76 lines
2.6 KiB
C
76 lines
2.6 KiB
C
|
#ifndef _SELINUX_GET_SID_LIST_H_
|
||
|
#define _SELINUX_GET_SID_LIST_H_
|
||
|
|
||
|
#include <selinux/selinux.h>
|
||
|
|
||
|
#ifdef __cplusplus
|
||
|
extern "C"
|
||
|
{
|
||
|
#endif
|
||
|
|
||
|
#define SELINUX_DEFAULTUSER "user_u"
|
||
|
|
||
|
/* Get an ordered list of authorized security contexts for a user session
|
||
|
for 'user' spawned by 'fromcon' and set *conary to refer to the
|
||
|
NULL-terminated array of contexts. Every entry in the list will
|
||
|
be authorized by the policy, but the ordering is subject to user
|
||
|
customizable preferences. Returns number of entries in *conary.
|
||
|
If 'fromcon' is NULL, defaults to current context.
|
||
|
Caller must free via freeconary. */
|
||
|
extern int get_ordered_context_list(const char *user,
|
||
|
security_context_t fromcon,
|
||
|
security_context_t **list);
|
||
|
|
||
|
/* As above, but use the provided MLS level rather than the
|
||
|
default level for the user. */
|
||
|
int get_ordered_context_list_with_level (const char *user,
|
||
|
const char *level,
|
||
|
security_context_t fromcon,
|
||
|
security_context_t **list);
|
||
|
|
||
|
/* Get the default security context for a user session for 'user'
|
||
|
spawned by 'fromcon' and set *newcon to refer to it. The context
|
||
|
will be one of those authorized by the policy, but the selection
|
||
|
of a default is subject to user customizable preferences.
|
||
|
If 'fromcon' is NULL, defaults to current context.
|
||
|
Returns 0 on success or -1 otherwise.
|
||
|
Caller must free via freecon. */
|
||
|
extern int get_default_context(const char* user,
|
||
|
security_context_t fromcon,
|
||
|
security_context_t *newcon);
|
||
|
|
||
|
/* As above, but use the provided MLS level rather than the
|
||
|
default level for the user. */
|
||
|
int get_default_context_with_level(const char *user,
|
||
|
const char *level,
|
||
|
security_context_t fromcon,
|
||
|
security_context_t *newcon);
|
||
|
|
||
|
/* Same as get_default_context, but only return a context
|
||
|
that has the specified role. If no reachable context exists
|
||
|
for the user with that role, then return -1. */
|
||
|
int get_default_context_with_role(const char* user,
|
||
|
const char *role,
|
||
|
security_context_t fromcon,
|
||
|
security_context_t *newcon);
|
||
|
|
||
|
/* Given a list of authorized security contexts for the user,
|
||
|
query the user to select one and set *newcon to refer to it.
|
||
|
Caller must free via freecon.
|
||
|
Returns 0 on sucess or -1 otherwise. */
|
||
|
extern int query_user_context(security_context_t *list,
|
||
|
security_context_t *newcon);
|
||
|
|
||
|
/* Allow the user to manually enter a context as a fallback
|
||
|
if a list of authorized contexts could not be obtained.
|
||
|
Caller must free via freecon.
|
||
|
Returns 0 on success or -1 otherwise. */
|
||
|
extern int manual_user_enter_context(const char *user,
|
||
|
security_context_t *newcon);
|
||
|
|
||
|
#ifdef __cplusplus
|
||
|
}
|
||
|
#endif
|
||
|
|
||
|
#endif
|