NAME¶
set_matchpathcon_flags, set_matchpathcon_invalidcon, set_matchpathcon_printf -
set flags controlling the operation of matchpathcon or matchpathcon_index and
configure the behaviour of validity checking and error displaying
SYNOPSIS¶
#include <selinux/selinux.h>
void set_matchpathcon_flags(unsigned int flags);
void set_matchpathcon_invalidcon(int (*f)(const char
*path, unsigned lineno, char
*context));
void set_matchpathcon_printf(void (*f)(const char
*fmt, ...));
DESCRIPTION¶
set_matchpathcon_flags() sets the flags controlling the operation of
matchpathcon_init(3) and subsequently
matchpathcon_index(3) or
matchpathcon(3). If the
MATCHPATHCON_BASEONLY flag is set, then
only the base file contexts configuration file will be processed, not any
dynamically generated entries or local customizations.
set_matchpathcon_invalidcon() sets the function used by
matchpathcon_init(3) when checking the validity of a context in the
file contexts configuration. If not set, then this defaults to a test based on
security_check_context(3), which checks validity against the active
policy on a SELinux system. This can be set to instead perform checking based
on a binary policy file, e.g. using
sepol_check_context(3), as is done
by
setfiles -c. The function is also responsible for reporting any such
error, and may include the
path and
lineno in such error
messages.
set_matchpathcon_printf() sets the function used by
matchpathcon_init(3) when displaying errors about the file contexts
configuration. If not set, then this defaults to fprintf(stderr, fmt, ...).
This can be set to redirect error reporting to a different destination.
RETURN VALUE¶
Returns zero on success or -1 otherwise.
SEE ALSO¶
selinux(8),
matchpathcon(3),
matchpathcon_index(3),
set_matchpathcon_invalidcon(3),
set_matchpathcon_printf(3),
freecon(3),
setfilecon(3),
setfscreatecon(3)