setexeccon man page on Fedora

Man page or keyword search:  
man Server   31170 pages
apropos Keyword Search (all sections)
Output format
Fedora logo
[printable version]

getexeccon(3)		   SELinux API documentation		 getexeccon(3)

NAME
       getexeccon,  setexeccon	- get or set the SELinux security context used
       for executing a new process.

       rpm_execcon - run a helper for rpm in an appropriate security context

SYNOPSIS
       #include <selinux/selinux.h>

       int getexeccon(security_context_t *context);

       int setexeccon(security_context_t context);

       int rpm_execcon(unsigned	 int  verified,	 const	char  *filename,  char
       *const argv[] , char *const envp[]);

DESCRIPTION
       getexeccon  retrieves  the  context  used  for executing a new process.
       This returned context should be freed with freecon if non-NULL.	getex‐
       eccon  sets  *con to NULL if no exec context has been explicitly set by
       the program (i.e. using the default policy behavior).

       setexeccon sets the context used for the next execve call.  NULL can be
       passed to setexeccon to reset to the default policy behavior.  The exec
       context is automatically reset after the	 next  execve,	so  a  program
       doesn't need to explicitly sanitize it upon startup.

       setexeccon  can	be  applied prior to library functions that internally
       perform an execve, e.g. execl*, execv*, popen, in order to set an  exec
       context for that operation.

       Note:  Signal  handlers	that perform an execve must take care to save,
       reset, and restore the exec context to avoid unexpected behavior.

       rpm_execcon runs a helper for rpm in an appropriate  security  context.
       The  verified  parameter should contain the return code from the signa‐
       ture verification (0 == ok, 1 == notfound, 2 == verifyfail, 3  ==  not‐
       trusted,	 4 == nokey), although this information is not yet used by the
       function.  The function determines the proper security context for  the
       helper  based  on  policy,  sets the exec context accordingly, and then
       executes the specified filename with the provided argument and environ‐
       ment arrays.

RETURN VALUE
       On error -1 is returned.

       On  success  getexeccon	and  setexeccon	 returns  0.  rpm_execcon only
       returns upon errors, as it calls execve(2).

SEE ALSO
       selinux(8), freecon(3), getcon(3)

russell@coker.com.au		1 January 2004			 getexeccon(3)
[top]

List of man pages available for Fedora

Copyright (c) for man pages and the logo by the respective OS vendor.

For those who want to learn more, the polarhome community provides shell access and support.

[legal] [privacy] [GNU] [policy] [cookies] [netiquette] [sponsors] [FAQ]
Tweet
Polarhome, production since 1999.
Member of Polarhome portal.
Based on Fawad Halim's script.
....................................................................
Vote for polarhome
Free Shell Accounts :: the biggest list on the net