1getcon(3) SELinux API documentation getcon(3)
2
3
4
6 getcon, getprevcon, getpidcon - get SELinux security context of a
7 process
8
9 freecon, freeconary - free memory associated with SELinux security con‐
10 texts
11
12 getpeercon - get security context of a peer socket
13
14 setcon - set current security context of a process
15
16
18 #include <selinux/selinux.h>
19
20 int getcon(char **context);
21
22 int getcon_raw(char **context);
23
24 int getprevcon(char **context);
25
26 int getprevcon_raw(char **context);
27
28 int getpidcon(pid_t pid, char **context);
29
30 int getpidcon_raw(pid_t pid, char **context);
31
32 int getpidprevcon(pid_t pid, char **context);
33
34 int getpidprevcon_raw(pid_t pid, char **context);
35
36 int getpeercon(int fd, char **context);
37
38 int getpeercon_raw(int fd, char **context);
39
40 void freecon(char *con);
41
42 void freeconary(char **con);
43
44 int setcon(const char *context);
45
46 int setcon_raw(const char *context);
47
48
50 getcon()
51 retrieves the context of the current process, which must be
52 free'd with freecon().
53
54
55 getprevcon()
56 same as getcon but gets the context before the last exec.
57
58
59 getpidcon()
60 returns the process context for the specified PID, which must be
61 free'd with freecon().
62
63
64 getpidprevcon()
65 returns the process context before the last exec for the speci‐
66 fied PID, which must be free'd with freecon().
67
68
69 getpeercon()
70 retrieves the context of the peer socket, which must be free'd
71 with freecon().
72
73
74 freecon()
75 frees the memory allocated for a security context.
76
77 If con is NULL, no operation is performed.
78
79
80 freeconary()
81 frees the memory allocated for a context array.
82
83 If con is NULL, no operation is performed.
84
85
86 setcon()
87 sets the current security context of the process to a new value.
88 Note that use of this function requires that the entire applica‐
89 tion be trusted to maintain any desired separation between the
90 old and new security contexts, unlike exec-based transitions
91 performed via setexeccon(3). When possible, decompose your ap‐
92 plication and use setexeccon(3) and execve(3) instead.
93
94 Since access to file descriptors is revalidated upon use by
95 SELinux, the new context must be explicitly authorized in the
96 policy to use the descriptors opened by the old context if that
97 is desired. Otherwise, attempts by the process to use any ex‐
98 isting descriptors (including stdin, stdout, and stderr) after
99 performing the setcon() will fail.
100
101 A multi-threaded application can perform a setcon() prior to
102 creating any child threads, in which case all of the child
103 threads will inherit the new context. However, prior to Linux
104 2.6.28, setcon() would fail if there are any other threads run‐
105 ning in the same process since this would yield an inconsistency
106 among the security contexts of threads sharing the same memory
107 space. Since Linux 2.6.28, setcon() is permitted for threads
108 within a multi-threaded process if the new security context is
109 bounded by the old security context, where the bounded relation
110 is defined through typebounds statements in the policy and guar‐
111 antees that the new security context has a subset of the permis‐
112 sions of the old security context.
113
114 If the process was being ptraced at the time of the setcon() op‐
115 eration, ptrace permission will be revalidated against the new
116 context and the setcon() will fail if it is not allowed by pol‐
117 icy.
118
119
120 *_raw()
121 getcon_raw(), getprevcon_raw(), getpidcon_raw(), getpidpre‐
122 vcon_raw(), getpeercon_raw() and setcon_raw() behave identically
123 to their non-raw counterparts but do not perform context trans‐
124 lation.
125
126
128 On error -1 is returned with errno set. On success 0 is returned.
129
130
132 The retrieval functions might return success and set *context to NULL
133 if and only if SELinux is not enabled.
134
135 Querying a foreign process via its PID, e.g. getpidcon() or getpidpre‐
136 vcon(), is inherently racy and therefore should never be relied upon
137 for security purposes.
138
139
141 selinux(8), setexeccon(3)
142
143
144
145russell@coker.com.au 21 December 2011 getcon(3)