On Apache
Under GNU General Public License
2024-04-18 17:28 @3.142.135.86 CrawledBy claudebot
getkeycreatecon(3) SELinux API documentation getkeycreatecon(3)
NAME
getkeycreatecon, setkeycreatecon - get or set the SELinux security context used for creat-
ing a new kernel keyrings
SYNOPSIS
#include <selinux/selinux.h>
int getkeycreatecon(char **con);
int getkeycreatecon_raw(char **con);
int setkeycreatecon(char * context);
int setkeycreatecon_raw(char * context);
DESCRIPTION
getkeycreatecon() retrieves the context used for creating a new kernel keyring. This
returned context should be freed with freecon(3) if non-NULL. getkeycreatecon() sets *con
to NULL if no keycreate context has been explicitly set by the program (i.e. using the
default policy behavior).
setkeycreatecon() sets the context used for creating a new kernel keyring. NULL can be
passed to setkeycreatecon() to reset to the default policy behavior. The keycreate con-
text is automatically reset after the next execve(2), so a program doesn't need to explic-
itly sanitize it upon startup.
setkeycreatecon() can be applied prior to library functions that internally perform an
file creation, in order to set an file context on the objects.
getkeycreatecon_raw() and setkeycreatecon_raw() behave identically to their non-raw coun-
terparts but do not perform context translation.
Note: Signal handlers that perform a setkeycreatecon() must take care to save, reset, and
restore the keycreate context to avoid unexpected behavior.
Note: Contexts are thread specific.
RETURN VALUE
On error -1 is returned. On success 0 is returned.
SEE ALSO
selinux(8), freecon(3), getcon(3), getexeccon(3)
dwalsh AT redhat.com 9 September 2008 getkeycreatecon(3)
Generated by $Id: phpMan.php,v 4.55 2007/09/05 04:42:51 chedong Exp $ Author: Che Dong
On Apache
Under GNU General Public License
2024-04-18 17:28 @3.142.135.86 CrawledBy claudebot