67 lines
2.7 KiB
Groff
67 lines
2.7 KiB
Groff
.TH "get_ordered_context_list" "3" "1 January 2004" "russell@coker.com.au" "SE Linux"
|
|
.SH "NAME"
|
|
get_ordered_context_list, get_default_context, get_default_context_with_role, query_user_context, manual_user_enter_context, get_default_role \- determine context(s) for user sessions
|
|
|
|
.SH "SYNOPSIS"
|
|
.B #include <selinux/selinux.h>
|
|
.br
|
|
.B #include <selinux/get_context_list.h>
|
|
.sp
|
|
.BI "int get_ordered_context_list(const char *" user ", security_context_t "fromcon ", security_context_t **" list );
|
|
.sp
|
|
.BI "int get_default_context(const char *" user ", security_context_t "fromcon ", security_context_t *" newcon );
|
|
.sp
|
|
.BI "int get_default_context_with_role(const char* " user ", const char *" role ", security_context_t " fromcon ", security_context_t *" newcon ");
|
|
.sp
|
|
.BI "int query_user_context(security_context_t *" list ", security_context_t *" newcon );
|
|
.sp
|
|
.BI "int manual_user_enter_context(const char *" user ", security_context_t *" newcon );
|
|
.sp
|
|
.BI "int get_default_type(const char *" role ", char **" type );
|
|
|
|
.SH "DESCRIPTION"
|
|
.B get_ordered_context_list
|
|
invokes the
|
|
.B security_compute_user
|
|
function to obtain the list of contexts for the specified
|
|
.I user
|
|
that are reachable from the specified
|
|
.I fromcon
|
|
context and then orders the resulting list based on the global
|
|
.B /etc/selinux/<SELINUXTYPE>/contexts/default_contexts
|
|
file and the per-user
|
|
.B /etc/selinux/<SELINUXTYPE>/contexts/users/<username>
|
|
file if it exists. The
|
|
.I fromcon
|
|
parameter may be NULL to indicate that the current context should
|
|
be used. The function returns the number of contexts in the
|
|
list, or -1 upon errors. The list must be freed using the
|
|
.B freeconary
|
|
function.
|
|
|
|
.B get_default_context
|
|
is the same as get_ordered_context_list but only returns a single context
|
|
which has to be freed with freecon.
|
|
|
|
.B get_default_context_with_role
|
|
is the same as get_default_context but only returns a context with the specified role, returning -1 if no such context is reachable for the user.
|
|
|
|
.B query_user_context
|
|
takes a list of contexts, queries the user via stdin/stdout as to which context
|
|
they want, and returns a new context as selected by the user (which has to be
|
|
freed with freecon).
|
|
|
|
.B manual_user_enter_context
|
|
allows the user to manually enter a context as a fallback if a list of authorized contexts could not be obtained. Caller must free via freecon.
|
|
|
|
.B get_default_type
|
|
Get the default type (domain) for 'role' and set 'type' to refer to it, which has to be freed with free.
|
|
|
|
.SH "RETURN VALUE"
|
|
get_ordered_context_list returns the number of contexts in the list upon
|
|
success or -1 upon errors.
|
|
The other functions return 0 for success or -1 for errors.
|
|
|
|
.SH "SEE ALSO"
|
|
.BR freeconary "(3), " freecon "(3), " security_compute_av "(3)"
|