/usr/include/sepol/handle.h is in libsepol1-dev 2.4-2.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 | #ifndef _SEPOL_HANDLE_H_
#define _SEPOL_HANDLE_H_
#include <sys/cdefs.h>
__BEGIN_DECLS
struct sepol_handle;
typedef struct sepol_handle sepol_handle_t;
/* Create and return a sepol handle. */
sepol_handle_t *sepol_handle_create(void);
/* Get whether or not dontaudits will be disabled, same values as
* specified by set_disable_dontaudit. This value reflects the state
* your system will be set to upon commit, not necessarily its
* current state.*/
int sepol_get_disable_dontaudit(sepol_handle_t * sh);
/* Set whether or not to disable dontaudits, 0 is default and does
* not disable dontaudits, 1 disables them */
void sepol_set_disable_dontaudit(sepol_handle_t * sh, int disable_dontaudit);
/* Set whether module_expand() should consume the base policy passed in.
* This should reduce the amount of memory required to expand the policy. */
void sepol_set_expand_consume_base(sepol_handle_t * sh, int consume_base);
/* Destroy a sepol handle. */
void sepol_handle_destroy(sepol_handle_t *);
/* Get whether or not needless unused branch of tunables would be preserved */
int sepol_get_preserve_tunables(sepol_handle_t * sh);
/* Set whether or not to preserve the needless unused branch of tunables,
* 0 is default and discard such branch, 1 preserves them */
void sepol_set_preserve_tunables(sepol_handle_t * sh, int preserve_tunables);
__END_DECLS
#endif
|