File: get_ordered_context_list.3

package info (click to toggle)
libselinux 1.22-1
  • links: PTS
  • area: main
  • in suites: sarge
  • size: 2,916 kB
  • ctags: 1,580
  • sloc: ansic: 7,448; makefile: 82; sh: 78
file content (58 lines) | stat: -rw-r--r-- 2,596 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
 
.TH "get_ordered_context_list" "3" "1 January 2004" "russell@coker.com.au" "SE Linux API documentation"
.SH "NAME"
get_ordered_context_list, get_default_context, get_default_context_with_role, query_user_context, manual_user_enter_context, get_default_role \- determine context(s) for user login sessions

.SH "SYNOPSIS"
.B #include <selinux/selinux.h>
.br
.B #include <selinux/get_context_list.h>
.sp
.BI "int get_ordered_context_list(const char *" user ", security_context_t "fromcon ", security_context_t **" list );
.sp
.BI "int get_default_context(const char *" user ", security_context_t "fromcon ", security_context_t *" newcon );
.sp
.BI "int get_default_context_with_role(const char* " user ", const char *" role ", security_context_t " fromcon ", security_context_t *" newcon ");
.sp
.BI "int query_user_context(security_context_t *" list ", security_context_t *" newcon );
.sp
.BI "int manual_user_enter_context(const char *" user ", security_context_t *" newcon );
.sp
.BI "int get_default_type(const char *" role ", char **" type );

.SH "DESCRIPTION"
.B get_ordered_context_list
queries the SE Linux policy database in the kernel and some configuration files
to determine an ordered list of contexts that may be used for login sessions.
The list must be freed with freeconary. The possible roles and domains will be
read from
.B /etc/security/default_contexts
and
.B .default_contexts
in the home directory of the user in question.

.B get_default_context
is the same as get_ordered_context_list but only returns a single context
which has to be freed with freecon.

.B get_default_context_with_role
is the same as get_default_context but only returns a context with the specified role, returning -1 if no such context is reachable for the user.

.B query_user_context
takes a list of contexts, queries the user via stdin/stdout as to which context
they want, and returns a new context as selected by the user (which has to be
freed with freecon).

.B manual_user_enter_context
allows the user to manually enter a context as a fallback if a list of authorized contexts could not be obtained. Caller must free via freecon.

.B get_default_type
Get the default type (domain) for 'role' and set 'type' to refer to it, which has to be freed with free.

.B get_default_context_with_role
Given a list of authorized security contexts for the user, query the user to select one and set *newcon to refer to it, which has to be freed with freecon.

.SH "RETURN VALUE"
0 for success and on error -1 is returned.

.SH "SEE ALSO"
.BR freeconary "(3), " freecon "(3), " security_compute_av "(3)"