The OpenNET Project / Index page

[ новости /+++ | форум | теги | ]

Интерактивная система просмотра системных руководств (man-ов)

 ТемаНаборКатегория 
 
 [Cписок руководств | Печать]

avc_sid_to_context (3)
  • >> avc_sid_to_context (3) ( Разные man: Библиотечные вызовы )
  •  

    NAME

    avc_context_to_sid, avc_sid_to_context, sidput, sidget - obtain and manipulate security ID's.
     
    

    SYNOPSIS

    #include <selinux/selinux.h>
    #include <selinux/avc.h>

    int avc_context_to_sid(security_context_t ctx, security_id_t *sid);

    int avc_sid_to_context(security_id_t sid, security_context_t *ctx);

    int sidget(security_id_t sid);

    int sidput(security_id_t sid);  

    DESCRIPTION

    Security ID's (SID's) are reference-counted, opaque representations of security contexts.

    avc_context_to_sid returns a SID for the given context in the memory referenced by sid, incrementing its reference count by 1.

    avc_sid_to_context returns a copy of the context represented by sid in the memory referenced by ctx. The user must free the copy with freecon(3).

    sidget increments the reference count of sid by 1.

    sidput decrements the reference count of sid by 1. If the count ever reaches zero, the SID becomes invalid and must not be used any further.

     

    RETURN VALUE

    sidget and sidput return the new reference count. A return value of zero indicates an invalid SID.

    avc_context_to_sid and avc_sid_to_context return zero on success. On error, -1 is returned and errno is set appropriately.

     

    ERRORS

    EINVAL
    The provided sid has a zero reference count and is invalid.
    ENOMEM
    An attempt to allocate memory failed.

     

    NOTES

    The expected usage pattern for these functions is that avc_context_to_sid will be called once to obtain a SID for a newly created object, sidget will be called on a SID when its object is duplicated, and sidput will be called on a SID when its object is destroyed. Proper reference counting is necessary to ensure that SID's and associated cache entries are reclaimed from memory when no longer needed.

     

    AUTHOR

    Eamon Walsh <ewalsh@epoch.ncsc.mil>

     

    SEE ALSO

    avc_init(3), avc_has_perm(3), avc_cache_stats(3), avc_add_callback(3), getcon(3), freecon(3)


     

    Index

    NAME
    SYNOPSIS
    DESCRIPTION
    RETURN VALUE
    ERRORS
    NOTES
    AUTHOR
    SEE ALSO


    Поиск по тексту MAN-ов: 




    Партнёры:
    PostgresPro
    Inferno Solutions
    Hosting by Hoster.ru
    Хостинг:

    Закладки на сайте
    Проследить за страницей
    Created 1996-2024 by Maxim Chirkov
    Добавить, Поддержать, Вебмастеру