9eb9c93275
In attempting to enable building various part of Android with -Wall -Werror, we found that the const security_context_t declarations in libselinux are incorrect; const char * was intended, but const security_context_t translates to char * const and triggers warnings on passing const char * from the caller. Easiest fix is to replace them all with const char *. And while we are at it, just get rid of all usage of security_context_t itself as it adds no value - there is no true encapsulation of the security context strings and callers already directly use string functions on them. typedef left to permit building legacy users until such a time as all are updated. This is a port of Change-Id I2f9df7bb9f575f76024c3e5f5b660345da2931a7 from Android, augmented to deal with all of the other code in upstream libselinux and updating the man pages too. Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov> Acked-by: Eric Paris <eparis@redhat.com>
79 lines
1.7 KiB
Groff
79 lines
1.7 KiB
Groff
.\" Hey Emacs! This file is -*- nroff -*- source.
|
|
.\"
|
|
.\" Author: Eamon Walsh (ewalsh@tycho.nsa.gov) 2007
|
|
.TH "selabel_lookup" "3" "18 Jun 2007" "" "SELinux API documentation"
|
|
.SH "NAME"
|
|
selabel_lookup \- obtain SELinux security context from a string label
|
|
.
|
|
.SH "SYNOPSIS"
|
|
.B #include <selinux/selinux.h>
|
|
.br
|
|
.B #include <selinux/label.h>
|
|
.sp
|
|
.BI "int selabel_lookup(struct selabel_handle *" hnd ,
|
|
.in +\w'int selabel_lookup('u
|
|
.BI "char **" context ,
|
|
.br
|
|
.BI "const char *" key ", int " type ");"
|
|
.in
|
|
.sp
|
|
.BI "int selabel_lookup_raw(struct selabel_handle *" hnd ,
|
|
.in +\w'int selabel_lookup_raw('u
|
|
.BI "char **" context ,
|
|
.br
|
|
.BI "const char *" key ", int " type ");"
|
|
.in
|
|
.
|
|
.SH "DESCRIPTION"
|
|
.BR selabel_lookup ()
|
|
performs a lookup operation on the handle
|
|
.IR hnd ,
|
|
returning the result in the memory pointed to by
|
|
.IR context ,
|
|
which must be freed by the caller using
|
|
.BR freecon (3).
|
|
The
|
|
.I key
|
|
and
|
|
.I type
|
|
parameters are the inputs to the lookup operation and are interpreted according to the specific backend that
|
|
.I handle
|
|
is open on.
|
|
|
|
.BR selabel_lookup_raw ()
|
|
behaves identically to
|
|
.BR selabel_lookup ()
|
|
but does not perform context translation.
|
|
.
|
|
.SH "RETURN VALUE"
|
|
On success, zero is returned. On error, \-1 is returned and
|
|
.I errno
|
|
is set appropriately.
|
|
.
|
|
.SH "ERRORS"
|
|
.TP
|
|
.B ENOENT
|
|
No context corresponding to the input
|
|
.I key
|
|
and
|
|
.I type
|
|
was found.
|
|
.TP
|
|
.B EINVAL
|
|
The
|
|
.I key
|
|
and/or
|
|
.I type
|
|
inputs are invalid, or the context being returned failed validation.
|
|
.TP
|
|
.B ENOMEM
|
|
An attempt to allocate memory failed.
|
|
.
|
|
.SH "AUTHOR"
|
|
Eamon Walsh <ewalsh@tycho.nsa.gov>
|
|
.
|
|
.SH "SEE ALSO"
|
|
.BR selabel_open (3),
|
|
.BR selabel_stats (3),
|
|
.BR selinux_set_callback (3),
|
|
.BR selinux (8)
|