Scroll to navigation

matchpathcon_checkmatches(3) SELinux API documentation matchpathcon_checkmatches(3)

NAME

matchpathcon_checkmatches, matchpathcon_filespec_add, matchpathcon_filespec_destroy, matchpathcon_filespec_eval - check and report whether any specification index has no matches with any inode. Maintenance and statistics on inode associations

SYNOPSIS

#include <selinux/selinux.h>

void matchpathcon_checkmatches(char *str);

int matchpathcon_filespec_add(ino_t ino, int specind, const char *file);

void matchpathcon_filespec_destroy(void);

void matchpathcon_filespec_eval(void);

DESCRIPTION

matchpathcon_checkmatches() checks whether any specification has no matches and reports them. The str argument is used as a prefix for any warning messages.

matchpathcon_filespec_add() maintains an association between an inode ino and a specification index specind, and checks whether a conflicting specification is already associated with the same inode (e.g. due to multiple hard links). If so, then it uses the latter of the two specifications based on their order in the file context configuration. Returns the specification index used or -1 on error.

matchpathcon_filespec_destroy() destroys any inode associations that have been added, e.g. to restart for a new filesystem.

matchpathcon_filespec_eval() displays statistics on the hash table usage for the inode associations.

RETURN VALUE

Returns zero on success or -1 otherwise.

SEE ALSO

selinux(8), matchpathcon(3), matchpathcon_index(3), freecon(3), setfilecon(3), setfscreatecon(3)
21 November 2009 sds@tycho.nsa.gov