1setlabel(1) User Commands setlabel(1)
2
6 setlabel - move files to zone with corresponding sensitivity label
7
9 /usr/bin/setlabel newlabel filename...
10
13 setlabel moves files into the zone whose label corresponds to newlabel.
14 The old file pathname is adjusted so that it is relative to the root
15 pathname of the new zone. If the old pathname for a file's parent
16 directory does not exist as a directory in the new zone, the file is
17 not moved. Once moved, the file might no longer be accessible in the
18 current zone.
19 Unless newlabel and filename have been specified, no labels are set.
22 Labels are defined by the security administrator at your site. The sys‐
25 tem always displays labels in uppercase. Users can enter labels in any
26 combination of uppercase and lowercase. Incremental changes to labels
27 are supported.
28 Refer to setflabel(3TSOL) for a complete description of the conditions
31 that are required to satisfy this command, and the privileges that are
32 needed to execute this command.
33
35 setlabel exits with one of the following values:
36 0 Successful completion.
38 1 Usage error.
41 2 Error in getting, setting or translating the label.
44
47 On the command line, enclose the label in double quotes unless the
48 label is only one word. Without quotes, a second word or letter sepa‐
49 rated by a space is interpreted as a second argument.
50 % setlabel SECRET somefile
52 % setlabel "TOP SECRET" somefile
53 Use any combination of upper and lowercase letters. You can separate
58 items in a label with blanks, tabs, commas or slashes (/). Do not use
59 any other punctuation.
60 % setlabel "ts a b" somefile
62 % setlabel "ts,a,b" somefile
63 % setlabel "ts/a b" somefile
64 % setlabel " TOP SECRET A B " somefile
65
69 Example 1 Set a Label.
70 To set somefile's label to SECRET A:
73 example% setlabel "Secret a" somefile
76 Example 2 Turn On a Compartment.
80 Plus and minus signs can be used to modify an existing label. A plus
83 sign turns on the specified compartment for somefile's label.
84 example% setlabel +b somefile
87 Example 3 Turn Off a Compartment.
91 A minus sign turns off the compartments that are associated with a
94 classification. To turn off compartment A in somefile's label:
95 example% setlabel -A somefile
98 If an incremental change is being made to an existing label and the
103 first character of the label is a hyphen (−), a preceding double-hyphen
104 (--) is required.
105 To turn off compartment -A in somefile's label:
109 example% setlabel -- -A somefile
112
116 See attributes(5) for descriptions of the following attributes:
117 ┌─────────────────────────────┬─────────────────────────────┐
122 │ ATTRIBUTE TYPE │ ATTRIBUTE VALUE │
123 ├─────────────────────────────┼─────────────────────────────┤
124 │Availability │SUNWtsu │
125 ├─────────────────────────────┼─────────────────────────────┤
126 │Interface Stability │Committed │
127 └─────────────────────────────┴─────────────────────────────┘
128
130 setflabel(3TSOL), label_encodings(4), attributes(5)
131
133 The functionality described on this manual page is available only if
134 the system is configured with Trusted Extensions.
135 This implementation of setting a label is meaningful for the Defense
138 Intelligence Agency (DIA) Mandatory Access Control (MAC) policy. For
139 more information, see label_encodings(4).
140SunOS 5.11 20 Jul 2007 setlabel(1)