selabel_file
Section: SELinux API documentation (5)Updated: 18 Jun 2007
Index Return to Main Contents
NAME
selabel_file - userspace SELinux labeling interface: file contexts backend.SYNOPSIS
#include <selinux/selinux.h>#include <selinux/label.h>
int selabel_lookup(struct selabel_handle *hnd, security_context_t *context,
const char *path, int mode);
DESCRIPTION
The file contexts backend maps from pathname/mode combinations into security contexts. It is used to find the appropriate context for each file when relabeling a file system.The path argument should be set to the full pathname of the file whose assigned context is being checked. The mode argument should be set to the mode bits of the file, as determined by lstat(2).
OPTIONS
In addition to the global options described in selabel_open(3), this backend recognizes the following options:
- SELABEL_OPT_PATH
- A non-null value for this option specifies a path to a file that will be opened in lieu of the standard file contexts file. This value is also used as the base name for determining the names of local customization files.
- SELABEL_OPT_BASEONLY
- A non-null value for this option indicates that any local customizations to the file contexts mapping should be ignored.
- SELABEL_OPT_SUBSET
-
A non-null value for this option is interpreted as a path prefix, for example "/etc". Only file context specifications starting with the given prefix are loaded. This may increase lookup performance, however any attempt to look up a path not starting with the given prefix will fail.
SEE ALSO
selabel_open(3), selabel_lookup(3), selabel_stats(3), selinux(8)
Index
This document was created by man2html, using the manual pages.
Time: 05:34:00 GMT, December 24, 2015