selinux-policy/libselinux/man/man3/get_ordered_context_list.3

.TH "get_ordered_context_list" "3" "1 January 2004" "russell@coker.com.au" "SE Linux"
.SH "NAME"
get_ordered_context_list, get_default_context, get_default_context_with_role, query_user_context, manual_user_enter_context, get_default_role \- determine context(s) for user sessions

.SH "SYNOPSIS"
.B #include <selinux/selinux.h>
.br
.B #include <selinux/get_context_list.h>
.sp
.BI "int get_ordered_context_list(const char *" user ", security_context_t "fromcon ", security_context_t **" list );
.sp
.BI "int get_default_context(const char *" user ", security_context_t "fromcon ", security_context_t *" newcon );
.sp
.BI "int get_default_context_with_role(const char* " user ", const char *" role ", security_context_t " fromcon ", security_context_t *" newcon ");
.sp
.BI "int query_user_context(security_context_t *" list ", security_context_t *" newcon );
.sp
.BI "int manual_user_enter_context(const char *" user ", security_context_t *" newcon );
.sp
.BI "int get_default_type(const char *" role ", char **" type );

.SH "DESCRIPTION"
.B get_ordered_context_list
invokes the 
.B security_compute_user
function to obtain the list of contexts for the specified
.I user
that are reachable from the specified
.I fromcon
context and then orders the resulting list based on the global
.B /etc/selinux/<SELINUXTYPE>/contexts/default_contexts
file and the per-user
.B /etc/selinux/<SELINUXTYPE>/contexts/users/<username>
file if it exists.  The 
.I fromcon
parameter may be NULL to indicate that the current context should
be used.  The function returns the number of contexts in the
list, or -1 upon errors.  The list must be freed using the
.B freeconary
function.

.B get_default_context
is the same as get_ordered_context_list but only returns a single context
which has to be freed with freecon.

.B get_default_context_with_role
is the same as get_default_context but only returns a context with the specified role, returning -1 if no such context is reachable for the user.

.B query_user_context
takes a list of contexts, queries the user via stdin/stdout as to which context
they want, and returns a new context as selected by the user (which has to be
freed with freecon).

.B manual_user_enter_context
allows the user to manually enter a context as a fallback if a list of authorized contexts could not be obtained. Caller must free via freecon.

.B get_default_type
Get the default type (domain) for 'role' and set 'type' to refer to it, which has to be freed with free.

.SH "RETURN VALUE"
get_ordered_context_list returns the number of contexts in the list upon
success or -1 upon errors.
The other functions return 0 for success or -1 for errors.

.SH "SEE ALSO"
.BR freeconary "(3), " freecon "(3), " security_compute_av "(3)"
temporarily add libselinux 2005-10-07 13:42:05 +00:00			`.TH "get_ordered_context_list" "3" "1 January 2004" "russell@coker.com.au" "SE Linux"`
			`.SH "NAME"`
			`get_ordered_context_list, get_default_context, get_default_context_with_role, query_user_context, manual_user_enter_context, get_default_role \- determine context(s) for user sessions`

			`.SH "SYNOPSIS"`
			`.B #include <selinux/selinux.h>`
			`.br`
			`.B #include <selinux/get_context_list.h>`
			`.sp`
			`.BI "int get_ordered_context_list(const char " user ", security_context_t "fromcon ", security_context_t *" list );`
			`.sp`
			`.BI "int get_default_context(const char " user ", security_context_t "fromcon ", security_context_t " newcon );`
			`.sp`
			`.BI "int get_default_context_with_role(const char* " user ", const char " role ", security_context_t " fromcon ", security_context_t " newcon ");`
			`.sp`
			`.BI "int query_user_context(security_context_t " list ", security_context_t " newcon );`
			`.sp`
			`.BI "int manual_user_enter_context(const char " user ", security_context_t " newcon );`
			`.sp`
			`.BI "int get_default_type(const char " role ", char *" type );`

			`.SH "DESCRIPTION"`
			`.B get_ordered_context_list`
			`invokes the`
			`.B security_compute_user`
			`function to obtain the list of contexts for the specified`
			`.I user`
			`that are reachable from the specified`
			`.I fromcon`
			`context and then orders the resulting list based on the global`
			`.B /etc/selinux/<SELINUXTYPE>/contexts/default_contexts`
			`file and the per-user`
			`.B /etc/selinux/<SELINUXTYPE>/contexts/users/<username>`
			`file if it exists. The`
			`.I fromcon`
			`parameter may be NULL to indicate that the current context should`
			`be used. The function returns the number of contexts in the`
			`list, or -1 upon errors. The list must be freed using the`
			`.B freeconary`
			`function.`

			`.B get_default_context`
			`is the same as get_ordered_context_list but only returns a single context`
			`which has to be freed with freecon.`

			`.B get_default_context_with_role`
			`is the same as get_default_context but only returns a context with the specified role, returning -1 if no such context is reachable for the user.`

			`.B query_user_context`
			`takes a list of contexts, queries the user via stdin/stdout as to which context`
			`they want, and returns a new context as selected by the user (which has to be`
			`freed with freecon).`

			`.B manual_user_enter_context`
			`allows the user to manually enter a context as a fallback if a list of authorized contexts could not be obtained. Caller must free via freecon.`

			`.B get_default_type`
			`Get the default type (domain) for 'role' and set 'type' to refer to it, which has to be freed with free.`

			`.SH "RETURN VALUE"`
			`get_ordered_context_list returns the number of contexts in the list upon`
			`success or -1 upon errors.`
			`The other functions return 0 for success or -1 for errors.`

			`.SH "SEE ALSO"`
			`.BR freeconary "(3), " freecon "(3), " security_compute_av "(3)"`