1set_matchpathcon_flags(3)  SELinux API documentation set_matchpathcon_flags(3)
2
3
4

NAME

6       set_matchpathcon_flags,   set_matchpathcon_invalidcon,   set_matchpath‐
7       con_printf - set flags controlling the  operation  of  matchpathcon  or
8       matchpathcon_index and configure the behaviour of validity checking and
9       error displaying
10

SYNOPSIS

12       #include <selinux/selinux.h>
13
14       void set_matchpathcon_flags(unsigned int flags);
15
16       void set_matchpathcon_invalidcon(int (*f)(const  char  *path,  unsigned
17       lineno, char *context));
18
19       void set_matchpathcon_printf(void (*f)(const char *fmt, ...));
20

DESCRIPTION

22       set_matchpathcon_flags()  sets  the  flags controlling the operation of
23       matchpathcon_init(3) and subsequently matchpathcon_index(3)  or  match‐
24       pathcon(3).   If  the  MATCHPATHCON_BASEONLY flag is set, then only the
25       base file contexts configuration file will be processed, not any dynam‐
26       ically generated entries or local customizations.
27
28
29       set_matchpathcon_invalidcon()  sets  the  function  used  by matchpath‐
30       con_init(3) when checking the validity of a context in  the  file  con‐
31       texts configuration.  If not set, then this defaults to a test based on
32       security_check_context(3), which checks  validity  against  the  active
33       policy  on a SELinux system.  This can be set to instead perform check‐
34       ing based on a binary policy file, e.g.  using  sepol_check_context(3),
35       as  is  done  by  setfiles  -c.   The  function is also responsible for
36       reporting any such error, and may include the path and lineno  in  such
37       error messages.
38
39
40       set_matchpathcon_printf()   sets   the   function  used  by  matchpath‐
41       con_init(3) when displaying errors about the file  contexts  configura‐
42       tion.   If  not  set,  then this defaults to fprintf(stderr, fmt, ...).
43       This can be set to redirect error reporting to a different destination.
44

RETURN VALUE

46       Returns zero on success or -1 otherwise.
47

SEE ALSO

49       selinux(8), matchpathcon(3), matchpathcon_index(3),
50       set_matchpathcon_invalidcon(3), set_matchpathcon_printf(3), freecon(3),
51       setfilecon(3), setfscreatecon(3)
52
53
54
55sds@tycho.nsa.gov              21 November 2009      set_matchpathcon_flags(3)