On Apache
Under GNU General Public License
2024-04-27 06:52 @3.15.174.76 CrawledBy Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)
matchpathcon(3) SELinux API documentation matchpathcon(3)
NAME
matchpathcon, matchpathcon_index - get the default SELinux security context for the speci-
fied path from the file contexts configuration
SYNOPSIS
#include <selinux/selinux.h>
int matchpathcon_init(const char *path);
int matchpathcon_init_prefix(const char *path, const char *prefix);
int matchpathcon_fini(void);
int matchpathcon(const char *path, mode_t mode, char **con);
int matchpathcon_index(const char *name, mode_t mode, char **con);
DESCRIPTION
This family of functions is deprecated. For new code, please use selabel_open(3) with the
SELABEL_CTX_FILE backend in place of matchpathcon_init(), use selabel_close(3) in place of
matchpathcon_fini(), and use selabel_lookup(3) in place of matchpathcon().
The remaining description below is for the legacy interface.
matchpathcon_init() loads the file contexts configuration specified by path into memory
for use by subsequent matchpathcon() calls. If path is NULL, then the active file con-
texts configuration is loaded by default, i.e. the path returned by selinux_file_con-
text_path(3). Unless the MATCHPATHCON_BASEONLY flag has been set via
set_matchpathcon_flags(3), files with the same path prefix but a .homedirs and .local suf-
fix are also looked up and loaded if present. These files provide dynamically generated
entries for user home directories and for local customizations.
matchpathcon_init_prefix() is the same as matchpathcon_init() but only loads entries with
regular expressions whose first pathname component is a prefix of prefix , e.g. pass
"/dev" if you only intend to call matchpathcon() with pathnames beginning with /dev. How-
ever, this optimization is no longer necessary due to the use of file_contexts.bin files
with precompiled regular expressions, so use of this interface is deprecated.
matchpathcon_fini() frees the memory allocated by a prior call to matchpathcon_init.()
This function can be used to free and reset the internal state between multiple matchpath-
con_init() calls, or to free memory when finished using matchpathcon().
matchpathcon() matches the specified pathname, after transformation via realpath(3)
excepting any final symbolic link component if S_IFLNK was specified as the mode, and mode
against the file contexts configuration and sets the security context con to refer to the
resulting context. The caller must free the returned security context con using freecon(3)
when finished using it. mode can be 0 to disable mode matching, but should be provided
whenever possible, as it may affect the matching. Only the file format bits (i.e. the
file type) of the mode are used. If matchpathcon_init() has not already been called, then
this function will call it upon its first invocation with a NULL path, defaulting to the
active file contexts configuration.
matchpathcon_index() is the same as matchpathcon() but returns a specification index that
can later be used in a matchpathcon_filespec_add(3) call.
RETURN VALUE
Returns zero on success or -1 otherwise.
SEE ALSO
selinux(8), set_matchpathcon_flags(3), set_matchpathcon_invalidcon(3),
set_matchpathcon_printf(3), matchpathcon_filespec_add(3), matchpathcon_checkmatches(3),
freecon(3), setfilecon(3), setfscreatecon(3)
sds AT tycho.gov 21 November 2009 matchpathcon(3)
Generated by $Id: phpMan.php,v 4.55 2007/09/05 04:42:51 chedong Exp $ Author: Che Dong
On Apache
Under GNU General Public License
2024-04-27 06:52 @3.15.174.76 CrawledBy Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)