Man Linux: Main Page and Category List

NAME

       getfilecon,  fgetfilecon, lgetfilecon - get SELinux security context of
       a file

SYNOPSIS

       #include <selinux/selinux.h>

       int getfilecon(const char *path, security_context_t *con);

       int lgetfilecon(const char *path, security_context_t *con);

       int fgetfilecon(int fd, security_context_t *con);

DESCRIPTION

       getfilecon retrieves the context associated with the given path in  the
       file system, the length of the context is returned.

       lgetfilecon  is  identical  to  getfilecon,  except  in  the  case of a
       symbolic link, where the link itself is interrogated, not the file that
       it refers to.

       fgetfilecon  is  identical to getfilecon, only the open file pointed to
       by filedes (as returned by open(2)) is interrogated in place of path.

       The returned context should be freed with freecon if non-NULL.

RETURN VALUE

       On success, a positive number is returned indicating the  size  of  the
       extended  attribute value. On failure, -1 is returned and errno is  set
       appropriately.

       If the context does not exist, or the process has  no  access  to  this
       attribute, errno is set to ENODATA.

       If extended attributes are not supported by the filesystem, or are dis-
       abled, errno is set to ENOTSUP.

       The errors documented for the stat(2) system call are  also  applicable
       here.

SEE ALSO

       selinux(8), freecon(3), setfilecon(3), setfscreatecon(3)