table of contents
selinux_file_context_verify(3) | Library Functions Manual | selinux_file_context_verify(3) |
NAME¶
selinux_file_context_verify - Compare the SELinux security context on disk to the default security context required by the policy file contexts file.SYNOPSIS¶
#include <selinux/selinux.h>DESCRIPTION¶
selinux_file_context_verify compares the context of the specified path that is held on disk (in the extended attribute), to the system default entry held in the file contexts series of files.RETURN VALUE¶
If the contexts significantly match, 1 (one) is returned.ERRORS¶
- ENOTSUP
- if extended attributes are not supported by the file system.
- ENOENT
- if there is no entry in the file contexts series of files or path does not exist.
- EINVAL
- if the entry in the file contexts series of files or path are invalid, or the returned context fails validation.
- ENOMEM
- if attempt to allocate memory failed.
FILES¶
The following configuration files (the file contexts series of files) supporting the active policy will be used (should they exist) to determine the path default context:contexts/files/file_contexts - This file must
exist.
contexts/files/file_contexts.local - If exists has local customizations.
contexts/files/file_contexts.homedirs - If exists has users home directory
customizations.
contexts/files/file_contexts.subs - If exists has substitutions that are then
applied to the 'in memory' version of the file contexts files.
EXAMPLE¶
If the files context is:unconfined_u:object_r:admin_home_t:s0
system_u:object_r:admin_home_t:s0
:object_r:admin_home_t:s0 and
:object_r:admin_home_t:s0
SEE ALSO¶
selinux(8)08 March 2011 | SELinux API documentation |