rpms
/
selinux-policy
7
0
Fork 0
Code Issues Pull Requests Releases Activity

temporarily add libselinux

This commit is contained in:
Chris PeBenito 2005-10-07 13:42:05 +00:00
parent e02c61cfa4
commit 473ea7166f
184 changed files with 12945 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

312
libselinux/ChangeLog Normal file
View File

@ -0,0 +1,312 @@
1.27.7 2005-10-06
* Changed getseuserbyname to fall back to the Linux username and
NULL level if seusers config file doesn't exist unless
REQUIRESEUSERS=1 is set in /etc/selinux/config.
* Moved seusers.conf under $SELINUXTYPE and renamed to seusers.
1.27.6 2005-10-06
* Added selinux_init_load_policy() function as an even higher level
interface for the initial policy load by /sbin/init. This obsoletes
the load_policy() function in the sysvinit-selinux.patch.
1.27.5 2005-10-06
* Added selinux_mkload_policy() function as a higher level interface
for loading policy than the security_load_policy() interface.
1.27.4 2005-10-05
* Merged fix for matchpathcon (regcomp error checking) from Johan
Fischer. Also added use of regerror to obtain the error string
for inclusion in the error message.
1.27.3 2005-10-03
* Changed getseuserbyname to not require (and ignore if present)
the MLS level in seusers.conf if MLS is disabled, setting *level
to NULL in this case.
1.27.2 2005-09-30
* Merged getseuserbyname patch from Dan Walsh.
1.27.1 2005-09-19
* Merged STRIP_LEVEL patch for matchpathcon from Dan Walsh.
This allows file_contexts with MLS fields to be processed on
non-MLS-enabled systems with policies that are otherwise
identical (e.g. same type definitions).
* Merged get_ordered_context_list_with_level() function from
Dan Walsh, and added get_default_context_with_level().
This allows MLS level selection for users other than the
default level.
1.26 2005-09-06
* Updated version for release.
1.25.7 2005-09-01
* Merged modified form of patch to avoid dlopen/dlclose by
the static libselinux from Dan Walsh. Users of the static libselinux
will not have any context translation by default.
1.25.6 2005-08-31
* Added public functions to export context translation to
users of libselinux (selinux_trans_to_raw_context,
selinux_raw_to_trans_context).
1.25.5 2005-08-26
* Remove special definition for context_range_set; use
common code.
1.25.4 2005-08-25
* Hid translation-related symbols entirely and ensured that
raw functions have hidden definitions for internal use.
* Allowed setting NULL via context_set* functions.
* Allowed whitespace in MLS component of context.
* Changed rpm_execcon to use translated functions to workaround
lack of MLS level on upgraded systems.
1.25.3 2005-08-23
* Merged context translation patch, originally by TCS,
with modifications by Dan Walsh (Red Hat).
1.25.2 2005-08-11
* Merged several fixes for error handling paths in the
AVC sidtab, matchpathcon, booleans, context, and get_context_list
code from Serge Hallyn (IBM). Bugs found by Coverity.
1.25.1 2005-08-10
* Removed setupns; migrated to pam.
* Merged patches to rename checkPasswdAccess() from Joshua Brindle.
Original symbol is temporarily retained for compatibility until
all callers are updated.
1.24 2005-06-20
* Updated version for release.
1.23.12 2005-06-13
* Merged security_setupns() from Chad Sellers.
1.23.11 2005-05-19
* Merged avcstat and selinux man page from Dan Walsh.
* Changed security_load_booleans to process booleans.local
even if booleans file doesn't exist.
1.23.10 2005-04-29
* Merged set_selinuxmnt patch from Bill Nottingham (Red Hat).
1.23.9 2005-04-26
* Rewrote get_ordered_context_list and helpers, including
changing logic to allow variable MLS fields.
1.23.8 2005-04-25
* Merged matchpathcon and man page patch from Dan Walsh.
1.23.7 2005-04-12
* Changed boolean functions to return -1 with errno ENOENT
rather than assert on a NULL selinux_mnt (i.e. selinuxfs not
mounted).
1.23.6 2005-04-08
* Fixed bug in matchpathcon_filespec_destroy.
1.23.5 2005-04-05
* Fixed bug in rpm_execcon error handling path.
1.23.4 2005-04-04
* Merged fix for set_matchpathcon* functions from Andreas Steinmetz.
* Merged fix for getconlist utility from Andreas Steinmetz.
1.23.3 2005-03-29
* Merged security_set_boolean_list patch from Dan Walsh.
This introduces booleans.local support for setsebool.
1.23.2 2005-03-17
* Merged destructors patch from Tomas Mraz.
1.23.1 2005-03-16
* Added set_matchpathcon_flags() function for setting flags
controlling operation of matchpathcon. MATCHPATHCON_BASEONLY
means only process the base file_contexts file, not
file_contexts.homedirs or file_contexts.local, and is for use by
setfiles -c.
* Updated matchpathcon.3 man page.
1.22 2005-03-09
* Updated version for release.
1.21.13 2005-03-08
* Fixed bug in matchpathcon_filespec_add() - failure to clear fl_head.
1.21.12 2005-03-01
* Changed matchpathcon_common to ignore any non-format bits in the mode.
1.21.11 2005-02-22
* Merged several fixes from Ulrich Drepper.
1.21.10 2005-02-17
* Merged matchpathcon patch for file_contexts.homedir from Dan Walsh.
* Added selinux_users_path() for path to directory containing
system.users and local.users.
1.21.9 2005-02-09
* Changed relabel Makefile target to use restorecon.
1.21.8 2005-02-07
* Regenerated av_permissions.h.
1.21.7 2005-02-01
* Modified avc_dump_av to explicitly check for any permissions that
cannot be mapped to string names and display them as a hex value.
1.21.6 2005-01-31
* Regenerated av_permissions.h.
1.21.5 2005-01-28
* Generalized matchpathcon internals, exported more interfaces,
and moved additional code from setfiles into libselinux so that
setfiles can directly use matchpathcon.
1.21.4 2005-01-27
* Prevent overflow of spec array in matchpathcon.
1.21.3 2005-01-26
* Fixed several uses of internal functions to avoid relocations.
* Changed rpm_execcon to check is_selinux_enabled() and fallback to
a regular execve if not enabled (or unable to determine due to a lack
of /proc, e.g. chroot'd environment).
1.21.2 2005-01-24
* Merged minor fix for avcstat from Dan Walsh.
1.21.1 2005-01-19
* Merged patch from Dan Walsh, including:
- new is_context_customizable function
- changed matchpathcon to also use file_contexts.local if present
- man page cleanups
1.20 2005-01-04
* Changed matchpathcon to return -1 with errno ENOENT for
<<none>> entries, and also for an empty file_contexts configuration.
* Removed some trivial utils that were not useful or redundant.
* Changed BINDIR default to /usr/sbin to match change in Fedora.
* Added security_compute_member.
* Added man page for setcon.
* Merged more man pages from Dan Walsh.
* Merged avcstat from James Morris.
* Merged build fix for mips from Manoj Srivastava.
* Merged C++ support from John Ramsdell of MITRE.
* Merged setcon() function from Darrel Goeddel of TCS.
* Merged setsebool/togglesebool enhancement from Steve Grubb.
* Merged cleanup patches from Steve Grubb.
1.18 2004-11-01
* Merged cleanup patches from Steve Grubb.
* Added rpm_execcon.
* Merged setenforce and removable context patch from Dan Walsh.
* Merged build fix for alpha from Ulrich Drepper.
* Removed copyright/license from selinux_netlink.h - definitions only.
* Merged matchmediacon from Dan Walsh.
* Regenerated headers for new nscd permissions.
* Added get_default_context_with_role.
* Added set_matchpathcon_printf.
* Reworked av_inherit.h to allow easier re-use by kernel.
* Changed avc_has_perm_noaudit to not fail on netlink errors.
* Changed avc netlink code to check pid based on patch by Steve Grubb.
* Merged second optimization patch from Ulrich Drepper.
* Changed matchpathcon to skip invalid file_contexts entries.
* Made string tables private to libselinux.
* Merged strcat->stpcpy patch from Ulrich Drepper.
* Merged matchpathcon man page from Dan Walsh.
* Merged patch to eliminate PLTs for local syms from Ulrich Drepper.
* Autobind netlink socket.
* Dropped compatibility code from security_compute_user.
* Merged fix for context_range_set from Chad Hanson.
* Merged allocation failure checking patch from Chad Hanson.
* Merged avc netlink error message patch from Colin Walters.
1.16 2004-08-19
* Regenerated headers for nscd class.
* Merged man pages from Dan Walsh.
* Merged context_new bug fix for MLS ranges from Chad Hanson.
* Merged toggle_bool from Chris PeBenito, renamed to togglesebool.
* Renamed change_bool and show_bools to setsebool and getsebool.
* Merged security_load_booleans() function from Dan Walsh.
* Added selinux_booleans_path() function.
* Changed avc_init function prototype to use const.
* Regenerated headers for crontab permission.
* Added checkAccess from Dan Walsh.
* Merged getenforce patch from Dan Walsh.
* Regenerated headers for dbus classes.
1.14 2004-06-16
* Regenerated headers for fine-grained netlink classes.
* Merged selinux_config bug fix from Dan Walsh.
* Added userspace AVC man pages.
* Added man links for API calls to existing man pages documenting them.
* Replaced $HOME/.default_contexts support with /etc/selinux/contexts/users/$USER support.
* Merged patch to determine config file paths at runtime to support
reorganized layout.
* Regenerated flask headers with stable ordering.
* Merged patch for man pages from Russell Coker.
1.12 2004-05-10
* Updated flask files to include new SE-X security classes.
* Added security_disable function for runtime disable of SELinux prior
to initial policy load (for /sbin/init).
* Changed get_ordered_context_list to omit any reachable contexts
that are not explicitly listed in default_contexts, unless there
are no matches.
* Merged man pages from Russell Coker and Dan Walsh.
* Merged memory leak fixes from Dan Walsh.
* Merged policyvers errno patch from Chris PeBenito.
1.10 2004-04-05
* Merged getenforce patch from Dan Walsh.
* Fixed init_selinuxmnt to correctly handle use of "selinuxfs" as
the device specification, i.e. mount selinuxfs /selinux -t selinuxfs.
Based on a patch by Russell Coker.
* Merged matchpathcon buffer size fix from Dan Walsh.
1.8 2004-03-09
* Merged is_selinux_mls_enabled() from Chad Hanson of TCS.
* Added matchpathcon function.
* Updated userspace AVC to handle netlink selinux notifications.
1.6 2004-02-18
* Merged conditional policy extensions from Tresys Technology.
* Added userspace avc and SID table implementation.
* Fixed type on size in getpeercon per Thorsten Kukuk's advice.
* Fixed use of getpwnam_r per Thorsten Kukuk's advice.
* Changed to use getpwnam_r rather than getpwnam internally to
avoid clobbering any existing pwd struct obtained by the caller.
* Added getpeercon function to encapsulate getsockopt SO_PEERSEC
and handle allocation ala getfilecon.
* Changed is_selinux_enabled to return -1 on errors.
* Changed to discover selinuxfs mount point via /proc/mounts
so that the mount point can be changed without rebuilding.
1.4 2003-12-01
* Merged another cleanup patch from Bastian Blank and Joerg Hoh.
* Regenerate headers for new permissions.
* Merged static lib build patch from Bastian Blank and Joerg Hoh.
* Export SELINUXMNT definition, add SELINUXPOLICY definition.
* Add functions to provide access to enforce and policyvers.
* Changed is_selinux_enabled to check /proc/filesystems for selinuxfs.
* Fixed type for 'size' in *getfilecon.
* Dropped -lattr and changed #include's to <sys/xattr.h>
* Merged patch to move shared library to /lib from Dan Walsh.
* Changed get_ordered_context_list to support a failsafe context.
* Added selinuxenabled utility.
* Merged const patch from Thorsten Kukuk.
1.2 2003-09-30
* Change is_selinux_enabled to fail if policy isn't loaded.
* Changed Makefiles to allow non-root rpm builds.
* Added -lattr for libselinux.so to ensure proper binding.
1.1 2003-08-13
* Ensure that context strings are padded with a null byte
in case the kernel didn't include one.
* Regenerate headers, update helpers.c for code cleanup.
* Pass soname flag to linker (Colin Walters).
* Fixes for various items: add const as appropriate, handle missed OOM condition, clean up compile warnings (Colin Walters).
1.0 2003-07-11
* Initial public release.

21
libselinux/LICENSE Normal file
View File

@ -0,0 +1,21 @@
This library (libselinux) is public domain software, i.e. not copyrighted.
Warranty Exclusion
------------------
You agree that this software is a
non-commercially developed program that may contain "bugs" (as that
term is used in the industry) and that it may not function as intended.
The software is licensed "as is". NSA makes no, and hereby expressly
disclaims all, warranties, express, implied, statutory, or otherwise
with respect to the software, including noninfringement and the implied
warranties of merchantability and fitness for a particular purpose.
Limitation of Liability
-----------------------
In no event will NSA be liable for any damages, including loss of data,
lost profits, cost of cover, or other special, incidental,
consequential, direct or indirect damages arising from the software or
the use thereof, however caused and on any theory of liability. This
limitation will apply even if NSA has been advised of the possibility
of such damage. You acknowledge that this is a reasonable allocation of
risk.

17
libselinux/Makefile Normal file
View File

@ -0,0 +1,17 @@
all:
$(MAKE) -C src
$(MAKE) -C utils
install:
$(MAKE) -C include install
$(MAKE) -C src install
$(MAKE) -C utils install
$(MAKE) -C man install
relabel:
$(MAKE) -C src relabel
clean:
$(MAKE) -C src clean
$(MAKE) -C utils clean

1
libselinux/VERSION Normal file
View File

@ -0,0 +1 @@
1.27.7

7
libselinux/include/Makefile Normal file
View File

@ -0,0 +1,7 @@
# Installation directories.
PREFIX ?= $(DESTDIR)/usr
INCDIR ?= $(PREFIX)/include/selinux
install:
test -d $(INCDIR) || install -m 755 -d $(INCDIR)
install -m 644 $(wildcard selinux/*.h) $(INCDIR)

905
libselinux/include/selinux/av_permissions.h Normal file
View File

@ -0,0 +1,905 @@
/* This file is automatically generated. Do not edit. */
#define COMMON_FILE__IOCTL 0x00000001UL
#define COMMON_FILE__READ 0x00000002UL
#define COMMON_FILE__WRITE 0x00000004UL
#define COMMON_FILE__CREATE 0x00000008UL
#define COMMON_FILE__GETATTR 0x00000010UL
#define COMMON_FILE__SETATTR 0x00000020UL
#define COMMON_FILE__LOCK 0x00000040UL
#define COMMON_FILE__RELABELFROM 0x00000080UL
#define COMMON_FILE__RELABELTO 0x00000100UL
#define COMMON_FILE__APPEND 0x00000200UL
#define COMMON_FILE__UNLINK 0x00000400UL
#define COMMON_FILE__LINK 0x00000800UL
#define COMMON_FILE__RENAME 0x00001000UL
#define COMMON_FILE__EXECUTE 0x00002000UL
#define COMMON_FILE__SWAPON 0x00004000UL
#define COMMON_FILE__QUOTAON 0x00008000UL
#define COMMON_FILE__MOUNTON 0x00010000UL
#define COMMON_SOCKET__IOCTL 0x00000001UL
#define COMMON_SOCKET__READ 0x00000002UL
#define COMMON_SOCKET__WRITE 0x00000004UL
#define COMMON_SOCKET__CREATE 0x00000008UL
#define COMMON_SOCKET__GETATTR 0x00000010UL
#define COMMON_SOCKET__SETATTR 0x00000020UL
#define COMMON_SOCKET__LOCK 0x00000040UL
#define COMMON_SOCKET__RELABELFROM 0x00000080UL
#define COMMON_SOCKET__RELABELTO 0x00000100UL
#define COMMON_SOCKET__APPEND 0x00000200UL
#define COMMON_SOCKET__BIND 0x00000400UL
#define COMMON_SOCKET__CONNECT 0x00000800UL
#define COMMON_SOCKET__LISTEN 0x00001000UL
#define COMMON_SOCKET__ACCEPT 0x00002000UL
#define COMMON_SOCKET__GETOPT 0x00004000UL
#define COMMON_SOCKET__SETOPT 0x00008000UL
#define COMMON_SOCKET__SHUTDOWN 0x00010000UL
#define COMMON_SOCKET__RECVFROM 0x00020000UL
#define COMMON_SOCKET__SENDTO 0x00040000UL
#define COMMON_SOCKET__RECV_MSG 0x00080000UL
#define COMMON_SOCKET__SEND_MSG 0x00100000UL
#define COMMON_SOCKET__NAME_BIND 0x00200000UL
#define COMMON_IPC__CREATE 0x00000001UL
#define COMMON_IPC__DESTROY 0x00000002UL
#define COMMON_IPC__GETATTR 0x00000004UL
#define COMMON_IPC__SETATTR 0x00000008UL
#define COMMON_IPC__READ 0x00000010UL
#define COMMON_IPC__WRITE 0x00000020UL
#define COMMON_IPC__ASSOCIATE 0x00000040UL
#define COMMON_IPC__UNIX_READ 0x00000080UL
#define COMMON_IPC__UNIX_WRITE 0x00000100UL
#define FILESYSTEM__MOUNT 0x00000001UL
#define FILESYSTEM__REMOUNT 0x00000002UL
#define FILESYSTEM__UNMOUNT 0x00000004UL
#define FILESYSTEM__GETATTR 0x00000008UL
#define FILESYSTEM__RELABELFROM 0x00000010UL
#define FILESYSTEM__RELABELTO 0x00000020UL
#define FILESYSTEM__TRANSITION 0x00000040UL
#define FILESYSTEM__ASSOCIATE 0x00000080UL
#define FILESYSTEM__QUOTAMOD 0x00000100UL
#define FILESYSTEM__QUOTAGET 0x00000200UL
#define DIR__IOCTL 0x00000001UL
#define DIR__READ 0x00000002UL
#define DIR__WRITE 0x00000004UL
#define DIR__CREATE 0x00000008UL
#define DIR__GETATTR 0x00000010UL
#define DIR__SETATTR 0x00000020UL
#define DIR__LOCK 0x00000040UL
#define DIR__RELABELFROM 0x00000080UL
#define DIR__RELABELTO 0x00000100UL
#define DIR__APPEND 0x00000200UL
#define DIR__UNLINK 0x00000400UL
#define DIR__LINK 0x00000800UL
#define DIR__RENAME 0x00001000UL
#define DIR__EXECUTE 0x00002000UL
#define DIR__SWAPON 0x00004000UL
#define DIR__QUOTAON 0x00008000UL
#define DIR__MOUNTON 0x00010000UL
#define DIR__ADD_NAME 0x00020000UL
#define DIR__REMOVE_NAME 0x00040000UL
#define DIR__REPARENT 0x00080000UL
#define DIR__SEARCH 0x00100000UL
#define DIR__RMDIR 0x00200000UL
#define FILE__IOCTL 0x00000001UL
#define FILE__READ 0x00000002UL
#define FILE__WRITE 0x00000004UL
#define FILE__CREATE 0x00000008UL
#define FILE__GETATTR 0x00000010UL
#define FILE__SETATTR 0x00000020UL
#define FILE__LOCK 0x00000040UL
#define FILE__RELABELFROM 0x00000080UL
#define FILE__RELABELTO 0x00000100UL
#define FILE__APPEND 0x00000200UL
#define FILE__UNLINK 0x00000400UL
#define FILE__LINK 0x00000800UL
#define FILE__RENAME 0x00001000UL
#define FILE__EXECUTE 0x00002000UL
#define FILE__SWAPON 0x00004000UL
#define FILE__QUOTAON 0x00008000UL
#define FILE__MOUNTON 0x00010000UL
#define FILE__EXECUTE_NO_TRANS 0x00020000UL
#define FILE__ENTRYPOINT 0x00040000UL
#define FILE__EXECMOD 0x00080000UL
#define LNK_FILE__IOCTL 0x00000001UL
#define LNK_FILE__READ 0x00000002UL
#define LNK_FILE__WRITE 0x00000004UL
#define LNK_FILE__CREATE 0x00000008UL
#define LNK_FILE__GETATTR 0x00000010UL
#define LNK_FILE__SETATTR 0x00000020UL
#define LNK_FILE__LOCK 0x00000040UL
#define LNK_FILE__RELABELFROM 0x00000080UL
#define LNK_FILE__RELABELTO 0x00000100UL
#define LNK_FILE__APPEND 0x00000200UL
#define LNK_FILE__UNLINK 0x00000400UL
#define LNK_FILE__LINK 0x00000800UL
#define LNK_FILE__RENAME 0x00001000UL
#define LNK_FILE__EXECUTE 0x00002000UL
#define LNK_FILE__SWAPON 0x00004000UL
#define LNK_FILE__QUOTAON 0x00008000UL
#define LNK_FILE__MOUNTON 0x00010000UL
#define CHR_FILE__IOCTL 0x00000001UL
#define CHR_FILE__READ 0x00000002UL
#define CHR_FILE__WRITE 0x00000004UL
#define CHR_FILE__CREATE 0x00000008UL
#define CHR_FILE__GETATTR 0x00000010UL
#define CHR_FILE__SETATTR 0x00000020UL
#define CHR_FILE__LOCK 0x00000040UL
#define CHR_FILE__RELABELFROM 0x00000080UL
#define CHR_FILE__RELABELTO 0x00000100UL
#define CHR_FILE__APPEND 0x00000200UL
#define CHR_FILE__UNLINK 0x00000400UL
#define CHR_FILE__LINK 0x00000800UL
#define CHR_FILE__RENAME 0x00001000UL
#define CHR_FILE__EXECUTE 0x00002000UL
#define CHR_FILE__SWAPON 0x00004000UL
#define CHR_FILE__QUOTAON 0x00008000UL
#define CHR_FILE__MOUNTON 0x00010000UL
#define CHR_FILE__EXECUTE_NO_TRANS 0x00020000UL
#define CHR_FILE__ENTRYPOINT 0x00040000UL
#define CHR_FILE__EXECMOD 0x00080000UL
#define BLK_FILE__IOCTL 0x00000001UL
#define BLK_FILE__READ 0x00000002UL
#define BLK_FILE__WRITE 0x00000004UL
#define BLK_FILE__CREATE 0x00000008UL
#define BLK_FILE__GETATTR 0x00000010UL
#define BLK_FILE__SETATTR 0x00000020UL
#define BLK_FILE__LOCK 0x00000040UL
#define BLK_FILE__RELABELFROM 0x00000080UL
#define BLK_FILE__RELABELTO 0x00000100UL
#define BLK_FILE__APPEND 0x00000200UL
#define BLK_FILE__UNLINK 0x00000400UL
#define BLK_FILE__LINK 0x00000800UL
#define BLK_FILE__RENAME 0x00001000UL
#define BLK_FILE__EXECUTE 0x00002000UL
#define BLK_FILE__SWAPON 0x00004000UL
#define BLK_FILE__QUOTAON 0x00008000UL
#define BLK_FILE__MOUNTON 0x00010000UL
#define SOCK_FILE__IOCTL 0x00000001UL
#define SOCK_FILE__READ 0x00000002UL
#define SOCK_FILE__WRITE 0x00000004UL
#define SOCK_FILE__CREATE 0x00000008UL
#define SOCK_FILE__GETATTR 0x00000010UL
#define SOCK_FILE__SETATTR 0x00000020UL
#define SOCK_FILE__LOCK 0x00000040UL
#define SOCK_FILE__RELABELFROM 0x00000080UL
#define SOCK_FILE__RELABELTO 0x00000100UL
#define SOCK_FILE__APPEND 0x00000200UL
#define SOCK_FILE__UNLINK 0x00000400UL
#define SOCK_FILE__LINK 0x00000800UL
#define SOCK_FILE__RENAME 0x00001000UL
#define SOCK_FILE__EXECUTE 0x00002000UL
#define SOCK_FILE__SWAPON 0x00004000UL
#define SOCK_FILE__QUOTAON 0x00008000UL
#define SOCK_FILE__MOUNTON 0x00010000UL
#define FIFO_FILE__IOCTL 0x00000001UL
#define FIFO_FILE__READ 0x00000002UL
#define FIFO_FILE__WRITE 0x00000004UL
#define FIFO_FILE__CREATE 0x00000008UL
#define FIFO_FILE__GETATTR 0x00000010UL
#define FIFO_FILE__SETATTR 0x00000020UL
#define FIFO_FILE__LOCK 0x00000040UL
#define FIFO_FILE__RELABELFROM 0x00000080UL
#define FIFO_FILE__RELABELTO 0x00000100UL
#define FIFO_FILE__APPEND 0x00000200UL
#define FIFO_FILE__UNLINK 0x00000400UL
#define FIFO_FILE__LINK 0x00000800UL
#define FIFO_FILE__RENAME 0x00001000UL
#define FIFO_FILE__EXECUTE 0x00002000UL
#define FIFO_FILE__SWAPON 0x00004000UL
#define FIFO_FILE__QUOTAON 0x00008000UL
#define FIFO_FILE__MOUNTON 0x00010000UL
#define FD__USE 0x00000001UL
#define SOCKET__IOCTL 0x00000001UL
#define SOCKET__READ 0x00000002UL
#define SOCKET__WRITE 0x00000004UL
#define SOCKET__CREATE 0x00000008UL
#define SOCKET__GETATTR 0x00000010UL
#define SOCKET__SETATTR 0x00000020UL
#define SOCKET__LOCK 0x00000040UL
#define SOCKET__RELABELFROM 0x00000080UL
#define SOCKET__RELABELTO 0x00000100UL
#define SOCKET__APPEND 0x00000200UL
#define SOCKET__BIND 0x00000400UL
#define SOCKET__CONNECT 0x00000800UL
#define SOCKET__LISTEN 0x00001000UL
#define SOCKET__ACCEPT 0x00002000UL
#define SOCKET__GETOPT 0x00004000UL
#define SOCKET__SETOPT 0x00008000UL
#define SOCKET__SHUTDOWN 0x00010000UL
#define SOCKET__RECVFROM 0x00020000UL
#define SOCKET__SENDTO 0x00040000UL
#define SOCKET__RECV_MSG 0x00080000UL
#define SOCKET__SEND_MSG 0x00100000UL
#define SOCKET__NAME_BIND 0x00200000UL
#define TCP_SOCKET__IOCTL 0x00000001UL
#define TCP_SOCKET__READ 0x00000002UL
#define TCP_SOCKET__WRITE 0x00000004UL
#define TCP_SOCKET__CREATE 0x00000008UL
#define TCP_SOCKET__GETATTR 0x00000010UL
#define TCP_SOCKET__SETATTR 0x00000020UL
#define TCP_SOCKET__LOCK 0x00000040UL
#define TCP_SOCKET__RELABELFROM 0x00000080UL
#define TCP_SOCKET__RELABELTO 0x00000100UL
#define TCP_SOCKET__APPEND 0x00000200UL
#define TCP_SOCKET__BIND 0x00000400UL
#define TCP_SOCKET__CONNECT 0x00000800UL
#define TCP_SOCKET__LISTEN 0x00001000UL
#define TCP_SOCKET__ACCEPT 0x00002000UL
#define TCP_SOCKET__GETOPT 0x00004000UL
#define TCP_SOCKET__SETOPT 0x00008000UL
#define TCP_SOCKET__SHUTDOWN 0x00010000UL
#define TCP_SOCKET__RECVFROM 0x00020000UL
#define TCP_SOCKET__SENDTO 0x00040000UL
#define TCP_SOCKET__RECV_MSG 0x00080000UL
#define TCP_SOCKET__SEND_MSG 0x00100000UL
#define TCP_SOCKET__NAME_BIND 0x00200000UL
#define TCP_SOCKET__CONNECTTO 0x00400000UL
#define TCP_SOCKET__NEWCONN 0x00800000UL
#define TCP_SOCKET__ACCEPTFROM 0x01000000UL
#define TCP_SOCKET__NODE_BIND 0x02000000UL
#define UDP_SOCKET__IOCTL 0x00000001UL
#define UDP_SOCKET__READ 0x00000002UL
#define UDP_SOCKET__WRITE 0x00000004UL
#define UDP_SOCKET__CREATE 0x00000008UL
#define UDP_SOCKET__GETATTR 0x00000010UL
#define UDP_SOCKET__SETATTR 0x00000020UL
#define UDP_SOCKET__LOCK 0x00000040UL
#define UDP_SOCKET__RELABELFROM 0x00000080UL
#define UDP_SOCKET__RELABELTO 0x00000100UL
#define UDP_SOCKET__APPEND 0x00000200UL
#define UDP_SOCKET__BIND 0x00000400UL
#define UDP_SOCKET__CONNECT 0x00000800UL
#define UDP_SOCKET__LISTEN 0x00001000UL
#define UDP_SOCKET__ACCEPT 0x00002000UL
#define UDP_SOCKET__GETOPT 0x00004000UL
#define UDP_SOCKET__SETOPT 0x00008000UL
#define UDP_SOCKET__SHUTDOWN 0x00010000UL
#define UDP_SOCKET__RECVFROM 0x00020000UL
#define UDP_SOCKET__SENDTO 0x00040000UL
#define UDP_SOCKET__RECV_MSG 0x00080000UL
#define UDP_SOCKET__SEND_MSG 0x00100000UL
#define UDP_SOCKET__NAME_BIND 0x00200000UL
#define UDP_SOCKET__NODE_BIND 0x00400000UL
#define RAWIP_SOCKET__IOCTL 0x00000001UL
#define RAWIP_SOCKET__READ 0x00000002UL
#define RAWIP_SOCKET__WRITE 0x00000004UL
#define RAWIP_SOCKET__CREATE 0x00000008UL
#define RAWIP_SOCKET__GETATTR 0x00000010UL
#define RAWIP_SOCKET__SETATTR 0x00000020UL
#define RAWIP_SOCKET__LOCK 0x00000040UL
#define RAWIP_SOCKET__RELABELFROM 0x00000080UL
#define RAWIP_SOCKET__RELABELTO 0x00000100UL
#define RAWIP_SOCKET__APPEND 0x00000200UL
#define RAWIP_SOCKET__BIND 0x00000400UL
#define RAWIP_SOCKET__CONNECT 0x00000800UL
#define RAWIP_SOCKET__LISTEN 0x00001000UL
#define RAWIP_SOCKET__ACCEPT 0x00002000UL
#define RAWIP_SOCKET__GETOPT 0x00004000UL
#define RAWIP_SOCKET__SETOPT 0x00008000UL
#define RAWIP_SOCKET__SHUTDOWN 0x00010000UL
#define RAWIP_SOCKET__RECVFROM 0x00020000UL
#define RAWIP_SOCKET__SENDTO 0x00040000UL
#define RAWIP_SOCKET__RECV_MSG 0x00080000UL
#define RAWIP_SOCKET__SEND_MSG 0x00100000UL
#define RAWIP_SOCKET__NAME_BIND 0x00200000UL
#define RAWIP_SOCKET__NODE_BIND 0x00400000UL
#define NODE__TCP_RECV 0x00000001UL
#define NODE__TCP_SEND 0x00000002UL
#define NODE__UDP_RECV 0x00000004UL
#define NODE__UDP_SEND 0x00000008UL
#define NODE__RAWIP_RECV 0x00000010UL
#define NODE__RAWIP_SEND 0x00000020UL
#define NODE__ENFORCE_DEST 0x00000040UL
#define NETIF__TCP_RECV 0x00000001UL
#define NETIF__TCP_SEND 0x00000002UL
#define NETIF__UDP_RECV 0x00000004UL
#define NETIF__UDP_SEND 0x00000008UL
#define NETIF__RAWIP_RECV 0x00000010UL
#define NETIF__RAWIP_SEND 0x00000020UL
#define NETLINK_SOCKET__IOCTL 0x00000001UL
#define NETLINK_SOCKET__READ 0x00000002UL
#define NETLINK_SOCKET__WRITE 0x00000004UL
#define NETLINK_SOCKET__CREATE 0x00000008UL
#define NETLINK_SOCKET__GETATTR 0x00000010UL
#define NETLINK_SOCKET__SETATTR 0x00000020UL
#define NETLINK_SOCKET__LOCK 0x00000040UL
#define NETLINK_SOCKET__RELABELFROM 0x00000080UL
#define NETLINK_SOCKET__RELABELTO 0x00000100UL
#define NETLINK_SOCKET__APPEND 0x00000200UL
#define NETLINK_SOCKET__BIND 0x00000400UL
#define NETLINK_SOCKET__CONNECT 0x00000800UL
#define NETLINK_SOCKET__LISTEN 0x00001000UL
#define NETLINK_SOCKET__ACCEPT 0x00002000UL
#define NETLINK_SOCKET__GETOPT 0x00004000UL
#define NETLINK_SOCKET__SETOPT 0x00008000UL
#define NETLINK_SOCKET__SHUTDOWN 0x00010000UL
#define NETLINK_SOCKET__RECVFROM 0x00020000UL
#define NETLINK_SOCKET__SENDTO 0x00040000UL
#define NETLINK_SOCKET__RECV_MSG 0x00080000UL
#define NETLINK_SOCKET__SEND_MSG 0x00100000UL
#define NETLINK_SOCKET__NAME_BIND 0x00200000UL
#define PACKET_SOCKET__IOCTL 0x00000001UL
#define PACKET_SOCKET__READ 0x00000002UL
#define PACKET_SOCKET__WRITE 0x00000004UL
#define PACKET_SOCKET__CREATE 0x00000008UL
#define PACKET_SOCKET__GETATTR 0x00000010UL
#define PACKET_SOCKET__SETATTR 0x00000020UL
#define PACKET_SOCKET__LOCK 0x00000040UL
#define PACKET_SOCKET__RELABELFROM 0x00000080UL
#define PACKET_SOCKET__RELABELTO 0x00000100UL
#define PACKET_SOCKET__APPEND 0x00000200UL
#define PACKET_SOCKET__BIND 0x00000400UL
#define PACKET_SOCKET__CONNECT 0x00000800UL
#define PACKET_SOCKET__LISTEN 0x00001000UL
#define PACKET_SOCKET__ACCEPT 0x00002000UL
#define PACKET_SOCKET__GETOPT 0x00004000UL
#define PACKET_SOCKET__SETOPT 0x00008000UL
#define PACKET_SOCKET__SHUTDOWN 0x00010000UL
#define PACKET_SOCKET__RECVFROM 0x00020000UL
#define PACKET_SOCKET__SENDTO 0x00040000UL
#define PACKET_SOCKET__RECV_MSG 0x00080000UL
#define PACKET_SOCKET__SEND_MSG 0x00100000UL
#define PACKET_SOCKET__NAME_BIND 0x00200000UL
#define KEY_SOCKET__IOCTL 0x00000001UL
#define KEY_SOCKET__READ 0x00000002UL
#define KEY_SOCKET__WRITE 0x00000004UL
#define KEY_SOCKET__CREATE 0x00000008UL
#define KEY_SOCKET__GETATTR 0x00000010UL
#define KEY_SOCKET__SETATTR 0x00000020UL
#define KEY_SOCKET__LOCK 0x00000040UL
#define KEY_SOCKET__RELABELFROM 0x00000080UL
#define KEY_SOCKET__RELABELTO 0x00000100UL
#define KEY_SOCKET__APPEND 0x00000200UL
#define KEY_SOCKET__BIND 0x00000400UL
#define KEY_SOCKET__CONNECT 0x00000800UL
#define KEY_SOCKET__LISTEN 0x00001000UL
#define KEY_SOCKET__ACCEPT 0x00002000UL
#define KEY_SOCKET__GETOPT 0x00004000UL
#define KEY_SOCKET__SETOPT 0x00008000UL
#define KEY_SOCKET__SHUTDOWN 0x00010000UL
#define KEY_SOCKET__RECVFROM 0x00020000UL
#define KEY_SOCKET__SENDTO 0x00040000UL
#define KEY_SOCKET__RECV_MSG 0x00080000UL
#define KEY_SOCKET__SEND_MSG 0x00100000UL
#define KEY_SOCKET__NAME_BIND 0x00200000UL
#define UNIX_STREAM_SOCKET__IOCTL 0x00000001UL
#define UNIX_STREAM_SOCKET__READ 0x00000002UL
#define UNIX_STREAM_SOCKET__WRITE 0x00000004UL
#define UNIX_STREAM_SOCKET__CREATE 0x00000008UL
#define UNIX_STREAM_SOCKET__GETATTR 0x00000010UL
#define UNIX_STREAM_SOCKET__SETATTR 0x00000020UL
#define UNIX_STREAM_SOCKET__LOCK 0x00000040UL
#define UNIX_STREAM_SOCKET__RELABELFROM 0x00000080UL
#define UNIX_STREAM_SOCKET__RELABELTO 0x00000100UL
#define UNIX_STREAM_SOCKET__APPEND 0x00000200UL
#define UNIX_STREAM_SOCKET__BIND 0x00000400UL
#define UNIX_STREAM_SOCKET__CONNECT 0x00000800UL
#define UNIX_STREAM_SOCKET__LISTEN 0x00001000UL
#define UNIX_STREAM_SOCKET__ACCEPT 0x00002000UL
#define UNIX_STREAM_SOCKET__GETOPT 0x00004000UL
#define UNIX_STREAM_SOCKET__SETOPT 0x00008000UL
#define UNIX_STREAM_SOCKET__SHUTDOWN 0x00010000UL
#define UNIX_STREAM_SOCKET__RECVFROM 0x00020000UL
#define UNIX_STREAM_SOCKET__SENDTO 0x00040000UL
#define UNIX_STREAM_SOCKET__RECV_MSG 0x00080000UL
#define UNIX_STREAM_SOCKET__SEND_MSG 0x00100000UL
#define UNIX_STREAM_SOCKET__NAME_BIND 0x00200000UL
#define UNIX_STREAM_SOCKET__CONNECTTO 0x00400000UL
#define UNIX_STREAM_SOCKET__NEWCONN 0x00800000UL
#define UNIX_STREAM_SOCKET__ACCEPTFROM 0x01000000UL
#define UNIX_DGRAM_SOCKET__IOCTL 0x00000001UL
#define UNIX_DGRAM_SOCKET__READ 0x00000002UL
#define UNIX_DGRAM_SOCKET__WRITE 0x00000004UL
#define UNIX_DGRAM_SOCKET__CREATE 0x00000008UL
#define UNIX_DGRAM_SOCKET__GETATTR 0x00000010UL
#define UNIX_DGRAM_SOCKET__SETATTR 0x00000020UL
#define UNIX_DGRAM_SOCKET__LOCK 0x00000040UL
#define UNIX_DGRAM_SOCKET__RELABELFROM 0x00000080UL
#define UNIX_DGRAM_SOCKET__RELABELTO 0x00000100UL
#define UNIX_DGRAM_SOCKET__APPEND 0x00000200UL
#define UNIX_DGRAM_SOCKET__BIND 0x00000400UL
#define UNIX_DGRAM_SOCKET__CONNECT 0x00000800UL
#define UNIX_DGRAM_SOCKET__LISTEN 0x00001000UL
#define UNIX_DGRAM_SOCKET__ACCEPT 0x00002000UL
#define UNIX_DGRAM_SOCKET__GETOPT 0x00004000UL
#define UNIX_DGRAM_SOCKET__SETOPT 0x00008000UL
#define UNIX_DGRAM_SOCKET__SHUTDOWN 0x00010000UL
#define UNIX_DGRAM_SOCKET__RECVFROM 0x00020000UL
#define UNIX_DGRAM_SOCKET__SENDTO 0x00040000UL
#define UNIX_DGRAM_SOCKET__RECV_MSG 0x00080000UL
#define UNIX_DGRAM_SOCKET__SEND_MSG 0x00100000UL
#define UNIX_DGRAM_SOCKET__NAME_BIND 0x00200000UL
#define PROCESS__FORK 0x00000001UL
#define PROCESS__TRANSITION 0x00000002UL
#define PROCESS__SIGCHLD 0x00000004UL
#define PROCESS__SIGKILL 0x00000008UL
#define PROCESS__SIGSTOP 0x00000010UL
#define PROCESS__SIGNULL 0x00000020UL
#define PROCESS__SIGNAL 0x00000040UL
#define PROCESS__PTRACE 0x00000080UL
#define PROCESS__GETSCHED 0x00000100UL
#define PROCESS__SETSCHED 0x00000200UL
#define PROCESS__GETSESSION 0x00000400UL
#define PROCESS__GETPGID 0x00000800UL
#define PROCESS__SETPGID 0x00001000UL
#define PROCESS__GETCAP 0x00002000UL
#define PROCESS__SETCAP 0x00004000UL
#define PROCESS__SHARE 0x00008000UL
#define PROCESS__GETATTR 0x00010000UL
#define PROCESS__SETEXEC 0x00020000UL
#define PROCESS__SETFSCREATE 0x00040000UL
#define PROCESS__NOATSECURE 0x00080000UL
#define PROCESS__SIGINH 0x00100000UL
#define PROCESS__SETRLIMIT 0x00200000UL
#define PROCESS__RLIMITINH 0x00400000UL
#define PROCESS__DYNTRANSITION 0x00800000UL
#define PROCESS__SETCURRENT 0x01000000UL
#define PROCESS__EXECMEM 0x02000000UL
#define IPC__CREATE 0x00000001UL
#define IPC__DESTROY 0x00000002UL
#define IPC__GETATTR 0x00000004UL
#define IPC__SETATTR 0x00000008UL
#define IPC__READ 0x00000010UL
#define IPC__WRITE 0x00000020UL
#define IPC__ASSOCIATE 0x00000040UL
#define IPC__UNIX_READ 0x00000080UL
#define IPC__UNIX_WRITE 0x00000100UL
#define SEM__CREATE 0x00000001UL
#define SEM__DESTROY 0x00000002UL
#define SEM__GETATTR 0x00000004UL
#define SEM__SETATTR 0x00000008UL
#define SEM__READ 0x00000010UL
#define SEM__WRITE 0x00000020UL
#define SEM__ASSOCIATE 0x00000040UL
#define SEM__UNIX_READ 0x00000080UL
#define SEM__UNIX_WRITE 0x00000100UL
#define MSGQ__CREATE 0x00000001UL
#define MSGQ__DESTROY 0x00000002UL
#define MSGQ__GETATTR 0x00000004UL
#define MSGQ__SETATTR 0x00000008UL
#define MSGQ__READ 0x00000010UL
#define MSGQ__WRITE 0x00000020UL
#define MSGQ__ASSOCIATE 0x00000040UL
#define MSGQ__UNIX_READ 0x00000080UL
#define MSGQ__UNIX_WRITE 0x00000100UL
#define MSGQ__ENQUEUE 0x00000200UL
#define MSG__SEND 0x00000001UL
#define MSG__RECEIVE 0x00000002UL
#define SHM__CREATE 0x00000001UL
#define SHM__DESTROY 0x00000002UL
#define SHM__GETATTR 0x00000004UL
#define SHM__SETATTR 0x00000008UL
#define SHM__READ 0x00000010UL
#define SHM__WRITE 0x00000020UL
#define SHM__ASSOCIATE 0x00000040UL
#define SHM__UNIX_READ 0x00000080UL
#define SHM__UNIX_WRITE 0x00000100UL
#define SHM__LOCK 0x00000200UL
#define SECURITY__COMPUTE_AV 0x00000001UL
#define SECURITY__COMPUTE_CREATE 0x00000002UL
#define SECURITY__COMPUTE_MEMBER 0x00000004UL
#define SECURITY__CHECK_CONTEXT 0x00000008UL
#define SECURITY__LOAD_POLICY 0x00000010UL
#define SECURITY__COMPUTE_RELABEL 0x00000020UL
#define SECURITY__COMPUTE_USER 0x00000040UL
#define SECURITY__SETENFORCE 0x00000080UL
#define SECURITY__SETBOOL 0x00000100UL
#define SECURITY__SETSECPARAM 0x00000200UL
#define SYSTEM__IPC_INFO 0x00000001UL
#define SYSTEM__SYSLOG_READ 0x00000002UL
#define SYSTEM__SYSLOG_MOD 0x00000004UL
#define SYSTEM__SYSLOG_CONSOLE 0x00000008UL
#define CAPABILITY__CHOWN 0x00000001UL
#define CAPABILITY__DAC_OVERRIDE 0x00000002UL
#define CAPABILITY__DAC_READ_SEARCH 0x00000004UL
#define CAPABILITY__FOWNER 0x00000008UL
#define CAPABILITY__FSETID 0x00000010UL
#define CAPABILITY__KILL 0x00000020UL
#define CAPABILITY__SETGID 0x00000040UL
#define CAPABILITY__SETUID 0x00000080UL
#define CAPABILITY__SETPCAP 0x00000100UL
#define CAPABILITY__LINUX_IMMUTABLE 0x00000200UL
#define CAPABILITY__NET_BIND_SERVICE 0x00000400UL
#define CAPABILITY__NET_BROADCAST 0x00000800UL
#define CAPABILITY__NET_ADMIN 0x00001000UL
#define CAPABILITY__NET_RAW 0x00002000UL
#define CAPABILITY__IPC_LOCK 0x00004000UL
#define CAPABILITY__IPC_OWNER 0x00008000UL
#define CAPABILITY__SYS_MODULE 0x00010000UL
#define CAPABILITY__SYS_RAWIO 0x00020000UL
#define CAPABILITY__SYS_CHROOT 0x00040000UL
#define CAPABILITY__SYS_PTRACE 0x00080000UL
#define CAPABILITY__SYS_PACCT 0x00100000UL
#define CAPABILITY__SYS_ADMIN 0x00200000UL
#define CAPABILITY__SYS_BOOT 0x00400000UL
#define CAPABILITY__SYS_NICE 0x00800000UL
#define CAPABILITY__SYS_RESOURCE 0x01000000UL
#define CAPABILITY__SYS_TIME 0x02000000UL
#define CAPABILITY__SYS_TTY_CONFIG 0x04000000UL
#define CAPABILITY__MKNOD 0x08000000UL
#define CAPABILITY__LEASE 0x10000000UL
#define CAPABILITY__AUDIT_WRITE 0x20000000UL
#define CAPABILITY__AUDIT_CONTROL 0x40000000UL
#define PASSWD__PASSWD 0x00000001UL
#define PASSWD__CHFN 0x00000002UL
#define PASSWD__CHSH 0x00000004UL
#define PASSWD__ROOTOK 0x00000008UL
#define PASSWD__CRONTAB 0x00000010UL
#define DRAWABLE__CREATE 0x00000001UL
#define DRAWABLE__DESTROY 0x00000002UL
#define DRAWABLE__DRAW 0x00000004UL
#define DRAWABLE__COPY 0x00000008UL
#define DRAWABLE__GETATTR 0x00000010UL
#define GC__CREATE 0x00000001UL
#define GC__FREE 0x00000002UL
#define GC__GETATTR 0x00000004UL
#define GC__SETATTR 0x00000008UL
#define WINDOW__ADDCHILD 0x00000001UL
#define WINDOW__CREATE 0x00000002UL
#define WINDOW__DESTROY 0x00000004UL
#define WINDOW__MAP 0x00000008UL
#define WINDOW__UNMAP 0x00000010UL
#define WINDOW__CHSTACK 0x00000020UL
#define WINDOW__CHPROPLIST 0x00000040UL
#define WINDOW__CHPROP 0x00000080UL
#define WINDOW__LISTPROP 0x00000100UL
#define WINDOW__GETATTR 0x00000200UL
#define WINDOW__SETATTR 0x00000400UL
#define WINDOW__SETFOCUS 0x00000800UL
#define WINDOW__MOVE 0x00001000UL
#define WINDOW__CHSELECTION 0x00002000UL
#define WINDOW__CHPARENT 0x00004000UL
#define WINDOW__CTRLLIFE 0x00008000UL
#define WINDOW__ENUMERATE 0x00010000UL
#define WINDOW__TRANSPARENT 0x00020000UL
#define WINDOW__MOUSEMOTION 0x00040000UL
#define WINDOW__CLIENTCOMEVENT 0x00080000UL
#define WINDOW__INPUTEVENT 0x00100000UL
#define WINDOW__DRAWEVENT 0x00200000UL
#define WINDOW__WINDOWCHANGEEVENT 0x00400000UL
#define WINDOW__WINDOWCHANGEREQUEST 0x00800000UL
#define WINDOW__SERVERCHANGEEVENT 0x01000000UL
#define WINDOW__EXTENSIONEVENT 0x02000000UL
#define FONT__LOAD 0x00000001UL
#define FONT__FREE 0x00000002UL
#define FONT__GETATTR 0x00000004UL
#define FONT__USE 0x00000008UL
#define COLORMAP__CREATE 0x00000001UL
#define COLORMAP__FREE 0x00000002UL
#define COLORMAP__INSTALL 0x00000004UL
#define COLORMAP__UNINSTALL 0x00000008UL
#define COLORMAP__LIST 0x00000010UL
#define COLORMAP__READ 0x00000020UL
#define COLORMAP__STORE 0x00000040UL
#define COLORMAP__GETATTR 0x00000080UL
#define COLORMAP__SETATTR 0x00000100UL
#define PROPERTY__CREATE 0x00000001UL
#define PROPERTY__FREE 0x00000002UL
#define PROPERTY__READ 0x00000004UL
#define PROPERTY__WRITE 0x00000008UL
#define CURSOR__CREATE 0x00000001UL
#define CURSOR__CREATEGLYPH 0x00000002UL
#define CURSOR__FREE 0x00000004UL
#define CURSOR__ASSIGN 0x00000008UL
#define CURSOR__SETATTR 0x00000010UL
#define XCLIENT__KILL 0x00000001UL
#define XINPUT__LOOKUP 0x00000001UL
#define XINPUT__GETATTR 0x00000002UL
#define XINPUT__SETATTR 0x00000004UL
#define XINPUT__SETFOCUS 0x00000008UL
#define XINPUT__WARPPOINTER 0x00000010UL
#define XINPUT__ACTIVEGRAB 0x00000020UL
#define XINPUT__PASSIVEGRAB 0x00000040UL
#define XINPUT__UNGRAB 0x00000080UL
#define XINPUT__BELL 0x00000100UL
#define XINPUT__MOUSEMOTION 0x00000200UL
#define XINPUT__RELABELINPUT 0x00000400UL
#define XSERVER__SCREENSAVER 0x00000001UL
#define XSERVER__GETHOSTLIST 0x00000002UL
#define XSERVER__SETHOSTLIST 0x00000004UL
#define XSERVER__GETFONTPATH 0x00000008UL
#define XSERVER__SETFONTPATH 0x00000010UL
#define XSERVER__GETATTR 0x00000020UL
#define XSERVER__GRAB 0x00000040UL
#define XSERVER__UNGRAB 0x00000080UL
#define XEXTENSION__QUERY 0x00000001UL
#define XEXTENSION__USE 0x00000002UL
#define PAX__PAGEEXEC 0x00000001UL
#define PAX__EMUTRAMP 0x00000002UL
#define PAX__MPROTECT 0x00000004UL
#define PAX__RANDMMAP 0x00000008UL
#define PAX__RANDEXEC 0x00000010UL
#define PAX__SEGMEXEC 0x00000020UL
#define NETLINK_ROUTE_SOCKET__IOCTL 0x00000001UL
#define NETLINK_ROUTE_SOCKET__READ 0x00000002UL
#define NETLINK_ROUTE_SOCKET__WRITE 0x00000004UL
#define NETLINK_ROUTE_SOCKET__CREATE 0x00000008UL
#define NETLINK_ROUTE_SOCKET__GETATTR 0x00000010UL
#define NETLINK_ROUTE_SOCKET__SETATTR 0x00000020UL
#define NETLINK_ROUTE_SOCKET__LOCK 0x00000040UL
#define NETLINK_ROUTE_SOCKET__RELABELFROM 0x00000080UL
#define NETLINK_ROUTE_SOCKET__RELABELTO 0x00000100UL
#define NETLINK_ROUTE_SOCKET__APPEND 0x00000200UL
#define NETLINK_ROUTE_SOCKET__BIND 0x00000400UL
#define NETLINK_ROUTE_SOCKET__CONNECT 0x00000800UL
#define NETLINK_ROUTE_SOCKET__LISTEN 0x00001000UL
#define NETLINK_ROUTE_SOCKET__ACCEPT 0x00002000UL
#define NETLINK_ROUTE_SOCKET__GETOPT 0x00004000UL
#define NETLINK_ROUTE_SOCKET__SETOPT 0x00008000UL
#define NETLINK_ROUTE_SOCKET__SHUTDOWN 0x00010000UL
#define NETLINK_ROUTE_SOCKET__RECVFROM 0x00020000UL
#define NETLINK_ROUTE_SOCKET__SENDTO 0x00040000UL
#define NETLINK_ROUTE_SOCKET__RECV_MSG 0x00080000UL
#define NETLINK_ROUTE_SOCKET__SEND_MSG 0x00100000UL
#define NETLINK_ROUTE_SOCKET__NAME_BIND 0x00200000UL
#define NETLINK_ROUTE_SOCKET__NLMSG_READ 0x00400000UL
#define NETLINK_ROUTE_SOCKET__NLMSG_WRITE 0x00800000UL
#define NETLINK_FIREWALL_SOCKET__IOCTL 0x00000001UL
#define NETLINK_FIREWALL_SOCKET__READ 0x00000002UL
#define NETLINK_FIREWALL_SOCKET__WRITE 0x00000004UL
#define NETLINK_FIREWALL_SOCKET__CREATE 0x00000008UL
#define NETLINK_FIREWALL_SOCKET__GETATTR 0x00000010UL
#define NETLINK_FIREWALL_SOCKET__SETATTR 0x00000020UL
#define NETLINK_FIREWALL_SOCKET__LOCK 0x00000040UL
#define NETLINK_FIREWALL_SOCKET__RELABELFROM 0x00000080UL
#define NETLINK_FIREWALL_SOCKET__RELABELTO 0x00000100UL
#define NETLINK_FIREWALL_SOCKET__APPEND 0x00000200UL
#define NETLINK_FIREWALL_SOCKET__BIND 0x00000400UL
#define NETLINK_FIREWALL_SOCKET__CONNECT 0x00000800UL
#define NETLINK_FIREWALL_SOCKET__LISTEN 0x00001000UL
#define NETLINK_FIREWALL_SOCKET__ACCEPT 0x00002000UL
#define NETLINK_FIREWALL_SOCKET__GETOPT 0x00004000UL
#define NETLINK_FIREWALL_SOCKET__SETOPT 0x00008000UL
#define NETLINK_FIREWALL_SOCKET__SHUTDOWN 0x00010000UL
#define NETLINK_FIREWALL_SOCKET__RECVFROM 0x00020000UL
#define NETLINK_FIREWALL_SOCKET__SENDTO 0x00040000UL
#define NETLINK_FIREWALL_SOCKET__RECV_MSG 0x00080000UL
#define NETLINK_FIREWALL_SOCKET__SEND_MSG 0x00100000UL
#define NETLINK_FIREWALL_SOCKET__NAME_BIND 0x00200000UL
#define NETLINK_FIREWALL_SOCKET__NLMSG_READ 0x00400000UL
#define NETLINK_FIREWALL_SOCKET__NLMSG_WRITE 0x00800000UL
#define NETLINK_TCPDIAG_SOCKET__IOCTL 0x00000001UL
#define NETLINK_TCPDIAG_SOCKET__READ 0x00000002UL
#define NETLINK_TCPDIAG_SOCKET__WRITE 0x00000004UL
#define NETLINK_TCPDIAG_SOCKET__CREATE 0x00000008UL
#define NETLINK_TCPDIAG_SOCKET__GETATTR 0x00000010UL
#define NETLINK_TCPDIAG_SOCKET__SETATTR 0x00000020UL
#define NETLINK_TCPDIAG_SOCKET__LOCK 0x00000040UL
#define NETLINK_TCPDIAG_SOCKET__RELABELFROM 0x00000080UL
#define NETLINK_TCPDIAG_SOCKET__RELABELTO 0x00000100UL
#define NETLINK_TCPDIAG_SOCKET__APPEND 0x00000200UL
#define NETLINK_TCPDIAG_SOCKET__BIND 0x00000400UL
#define NETLINK_TCPDIAG_SOCKET__CONNECT 0x00000800UL
#define NETLINK_TCPDIAG_SOCKET__LISTEN 0x00001000UL
#define NETLINK_TCPDIAG_SOCKET__ACCEPT 0x00002000UL
#define NETLINK_TCPDIAG_SOCKET__GETOPT 0x00004000UL
#define NETLINK_TCPDIAG_SOCKET__SETOPT 0x00008000UL
#define NETLINK_TCPDIAG_SOCKET__SHUTDOWN 0x00010000UL
#define NETLINK_TCPDIAG_SOCKET__RECVFROM 0x00020000UL
#define NETLINK_TCPDIAG_SOCKET__SENDTO 0x00040000UL
#define NETLINK_TCPDIAG_SOCKET__RECV_MSG 0x00080000UL
#define NETLINK_TCPDIAG_SOCKET__SEND_MSG 0x00100000UL
#define NETLINK_TCPDIAG_SOCKET__NAME_BIND 0x00200000UL
#define NETLINK_TCPDIAG_SOCKET__NLMSG_READ 0x00400000UL
#define NETLINK_TCPDIAG_SOCKET__NLMSG_WRITE 0x00800000UL
#define NETLINK_NFLOG_SOCKET__IOCTL 0x00000001UL
#define NETLINK_NFLOG_SOCKET__READ 0x00000002UL
#define NETLINK_NFLOG_SOCKET__WRITE 0x00000004UL
#define NETLINK_NFLOG_SOCKET__CREATE 0x00000008UL
#define NETLINK_NFLOG_SOCKET__GETATTR 0x00000010UL
#define NETLINK_NFLOG_SOCKET__SETATTR 0x00000020UL
#define NETLINK_NFLOG_SOCKET__LOCK 0x00000040UL
#define NETLINK_NFLOG_SOCKET__RELABELFROM 0x00000080UL
#define NETLINK_NFLOG_SOCKET__RELABELTO 0x00000100UL
#define NETLINK_NFLOG_SOCKET__APPEND 0x00000200UL
#define NETLINK_NFLOG_SOCKET__BIND 0x00000400UL
#define NETLINK_NFLOG_SOCKET__CONNECT 0x00000800UL
#define NETLINK_NFLOG_SOCKET__LISTEN 0x00001000UL
#define NETLINK_NFLOG_SOCKET__ACCEPT 0x00002000UL
#define NETLINK_NFLOG_SOCKET__GETOPT 0x00004000UL
#define NETLINK_NFLOG_SOCKET__SETOPT 0x00008000UL
#define NETLINK_NFLOG_SOCKET__SHUTDOWN 0x00010000UL
#define NETLINK_NFLOG_SOCKET__RECVFROM 0x00020000UL
#define NETLINK_NFLOG_SOCKET__SENDTO 0x00040000UL
#define NETLINK_NFLOG_SOCKET__RECV_MSG 0x00080000UL
#define NETLINK_NFLOG_SOCKET__SEND_MSG 0x00100000UL
#define NETLINK_NFLOG_SOCKET__NAME_BIND 0x00200000UL
#define NETLINK_XFRM_SOCKET__IOCTL 0x00000001UL
#define NETLINK_XFRM_SOCKET__READ 0x00000002UL
#define NETLINK_XFRM_SOCKET__WRITE 0x00000004UL
#define NETLINK_XFRM_SOCKET__CREATE 0x00000008UL
#define NETLINK_XFRM_SOCKET__GETATTR 0x00000010UL
#define NETLINK_XFRM_SOCKET__SETATTR 0x00000020UL
#define NETLINK_XFRM_SOCKET__LOCK 0x00000040UL
#define NETLINK_XFRM_SOCKET__RELABELFROM 0x00000080UL
#define NETLINK_XFRM_SOCKET__RELABELTO 0x00000100UL
#define NETLINK_XFRM_SOCKET__APPEND 0x00000200UL
#define NETLINK_XFRM_SOCKET__BIND 0x00000400UL
#define NETLINK_XFRM_SOCKET__CONNECT 0x00000800UL
#define NETLINK_XFRM_SOCKET__LISTEN 0x00001000UL
#define NETLINK_XFRM_SOCKET__ACCEPT 0x00002000UL
#define NETLINK_XFRM_SOCKET__GETOPT 0x00004000UL
#define NETLINK_XFRM_SOCKET__SETOPT 0x00008000UL
#define NETLINK_XFRM_SOCKET__SHUTDOWN 0x00010000UL
#define NETLINK_XFRM_SOCKET__RECVFROM 0x00020000UL
#define NETLINK_XFRM_SOCKET__SENDTO 0x00040000UL
#define NETLINK_XFRM_SOCKET__RECV_MSG 0x00080000UL
#define NETLINK_XFRM_SOCKET__SEND_MSG 0x00100000UL
#define NETLINK_XFRM_SOCKET__NAME_BIND 0x00200000UL
#define NETLINK_XFRM_SOCKET__NLMSG_READ 0x00400000UL
#define NETLINK_XFRM_SOCKET__NLMSG_WRITE 0x00800000UL
#define NETLINK_SELINUX_SOCKET__IOCTL 0x00000001UL
#define NETLINK_SELINUX_SOCKET__READ 0x00000002UL
#define NETLINK_SELINUX_SOCKET__WRITE 0x00000004UL
#define NETLINK_SELINUX_SOCKET__CREATE 0x00000008UL
#define NETLINK_SELINUX_SOCKET__GETATTR 0x00000010UL
#define NETLINK_SELINUX_SOCKET__SETATTR 0x00000020UL
#define NETLINK_SELINUX_SOCKET__LOCK 0x00000040UL
#define NETLINK_SELINUX_SOCKET__RELABELFROM 0x00000080UL
#define NETLINK_SELINUX_SOCKET__RELABELTO 0x00000100UL
#define NETLINK_SELINUX_SOCKET__APPEND 0x00000200UL
#define NETLINK_SELINUX_SOCKET__BIND 0x00000400UL
#define NETLINK_SELINUX_SOCKET__CONNECT 0x00000800UL
#define NETLINK_SELINUX_SOCKET__LISTEN 0x00001000UL
#define NETLINK_SELINUX_SOCKET__ACCEPT 0x00002000UL
#define NETLINK_SELINUX_SOCKET__GETOPT 0x00004000UL
#define NETLINK_SELINUX_SOCKET__SETOPT 0x00008000UL
#define NETLINK_SELINUX_SOCKET__SHUTDOWN 0x00010000UL
#define NETLINK_SELINUX_SOCKET__RECVFROM 0x00020000UL
#define NETLINK_SELINUX_SOCKET__SENDTO 0x00040000UL
#define NETLINK_SELINUX_SOCKET__RECV_MSG 0x00080000UL
#define NETLINK_SELINUX_SOCKET__SEND_MSG 0x00100000UL
#define NETLINK_SELINUX_SOCKET__NAME_BIND 0x00200000UL
#define NETLINK_AUDIT_SOCKET__IOCTL 0x00000001UL
#define NETLINK_AUDIT_SOCKET__READ 0x00000002UL
#define NETLINK_AUDIT_SOCKET__WRITE 0x00000004UL
#define NETLINK_AUDIT_SOCKET__CREATE 0x00000008UL
#define NETLINK_AUDIT_SOCKET__GETATTR 0x00000010UL
#define NETLINK_AUDIT_SOCKET__SETATTR 0x00000020UL
#define NETLINK_AUDIT_SOCKET__LOCK 0x00000040UL
#define NETLINK_AUDIT_SOCKET__RELABELFROM 0x00000080UL
#define NETLINK_AUDIT_SOCKET__RELABELTO 0x00000100UL
#define NETLINK_AUDIT_SOCKET__APPEND 0x00000200UL
#define NETLINK_AUDIT_SOCKET__BIND 0x00000400UL
#define NETLINK_AUDIT_SOCKET__CONNECT 0x00000800UL
#define NETLINK_AUDIT_SOCKET__LISTEN 0x00001000UL
#define NETLINK_AUDIT_SOCKET__ACCEPT 0x00002000UL
#define NETLINK_AUDIT_SOCKET__GETOPT 0x00004000UL
#define NETLINK_AUDIT_SOCKET__SETOPT 0x00008000UL
#define NETLINK_AUDIT_SOCKET__SHUTDOWN 0x00010000UL
#define NETLINK_AUDIT_SOCKET__RECVFROM 0x00020000UL
#define NETLINK_AUDIT_SOCKET__SENDTO 0x00040000UL
#define NETLINK_AUDIT_SOCKET__RECV_MSG 0x00080000UL
#define NETLINK_AUDIT_SOCKET__SEND_MSG 0x00100000UL
#define NETLINK_AUDIT_SOCKET__NAME_BIND 0x00200000UL
#define NETLINK_AUDIT_SOCKET__NLMSG_READ 0x00400000UL
#define NETLINK_AUDIT_SOCKET__NLMSG_WRITE 0x00800000UL
#define NETLINK_IP6FW_SOCKET__IOCTL 0x00000001UL
#define NETLINK_IP6FW_SOCKET__READ 0x00000002UL
#define NETLINK_IP6FW_SOCKET__WRITE 0x00000004UL
#define NETLINK_IP6FW_SOCKET__CREATE 0x00000008UL
#define NETLINK_IP6FW_SOCKET__GETATTR 0x00000010UL
#define NETLINK_IP6FW_SOCKET__SETATTR 0x00000020UL
#define NETLINK_IP6FW_SOCKET__LOCK 0x00000040UL
#define NETLINK_IP6FW_SOCKET__RELABELFROM 0x00000080UL
#define NETLINK_IP6FW_SOCKET__RELABELTO 0x00000100UL
#define NETLINK_IP6FW_SOCKET__APPEND 0x00000200UL
#define NETLINK_IP6FW_SOCKET__BIND 0x00000400UL
#define NETLINK_IP6FW_SOCKET__CONNECT 0x00000800UL
#define NETLINK_IP6FW_SOCKET__LISTEN 0x00001000UL
#define NETLINK_IP6FW_SOCKET__ACCEPT 0x00002000UL
#define NETLINK_IP6FW_SOCKET__GETOPT 0x00004000UL
#define NETLINK_IP6FW_SOCKET__SETOPT 0x00008000UL
#define NETLINK_IP6FW_SOCKET__SHUTDOWN 0x00010000UL
#define NETLINK_IP6FW_SOCKET__RECVFROM 0x00020000UL
#define NETLINK_IP6FW_SOCKET__SENDTO 0x00040000UL
#define NETLINK_IP6FW_SOCKET__RECV_MSG 0x00080000UL
#define NETLINK_IP6FW_SOCKET__SEND_MSG 0x00100000UL
#define NETLINK_IP6FW_SOCKET__NAME_BIND 0x00200000UL
#define NETLINK_IP6FW_SOCKET__NLMSG_READ 0x00400000UL
#define NETLINK_IP6FW_SOCKET__NLMSG_WRITE 0x00800000UL
#define NETLINK_DNRT_SOCKET__IOCTL 0x00000001UL
#define NETLINK_DNRT_SOCKET__READ 0x00000002UL
#define NETLINK_DNRT_SOCKET__WRITE 0x00000004UL
#define NETLINK_DNRT_SOCKET__CREATE 0x00000008UL
#define NETLINK_DNRT_SOCKET__GETATTR 0x00000010UL
#define NETLINK_DNRT_SOCKET__SETATTR 0x00000020UL
#define NETLINK_DNRT_SOCKET__LOCK 0x00000040UL
#define NETLINK_DNRT_SOCKET__RELABELFROM 0x00000080UL
#define NETLINK_DNRT_SOCKET__RELABELTO 0x00000100UL
#define NETLINK_DNRT_SOCKET__APPEND 0x00000200UL
#define NETLINK_DNRT_SOCKET__BIND 0x00000400UL
#define NETLINK_DNRT_SOCKET__CONNECT 0x00000800UL
#define NETLINK_DNRT_SOCKET__LISTEN 0x00001000UL
#define NETLINK_DNRT_SOCKET__ACCEPT 0x00002000UL
#define NETLINK_DNRT_SOCKET__GETOPT 0x00004000UL
#define NETLINK_DNRT_SOCKET__SETOPT 0x00008000UL
#define NETLINK_DNRT_SOCKET__SHUTDOWN 0x00010000UL
#define NETLINK_DNRT_SOCKET__RECVFROM 0x00020000UL
#define NETLINK_DNRT_SOCKET__SENDTO 0x00040000UL
#define NETLINK_DNRT_SOCKET__RECV_MSG 0x00080000UL
#define NETLINK_DNRT_SOCKET__SEND_MSG 0x00100000UL
#define NETLINK_DNRT_SOCKET__NAME_BIND 0x00200000UL
#define DBUS__ACQUIRE_SVC 0x00000001UL
#define DBUS__SEND_MSG 0x00000002UL
#define NSCD__GETPWD 0x00000001UL
#define NSCD__GETGRP 0x00000002UL
#define NSCD__GETHOST 0x00000004UL
#define NSCD__GETSTAT 0x00000008UL
#define NSCD__ADMIN 0x00000010UL
#define NSCD__SHMEMPWD 0x00000020UL
#define NSCD__SHMEMGRP 0x00000040UL
#define NSCD__SHMEMHOST 0x00000080UL
#define ASSOCIATION__SENDTO 0x00000001UL
#define ASSOCIATION__RECVFROM 0x00000002UL

373
libselinux/include/selinux/avc.h Normal file
View File

@ -0,0 +1,373 @@
/*
* Access vector cache interface for object managers.
*
* Author : Eamon Walsh <ewalsh@epoch.ncsc.mil>
*/
#ifndef _SELINUX_AVC_H_
#define _SELINUX_AVC_H_
#include <sys/types.h>
#include <errno.h>
#include <stdlib.h>
#include <selinux/selinux.h>
#ifdef __cplusplus
extern "C"
{
#endif
/*
* SID format and operations
*/
struct security_id {
security_context_t ctx;
unsigned int refcnt;
};
typedef struct security_id *security_id_t;
#define SECSID_WILD (security_id_t)NULL /* unspecified SID */
/**
* avc_sid_to_context - get copy of context corresponding to SID.
* @sid: input SID
* @ctx: pointer to context reference
*
* Return a copy of the security context corresponding to the input
* @sid in the memory referenced by @ctx. The caller is expected to
* free the context with freecon(). Return %0 on success, -%1 on
* failure, with @errno set to %ENOMEM if insufficient memory was
* available to make the copy, or %EINVAL if the input SID is invalid.
*/
int avc_sid_to_context(security_id_t sid, security_context_t *ctx);
/**
* avc_context_to_sid - get SID for context.
* @ctx: input security context
* @sid: pointer to SID reference
*
* Look up security context @ctx in SID table, making
* a new entry if @ctx is not found. Increment the
* reference counter for the SID. Store a pointer
* to the SID structure into the memory referenced by @sid,
* returning %0 on success or -%1 on error with @errno set.
*/
int avc_context_to_sid(security_context_t ctx, security_id_t *sid);
/**
* sidget - increment SID reference counter.
* @sid: SID reference
*
* Increment the reference counter for @sid, indicating that
* @sid is in use by an (additional) object. Return the
* new reference count, or zero if @sid is invalid (has zero
* reference count). Note that avc_context_to_sid() also
* increments reference counts.
*/
int sidget(security_id_t sid);
/**
* sidput - decrement SID reference counter.
* @sid: SID reference
*
* Decrement the reference counter for @sid, indicating that
* a reference to @sid is no longer in use. Return the
* new reference count. When the reference count reaches
* zero, the SID is invalid, and avc_context_to_sid() must
* be called to obtain a new SID for the security context.
*/
int sidput(security_id_t sid);
/*
* AVC entry
*/
struct avc_entry;
struct avc_entry_ref {
struct avc_entry *ae;
};
/**
* avc_entry_ref_init - initialize an AVC entry reference.
* @aeref: pointer to avc entry reference structure
*
* Use this macro to initialize an avc entry reference structure
* before first use. These structures are passed to avc_has_perm(),
* which stores cache entry references in them. They can increase
* performance on repeated queries.
*/
#define avc_entry_ref_init(aeref) ((aeref)->ae = NULL)
/*
* User-provided callbacks for memory, auditing, and locking
*/
/* These structures are passed by reference to avc_init(). Passing
* a NULL reference will cause the AVC to use a default. The default
* memory callbacks are malloc() and free(). The default logging method
* is to print on stderr. If no thread callbacks are passed, a separate
* listening thread won't be started for kernel policy change messages.
* If no locking callbacks are passed, no locking will take place.
*/
struct avc_memory_callback {
/* malloc() equivalent. */
void *(*func_malloc)(size_t size);
/* free() equivalent. */
void (*func_free) (void *ptr);
/* Note that these functions should set errno on failure.
If not, some avc routines may return -1 without errno set. */
};
struct avc_log_callback {
/* log the printf-style format and arguments. */
void (*func_log)(const char *fmt, ...);
/* store a string representation of auditdata (corresponding
to the given security class) into msgbuf. */
void (*func_audit)(void *auditdata, security_class_t class,
char *msgbuf, size_t msgbufsize);
};
struct avc_thread_callback {
/* create and start a thread, returning an opaque pointer to it;
the thread should run the given function. */
void *(*func_create_thread)(void (*run)(void));
/* cancel a given thread and free its resources. */
void (*func_stop_thread)(void *thread);
};
struct avc_lock_callback {
/* create a lock and return an opaque pointer to it. */
void *(*func_alloc_lock)(void);
/* obtain a given lock, blocking if necessary. */
void (*func_get_lock)(void *lock);
/* release a given lock. */
void (*func_release_lock)(void *lock);
/* destroy a given lock (free memory, etc.) */
void (*func_free_lock)(void *lock);
};
/*
* AVC operations
*/
/**
* avc_init - Initialize the AVC.
* @msgprefix: prefix for log messages
* @mem_callbacks: user-supplied memory callbacks
* @log_callbacks: user-supplied logging callbacks
* @thread_callbacks: user-supplied threading callbacks
* @lock_callbacks: user-supplied locking callbacks
*
* Initialize the access vector cache. Return %0 on
* success or -%1 with @errno set on failure.
* If @msgprefix is NULL, use "uavc". If any callback
* structure references are NULL, use default methods
* for those callbacks (see the definition of the callback
* structures above).
*/
int avc_init(const char *msgprefix,
const struct avc_memory_callback *mem_callbacks,
const struct avc_log_callback *log_callbacks,
const struct avc_thread_callback *thread_callbacks,
const struct avc_lock_callback *lock_callbacks);
/**
* avc_cleanup - Remove unused SIDs and AVC entries.
*
* Search the SID table for SID structures with zero
* reference counts, and remove them along with all
* AVC entries that reference them. This can be used
* to return memory to the system.
*/
void avc_cleanup(void);
/**
* avc_reset - Flush the cache and reset statistics.
*
* Remove all entries from the cache and reset all access
* statistics (as returned by avc_cache_stats()) to zero.
* The SID mapping is not affected. Return %0 on success,
* -%1 with @errno set on error.
*/
int avc_reset(void);
/**
* avc_destroy - Free all AVC structures.
*
* Destroy all AVC structures and free all allocated
* memory. User-supplied locking, memory, and audit
* callbacks will be retained, but security-event
* callbacks will not. All SID's will be invalidated.
* User must call avc_init() if further use of AVC is desired.
*/
void avc_destroy(void);
/**
* avc_has_perm_noaudit - Check permissions but perform no auditing.
* @ssid: source security identifier
* @tsid: target security identifier
* @tclass: target security class
* @requested: requested permissions, interpreted based on @tclass
* @aeref: AVC entry reference
* @avd: access vector decisions
*
* Check the AVC to determine whether the @requested permissions are granted
* for the SID pair (@ssid, @tsid), interpreting the permissions
* based on @tclass, and call the security server on a cache miss to obtain
* a new decision and add it to the cache. Update @aeref to refer to an AVC
* entry with the resulting decisions, and return a copy of the decisions
* in @avd. Return %0 if all @requested permissions are granted, -%1 with
* @errno set to %EACCES if any permissions are denied, or to another value
* upon other errors. This function is typically called by avc_has_perm(),
* but may also be called directly to separate permission checking from
* auditing, e.g. in cases where a lock must be held for the check but
* should be released for the auditing.
*/
int avc_has_perm_noaudit(security_id_t ssid,
security_id_t tsid,
security_class_t tclass,
access_vector_t requested,
struct avc_entry_ref *aeref,
struct av_decision *avd);
/**
* avc_has_perm - Check permissions and perform any appropriate auditing.
* @ssid: source security identifier
* @tsid: target security identifier
* @tclass: target security class
* @requested: requested permissions, interpreted based on @tclass
* @aeref: AVC entry reference
* @auditdata: auxiliary audit data
*
* Check the AVC to determine whether the @requested permissions are granted
* for the SID pair (@ssid, @tsid), interpreting the permissions
* based on @tclass, and call the security server on a cache miss to obtain
* a new decision and add it to the cache. Update @aeref to refer to an AVC
* entry with the resulting decisions. Audit the granting or denial of
* permissions in accordance with the policy. Return %0 if all @requested
* permissions are granted, -%1 with @errno set to %EACCES if any permissions
* are denied or to another value upon other errors.
*/
int avc_has_perm(security_id_t ssid, security_id_t tsid,
security_class_t tclass, access_vector_t requested,
struct avc_entry_ref *aeref, void *auditdata);
/**
* avc_audit - Audit the granting or denial of permissions.
* @ssid: source security identifier
* @tsid: target security identifier
* @tclass: target security class
* @requested: requested permissions
* @avd: access vector decisions
* @result: result from avc_has_perm_noaudit
* @auditdata: auxiliary audit data
*
* Audit the granting or denial of permissions in accordance
* with the policy. This function is typically called by
* avc_has_perm() after a permission check, but can also be
* called directly by callers who use avc_has_perm_noaudit()
* in order to separate the permission check from the auditing.
* For example, this separation is useful when the permission check must
* be performed under a lock, to allow the lock to be released
* before calling the auditing code.
*/
void avc_audit(security_id_t ssid, security_id_t tsid,
security_class_t tclass, access_vector_t requested,
struct av_decision *avd, int result, void *auditdata);
/*
* security event callback facility
*/
/* security events */
#define AVC_CALLBACK_GRANT 1
#define AVC_CALLBACK_TRY_REVOKE 2
#define AVC_CALLBACK_REVOKE 4
#define AVC_CALLBACK_RESET 8
#define AVC_CALLBACK_AUDITALLOW_ENABLE 16
#define AVC_CALLBACK_AUDITALLOW_DISABLE 32
#define AVC_CALLBACK_AUDITDENY_ENABLE 64
#define AVC_CALLBACK_AUDITDENY_DISABLE 128
/**
* avc_add_callback - Register a callback for security events.
* @callback: callback function
* @events: bitwise OR of desired security events
* @ssid: source security identifier or %SECSID_WILD
* @tsid: target security identifier or %SECSID_WILD
* @tclass: target security class
* @perms: permissions
*
* Register a callback function for events in the set @events
* related to the SID pair (@ssid, @tsid) and
* and the permissions @perms, interpreting
* @perms based on @tclass. Returns %0 on success or
* -%1 if insufficient memory exists to add the callback.
*/
int avc_add_callback(int (*callback)(u_int32_t event, security_id_t ssid,
security_id_t tsid,
security_class_t tclass,
access_vector_t perms,
access_vector_t *out_retained),
u_int32_t events, security_id_t ssid,
security_id_t tsid,
security_class_t tclass, access_vector_t perms);
/*
* AVC statistics
*/
/* If set, cache statistics are tracked. This may
* become a compile-time option in the future.
*/
#define AVC_CACHE_STATS 1
struct avc_cache_stats {
unsigned entry_lookups;
unsigned entry_hits;
unsigned entry_misses;
unsigned entry_discards;
unsigned cav_lookups;
unsigned cav_hits;
unsigned cav_probes;
unsigned cav_misses;
};
/**
* avc_cache_stats - get cache access statistics.
* @stats: reference to statistics structure
*
* Fill the supplied structure with information about AVC
* activity since the last call to avc_init() or
* avc_reset(). See the structure definition for
* details.
*/
void avc_cache_stats(struct avc_cache_stats *stats);
/**
* avc_av_stats - log av table statistics.
*
* Log a message with information about the size and
* distribution of the access vector table. The audit
* callback is used to print the message.
*/
void avc_av_stats(void);
/**
* avc_sid_stats - log SID table statistics.
*
* Log a message with information about the size and
* distribution of the SID table. The audit callback
* is used to print the message.
*/
void avc_sid_stats(void);
#ifdef __cplusplus
}
#endif
#endif /* _SELINUX_AVC_H_ */

52
libselinux/include/selinux/context.h Normal file
View File

@ -0,0 +1,52 @@
#ifndef _SELINUX_CONTEXT_H_
#define _SELINUX_CONTEXT_H_
#ifdef __cplusplus
extern "C"
{
#endif
/*
* Functions to deal with security contexts in user space.
*/
typedef struct {
void * ptr;
} context_s_t;
typedef context_s_t *context_t;
/* Return a new context initialized to a context string */
extern context_t context_new(const char *);
/*
* Return a pointer to the string value of the context_t
* Valid until the next call to context_str or context_free
* for the same context_t*
*/
extern char* context_str(context_t);
/* Free the storage used by a context */
extern void context_free(context_t);
/* Get a pointer to the string value of a context component */
extern const char* context_type_get(context_t);
extern const char* context_range_get(context_t);
extern const char* context_role_get(context_t);
extern const char* context_user_get(context_t);
/* Set a context component. Returns nonzero if unsuccessful */
extern int context_type_set(context_t,const char*);
extern int context_range_set(context_t,const char*);
extern int context_role_set(context_t,const char*);
extern int context_user_set(context_t,const char*);
#ifdef __cplusplus
}
#endif
#endif

96
libselinux/include/selinux/flask.h Normal file
View File

@ -0,0 +1,96 @@
/* This file is automatically generated. Do not edit. */
#ifndef _SELINUX_FLASK_H_
#define _SELINUX_FLASK_H_
/*
* Security object class definitions
*/
#define SECCLASS_SECURITY 1
#define SECCLASS_PROCESS 2
#define SECCLASS_SYSTEM 3
#define SECCLASS_CAPABILITY 4
#define SECCLASS_FILESYSTEM 5
#define SECCLASS_FILE 6
#define SECCLASS_DIR 7
#define SECCLASS_FD 8
#define SECCLASS_LNK_FILE 9
#define SECCLASS_CHR_FILE 10
#define SECCLASS_BLK_FILE 11
#define SECCLASS_SOCK_FILE 12
#define SECCLASS_FIFO_FILE 13
#define SECCLASS_SOCKET 14
#define SECCLASS_TCP_SOCKET 15
#define SECCLASS_UDP_SOCKET 16
#define SECCLASS_RAWIP_SOCKET 17
#define SECCLASS_NODE 18
#define SECCLASS_NETIF 19
#define SECCLASS_NETLINK_SOCKET 20
#define SECCLASS_PACKET_SOCKET 21
#define SECCLASS_KEY_SOCKET 22
#define SECCLASS_UNIX_STREAM_SOCKET 23
#define SECCLASS_UNIX_DGRAM_SOCKET 24
#define SECCLASS_SEM 25
#define SECCLASS_MSG 26
#define SECCLASS_MSGQ 27
#define SECCLASS_SHM 28
#define SECCLASS_IPC 29
#define SECCLASS_PASSWD 30
#define SECCLASS_DRAWABLE 31
#define SECCLASS_WINDOW 32
#define SECCLASS_GC 33
#define SECCLASS_FONT 34
#define SECCLASS_COLORMAP 35
#define SECCLASS_PROPERTY 36
#define SECCLASS_CURSOR 37
#define SECCLASS_XCLIENT 38
#define SECCLASS_XINPUT 39
#define SECCLASS_XSERVER 40
#define SECCLASS_XEXTENSION 41
#define SECCLASS_PAX 42
#define SECCLASS_NETLINK_ROUTE_SOCKET 43
#define SECCLASS_NETLINK_FIREWALL_SOCKET 44
#define SECCLASS_NETLINK_TCPDIAG_SOCKET 45
#define SECCLASS_NETLINK_NFLOG_SOCKET 46
#define SECCLASS_NETLINK_XFRM_SOCKET 47
#define SECCLASS_NETLINK_SELINUX_SOCKET 48
#define SECCLASS_NETLINK_AUDIT_SOCKET 49
#define SECCLASS_NETLINK_IP6FW_SOCKET 50
#define SECCLASS_NETLINK_DNRT_SOCKET 51
#define SECCLASS_DBUS 52
#define SECCLASS_NSCD 53
#define SECCLASS_ASSOCIATION 54
/*
* Security identifier indices for initial entities
*/
#define SECINITSID_KERNEL 1
#define SECINITSID_SECURITY 2
#define SECINITSID_UNLABELED 3
#define SECINITSID_FS 4
#define SECINITSID_FILE 5
#define SECINITSID_FILE_LABELS 6
#define SECINITSID_INIT 7
#define SECINITSID_ANY_SOCKET 8
#define SECINITSID_PORT 9
#define SECINITSID_NETIF 10
#define SECINITSID_NETMSG 11
#define SECINITSID_NODE 12
#define SECINITSID_IGMP_PACKET 13
#define SECINITSID_ICMP_SOCKET 14
#define SECINITSID_TCP_SOCKET 15
#define SECINITSID_SYSCTL_MODPROBE 16
#define SECINITSID_SYSCTL 17
#define SECINITSID_SYSCTL_FS 18
#define SECINITSID_SYSCTL_KERNEL 19
#define SECINITSID_SYSCTL_NET 20
#define SECINITSID_SYSCTL_NET_UNIX 21
#define SECINITSID_SYSCTL_VM 22
#define SECINITSID_SYSCTL_DEV 23
#define SECINITSID_KMOD 24
#define SECINITSID_POLICY 25
#define SECINITSID_SCMP_PACKET 26
#define SECINITSID_DEVNULL 27
#define SECINITSID_NUM 27
#endif

75
libselinux/include/selinux/get_context_list.h Normal file
View File

@ -0,0 +1,75 @@
#ifndef _SELINUX_GET_SID_LIST_H_
#define _SELINUX_GET_SID_LIST_H_
#include <selinux/selinux.h>
#ifdef __cplusplus
extern "C"
{
#endif
#define SELINUX_DEFAULTUSER "user_u"
/* Get an ordered list of authorized security contexts for a user session
for 'user' spawned by 'fromcon' and set *conary to refer to the
NULL-terminated array of contexts. Every entry in the list will
be authorized by the policy, but the ordering is subject to user
customizable preferences. Returns number of entries in *conary.
If 'fromcon' is NULL, defaults to current context.
Caller must free via freeconary. */
extern int get_ordered_context_list(const char *user,
security_context_t fromcon,
security_context_t **list);
/* As above, but use the provided MLS level rather than the
default level for the user. */
int get_ordered_context_list_with_level (const char *user,
const char *level,
security_context_t fromcon,
security_context_t **list);
/* Get the default security context for a user session for 'user'
spawned by 'fromcon' and set *newcon to refer to it. The context
will be one of those authorized by the policy, but the selection
of a default is subject to user customizable preferences.
If 'fromcon' is NULL, defaults to current context.
Returns 0 on success or -1 otherwise.
Caller must free via freecon. */
extern int get_default_context(const char* user,
security_context_t fromcon,
security_context_t *newcon);
/* As above, but use the provided MLS level rather than the
default level for the user. */
int get_default_context_with_level(const char *user,
const char *level,
security_context_t fromcon,
security_context_t *newcon);
/* Same as get_default_context, but only return a context
that has the specified role. If no reachable context exists
for the user with that role, then return -1. */
int get_default_context_with_role(const char* user,
const char *role,
security_context_t fromcon,
security_context_t *newcon);
/* Given a list of authorized security contexts for the user,
query the user to select one and set *newcon to refer to it.
Caller must free via freecon.
Returns 0 on sucess or -1 otherwise. */
extern int query_user_context(security_context_t *list,
security_context_t *newcon);
/* Allow the user to manually enter a context as a fallback
if a list of authorized contexts could not be obtained.
Caller must free via freecon.
Returns 0 on success or -1 otherwise. */
extern int manual_user_enter_context(const char *user,
security_context_t *newcon);
#ifdef __cplusplus
}
#endif
#endif

25
libselinux/include/selinux/get_default_type.h Normal file
View File

@ -0,0 +1,25 @@
/* get_default_type.h - contains header information and function prototypes
* for functions to get the default type for a role
*/
#ifndef _SELINUX_GET_DEFAULT_TYPE_H_
#define _SELINUX_GET_DEFAULT_TYPE_H_
#ifdef __cplusplus
extern "C"
{
#endif
/* Return path to default type file. */
const char *selinux_default_type_path(void);
/* Get the default type (domain) for 'role' and set 'type' to refer to it.
Caller must free via free().
Return 0 on success or -1 otherwise. */
int get_default_type (const char* role, char** type);
#ifdef __cplusplus
}
#endif
#endif /* ifndef _GET_DEFAULT_TYPE_H_ */

403
libselinux/include/selinux/selinux.h Normal file
View File

@ -0,0 +1,403 @@
#ifndef _SELINUX_H_
#define _SELINUX_H_
#include <sys/types.h>
#include <stdarg.h>
#ifdef __cplusplus
extern "C"
{
#endif
/* Return 1 if we are running on a SELinux kernel, or 0 if not or -1 if we get an error. */
extern int is_selinux_enabled(void);
/* Return 1 if we are running on a SELinux MLS kernel, or 0 otherwise. */
extern int is_selinux_mls_enabled(void);
typedef char* security_context_t;
/* Free the memory allocated for a context by any of the below get* calls. */
extern void freecon(security_context_t con);
/* Free the memory allocated for a context array by security_compute_user. */
extern void freeconary(security_context_t *con);
/* Wrappers for the /proc/pid/attr API. */
/* Get current context, and set *con to refer to it.
Caller must free via freecon. */
extern int getcon(security_context_t *con);
extern int getcon_raw(security_context_t *con);
/* Set the current security context to con.
Note that use of this function requires that the entire application
be trusted to maintain any desired separation between the old and new
security contexts, unlike exec-based transitions performed via setexeccon.
When possible, decompose your application and use setexeccon()+execve()
instead. Note that the application may lose access to its open descriptors
as a result of a setcon() unless policy allows it to use descriptors opened
by the old context. */
extern int setcon(security_context_t con);
extern int setcon_raw(security_context_t con);
/* Get context of process identified by pid, and
set *con to refer to it. Caller must free via freecon. */
extern int getpidcon(pid_t pid, security_context_t *con);
extern int getpidcon_raw(pid_t pid, security_context_t *con);
/* Get previous context (prior to last exec), and set *con to refer to it.
Caller must free via freecon. */
extern int getprevcon(security_context_t *con);
extern int getprevcon_raw(security_context_t *con);
/* Get exec context, and set *con to refer to it.
Sets *con to NULL if no exec context has been set, i.e. using default.
If non-NULL, caller must free via freecon. */
extern int getexeccon(security_context_t *con);
extern int getexeccon_raw(security_context_t *con);
/* Set exec security context for the next execve.
Call with NULL if you want to reset to the default. */
extern int setexeccon(security_context_t con);
extern int setexeccon_raw(security_context_t con);
/* Get fscreate context, and set *con to refer to it.
Sets *con to NULL if no fs create context has been set, i.e. using default.
If non-NULL, caller must free via freecon. */
extern int getfscreatecon(security_context_t *con);
extern int getfscreatecon_raw(security_context_t *con);
/* Set the fscreate security context for subsequent file creations.
Call with NULL if you want to reset to the default. */
extern int setfscreatecon(security_context_t context);
extern int setfscreatecon_raw(security_context_t context);
/* Wrappers for the xattr API. */
/* Get file context, and set *con to refer to it.
Caller must free via freecon. */
extern int getfilecon(const char *path, security_context_t *con);
extern int getfilecon_raw(const char *path, security_context_t *con);
extern int lgetfilecon(const char *path, security_context_t *con);
extern int lgetfilecon_raw(const char *path, security_context_t *con);
extern int fgetfilecon(int fd, security_context_t *con);
extern int fgetfilecon_raw(int fd, security_context_t *con);
/* Set file context */
extern int setfilecon(const char *path, security_context_t con);
extern int setfilecon_raw(const char *path, security_context_t con);
extern int lsetfilecon(const char *path, security_context_t con);
extern int lsetfilecon_raw(const char *path, security_context_t con);
extern int fsetfilecon(int fd, security_context_t con);
extern int fsetfilecon_raw(int fd, security_context_t con);
/* Wrappers for the socket API */
/* Get context of peer socket, and set *con to refer to it.
Caller must free via freecon. */
extern int getpeercon(int fd, security_context_t *con);
extern int getpeercon_raw(int fd, security_context_t *con);
/* Wrappers for the selinuxfs (policy) API. */
typedef unsigned int access_vector_t;
typedef unsigned short security_class_t;
struct av_decision {
access_vector_t allowed;
access_vector_t decided;
access_vector_t auditallow;
access_vector_t auditdeny;
unsigned int seqno;
};
/* Compute an access decision. */
extern int security_compute_av(security_context_t scon,
security_context_t tcon,
security_class_t tclass,
access_vector_t requested,
struct av_decision *avd);
extern int security_compute_av_raw(security_context_t scon,
security_context_t tcon,
security_class_t tclass,
access_vector_t requested,
struct av_decision *avd);
/* Compute a labeling decision and set *newcon to refer to it.
Caller must free via freecon. */
extern int security_compute_create(security_context_t scon,
security_context_t tcon,
security_class_t tclass,
security_context_t *newcon);
extern int security_compute_create_raw(security_context_t scon,
security_context_t tcon,
security_class_t tclass,
security_context_t *newcon);
/* Compute a relabeling decision and set *newcon to refer to it.
Caller must free via freecon. */
extern int security_compute_relabel(security_context_t scon,
security_context_t tcon,
security_class_t tclass,
security_context_t *newcon);
extern int security_compute_relabel_raw(security_context_t scon,
security_context_t tcon,
security_class_t tclass,
security_context_t *newcon);
/* Compute a polyinstantiation member decision and set *newcon to refer to it.
Caller must free via freecon. */
extern int security_compute_member(security_context_t scon,
security_context_t tcon,
security_class_t tclass,
security_context_t *newcon);
extern int security_compute_member_raw(security_context_t scon,
security_context_t tcon,
security_class_t tclass,
security_context_t *newcon);
/* Compute the set of reachable user contexts and set *con to refer to
the NULL-terminated array of contexts. Caller must free via freeconary. */
extern int security_compute_user(security_context_t scon,
const char *username,
security_context_t **con);
extern int security_compute_user_raw(security_context_t scon,
const char *username,
security_context_t **con);
/* Load a policy configuration. */
extern int security_load_policy(void *data, size_t len);
/*
* Make a policy image and load it.
* This function provides a higher level interface for loading policy
* than security_load_policy, internally determining the right policy
* version, locating and opening the policy file, mapping it into memory,
* manipulating it as needed for current boolean settings and/or local
* definitions, and then calling security_load_policy to load it.
*
* 'preservebools' is a boolean flag indicating whether current
* policy boolean values should be preserved into the new policy (if 1)
* or reset to the saved policy settings (if 0). The former case is the
* default for policy reloads, while the latter case is an option for policy
* reloads but is primarily for the initial policy load.
*/
extern int selinux_mkload_policy(int preservebools);
/*
* Perform the initial policy load.
* This function determines the desired enforcing mode, sets the
* the *enforce argument accordingly for the caller to use, sets the
* SELinux kernel enforcing status to match it, and loads the policy.
* It also internally handles the initial selinuxfs mount required to
* perform these actions.
*
* The function returns 0 if everything including the policy load succeeds.
* In this case, init is expected to re-exec itself in order to transition
* to the proper security context.
* Otherwise, the function returns -1, and init must check *enforce to
* determine how to proceed. If enforcing (*enforce > 0), then init should
* halt the system. Otherwise, init may proceed normally without a re-exec.
*/
extern int selinux_init_load_policy(int *enforce);
/* Translate boolean strict to name value pair. */
typedef struct {
char *name;
int value;
} SELboolean;
/* save a list of booleans in a single transaction. */
extern int security_set_boolean_list(size_t boolcnt,
SELboolean *boollist,
int permanent);
/* Load policy boolean settings.
Path may be NULL, in which case the booleans are loaded from
the active policy boolean configuration file. */
extern int security_load_booleans(char *path);
/* Check the validity of a security context. */
extern int security_check_context(security_context_t con);
extern int security_check_context_raw(security_context_t con);
/* Get the enforce flag value. */
extern int security_getenforce(void);
/* Set the enforce flag value. */
extern int security_setenforce(int value);
/* Disable SELinux at runtime (must be done prior to initial policy load). */
extern int security_disable(void);
/* Get the policy version number. */
extern int security_policyvers(void);
/* Get the boolean names */
extern int security_get_boolean_names(char ***names, int *len);
/* Get the pending value for the boolean */
extern int security_get_boolean_pending(const char *name);
/* Get the active value for the boolean */
extern int security_get_boolean_active(const char *name);
/* Set the pending value for the boolean */
extern int security_set_boolean(const char *name, int value);
/* Commit the pending values for the booleans */
extern int security_commit_booleans(void);
/* Common helpers */
/* Return the security class value for a given class name. */
extern security_class_t string_to_security_class(const char *name);
/* Return an access vector for a given class and permission name. */
extern access_vector_t string_to_av_perm(security_class_t tclass, const char *name);
/* Display an access vector in a string representation. */
extern void print_access_vector(security_class_t tclass, access_vector_t av);
/* Set the function used by matchpathcon_init when displaying
errors about the file_contexts configuration. If not set,
then this defaults to fprintf(stderr, fmt, ...). */
extern void set_matchpathcon_printf(void (*f)(const char *fmt, ...));
/* Set the function used by matchpathcon_init when checking the
validity of a context in the file contexts configuration. If not set,
then this defaults to a test based on security_check_context().
The function is also responsible for reporting any such error, and
may include the 'path' and 'lineno' in such error messages. */
extern void set_matchpathcon_invalidcon(int (*f)(const char *path,
unsigned lineno,
char *context));
/* Set flags controlling operation of matchpathcon_init or matchpathcon. */
#define MATCHPATHCON_BASEONLY 1 /* Only process the base file_contexts file. */
extern void set_matchpathcon_flags(unsigned int flags);
/* Load the file contexts configuration specified by 'path'
into memory for use by subsequent matchpathcon calls.
If 'path' is NULL, then load the active file contexts configuration,
i.e. the path returned by selinux_file_context_path().
Unless the MATCHPATHCON_BASEONLY flag has been set, this
function also checks for a 'path'.homedirs file and
a 'path'.local file and loads additional specifications
from them if present. */
extern int matchpathcon_init(const char *path);
/* Match the specified pathname and mode against the file contexts
configuration and set *con to refer to the resulting context.
'mode' can be 0 to disable mode matching.
Caller must free via freecon.
If matchpathcon_init has not already been called, then this function
will call it upon its first invocation with a NULL path. */
extern int matchpathcon(const char *path,
mode_t mode,
security_context_t *con);
/* Same as above, but return a specification index for
later use in a matchpathcon_filespec_add() call - see below. */
extern int matchpathcon_index(const char *path,
mode_t mode,
security_context_t *con);
/* Maintain an association between an inode and a specification index,
and check whether a conflicting specification is already associated
with the same inode (e.g. due to multiple hard links). If so, then
use the latter of the two specifications based on their order in the
file contexts configuration. Return the used specification index. */
extern int matchpathcon_filespec_add(ino_t ino, int specind, const char *file);
/* Destroy any inode associations that have been added, e.g. to restart
for a new filesystem. */
extern void matchpathcon_filespec_destroy(void);
/* Display statistics on the hash table usage for the associations. */
extern void matchpathcon_filespec_eval(void);
/* Check to see whether any specifications had no matches and report them.
The 'str' is used as a prefix for any warning messages. */
extern void matchpathcon_checkmatches(char *str);
/* Match the specified media and against the media contexts
configuration and set *con to refer to the resulting context.
Caller must free con via freecon. */
extern int matchmediacon(const char *media,
security_context_t *con);
/*
selinux_getenforcemode reads the /etc/selinux/config file and determines
whether the machine should be started in enforcing (1), permissive (0) or
disabled (-1) mode.
*/
extern int selinux_getenforcemode(int *enforce);
/*
selinux_policy_root reads the /etc/selinux/config file and returns
the directory path under which the compiled policy file and context
configuration files exist.
*/
extern const char *selinux_policy_root(void);
/* These functions return the paths to specific files under the
policy root directory. */
extern const char *selinux_binary_policy_path(void);
extern const char *selinux_failsafe_context_path(void);
extern const char *selinux_removable_context_path(void);
extern const char *selinux_default_context_path(void);
extern const char *selinux_user_contexts_path(void);
extern const char *selinux_file_context_path(void);
extern const char *selinux_media_context_path(void);
extern const char *selinux_contexts_path(void);
extern const char *selinux_booleans_path(void);
extern const char *selinux_customizable_types_path(void);
extern const char *selinux_users_path(void);
extern const char *selinux_usersconf_path(void);
/* Check a permission in the passwd class.
Return 0 if granted or -1 otherwise. */
extern int selinux_check_passwd_access(access_vector_t requested);
extern int checkPasswdAccess(access_vector_t requested);
/* Set the path to the selinuxfs mount point explicitly.
Normally, this is determined automatically during libselinux
initialization, but this is not always possible, e.g. for /sbin/init
which performs the initial mount of selinuxfs. */
void set_selinuxmnt(char *mnt);
/* Execute a helper for rpm in an appropriate security context. */
extern int rpm_execcon(unsigned int verified,
const char *filename,
char *const argv[], char *const envp[]);
/* Returns whether a file context is customizable, and should not
be relabeled . */
extern int is_context_customizable (security_context_t scontext);
/* Perform context translation between the human-readable format
("translated") and the internal system format ("raw").
Caller must free the resulting context via freecon.
Returns -1 upon an error or 0 otherwise.
If passed NULL, sets the returned context to NULL and returns 0. */
extern int selinux_trans_to_raw_context(security_context_t trans,
security_context_t *rawp);
extern int selinux_raw_to_trans_context(security_context_t raw,
security_context_t *transp);
/* Get the SELinux username and level to use for a given Linux username.
These values may then be passed into the get_ordered_context_list*
and get_default_context* functions to obtain a context for the user.
Returns 0 on success or -1 otherwise.
Caller must free the returned strings via free. */
extern int getseuserbyname(const char *linuxuser, char **seuser, char **level);
#ifdef __cplusplus
}
#endif
#endif

10
libselinux/man/Makefile Normal file
View File

@ -0,0 +1,10 @@
# Installation directories.
MAN8DIR ?= $(DESTDIR)/usr/share/man/man8
MAN3DIR ?= $(DESTDIR)/usr/share/man/man3
install:
mkdir -p $(MAN3DIR)
mkdir -p $(MAN8DIR)
install -m 644 man3/*.3 $(MAN3DIR)
install -m 644 man8/*.8 $(MAN8DIR)

183
libselinux/man/man3/avc_add_callback.3 Normal file
View File

@ -0,0 +1,183 @@
.\" Hey Emacs! This file is -*- nroff -*- source.
.\"
.\" Author: Eamon Walsh (ewalsh@epoch.ncsc.mil) 2004
.TH "avc_add_callback" "3" "9 June 2004" "" "SE Linux API documentation"
.SH "NAME"
avc_add_callback \- additional event notification for userspace object managers.
.SH "SYNOPSIS"
.B #include <selinux/selinux.h>
.br
.B #include <selinux/avc.h>
.sp
.BI "int avc_add_callback(int (*" callback ")(u_int32_t " event ,
.in +\w'int avc_add_callback(int (*callback)('u
.BI "security_id_t " ssid ,
.br
.BI "security_id_t " tsid ,
.br
.BI "security_class_t " tclass ,
.br
.BI "access_vector_t " perms ,
.br
.BI "access_vector_t *" out_retained "),"
.in
.in +\w'int avc_add_callback('u
.BI "u_int32_t " events ", security_id_t " ssid ,
.br
.BI "security_id_t " tsid ", security_class_t " tclass ,
.br
.BI "access_vector_t " perms ");"
.in
.SH "DESCRIPTION"
.B avc_add_callback
is used to register callback functions on security events. The purpose of this functionality is to allow userspace object managers to take additional action when a policy change, usually a policy reload, causes permissions to be granted or revoked.
.I events
is the
.RI bitwise- or
of security events on which to register the callback; see
.B SECURITY EVENTS
below.
.IR ssid ,
.IR tsid ,
.IR tclass ,
and
.I perms
specify the source and target SID's, target class, and specific permissions that the callback wishes to monitor. The special symbol
.B SECSID_WILD
may be passed as the
.I source
or
.I target
and will cause any SID to match.
.I callback
is the callback function provided by the userspace object manager. The
.I event
argument indicates the security event which occured; the remaining arguments are interpreted according to the event as described below. The return value of the callback should be zero on success, \-1 on error with errno set appropriately (but see
.B RETURN VALUE
below).
.SH "SECURITY EVENTS"
In all cases below,
.I ssid
and/or
.I tsid
may be set to
.BR SECSID_WILD ,
indicating that the change applies to all source and/or target SID's. Unless otherwise indicated, the
.I out_retained
parameter is unused.
.TP
.B AVC_CALLBACK_GRANT
Previously denied permissions are now granted for
.IR ssid ,
.I tsid
with respect to
.IR tclass .
.I perms
indicates the permissions to grant.
.TP
.B AVC_CALLBACK_TRY_REVOKE
Previously granted permissions are now conditionally revoked for
.IR ssid ,
.I tsid
with respect to
.IR tclass .
.I perms
indicates the permissions to revoke. The callback should set
.I out_retained
to the subset of
.I perms
which are retained as migrated permissions. Note that
.I out_retained
is ignored if the callback returns \-1.
.TP
.B AVC_CALLBACK_REVOKE
Previously granted permissions are now unconditionally revoked for
.IR ssid ,
.I tsid
with respect to
.IR tclass .
.I perms
indicates the permissions to revoke.
.TP
.B AVC_CALLBACK_RESET
Indicates that the cache was flushed. The SID, class, and permission arguments are unused and are set to NULL.
.TP
.B AVC_CALLBACK_AUDITALLOW_ENABLE
The permissions given by
.I perms
should now be audited when granted for
.IR ssid ,
.I tsid
with respect to
.IR tclass .
.TP
.B AVC_CALLBACK_AUDITALLOW_DISABLE
The permissions given by
.I perms
should no longer be audited when granted for
.IR ssid ,
.I tsid
with respect to
.IR tclass .
.TP
.B AVC_CALLBACK_AUDITDENY_ENABLE
The permissions given by
.I perms
should now be audited when denied for
.IR ssid ,
.I tsid
with respect to
.IR tclass .
.TP
.B AVC_CALLBACK_AUDITDENY_DISABLE
The permissions given by
.I perms
should no longer be audited when denied for
.IR ssid ,
.I tsid
with respect to
.IR tclass .
.SH "RETURN VALUE"
On success,
.B avc_add_callback
returns zero. On error, \-1 is returned and
.I errno
is set appropriately.
A return value of \-1 from a callback is interpreted as a failed policy operation. If such a return value is encountered, all remaining callbacks registered on the event are called. In threaded mode, the netlink handler thread may then terminate and cause the userspace AVC to return
.B EINVAL
on all further permission checks until
.BR avc_destroy (3)
is called. In non-threaded mode, the permission check on which the error occurred will return \-1 and the value of
.I errno
encountered to the caller. In both cases, a log message is produced and the kernel may be notified of the error.
.SH "ERRORS"
.TP
.B ENOMEM
An attempt to allocate memory failed.
.SH "NOTES"
If the userspace AVC is running in threaded mode, callbacks registered via
.B avc_add_callback
may be executed in the context of the netlink handler thread. This will likely introduce synchronization issues requiring the use of locks. See
.BR avc_init (3).
Support for dynamic revocation and retained permissions is mostly unimplemented in the SELinux kernel module. The only security event that currently gets excercised is
.BR AVC_CALLBACK_RESET .
.SH "AUTHOR"
Eamon Walsh <ewalsh@epoch.ncsc.mil>
.SH "SEE ALSO"
.BR avc_init (3),
.BR avc_has_perm (3),
.BR avc_context_to_sid (3),
.BR avc_cache_stats (3),
.BR security_compute_av (3)

1
libselinux/man/man3/avc_audit.3 Normal file
View File

@ -0,0 +1 @@
.so man3/avc_has_perm.3

1
libselinux/man/man3/avc_av_stats.3 Normal file
View File

@ -0,0 +1 @@
.so man3/avc_cache_stats.3

98
libselinux/man/man3/avc_cache_stats.3 Normal file
View File

@ -0,0 +1,98 @@
.\" Hey Emacs! This file is -*- nroff -*- source.
.\"
.\" Author: Eamon Walsh (ewalsh@epoch.ncsc.mil) 2004
.TH "avc_cache_stats" "3" "27 May 2004" "" "SE Linux API documentation"
.SH "NAME"
avc_cache_stats, avc_av_stats, avc_sid_stats \- obtain userspace AVC statistics.
.SH "SYNOPSIS"
.B #include <selinux/selinux.h>
.br
.B #include <selinux/avc.h>
.sp
.BI "void avc_av_stats(void);"
.sp
.BI "void avc_sid_stats(void);"
.sp
.BI "void avc_cache_stats(struct avc_cache_stats *" stats ");"
.SH "DESCRIPTION"
The userspace AVC maintains two internal hash tables, one to store security ID's and one to cache access decisions.
.B avc_av_stats
and
.B avc_sid_stats
produce log messages indicating the status of the access decision and SID tables, respectively. The messages contain the number of entries in the table, number of hash buckets and number of buckets used, and maximum number of entries in a single bucket.
.B avc_cache_stats
populates a structure whose fields reflect cache activity:
.RS
.ta 4n 14n
.nf
struct avc_cache_stats {
unsigned entry_lookups;
unsigned entry_hits;
unsigned entry_misses;
unsigned entry_discards;
unsigned cav_lookups;
unsigned cav_hits;
unsigned cav_probes;
unsigned cav_misses;
};
.fi
.ta
.RE
.TP
.I entry_lookups
Number of queries made.
.TP
.I entry_hits
Number of times a decision was found in the
.I aeref
argument.
.TP
.I entry_misses
Number of times a decision was not found in the
.I aeref
argument.
.TP
.I entry_discards
Number of times a decision was not found in the
.I aeref
argument and the
.I aeref
argument was non-NULL.
.TP
.I cav_lookups
Number of cache lookups.
.TP
.I cav_hits
Number of cache hits.
.TP
.I cav_misses
Number of cache misses.
.TP
.I cav_probes
Number of entries examined while searching the cache.
.SH "NOTES"
When the cache is flushed as a result of a call to
.B avc_reset
or a policy change notification,
the statistics returned by
.B avc_cache_stats
are reset to zero. The SID table, however, is left
unchanged.
When a policy change notification is received, a call to
.B avc_av_stats
is made before the cache is flushed.
.SH "AUTHOR"
Eamon Walsh <ewalsh@epoch.ncsc.mil>
.SH "SEE ALSO"
.BR avc_init (3),
.BR avc_has_perm (3),
.BR avc_context_to_sid (3),
.BR avc_add_callback (3)

1
libselinux/man/man3/avc_cleanup.3 Normal file
View File

@ -0,0 +1 @@
.so man3/avc_init.3

90
libselinux/man/man3/avc_context_to_sid.3 Normal file
View File

@ -0,0 +1,90 @@
.\" Hey Emacs! This file is -*- nroff -*- source.
.\"
.\" Author: Eamon Walsh (ewalsh@epoch.ncsc.mil) 2004
.TH "avc_context_to_sid" "3" "27 May 2004" "" "SE Linux API documentation"
.SH "NAME"
avc_context_to_sid, avc_sid_to_context, sidput, sidget \- obtain and manipulate security ID's.
.SH "SYNOPSIS"
.B #include <selinux/selinux.h>
.br
.B #include <selinux/avc.h>
.sp
.BI "int avc_context_to_sid(security_context_t " ctx ", security_id_t *" sid ");"
.sp
.BI "int avc_sid_to_context(security_id_t " sid ", security_context_t *" ctx ");"
.sp
.BI "int sidget(security_id_t " sid ");"
.sp
.BI "int sidput(security_id_t " sid ");"
.SH "DESCRIPTION"
Security ID's (SID's) are reference-counted, opaque representations of security contexts.
.B avc_context_to_sid
returns a SID for the given
.I context
in the memory referenced by
.IR sid ,
incrementing its reference count by 1.
.B avc_sid_to_context
returns a copy of the context represented by
.I sid
in the memory referenced by
.IR ctx .
The user must free the copy with
.BR freecon (3).
.B sidget
increments the reference count of
.I sid
by 1.
.B sidput
decrements the reference count of
.I sid
by 1. If the count ever reaches zero, the SID becomes
invalid and must not be used any further.
.SH "RETURN VALUE"
.B sidget
and
.B sidput
return the new reference count. A return value of zero indicates
an invalid SID.
.B avc_context_to_sid
and
.B avc_sid_to_context
return zero on success. On error, \-1 is returned and
.I errno
is set appropriately.
.SH "ERRORS"
.TP
.B EINVAL
The provided
.I sid
has a zero reference count and is invalid.
.TP
.B ENOMEM
An attempt to allocate memory failed.
.SH "NOTES"
The expected usage pattern for these functions is that
.B avc_context_to_sid
will be called once to obtain a SID for a newly created object,
.B sidget
will be called on a SID when its object is duplicated, and
.B sidput
will be called on a SID when its object is destroyed. Proper reference counting is necessary to ensure that SID's and associated cache entries are reclaimed from memory when no longer needed.
.SH "AUTHOR"
Eamon Walsh <ewalsh@epoch.ncsc.mil>
.SH "SEE ALSO"
.BR avc_init (3),
.BR avc_has_perm (3),
.BR avc_cache_stats (3),
.BR avc_add_callback (3),
.BR getcon (3),
.BR freecon (3)

1
libselinux/man/man3/avc_destroy.3 Normal file
View File

@ -0,0 +1 @@
.so man3/avc_init.3

1
libselinux/man/man3/avc_entry_ref_init.3 Normal file
View File

@ -0,0 +1 @@
.so man3/avc_has_perm.3

154
libselinux/man/man3/avc_has_perm.3 Normal file
View File

@ -0,0 +1,154 @@
.\" Hey Emacs! This file is -*- nroff -*- source.
.\"
.\" Author: Eamon Walsh (ewalsh@epoch.ncsc.mil) 2004
.TH "avc_has_perm" "3" "27 May 2004" "" "SE Linux API documentation"
.SH "NAME"
avc_has_perm, avc_has_perm_noaudit, avc_audit, avc_entry_ref_init \- obtain and audit SELinux access decisions.
.SH "SYNOPSIS"
.B #include <selinux/selinux.h>
.br
.B #include <selinux/avc.h>
.sp
.BI "void avc_entry_ref_init(struct avc_entry_ref *" aeref ");"
.sp
.BI "int avc_has_perm(security_id_t " ssid ", security_id_t " tsid ,
.in +\w'int avc_has_perm('u
.BI "security_class_t " tclass ", access_vector_t " requested ,
.br
.BI "struct avc_entry_ref *" aeref ", void *" auditdata ");"
.in
.sp
.BI "int avc_has_perm_noaudit(security_id_t " ssid ", security_id_t " tsid ,
.in +\w'int avc_has_perm('u
.BI "security_class_t " tclass ", access_vector_t " requested ,
.br
.BI "struct avc_entry_ref *" aeref ", struct av_decision *" avd ");"
.in
.sp
.BI "void avc_audit(security_id_t " ssid ", security_id_t " tsid ,
.in +\w'void avc_audit('u
.BI "security_class_t " tclass ", access_vector_t " requested ,
.br
.BI "struct av_decision *" avd ", int " result ", void *" auditdata ");"
.in
.SH "DESCRIPTION"
.B avc_entry_ref_init
initializes an
.B avc_entry_ref
structure; see
.B ENTRY REFERENCES
below. This function may be implemented as a macro.
.B avc_has_perm
checks whether the
.I requested
permissions are granted
for subject SID
.IR ssid
and target SID
.IR tsid ,
interpreting the permissions
based on
.I tclass
and updating
.IR aeref ,
if non-NULL, to refer to a cache entry with the resulting decision. The granting or denial of permissions is audited in accordance with the policy. The
.I auditdata
parameter is for supplemental auditing; see
.B avc_audit
below.
.B avc_has_perm_noaudit
behaves as
.B avc_has_perm
without producing an audit message. The access decision is returned in
.I avd
and can be passed to
.B avc_audit
explicitly.
.B avc_audit
produces an audit message for the access query represented by
.IR ssid ,
.IR tsid ,
.IR tclass ,
and
.IR requested ,
with a decision represented by
.IR avd .
Pass the value returned by
.B avc_has_perm_noaudit
as
.IR result .
The
.I auditdata
parameter is passed to the user-supplied
.B func_audit
callback and can be used to add supplemental information to the audit message; see
.BR avc_init (3).
.SH "ENTRY REFERENCES"
Entry references can be used to speed cache performance for repeated queries on the same subject and target. The userspace AVC will check the
.I aeref
argument, if supplied, before searching the cache on a permission query. After a query is performed,
.I aeref
will be updated to reference the cache entry for that query. A subsequent query on the same subject and target will then have the decision at hand without having to walk the cache.
After declaring an
.B avc_entry_ref
structure, use
.B avc_entry_ref_init
to initialize it before passing it to
.B avc_has_perm
or
.B avc_has_perm_noaudit
for the first time.
Using an uninitialized structure will produce undefined behavior.
.SH "RETURN VALUE"
If requested permissions are granted, zero is returned. If requested permissions are denied or an error occured, \-1 is returned and
.I errno
is set appropriately.
In permissive mode, zero will be returned and
.I errno
unchanged even if permissions were denied.
.B avc_has_perm
will still produce an audit message in this case.
.SH "ERRORS"
.TP
.B EACCES
A requested permission was denied.
.TP
.B EINVAL
The
.I tclass
and/or the security contexts referenced by
.I ssid
and
.I tsid
are not recognized by the currently loaded policy.
.TP
.B ENOMEM
An attempt to allocate memory failed.
.SH "NOTES"
Internal errors encountered by the userspace AVC may cause certain values of
.I errno
to be returned unexpectedly. For example, netlink socket errors may produce
.B EACCES
or
.BR EINVAL .
Make sure that userspace object managers are granted appropriate access to
netlink by the policy.
.SH "AUTHOR"
Eamon Walsh <ewalsh@epoch.ncsc.mil>
.SH "SEE ALSO"
.BR avc_init (3),
.BR avc_context_to_sid (3),
.BR avc_cache_stats (3),
.BR avc_add_callback (3),
.BR security_compute_av (3)

1
libselinux/man/man3/avc_has_perm_noaudit.3 Normal file
View File

@ -0,0 +1 @@
.so man3/avc_has_perm.3

211
libselinux/man/man3/avc_init.3 Normal file
View File

@ -0,0 +1,211 @@
.\" Hey Emacs! This file is -*- nroff -*- source.
.\"
.\" Author: Eamon Walsh (ewalsh@epoch.ncsc.mil) 2004
.TH "avc_init" "3" "27 May 2004" "" "SE Linux API documentation"
.SH "NAME"
avc_init, avc_destroy, avc_reset, avc_cleanup \- userspace AVC setup and teardown.
.SH "SYNOPSIS"
.B #include <selinux/selinux.h>
.br
.B #include <selinux/avc.h>
.sp
.BI "int avc_init(const char *" msgprefix ,
.in +\w'int avc_init('u
.BI "const struct avc_memory_callback *" mem_callbacks ,
.br
.BI "const struct avc_log_callback *" log_callbacks ,
.br
.BI "const struct avc_thread_callback *" thread_callbacks ,
.br
.BI "const struct avc_lock_callback *" lock_callbacks ");"
.in
.sp
.BI "void avc_destroy(void);"
.sp
.BI "int avc_reset(void);"
.sp
.BI "void avc_cleanup(void);"
.SH "DESCRIPTION"
.B avc_init
initializes the userspace AVC and must be called before any other AVC operation can be performed. A non-NULL
.I msgprefix
will be prepended to all audit messages produced by the userspace AVC. The default is `uavc'. The remaining arguments, if non-NULL, specify callbacks to be used by the userspace AVC. See
.B CALLBACKS
below.
.B avc_destroy
destroys the userspace AVC, freeing all internal memory structures. After this call has been made,
.B avc_init
must be called again before any AVC operations can be performed.
.B avc_reset
flushes the userspace AVC, causing it to forget any cached access decisions. The userspace AVC normally calls this function automatically when needed, see
.B NETLINK NOTIFICATION
below.
.B avc_cleanup
forces the userspace AVC to search for and free all unused SID's and any access decision entries that refer to them. Normally, the userspace AVC lazily reclaims unused SID's.
.SH "CALLBACKS"
The userspace AVC can be directed how to perform memory allocation, logging, thread creation, and locking via callback functions passed to
.BR avc_init .
The purpose of this functionality is to allow the userspace AVC to be smoothly integrated into existing userspace object managers.
Use an
.B avc_memory_callback
structure to specify alternate functions for dynamic memory allocation.
.RS
.ta 4n 10n 24n
.nf
struct avc_memory_callback {
void *(*func_malloc)(size_t size);
void (*func_free)(void *ptr);
};
.fi
.ta
.RE
The two fields of the structure should be pointers to functions which behave as
.BR malloc (3)
and
.BR free (3),
which are used by default.
Use an
.B avc_log_callback
structure to specify alternate functions for logging.
.RS
.ta 4n 10n 24n
.nf
struct avc_log_callback {
void (*func_log)(const char *fmt, ...);
void (*func_audit)(void *auditdata,
security_class_t class,
char *msgbuf, size_t msgbufsize);
};
.fi
.ta
.RE
The
.B func_log
callback should accept a
.BR printf (3)
style format and arguments and log them as desired. The default behavior prints the message on the standard error. The
.B func_audit
callback should interpret the
.I auditdata
parameter for the given
.IR class ,
printing a human-readable interpretation to
.I msgbuf
using no more than
.I msgbufsize
characters. The default behavior is to ignore
.IR auditdata .
Use an
.B avc_thread_callback
structure to specify functions for starting and manipulating threads.
.RS
.ta 4n 10n 24n
.nf
struct avc_thread_callback {
void *(*func_create_thread)(void (*run)(void));
void (*func_stop_thread)(void *thread);
};
.fi
.ta
.RE
The
.B func_create_thread
callback should create a new thread and return a pointer which references it. The thread should execute the
.I run
argument, which does not return under normal conditions. The
.B func_stop_thread
callback should cancel the running thread referenced by
.IR thread .
By default, threading is not used; see
.B NETLINK NOTIFICATION
below.
Use an
.B avc_lock_callback
structure to specify functions to create, obtain, and release locks for use by threads.
.RS
.ta 4n 10n 24n
.nf
struct avc_lock_callback {
void *(*func_alloc_lock)(void);
void (*func_get_lock)(void *lock);
void (*func_release_lock)(void *lock);
void (*func_free_lock)(void *lock);
};
.fi
.ta
.RE
The
.B func_alloc_lock
callback should create a new lock, returning a pointer which references it. The
.B func_get_lock
callback should obtain
.IR lock ,
blocking if necessary. The
.B func_release_lock
callback should release
.IR lock .
The
.B func_free_lock
callback should destroy
.IR lock ,
freeing any resources associated with it. The default behavior is not to perform any locking. Note that undefined behavior may result if threading is used without appropriate locking.
.SH "NETLINK NOTIFICATION"
Beginning with version 2.6.4, the Linux kernel supports SELinux status change notification via netlink. Two message types are currently implemented, indicating changes to the enforcing mode and to the loaded policy in the kernel, respectively. The userspace AVC listens for these messages and takes the appropriate action, modifying the behavior of
.BR avc_has_perm (3)
to reflect the current enforcing mode and flushing the cache on receipt of a policy load notification. Audit messages are produced when netlink notifications are processed.
In the default single-threaded mode, the userspace AVC checks for new netlink messages at the start of each permission query. If threading and locking callbacks are passed to
.B avc_init
however, a dedicated thread will be started to listen on the netlink socket. This may increase performance and will ensure that log messages are generated immediately rather than at the time of the next permission query.
.SH "RETURN VALUE"
Functions with a return value return zero on success. On error, \-1 is returned and
.I errno
is set appropriately.
.SH "NOTES"
The
.I msgprefix
argument to
.B avc_init
currently has a length limit of 15 characters and will be truncated if necessary.
If a provided
.B func_malloc
callback does not set
.I errno
appropriately on error, userspace AVC calls may exhibit the
same behavior.
If a netlink thread has been created and an error occurs on the socket (such as an access error), the thread may terminate and cause the userspace AVC to return
.B EINVAL
on all further permission checks until
.B avc_destroy
is called.
.SH "AUTHOR"
Eamon Walsh <ewalsh@epoch.ncsc.mil>
.SH "SEE ALSO"
.BR avc_has_perm (3),
.BR avc_context_to_sid (3),
.BR avc_cache_stats (3),
.BR avc_add_callback (3),
.BR security_compute_av (3)

1
libselinux/man/man3/avc_reset.3 Normal file
View File

@ -0,0 +1 @@
.so man3/avc_init.3

1
libselinux/man/man3/avc_sid_stats.3 Normal file
View File

@ -0,0 +1 @@
.so man3/avc_cache_stats.3

1
libselinux/man/man3/avc_sid_to_context.3 Normal file
View File

@ -0,0 +1 @@
.so man3/avc_context_to_sid.3

1
libselinux/man/man3/checkPasswdAccess.3 Normal file
View File

@ -0,0 +1 @@
.so man3/security_compute_av.3

1
libselinux/man/man3/context_free.3 Normal file
View File

@ -0,0 +1 @@
.so man3/context_new.3

58
libselinux/man/man3/context_new.3 Normal file
View File

@ -0,0 +1,58 @@
.TH "context_new" "3" "15 November 2004" "dwalsh@redhat.com" "SELinux API documentation"
.SH "NAME"
context_new, context_str, context_free, context_type_get, context_type_set, context_range_get, context_range_set,context_role_get, context_role_set, context_user_get, context_user_set \- Routines to manipulate SELinux security contexts
.SH "SYNOPSIS"
.B #include <selinux/context.h>
.br
.B "context_t context_new(const char *" context_str );
.br
.B "const char * context_str(context_t " con );
.br
.B "void context_free(context_t " con );
.br
.B "const char * context_type_get(context_t " con );
.br
.B "const char * context_range_get(context_t " con );
.br
.B "const char * context_role_get(context_t " con );
.br
.B "const char * context_user_get(context_t " con );
.br
.B "const char * context_type_set(context_t " con ", const char* " type);
.br
.B "const char * context_range_set(context_t " con ", const char* " range);
.br
.B "const char * context_role_set(context_t " con ", const char* " role );
.br
.B "const char * context_user_set(context_t " con ", const char* " user );
.SH "DESCRIPTION"
These functions allow an application to manipulate the fields of a
security context string without requiring it to know the format of the
string.
context_new
Return a new context initialized to a context string
context_str
Return a pointer to the string value of the context_t
Valid until the next call to context_str or context_free
for the same context_t*
context_free
Free the storage used by a context
context_type_get, context_range_get, context_role_get, context_user_get
Get a pointer to the string value of a context component
NOTE: Values returned by the get functions are only valid until the next call
to a set function or context_free() for the same context_t structure.
context_type_set, context_range_set, context_role_set, context_user_set
Set a context component
.SH "RETURN VALUE"
On success, zero is returned. On failure, -1 is returned and errno is
set appropriately.

1
libselinux/man/man3/context_range_get.3 Normal file
View File

@ -0,0 +1 @@
.so man3/context_new.3

1
libselinux/man/man3/context_range_set.3 Normal file
View File

@ -0,0 +1 @@
.so man3/context_new.3

1
libselinux/man/man3/context_role_get.3 Normal file
View File

@ -0,0 +1 @@
.so man3/context_new.3

1
libselinux/man/man3/context_role_set.3 Normal file
View File

@ -0,0 +1 @@
.so man3/context_new.3

1
libselinux/man/man3/context_type_get.3 Normal file
View File

@ -0,0 +1 @@
.so man3/context_new.3

1
libselinux/man/man3/context_type_set.3 Normal file
View File

@ -0,0 +1 @@
.so man3/context_new.3

1
libselinux/man/man3/context_user_get.3 Normal file
View File

@ -0,0 +1 @@
.so man3/context_new.3

1
libselinux/man/man3/context_user_set.3 Normal file
View File

@ -0,0 +1 @@
.so man3/context_new.3

16
libselinux/man/man3/freecon.3 Normal file
View File

@ -0,0 +1,16 @@
.TH "freecon" "3" "1 January 2004" "russell@coker.com.au" "SE Linux API documentation"
.SH "NAME"
freecon, freeconary \- free memory associated with SE Linux security contexts.
.SH "SYNOPSIS"
.B #include <selinux/selinux.h>
.sp
.BI "void freecon(security_context_t "con );
.br
.BI "void freeconary(security_context_t *" con );
.SH "DESCRIPTION"
.B freecon
frees the memory allocated for a security context.
.B freeconary
frees the memory allocated for a context array.

1
libselinux/man/man3/freeconary.3 Normal file
View File

@ -0,0 +1 @@
.so man3/freecon.3

1
libselinux/man/man3/fsetfilecon.3 Normal file
View File

@ -0,0 +1 @@
.so man3/setfilecon.3

1
libselinux/man/man3/get_default_context.3 Normal file
View File

@ -0,0 +1 @@
.so man3/get_ordered_context_list.3

1
libselinux/man/man3/get_default_context_with_role.3 Normal file
View File

@ -0,0 +1 @@
.so man3/get_ordered_context_list.3

66
libselinux/man/man3/get_ordered_context_list.3 Normal file
View File

@ -0,0 +1,66 @@
.TH "get_ordered_context_list" "3" "1 January 2004" "russell@coker.com.au" "SE Linux"
.SH "NAME"
get_ordered_context_list, get_default_context, get_default_context_with_role, query_user_context, manual_user_enter_context, get_default_role \- determine context(s) for user sessions
.SH "SYNOPSIS"
.B #include <selinux/selinux.h>
.br
.B #include <selinux/get_context_list.h>
.sp
.BI "int get_ordered_context_list(const char *" user ", security_context_t "fromcon ", security_context_t **" list );
.sp
.BI "int get_default_context(const char *" user ", security_context_t "fromcon ", security_context_t *" newcon );
.sp
.BI "int get_default_context_with_role(const char* " user ", const char *" role ", security_context_t " fromcon ", security_context_t *" newcon ");
.sp
.BI "int query_user_context(security_context_t *" list ", security_context_t *" newcon );
.sp
.BI "int manual_user_enter_context(const char *" user ", security_context_t *" newcon );
.sp
.BI "int get_default_type(const char *" role ", char **" type );
.SH "DESCRIPTION"
.B get_ordered_context_list
invokes the
.B security_compute_user
function to obtain the list of contexts for the specified
.I user
that are reachable from the specified
.I fromcon
context and then orders the resulting list based on the global
.B /etc/selinux/<SELINUXTYPE>/contexts/default_contexts
file and the per-user
.B /etc/selinux/<SELINUXTYPE>/contexts/users/<username>
file if it exists. The
.I fromcon
parameter may be NULL to indicate that the current context should
be used. The function returns the number of contexts in the
list, or -1 upon errors. The list must be freed using the
.B freeconary
function.
.B get_default_context
is the same as get_ordered_context_list but only returns a single context
which has to be freed with freecon.
.B get_default_context_with_role
is the same as get_default_context but only returns a context with the specified role, returning -1 if no such context is reachable for the user.
.B query_user_context
takes a list of contexts, queries the user via stdin/stdout as to which context
they want, and returns a new context as selected by the user (which has to be
freed with freecon).
.B manual_user_enter_context
allows the user to manually enter a context as a fallback if a list of authorized contexts could not be obtained. Caller must free via freecon.
.B get_default_type
Get the default type (domain) for 'role' and set 'type' to refer to it, which has to be freed with free.
.SH "RETURN VALUE"
get_ordered_context_list returns the number of contexts in the list upon
success or -1 upon errors.
The other functions return 0 for success or -1 for errors.
.SH "SEE ALSO"
.BR freeconary "(3), " freecon "(3), " security_compute_av "(3)"

62
libselinux/man/man3/getcon.3 Normal file
View File

@ -0,0 +1,62 @@
.TH "getcon" "3" "1 January 2004" "russell@coker.com.au" "SE Linux API documentation"
.SH "NAME"
getcon, getprevcon, getpidcon \- get SE Linux security context of a process.
.br
getpeercon - get security context of a peer socket.
.br
setcon - set current security context of a process.
.SH "SYNOPSIS"
.B #include <selinux/selinux.h>
.sp
.BI "int getcon(security_context_t *" context );
.br
.BI "int getprevcon(security_context_t *" context );
.br
.BI "int getpidcon(pid_t " pid ", security_context_t *" context );
.br
.BI "int getpeercon(int " fd ", security_context_t *" context);
.br
.BI "int setcon(security_context_t " context);
.SH "DESCRIPTION"
.B getcon
retrieves the context of the current process, which must be free'd with
freecon.
.B getprevcon
same as getcon but gets the context before the last exec.
.B getpidcon
returns the process context for the specified PID.
.B getpeercon
retrieves context of peer socket, and set *context to refer to it, which must be free'd with freecon.
.B setcon
sets the current security context of the process to a new value. Note
that use of this function requires that the entire application be
trusted to maintain any desired separation between the old and new
security contexts, unlike exec-based transitions performed via
setexeccon(3). When possible, decompose your applicaiton and use
setexeccon() and execve() instead.
Since access to file descriptors is revalidated upon use by SELinux,
the new context must be explicitly authorized in the policy to use the
descriptors opened by the old context if that is desired. Otherwise,
attempts by the process to use any existing descriptors (including
stdin, stdout, and stderr) after performing the setcon() will fail.
A multi-threaded application can perform a setcon() prior to creating
any child threads, in which case all of the child threads will inherit
the new context. However, setcon() will fail if there are any other
threads running in the same process.
If the process was being ptraced at the time of the setcon()
operation, ptrace permission will be revalidated against the new
context and the setcon() will fail if it is not allowed by policy.
.SH "RETURN VALUE"
On error -1 is returned. On success 0 is returned.
.SH "SEE ALSO"
.BR freecon "(3), " setexeccon "(3)"

60
libselinux/man/man3/getexeccon.3 Normal file
View File

@ -0,0 +1,60 @@
.TH "getexeccon" "3" "1 January 2004" "russell@coker.com.au" "SE Linux API documentation"
.SH "NAME"
getexeccon, setexeccon \- get or set the SE Linux security context used for executing a new process.
.br
rpm_execcon \- run a helper for rpm in an appropriate security context
.SH "SYNOPSIS"
.B #include <selinux/selinux.h>
.sp
.BI "int getexeccon(security_context_t *" context );
.br
.BI "int setexeccon(security_context_t "context );
.br
.BI "int rpm_execcon(unsigned int " verified ", const char *" filename ", char *const " argv "[] , char *const " envp "[]);
.SH "DESCRIPTION"
.B getexeccon
retrieves the context used for executing a new process.
This returned context should be freed with freecon if non-NULL.
getexeccon sets *con to NULL if no exec context has been explicitly
set by the program (i.e. using the default policy behavior).
.B setexeccon
sets the context used for the next execve call.
NULL can be passed to
setexeccon to reset to the default policy behavior.
The exec context is automatically reset after the next execve, so a
program doesn't need to explicitly sanitize it upon startup.
.br
setexeccon can be applied prior to library
functions that internally perform an execve, e.g. execl*, execv*, popen,
in order to set an exec context for that operation.
.br
Note: Signal handlers that perform an execve must take care to
save, reset, and restore the exec context to avoid unexpected behaviors.
.br
.B rpm_execcon
runs a helper for rpm in an appropriate security context. The
verified parameter should contain the return code from the signature
verification (0 == ok, 1 == notfound, 2 == verifyfail, 3 ==
nottrusted, 4 == nokey), although this information is not yet used by
the function. The function determines the proper security context for
the helper based on policy, sets the exec context accordingly, and
then executes the specified filename with the provided argument and
environment arrays.
.SH "RETURN VALUE"
On error -1 is returned.
On success getexeccon and setexeccon returns 0.
rpm_execcon only returns upon errors, as it calls execve(2).
.SH "SEE ALSO"
.BR freecon "(3), " getcon "(3)"

43
libselinux/man/man3/getfilecon.3 Normal file
View File

@ -0,0 +1,43 @@
.TH "getfilecon" "3" "1 January 2004" "russell@coker.com.au" "SE Linux API documentation"
.SH "NAME"
getfilecon, fgetfilecon, lgetfilecon \- get SE Linux security context of a file
.SH "SYNOPSIS"
.B #include <selinux/selinux.h>
.sp
.BI "int getfilecon(const char *" path ", security_context_t *" con );
.br
.BI "int lgetfilecon(const char *" path ", security_context_t *" con );
.br
.BI "int fgetfilecon(int "fd ", security_context_t *" con );
.SH "DESCRIPTION"
.B getfilecon
retrieves the context associated with the given path in the file system, the
length of the context is returned.
.B lgetfilecon
is identical to getfilecon, except in the case of a symbolic link, where the
link itself is interrogated, not the file that it refers to.
.B fgetfilecon
is identical to getfilecon, only the open file pointed to by filedes (as
returned by open(2)) is interrogated in place of path.
.br
The returned context should be freed with freecon if non-NULL.
.SH "RETURN VALUE"
On success, a positive number is returned indicating the size of the
extended attribute value. On failure, \-1 is returned and errno is set
appropriately.
If the context does not exist, or the process has no access to
this attribute, errno is set to ENODATA.
If extended attributes are not supported by the filesystem, or are dis\-
abled, errno is set to ENOTSUP.
The errors documented for the stat(2) system call are also applicable
here.
.SH "SEE ALSO"
.BR freecon "(3), " setfilecon "(3), " setfscreatecon "(3)"

40
libselinux/man/man3/getfscreatecon.3 Normal file
View File

@ -0,0 +1,40 @@
.TH "getfscreatecon" "3" "1 January 2004" "russell@coker.com.au" "SE Linux API documentation"
.SH "NAME"
getfscreatecon, setfscreatecon \- get or set the SE Linux security context used for creating a new file system object.
.SH "SYNOPSIS"
.B #include <selinux/selinux.h>
.sp
.BI "int getfscreatecon(security_context_t *" con );
.br
.BI "int setfscreatecon(security_context_t "context );
.SH "DESCRIPTION"
.B getfscreatecon
retrieves the context used for creating a new file system object.
This returned context should be freed with freecon if non-NULL.
getfscreatecon sets *con to NULL if no fscreate context has been explicitly
set by the program (i.e. using the default policy behavior).
.B setfscreatecon
sets the context used for creating a new file system object.
NULL can be passed to
setfscreatecon to reset to the default policy behavior.
The fscreate context is automatically reset after the next execve, so a
program doesn't need to explicitly sanitize it upon startup.
.br
setfscreatecon can be applied prior to library
functions that internally perform an file creation,
in order to set an file context on the objects.
.br
Note: Signal handlers that perform an setfscreate must take care to
save, reset, and restore the fscreate context to avoid unexpected behaviors.
.SH "RETURN VALUE"
On error -1 is returned.
On success getfscreatecon returns the length of the context (not including
the trailing zero byte). On success setfscreatecon returns 0.
.SH "SEE ALSO"
.BR freecon "(3), " getcon "(3), " getexeccon "(3)"

1
libselinux/man/man3/getpeercon.3 Normal file
View File

@ -0,0 +1 @@
.so man3/getcon.3

1
libselinux/man/man3/getpidcon.3 Normal file
View File

@ -0,0 +1 @@
.so man3/getcon.3

1
libselinux/man/man3/getprevcon.3 Normal file
View File

@ -0,0 +1 @@
.so man3/getcon.3

25
libselinux/man/man3/getseuserbyname.3 Normal file
View File

@ -0,0 +1,25 @@
.TH "getseuserbyname" "3" "29 September 2005" "dwalsh@redhat.com" "SE Linux API documentation"
.SH "NAME"
getseuserbyname \- get SELinux username and level for a given Linux username
.SH "SYNOPSIS"
.B #include <selinux/selinux.h>
.sp
.BI "int getseuserbyname(const char *" linuxuser ", char **" selinuxuser ", char **" level ");
.SH "DESCRIPTION"
.B getseuserbyname
retrieves the SELinux username and security level associated with
a given Linux username. The SELinux username and security level can
then be passed to other libselinux functions such as
get_ordered_context_list_with_level and get_default_context_with_level.
.br
The returned SELinux username and level should be freed by the caller
using free.
.SH "RETURN VALUE"
On success, 0 is returned.
On failure, \-1 is returned and errno is set appropriately.
The errors documented for the stat(2) system call are also applicable
here.

22
libselinux/man/man3/is_context_customizable.3 Normal file
View File

@ -0,0 +1,22 @@
.TH "is_context_customizable" "3" "10 January 2005" "dwalsh@redhat.com" "SELinux API documentation"
.SH "NAME"
is_context_customizable \- check whether context type is customizable by the administrator.
.SH "SYNOPSIS"
.B #include <selinux/selinux.h>
.sp
.B int is_context_customizable(security_context_t scon);
.SH "DESCRIPTION"
.B is_context_customizable
.br
This function checks whether the type of scon is in the /etc/selinux/SELINUXTYPE/context/customizable_types file. A customizable type is a file context type that
administrators set on files, usually to allow certain domains to share the file content. restorecon and setfiles, by default, leave these context in place.
.SH "RETURN VALUE"
returns 1 if security context is customizable or 0 if it is not.
returns -1 on error
.SH "FILE"
/etc/selinux/SELINUXTYPE/context/customizable_types

11
libselinux/man/man3/is_selinux_enabled.3 Normal file
View File

@ -0,0 +1,11 @@
.TH "is_selinux_enabled" "3" "1 January 2004" "russell@coker.com.au" "SE Linux API documentation"
.SH "NAME"
is_selinux_enabled \- check whether SE Linux is enabled
.SH "SYNOPSIS"
.B #include <selinux/selinux.h>
.sp
.B int is_selinux_enabled();
.SH "DESCRIPTION"
.B is_selinux_enabled
returns 1 if SE Linux is running or 0 if it is not. May change soon.

1
libselinux/man/man3/lsetfilecon.3 Normal file
View File

@ -0,0 +1 @@
.so man3/setfilecon.3

1
libselinux/man/man3/manual_user_enter_context.3 Normal file
View File

@ -0,0 +1 @@
.so man3/get_ordered_context_list.3

26
libselinux/man/man3/matchmediacon.3 Normal file
View File

@ -0,0 +1,26 @@
.TH "matchmediacon" "3" "15 November 2004" "dwalsh@redhat.com" "SE Linux API documentation"
.SH "NAME"
matchmediacon \- get the default security context for the specified mediatype from the policy.
.SH "SYNOPSIS"
.B #include <selinux/selinux.h>
.sp
.BI "int matchmediacon(const char *" media ", security_context_t *" con);"
.br
.SH "DESCRIPTION"
.br
.B matchmediacon
matches the specified media type with the media contexts configuration and sets the security context "con" to refer to the resulting context.
.sp
.br
.B Note:
Caller must free returned security context "con" using freecon.
.SH "RETURN VALUE"
Returns 0 on success or -1 otherwise.
.SH Files
/etc/selinux/POLICYTYPE/contexts/files/media
.SH "SEE ALSO"
.BR freecon "(3)

109
libselinux/man/man3/matchpathcon.3 Normal file
View File

@ -0,0 +1,109 @@
.TH "matchpathcon" "3" "16 March 2005" "sds@tycho.nsa.gov" "SE Linux API documentation"
.SH "NAME"
matchpathcon \- get the default security context for the specified path from the file contexts configuration.
.SH "SYNOPSIS"
.B #include <selinux/selinux.h>
.sp
.BI "int matchpathcon_init(const char *" path ");"
.br
.BI "int matchpathcon(const char *" path ", mode_t " mode ", security_context_t *" con);
.sp
.br
.BI "void set_matchpathcon_printf(void (*" f ")(const char *" fmt ", ...));"
.br
.BI "void set_matchpathcon_invalidcon(int (*" f ")(const char *"path ", unsigned " lineno ", char * " context "));"
.br
.BI "void set_matchpathcon_flags(unsigned int " flags ");"
.br
.SH "DESCRIPTION"
.B matchpathcon_init
loads the file contexts configuration specified by
.I path
into memory for use by subsequent
.B matchpathcon
calls. If
.I path
is NULL, then the active file contexts configuration is loaded by default,
i.e. the path returned by
.B selinux_file_context_path(3).
Unless the
.B MATCHPATHCON_BASEONLY
flag has been set via
.B set_matchpathcon_flags,
files with the same path prefix but a
.B .homedirs
and
.B .local
suffix are also looked up and loaded if present. These files provide
dynamically generated entries for user home directories and for local
customizations.
.br
.sp
.B matchpathcon
matches the specified pathname and mode against the file contexts
configuration and sets the security context
.I con
to refer to the
resulting context. The caller must free the returned security context
.I con
using freecon when finished using it.
.I mode
can be 0 to disable mode matching, but
should be provided whenever possible, as it may affect the matching.
Only the file format bits (i.e. the file type) of the
.I mode
are used.
If
.B matchpathcon_init
has not already been called, then this function will call it upon
its first invocation with a NULL
.I path,
defaulting to the active file contexts configuration.
.sp
.br
.B set_matchpathcon_printf
sets the function used by
.B matchpathcon_init
when displaying errors about the file contexts configuration. If not set,
then this defaults to fprintf(stderr, fmt, ...). This can be set to redirect
error reporting to a different destination.
.br
.sp
.B set_matchpathcon_invalidcon
sets the function used by
.B matchpathcon_init
when checking the validity of a context in the file contexts
configuration. If not set, then this defaults to a test based
on
.B security_check_context(3),
which checks validity against the active policy on a SELinux system.
This can be set to instead perform checking based on a binary policy file,
e.g. using
.B sepol_check_context(3),
as is done by
.B setfiles -c.
The function is also responsible for reporting any such error, and
may include the
.I path
and
.I lineno
in such error messages.
.br
.sp
.B set_matchpathcon_flags
sets flags controlling the operation of
.B matchpathcon_init
or
.B matchpathcon.
If the
.B MATCHPATHCON_BASEONLY
flag is set, then only the base file contexts configuration file
will be processed, not any dynamically generated entries or local customizations.
.br
.sp
.SH "RETURN VALUE"
Returns 0 on success or -1 otherwise.
.SH "SEE ALSO"
.BR freecon "(3), " setfilecon "(3), " setfscreatecon "(3)"

1
libselinux/man/man3/query_user_context.3 Normal file
View File

@ -0,0 +1 @@
.so man3/get_ordered_context_list.3

1
libselinux/man/man3/rpm_execcon.3 Normal file
View File

@ -0,0 +1 @@
.so man3/getexeccon.3

12
libselinux/man/man3/security_check_context.3 Normal file
View File

@ -0,0 +1,12 @@
.TH "security_check_context" "3" "1 January 2004" "russell@coker.com.au" "SE Linux API documentation"
.SH "NAME"
security_check_context \- check the validity of a context
.SH "SYNOPSIS"
.B #include <selinux/selinux.h>
.sp
.BI "int security_check_context(security_context_t "con );
.SH "DESCRIPTION"
.B security_check_context
returns 0 if SE Linux is running and the context is valid, otherwise it
returns -1.

1
libselinux/man/man3/security_commit_booleans.3 Normal file
View File

@ -0,0 +1 @@
.so man3/security_load_booleans.3

54
libselinux/man/man3/security_compute_av.3 Normal file
View File

@ -0,0 +1,54 @@
.TH "security_compute_av" "3" "1 January 2004" "russell@coker.com.au" "SE Linux API documentation"
.SH "NAME"
security_compute_av, security_compute_create, security_compute_relabel, security_compute_user \- query
the SE Linux policy database in the kernel.
.SH "SYNOPSIS"
.B #include <selinux/selinux.h>
.br
.B #include <selinux/flask.h>
.sp
.BI "int security_compute_av(security_context_t "scon ", security_context_t "tcon ", security_class_t "tclass ", access_vector_t "requested ", struct av_decision *" avd );
.sp
.BI "int security_compute_create(security_context_t "scon ", security_context_t "tcon ", security_class_t "tclass ", security_context_t *" newcon );
.sp
.BI "int security_compute_relabel(security_context_t "scon ", security_context_t "tcon ", security_class_t "tclass ", security_context_t *" newcon );
.sp
.BI "int security_compute_user(security_context_t "scon ", const char *" username ", security_context_t **" con );
.sp
.BI "int checkPasswdAccess(access_vector_t " requested );
.SH "DESCRIPTION"
.B security_compute_av
queries whether the policy permits the source context
.B scon
to access the target context
.B tcon
via class
.B tclass
with the
.B requested
access vector. See the cron source for a usage example.
.B security_compute_create
is used to compute a context to use for labeling a new object in a particular
class based on a SID pair.
.B security_compute_relabel
is used to compute the new context to use when relabeling an object, it is used
in the pam_selinux.so source and the newrole source to determine the correct
label for the tty at login time, but can be used for other things.
.B security_compute_user
is used to determine the set of user contexts that can be reached from a
source context. Is mainly used by
.B get_ordered_context_list.
.B checkPasswdAccess
This functions is a helper functions that allows you to check for a permission in the passwd class. checkPasswdAccess uses getprevcon() for the source and target security contexts.
.SH "RETURN VALUE"
0 for success and on error -1 is returned.
.SH "SEE ALSO"
.BR getcon "(3), " getfilecon "(3), " get_ordered_context_list "(3)"

1
libselinux/man/man3/security_compute_create.3 Normal file
View File

@ -0,0 +1 @@
.so man3/security_compute_av.3

1
libselinux/man/man3/security_compute_relabel.3 Normal file
View File

@ -0,0 +1 @@
.so man3/security_compute_av.3

1
libselinux/man/man3/security_compute_user.3 Normal file
View File

@ -0,0 +1 @@
.so man3/security_compute_av.3

1
libselinux/man/man3/security_get_boolean_active.3 Normal file
View File

@ -0,0 +1 @@
.so man3/security_load_booleans.3

1
libselinux/man/man3/security_get_boolean_names.3 Normal file
View File

@ -0,0 +1 @@
.so man3/security_load_booleans.3

1
libselinux/man/man3/security_get_boolean_pending.3 Normal file
View File

@ -0,0 +1 @@
.so man3/security_load_booleans.3

19
libselinux/man/man3/security_getenforce.3 Normal file
View File

@ -0,0 +1,19 @@
.TH "security_getenforce" "3" "1 January 2004" "russell@coker.com.au" "SE Linux API documentation"
.SH "NAME"
security_getenforce, security_setenforce \- get or set the enforcing state of SE Linux
.SH "SYNOPSIS"
.B #include <selinux/selinux.h>
.sp
.B int security_getenforce();
.br
.BI "int security_setenforce(int "value );
.SH "DESCRIPTION"
.B security_getenforce
returns 0 if SE Linux is running in permissive mode, 1 if it is running in
enforcing mode, and -1 on error.
.B security_setenforce
sets SE Linux to enforcing mode if the value 1 is passed in, and sets it to
permissive mode if 0 is passed in. On success 0 is returned, on error -1 is
returned.

59
libselinux/man/man3/security_load_booleans.3 Normal file
View File

@ -0,0 +1,59 @@
.TH "security_get_boolean_names" "3" "15 November 2004" "dwalsh@redhat.com" "SELinux API Documentation"
.SH "NAME"
security_load_booleans, security_set_boolean, security_commit_booleans,
security_get_boolean_names, security_get_boolean_active,
security_get_boolean_pending \- routines for manipulating SELinux boolean values
.SH "SYNOPSIS"
.B #include <selinux/selinux.h>
.sp
extern int security_load_booleans(char *path);
.br
extern int security_get_boolean_names(char ***names, int *len);
.br
extern int security_get_boolean_pending(const char *name);
.br
extern int security_get_boolean_active(const char *name);
.br
extern int security_set_boolean(const char *name, int value);
.br
extern int security_commit_booleans(void);
.SH "DESCRIPTION"
The SELinux policy can include conditional rules that are enabled or
disabled based on the current values of a set of policy booleans.
These policy booleans allow runtime modification of the security
policy without having to load a new policy.
The SELinux API allows for a transaction based update. So you can set several boolean values and the commit them all at once.
security_load_booleans
.br
Load policy boolean settings. Path may be NULL, in which case the booleans are loaded from the active policy boolean configuration file.
security_get_boolean_names
.br
Returns a list of boolean names, currently supported by the loaded policy.
security_set_boolean
.br
Sets the pending value for boolean
security_get_boolean_pending
.br
Return pending value for boolean
security_get_boolean_active
.br
Return active value for boolean
security_commit_booleans
.br
Commit all pending values for the booleans.
.SH AUTHOR
This manual page was written by Dan Walsh <dwalsh@redhat.com>.
.SH "SEE ALSO"
getsebool(8), booleans(8), togglesebool(8)

11
libselinux/man/man3/security_load_policy.3 Normal file
View File

@ -0,0 +1,11 @@
.TH "security_load_policy" "3" "1 January 2004" "russell@coker.com.au" "SE Linux API documentation"
.SH "NAME"
security_load_policy \- load a new policy
.SH "SYNOPSIS"
.B #include <selinux/selinux.h>
.sp
.BI "int security_load_policy(void *" data ", size_t "len );
.SH "DESCRIPTION"
.B security_load_policy
loads a new policy, returns 0 for success and -1 for error.

12
libselinux/man/man3/security_policyvers.3 Normal file
View File

@ -0,0 +1,12 @@
.TH "security_policyvers" "3" "1 January 2004" "russell@coker.com.au" "SE Linux API documentation"
.SH "NAME"
security_policyvers \- get the version of the SE Linux policy
.SH "SYNOPSIS"
.B #include <selinux/selinux.h>
.sp
.B int security_policyvers();
.SH "DESCRIPTION"
.B security_policyvers
returns the version of the policy (a positive integer) on success, or -1 on
error.

1
libselinux/man/man3/security_set_boolean.3 Normal file
View File

@ -0,0 +1 @@
.so man3/security_load_booleans.3

1
libselinux/man/man3/security_setenforce.3 Normal file
View File

@ -0,0 +1 @@
.so security_getenforce.3

63
libselinux/man/man3/selinux_binary_policy_path.3 Normal file
View File

@ -0,0 +1,63 @@
.TH "selinux_binary_policy_path" "3" "15 November 2004" "dwalsh@redhat.com" "SELinux API Documentation"
.SH "NAME"
selinux_policy_root, selinux_binary_policy_path,
selinux_failsafe_context_path, selinux_removable_context_path,
selinux_default_context_path, selinux_user_contexts_path,
selinux_file_context_path, selinux_media_context_path,
selinux_contexts_path, selinux_booleans_path \- These functions return the paths to the active policy configuration
directories and files.
.SH "SYNOPSIS"
.B #include <selinux/selinux.h>
.sp
.br
extern const char *selinux_policy_root(void);
.br
extern const char *selinux_binary_policy_path(void);
.br
extern const char *selinux_failsafe_context_path(void);
.br
extern const char *selinux_removable_context_path(void);
.br
extern const char *selinux_default_context_path(void);
.br
extern const char *selinux_user_contexts_path(void);
.br
extern const char *selinux_file_context_path(void);
.br
extern const char *selinux_media_context_path(void);
.br
extern const char *selinux_contexts_path(void);
.br
extern const char *selinux_booleans_path(void);
.SH "DESCRIPTION"
These functions return the paths to the active policy configuration
directories and files based on the settings in /etc/selinux/config.
.sp
selinux_policy_root() - top-level policy directory
.sp
selinux_binary_policy_path() - binary policy file loaded into kernel
.sp
selinux_failsafe_context_path() - failsafe context for emergency logins
.sp
selinux_removable_context_path() - filesystem context for removable media
.sp
selinux_default_context_path() - system-wide default contexts for user sessions
.sp
selinux_user_contexts_path() - directory containing per-user default contexts
.sp
selinux_file_context_path() - file contexts configuration
.sp
selinux_media_context_path() - file contexts for media device nodes
.sp
selinux_contexts_path() - directory containing all of the context configuration files
.sp
selinux_booleans_path() - initial policy boolean settings
.SH AUTHOR
This manual page was written by Dan Walsh <dwalsh@redhat.com>.

1
libselinux/man/man3/selinux_booleans_path.3 Normal file
View File

@ -0,0 +1 @@
.so man3/selinux_binary_policy_path.3

1
libselinux/man/man3/selinux_contexts_path.3 Normal file
View File

@ -0,0 +1 @@
.so man3/selinux_binary_policy_path.3

1
libselinux/man/man3/selinux_default_context_path.3 Normal file
View File

@ -0,0 +1 @@
.so man3/selinux_binary_policy_path.3

1
libselinux/man/man3/selinux_failsafe_context_path.3 Normal file
View File

@ -0,0 +1 @@
.so man3/selinux_binary_policy_path.3

1
libselinux/man/man3/selinux_file_context_path.3 Normal file
View File

@ -0,0 +1 @@
.so man3/selinux_binary_policy_path.3

22
libselinux/man/man3/selinux_getenforcemode.3 Normal file
View File

@ -0,0 +1,22 @@
.TH "selinux_getenforcemode" "3" "25 May 2004" "dwalsh@redhat.com" "SE Linux API documentation"
.SH "NAME"
selinux_getenforcemode \- get the enforcing state of SE Linux
.SH "SYNOPSIS"
.B #include <selinux/selinux.h>
.sp
.B int selinux_getenforcemode(int *enforce);
.br
.SH "DESCRIPTION"
.B selinux_getenforcemode
Reads the contents of the /etc/selinux/config file to determine how the
system was setup to run SELinux.
.br
Sets the value of enforce to 1 if SELinux should be run in enforcing mode.
Sets the value of enforce to 0 if SELinux should be run in permissive mode.
Sets the value of enforce to -1 if SELinux should be disabled.
.SH "RETURN VALUE"
On success, zero is returned.
On failure, -1 is returned.

1
libselinux/man/man3/selinux_media_context_path.3 Normal file
View File

@ -0,0 +1 @@
.so man3/selinux_binary_policy_path.3

17
libselinux/man/man3/selinux_policy_root.3 Normal file
View File

@ -0,0 +1,17 @@
.TH "selinux_policy_root" "3" "25 May 2004" "dwalsh@redhat.com" "SE Linux API documentation"
.SH "NAME"
selinux_policy_root \- return the path of the SELinux policy files for this machine.
.SH "SYNOPSIS"
.B #include <selinux/selinux.h>
.sp
.B char *selinux_policy_root();
.br
.SH "DESCRIPTION"
.B selinux_policy_root
Reads the contents of the /etc/selinux/config file to determine which policy files should be used for this machine.
.SH "RETURN VALUE"
On success, returns a directory path containing the SELinux policy files.
On failure, NULL is returned.

1
libselinux/man/man3/selinux_removable_context_path.3 Normal file
View File

@ -0,0 +1 @@
.so man3/selinux_binary_policy_path.3

1
libselinux/man/man3/selinux_user_contexts_path.3 Normal file
View File

@ -0,0 +1 @@
.so man3/selinux_binary_policy_path.3

1
libselinux/man/man3/set_matchpathcon_printf.3 Normal file
View File

@ -0,0 +1 @@
.so man3/matchpathcon.3

1
libselinux/man/man3/setcon.3 Normal file
View File

@ -0,0 +1 @@
.so man3/getcon.3

1
libselinux/man/man3/setexeccon.3 Normal file
View File

@ -0,0 +1 @@
.so man3/getexeccon.3

41
libselinux/man/man3/setfilecon.3 Normal file
View File

@ -0,0 +1,41 @@
.TH "setfilecon" "3" "1 January 2004" "russell@coker.com.au" "SE Linux API documentation"
.SH "NAME"
setfilecon, fsetfilecon, lsetfilecon \- set SE Linux security context of a file
.SH "SYNOPSIS"
.B #include <selinux/selinux.h>
.sp
.BI "int setfilecon(const char *" path ", security_context_t "con );
.br
.BI "int lsetfilecon(const char *" path ", security_context_t "con );
.br
.BI "int fsetfilecon(int "fd ", security_context_t "con );
.SH "DESCRIPTION"
.B setfilecon
sets the security context of the file system object.
.B lsetfilecon
is identical to setfilecon, except in the case of a symbolic link, where the
link itself has it's context set, not the file that it refers to.
.B fsetfilecon
is identical to setfilecon, only the open file pointed to by filedes (as
returned by open(2)) has it's context set in place of path.
.SH "RETURN VALUE"
On success, zero is returned. On failure, -1 is returned and errno is
set appropriately.
If there is insufficient space remaining to store the extended
attribute, errno is set to either ENOSPC, or EDQUOT if quota enforce-
ment was the cause.
If extended attributes are not supported by the filesystem, or are dis-
abled, errno is set to ENOTSUP.
The errors documented for the stat(2) system call are also applicable
here.
.SH "SEE ALSO"
.BR freecon "(3), " getfilecon "(3), " setfscreatecon "(3)"

1
libselinux/man/man3/setfscreatecon.3 Normal file
View File

@ -0,0 +1 @@
.so man3/getfscreatecon.3

1
libselinux/man/man3/sidget.3 Normal file
View File

@ -0,0 +1 @@
.so man3/avc_context_to_sid.3

1
libselinux/man/man3/sidput.3 Normal file
View File

@ -0,0 +1 @@
.so man3/avc_context_to_sid.3

28
libselinux/man/man8/avcstat.8 Normal file
View File

@ -0,0 +1,28 @@
.TH "avcstat" "8" "18 Nov 2004" "dwalsh@redhat.com" "SELinux Command Line documentation"
.SH "NAME"
avcstat \- Display SELinux AVC statistics
.SH "SYNOPSIS"
.B avcstat
.I [-c] [-f status_file] [interval]
.SH "DESCRIPTION"
.B avcstat
Display SELinux AVC statistics. If the interval parameter is specified, the
program will loop, displaying updated statistics every 'interval' seconds.
Relative values are displayed by default.
.SH OPTIONS
.TP
.B \-c
Display the cumulative values.
.TP
.B \-f
Specifies the location of the AVC statistics file, defaulting to '/selinux/avc/cache_stats'.
.SH AUTHOR
This manual page was written by Dan Walsh <dwalsh@redhat.com>.
The program was written by James Morris <jmorris@redhat.com>.

55
libselinux/man/man8/booleans.8 Normal file
View File

@ -0,0 +1,55 @@
.TH "booleans" "8" "11 Aug 2004" "dwalsh@redhat.com" "SELinux Command Line documentation"
.SH "NAME"
booleans \- Policy booleans enable runtime customization of SELinux policy.
.SH "DESCRIPTION"
This manual page describes SELinux policy booleans.
.BR
The SELinux policy can include conditional rules that are enabled or
disabled based on the current values of a set of policy booleans.
These policy booleans allow runtime modification of the security
policy without having to load a new policy.
For example, the boolean httpd_enable_cgi allows the httpd daemon to
run cgi scripts if it is enabled. If the administrator does not want
to allow execution of cgi scripts, he can simply disable this boolean
value.
The policy defines a default value for each boolean, typically false.
These default values can be overridden at boot-time based on the
settings in the
.I /etc/selinux/SELINUXTYPE/booleans
file, where
SELINUXTYPE is the type of policy currently being run on the system as
defined in the
.I /etc/selinux/config
file. The
.B system-config-securitylevel
tool provides an interface for altering
the settings in this file. The
.B load_policy(8)
program will preserve
current boolean settings upon a policy reload by default, or can
optionally reset booleans to the boot-time defaults via the -b option.
Boolean values can be listed by using the
.B getsebool(8)
utility and passing it the -a option.
Boolean values can also be changed at runtime via the
.B setsebool(8)
utility or the
.B togglesebool
utility. These utilities only change the
current boolean value and do not affect the boot-time settings.
.SH AUTHOR
This manual page was written by Dan Walsh <dwalsh@redhat.com>.
The SELinux conditional policy support was developed by Tresys Technology.
.SH "SEE ALSO"
getsebool(8), setsebool(8), selinux(8), togglesebool(8)
.SH FILES
/etc/selinux/SELINUXTYPE/booleans, /etc/selinux/config

15
libselinux/man/man8/getenforce.8 Normal file
View File

@ -0,0 +1,15 @@
.TH "getenforce" "1" "7 April 2004" "dwalsh@redhat.com" "SELinux Command Line documentation"
.SH "NAME"
getenforce \- get the current mode of SELinux
.SH "SYNOPSIS"
.B getenforce
.SH "DESCRIPTION"
.B getenforce
reports whether SELinux is enforcing, permissive, or disabled.
.SH AUTHOR
Dan Walsh, <dwalsh@redhat.com>
.SH "SEE ALSO"
setenforce(8), selinuxenabled(8)

34
libselinux/man/man8/getsebool.8 Normal file
View File

@ -0,0 +1,34 @@
.TH "getsebool" "8" "11 Aug 2004" "dwalsh@redhat.com" "SELinux Command Line documentation"
.SH "NAME"
getsebool \- get SELinux boolean value(s)
.SH "SYNOPSIS"
.B getsebool
.I "[-a] [boolean]"
.SH "DESCRIPTION"
.B getsebool
reports where a particular SELinux boolean or
all SELinux booleans are active or inactive.
In certain situations a boolean can be in one state with a pending
change to the other state. getsebool will report this as a pending change.
The pending value indicates
the value that will be applied upon the next boolean commit.
The setting of boolean values occurs in two stages; first the pending
value is changed, then the booleans are committed, causing their
active values to become their pending values. This allows a group of
booleans to be changed in a single transaction, by setting all of
their pending values as desired and then committing once.
.SH OPTIONS
.TP
.B \-a
Show all SELinux booleans.
.SH AUTHOR
This manual page was written by Dan Walsh <dwalsh@redhat.com>.
The program was written by Tresys Technology.
.SH "SEE ALSO"
setsebool(8), booleans(8)

18
libselinux/man/man8/matchpathcon.8 Normal file
View File

@ -0,0 +1,18 @@
.TH "matchpathcon" "8" "21 April 2005" "dwalsh@redhat.com" "SE Linux Command Line documentation"
.SH "NAME"
matchpathcon \- get the default security context for the specified path from the file contexts configuration.
.SH "SYNOPSIS"
.B matchpathcon [-n] filepath...
.SH "DESCRIPTION"
.B matchpathcon
Prints the file path and the default security context associated with it.
.br
If the -n option is given, do not display path.
.SH AUTHOR
This manual page was written by Dan Walsh <dwalsh@redhat.com>.
.SH "SEE ALSO"
.BR mathpathcon "(3), "

83
libselinux/man/man8/selinux.8 Normal file
View File

@ -0,0 +1,83 @@
.TH "selinux" "8" "29 Apr 2005" "dwalsh@redhat.com" "SELinux Command Line documentation"
.SH "NAME"
selinux \- NSA Security-Enhanced Linux (SELinux)
.SH "DESCRIPTION"
NSA Security-Enhanced Linux (SELinux) is an implementation of a
flexible mandatory access control architecture in the Linux operating
system. The SELinux architecture provides general support for the
enforcement of many kinds of mandatory access control policies,
including those based on the concepts of Type Enforcement®, Role-
Based Access Control, and Multi-Level Security. Background
information and technical documentation about SELinux can be found at
http://www.nsa.gov/selinux.
The
.I /etc/selinux/config
configuration file controls whether SELinux is
enabled or disabled, and if enabled, whether SELinux operates in
permissive mode or enforcing mode. The
.B SELINUX
variable may be set to
any one of disabled, permissive, or enforcing to select one of these
options. The disabled option completely disables the SELinux kernel
and application code, leaving the system running without any SELinux
protection. The permissive option enables the SELinux code, but
causes it to operate in a mode where accesses that would be denied by
policy are permitted but audited. The enforcing option enables the
SELinux code and causes it to enforce access denials as well as
auditing them. Permissive mode may yield a different set of denials
than enforcing mode, both because enforcing mode will prevent an
operation from proceeding past the first denial and because some
application code will fall back to a less privileged mode of operation
if denied access.
The
.I /etc/selinux/config
configuration file also controls what policy
is active on the system. SELinux allows for multiple policies to be
installed on the system, but only one policy may be active at any
given time. At present, two kinds of SELinux policy exist: targeted
and strict. The targeted policy is designed as a policy where most
processes operate without restrictions, and only specific services are
placed into distinct security domains that are confined by the policy.
For example, the user would run in a completely unconfined domain
while the named daemon or apache daemon would run in a specific domain
tailored to its operation. The strict policy is designed as a policy
where all processes are partitioned into fine-grained security domains
and confined by policy. It is anticipated in the future that other
policies will be created (Multi-Level Security for example). You can
define which policy you will run by setting the
.B SELINUXTYPE
environment variable within
.I /etc/selinux/config.
The corresponding
policy configuration for each such policy must be installed in the
/etc/selinux/SELINUXTYPE/ directories.
A given SELinux policy can be customized further based on a set of
compile-time tunable options and a set of runtime policy booleans.
.B system-config-securitylevel
allows customization of these booleans and tunables.
.br
Many domains that are protected by SELinux also include selinux man pages explainging how to customize their policy.
.SH FILE LABELING
All files, directories, devices ... have a security context/label associated with them. These context are stored in the extended attributes of the file system.
Problems with SELinux often arise from the file system being mislabeled. This can be caused by booting the machine with a non selinux kernel. If you see an error message containing file_t, that is usually a good indicator that you have a serious problem with file system labeling.
.br
The best way to relabel the file system is to create the flag file /.autorelabel and reboot. system-config-securitylevel, also has this capability. The restorcon/fixfiles commands are also available for relabeling files.
.SH AUTHOR
This manual page was written by Dan Walsh <dwalsh@redhat.com>.
.SH "SEE ALSO"
booleans(8), setsebool(8), selinuxenabled(8), togglesebool(8), restorecon(8), setfiles(8), ftpd_selinux(8), named_selinux(8), rsync_selinux(8), httpd_selinux(8), nfs_selinux(8), samba_selinux(8), kerberos_selinux(8), nis_selinux(8), ypbind_selinux(8)
.SH FILES
/etc/selinux/config

16
libselinux/man/man8/selinuxenabled.8 Normal file
View File

@ -0,0 +1,16 @@
.TH "selinuxenabled" "1" "7 April 2004" "dwalsh@redhat.com" "SELinux Command Line documentation"
.SH "NAME"
selinuxenabled \- tool to be used within shell scripts to determine if selinux is enabled
.SH "SYNOPSIS"
.B selinuxenabled
.SH "DESCRIPTION"
.B selinuxenabled
Indicates whether SELinux is enabled or disabled. It exits with status 0
if SELinux is enabled and 1 if it is not enabled.
.SH AUTHOR
Dan Walsh, <dwalsh@redhat.com>
.SH "SEE ALSO"
setenforce(8), getenforce(8)

Some files were not shown because too many files have changed in this diff Show More