selinux/libselinux/man/man5/selabel_file.5

221 lines
9.1 KiB
Groff

.\" Hey Emacs! This file is -*- nroff -*- source.
.\"
.\" Author: Eamon Walsh (ewalsh@tycho.nsa.gov) 2007
.TH "selabel_file" "5" "01 Dec 2011" "Security Enhanced Linux" "SELinux API documentation"
.SH "NAME"
selabel_file \- userspace SELinux labeling interface and configuration file format for the file contexts backend
.
.SH "SYNOPSIS"
.B #include <selinux/label.h>
.sp
.BI "int selabel_lookup(struct selabel_handle *" hnd ,
.in +\w'int selabel_lookup('u
.BI "char **" context ,
.br
.BI "const char *" path ", int " mode ");"
.in
.sp
.BI "int selabel_lookup_raw(struct selabel_handle *" hnd ,
.in +\w'int selabel_lookup('u
.BI "char **" context ,
.br
.BI "const char *" path ", int " mode ");"
.
.SH "DESCRIPTION"
The file contexts backend maps from pathname/mode combinations into security contexts. It is used to find the appropriate context for each file when relabeling a file system. The returned \fIcontext\fR must be freed using \fBfreecon\fR(3).
.br
\fBselabel_lookup\fR(3) describes the function with its return and error codes, however the following \fIerrno\fR is clarified further for the file contexts backend:
.RS
.TP
.B ENOENT
No context corresponding to the \fIpath\fR and \fImode\fR was found - This will also be returned when the file contexts series of files have a context of \fB<<none>>\fR against the \fIpath\fR (see the \fBFILE FORMAT\fR section).
.RE
.sp
The \fIpath\fR argument should be set to the full pathname of the file whose assigned context is being checked. The \fImode\fR argument should be set to the mode bits of the file, as determined by \fBlstat\fR(2). \fImode\fR may be zero, however full matching may not occur.
.sp
Any messages generated by \fBselabel_lookup\fR(3) are sent to \fIstderr\fR
by default, although this can be changed by \fBselinux_set_callback\fR(3).
.sp
.BR selabel_lookup_raw (3)
behaves identically to \fBselabel_lookup\fR(3) but does not perform context
translation.
.sp
The \fBFILES\fR section details the configuration files used to determine a file context.
.
.SH "OPTIONS"
In addition to the global options described in
.BR selabel_open (3),
this backend recognizes the following options:
.RS
.TP
.B SELABEL_OPT_PATH
A non-null value for this option specifies a path to a file that will be opened in lieu of the standard file contexts file. This value is also used as the base name for determining the names of local customization files.
.TP
.B SELABEL_OPT_BASEONLY
A non-null value for this option indicates that any local customizations to the file contexts mapping should be ignored.
.TP
.B SELABEL_OPT_SUBSET
A non-null value for this option is interpreted as a path prefix, for example "/etc". Only file context specifications with starting with a first component that prefix matches the given prefix are loaded. This may increase lookup performance, however any attempt to look up a path not starting with the given prefix may fail. This optimization is no longer required due to the use of
.I file_contexts.bin
files and is deprecated.
.RE
.
.SH "FILES"
The file context files used to retrieve the default context depends on the \fBSELABEL_OPT_PATH\fR parameter passed to \fBselabel_open\fR(3). If \fINULL\fR, then the \fBSELABEL_OPT_PATH\fR value will default to the active policy file contexts location (as returned by \fBselinux_file_context_path\fR(3)), otherwise the actual \fBSELABEL_OPT_PATH\fR value specified is used.
.sp
If \fBSELABEL_OPT_BASEONLY\fR is set, then the following files will be processed:
.RS
.IP "1." 4
The mandatory file contexts file that is either the fully qualified file name from \fISELABEL_OPT_PATH.value\fR or if \fINULL\fR, then the path returned by \fBselinux_file_context_path\fR(3).
.IP "2." 4
The optional local and distribution substitution files that perform path aliasing on the 'in memory' version of the file contexts file.
.br
These files have the same name as the mandatory file contexts file with the extensions \fI.subs\fR and \fI.subs_dist\fR added.
.RE
.sp
If the \fBSELABEL_OPT_BASEONLY\fR is not set, then the following files will be processed:
.RS
.IP "1." 4
The mandatory file contexts file that is either the fully qualified file name from \fISELABEL_OPT_PATH.value\fR or if \fINULL\fR, then the path returned by \fBselinux_file_context_path\fR(3).
.IP "2." 4
The optional local customizations file that has the same name as the mandatory file contexts file with the extension \fI.local\fR added.
.br
\fBselinux_file_context_local_path\fR(3) will return the default path to this file.
.IP "3." 4
The optional user home directory customizations file that has the same name as the mandatory file contexts file with the extension \fI.homedirs\fR added.
.br
\fBselinux_file_context_homedir_path\fR(3) will return the default path to this file.
.IP "4." 4
The optional local and distribution substitution files that perform any path aliasing on the 'in memory' version of the file contexts file (and the \fI.local\fR and/or \fI.homedirs\fR if present). These files have the same name as the mandatory file contexts file with the extensions \fI.subs\fR and \fI.subs_dist\fR added.
.br
\fBselinux_file_context_subs_path\fR(3) and \fBselinux_file_context_subs_dist_path\fR(3) will return the default paths to these files.
.RE
.sp
The default file context series of files are:
.RS 6
.I /etc/selinux/{SELINUXTYPE}/contexts/files/file_contexts
.br
.I /etc/selinux/{SELINUXTYPE}/contexts/files/file_contexts.local
.br
.I /etc/selinux/{SELINUXTYPE}/contexts/files/file_contexts.homedirs
.br
.I /etc/selinux/{SELINUXTYPE}/contexts/files/file_contexts.subs
.br
.I /etc/selinux/{SELINUXTYPE}/contexts/files/file_contexts.subs_dist
.RE
.sp
Where \fI{SELINUXTYPE}\fR is the entry from the selinux configuration file \fIconfig\fR (see \fBselinux_config\fR(5)).
.sp
Only the \fIfile_contexts\fR file is mandatory, the remainder are optional.
.sp
The entries within the file contexts series of files are shown in the \fBFILE FORMAT\fR section.
.
.SH "FILE FORMAT"
.sp
.SH "File Contexts Format"
.sp
Each line within the \fIfile_contexts\fR and the two customization files (\fI.local\fR and \fI.homedirs\fR) is as follows:
.sp
.RS
.I pathname [file_type] context
.RE
.sp
Where:
.br
.RS
.I pathname
.RS
An entry that defines the pathname that may be in the form of a regular expression.
.RE
.I file_type
.RS
An optional file type consisting of:
.RS
\fI\-b\fR - Block Device \fI\-c\fR - Character Device
.br
\fI\-d\fR - Directory \fI\-p\fR - Named Pipe
.br
\fI\-l\fR - Symbolic Link \fI\-s\fR - Socket
.br
\fI\-\-\fR - Ordinary file
.RE
.RE
.I context
.RS
This entry can be either:
.RS
.IP "a." 4
The security context that will be assigned to the file (i.e. returned as \fIcontext\fR).
.IP "b." 4
A value of \fB<<none>>\fR can be used to indicate that the matching files should not be re-labeled and causes \fBselabel_lookup\fR(3) to return \-1 with \fIerrno\fR set to \fBENOENT\fR.
.RE
.RE
.RE
.sp
Example:
.RS
# ./contexts/files/file_contexts
.br
# pathname file_type context
.br
/.* system_u:object_r:default_t:s0
.br
/[^/]+ \-\- system_u:object_r:etc_runtime_t:s0
.br
/tmp/.* <<none>>
.RE
.sp
.SH "Substitution File Format"
.sp
Each line within the substitution files (\fI.subs\fR and \fI.subs_dist\fR) has the form:
.RS
.I subs_pathname pathname
.RE
.sp
Where:
.RS
.I pathname
.RS
A path that matches an entry in one or more of the file contexts policy configuration file.
.RE
.I subs_pathname
.RS
The path that will be aliased (considered equivalent) with pathname by the look up process.
.RE
.RE
.sp
Example:
.RS
# ./contexts/files/file_contexts.subs
.br
# pathname subs_pathname
.br
/myweb /var/www
.br
/myspool /var/spool/mail
.sp
Using the above example, when \fBselabel_lookup\fR(3) is passed a path of
\fI/myweb/index.html\fR the function will substitute the \fI/myweb\fR
component with \fI/var/www\fR, therefore the path used is:
.sp
.RS
.I /var/www/index.html
.RE
.RE
.
.SH "NOTES"
.IP "1." 4
If contexts are to be validated, then the global option \fBSELABEL_OPT_VALIDATE\fR must be set before calling \fBselabel_open\fR(3). If this is not set, then it is possible for an invalid context to be returned.
.IP "2." 4
If the size of file contexts series of files contain many entries, then \fBselabel_open\fR(3) may have a delay as it reads in the files, and if
requested validates the entries.
.IP "3." 4
Depending on the version of SELinux it is possible that a \fIfile_contexts.template\fR file may also be present, however this is now deprecated.
.br
The template file has the same format as the \fIfile_contexts\fR file and may also contain the keywords \fBHOME_ROOT\fR, \fBHOME_DIR\fR, \fBROLE\fR and \fBUSER\fR. This functionality has now been moved to the policy store and managed by \fBsemodule\fR(8) and \fBgenhomedircon\fR(8).
.
.SH "SEE ALSO"
.ad l
.nh
.BR selinux "(8), " selabel_open "(3), " selabel_lookup "(3), " selabel_stats "(3), " selabel_close "(3), " selinux_set_callback "(3), " selinux_file_context_path "(3), " freecon "(3), " selinux_config "(5), " lstat "(2), "selinux_file_context_subs_path "(3), " selinux_file_context_subs_dist_path "(3), " selinux_file_context_homedir_path "(3), "selinux_file_context_local_path "(3), " semodule "(8), " genhomedircon "(8) "