1get_ordered_context_list(3) SE Linux get_ordered_context_list(3)
2
3
4
6 get_ordered_context_list, get_ordered_context_list_with_level,
7 get_default_context, get_default_context_with_level, get_default_con‐
8 text_with_role, get_default_context_with_rolelevel, query_user_context,
9 manual_user_enter_context, get_default_role - determine SELinux con‐
10 text(s) for user sessions
11
12
14 #include <selinux/selinux.h>
15
16 #include <selinux/get_context_list.h>
17
18 int get_ordered_context_list(const char *user, security_context_t from‐
19 con, security_context_t **list);
20
21 int get_ordered_context_list_with_level(const char *user, const char
22 *level, security_context_t fromcon, security_context_t **list);
23
24 int get_default_context(const char *user, security_context_t fromcon,
25 security_context_t *newcon);
26
27 int get_default_context_with_level(const char *user, const char *level,
28 security_context_t fromcon, security_context_t *newcon);
29
30 int get_default_context_with_role(const char* user, const char *role,
31 security_context_t fromcon, security_context_t *newcon);
32
33 int get_default_context_with_rolelevel(const char* user, const char*
34 level, const char *role, security_context_t fromcon, security_context_t
35 *newcon);
36
37 int query_user_context(security_context_t *list, security_context_t
38 *newcon);
39
40 int manual_user_enter_context(const char *user, security_context_t
41 *newcon);
42
43 int get_default_type(const char *role, char **type);
44
45
47 get_ordered_context_list invokes the security_compute_user function to
48 obtain the list of contexts for the specified user that are reachable
49 from the specified fromcon context. The function then orders the
50 resulting list based on the global /etc/selinux/<SELINUXTYPE>/con‐
51 texts/default_contexts file and the per-user /etc/selinux/<SELINUX‐
52 TYPE>/contexts/users/<username> file if it exists. The fromcon parame‐
53 ter may be NULL to indicate that the current context should be used.
54 The function returns the number of contexts in the list, or -1 upon
55 errors. The list must be freed using the freeconary function.
56
57 get_ordered_context_list_with_level invokes the get_ordered_con‐
58 text_list function and applies the specified level.
59
60 get_default_context is the same as get_ordered_context_list but only
61 returns a single context which has to be freed with freecon.
62
63 get_default_context_with_level invokes the get_default_context function
64 and applies the specified level.
65
66 get_default_context_with_role is the same as get_default_context but
67 only returns a context with the specified role, returning -1 if no such
68 context is reachable for the user.
69
70 get_default_context_with_rolelevel invokes the get_default_con‐
71 text_with_role function and applies the specified level.
72
73 query_user_context takes a list of contexts, queries the user via
74 stdin/stdout as to which context they want, and returns a new context
75 as selected by the user (which has to be freed with freecon).
76
77 manual_user_enter_context allows the user to manually enter a context
78 as a fallback if a list of authorized contexts could not be obtained.
79 Caller must free via freecon.
80
81 get_default_type Get the default type (domain) for 'role' and set
82 'type' to refer to it, which has to be freed with free.
83
84
86 get_ordered_context_list and get_ordered_context_list_with_level return
87 the number of contexts in the list upon success or -1 upon errors. The
88 other functions return 0 for success or -1 for errors.
89
90
92 selinux(8), freeconary(3), freecon(3), security_compute_av(3),get‐
93 seuserbyname"(3)"
94
95
96
97russell@coker.com.au 1 January 2004 get_ordered_context_list(3)