2008-08-19 19:30:36 +00:00
|
|
|
.TH "getfilecon" "3" "1 January 2004" "russell@coker.com.au" "SELinux API documentation"
|
|
|
|
.SH "NAME"
|
|
|
|
getfilecon, fgetfilecon, lgetfilecon \- get SELinux security context of a file
|
2012-11-13 20:15:34 +00:00
|
|
|
.
|
2008-08-19 19:30:36 +00:00
|
|
|
.SH "SYNOPSIS"
|
|
|
|
.B #include <selinux/selinux.h>
|
|
|
|
.sp
|
2014-02-19 14:16:17 +00:00
|
|
|
.BI "int getfilecon(const char *" path ", char **" con );
|
2012-11-13 20:15:34 +00:00
|
|
|
.sp
|
2014-02-19 14:16:17 +00:00
|
|
|
.BI "int getfilecon_raw(const char *" path ", char **" con );
|
2012-11-10 03:32:07 +00:00
|
|
|
.sp
|
2014-02-19 14:16:17 +00:00
|
|
|
.BI "int lgetfilecon(const char *" path ", char **" con );
|
2012-11-13 20:15:34 +00:00
|
|
|
.sp
|
2014-02-19 14:16:17 +00:00
|
|
|
.BI "int lgetfilecon_raw(const char *" path ", char **" con );
|
2012-11-10 03:32:07 +00:00
|
|
|
.sp
|
2014-02-19 14:16:17 +00:00
|
|
|
.BI "int fgetfilecon(int "fd ", char **" con );
|
2012-11-10 03:32:07 +00:00
|
|
|
.sp
|
2014-02-19 14:16:17 +00:00
|
|
|
.BI "int fgetfilecon_raw(int "fd ", char **" con );
|
2012-11-13 20:15:34 +00:00
|
|
|
.
|
2008-08-19 19:30:36 +00:00
|
|
|
.SH "DESCRIPTION"
|
2012-11-13 20:15:34 +00:00
|
|
|
.BR getfilecon ()
|
2008-08-19 19:30:36 +00:00
|
|
|
retrieves the context associated with the given path in the file system, the
|
|
|
|
length of the context is returned.
|
|
|
|
|
2012-11-13 20:15:34 +00:00
|
|
|
.BR lgetfilecon ()
|
|
|
|
is identical to
|
|
|
|
.BR getfilecon (),
|
|
|
|
except in the case of a symbolic link, where the
|
2008-08-19 19:30:36 +00:00
|
|
|
link itself is interrogated, not the file that it refers to.
|
|
|
|
|
2012-11-13 20:15:34 +00:00
|
|
|
.BR fgetfilecon ()
|
|
|
|
is identical to
|
|
|
|
.BR getfilecon (),
|
|
|
|
only the open file pointed to by filedes (as returned by
|
|
|
|
.BR open (2))
|
|
|
|
is interrogated in place of path.
|
|
|
|
|
2012-11-10 03:32:07 +00:00
|
|
|
.BR getfilecon_raw (),
|
|
|
|
.BR lgetfilecon_raw ()
|
|
|
|
and
|
|
|
|
.BR fgetfilecon_raw ()
|
|
|
|
behave identically to their non-raw counterparts but do not perform context
|
|
|
|
translation.
|
|
|
|
|
2012-11-13 20:15:34 +00:00
|
|
|
The returned context should be freed with
|
|
|
|
.BR freecon (3)
|
|
|
|
if non-NULL.
|
|
|
|
.
|
2008-08-19 19:30:36 +00:00
|
|
|
.SH "RETURN VALUE"
|
|
|
|
On success, a positive number is returned indicating the size of the
|
2012-11-13 20:15:34 +00:00
|
|
|
extended attribute value. On failure, \-1 is returned and
|
|
|
|
.I errno
|
|
|
|
is set appropriately.
|
2008-08-19 19:30:36 +00:00
|
|
|
|
|
|
|
If the context does not exist, or the process has no access to
|
2012-11-13 20:15:34 +00:00
|
|
|
this attribute,
|
|
|
|
.I errno
|
|
|
|
is set to
|
|
|
|
.BR ENODATA .
|
|
|
|
|
|
|
|
If extended attributes are not supported by the filesystem, or are
|
|
|
|
disabled,
|
|
|
|
.I errno
|
|
|
|
is set to
|
|
|
|
.BR ENOTSUP .
|
|
|
|
|
|
|
|
The errors documented for the
|
|
|
|
.BR stat (2)
|
|
|
|
system call are also applicable here.
|
|
|
|
.
|
2008-08-19 19:30:36 +00:00
|
|
|
.SH "SEE ALSO"
|
|
|
|
.BR selinux "(8), " freecon "(3), " setfilecon "(3), " setfscreatecon "(3)"
|