| matchpathcon_fini(3) - phpMan
matchpathcon(3) SELinux API documentation matchpathcon(3)
NAME
matchpathcon, matchpathcon_index - get the default SELinux security context for the speci‐
fied path from the file contexts configuration
SYNOPSIS
#include <selinux/selinux.h>
int matchpathcon_init(const char *path);
int matchpathcon_init_prefix(const char *path, const char *subset);
int matchpathcon_fini(void);
int matchpathcon(const char *path, mode_t mode, char **con);
int matchpathcon_index(const char *name, mode_t mode, char **con);
DESCRIPTION
matchpathcon_init() loads the file contexts configuration specified by path into memory
for use by subsequent matchpathcon() calls. If path is NULL, then the active file con‐
texts configuration is loaded by default, i.e. the path returned by selinux_file_con‐
text_path(3). Unless the MATCHPATHCON_BASEONLY flag has been set via
set_matchpathcon_flags(3), files with the same path prefix but a .homedirs and .local suf‐
fix are also looked up and loaded if present. These files provide dynamically generated
entries for user home directories and for local customizations.
matchpathcon_init_prefix() is the same as matchpathcon_init() but only loads entries with
regular expressions that have stems prefixed by prefix.
matchpathcon_fini() frees the memory allocated by a prior call to matchpathcon_init.()
This function can be used to free and reset the internal state between multiple matchpath‐
con_init() calls, or to free memory when finished using matchpathcon().
matchpathcon() matches the specified pathname and mode against the file contexts configu‐
ration and sets the security context con to refer to the resulting context. The caller
must free the returned security context con using freecon(3) when finished using it. mode
can be 0 to disable mode matching, but should be provided whenever possible, as it may
affect the matching. Only the file format bits (i.e. the file type) of the mode are used.
If matchpathcon_init() has not already been called, then this function will call it upon
its first invocation with a NULL path, defaulting to the active file contexts configura‐
tion.
matchpathcon_index() is the same as matchpathcon() but returns a specification index that
can later be used in a matchpathcon_filespec_add(3) call.
RETURN VALUE
Returns zero on success or -1 otherwise.
SEE ALSO
selinux(8), set_matchpathcon_flags(3), set_matchpathcon_invalidcon(3),
set_matchpathcon_printf(3), matchpathcon_filespec_add(3), matchpathcon_checkmatches(3),
freecon(3), setfilecon(3), setfscreatecon(3)
sds AT tycho.gov 21 November 2009 matchpathcon(3)
|