Man Linux: Main Page and Category List

NAME

       get_ordered_context_list,          get_ordered_context_list_with_level,
       get_default_context,                    get_default_context_with_level,
       get_default_context_with_role,      get_default_context_with_rolelevel,
       query_user_context,   manual_user_enter_context,   get_default_role   -
       determine SELinux context(s) for user sessions

SYNOPSIS

       #include <selinux/selinux.h>

       #include <selinux/get_context_list.h>

       int   get_ordered_context_list(const   char  *user,  security_context_t
       fromcon, security_context_t **list);

       int get_ordered_context_list_with_level(const char  *user,  const  char
       *level, security_context_t fromcon, security_context_t **list);

       int  get_default_context(const  char *user, security_context_t fromcon,
       security_context_t *newcon);

       int get_default_context_with_level(const char *user, const char *level,
       security_context_t fromcon, security_context_t *newcon);

       int  get_default_context_with_role(const  char* user, const char *role,
       security_context_t fromcon, security_context_t *newcon);

       int get_default_context_with_rolelevel(const char*  user,  const  char*
       level, const char *role, security_context_t fromcon, security_context_t
       *newcon);

       int  query_user_context(security_context_t  *list,   security_context_t
       *newcon);

       int   manual_user_enter_context(const  char  *user,  security_context_t
       *newcon);

       int get_default_type(const char *role, char **type);

DESCRIPTION

       get_ordered_context_list invokes the security_compute_user function  to
       obtain  the  list of contexts for the specified user that are reachable
       from the specified fromcon  context.   The  function  then  orders  the
       resulting         list         based        on        the        global
       /etc/selinux/<SELINUXTYPE>/contexts/default_contexts file and the  per-
       user  /etc/selinux/<SELINUXTYPE>/contexts/users/<username>  file  if it
       exists.  The fromcon parameter may be NULL to indicate that the current
       context should be used.  The function returns the number of contexts in
       the list, or -1  upon  errors.   The  list  must  be  freed  using  the
       freeconary function.

       get_ordered_context_list_with_level             invokes             the
       get_ordered_context_list function and applies the specified level.

       get_default_context is the same as  get_ordered_context_list  but  only
       returns a single context which has to be freed with freecon.

       get_default_context_with_level invokes the get_default_context function
       and applies the specified level.

       get_default_context_with_role is the same  as  get_default_context  but
       only returns a context with the specified role, returning -1 if no such
       context is reachable for the user.

       get_default_context_with_rolelevel             invokes              the
       get_default_context_with_role function and applies the specified level.

       query_user_context takes a list  of  contexts,  queries  the  user  via
       stdin/stdout  as  to which context they want, and returns a new context
       as selected by the user (which has to be freed with freecon).

       manual_user_enter_context allows the user to manually enter  a  context
       as  a  fallback if a list of authorized contexts could not be obtained.
       Caller must free via freecon.

       get_default_type Get the default  type  (domain)  for  ’role’  and  set
       ’type’ to refer to it, which has to be freed with free.

RETURN VALUE

       get_ordered_context_list and get_ordered_context_list_with_level return
       the number of contexts in the list upon success or -1 upon errors.  The
       other functions return 0 for success or -1 for errors.

SEE ALSO

       selinux(8),                  freeconary(3),                 freecon(3),
       security_compute_av(3),getseuserbyname"(3)"