1selinux_raw_context_to_colorL(i3b)rary Functions Mansueallinux_raw_context_to_color(3)
2
3
4
6 selinux_raw_context_to_color - Return RGB color string for an SELinux
7 security context
8
10 #include <selinux/selinux.h>
11
12 int selinux_raw_context_to_color(char * raw,
13 char **color_str);
14
16 selinux_raw_context_to_color() returns a color_str associated to the
17 raw context raw provided that the mcstransd(8) daemon is running, the
18 policy is an MLS type policy (MCS or MLS) and there is a color configu‐
19 ration file secolor.conf(5) (see the FILES section).
20
21 The color_str string is a space separated list of eight hexadecimal RGB
22 triples, each prefixed by a hash character (#). These represent the
23 user:role:type:range components of the foreground and background col‐
24 ors. An example string is shown in the EXAMPLE section.
25
26 The returned color_str string must be freed with free(3).
27
28 If a color has not been configured for a specific user, role, type
29 and/or range component of context raw, then
30 selinux_raw_context_to_color() will select the color returned in
31 color_str in order of precedence as follows:
32 role, type, range
33 user, type, range
34 user, role, range
35 user, role, type
36
37 If there are no entries in the secolor.conf(5) file for any of the com‐
38 ponents of context raw (or the file is not present), then the default
39 string returned in color_str is:
40
41 ----- user ---- ---- role ---- ---- type ---- ---- range ----
42 #000000 #ffffff #000000 #ffffff #000000 #ffffff #000000 #ffffff
43
44
46 On success, zero is returned.
47 On failure, -1 is returned with errno set appropriately.
48
50 ENOENT If the mcstransd(8) daemon is not running.
51
53 selinux_raw_context_to_color() obtains the translated entry from the
54 active policy secolor.conf(5) file as returned by
55 selinux_colors_path(3). The file format is described in
56 secolor.conf(5).
57
59 1. The primary use of selinux_raw_context_to_color() is to return a
60 color that corresponds to a range, that can then be used to highlight
61 information at different MLS levels.
62
63 2. The mcstransd(8) daemon process security level must dominate the raw
64 security level passed to it by the selinux_raw_context_to_color() func‐
65 tion. If not, the range color selected will be as defined by the order
66 of precedence.
67
69 selinux_raw_context_to_color() returns the foreground and background
70 colors of the context string components (user:role:type:range) as RGB
71 triples as follows:
72
73
74 user : role : type : range
75 fg bg : fg bg : fg bg : fg bg
76 #000000 #ffffff #ffffff #000000 #d2b48c #ffa500 #000000 #008000
77 black white : white black : tan orange : black green
78
80 selinux(8), selinux_colors_path(3), mcstransd(8), secolor.conf(5),
81 selinux_raw_to_trans_context(3), selinux_trans_to_raw_context(3),
82 free(3)
83
84
85
86SELinux API documentation 08 April 2011 selinux_raw_context_to_color(3)