diff options
Diffstat (limited to 'libselinux/man/man3/getfscreatecon.3')
| -rw-r--r-- | libselinux/man/man3/getfscreatecon.3 | 43 |
1 files changed, 26 insertions, 17 deletions
diff --git a/libselinux/man/man3/getfscreatecon.3 b/libselinux/man/man3/getfscreatecon.3 index 474aa281..1b0f3d16 100644 --- a/libselinux/man/man3/getfscreatecon.3 +++ b/libselinux/man/man3/getfscreatecon.3 @@ -1,38 +1,47 @@ .TH "getfscreatecon" "3" "1 January 2004" "russell@coker.com.au" "SELinux API documentation" .SH "NAME" -getfscreatecon, setfscreatecon \- get or set the SELinux security context used for creating a new file system object. - +getfscreatecon, setfscreatecon \- get or set the SELinux security context used for creating a new file system object +. .SH "SYNOPSIS" .B #include <selinux/selinux.h> .sp .BI "int getfscreatecon(security_context_t *" con ); - +.sp .BI "int setfscreatecon(security_context_t "context ); - +. .SH "DESCRIPTION" -.B getfscreatecon +.BR getfscreatecon () retrieves the context used for creating a new file system object. -This returned context should be freed with freecon if non-NULL. -getfscreatecon sets *con to NULL if no fscreate context has been explicitly +This returned context should be freed with +.BR freecon (3) +if non-NULL. +.BR getfscreatecon () +sets *con to NULL if no fscreate context has been explicitly set by the program (i.e. using the default policy behavior). -.B setfscreatecon +.BR setfscreatecon () sets the context used for creating a new file system object. NULL can be passed to -setfscreatecon to reset to the default policy behavior. -The fscreate context is automatically reset after the next execve, so a -program doesn't need to explicitly sanitize it upon startup. - -setfscreatecon can be applied prior to library +.BR setfscreatecon () +to reset to the default policy behavior. +The fscreate context is automatically reset after the next +.BR execve (2), +so a program doesn't need to explicitly sanitize it upon startup. + +.BR setfscreatecon () +can be applied prior to library functions that internally perform an file creation, in order to set an file context on the objects. - -Note: Signal handlers that perform an setfscreate must take care to +.B Note: +Signal handlers that perform a +.BR setfscreatecon () +must take care to save, reset, and restore the fscreate context to avoid unexpected behavior. +. .SH "RETURN VALUE" -On error -1 is returned. +On error \-1 is returned. On success 0 is returned. - +. .SH "SEE ALSO" .BR selinux "(8), " freecon "(3), " getcon "(3), " getexeccon "(3)" |