Use specified semanage.conf for cross compiling

Use specified semanage.conf for cross compiling

[Xin Ouyang]

[-- Attachment #1: Type: text/plain, Size: 3475 bytes --]

Hi all,

For some cross compiling cases, I need to use semodule to create the
policy store at build time.
It is,
       semodule -n -b base.pp -i some.pp .. -p $TARGET_ROOT

With this, semodule will use /etc/selinux/semanage.conf by calling
semanage_handle_create():

// libsemanage/src/handle.c
semanage_handle_t *semanage_handle_create(void)
{
        semanage_handle_t *sh = NULL;
        const char *conf_name = NULL;

        /* Allocate handle */
        if ((sh = calloc(1, sizeof(semanage_handle_t))) == NULL)
                goto err;

        if ((conf_name = semanage_conf_path()) == NULL)
                goto err;

        if ((sh->conf = semanage_conf_parse(conf_name)) == NULL)
                goto err;

While there may be some different options in  semanage.conf for the
target, I am trying to specify a special semanage.conf path instead of
/etc/selinux/semanage.conf in the build host.

Commit 9cd587f5533456e7b26601e27e65744272e2e783 introduced
semanage_set_root() as an alternate root for policy stores. So I make
a patch to use the semanage.conf in the alternate root.
After the patch, semodule -p /target will use
/target/etc/selinux/semanage.conf as the config file.

Anyone who has better solutions, please


diff --git a/libsemanage/src/handle.c b/libsemanage/src/handle.c
index 7adc1cc..ef36152 100644
--- a/libsemanage/src/handle.c
+++ b/libsemanage/src/handle.c
@@ -41,6 +41,7 @@
 #include <string.h>
 #include <selinux/selinux.h>
 static char *private_selinux_path = NULL;
+static char *private_semanage_conf_path = NULL;
 static char *private_file_context_path = NULL;
 static char *private_file_context_local_path = NULL;
 static char *private_file_context_homedir_path = NULL;
@@ -52,6 +53,7 @@ static char *private_policy_root = NULL;

 void semanage_free_root() {
        free(private_selinux_path); private_selinux_path = NULL;
+       free(private_semanage_conf_path); private_semanage_conf_path = NULL;
        free(private_file_context_path); private_file_context_path = NULL;
        free(private_file_context_local_path);
private_file_context_local_path = NULL;
        free(private_file_context_homedir_path);
private_file_context_homedir_path = NULL;
@@ -68,6 +70,10 @@ int semanage_set_root(const char *path) {
                goto error;
        }

+       if ( asprintf(&private_semanage_conf_path, "%s/%s", path,
semanage_conf_path()) < 0 ) {
+               goto error;
+       }
+
        if ( asprintf(&private_file_context_path, "%s/%s", path,
selinux_file_context_path()) < 0 ) {
                goto error;
        }
@@ -171,6 +177,13 @@ const char *semanage_selinux_path(void) {
        return selinux_path();
 }

+const char *semanage_semanage_conf_path(void) {
+       if (private_semanage_conf_path
+               && access(private_semanage_conf_path, R_OK) == 0)
+               return private_semanage_conf_path;
+       return semanage_conf_path();
+}
+
 semanage_handle_t *semanage_handle_create(void)
 {
        semanage_handle_t *sh = NULL;
@@ -180,7 +193,7 @@ semanage_handle_t *semanage_handle_create(void)
        if ((sh = calloc(1, sizeof(semanage_handle_t))) == NULL)
                goto err;

-       if ((conf_name = semanage_conf_path()) == NULL)
+       if ((conf_name = semanage_semanage_conf_path()) == NULL)
                goto err;

        if ((sh->conf = semanage_conf_parse(conf_name)) == NULL)

[-- Attachment #2: 0001-libsemanage-semanage.conf-with-semanage_set_root.patch --]
[-- Type: text/x-patch, Size: 2376 bytes --]

From 811e113c1e6fddccca729f8e133321c46db95c80 Mon Sep 17 00:00:00 2001
From: Xin Ouyang <xinpascal@gmail.com>
Date: Wed, 4 Jan 2012 14:38:36 +0800
Subject: [PATCH] libsemanage: semanage.conf with semanage_set_root.

Allow applications to use semanage.conf in the alternate root, if
semanage_set_root called.
---
 libsemanage/src/handle.c |   15 ++++++++++++++-
 1 files changed, 14 insertions(+), 1 deletions(-)

diff --git a/libsemanage/src/handle.c b/libsemanage/src/handle.c
index 7adc1cc..ef36152 100644
--- a/libsemanage/src/handle.c
+++ b/libsemanage/src/handle.c
@@ -41,6 +41,7 @@
 #include <string.h>
 #include <selinux/selinux.h>
 static char *private_selinux_path = NULL;
+static char *private_semanage_conf_path = NULL;
 static char *private_file_context_path = NULL;
 static char *private_file_context_local_path = NULL;
 static char *private_file_context_homedir_path = NULL;
@@ -52,6 +53,7 @@ static char *private_policy_root = NULL;
 
 void semanage_free_root() {
 	free(private_selinux_path); private_selinux_path = NULL;
+	free(private_semanage_conf_path); private_semanage_conf_path = NULL;
 	free(private_file_context_path); private_file_context_path = NULL;
 	free(private_file_context_local_path); private_file_context_local_path = NULL;
 	free(private_file_context_homedir_path); private_file_context_homedir_path = NULL;
@@ -68,6 +70,10 @@ int semanage_set_root(const char *path) {
 		goto error;
 	}
 
+	if ( asprintf(&private_semanage_conf_path, "%s/%s", path, semanage_conf_path()) < 0 ) {
+		goto error;
+	}
+
 	if ( asprintf(&private_file_context_path, "%s/%s", path, selinux_file_context_path()) < 0 ) {
 		goto error;
 	}
@@ -171,6 +177,13 @@ const char *semanage_selinux_path(void) {
 	return selinux_path();
 }
 
+const char *semanage_semanage_conf_path(void) {
+	if (private_semanage_conf_path
+		&& access(private_semanage_conf_path, R_OK) == 0)
+		return private_semanage_conf_path;
+	return semanage_conf_path();
+}
+
 semanage_handle_t *semanage_handle_create(void)
 {
 	semanage_handle_t *sh = NULL;
@@ -180,7 +193,7 @@ semanage_handle_t *semanage_handle_create(void)
 	if ((sh = calloc(1, sizeof(semanage_handle_t))) == NULL)
 		goto err;
 
-	if ((conf_name = semanage_conf_path()) == NULL)
+	if ((conf_name = semanage_semanage_conf_path()) == NULL)
 		goto err;
 
 	if ((sh->conf = semanage_conf_parse(conf_name)) == NULL)
-- 
1.7.5.4

Re: Use specified semanage.conf for cross compiling

[Daniel J Walsh]

[-- Attachment #1: Type: text/plain, Size: 3628 bytes --]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 01/04/2012 03:57 AM, Xin Ouyang wrote:
> Hi all,
> 
> For some cross compiling cases, I need to use semodule to create
> the policy store at build time. It is, semodule -n -b base.pp -i
> some.pp .. -p $TARGET_ROOT
> 
> With this, semodule will use /etc/selinux/semanage.conf by calling 
> semanage_handle_create():
> 
> // libsemanage/src/handle.c semanage_handle_t
> *semanage_handle_create(void) { semanage_handle_t *sh = NULL; const
> char *conf_name = NULL;
> 
> /* Allocate handle */ if ((sh = calloc(1,
> sizeof(semanage_handle_t))) == NULL) goto err;
> 
> if ((conf_name = semanage_conf_path()) == NULL) goto err;
> 
> if ((sh->conf = semanage_conf_parse(conf_name)) == NULL) goto err;
> 
> While there may be some different options in  semanage.conf for
> the target, I am trying to specify a special semanage.conf path
> instead of /etc/selinux/semanage.conf in the build host.
> 
> Commit 9cd587f5533456e7b26601e27e65744272e2e783 introduced 
> semanage_set_root() as an alternate root for policy stores. So I
> make a patch to use the semanage.conf in the alternate root. After
> the patch, semodule -p /target will use 
> /target/etc/selinux/semanage.conf as the config file.
> 
> Anyone who has better solutions, please
> 
> 
> diff --git a/libsemanage/src/handle.c b/libsemanage/src/handle.c 
> index 7adc1cc..ef36152 100644 --- a/libsemanage/src/handle.c +++
> b/libsemanage/src/handle.c @@ -41,6 +41,7 @@ #include <string.h> 
> #include <selinux/selinux.h> static char *private_selinux_path =
> NULL; +static char *private_semanage_conf_path = NULL; static char
> *private_file_context_path = NULL; static char
> *private_file_context_local_path = NULL; static char
> *private_file_context_homedir_path = NULL; @@ -52,6 +53,7 @@ static
> char *private_policy_root = NULL;
> 
> void semanage_free_root() { free(private_selinux_path);
> private_selinux_path = NULL; +
> free(private_semanage_conf_path); private_semanage_conf_path =
> NULL; free(private_file_context_path); private_file_context_path =
> NULL; free(private_file_context_local_path); 
> private_file_context_local_path = NULL; 
> free(private_file_context_homedir_path); 
> private_file_context_homedir_path = NULL; @@ -68,6 +70,10 @@ int
> semanage_set_root(const char *path) { goto error; }
> 
> +       if ( asprintf(&private_semanage_conf_path, "%s/%s", path, 
> semanage_conf_path()) < 0 ) { +               goto error; +
> } + if ( asprintf(&private_file_context_path, "%s/%s", path, 
> selinux_file_context_path()) < 0 ) { goto error; } @@ -171,6
> +177,13 @@ const char *semanage_selinux_path(void) { return
> selinux_path(); }
> 
> +const char *semanage_semanage_conf_path(void) { +       if
> (private_semanage_conf_path +               &&
> access(private_semanage_conf_path, R_OK) == 0) +
> return private_semanage_conf_path; +       return
> semanage_conf_path(); +} + semanage_handle_t
> *semanage_handle_create(void) { semanage_handle_t *sh = NULL; @@
> -180,7 +193,7 @@ semanage_handle_t *semanage_handle_create(void) if
> ((sh = calloc(1, sizeof(semanage_handle_t))) == NULL) goto err;
> 
> -       if ((conf_name = semanage_conf_path()) == NULL) +       if
> ((conf_name = semanage_semanage_conf_path()) == NULL) goto err;
> 
> if ((sh->conf = semanage_conf_parse(conf_name)) == NULL)


How about this patch instead.


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk8Ec5EACgkQrlYvE4MpobMGUgCfS4IXRl6CslxjlmM1HHpTlwbl
lMwAoNQBVA6F9mv7spdOE64IsxAx67dx
=BWGP
-----END PGP SIGNATURE-----

[-- Attachment #2: libsemanage_conf_path.patch --]
[-- Type: text/x-patch, Size: 3664 bytes --]

diff --git a/libsemanage/src/handle.c b/libsemanage/src/handle.c
index 7adc1cc..4b43ba7 100644
--- a/libsemanage/src/handle.c
+++ b/libsemanage/src/handle.c
@@ -37,10 +37,12 @@
 #include "semanage_store.h"
 
 #define SEMANAGE_COMMIT_READ_WAIT 5
+#define SEMANAGE_CONF_PATH "/etc/selinux/semanage.conf"
 
 #include <string.h>
 #include <selinux/selinux.h>
 static char *private_selinux_path = NULL;
+static char *private_semanage_conf_path = NULL;
 static char *private_file_context_path = NULL;
 static char *private_file_context_local_path = NULL;
 static char *private_file_context_homedir_path = NULL;
@@ -52,6 +54,7 @@ static char *private_policy_root = NULL;
 
 void semanage_free_root() {
 	free(private_selinux_path); private_selinux_path = NULL;
+	free(private_semanage_conf_path); private_semanage_conf_path = NULL;
 	free(private_file_context_path); private_file_context_path = NULL;
 	free(private_file_context_local_path); private_file_context_local_path = NULL;
 	free(private_file_context_homedir_path); private_file_context_homedir_path = NULL;
@@ -68,6 +71,10 @@ int semanage_set_root(const char *path) {
 		goto error;
 	}
 
+	if ( asprintf(&private_semanage_conf_path, "%s/%s", path, SEMANAGE_CONF_PATH) < 0 ) {
+		goto error;
+	}
+
 	if ( asprintf(&private_file_context_path, "%s/%s", path, selinux_file_context_path()) < 0 ) {
 		goto error;
 	}
@@ -171,6 +178,20 @@ const char *semanage_selinux_path(void) {
 	return selinux_path();
 }
 
+/* Return a fully-qualified path + filename to the semanage
+ * configuration file.  The caller must not alter the string returned
+ * (and hence why this function return type is const).
+ *
+ */
+
+const char *semanage_conf_path(void)
+{
+	if (private_semanage_conf_path)
+		return private_semanage_conf_path;
+
+	return SEMANAGE_CONF_PATH;
+}
+
 semanage_handle_t *semanage_handle_create(void)
 {
 	semanage_handle_t *sh = NULL;
diff --git a/libsemanage/src/handle.h b/libsemanage/src/handle.h
index 723d811..bb12594 100644
--- a/libsemanage/src/handle.h
+++ b/libsemanage/src/handle.h
@@ -105,6 +105,8 @@ struct semanage_handle {
 	dbase_config_t dbase[DBASE_COUNT];
 };
 
+const char *semanage_conf_path(void);
+
 /* === Local modifications === */
 static inline
     dbase_config_t * semanage_user_base_dbase_local(semanage_handle_t * handle)
diff --git a/libsemanage/src/semanage_store.c b/libsemanage/src/semanage_store.c
index a223aa7..0e7b71a 100644
--- a/libsemanage/src/semanage_store.c
+++ b/libsemanage/src/semanage_store.c
@@ -262,18 +262,6 @@ const char *semanage_path(enum semanage_store_defs store,
 	return semanage_paths[store][path_name];
 }
 
-/* Return a fully-qualified path + filename to the semanage
- * configuration file.  The caller must not alter the string returned
- * (and hence why this function return type is const).
- *
- * This is going to be hard coded to /etc/selinux/semanage.conf for
- * the time being. FIXME
- */
-const char *semanage_conf_path(void)
-{
-	return "/etc/selinux/semanage.conf";
-}
-
 /**************** functions that create module store ***************/
 
 /* Check that the semanage store exists.  If 'create' is non-zero then
diff --git a/libsemanage/src/semanage_store.h b/libsemanage/src/semanage_store.h
index b451308..98e011d 100644
--- a/libsemanage/src/semanage_store.h
+++ b/libsemanage/src/semanage_store.h
@@ -66,7 +66,6 @@ enum semanage_sandbox_defs {
 /* FIXME: this needs to be made a module store specific init and the
  * global configuration moved to another file.
  */
-const char *semanage_conf_path(void);
 int semanage_check_init(const char *root);
 
 extern const char *semanage_fname(enum semanage_sandbox_defs file_enum);

Re: Use specified semanage.conf for cross compiling

[Xin Ouyang]

[-- Attachment #1: Type: text/plain, Size: 4259 bytes --]

Thanks.

I think it is better to retain the access function .
If there is no semanage.conf in the target, we will use the one in the
host instead.

+const char *semanage_conf_path(void)
+{
+       if (private_semanage_conf_path
+               && access(private_semanage_conf_path, R_OK) == 0)
+               return private_semanage_conf_path;
+
+       return SEMANAGE_CONF_PATH;
+}
+

:)
- Pascal

2012/1/4 Daniel J Walsh <dwalsh@redhat.com>:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On 01/04/2012 03:57 AM, Xin Ouyang wrote:
>> Hi all,
>>
>> For some cross compiling cases, I need to use semodule to create
>> the policy store at build time. It is, semodule -n -b base.pp -i
>> some.pp .. -p $TARGET_ROOT
>>
>> With this, semodule will use /etc/selinux/semanage.conf by calling
>> semanage_handle_create():
>>
>> // libsemanage/src/handle.c semanage_handle_t
>> *semanage_handle_create(void) { semanage_handle_t *sh = NULL; const
>> char *conf_name = NULL;
>>
>> /* Allocate handle */ if ((sh = calloc(1,
>> sizeof(semanage_handle_t))) == NULL) goto err;
>>
>> if ((conf_name = semanage_conf_path()) == NULL) goto err;
>>
>> if ((sh->conf = semanage_conf_parse(conf_name)) == NULL) goto err;
>>
>> While there may be some different options in  semanage.conf for
>> the target, I am trying to specify a special semanage.conf path
>> instead of /etc/selinux/semanage.conf in the build host.
>>
>> Commit 9cd587f5533456e7b26601e27e65744272e2e783 introduced
>> semanage_set_root() as an alternate root for policy stores. So I
>> make a patch to use the semanage.conf in the alternate root. After
>> the patch, semodule -p /target will use
>> /target/etc/selinux/semanage.conf as the config file.
>>
>> Anyone who has better solutions, please
>>
>>
>> diff --git a/libsemanage/src/handle.c b/libsemanage/src/handle.c
>> index 7adc1cc..ef36152 100644 --- a/libsemanage/src/handle.c +++
>> b/libsemanage/src/handle.c @@ -41,6 +41,7 @@ #include <string.h>
>> #include <selinux/selinux.h> static char *private_selinux_path =
>> NULL; +static char *private_semanage_conf_path = NULL; static char
>> *private_file_context_path = NULL; static char
>> *private_file_context_local_path = NULL; static char
>> *private_file_context_homedir_path = NULL; @@ -52,6 +53,7 @@ static
>> char *private_policy_root = NULL;
>>
>> void semanage_free_root() { free(private_selinux_path);
>> private_selinux_path = NULL; +
>> free(private_semanage_conf_path); private_semanage_conf_path =
>> NULL; free(private_file_context_path); private_file_context_path =
>> NULL; free(private_file_context_local_path);
>> private_file_context_local_path = NULL;
>> free(private_file_context_homedir_path);
>> private_file_context_homedir_path = NULL; @@ -68,6 +70,10 @@ int
>> semanage_set_root(const char *path) { goto error; }
>>
>> +       if ( asprintf(&private_semanage_conf_path, "%s/%s", path,
>> semanage_conf_path()) < 0 ) { +               goto error; +
>> } + if ( asprintf(&private_file_context_path, "%s/%s", path,
>> selinux_file_context_path()) < 0 ) { goto error; } @@ -171,6
>> +177,13 @@ const char *semanage_selinux_path(void) { return
>> selinux_path(); }
>>
>> +const char *semanage_semanage_conf_path(void) { +       if
>> (private_semanage_conf_path +               &&
>> access(private_semanage_conf_path, R_OK) == 0) +
>> return private_semanage_conf_path; +       return
>> semanage_conf_path(); +} + semanage_handle_t
>> *semanage_handle_create(void) { semanage_handle_t *sh = NULL; @@
>> -180,7 +193,7 @@ semanage_handle_t *semanage_handle_create(void) if
>> ((sh = calloc(1, sizeof(semanage_handle_t))) == NULL) goto err;
>>
>> -       if ((conf_name = semanage_conf_path()) == NULL) +       if
>> ((conf_name = semanage_semanage_conf_path()) == NULL) goto err;
>>
>> if ((sh->conf = semanage_conf_parse(conf_name)) == NULL)
>
>
> How about this patch instead.
>
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.11 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
>
> iEYEARECAAYFAk8Ec5EACgkQrlYvE4MpobMGUgCfS4IXRl6CslxjlmM1HHpTlwbl
> lMwAoNQBVA6F9mv7spdOE64IsxAx67dx
> =BWGP
> -----END PGP SIGNATURE-----

[-- Attachment #2: libsemanage_conf_path_for_cross.patch --]
[-- Type: text/x-patch, Size: 4299 bytes --]

From 955f57b9787845ca6186c46e26db3e2288f1e047 Mon Sep 17 00:00:00 2001
From: Xin Ouyang <xinpascal@gmail.com>
Date: Thu, 5 Jan 2012 11:01:42 +0800
Subject: [PATCH] libsemanage: semanage.conf with semanage_set_root.

Allow applications to use semanage.conf in the alternate root, if
semanage_set_root called.
---
 libsemanage/src/handle.c         |   22 ++++++++++++++++++++++
 libsemanage/src/handle.h         |    2 ++
 libsemanage/src/semanage_store.c |   12 ------------
 libsemanage/src/semanage_store.h |    1 -
 4 files changed, 24 insertions(+), 13 deletions(-)

diff --git a/libsemanage/src/handle.c b/libsemanage/src/handle.c
index 7adc1cc..75de6db 100644
--- a/libsemanage/src/handle.c
+++ b/libsemanage/src/handle.c
@@ -37,10 +37,12 @@
 #include "semanage_store.h"
 
 #define SEMANAGE_COMMIT_READ_WAIT 5
+#define SEMANAGE_CONF_PATH "/etc/selinux/semanage.conf"
 
 #include <string.h>
 #include <selinux/selinux.h>
 static char *private_selinux_path = NULL;
+static char *private_semanage_conf_path = NULL;
 static char *private_file_context_path = NULL;
 static char *private_file_context_local_path = NULL;
 static char *private_file_context_homedir_path = NULL;
@@ -52,6 +54,7 @@ static char *private_policy_root = NULL;
 
 void semanage_free_root() {
 	free(private_selinux_path); private_selinux_path = NULL;
+	free(private_semanage_conf_path); private_semanage_conf_path = NULL;
 	free(private_file_context_path); private_file_context_path = NULL;
 	free(private_file_context_local_path); private_file_context_local_path = NULL;
 	free(private_file_context_homedir_path); private_file_context_homedir_path = NULL;
@@ -68,6 +71,10 @@ int semanage_set_root(const char *path) {
 		goto error;
 	}
 
+	if ( asprintf(&private_semanage_conf_path, "%s/%s", path, SEMANAGE_CONF_PATH) < 0 ) {
+		goto error;
+	}
+
 	if ( asprintf(&private_file_context_path, "%s/%s", path, selinux_file_context_path()) < 0 ) {
 		goto error;
 	}
@@ -171,6 +178,21 @@ const char *semanage_selinux_path(void) {
 	return selinux_path();
 }
 
+/* Return a fully-qualified path + filename to the semanage
+ * configuration file.  The caller must not alter the string returned
+ * (and hence why this function return type is const).
+ *
+ */
+
+const char *semanage_conf_path(void)
+{
+	if (private_semanage_conf_path
+		&& access(private_semanage_conf_path, R_OK) == 0)
+		return private_semanage_conf_path;
+
+	return SEMANAGE_CONF_PATH;
+}
+
 semanage_handle_t *semanage_handle_create(void)
 {
 	semanage_handle_t *sh = NULL;
diff --git a/libsemanage/src/handle.h b/libsemanage/src/handle.h
index 723d811..bb12594 100644
--- a/libsemanage/src/handle.h
+++ b/libsemanage/src/handle.h
@@ -105,6 +105,8 @@ struct semanage_handle {
 	dbase_config_t dbase[DBASE_COUNT];
 };
 
+const char *semanage_conf_path(void);
+
 /* === Local modifications === */
 static inline
     dbase_config_t * semanage_user_base_dbase_local(semanage_handle_t * handle)
diff --git a/libsemanage/src/semanage_store.c b/libsemanage/src/semanage_store.c
index a223aa7..0e7b71a 100644
--- a/libsemanage/src/semanage_store.c
+++ b/libsemanage/src/semanage_store.c
@@ -262,18 +262,6 @@ const char *semanage_path(enum semanage_store_defs store,
 	return semanage_paths[store][path_name];
 }
 
-/* Return a fully-qualified path + filename to the semanage
- * configuration file.  The caller must not alter the string returned
- * (and hence why this function return type is const).
- *
- * This is going to be hard coded to /etc/selinux/semanage.conf for
- * the time being. FIXME
- */
-const char *semanage_conf_path(void)
-{
-	return "/etc/selinux/semanage.conf";
-}
-
 /**************** functions that create module store ***************/
 
 /* Check that the semanage store exists.  If 'create' is non-zero then
diff --git a/libsemanage/src/semanage_store.h b/libsemanage/src/semanage_store.h
index b451308..98e011d 100644
--- a/libsemanage/src/semanage_store.h
+++ b/libsemanage/src/semanage_store.h
@@ -66,7 +66,6 @@ enum semanage_sandbox_defs {
 /* FIXME: this needs to be made a module store specific init and the
  * global configuration moved to another file.
  */
-const char *semanage_conf_path(void);
 int semanage_check_init(const char *root);
 
 extern const char *semanage_fname(enum semanage_sandbox_defs file_enum);
-- 
1.7.5.4