static void sss_semanage_close(semanage_handle_t *handle)
{
if (handle == NULL) {
return; /* semanage uses asserts */
}
if (semanage_is_connected(handle)) {
semanage_disconnect(handle);
}
semanage_handle_destroy(handle);
}
static sepoltrans *sepoltransNew(void)
{
sepoltrans *pt = xcalloc(1, sizeof(*pt));
pt->semodulepath = rpmExpand("%{__semodule}", NULL);
pt->execsemodule = (!rpmChrootDone() && access(pt->semodulepath, X_OK) == 0);
pt->changes = 0;
if (pt->execsemodule) {
argvAdd(&pt->semodargs, "semodule");
} else {
pt->sh = semanage_handle_create();
if (!pt->sh) {
rpmlog(RPMLOG_ERR, _("Failed to create semanage handle\n"));
goto err;
}
semanage_set_create_store(pt->sh, 1);
semanage_set_check_contexts(pt->sh, 0);
if (semanage_connect(pt->sh) < 0) {
rpmlog(RPMLOG_ERR, _("Failed to connect to policy handler\n"));
goto err;
}
if (semanage_begin_transaction(pt->sh) < 0) {
rpmlog(RPMLOG_ERR, _("Failed to begin policy transaction: %s\n"),
errno ? strerror(errno) : "");
goto err;
}
semanage_set_reload(pt->sh, !rpmChrootDone());
}
return pt;
err:
if (pt->sh) {
if (semanage_is_connected(pt->sh)) {
semanage_disconnect(pt->sh);
}
semanage_handle_destroy(pt->sh);
}
free(pt);
return NULL;
}
