libsemanage: Alternate path for semanage.conf

Currently the semanage.conf file is hard coded to /etc/selinux/semanage.conf
even when an alternate root path is specified.  Use the semanage.conf
found inside the altername root instead of the system global version.

Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>

libsemanage/src/handle.c

@@ -37,10 +37,12 @@
 #include "semanage_store.h"
 
 #define SEMANAGE_COMMIT_READ_WAIT 5
+#define SEMANAGE_CONF_PATH "/etc/selinux/semanage.conf"
 
 #include <string.h>
 #include <selinux/selinux.h>
 static char *private_selinux_path = NULL;
+static char *private_semanage_conf_path = NULL;
 static char *private_file_context_path = NULL;
 static char *private_file_context_local_path = NULL;
 static char *private_file_context_homedir_path = NULL;
@@ -52,6 +54,7 @@ static char *private_policy_root = NULL;
 
 void semanage_free_root() {
 	free(private_selinux_path); private_selinux_path = NULL;
+	free(private_semanage_conf_path); private_semanage_conf_path = NULL;
 	free(private_file_context_path); private_file_context_path = NULL;
 	free(private_file_context_local_path); private_file_context_local_path = NULL;
 	free(private_file_context_homedir_path); private_file_context_homedir_path = NULL;
@@ -68,6 +71,10 @@ int semanage_set_root(const char *path) {
 		goto error;
 	}
 
+	if ( asprintf(&private_semanage_conf_path, "%s/%s", path, SEMANAGE_CONF_PATH) < 0 ) {
+		goto error;
+	}
+
 	if ( asprintf(&private_file_context_path, "%s/%s", path, selinux_file_context_path()) < 0 ) {
 		goto error;
 	}
@@ -171,6 +178,20 @@ const char *semanage_selinux_path(void) {
 	return selinux_path();
 }
 
+/* Return a fully-qualified path + filename to the semanage
+ * configuration file.  The caller must not alter the string returned
+ * (and hence why this function return type is const).
+ *
+ */
+
+const char *semanage_conf_path(void)
+{
+	if (private_semanage_conf_path)
+		return private_semanage_conf_path;
+
+	return SEMANAGE_CONF_PATH;
+}
+
 semanage_handle_t *semanage_handle_create(void)
 {
 	semanage_handle_t *sh = NULL;

libsemanage/src/handle.h

@@ -105,6 +105,8 @@ struct semanage_handle {
 	dbase_config_t dbase[DBASE_COUNT];
 };
 
+const char *semanage_conf_path(void);
+
 /* === Local modifications === */
 static inline
     dbase_config_t * semanage_user_base_dbase_local(semanage_handle_t * handle)

libsemanage/src/semanage_store.c

@@ -262,18 +262,6 @@ const char *semanage_path(enum semanage_store_defs store,
 	return semanage_paths[store][path_name];
 }
 
-/* Return a fully-qualified path + filename to the semanage
- * configuration file.  The caller must not alter the string returned
- * (and hence why this function return type is const).
- *
- * This is going to be hard coded to /etc/selinux/semanage.conf for
- * the time being. FIXME
- */
-const char *semanage_conf_path(void)
-{
-	return "/etc/selinux/semanage.conf";
-}
-
 /**************** functions that create module store ***************/
 
 /* Check that the semanage store exists.  If 'create' is non-zero then

libsemanage/src/semanage_store.h

@@ -66,7 +66,6 @@ enum semanage_sandbox_defs {
 /* FIXME: this needs to be made a module store specific init and the
  * global configuration moved to another file.
  */
-const char *semanage_conf_path(void);
 int semanage_check_init(const char *root);
 
 extern const char *semanage_fname(enum semanage_sandbox_defs file_enum);