RepoMirrors/selinux
1
0
Fork 0
mirror of https://github.com/SELinuxProject/selinux synced 2025-02-07 05:11:45 +00:00
Code Issues Packages Projects Releases Wiki Activity
28baa721e0
selinux/libselinux/man/man3/selinux_file_context_cmp.3
Richard Haines bc1a8e2a4a libselinux: selinux_file_context_verify function returns wrong value. 
selinux_file_context_verify(3) should now return the correct codes and
matchpathcon(8) has been modified to handle them.

The selinux_file_context_verify(3)and selinux_file_context_cmp(3) man pages
have also been updated (re-written really) to correct return codes.

I found that selabel_open left errno set to ENOENT because a
file_contexts.subs file did not exist on my system, but left selabel_open
alone and set errno = 0 before calling selinux_filecontext_cmp.

[fix uninitialize init variable in matchpathcon.c::main - eparis]
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
2011-08-26 14:27:51 -04:00

76 lines
1.2 KiB
Groff
Raw Blame History

.TH "selinux_file_context_cmp" "3" "08 March 2011" "SELinux API documentation"
.SH "NAME"
selinux_file_context_cmp \- Compare two SELinux security contexts excluding the 'user' component.
.SH "SYNOPSIS"
.B #include <selinux/selinux.h>
.sp
.BI "int selinux_file_context_cmp(const security_context_t " a ", "
.RS
.BI "const security_context_t " b ");"
.RE
.SH "DESCRIPTION"
.B selinux_file_context_cmp
compares two context strings excluding the user component with
.B strcmp(3)
as shown in the
.B EXAMPLE
section.
.sp
This is useful as for most object contexts, the user component is not relevant.
.SH "RETURN VALUE"
The return values follow the
.B strcmp(3)
function, where:
.RS
0 if they are equal.
.RE
.RS
1 if
.I a
is greater than
.I b
.RE
.RS
\-1 if
.I a
is less than
.I b
.RE
.SH "ERRORS"
None.
.SH "NOTES"
The contexts being compared do not specifically need to be file contexts.
.SH "EXAMPLE"
If context
.I a
is:
.RS
user_u:user_r:user_t:s0
.RE
.sp
and context
.I b
is:
.RS
root:user_r:user_t:s0
.RE
.sp
then the actual strings compared are:
.RS
:user_r:user_t:s0 and :user_r:user_t:s0
.RE
.sp
Therefore they will match and
.B selinux_file_context_cmp
will return zero.
.SH "SEE ALSO"
.BR selinux "(8)"
Reference in New Issue View Git Blame Copy Permalink