mirror of
https://github.com/SELinuxProject/selinux
synced 2025-01-20 12:30:45 +00:00
e40bbea95f
selabel_digest(3) if enabled by the SELABEL_OPT_DIGEST option during selabel_open(3) will return an SHA1 digest of the spec files, plus a list of the specfiles used to calculate the digest. There is a test utility supplied that will demonstrate the functionality. The use case for selabel_digest(3) is to implement an selinux_restorecon function based on the Android version that writes a hash of the file_contexts files to an extended attribute to enhance performance (see external/libselinux/src/android.c selinux_android_restorecon()). Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
62 lines
1.3 KiB
Groff
62 lines
1.3 KiB
Groff
.TH "selabel_digest" "3" "16 Sept 2015" "" "SELinux API documentation"
|
|
.SH "NAME"
|
|
selabel_digest \- Return digest of specfiles and list of files used
|
|
.
|
|
.SH "SYNOPSIS"
|
|
.B #include <selinux/selinux.h>
|
|
.br
|
|
.B #include <selinux/label.h>
|
|
.sp
|
|
.BI "int selabel_digest(struct selabel_handle *" hnd ,
|
|
.in +\w'int selabel_digest('u
|
|
.BI "unsigned char **" digest ,
|
|
.BI "size_t *" digest_len ,
|
|
.br
|
|
.BI "char ***" specfiles,
|
|
.BI "size_t *" num_specfiles ");"
|
|
.in
|
|
.
|
|
.SH "DESCRIPTION"
|
|
.BR selabel_digest ()
|
|
performs an operation on the handle
|
|
.IR hnd ,
|
|
returning the results of the SHA1 digest pointed to by
|
|
.IR digest ,
|
|
whose length will be
|
|
.IR digest_len .
|
|
The list of specfiles used in the SHA1 digest calculation is returned in
|
|
.I specfiles
|
|
with the number of entries in
|
|
.IR num_specfiles .
|
|
.sp
|
|
To enable
|
|
.BR selabel_digest ()
|
|
to return this information the
|
|
.B SELABEL_OPT_DIGEST
|
|
option must be enable in
|
|
.BR selabel_open (3).
|
|
.sp
|
|
The result of
|
|
.BR selabel_digest ()
|
|
must not be used after
|
|
.BR selabel_close (3).
|
|
.
|
|
.SH "RETURN VALUE"
|
|
On success, zero is returned. On error, \-1 is returned and
|
|
.I errno
|
|
is set appropriately.
|
|
.
|
|
.SH "ERRORS"
|
|
.TP
|
|
.B EINVAL
|
|
No digest available (returned if
|
|
.B SELABEL_OPT_DIGEST
|
|
option not enabled).
|
|
.TP
|
|
.B ENOMEM
|
|
An attempt to allocate memory failed.
|
|
.
|
|
.SH "SEE ALSO"
|
|
.BR selabel_open (3),
|
|
.BR selinux (8)
|