mirror of
https://github.com/SELinuxProject/selinux
synced 2025-04-08 18:54:40 +00:00
06c2dd5d04
Email: dwalsh@redhat.com Subject: Some missing man pages from libselinux Date: Wed, 24 Sep 2008 08:57:44 -0400 We are still missing the following man pages. Perhaps some of these functions should be removed? selinux_users_path seems to return a bogus directory? Also do not have _raw functions defined in man pages. matchpathcon_checkmatches matchpathcon_filespec_add matchpathcon_filespec_destroy matchpathcon_filespec_eval matchpathcon_index matchpathcon_init_prefix print_access_vector security_canonicalize_context security_disable security_set_boolean_list selinux_check_passwd_access selinux_customizable_types_path selinux_file_context_cmp selinux_file_context_verify selinux_get_callback selinux_init_load_policy selinux_lsetfilecon_default selinux_mkload_policy selinux_raw_to_trans_context selinux_trans_to_raw_context selinux_translations_path selinux_users_path set_selinuxmnt Signed-off-by: Joshua Brindle <method@manicmethod.com>
39 lines
1.4 KiB
Groff
39 lines
1.4 KiB
Groff
.TH "getsockcreatecon" "3" "24 September 2008" "dwalsh@redhat.com from russell@coker.com.au" "SELinux API documentation"
|
|
.SH "NAME"
|
|
getsockcreatecon, setsockcreatecon \- get or set the SELinux security context used for creating a new labeled sockets.
|
|
|
|
.SH "SYNOPSIS"
|
|
.B #include <selinux/selinux.h>
|
|
.sp
|
|
.BI "int getsockcreatecon(security_context_t *" con );
|
|
|
|
.BI "int setsockcreatecon(security_context_t "context );
|
|
|
|
.SH "DESCRIPTION"
|
|
.B getsockcreatecon
|
|
retrieves the context used for creating a new labeled network socket.
|
|
This returned context should be freed with freecon if non-NULL.
|
|
getsockcreatecon sets *con to NULL if no sockcreate context has been explicitly
|
|
set by the program (i.e. using the default policy behavior).
|
|
|
|
.B setsockcreatecon
|
|
sets the context used for creating a new labeled network sockets
|
|
NULL can be passed to
|
|
setsockcreatecon to reset to the default policy behavior.
|
|
The sockcreate context is automatically reset after the next execve, so a
|
|
program doesn't need to explicitly sanitize it upon startup.
|
|
|
|
setsockcreatecon can be applied prior to library
|
|
functions that internally perform an file creation,
|
|
in order to set an file context on the objects.
|
|
|
|
|
|
Note: Signal handlers that perform an setsockcreate must take care to
|
|
save, reset, and restore the sockcreate context to avoid unexpected behavior.
|
|
.SH "RETURN VALUE"
|
|
On error -1 is returned.
|
|
On success 0 is returned.
|
|
|
|
.SH "SEE ALSO"
|
|
.BR selinux "(8), " freecon "(3), " getcon "(3)
|