getkeycreatecon(3) SELinux API documentation getkeycreatecon(3) NAME getkeycreatecon, setkeycreatecon - get or set the SELinux security context used for creat- ing a new kernel keyrings SYNOPSIS #include <selinux/selinux.h> int getkeycreatecon(char **con); int getkeycreatecon_raw(char **con); int setkeycreatecon(char * context); int setkeycreatecon_raw(char * context); DESCRIPTION getkeycreatecon() retrieves the context used for creating a new kernel keyring. This returned context should be freed with freecon(3) if non-NULL. getkeycreatecon() sets *con to NULL if no keycreate context has been explicitly set by the program (i.e. using the default policy behavior). setkeycreatecon() sets the context used for creating a new kernel keyring. NULL can be passed to setkeycreatecon() to reset to the default policy behavior. The keycreate con- text is automatically reset after the next execve(2), so a program doesn't need to explic- itly sanitize it upon startup. setkeycreatecon() can be applied prior to library functions that internally perform an file creation, in order to set an file context on the objects. getkeycreatecon_raw() and setkeycreatecon_raw() behave identically to their non-raw coun- terparts but do not perform context translation. Note: Signal handlers that perform a setkeycreatecon() must take care to save, reset, and restore the keycreate context to avoid unexpected behavior. Note: Contexts are thread specific. RETURN VALUE On error -1 is returned. On success 0 is returned. SEE ALSO selinux(8), freecon(3), getcon(3), getexeccon(3) dwalsh AT redhat.com 9 September 2008 getkeycreatecon(3)
Generated by $Id: phpMan.php,v 4.55 2007/09/05 04:42:51 chedong Exp $ Author: Che Dong
On Apache
Under GNU General Public License
2024-04-18 17:28 @3.142.135.86 CrawledBy claudebot