getfscreatecon(category14-security-amp-firewalls.html) - phpMan

getfscreatecon(3)          SELinux API documentation         getfscreatecon(3)

NAME
       getfscreatecon,  setfscreatecon  - get or set the SELinux security con-
       text used for creating a new file system object
SYNOPSIS
       #include <selinux/selinux.h>
       int getfscreatecon(char **con);
       int getfscreatecon_raw(char **con);
       int setfscreatecon(char * context);
       int setfscreatecon_raw(char * context);
DESCRIPTION
       getfscreatecon() retrieves the context used for  creating  a  new  file
       system  object.   This returned context should be freed with freecon(3)
       if non-NULL.  getfscreatecon() sets *con to NULL if no fscreate context
       has  been  explicitly set by the program (i.e. using the default policy
       behavior).
       setfscreatecon() sets the context used for creating a new  file  system
       object.  NULL can be passed to setfscreatecon() to reset to the default
       policy behavior.  The fscreate context is automatically reset after the
       next  execve(2),  so  a  program doesn't need to explicitly sanitize it
       upon startup.
       setfscreatecon() can be applied prior to library functions that  inter-
       nally  perform an file creation, in order to set an file context on the
       objects.
       getfscreatecon_raw() and  setfscreatecon_raw()  behave  identically  to
       their non-raw counterparts but do not perform context translation.
       Note: Signal handlers that perform a setfscreatecon() must take care to
       save, reset, and restore  the  fscreate  context  to  avoid  unexpected
       behavior.
       Note: Contexts are thread specific.

RETURN VALUE
       On error -1 is returned.  On success 0 is returned.
SEE ALSO
       selinux(8), freecon(3), getcon(3), getexeccon(3)

russell AT coker.au            1 January 2004               getfscreatecon(3)