NAME
selabel_file - userspace SELinux labeling interface: file contexts
backend.
SYNOPSIS
#include <selinux/selinux.h>
#include <selinux/label.h>
int selabel_lookup(struct selabel_handle *hnd,
security_context_t *context,
const char *path, int mode);
DESCRIPTION
The file contexts backend maps from pathname/mode combinations into
security contexts. It is used to find the appropriate context for each
file when relabeling a file system.
The path argument should be set to the full pathname of the file whose
assigned context is being checked. The mode argument should be set to
the mode bits of the file, as determined by lstat(2).
OPTIONS
In addition to the global options described in selabel_open(3), this
backend recognizes the following options:
SELABEL_OPT_PATH
A non-null value for this option specifies a path to a file that
will be opened in lieu of the standard file contexts file. This
value is also used as the base name for determining the names of
local customization files.
SELABEL_OPT_BASEONLY
A non-null value for this option indicates that any local
customizations to the file contexts mapping should be ignored.
SELABEL_OPT_SUBSET
A non-null value for this option is interpreted as a path
prefix, for example "/etc". Only file context specifications
starting with the given prefix are loaded. This may increase
lookup performance, however any attempt to look up a path not
starting with the given prefix will fail.
SEE ALSO
selabel_open(3), selabel_lookup(3), selabel_stats(3), selinux(8)
18 Jun 2007 selabel_file(5)