1avc_context_to_sid(3)      SELinux API documentation     avc_context_to_sid(3)
2
3
4

NAME

6       avc_context_to_sid,  avc_sid_to_context,  avc_get_initial_sid  - obtain
7       and manipulate SELinux security ID's
8

SYNOPSIS

10       #include <selinux/selinux.h>
11       #include <selinux/avc.h>
12
13       int avc_context_to_sid(char *ctx, security_id_t *sid);
14
15       int avc_sid_to_context(security_id_t sid, char **ctx);
16
17       int avc_get_initial_sid(const char *name, security_id_t *sid);
18

DESCRIPTION

20       Security ID's (SID's) are opaque representations of security  contexts,
21       managed by the userspace AVC.
22
23       avc_context_to_sid()  returns a SID for the given context in the memory
24       referenced by sid.
25
26       avc_sid_to_context() returns a copy of the context represented  by  sid
27       in  the  memory  referenced  by  ctx.  The user must free the copy with
28       freecon(3).
29
30       avc_get_initial_sid() returns a SID for  the  kernel  initial  security
31       identifier specified by name.
32

RETURN VALUE

34       avc_context_to_sid()  and  avc_sid_to_context() return zero on success.
35       On error, -1 is returned and errno is set appropriately.
36

ERRORS

38       ENOMEM An attempt to allocate memory failed.
39

NOTES

41       As of libselinux version 2.0.86, SID's are no longer reference counted.
42       A  SID  will be valid from the time it is first obtained until the next
43       call to avc_destroy(3).  The sidget(3) and  sidput(3)  functions,  for‐
44       merly  used  to  adjust  the reference count, are no-ops and are depre‐
45       cated.
46

AUTHOR

48       Eamon Walsh <ewalsh@tycho.nsa.gov>
49

SEE ALSO

51       avc_init(3), avc_has_perm(3), avc_cache_stats(3), avc_add_callback(3),
52       getcon(3), freecon(3), selinux(8)
53
54
55
56                                  27 May 2004            avc_context_to_sid(3)
Impressum