2011-12-21 16:10:01 +00:00
|
|
|
.TH "getcon" "3" "21 December 2011" "russell@coker.com.au" "SELinux API documentation"
|
2008-08-19 19:30:36 +00:00
|
|
|
.SH "NAME"
|
2012-11-13 20:15:34 +00:00
|
|
|
getcon, getprevcon, getpidcon \- get SELinux security context of a process
|
2008-08-19 19:30:36 +00:00
|
|
|
|
2012-11-13 20:15:34 +00:00
|
|
|
freecon, freeconary \- free memory associated with SELinux security contexts
|
2011-12-21 16:10:01 +00:00
|
|
|
|
2012-11-13 20:15:34 +00:00
|
|
|
getpeercon \- get security context of a peer socket
|
2008-08-19 19:30:36 +00:00
|
|
|
|
2012-11-13 20:15:34 +00:00
|
|
|
setcon \- set current security context of a process
|
2021-06-01 15:35:09 +00:00
|
|
|
|
2008-08-19 19:30:36 +00:00
|
|
|
.SH "SYNOPSIS"
|
|
|
|
.B #include <selinux/selinux.h>
|
|
|
|
.sp
|
2014-02-19 14:16:17 +00:00
|
|
|
.BI "int getcon(char **" context );
|
2012-11-13 20:15:34 +00:00
|
|
|
.sp
|
2014-02-19 14:16:17 +00:00
|
|
|
.BI "int getcon_raw(char **" context );
|
2012-11-10 03:32:07 +00:00
|
|
|
.sp
|
2014-02-19 14:16:17 +00:00
|
|
|
.BI "int getprevcon(char **" context );
|
2012-11-13 20:15:34 +00:00
|
|
|
.sp
|
2014-02-19 14:16:17 +00:00
|
|
|
.BI "int getprevcon_raw(char **" context );
|
2012-11-10 03:32:07 +00:00
|
|
|
.sp
|
2014-02-19 14:16:17 +00:00
|
|
|
.BI "int getpidcon(pid_t " pid ", char **" context );
|
2012-11-13 20:15:34 +00:00
|
|
|
.sp
|
2014-02-19 14:16:17 +00:00
|
|
|
.BI "int getpidcon_raw(pid_t " pid ", char **" context );
|
2012-11-10 03:32:07 +00:00
|
|
|
.sp
|
2023-02-01 13:15:15 +00:00
|
|
|
.BI "int getpidprevcon(pid_t " pid ", char **" context );
|
|
|
|
.sp
|
|
|
|
.BI "int getpidprevcon_raw(pid_t " pid ", char **" context );
|
|
|
|
.sp
|
2014-02-19 14:16:17 +00:00
|
|
|
.BI "int getpeercon(int " fd ", char **" context );
|
2012-11-13 20:15:34 +00:00
|
|
|
.sp
|
2014-02-19 14:16:17 +00:00
|
|
|
.BI "int getpeercon_raw(int " fd ", char **" context );
|
2012-11-10 03:32:07 +00:00
|
|
|
.sp
|
2016-12-09 23:33:11 +00:00
|
|
|
.BI "void freecon(char *" con );
|
2012-11-13 20:15:34 +00:00
|
|
|
.sp
|
2014-02-19 14:16:17 +00:00
|
|
|
.BI "void freeconary(char **" con );
|
2012-11-13 20:15:34 +00:00
|
|
|
.sp
|
2021-06-01 15:35:09 +00:00
|
|
|
.BI "int setcon(const char *" context );
|
2012-11-10 03:32:07 +00:00
|
|
|
.sp
|
2021-06-01 15:35:09 +00:00
|
|
|
.BI "int setcon_raw(const char *" context );
|
|
|
|
|
2008-08-19 19:30:36 +00:00
|
|
|
.SH "DESCRIPTION"
|
2021-06-01 15:35:09 +00:00
|
|
|
.TP
|
2012-11-13 20:15:34 +00:00
|
|
|
.BR getcon ()
|
2008-08-19 19:30:36 +00:00
|
|
|
retrieves the context of the current process, which must be free'd with
|
2021-06-01 15:35:09 +00:00
|
|
|
.BR freecon ().
|
2008-08-19 19:30:36 +00:00
|
|
|
|
2021-06-01 15:35:09 +00:00
|
|
|
.TP
|
2012-11-13 20:15:34 +00:00
|
|
|
.BR getprevcon ()
|
2008-08-19 19:30:36 +00:00
|
|
|
same as getcon but gets the context before the last exec.
|
|
|
|
|
2021-06-01 15:35:09 +00:00
|
|
|
.TP
|
2012-11-13 20:15:34 +00:00
|
|
|
.BR getpidcon ()
|
2021-06-01 15:35:09 +00:00
|
|
|
returns the process context for the specified PID, which must be free'd with
|
|
|
|
.BR freecon ().
|
2008-08-19 19:30:36 +00:00
|
|
|
|
2023-02-01 13:15:15 +00:00
|
|
|
.TP
|
|
|
|
.BR getpidprevcon ()
|
|
|
|
returns the process context before the last exec for the specified PID, which must be free'd with
|
|
|
|
.BR freecon ().
|
|
|
|
|
2021-06-01 15:35:09 +00:00
|
|
|
.TP
|
2012-11-13 20:15:34 +00:00
|
|
|
.BR getpeercon ()
|
2021-06-01 15:35:09 +00:00
|
|
|
retrieves the context of the peer socket, which must be free'd with
|
2012-11-13 20:15:34 +00:00
|
|
|
.BR freecon ().
|
2008-08-19 19:30:36 +00:00
|
|
|
|
2021-06-01 15:35:09 +00:00
|
|
|
.TP
|
2012-11-13 20:15:34 +00:00
|
|
|
.BR freecon ()
|
2011-12-21 16:10:01 +00:00
|
|
|
frees the memory allocated for a security context.
|
|
|
|
|
2021-06-01 15:35:09 +00:00
|
|
|
If
|
|
|
|
.I con
|
|
|
|
is NULL, no operation is performed.
|
|
|
|
|
|
|
|
.TP
|
2012-11-13 20:15:34 +00:00
|
|
|
.BR freeconary ()
|
2011-12-21 16:10:01 +00:00
|
|
|
frees the memory allocated for a context array.
|
|
|
|
|
|
|
|
If
|
|
|
|
.I con
|
|
|
|
is NULL, no operation is performed.
|
|
|
|
|
2021-06-01 15:35:09 +00:00
|
|
|
.TP
|
2012-11-13 20:15:34 +00:00
|
|
|
.BR setcon ()
|
2008-08-19 19:30:36 +00:00
|
|
|
sets the current security context of the process to a new value. Note
|
|
|
|
that use of this function requires that the entire application be
|
|
|
|
trusted to maintain any desired separation between the old and new
|
|
|
|
security contexts, unlike exec-based transitions performed via
|
2012-11-13 20:15:34 +00:00
|
|
|
.BR setexeccon (3).
|
|
|
|
When possible, decompose your application and use
|
|
|
|
.BR setexeccon (3)
|
|
|
|
and
|
|
|
|
.BR execve (3)
|
|
|
|
instead.
|
2008-08-19 19:30:36 +00:00
|
|
|
|
|
|
|
Since access to file descriptors is revalidated upon use by SELinux,
|
|
|
|
the new context must be explicitly authorized in the policy to use the
|
|
|
|
descriptors opened by the old context if that is desired. Otherwise,
|
|
|
|
attempts by the process to use any existing descriptors (including
|
2012-11-13 20:15:34 +00:00
|
|
|
.IR stdin ,
|
|
|
|
.IR stdout ,
|
|
|
|
and
|
|
|
|
.IR stderr )
|
|
|
|
after performing the
|
|
|
|
.BR setcon ()
|
|
|
|
will fail.
|
|
|
|
|
|
|
|
A multi-threaded application can perform a
|
|
|
|
.BR setcon ()
|
|
|
|
prior to creating
|
2008-08-19 19:30:36 +00:00
|
|
|
any child threads, in which case all of the child threads will inherit
|
2015-02-23 15:54:56 +00:00
|
|
|
the new context. However, prior to Linux 2.6.28,
|
2012-11-13 20:15:34 +00:00
|
|
|
.BR setcon ()
|
2015-02-23 15:54:56 +00:00
|
|
|
would fail if there are any other
|
|
|
|
threads running in the same process since this would yield
|
|
|
|
an inconsistency among the security contexts of threads sharing
|
|
|
|
the same memory space. Since Linux 2.6.28,
|
|
|
|
.BR setcon()
|
|
|
|
is permitted for threads within a multi-threaded process if the
|
|
|
|
new security context is bounded by the old security context, where
|
|
|
|
the bounded relation is defined through typebounds statements in the
|
|
|
|
policy and guarantees that the new security context has a subset of
|
|
|
|
the permissions of the old security context.
|
2008-08-19 19:30:36 +00:00
|
|
|
|
2012-11-13 20:15:34 +00:00
|
|
|
If the process was being ptraced at the time of the
|
|
|
|
.BR setcon ()
|
2008-08-19 19:30:36 +00:00
|
|
|
operation, ptrace permission will be revalidated against the new
|
2012-11-13 20:15:34 +00:00
|
|
|
context and the
|
|
|
|
.BR setcon ()
|
|
|
|
will fail if it is not allowed by policy.
|
2012-11-10 03:32:07 +00:00
|
|
|
|
2021-06-01 15:35:09 +00:00
|
|
|
.TP
|
|
|
|
.BR *_raw()
|
2012-11-10 03:32:07 +00:00
|
|
|
.BR getcon_raw (),
|
|
|
|
.BR getprevcon_raw (),
|
|
|
|
.BR getpidcon_raw (),
|
2023-02-01 13:15:15 +00:00
|
|
|
.BR getpidprevcon_raw (),
|
2012-11-10 03:32:07 +00:00
|
|
|
.BR getpeercon_raw ()
|
|
|
|
and
|
|
|
|
.BR setcon_raw ()
|
|
|
|
behave identically to their non-raw counterparts but do not perform context
|
|
|
|
translation.
|
2021-06-01 15:35:09 +00:00
|
|
|
|
2008-08-19 19:30:36 +00:00
|
|
|
.SH "RETURN VALUE"
|
2021-06-01 15:35:09 +00:00
|
|
|
On error \-1 is returned with errno set. On success 0 is returned.
|
|
|
|
|
|
|
|
.SH "NOTES"
|
|
|
|
The retrieval functions might return success and set
|
|
|
|
.I *context
|
|
|
|
to NULL if and only if SELinux is not enabled.
|
|
|
|
|
2023-02-01 13:15:16 +00:00
|
|
|
Querying a foreign process via its PID, e.g. \fBgetpidcon\fR() or
|
|
|
|
\fBgetpidprevcon\fR(), is inherently racy and therefore should never be relied
|
|
|
|
upon for security purposes.
|
|
|
|
|
2008-08-19 19:30:36 +00:00
|
|
|
.SH "SEE ALSO"
|
2011-12-21 16:10:01 +00:00
|
|
|
.BR selinux "(8), " setexeccon "(3)"
|