diff -urpN selinux.orig2/libsemanage/include/semanage/handle.h selinux/libsemanage/include/semanage/handle.h --- selinux.orig2/libsemanage/include/semanage/handle.h 2009-07-01 21:15:17.224235939 -0400 +++ selinux/libsemanage/include/semanage/handle.h 2009-07-02 11:09:06.982262194 -0400 @@ -69,6 +69,9 @@ void semanage_set_rebuild(semanage_handl * 1 for yes, 0 for no (default) */ void semanage_set_create_store(semanage_handle_t * handle, int create_store); +/*Get whether or not to dontaudits will be disabled upon commit */ +int semanage_get_disable_dontaudit(semanage_handle_t * handle); + /* Set whether or not to disable dontaudits upon commit */ void semanage_set_disable_dontaudit(semanage_handle_t * handle, int disable_dontaudit); diff -urpN selinux.orig2/libsemanage/src/handle.c selinux/libsemanage/src/handle.c --- selinux.orig2/libsemanage/src/handle.c 2009-07-01 21:15:17.288238017 -0400 +++ selinux/libsemanage/src/handle.c 2009-07-02 11:29:20.740267205 -0400 @@ -29,6 +29,7 @@ #include #include #include +#include #include "direct_api.h" #include "handle.h" @@ -75,7 +76,12 @@ semanage_handle_t *semanage_handle_creat /* Set callback */ sh->msg_callback = semanage_msg_default_handler; sh->msg_callback_arg = NULL; - + + /*set the flag to be deleted*/ + char path[PATH_MAX]; + path = semanage_fname(SEMANAGE_DISABLE_DONTAUDIT) + remove(path); + return sh; err: @@ -110,11 +116,27 @@ void semanage_set_create_store(semanage_ return; } +int semanage_get_disable_dontaudit(semanage_handle_t * sh) +{ + assert(sh != NULL); + + return sepol_get_disable_dontaudit(sh->sepolh); +} + void semanage_set_disable_dontaudit(semanage_handle_t * sh, int disable_dontaudit) { assert(sh != NULL); - + sepol_set_disable_dontaudit(sh->sepolh, disable_dontaudit); + + char path[PATH_MAX]; + path = semanage_fname(SEMANAGE_DISABLE_DONTAUDIT) + if(disable_dontaudit(sh) == 1){ + FILE *touch; + touch = fopen(path,"w"); + fclose(touch); + }else + remove(path); return; } @@ -264,7 +286,7 @@ int semanage_commit(semanage_handle_t * assert(sh != NULL && sh->funcs != NULL && sh->funcs->commit != NULL); if (!sh->is_in_transaction) { ERR(sh, - "Will not commit because caller does not have a tranaction lock yet."); + "Will not commit because caller does not have a transaction lock yet."); return -1; } retval = sh->funcs->commit(sh); diff -urpN selinux.orig2/libsemanage/src/libsemanage.map selinux/libsemanage/src/libsemanage.map --- selinux.orig2/libsemanage/src/libsemanage.map 2009-07-01 21:15:17.290237650 -0400 +++ selinux/libsemanage/src/libsemanage.map 2009-07-02 11:12:49.864242881 -0400 @@ -15,7 +15,7 @@ LIBSEMANAGE_1.0 { semanage_iface_*; semanage_port_*; semanage_context_*; semanage_node_*; semanage_fcontext_*; semanage_access_check; semanage_set_create_store; - semanage_is_connected; semanage_set_disable_dontaudit; + semanage_is_connected; semanage_get_disable_dontaudit; semanage_set_disable_dontaudit; semanage_mls_enabled; local: *; }; diff -urpN selinux.orig2/libsemanage/src/semanage_store.h selinux/libsemanage/src/semanage_store.h --- selinux.orig2/libsemanage/src/semanage_store.h 2009-07-01 21:15:17.262235597 -0400 +++ selinux/libsemanage/src/semanage_store.h 2009-07-02 10:35:04.362488949 -0400 @@ -58,7 +58,8 @@ enum semanage_sandbox_defs { SEMANAGE_USERS_EXTRA, SEMANAGE_NC, SEMANAGE_FC_HOMEDIRS, - SEMANAGE_STORE_NUM_PATHS + SEMANAGE_STORE_NUM_PATHS, + SEMANAGE_DISABLE_DONTAUDIT }; /* FIXME: this needs to be made a module store specific init and the