1 #ifndef _SEPOL_HANDLE_H_ 2 #define _SEPOL_HANDLE_H_ 3 4 #include <sys/cdefs.h> 5 6 __BEGIN_DECLS 7 8 struct sepol_handle; 9 typedef struct sepol_handle sepol_handle_t; 10 11 /* Create and return a sepol handle. */ 12 sepol_handle_t *sepol_handle_create(void); 13 14 /* Get whether or not dontaudits will be disabled, same values as 15 * specified by set_disable_dontaudit. This value reflects the state 16 * your system will be set to upon commit, not necessarily its 17 * current state.*/ 18 int sepol_get_disable_dontaudit(sepol_handle_t * sh); 19 20 /* Set whether or not to disable dontaudits, 0 is default and does 21 * not disable dontaudits, 1 disables them */ 22 void sepol_set_disable_dontaudit(sepol_handle_t * sh, int disable_dontaudit); 23 24 /* Set whether module_expand() should consume the base policy passed in. 25 * This should reduce the amount of memory required to expand the policy. */ 26 void sepol_set_expand_consume_base(sepol_handle_t * sh, int consume_base); 27 28 /* Destroy a sepol handle. */ 29 void sepol_handle_destroy(sepol_handle_t *); 30 31 /* Get whether or not needless unused branch of tunables would be preserved */ 32 int sepol_get_preserve_tunables(sepol_handle_t * sh); 33 34 /* Set whether or not to preserve the needless unused branch of tunables, 35 * 0 is default and discard such branch, 1 preserves them */ 36 void sepol_set_preserve_tunables(sepol_handle_t * sh, int preserve_tunables); 37 38 __END_DECLS 39 #endif 40