1set_matchpathcon_flags(3) SELinux API documentation set_matchpathcon_flags(3)
2
3
4
6 set_matchpathcon_flags, set_matchpathcon_invalidcon, set_matchpath‐
7 con_printf - set flags controlling the operation of matchpathcon or
8 matchpathcon_index and configure the behaviour of validity checking and
9 error displaying
10
12 #include <selinux/selinux.h>
13
14 void set_matchpathcon_flags(unsigned int flags);
15
16 void set_matchpathcon_invalidcon(int (*f)(const char *path, unsigned
17 lineno, char *context));
18
19 void set_matchpathcon_printf(void (*f)(const char *fmt, ...));
20
22 set_matchpathcon_flags() sets the flags controlling the operation of
23 matchpathcon_init(3) and subsequently matchpathcon_index(3) or match‐
24 pathcon(3). If the MATCHPATHCON_BASEONLY flag is set, then only the
25 base file contexts configuration file will be processed, not any dynam‐
26 ically generated entries or local customizations.
27
28
29 set_matchpathcon_invalidcon() sets the function used by matchpath‐
30 con_init(3) when checking the validity of a context in the file con‐
31 texts configuration. If not set, then this defaults to a test based on
32 security_check_context(3), which checks validity against the active
33 policy on a SELinux system. This can be set to instead perform check‐
34 ing based on a binary policy file, e.g. using sepol_check_context(3),
35 as is done by setfiles -c. The function is also responsible for
36 reporting any such error, and may include the path and lineno in such
37 error messages.
38
39
40 set_matchpathcon_printf() sets the function used by matchpath‐
41 con_init(3) when displaying errors about the file contexts configura‐
42 tion. If not set, then this defaults to fprintf(stderr, fmt, ...).
43 This can be set to redirect error reporting to a different destination.
44
46 Returns zero on success or -1 otherwise.
47
49 selinux(8), matchpathcon(3), matchpathcon_index(3),
50 set_matchpathcon_invalidcon(3), set_matchpathcon_printf(3), freecon(3),
51 setfilecon(3), setfscreatecon(3)
52
53
54
55sds@tycho.nsa.gov 21 November 2009 set_matchpathcon_flags(3)