1 #ifndef _SELINUX_H_ 2 #define _SELINUX_H_ 3 4 #include <sys/types.h> 5 #include <stdarg.h> 6 7 #ifdef __cplusplus 8 extern "C" { 9 #endif 10 11 /* Return 1 if we are running on a SELinux kernel, or 0 otherwise. */ 12 extern int is_selinux_enabled(void); 13 /* Return 1 if we are running on a SELinux MLS kernel, or 0 otherwise. */ 14 extern int is_selinux_mls_enabled(void); 15 16 /* No longer used; here for compatibility with legacy callers. */ 17 typedef char *security_context_t 18 #ifdef __GNUC__ 19 __attribute__ ((deprecated)) 20 #endif 21 ; 22 23 /* Free the memory allocated for a context by any of the below get* calls. */ 24 extern void freecon(char * con); 25 26 /* Free the memory allocated for a context array by security_compute_user. */ 27 extern void freeconary(char ** con); 28 29 /* Wrappers for the /proc/pid/attr API. */ 30 31 /* Get current context, and set *con to refer to it. 32 Caller must free via freecon. */ 33 extern int getcon(char ** con); 34 extern int getcon_raw(char ** con); 35 36 /* Set the current security context to con. 37 Note that use of this function requires that the entire application 38 be trusted to maintain any desired separation between the old and new 39 security contexts, unlike exec-based transitions performed via setexeccon. 40 When possible, decompose your application and use setexeccon()+execve() 41 instead. Note that the application may lose access to its open descriptors 42 as a result of a setcon() unless policy allows it to use descriptors opened 43 by the old context. */ 44 extern int setcon(const char * con); 45 extern int setcon_raw(const char * con); 46 47 /* Get context of process identified by pid, and 48 set *con to refer to it. Caller must free via freecon. */ 49 extern int getpidcon(pid_t pid, char ** con); 50 extern int getpidcon_raw(pid_t pid, char ** con); 51 52 /* Get previous context (prior to last exec), and set *con to refer to it. 53 Caller must free via freecon. */ 54 extern int getprevcon(char ** con); 55 extern int getprevcon_raw(char ** con); 56 57 /* Get previous context (prior to last exec) of process identified by pid, and 58 set *con to refer to it. Caller must free via freecon. */ 59 extern int getpidprevcon(pid_t pid, char ** con); 60 extern int getpidprevcon_raw(pid_t pid, char ** con); 61 62 /* Get exec context, and set *con to refer to it. 63 Sets *con to NULL if no exec context has been set, i.e. using default. 64 If non-NULL, caller must free via freecon. */ 65 extern int getexeccon(char ** con); 66 extern int getexeccon_raw(char ** con); 67 68 /* Set exec security context for the next execve. 69 Call with NULL if you want to reset to the default. */ 70 extern int setexeccon(const char * con); 71 extern int setexeccon_raw(const char * con); 72 73 /* Get fscreate context, and set *con to refer to it. 74 Sets *con to NULL if no fs create context has been set, i.e. using default. 75 If non-NULL, caller must free via freecon. */ 76 extern int getfscreatecon(char ** con); 77 extern int getfscreatecon_raw(char ** con); 78 79 /* Set the fscreate security context for subsequent file creations. 80 Call with NULL if you want to reset to the default. */ 81 extern int setfscreatecon(const char * context); 82 extern int setfscreatecon_raw(const char * context); 83 84 /* Get keycreate context, and set *con to refer to it. 85 Sets *con to NULL if no key create context has been set, i.e. using default. 86 If non-NULL, caller must free via freecon. */ 87 extern int getkeycreatecon(char ** con); 88 extern int getkeycreatecon_raw(char ** con); 89 90 /* Set the keycreate security context for subsequent key creations. 91 Call with NULL if you want to reset to the default. */ 92 extern int setkeycreatecon(const char * context); 93 extern int setkeycreatecon_raw(const char * context); 94 95 /* Get sockcreate context, and set *con to refer to it. 96 Sets *con to NULL if no socket create context has been set, i.e. using default. 97 If non-NULL, caller must free via freecon. */ 98 extern int getsockcreatecon(char ** con); 99 extern int getsockcreatecon_raw(char ** con); 100 101 /* Set the sockcreate security context for subsequent socket creations. 102 Call with NULL if you want to reset to the default. */ 103 extern int setsockcreatecon(const char * context); 104 extern int setsockcreatecon_raw(const char * context); 105 106 /* Wrappers for the xattr API. */ 107 108 /* Get file context, and set *con to refer to it. 109 Caller must free via freecon. */ 110 extern int getfilecon(const char *path, char ** con); 111 extern int getfilecon_raw(const char *path, char ** con); 112 extern int lgetfilecon(const char *path, char ** con); 113 extern int lgetfilecon_raw(const char *path, char ** con); 114 extern int fgetfilecon(int fd, char ** con); 115 extern int fgetfilecon_raw(int fd, char ** con); 116 117 /* Set file context */ 118 extern int setfilecon(const char *path, const char * con); 119 extern int setfilecon_raw(const char *path, const char * con); 120 extern int lsetfilecon(const char *path, const char * con); 121 extern int lsetfilecon_raw(const char *path, const char * con); 122 extern int fsetfilecon(int fd, const char * con); 123 extern int fsetfilecon_raw(int fd, const char * con); 124 125 /* Wrappers for the socket API */ 126 127 /* Get context of peer socket, and set *con to refer to it. 128 Caller must free via freecon. */ 129 extern int getpeercon(int fd, char ** con); 130 extern int getpeercon_raw(int fd, char ** con); 131 132 /* Wrappers for the selinuxfs (policy) API. */ 133 134 typedef unsigned int access_vector_t; 135 typedef unsigned short security_class_t; 136 137 struct av_decision { 138 access_vector_t allowed; 139 access_vector_t decided; 140 access_vector_t auditallow; 141 access_vector_t auditdeny; 142 unsigned int seqno; 143 unsigned int flags; 144 }; 145 146 /* Definitions of av_decision.flags */ 147 #define SELINUX_AVD_FLAGS_PERMISSIVE 0x0001 148 149 /* Structure for passing options, used by AVC and label subsystems */ 150 struct selinux_opt { 151 int type; 152 const char *value; 153 }; 154 155 /* Callback facilities */ 156 union selinux_callback { 157 /* log the printf-style format and arguments, 158 with the type code indicating the type of message */ 159 int 160 #ifdef __GNUC__ 161 __attribute__ ((format(printf, 2, 3))) 162 #endif 163 (*func_log) (int type, const char *fmt, ...); 164 /* store a string representation of auditdata (corresponding 165 to the given security class) into msgbuf. */ 166 int (*func_audit) (void *auditdata, security_class_t cls, 167 char *msgbuf, size_t msgbufsize); 168 /* validate the supplied context, modifying if necessary */ 169 int (*func_validate) (char **ctx); 170 /* netlink callback for setenforce message */ 171 int (*func_setenforce) (int enforcing); 172 /* netlink callback for policyload message */ 173 int (*func_policyload) (int seqno); 174 }; 175 176 #define SELINUX_CB_LOG 0 177 #define SELINUX_CB_AUDIT 1 178 #define SELINUX_CB_VALIDATE 2 179 #define SELINUX_CB_SETENFORCE 3 180 #define SELINUX_CB_POLICYLOAD 4 181 182 extern union selinux_callback selinux_get_callback(int type); 183 extern void selinux_set_callback(int type, union selinux_callback cb); 184 185 /* Logging type codes, passed to the logging callback */ 186 #define SELINUX_ERROR 0 187 #define SELINUX_WARNING 1 188 #define SELINUX_INFO 2 189 #define SELINUX_AVC 3 190 #define SELINUX_POLICYLOAD 4 191 #define SELINUX_SETENFORCE 5 192 #define SELINUX_TRANS_DIR "/var/run/setrans" 193 194 /* Compute an access decision. */ 195 extern int security_compute_av(const char * scon, 196 const char * tcon, 197 security_class_t tclass, 198 access_vector_t requested, 199 struct av_decision *avd); 200 extern int security_compute_av_raw(const char * scon, 201 const char * tcon, 202 security_class_t tclass, 203 access_vector_t requested, 204 struct av_decision *avd); 205 206 extern int security_compute_av_flags(const char * scon, 207 const char * tcon, 208 security_class_t tclass, 209 access_vector_t requested, 210 struct av_decision *avd); 211 extern int security_compute_av_flags_raw(const char * scon, 212 const char * tcon, 213 security_class_t tclass, 214 access_vector_t requested, 215 struct av_decision *avd); 216 217 /* Compute a labeling decision and set *newcon to refer to it. 218 Caller must free via freecon. */ 219 extern int security_compute_create(const char * scon, 220 const char * tcon, 221 security_class_t tclass, 222 char ** newcon); 223 extern int security_compute_create_raw(const char * scon, 224 const char * tcon, 225 security_class_t tclass, 226 char ** newcon); 227 extern int security_compute_create_name(const char * scon, 228 const char * tcon, 229 security_class_t tclass, 230 const char *objname, 231 char ** newcon); 232 extern int security_compute_create_name_raw(const char * scon, 233 const char * tcon, 234 security_class_t tclass, 235 const char *objname, 236 char ** newcon); 237 238 /* Compute a relabeling decision and set *newcon to refer to it. 239 Caller must free via freecon. */ 240 extern int security_compute_relabel(const char * scon, 241 const char * tcon, 242 security_class_t tclass, 243 char ** newcon); 244 extern int security_compute_relabel_raw(const char * scon, 245 const char * tcon, 246 security_class_t tclass, 247 char ** newcon); 248 249 /* Compute a polyinstantiation member decision and set *newcon to refer to it. 250 Caller must free via freecon. */ 251 extern int security_compute_member(const char * scon, 252 const char * tcon, 253 security_class_t tclass, 254 char ** newcon); 255 extern int security_compute_member_raw(const char * scon, 256 const char * tcon, 257 security_class_t tclass, 258 char ** newcon); 259 260 /* 261 * Compute the set of reachable user contexts and set *con to refer to 262 * the NULL-terminated array of contexts. Caller must free via freeconary. 263 * These interfaces are deprecated. Use get_ordered_context_list() or 264 * one of its variant interfaces instead. 265 */ 266 #ifdef __GNUC__ 267 __attribute__ ((deprecated)) 268 #endif 269 extern int security_compute_user(const char * scon, 270 const char *username, 271 char *** con); 272 #ifdef __GNUC__ 273 __attribute__ ((deprecated)) 274 #endif 275 extern int security_compute_user_raw(const char * scon, 276 const char *username, 277 char *** con); 278 279 /* Validate a transition. This determines whether a transition from scon to newcon 280 using tcon as the target for object class tclass is valid in the loaded policy. 281 This checks against the mlsvalidatetrans and validatetrans constraints in the loaded policy. 282 Returns 0 if allowed and -1 if an error occurred with errno set */ 283 extern int security_validatetrans(const char *scon, 284 const char *tcon, 285 security_class_t tclass, 286 const char *newcon); 287 extern int security_validatetrans_raw(const char *scon, 288 const char *tcon, 289 security_class_t tclass, 290 const char *newcon); 291 292 /* Load a policy configuration. */ 293 extern int security_load_policy(const void *data, size_t len); 294 295 /* Get the context of an initial kernel security identifier by name. 296 Caller must free via freecon */ 297 extern int security_get_initial_context(const char *name, 298 char ** con); 299 extern int security_get_initial_context_raw(const char *name, 300 char ** con); 301 302 /* 303 * Make a policy image and load it. 304 * This function provides a higher level interface for loading policy 305 * than security_load_policy, internally determining the right policy 306 * version, locating and opening the policy file, mapping it into memory, 307 * manipulating it as needed for current boolean settings and/or local 308 * definitions, and then calling security_load_policy to load it. 309 * 310 * 'preservebools' is no longer supported, set to 0. 311 */ 312 extern int selinux_mkload_policy(int preservebools); 313 314 /* 315 * Perform the initial policy load. 316 * This function determines the desired enforcing mode, sets the 317 * the *enforce argument accordingly for the caller to use, sets the 318 * SELinux kernel enforcing status to match it, and loads the policy. 319 * It also internally handles the initial selinuxfs mount required to 320 * perform these actions. 321 * 322 * The function returns 0 if everything including the policy load succeeds. 323 * In this case, init is expected to re-exec itself in order to transition 324 * to the proper security context. 325 * Otherwise, the function returns -1, and init must check *enforce to 326 * determine how to proceed. If enforcing (*enforce > 0), then init should 327 * halt the system. Otherwise, init may proceed normally without a re-exec. 328 */ 329 extern int selinux_init_load_policy(int *enforce); 330 331 /* Translate boolean strict to name value pair. */ 332 typedef struct { 333 char *name; 334 int value; 335 } SELboolean; 336 /* save a list of booleans in a single transaction. 'permanent' is no 337 * longer supported, set to 0. 338 */ 339 extern int security_set_boolean_list(size_t boolcnt, 340 SELboolean * boollist, int permanent); 341 342 /* Load policy boolean settings. Deprecated as local policy booleans no 343 * longer supported. Will always return -1. 344 */ 345 extern int security_load_booleans(char *path) 346 #ifdef __GNUC__ 347 __attribute__ ((deprecated)) 348 #endif 349 ; 350 351 /* Check the validity of a security context. */ 352 extern int security_check_context(const char * con); 353 extern int security_check_context_raw(const char * con); 354 355 /* Canonicalize a security context. */ 356 extern int security_canonicalize_context(const char * con, 357 char ** canoncon); 358 extern int security_canonicalize_context_raw(const char * con, 359 char ** canoncon); 360 361 /* Get the enforce flag value. */ 362 extern int security_getenforce(void); 363 364 /* Set the enforce flag value. */ 365 extern int security_setenforce(int value); 366 367 /* Get the load-time behavior for undefined classes/permissions */ 368 extern int security_reject_unknown(void); 369 370 /* Get the runtime behavior for undefined classes/permissions */ 371 extern int security_deny_unknown(void); 372 373 /* Get the checkreqprot value */ 374 extern int security_get_checkreqprot(void); 375 376 /* Disable SELinux at runtime (must be done prior to initial policy load). 377 Unsupported since Linux 6.4. */ 378 #ifdef __GNUC__ 379 __attribute__ ((deprecated)) 380 #endif 381 extern int security_disable(void); 382 383 /* Get the policy version number. */ 384 extern int security_policyvers(void); 385 386 /* Get the boolean names */ 387 extern int security_get_boolean_names(char ***names, int *len); 388 389 /* Get the pending value for the boolean */ 390 extern int security_get_boolean_pending(const char *name); 391 392 /* Get the active value for the boolean */ 393 extern int security_get_boolean_active(const char *name); 394 395 /* Set the pending value for the boolean */ 396 extern int security_set_boolean(const char *name, int value); 397 398 /* Commit the pending values for the booleans */ 399 extern int security_commit_booleans(void); 400 401 /* Userspace class mapping support */ 402 struct security_class_mapping { 403 const char *name; 404 const char *perms[sizeof(access_vector_t) * 8 + 1]; 405 }; 406 407 /** 408 * selinux_set_mapping - Enable dynamic mapping between integer offsets and security class names 409 * @map: array of security_class_mapping structures 410 * 411 * The core avc_has_perm() API uses integers to represent security 412 * classes; previous to the introduction of this function, it was 413 * common for userspace object managers to be compiled using generated 414 * offsets for a particular policy. However, that strongly ties the build of the userspace components to a particular policy. 415 * 416 * By using this function to map between integer offsets and security 417 * class names, it's possible to replace a system policies that have 418 * at least the same set of security class names as used by the 419 * userspace object managers. 420 * 421 * To correctly use this function, you should override the generated 422 * security class defines from the system policy in a local header, 423 * starting at 1, and have one security_class_mapping structure entry 424 * per define. 425 */ 426 extern int selinux_set_mapping(const struct security_class_mapping *map); 427 428 /* Common helpers */ 429 430 /* Convert between mode and security class values */ 431 extern security_class_t mode_to_security_class(mode_t mode); 432 /* Convert between security class values and string names */ 433 extern security_class_t string_to_security_class(const char *name); 434 extern const char *security_class_to_string(security_class_t cls); 435 436 /* Convert between individual access vector permissions and string names */ 437 extern const char *security_av_perm_to_string(security_class_t tclass, 438 access_vector_t perm); 439 extern access_vector_t string_to_av_perm(security_class_t tclass, 440 const char *name); 441 442 /* Returns an access vector in a string representation. User must free the 443 * returned string via free(). */ 444 extern int security_av_string(security_class_t tclass, 445 access_vector_t av, char **result); 446 447 /* Display an access vector in a string representation. */ 448 extern void print_access_vector(security_class_t tclass, access_vector_t av); 449 450 /* Flush the SELinux class cache, e.g. upon a policy reload. */ 451 extern void selinux_flush_class_cache(void); 452 453 /* Set the function used by matchpathcon_init when displaying 454 errors about the file_contexts configuration. If not set, 455 then this defaults to fprintf(stderr, fmt, ...). */ 456 extern void set_matchpathcon_printf(void 457 #ifdef __GNUC__ 458 __attribute__ ((format(printf, 1, 2))) 459 #endif 460 (*f) (const char *fmt, ...)); 461 462 /* Set the function used by matchpathcon_init when checking the 463 validity of a context in the file contexts configuration. If not set, 464 then this defaults to a test based on security_check_context(). 465 The function is also responsible for reporting any such error, and 466 may include the 'path' and 'lineno' in such error messages. */ 467 extern void set_matchpathcon_invalidcon(int (*f) (const char *path, 468 unsigned lineno, 469 char *context)); 470 471 /* Same as above, but also allows canonicalization of the context, 472 by changing *context to refer to the canonical form. If not set, 473 and invalidcon is also not set, then this defaults to calling 474 security_canonicalize_context(). */ 475 extern void set_matchpathcon_canoncon(int (*f) (const char *path, 476 unsigned lineno, 477 char **context)); 478 479 /* Set flags controlling operation of matchpathcon_init or matchpathcon. */ 480 #define MATCHPATHCON_BASEONLY 1 /* Only process the base file_contexts file. */ 481 #define MATCHPATHCON_NOTRANS 2 /* Do not perform any context translation. */ 482 #define MATCHPATHCON_VALIDATE 4 /* Validate/canonicalize contexts at init time. */ 483 extern void set_matchpathcon_flags(unsigned int flags); 484 485 /* Load the file contexts configuration specified by 'path' 486 into memory for use by subsequent matchpathcon calls. 487 If 'path' is NULL, then load the active file contexts configuration, 488 i.e. the path returned by selinux_file_context_path(). 489 Unless the MATCHPATHCON_BASEONLY flag has been set, this 490 function also checks for a 'path'.homedirs file and 491 a 'path'.local file and loads additional specifications 492 from them if present. */ 493 extern int matchpathcon_init(const char *path) 494 #ifdef __GNUC__ 495 __attribute__ ((deprecated("Use selabel_open with backend SELABEL_CTX_FILE"))) 496 #endif 497 ; 498 499 /* Same as matchpathcon_init, but only load entries with 500 regexes that have stems that are prefixes of 'prefix'. */ 501 extern int matchpathcon_init_prefix(const char *path, const char *prefix); 502 503 /* Free the memory allocated by matchpathcon_init. */ 504 extern void matchpathcon_fini(void) 505 #ifdef __GNUC__ 506 __attribute__ ((deprecated("Use selabel_close"))) 507 #endif 508 ; 509 510 /* Resolve all of the symlinks and relative portions of a pathname, but NOT 511 * the final component (same a realpath() unless the final component is a 512 * symlink. Resolved path must be a path of size PATH_MAX + 1 */ 513 extern int realpath_not_final(const char *name, char *resolved_path); 514 515 /* Match the specified pathname and mode against the file contexts 516 configuration and set *con to refer to the resulting context. 517 'mode' can be 0 to disable mode matching. 518 Caller must free via freecon. 519 If matchpathcon_init has not already been called, then this function 520 will call it upon its first invocation with a NULL path. */ 521 extern int matchpathcon(const char *path, 522 mode_t mode, char ** con) 523 #ifdef __GNUC__ 524 __attribute__ ((deprecated("Use selabel_lookup instead"))) 525 #endif 526 ; 527 528 /* Same as above, but return a specification index for 529 later use in a matchpathcon_filespec_add() call - see below. */ 530 extern int matchpathcon_index(const char *path, 531 mode_t mode, char ** con); 532 533 /* Maintain an association between an inode and a specification index, 534 and check whether a conflicting specification is already associated 535 with the same inode (e.g. due to multiple hard links). If so, then 536 use the latter of the two specifications based on their order in the 537 file contexts configuration. Return the used specification index. */ 538 extern int matchpathcon_filespec_add(ino_t ino, int specind, const char *file); 539 540 /* Destroy any inode associations that have been added, e.g. to restart 541 for a new filesystem. */ 542 extern void matchpathcon_filespec_destroy(void); 543 544 /* Display statistics on the hash table usage for the associations. */ 545 extern void matchpathcon_filespec_eval(void); 546 547 /* Check to see whether any specifications had no matches and report them. 548 The 'str' is used as a prefix for any warning messages. */ 549 extern void matchpathcon_checkmatches(char *str); 550 551 /* Match the specified media and against the media contexts 552 configuration and set *con to refer to the resulting context. 553 Caller must free con via freecon. */ 554 extern int matchmediacon(const char *media, char ** con); 555 556 /* 557 selinux_getenforcemode reads the /etc/selinux/config file and determines 558 whether the machine should be started in enforcing (1), permissive (0) or 559 disabled (-1) mode. 560 */ 561 extern int selinux_getenforcemode(int *enforce); 562 563 /* 564 selinux_boolean_sub reads the /etc/selinux/TYPE/booleans.subs_dist file 565 looking for a record with boolean_name. If a record exists selinux_boolean_sub 566 returns the translated name otherwise it returns the original name. 567 The returned value needs to be freed. On failure NULL will be returned. 568 */ 569 extern char *selinux_boolean_sub(const char *boolean_name); 570 571 /* 572 selinux_getpolicytype reads the /etc/selinux/config file and determines 573 what the default policy for the machine is. Calling application must 574 free policytype. 575 */ 576 extern int selinux_getpolicytype(char **policytype); 577 578 /* 579 selinux_policy_root reads the /etc/selinux/config file and returns 580 the directory path under which the compiled policy file and context 581 configuration files exist. 582 */ 583 extern const char *selinux_policy_root(void); 584 585 /* 586 selinux_set_policy_root sets an alternate policy root directory path under 587 which the compiled policy file and context configuration files exist. 588 */ 589 extern int selinux_set_policy_root(const char *rootpath); 590 591 /* These functions return the paths to specific files under the 592 policy root directory. */ 593 extern const char *selinux_current_policy_path(void); 594 extern const char *selinux_binary_policy_path(void); 595 extern const char *selinux_failsafe_context_path(void); 596 extern const char *selinux_removable_context_path(void); 597 extern const char *selinux_default_context_path(void); 598 extern const char *selinux_user_contexts_path(void); 599 extern const char *selinux_file_context_path(void); 600 extern const char *selinux_file_context_homedir_path(void); 601 extern const char *selinux_file_context_local_path(void); 602 extern const char *selinux_file_context_subs_path(void); 603 extern const char *selinux_file_context_subs_dist_path(void); 604 extern const char *selinux_homedir_context_path(void); 605 extern const char *selinux_media_context_path(void); 606 extern const char *selinux_virtual_domain_context_path(void); 607 extern const char *selinux_virtual_image_context_path(void); 608 extern const char *selinux_lxc_contexts_path(void); 609 extern const char *selinux_x_context_path(void); 610 extern const char *selinux_sepgsql_context_path(void); 611 extern const char *selinux_openrc_contexts_path(void); 612 extern const char *selinux_openssh_contexts_path(void); 613 extern const char *selinux_snapperd_contexts_path(void); 614 extern const char *selinux_systemd_contexts_path(void); 615 extern const char *selinux_contexts_path(void); 616 extern const char *selinux_securetty_types_path(void); 617 extern const char *selinux_booleans_subs_path(void); 618 /* Deprecated as local policy booleans no longer supported. */ 619 extern const char *selinux_booleans_path(void) 620 #ifdef __GNUC__ 621 __attribute__ ((deprecated)) 622 #endif 623 ; 624 extern const char *selinux_customizable_types_path(void); 625 /* Deprecated as policy ./users no longer supported. */ 626 extern const char *selinux_users_path(void) 627 #ifdef __GNUC__ 628 __attribute__ ((deprecated)) 629 #endif 630 ; 631 extern const char *selinux_usersconf_path(void); 632 extern const char *selinux_translations_path(void); 633 extern const char *selinux_colors_path(void); 634 extern const char *selinux_netfilter_context_path(void); 635 extern const char *selinux_path(void); 636 637 /** 638 * selinux_check_access - Check permissions and perform appropriate auditing. 639 * @scon: source security context 640 * @tcon: target security context 641 * @tclass: target security class string 642 * @perm: requested permissions string, interpreted based on @tclass 643 * @auditdata: auxiliary audit data 644 * 645 * Check the AVC to determine whether the @perm permissions are granted 646 * for the SID pair (@scon, @tcon), interpreting the permissions 647 * based on @tclass. 648 * Return %0 if all @perm permissions are granted, -%1 with 649 * @errno set to %EACCES if any permissions are denied or to another 650 * value upon other errors. 651 * If auditing or logging is configured the appropriate callbacks will be called 652 * and passed the auditdata field 653 */ 654 extern int selinux_check_access(const char * scon, const char * tcon, const char *tclass, const char *perm, void *auditdata); 655 656 /* Check a permission in the passwd class. 657 Return 0 if granted or -1 otherwise. */ 658 extern int selinux_check_passwd_access(access_vector_t requested) 659 #ifdef __GNUC__ 660 __attribute__ ((deprecated("Use selinux_check_access"))) 661 #endif 662 ; 663 664 extern int checkPasswdAccess(access_vector_t requested) 665 #ifdef __GNUC__ 666 __attribute__ ((deprecated("Use selinux_check_access"))) 667 #endif 668 ; 669 670 /* Check if the tty_context is defined as a securetty 671 Return 0 if secure, < 0 otherwise. */ 672 extern int selinux_check_securetty_context(const char * tty_context); 673 674 /* Set the path to the selinuxfs mount point explicitly. 675 Normally, this is determined automatically during libselinux 676 initialization, but this is not always possible, e.g. for /sbin/init 677 which performs the initial mount of selinuxfs. */ 678 extern void set_selinuxmnt(const char *mnt); 679 680 /* Check if selinuxfs exists as a kernel filesystem */ 681 extern int selinuxfs_exists(void); 682 683 /* clear selinuxmnt variable and free allocated memory */ 684 extern void fini_selinuxmnt(void); 685 686 /* Set an appropriate security context based on the filename of a helper 687 * program, falling back to a new context with the specified type. */ 688 extern int setexecfilecon(const char *filename, const char *fallback_type); 689 690 #ifndef DISABLE_RPM 691 /* Execute a helper for rpm in an appropriate security context. */ 692 extern int rpm_execcon(unsigned int verified, 693 const char *filename, 694 char *const argv[], char *const envp[]) 695 #ifdef __GNUC__ 696 __attribute__((deprecated("Use setexecfilecon and execve"))) 697 #endif 698 ; 699 #endif 700 701 /* Returns whether a file context is customizable, and should not 702 be relabeled . */ 703 extern int is_context_customizable(const char * scontext); 704 705 /* Perform context translation between the human-readable format 706 ("translated") and the internal system format ("raw"). 707 Caller must free the resulting context via freecon. 708 Returns -1 upon an error or 0 otherwise. 709 If passed NULL, sets the returned context to NULL and returns 0. */ 710 extern int selinux_trans_to_raw_context(const char * trans, 711 char ** rawp); 712 extern int selinux_raw_to_trans_context(const char * raw, 713 char ** transp); 714 715 /* Perform context translation between security contexts 716 and display colors. Returns a space-separated list of ten 717 ten hex RGB triples prefixed by hash marks, e.g. "#ff0000". 718 Caller must free the resulting string via free. 719 Returns -1 upon an error or 0 otherwise. */ 720 extern int selinux_raw_context_to_color(const char * raw, 721 char **color_str); 722 723 /* Get the SELinux username and level to use for a given Linux username. 724 These values may then be passed into the get_ordered_context_list* 725 and get_default_context* functions to obtain a context for the user. 726 Returns 0 on success or -1 otherwise. 727 Caller must free the returned strings via free. */ 728 extern int getseuserbyname(const char *linuxuser, char **seuser, char **level); 729 730 /* Get the SELinux username and level to use for a given Linux username and service. 731 These values may then be passed into the get_ordered_context_list* 732 and get_default_context* functions to obtain a context for the user. 733 Returns 0 on success or -1 otherwise. 734 Caller must free the returned strings via free. */ 735 extern int getseuser(const char *username, const char *service, 736 char **r_seuser, char **r_level); 737 738 /* Compare two file contexts, return 0 if equivalent. */ 739 extern int selinux_file_context_cmp(const char * a, 740 const char * b); 741 742 /* 743 * Verify the context of the file 'path' against policy. 744 * Return 1 if match, 0 if not and -1 on error. 745 */ 746 extern int selinux_file_context_verify(const char *path, mode_t mode); 747 748 /* This function sets the file context on to the system defaults returns 0 on success */ 749 extern int selinux_lsetfilecon_default(const char *path); 750 751 /* 752 * Force a reset of the loaded configuration 753 * WARNING: This is not thread safe. Be very sure that no other threads 754 * are calling into libselinux when this is called. 755 */ 756 extern void selinux_reset_config(void); 757 758 #ifdef __cplusplus 759 } 760 #endif 761 #endif 762