1#ifndef _SEPOL_HANDLE_H_ 2#define _SEPOL_HANDLE_H_ 3 4struct sepol_handle; 5typedef struct sepol_handle sepol_handle_t; 6 7/* Create and return a sepol handle. */ 8sepol_handle_t *sepol_handle_create(void); 9 10/* Get whether or not dontaudits will be disabled, same values as 11 * specified by set_disable_dontaudit. This value reflects the state 12 * your system will be set to upon commit, not necessarily its 13 * current state.*/ 14int sepol_get_disable_dontaudit(sepol_handle_t * sh); 15 16/* Set whether or not to disable dontaudits, 0 is default and does 17 * not disable dontaudits, 1 disables them */ 18void sepol_set_disable_dontaudit(sepol_handle_t * sh, int disable_dontaudit); 19 20/* Set whether module_expand() should consume the base policy passed in. 21 * This should reduce the amount of memory required to expand the policy. */ 22void sepol_set_expand_consume_base(sepol_handle_t * sh, int consume_base); 23 24/* Destroy a sepol handle. */ 25void sepol_handle_destroy(sepol_handle_t *); 26 27/* Get whether or not needless unused branch of tunables would be preserved */ 28int sepol_get_preserve_tunables(sepol_handle_t * sh); 29 30/* Set whether or not to preserve the needless unused branch of tunables, 31 * 0 is default and discard such branch, 1 preserves them */ 32void sepol_set_preserve_tunables(sepol_handle_t * sh, int preserve_tunables); 33 34#endif 35