selinux/libselinux/man/man3/selabel_lookup.3
Stephen Smalley 9eb9c93275 Get rid of security_context_t and fix const declarations.
In attempting to enable building various part of Android with -Wall -Werror,
we found that the const security_context_t declarations in libselinux
are incorrect; const char * was intended, but const security_context_t
translates to char * const and triggers warnings on passing
const char * from the caller.   Easiest fix is to replace them all with
const char *.  And while we are at it, just get rid of all usage of
security_context_t itself as it adds no value - there is no true
encapsulation of the security context strings and callers already
directly use string functions on them.  typedef left to permit
building legacy users until such a time as all are updated.

This is a port of Change-Id I2f9df7bb9f575f76024c3e5f5b660345da2931a7
from Android, augmented to deal with all of the other code in upstream
libselinux and updating the man pages too.

Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Acked-by: Eric Paris <eparis@redhat.com>
2014-02-19 16:11:48 -05:00

80 lines
1.7 KiB
Groff

.\" Hey Emacs! This file is -*- nroff -*- source.
.\"
.\" Author: Eamon Walsh (ewalsh@tycho.nsa.gov) 2007
.TH "selabel_lookup" "3" "18 Jun 2007" "" "SELinux API documentation"
.SH "NAME"
selabel_lookup \- obtain SELinux security context from a string label
.
.SH "SYNOPSIS"
.B #include <selinux/selinux.h>
.br
.B #include <selinux/label.h>
.sp
.BI "int selabel_lookup(struct selabel_handle *" hnd ,
.in +\w'int selabel_lookup('u
.BI "char **" context ,
.br
.BI "const char *" key ", int " type ");"
.in
.sp
.BI "int selabel_lookup_raw(struct selabel_handle *" hnd ,
.in +\w'int selabel_lookup_raw('u
.BI "char **" context ,
.br
.BI "const char *" key ", int " type ");"
.in
.
.SH "DESCRIPTION"
.BR selabel_lookup ()
performs a lookup operation on the handle
.IR hnd ,
returning the result in the memory pointed to by
.IR context ,
which must be freed by the caller using
.BR freecon (3).
The
.I key
and
.I type
parameters are the inputs to the lookup operation and are interpreted according to the specific backend that
.I handle
is open on.
.BR selabel_lookup_raw ()
behaves identically to
.BR selabel_lookup ()
but does not perform context translation.
.
.SH "RETURN VALUE"
On success, zero is returned. On error, \-1 is returned and
.I errno
is set appropriately.
.
.SH "ERRORS"
.TP
.B ENOENT
No context corresponding to the input
.I key
and
.I type
was found.
.TP
.B EINVAL
The
.I key
and/or
.I type
inputs are invalid, or the context being returned failed validation.
.TP
.B ENOMEM
An attempt to allocate memory failed.
.
.SH "AUTHOR"
Eamon Walsh <ewalsh@tycho.nsa.gov>
.
.SH "SEE ALSO"
.BR selabel_open (3),
.BR selabel_stats (3),
.BR selinux_set_callback (3),
.BR selinux (8)