selinux/libselinux/man/man3/selinux_set_callback.3

.\" Hey Emacs! This file is -*- nroff -*- source.
.\"
.\" Author: Eamon Walsh (ewalsh@tycho.nsa.gov) 2007
.TH "selinux_set_callback" "3" "20 Jun 2007" "" "SELinux API documentation"
.SH "NAME"
selinux_set_callback \- userspace SELinux callback facilities.
.SH "SYNOPSIS"
.B #include <selinux/selinux.h>
.sp
.BI "void selinux_set_callback(int " type ", union selinux_callback " callback ");"

.SH "DESCRIPTION"
.B selinux_set_callback
sets the callback indicated by
.I type
to the value of
.IR callback ,
which should be passed as a function pointer cast to type
.B union
.BR selinux_callback .

All callback functions should return a negative value with
.I errno
set appropriately on error.

The available values for 
.I type
are:
.TP
.B SELINUX_CB_LOG
.BI "int (*" func_log ") (int " type ", const char *" fmt ", ...);"

This callback is used for logging and should process the 
.BR printf (3)
style 
.I fmt
string and arguments as appropriate.  The
.I type
argument indicates the type of message and will be set to one of the following:

.B SELINUX_ERROR

.B SELINUX_WARNING

.B SELINUX_INFO

.B SELINUX_AVC

.TP
.B SELINUX_CB_AUDIT
.BI "int (*" func_audit ") (void *" auditdata ", security_class_t " cls ,
.in +\w'int (*func_audit) ('u
.BI "char *" msgbuf ", size_t " msgbufsize ");"
.in

This callback is used for supplemental auditing in AVC messages.  The
.I auditdata
and
.I cls
arguments are the values passed to
.BR avc_has_perm (3).
A human-readable interpretation should be printed to
.I msgbuf
using no more than
.I msgbufsize
characters.

.TP
.B SELINUX_CB_VALIDATE
.BI "int (*" func_validate ") (security_context_t *" ctx ");"

This callback is used for context validation.  The callback may optionally modify the input context by setting the target of the 
.I ctx
pointer to a new context.  In this case, the old value should be freed with
.BR freecon (3).
The value of
.I errno
should be set to
.B EINVAL
to indicate an invalid context.

.SH "RETURN VALUE"
None.

.SH "ERRORS"
None.

.SH "AUTHOR"
Eamon Walsh <ewalsh@tycho.nsa.gov>

.SH "SEE ALSO"
.BR selabel_open (3),
.BR avc_init (3),
.BR selinux (8)
initial import from svn trunk revision 2950 2008-08-19 19:30:36 +00:00			`.\" Hey Emacs! This file is -- nroff -- source.`
			`.\"`
			`.\" Author: Eamon Walsh (ewalsh@tycho.nsa.gov) 2007`
			`.TH "selinux_set_callback" "3" "20 Jun 2007" "" "SELinux API documentation"`
			`.SH "NAME"`
			`selinux_set_callback \- userspace SELinux callback facilities.`
			`.SH "SYNOPSIS"`
			`.B #include <selinux/selinux.h>`
			`.sp`
			`.BI "void selinux_set_callback(int " type ", union selinux_callback " callback ");"`

			`.SH "DESCRIPTION"`
			`.B selinux_set_callback`
			`sets the callback indicated by`
			`.I type`
			`to the value of`
			`.IR callback ,`
			`which should be passed as a function pointer cast to type`
			`.B union`
			`.BR selinux_callback .`

			`All callback functions should return a negative value with`
			`.I errno`
			`set appropriately on error.`

			`The available values for`
			`.I type`
			`are:`
			`.TP`
			`.B SELINUX_CB_LOG`
			`.BI "int (" func_log ") (int " type ", const char " fmt ", ...);"`

			`This callback is used for logging and should process the`
			`.BR printf (3)`
			`style`
			`.I fmt`
			`string and arguments as appropriate. The`
			`.I type`
			`argument indicates the type of message and will be set to one of the following:`

			`.B SELINUX_ERROR`

			`.B SELINUX_WARNING`

			`.B SELINUX_INFO`

			`.B SELINUX_AVC`

			`.TP`
			`.B SELINUX_CB_AUDIT`
			`.BI "int (" func_audit ") (void " auditdata ", security_class_t " cls ,`
			`.in +\w'int (*func_audit) ('u`
			`.BI "char *" msgbuf ", size_t " msgbufsize ");"`
			`.in`

			`This callback is used for supplemental auditing in AVC messages. The`
			`.I auditdata`
			`and`
			`.I cls`
			`arguments are the values passed to`
			`.BR avc_has_perm (3).`
			`A human-readable interpretation should be printed to`
			`.I msgbuf`
			`using no more than`
			`.I msgbufsize`
			`characters.`

			`.TP`
			`.B SELINUX_CB_VALIDATE`
			`.BI "int (" func_validate ") (security_context_t " ctx ");"`

			`This callback is used for context validation. The callback may optionally modify the input context by setting the target of the`
			`.I ctx`
			`pointer to a new context. In this case, the old value should be freed with`
			`.BR freecon (3).`
			`The value of`
			`.I errno`
			`should be set to`
			`.B EINVAL`
			`to indicate an invalid context.`

			`.SH "RETURN VALUE"`
			`None.`

			`.SH "ERRORS"`
			`None.`

			`.SH "AUTHOR"`
			`Eamon Walsh <ewalsh@tycho.nsa.gov>`

			`.SH "SEE ALSO"`
			`.BR selabel_open (3),`
			`.BR avc_init (3),`
			`.BR selinux (8)`