1 files changed, 38 insertions, 0 deletions

diff --git a/libselinux/man/man3/getfscreatecon.3 b/libselinux/man/man3/getfscreatecon.3
new file mode 100644
index 00000000..474aa281
--- /dev/null
+++ b/libselinux/man/man3/getfscreatecon.3
@@ -0,0 +1,38 @@
+.TH "getfscreatecon" "3" "1 January 2004" "russell@coker.com.au" "SELinux API documentation"
+.SH "NAME"
+getfscreatecon, setfscreatecon \- get or set the SELinux security context used for creating a new file system object.
+
+.SH "SYNOPSIS"
+.B #include <selinux/selinux.h>
+.sp
+.BI "int getfscreatecon(security_context_t *" con );
+
+.BI "int setfscreatecon(security_context_t "context );
+
+.SH "DESCRIPTION"
+.B getfscreatecon
+retrieves the context used for creating a new file system object.
+This returned context should be freed with freecon if non-NULL.  
+getfscreatecon sets *con to NULL if no fscreate context has been explicitly 
+set by the program (i.e. using the default policy behavior).
+
+.B setfscreatecon
+sets the context used for creating a new file system object.
+NULL can be passed to
+setfscreatecon to reset to the default policy behavior.  
+The fscreate context is automatically reset after the next execve, so a
+program doesn't need to explicitly sanitize it upon startup.  
+
+setfscreatecon can be applied prior to library
+functions that internally perform an file creation,
+in order to set an file context on the objects.
+
+
+Note: Signal handlers that perform an setfscreate must take care to
+save, reset, and restore the fscreate context to avoid unexpected behavior.
+.SH "RETURN VALUE"
+On error -1 is returned.
+On success 0 is returned.
+
+.SH "SEE ALSO"
+.BR selinux "(8), " freecon "(3), " getcon "(3), " getexeccon "(3)"