+		char *tmp;

+		

+		tmp = gtk_editable_get_chars (GTK_EDITABLE (entry), 0, -1);

+		selinux_done_editing (FM_PROPERTIES_WINDOW (cb_data), tmp);

+		g_free (tmp);

+	}

+

+	return FALSE;

+}

+

+static void

+selinux_entry_activate (NautilusEntry *entry, gpointer cb_data)

+{

+	char *tmp;

+	

+	g_assert (NAUTILUS_IS_ENTRY (entry));

+	g_assert (FM_IS_PROPERTIES_WINDOW (cb_data));

+

+	tmp = gtk_editable_get_chars (GTK_EDITABLE (entry), 0, -1);

+	selinux_done_editing (FM_PROPERTIES_WINDOW (cb_data), tmp);

+	g_free (tmp);

+	

+	nautilus_entry_select_all_at_idle (entry);

+}

+

+/* NOTE: This modifies cntx */

+static void

+selinux_split_cntx (char *cntx,

+		    const char **ret_attr_u,

+		    const char **ret_attr_r,

+		    const char **ret_attr_t,

+		    const char **ret_attr_s)

+{

+	const char *attr_u;

+	const char *attr_r;

+	const char *attr_t;

+	const char *attr_s;

+

+	attr_u = cntx;

+	if (!(attr_r = strchr (attr_u, ':'))) {

+	        attr_r = "object_r"; /* shouldn't happen */

+	} else {

+	        *((char *)attr_r++) = 0;

+	}

+	

+	if (!(attr_t = strchr (attr_r, ':'))) {

+	        attr_t = "file_t"; /* shouldn't happen */

+	} else {

+	        *((char *)attr_t++) = 0;

+	}

+

+	if ((attr_s = strchr (attr_t, ':'))) {

+	        *((char *)attr_s++) = 0;

+	}

+

+	*ret_attr_u = attr_u;

+	*ret_attr_r = attr_r;

+	*ret_attr_t = attr_t;

+	*ret_attr_s = attr_s;

+}

+

+static void

+selinux_popup_activate (GtkComboBox *comb, gpointer cb_data)

+{

+	char *cntx_type;

+	char *orig_type;

+	const char *attr_u;

+	const char *attr_r;

+	const char *attr_t;

+	const char *attr_s;

+	char *tmp;

+	GtkTreeIter iter;

+	

+	g_assert (GTK_IS_COMBO_BOX (comb));

+	g_assert (FM_IS_PROPERTIES_WINDOW (cb_data));

+	

+	if (!gtk_combo_box_get_active_iter (comb, &iter)) {

+	        return;

+	} else {

+	  

+		GtkTreeModel *model = gtk_combo_box_get_model (comb);

+	        gtk_tree_model_get (model, &iter, 0, &cntx_type, -1);

+	}

+	

+	if (!(orig_type = g_object_get_data (G_OBJECT (comb),

+					     "original_cntx"))) {

+	        return;

+	}

+	orig_type = g_strdup (orig_type);

+	

+	selinux_split_cntx (orig_type, &attr_u, &attr_r, &attr_t, &attr_s);

+	tmp = g_strjoin (":", attr_u, attr_r, cntx_type, attr_s, NULL);

+	g_free (orig_type);

+	

+	selinux_done_editing (FM_PROPERTIES_WINDOW (cb_data), tmp);

+	g_free (tmp);

+}

+

+static char *

+cust_type_next_line (GIOChannel *ioc_ctypes)

+{

+	char *data;

+	gsize term;

+	GError *errc;

+

+	data = NULL;

+	term = 0;

+	errc = NULL;

+	

+	if (G_IO_STATUS_NORMAL == g_io_channel_read_line (ioc_ctypes, &data,

+							  NULL, &term, &errc)) {

+	        data[term] = 0;

+		return data;

+	}

+

+	return NULL;

+}

+

+static GSList *

+selinux__type_list (void)

+{

+        static GSList *cust_types;

+	static time_t file_mtime;

+	const char *fname_ctypes;

+	struct stat buf;

+	GIOChannel *ioc_ctypes;

+	GError *errc;

+	GSList *scan;

+	int fd;

+	

+#ifndef HAVE_SELINUX

+	if (cust_types) {

+	        return cust_types;

+	}

+#else

+	fname_ctypes = selinux_customizable_types_path ();

+	if (cust_types && file_mtime && !stat (fname_ctypes, &buf) &&

+	    (file_mtime == buf.st_mtime)) {

+	        return cust_types;

+	}

+#endif

+

+	if (cust_types) {

+	        for (scan = cust_types; scan; scan = scan->next) {

+		        g_free (scan->data);

+		}

+		g_slist_free (cust_types);

+		cust_types = NULL;

+	}

+	

+	cust_types = g_slist_prepend (cust_types, g_strdup ("tmp_t"));

+	cust_types = g_slist_prepend (cust_types, g_strdup ("user_home_t"));

+	/* cust_types = g_slist_prepend (cust_types, g_strdup ("user_tmp_t")); */

+	

+#ifdef HAVE_SELINUX

+	/* read types, one per line... */

+	fname_ctypes = selinux_customizable_types_path ();

+	errc = NULL;

+	if ((ioc_ctypes = g_io_channel_new_file (fname_ctypes, "r", &errc))) {

+	        char *data = NULL;

+

+		while ((data = cust_type_next_line (ioc_ctypes))) {

+		        cust_types = g_slist_prepend (cust_types, data);

+		}

+

+		fd = g_io_channel_unix_get_fd (ioc_ctypes);

+		if (!fstat (fd, &buf)) {

+			file_mtime = buf.st_mtime;

+		}

+

+		g_io_channel_unref (ioc_ctypes);

+	}

+#endif

+

+	return cust_types;

+}

+

+static void

+attach_selinux_data_edit_field (GtkEntry *entry,

+				char *attr_val, char *def_attr_val)

+{

+	GtkEntryCompletion *comp;

+	GtkCellRenderer *cell;

+	const char *attr_u;

+	const char *attr_r;

+	const char *attr_t;

+	const char *attr_s;

+	const char *dattr_u;

+	const char *dattr_r;

+	const char *dattr_t;

+	const char *dattr_s;

+	GtkListStore *store;

+	GtkTreeIter iter;

+	GSList *scan;

+	int width;

+	int owidth;

+	int twidth;

+	

+	attr_val     = g_strdup (attr_val); /* so we can alter it... */

+	def_attr_val = g_strdup (def_attr_val); /* so we can alter it... */

+	

+	/* do completion, so you don't have to type everything... */

+	comp = gtk_entry_completion_new ();

+	store = gtk_list_store_new (2, G_TYPE_STRING, G_TYPE_STRING);

+	gtk_tree_sortable_set_sort_column_id (GTK_TREE_SORTABLE (store),

+					      0, GTK_SORT_ASCENDING);

+	

+	gtk_entry_completion_set_model (comp, GTK_TREE_MODEL (store));

+	cell = gtk_cell_renderer_pixbuf_new ();

+	gtk_cell_layout_pack_start (GTK_CELL_LAYOUT (comp), cell, FALSE);

+	gtk_cell_layout_set_attributes (GTK_CELL_LAYOUT (comp), cell,

+					"stock-id", 1, NULL);

+	gtk_entry_completion_set_text_column (comp, 0);

+	gtk_entry_set_completion (entry, comp);

+

+	 /* FIXME: default doesn't do the right thing, should it? */

+	owidth = gtk_entry_get_width_chars (entry);

+	width = owidth;

+	

+	selinux_split_cntx (attr_val, &attr_u, &attr_r, &attr_t, &attr_s);

+	dattr_u = dattr_r = dattr_t = dattr_s = NULL;

+	if (def_attr_val) {

+	          selinux_split_cntx (def_attr_val, &dattr_u, &dattr_r,

+				      &dattr_t, &dattr_s);