diff options
Diffstat (limited to 'libselinux/man/man3/getsockcreatecon.3')
| -rw-r--r-- | libselinux/man/man3/getsockcreatecon.3 | 45 |
1 files changed, 27 insertions, 18 deletions
diff --git a/libselinux/man/man3/getsockcreatecon.3 b/libselinux/man/man3/getsockcreatecon.3 index 24f2cc0e..8fb2061e 100644 --- a/libselinux/man/man3/getsockcreatecon.3 +++ b/libselinux/man/man3/getsockcreatecon.3 @@ -1,38 +1,47 @@ -.TH "getsockcreatecon" "3" "24 September 2008" "dwalsh@redhat.com from russell@coker.com.au" "SELinux API documentation" +.TH "getsockcreatecon" "3" "24 September 2008" "dwalsh@redhat.com" "SELinux API documentation" .SH "NAME" -getsockcreatecon, setsockcreatecon \- get or set the SELinux security context used for creating a new labeled sockets. - +getsockcreatecon, setsockcreatecon \- get or set the SELinux security context used for creating a new labeled sockets +. .SH "SYNOPSIS" .B #include <selinux/selinux.h> .sp .BI "int getsockcreatecon(security_context_t *" con ); - +.sp .BI "int setsockcreatecon(security_context_t "context ); - +. .SH "DESCRIPTION" -.B getsockcreatecon +.BR getsockcreatecon () retrieves the context used for creating a new labeled network socket. -This returned context should be freed with freecon if non-NULL. -getsockcreatecon sets *con to NULL if no sockcreate context has been explicitly +This returned context should be freed with +.BR freecon (3) +if non-NULL. +.BR getsockcreatecon () +sets *con to NULL if no sockcreate context has been explicitly set by the program (i.e. using the default policy behavior). -.B setsockcreatecon +.BR setsockcreatecon () sets the context used for creating a new labeled network sockets NULL can be passed to -setsockcreatecon to reset to the default policy behavior. -The sockcreate context is automatically reset after the next execve, so a -program doesn't need to explicitly sanitize it upon startup. - -setsockcreatecon can be applied prior to library +.BR setsockcreatecon () +to reset to the default policy behavior. +The sockcreate context is automatically reset after the next +.BR execve (2), +so a program doesn't need to explicitly sanitize it upon startup. + +.BR setsockcreatecon () +can be applied prior to library functions that internally perform an file creation, in order to set an file context on the objects. - -Note: Signal handlers that perform an setsockcreate must take care to +.B Note: +Signal handlers that perform a +.BR setsockcreatecon () +must take care to save, reset, and restore the sockcreate context to avoid unexpected behavior. +. .SH "RETURN VALUE" -On error -1 is returned. +On error \-1 is returned. On success 0 is returned. - +. .SH "SEE ALSO" .BR selinux "(8), " freecon "(3), " getcon "(3) |