DEBUG: Apend line feed to messages from libsemanage It wasn't simple to read log files from libsemanage because they were on single line. Reviewed-by: Fabiano Fidêncio <fidencio@redhat.com>

Remove braces from DEBUG statements Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>

UTIL: Allow to append new line in sss_vdebug_fn libldb is not consistent with appending line feed in debug messages. AS a result of this two messages can be on the same line in sssd log files. Which makes analyzing log files more difficult. Reviewed-by: Pavel Březina <pbrezina@redhat.com>

UTIL: Use sss_vdebug_fn for callbacks Reviewed-by: Pavel Březina <pbrezina@redhat.com>

UTIL: Use prefix for debug function Reviewed-by: Pavel Březina <pbrezina@redhat.com>

SELINUX: Avoid disconnecting disconnected handle Resolves: https://fedorahosted.org/sssd/ticket/2649 libsemanage is very strict about its API usage and actually doesn't allow disconnecting a handle that is not connected. The unpatched code would fail with: selinux_child: handle.c:231: semanage_disconnect: Assertion `sh != ((void *)0) && sh->funcs != ((void *)0) && sh->funcs->disconnect != ((void *)0)' failed. If semanage_connect() failed. Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>

selinux: Only call semanage if the context actually changes https://fedorahosted.org/sssd/ticket/2624 Add a function to query the libsemanage database for a user context and only update the database if the context differes from the one set on the server. Adds talloc dependency to libsss_semanage. Reviewed-by: Michal Židek <mzidek@redhat.com>

selinux: Begin and end the transaction on the same nesting level Transaction should be started and commited on the same code nesting or abstraction level. Also, transactions are really costly with libselinux and splitting them from initialization will make init function reusable by read-only libsemanage functions. Reviewed-by: Michal Židek <mzidek@redhat.com>

selinux: Disconnect before closing the handle libsemanage documentation says: ~~~~ be sure that a semanage_disconnect() was previously called if the handle was connected. ~~~~ Otherwise we get a memory leak. Reviewed-by: Michal Židek <mzidek@redhat.com>

Add missing new lines to debug messages Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>

sss_semanage: Add mlsrange parameter to set_seuser mlsrange parameter will be needed in IPA provider and probably at some point in the tools as well. Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>

util: Move semanage related functions to src/util These functions will be reused by IPA provider. Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>