• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 #ifndef _SELINUX_H_
2 #define _SELINUX_H_
3 
4 #include <sys/types.h>
5 #include <stdarg.h>
6 
7 #ifdef __cplusplus
8 extern "C" {
9 #endif
10 
11 /* Return 1 if we are running on a SELinux kernel, or 0 if not or -1 if we get an error. */
12 extern int is_selinux_enabled(void);
13 /* Return 1 if we are running on a SELinux MLS kernel, or 0 otherwise. */
14 extern int is_selinux_mls_enabled(void);
15 
16 /* No longer used; here for compatibility with legacy callers. */
17 typedef char *security_context_t;
18 
19 /* Free the memory allocated for a context by any of the below get* calls. */
20 extern void freecon(char * con);
21 
22 /* Free the memory allocated for a context array by security_compute_user. */
23 extern void freeconary(char ** con);
24 
25 /* Wrappers for the /proc/pid/attr API. */
26 
27 /* Get current context, and set *con to refer to it.
28    Caller must free via freecon. */
29 extern int getcon(char ** con);
30 extern int getcon_raw(char ** con);
31 
32 /* Set the current security context to con.
33    Note that use of this function requires that the entire application
34    be trusted to maintain any desired separation between the old and new
35    security contexts, unlike exec-based transitions performed via setexeccon.
36    When possible, decompose your application and use setexeccon()+execve()
37    instead. Note that the application may lose access to its open descriptors
38    as a result of a setcon() unless policy allows it to use descriptors opened
39    by the old context. */
40 extern int setcon(const char * con);
41 extern int setcon_raw(const char * con);
42 
43 /* Get context of process identified by pid, and
44    set *con to refer to it.  Caller must free via freecon. */
45 extern int getpidcon(pid_t pid, char ** con);
46 extern int getpidcon_raw(pid_t pid, char ** con);
47 
48 /* Get previous context (prior to last exec), and set *con to refer to it.
49    Caller must free via freecon. */
50 extern int getprevcon(char ** con);
51 extern int getprevcon_raw(char ** con);
52 
53 /* Get exec context, and set *con to refer to it.
54    Sets *con to NULL if no exec context has been set, i.e. using default.
55    If non-NULL, caller must free via freecon. */
56 extern int getexeccon(char ** con);
57 extern int getexeccon_raw(char ** con);
58 
59 /* Set exec security context for the next execve.
60    Call with NULL if you want to reset to the default. */
61 extern int setexeccon(const char * con);
62 extern int setexeccon_raw(const char * con);
63 
64 /* Get fscreate context, and set *con to refer to it.
65    Sets *con to NULL if no fs create context has been set, i.e. using default.
66    If non-NULL, caller must free via freecon. */
67 extern int getfscreatecon(char ** con);
68 extern int getfscreatecon_raw(char ** con);
69 
70 /* Set the fscreate security context for subsequent file creations.
71    Call with NULL if you want to reset to the default. */
72 extern int setfscreatecon(const char * context);
73 extern int setfscreatecon_raw(const char * context);
74 
75 /* Get keycreate context, and set *con to refer to it.
76    Sets *con to NULL if no key create context has been set, i.e. using default.
77    If non-NULL, caller must free via freecon. */
78 extern int getkeycreatecon(char ** con);
79 extern int getkeycreatecon_raw(char ** con);
80 
81 /* Set the keycreate security context for subsequent key creations.
82    Call with NULL if you want to reset to the default. */
83 extern int setkeycreatecon(const char * context);
84 extern int setkeycreatecon_raw(const char * context);
85 
86 /* Get sockcreate context, and set *con to refer to it.
87    Sets *con to NULL if no socket create context has been set, i.e. using default.
88    If non-NULL, caller must free via freecon. */
89 extern int getsockcreatecon(char ** con);
90 extern int getsockcreatecon_raw(char ** con);
91 
92 /* Set the sockcreate security context for subsequent socket creations.
93    Call with NULL if you want to reset to the default. */
94 extern int setsockcreatecon(const char * context);
95 extern int setsockcreatecon_raw(const char * context);
96 
97 /* Wrappers for the xattr API. */
98 
99 /* Get file context, and set *con to refer to it.
100    Caller must free via freecon. */
101 extern int getfilecon(const char *path, char ** con);
102 extern int getfilecon_raw(const char *path, char ** con);
103 extern int lgetfilecon(const char *path, char ** con);
104 extern int lgetfilecon_raw(const char *path, char ** con);
105 extern int fgetfilecon(int fd, char ** con);
106 extern int fgetfilecon_raw(int fd, char ** con);
107 
108 /* Set file context */
109 extern int setfilecon(const char *path, const char * con);
110 extern int setfilecon_raw(const char *path, const char * con);
111 extern int lsetfilecon(const char *path, const char * con);
112 extern int lsetfilecon_raw(const char *path, const char * con);
113 extern int fsetfilecon(int fd, const char * con);
114 extern int fsetfilecon_raw(int fd, const char * con);
115 
116 /* Wrappers for the socket API */
117 
118 /* Get context of peer socket, and set *con to refer to it.
119    Caller must free via freecon. */
120 extern int getpeercon(int fd, char ** con);
121 extern int getpeercon_raw(int fd, char ** con);
122 
123 /* Wrappers for the selinuxfs (policy) API. */
124 
125 typedef unsigned int access_vector_t;
126 typedef unsigned short security_class_t;
127 
128 struct av_decision {
129 	access_vector_t allowed;
130 	access_vector_t decided;
131 	access_vector_t auditallow;
132 	access_vector_t auditdeny;
133 	unsigned int seqno;
134 	unsigned int flags;
135 };
136 
137 /* Definitions of av_decision.flags */
138 #define SELINUX_AVD_FLAGS_PERMISSIVE	0x0001
139 
140 /* Structure for passing options, used by AVC and label subsystems */
141 struct selinux_opt {
142 	int type;
143 	const char *value;
144 };
145 
146 /* Callback facilities */
147 union selinux_callback {
148 	/* log the printf-style format and arguments,
149 	   with the type code indicating the type of message */
150 	int
151 #ifdef __GNUC__
152 __attribute__ ((format(printf, 2, 3)))
153 #endif
154 	(*func_log) (int type, const char *fmt, ...);
155 	/* store a string representation of auditdata (corresponding
156 	   to the given security class) into msgbuf. */
157 	int (*func_audit) (void *auditdata, security_class_t cls,
158 			   char *msgbuf, size_t msgbufsize);
159 	/* validate the supplied context, modifying if necessary */
160 	int (*func_validate) (char **ctx);
161 	/* netlink callback for setenforce message */
162 	int (*func_setenforce) (int enforcing);
163 	/* netlink callback for policyload message */
164 	int (*func_policyload) (int seqno);
165 };
166 
167 #define SELINUX_CB_LOG		0
168 #define SELINUX_CB_AUDIT	1
169 #define SELINUX_CB_VALIDATE	2
170 #define SELINUX_CB_SETENFORCE	3
171 #define SELINUX_CB_POLICYLOAD	4
172 
173 extern union selinux_callback selinux_get_callback(int type);
174 extern void selinux_set_callback(int type, union selinux_callback cb);
175 
176 	/* Logging type codes, passed to the logging callback */
177 #define SELINUX_ERROR	        0
178 #define SELINUX_WARNING		1
179 #define SELINUX_INFO		2
180 #define SELINUX_AVC		3
181 #define SELINUX_TRANS_DIR	"/var/run/setrans"
182 
183 /* Compute an access decision. */
184 extern int security_compute_av(const char * scon,
185 			       const char * tcon,
186 			       security_class_t tclass,
187 			       access_vector_t requested,
188 			       struct av_decision *avd);
189 extern int security_compute_av_raw(const char * scon,
190 				   const char * tcon,
191 				   security_class_t tclass,
192 				   access_vector_t requested,
193 				   struct av_decision *avd);
194 
195 extern int security_compute_av_flags(const char * scon,
196 				     const char * tcon,
197 				     security_class_t tclass,
198 				     access_vector_t requested,
199 				     struct av_decision *avd);
200 extern int security_compute_av_flags_raw(const char * scon,
201 					 const char * tcon,
202 					 security_class_t tclass,
203 					 access_vector_t requested,
204 					 struct av_decision *avd);
205 
206 /* Compute a labeling decision and set *newcon to refer to it.
207    Caller must free via freecon. */
208 extern int security_compute_create(const char * scon,
209 				   const char * tcon,
210 				   security_class_t tclass,
211 				   char ** newcon);
212 extern int security_compute_create_raw(const char * scon,
213 				       const char * tcon,
214 				       security_class_t tclass,
215 				       char ** newcon);
216 extern int security_compute_create_name(const char * scon,
217 					const char * tcon,
218 					security_class_t tclass,
219 					const char *objname,
220 					char ** newcon);
221 extern int security_compute_create_name_raw(const char * scon,
222 					    const char * tcon,
223 					    security_class_t tclass,
224 					    const char *objname,
225 					    char ** newcon);
226 
227 /* Compute a relabeling decision and set *newcon to refer to it.
228    Caller must free via freecon. */
229 extern int security_compute_relabel(const char * scon,
230 				    const char * tcon,
231 				    security_class_t tclass,
232 				    char ** newcon);
233 extern int security_compute_relabel_raw(const char * scon,
234 					const char * tcon,
235 					security_class_t tclass,
236 					char ** newcon);
237 
238 /* Compute a polyinstantiation member decision and set *newcon to refer to it.
239    Caller must free via freecon. */
240 extern int security_compute_member(const char * scon,
241 				   const char * tcon,
242 				   security_class_t tclass,
243 				   char ** newcon);
244 extern int security_compute_member_raw(const char * scon,
245 				       const char * tcon,
246 				       security_class_t tclass,
247 				       char ** newcon);
248 
249 /* Compute the set of reachable user contexts and set *con to refer to
250    the NULL-terminated array of contexts.  Caller must free via freeconary. */
251 extern int security_compute_user(const char * scon,
252 				 const char *username,
253 				 char *** con);
254 extern int security_compute_user_raw(const char * scon,
255 				     const char *username,
256 				     char *** con);
257 
258 /* Validate a transition. This determines whether a transition from scon to newcon
259    using tcon as the target for object class tclass is valid in the loaded policy.
260    This checks against the mlsvalidatetrans and validatetrans constraints in the loaded policy.
261    Returns 0 if allowed and -1 if an error occurred with errno set */
262 extern int security_validatetrans(const char *scon,
263 				  const char *tcon,
264 				  security_class_t tclass,
265 				  const char *newcon);
266 extern int security_validatetrans_raw(const char *scon,
267 				      const char *tcon,
268 				      security_class_t tclass,
269 				      const char *newcon);
270 
271 /* Load a policy configuration. */
272 extern int security_load_policy(void *data, size_t len);
273 
274 /* Get the context of an initial kernel security identifier by name.
275    Caller must free via freecon */
276 extern int security_get_initial_context(const char *name,
277 					char ** con);
278 extern int security_get_initial_context_raw(const char *name,
279 					    char ** con);
280 
281 /*
282  * Make a policy image and load it.
283  * This function provides a higher level interface for loading policy
284  * than security_load_policy, internally determining the right policy
285  * version, locating and opening the policy file, mapping it into memory,
286  * manipulating it as needed for current boolean settings and/or local
287  * definitions, and then calling security_load_policy to load it.
288  *
289  * 'preservebools' is no longer supported, set to 0.
290  */
291 extern int selinux_mkload_policy(int preservebools);
292 
293 /*
294  * Perform the initial policy load.
295  * This function determines the desired enforcing mode, sets the
296  * the *enforce argument accordingly for the caller to use, sets the
297  * SELinux kernel enforcing status to match it, and loads the policy.
298  * It also internally handles the initial selinuxfs mount required to
299  * perform these actions.
300  *
301  * The function returns 0 if everything including the policy load succeeds.
302  * In this case, init is expected to re-exec itself in order to transition
303  * to the proper security context.
304  * Otherwise, the function returns -1, and init must check *enforce to
305  * determine how to proceed.  If enforcing (*enforce > 0), then init should
306  * halt the system.  Otherwise, init may proceed normally without a re-exec.
307  */
308 extern int selinux_init_load_policy(int *enforce);
309 
310 /* Translate boolean strict to name value pair. */
311 typedef struct {
312 	char *name;
313 	int value;
314 } SELboolean;
315 /* save a list of booleans in a single transaction. 'permanent' is no
316  * longer supported, set to 0.
317  */
318 extern int security_set_boolean_list(size_t boolcnt,
319 				     SELboolean * boollist, int permanent);
320 
321 /* Load policy boolean settings. Deprecated as local policy booleans no
322  * longer supported. Will always return 0.
323  */
324 extern int security_load_booleans(char *path);
325 
326 /* Check the validity of a security context. */
327 extern int security_check_context(const char * con);
328 extern int security_check_context_raw(const char * con);
329 
330 /* Canonicalize a security context. */
331 extern int security_canonicalize_context(const char * con,
332 					 char ** canoncon);
333 extern int security_canonicalize_context_raw(const char * con,
334 					     char ** canoncon);
335 
336 /* Get the enforce flag value. */
337 extern int security_getenforce(void);
338 
339 /* Set the enforce flag value. */
340 extern int security_setenforce(int value);
341 
342 /* Get the load-time behavior for undefined classes/permissions */
343 extern int security_reject_unknown(void);
344 
345 /* Get the runtime behavior for undefined classes/permissions */
346 extern int security_deny_unknown(void);
347 
348 /* Get the checkreqprot value */
349 extern int security_get_checkreqprot(void);
350 
351 /* Disable SELinux at runtime (must be done prior to initial policy load). */
352 extern int security_disable(void);
353 
354 /* Get the policy version number. */
355 extern int security_policyvers(void);
356 
357 /* Get the boolean names */
358 extern int security_get_boolean_names(char ***names, int *len);
359 
360 /* Get the pending value for the boolean */
361 extern int security_get_boolean_pending(const char *name);
362 
363 /* Get the active value for the boolean */
364 extern int security_get_boolean_active(const char *name);
365 
366 /* Set the pending value for the boolean */
367 extern int security_set_boolean(const char *name, int value);
368 
369 /* Commit the pending values for the booleans */
370 extern int security_commit_booleans(void);
371 
372 /* Userspace class mapping support */
373 struct security_class_mapping {
374 	const char *name;
375 	const char *perms[sizeof(access_vector_t) * 8 + 1];
376 };
377 
378 /**
379  * selinux_set_mapping - Enable dynamic mapping between integer offsets and security class names
380  * @map: array of security_class_mapping structures
381  *
382  * The core avc_has_perm() API uses integers to represent security
383  * classes; previous to the introduction of this function, it was
384  * common for userspace object managers to be compiled using generated
385  * offsets for a particular policy.  However, that strongly ties the build of the userspace components to a particular policy.
386  *
387  * By using this function to map between integer offsets and security
388  * class names, it's possible to replace a system policies that have
389  * at least the same set of security class names as used by the
390  * userspace object managers.
391  *
392  * To correctly use this function, you should override the generated
393  * security class defines from the system policy in a local header,
394  * starting at 1, and have one security_class_mapping structure entry
395  * per define.
396  */
397 extern int selinux_set_mapping(struct security_class_mapping *map);
398 
399 /* Common helpers */
400 
401 /* Convert between mode and security class values */
402 extern security_class_t mode_to_security_class(mode_t mode);
403 /* Convert between security class values and string names */
404 extern security_class_t string_to_security_class(const char *name);
405 extern const char *security_class_to_string(security_class_t cls);
406 
407 /* Convert between individual access vector permissions and string names */
408 extern const char *security_av_perm_to_string(security_class_t tclass,
409 					      access_vector_t perm);
410 extern access_vector_t string_to_av_perm(security_class_t tclass,
411 					 const char *name);
412 
413 /* Returns an access vector in a string representation.  User must free the
414  * returned string via free(). */
415 extern int security_av_string(security_class_t tclass,
416 			      access_vector_t av, char **result);
417 
418 /* Display an access vector in a string representation. */
419 extern void print_access_vector(security_class_t tclass, access_vector_t av);
420 
421 /* Flush the SELinux class cache, e.g. upon a policy reload. */
422 extern void selinux_flush_class_cache(void);
423 
424 /* Set the function used by matchpathcon_init when displaying
425    errors about the file_contexts configuration.  If not set,
426    then this defaults to fprintf(stderr, fmt, ...). */
427 extern void set_matchpathcon_printf(void (*f) (const char *fmt, ...));
428 
429 /* Set the function used by matchpathcon_init when checking the
430    validity of a context in the file contexts configuration.  If not set,
431    then this defaults to a test based on security_check_context().
432    The function is also responsible for reporting any such error, and
433    may include the 'path' and 'lineno' in such error messages. */
434 extern void set_matchpathcon_invalidcon(int (*f) (const char *path,
435 						  unsigned lineno,
436 						  char *context));
437 
438 /* Same as above, but also allows canonicalization of the context,
439    by changing *context to refer to the canonical form.  If not set,
440    and invalidcon is also not set, then this defaults to calling
441    security_canonicalize_context(). */
442 extern void set_matchpathcon_canoncon(int (*f) (const char *path,
443 						unsigned lineno,
444 						char **context));
445 
446 /* Set flags controlling operation of matchpathcon_init or matchpathcon. */
447 #define MATCHPATHCON_BASEONLY 1	/* Only process the base file_contexts file. */
448 #define MATCHPATHCON_NOTRANS  2	/* Do not perform any context translation. */
449 #define MATCHPATHCON_VALIDATE 4	/* Validate/canonicalize contexts at init time. */
450 extern void set_matchpathcon_flags(unsigned int flags);
451 
452 /* Load the file contexts configuration specified by 'path'
453    into memory for use by subsequent matchpathcon calls.
454    If 'path' is NULL, then load the active file contexts configuration,
455    i.e. the path returned by selinux_file_context_path().
456    Unless the MATCHPATHCON_BASEONLY flag has been set, this
457    function also checks for a 'path'.homedirs file and
458    a 'path'.local file and loads additional specifications
459    from them if present. */
460 extern int matchpathcon_init(const char *path);
461 
462 /* Same as matchpathcon_init, but only load entries with
463    regexes that have stems that are prefixes of 'prefix'. */
464 extern int matchpathcon_init_prefix(const char *path, const char *prefix);
465 
466 /* Free the memory allocated by matchpathcon_init. */
467 extern void matchpathcon_fini(void);
468 
469 /* Resolve all of the symlinks and relative portions of a pathname, but NOT
470  * the final component (same a realpath() unless the final component is a
471  * symlink.  Resolved path must be a path of size PATH_MAX + 1 */
472 extern int realpath_not_final(const char *name, char *resolved_path);
473 
474 /* Match the specified pathname and mode against the file contexts
475    configuration and set *con to refer to the resulting context.
476    'mode' can be 0 to disable mode matching.
477    Caller must free via freecon.
478    If matchpathcon_init has not already been called, then this function
479    will call it upon its first invocation with a NULL path. */
480 extern int matchpathcon(const char *path,
481 			mode_t mode, char ** con);
482 
483 /* Same as above, but return a specification index for
484    later use in a matchpathcon_filespec_add() call - see below. */
485 extern int matchpathcon_index(const char *path,
486 			      mode_t mode, char ** con);
487 
488 /* Maintain an association between an inode and a specification index,
489    and check whether a conflicting specification is already associated
490    with the same inode (e.g. due to multiple hard links).  If so, then
491    use the latter of the two specifications based on their order in the
492    file contexts configuration.  Return the used specification index. */
493 extern int matchpathcon_filespec_add(ino_t ino, int specind, const char *file);
494 
495 /* Destroy any inode associations that have been added, e.g. to restart
496    for a new filesystem. */
497 extern void matchpathcon_filespec_destroy(void);
498 
499 /* Display statistics on the hash table usage for the associations. */
500 extern void matchpathcon_filespec_eval(void);
501 
502 /* Check to see whether any specifications had no matches and report them.
503    The 'str' is used as a prefix for any warning messages. */
504 extern void matchpathcon_checkmatches(char *str);
505 
506 /* Match the specified media and against the media contexts
507    configuration and set *con to refer to the resulting context.
508    Caller must free con via freecon. */
509 extern int matchmediacon(const char *media, char ** con);
510 
511 /*
512   selinux_getenforcemode reads the /etc/selinux/config file and determines
513   whether the machine should be started in enforcing (1), permissive (0) or
514   disabled (-1) mode.
515  */
516 extern int selinux_getenforcemode(int *enforce);
517 
518 /*
519   selinux_boolean_sub reads the /etc/selinux/TYPE/booleans.subs_dist file
520   looking for a record with boolean_name.  If a record exists selinux_boolean_sub
521   returns the translated name otherwise it returns the original name.
522   The returned value needs to be freed. On failure NULL will be returned.
523  */
524 extern char *selinux_boolean_sub(const char *boolean_name);
525 
526 /*
527   selinux_getpolicytype reads the /etc/selinux/config file and determines
528   what the default policy for the machine is.  Calling application must
529   free policytype.
530  */
531 extern int selinux_getpolicytype(char **policytype);
532 
533 /*
534   selinux_policy_root reads the /etc/selinux/config file and returns
535   the directory path under which the compiled policy file and context
536   configuration files exist.
537  */
538 extern const char *selinux_policy_root(void);
539 
540 /*
541   selinux_set_policy_root sets an alternate policy root directory path under
542   which the compiled policy file and context configuration files exist.
543  */
544 extern int selinux_set_policy_root(const char *rootpath);
545 
546 /* These functions return the paths to specific files under the
547    policy root directory. */
548 extern const char *selinux_current_policy_path(void);
549 extern const char *selinux_binary_policy_path(void);
550 extern const char *selinux_failsafe_context_path(void);
551 extern const char *selinux_removable_context_path(void);
552 extern const char *selinux_default_context_path(void);
553 extern const char *selinux_user_contexts_path(void);
554 extern const char *selinux_file_context_path(void);
555 extern const char *selinux_file_context_homedir_path(void);
556 extern const char *selinux_file_context_local_path(void);
557 extern const char *selinux_file_context_subs_path(void);
558 extern const char *selinux_file_context_subs_dist_path(void);
559 extern const char *selinux_homedir_context_path(void);
560 extern const char *selinux_media_context_path(void);
561 extern const char *selinux_virtual_domain_context_path(void);
562 extern const char *selinux_virtual_image_context_path(void);
563 extern const char *selinux_lxc_contexts_path(void);
564 extern const char *selinux_x_context_path(void);
565 extern const char *selinux_sepgsql_context_path(void);
566 extern const char *selinux_openrc_contexts_path(void);
567 extern const char *selinux_openssh_contexts_path(void);
568 extern const char *selinux_snapperd_contexts_path(void);
569 extern const char *selinux_systemd_contexts_path(void);
570 extern const char *selinux_contexts_path(void);
571 extern const char *selinux_securetty_types_path(void);
572 extern const char *selinux_booleans_subs_path(void);
573 /* Deprecated as local policy booleans no longer supported. */
574 extern const char *selinux_booleans_path(void);
575 extern const char *selinux_customizable_types_path(void);
576 /* Deprecated as policy ./users no longer supported. */
577 extern const char *selinux_users_path(void);
578 extern const char *selinux_usersconf_path(void);
579 extern const char *selinux_translations_path(void);
580 extern const char *selinux_colors_path(void);
581 extern const char *selinux_netfilter_context_path(void);
582 extern const char *selinux_path(void);
583 
584 /**
585  * selinux_check_access - Check permissions and perform appropriate auditing.
586  * @scon: source security context
587  * @tcon: target security context
588  * @tclass: target security class string
589  * @perm: requested permissions string, interpreted based on @tclass
590  * @auditdata: auxiliary audit data
591  *
592  * Check the AVC to determine whether the @perm permissions are granted
593  * for the SID pair (@scon, @tcon), interpreting the permissions
594  * based on @tclass.
595  * Return %0 if all @perm permissions are granted, -%1 with
596  * @errno set to %EACCES if any permissions are denied or to another
597  * value upon other errors.
598  * If auditing or logging is configured the appropriate callbacks will be called
599  * and passed the auditdata field
600  */
601 extern int selinux_check_access(const char * scon, const char * tcon, const char *tclass, const char *perm, void *auditdata);
602 
603 /* Check a permission in the passwd class.
604    Return 0 if granted or -1 otherwise. */
605 extern int selinux_check_passwd_access(access_vector_t requested);
606 extern int checkPasswdAccess(access_vector_t requested);
607 
608 /* Check if the tty_context is defined as a securetty
609    Return 0 if secure, < 0 otherwise. */
610 extern int selinux_check_securetty_context(const char * tty_context);
611 
612 /* Set the path to the selinuxfs mount point explicitly.
613    Normally, this is determined automatically during libselinux
614    initialization, but this is not always possible, e.g. for /sbin/init
615    which performs the initial mount of selinuxfs. */
616 extern void set_selinuxmnt(const char *mnt);
617 
618 /* Check if selinuxfs exists as a kernel filesystem */
619 extern int selinuxfs_exists(void);
620 
621 /* clear selinuxmnt variable and free allocated memory */
622 extern void fini_selinuxmnt(void);
623 
624 /* Set an appropriate security context based on the filename of a helper
625  * program, falling back to a new context with the specified type. */
626 extern int setexecfilecon(const char *filename, const char *fallback_type);
627 
628 #ifndef DISABLE_RPM
629 /* Execute a helper for rpm in an appropriate security context. */
630 extern int rpm_execcon(unsigned int verified,
631 		       const char *filename,
632 		       char *const argv[], char *const envp[]);
633 #endif
634 
635 /* Returns whether a file context is customizable, and should not
636    be relabeled . */
637 extern int is_context_customizable(const char * scontext);
638 
639 /* Perform context translation between the human-readable format
640    ("translated") and the internal system format ("raw").
641    Caller must free the resulting context via freecon.
642    Returns -1 upon an error or 0 otherwise.
643    If passed NULL, sets the returned context to NULL and returns 0. */
644 extern int selinux_trans_to_raw_context(const char * trans,
645 					char ** rawp);
646 extern int selinux_raw_to_trans_context(const char * raw,
647 					char ** transp);
648 
649 /* Perform context translation between security contexts
650    and display colors.  Returns a space-separated list of ten
651    ten hex RGB triples prefixed by hash marks, e.g. "#ff0000".
652    Caller must free the resulting string via free.
653    Returns -1 upon an error or 0 otherwise. */
654 extern int selinux_raw_context_to_color(const char * raw,
655 					char **color_str);
656 
657 /* Get the SELinux username and level to use for a given Linux username.
658    These values may then be passed into the get_ordered_context_list*
659    and get_default_context* functions to obtain a context for the user.
660    Returns 0 on success or -1 otherwise.
661    Caller must free the returned strings via free. */
662 extern int getseuserbyname(const char *linuxuser, char **seuser, char **level);
663 
664 /* Get the SELinux username and level to use for a given Linux username and service.
665    These values may then be passed into the get_ordered_context_list*
666    and get_default_context* functions to obtain a context for the user.
667    Returns 0 on success or -1 otherwise.
668    Caller must free the returned strings via free. */
669 extern int getseuser(const char *username, const char *service,
670 		     char **r_seuser, char **r_level);
671 
672 /* Compare two file contexts, return 0 if equivalent. */
673 extern int selinux_file_context_cmp(const char * a,
674 			     const char * b);
675 
676 /*
677  * Verify the context of the file 'path' against policy.
678  * Return 1 if match, 0 if not and -1 on error.
679  */
680 extern int selinux_file_context_verify(const char *path, mode_t mode);
681 
682 /* This function sets the file context on to the system defaults returns 0 on success */
683 extern int selinux_lsetfilecon_default(const char *path);
684 
685 /*
686  * Force a reset of the loaded configuration
687  * WARNING: This is not thread safe. Be very sure that no other threads
688  * are calling into libselinux when this is called.
689  */
690 extern void selinux_reset_config(void);
691 
692 #ifdef __cplusplus
693 }
694 #endif
695 #endif
696