![]() |
![]() |
![]() |
OSTree Manual | ![]() |
---|---|---|---|---|
Top | Description |
SELinux policy managementSELinux policy management — Read SELinux policy and manage filesystem labels |
typedef OstreeSePolicy; OstreeSePolicy * ostree_sepolicy_new (GFile *path
,GCancellable *cancellable
,GError **error
); GFile * ostree_sepolicy_get_path (OstreeSePolicy *self
); const char * ostree_sepolicy_get_name (OstreeSePolicy *self
); gboolean ostree_sepolicy_get_label (OstreeSePolicy *self
,const char *relpath
,guint32 unix_mode
,char **out_label
,GCancellable *cancellable
,GError **error
); enum OstreeSePolicyRestoreconFlags; gboolean ostree_sepolicy_restorecon (OstreeSePolicy *self
,const char *path
,GFileInfo *info
,GFile *target
,OstreeSePolicyRestoreconFlags flags
,char **out_new_label
,GCancellable *cancellable
,GError **error
);
A OstreeSePolicy object can load the SELinux policy from a given root and perform labeling.
OstreeSePolicy * ostree_sepolicy_new (GFile *path
,GCancellable *cancellable
,GError **error
);
|
Path to a root directory |
Returns : |
An accessor object for SELinux policy in root located at path . [transfer full]
|
GFile * ostree_sepolicy_get_path (OstreeSePolicy *self
);
Returns : |
Path to rootfs. [transfer none] |
gboolean ostree_sepolicy_get_label (OstreeSePolicy *self
,const char *relpath
,guint32 unix_mode
,char **out_label
,GCancellable *cancellable
,GError **error
);
Store in out_label
the security context for the given relpath
and
mode unix_mode
. If the policy does not specify a label, NULL
will be returned.
|
Self |
|
Path |
|
Unix mode |
|
Return location for security context. [allow-none][out][transfer full] |
|
Cancellable |
|
Error |
typedef enum { OSTREE_SEPOLICY_RESTORECON_FLAGS_NONE, OSTREE_SEPOLICY_RESTORECON_FLAGS_ALLOW_NOLABEL = (1 << 0), OSTREE_SEPOLICY_RESTORECON_FLAGS_KEEP_EXISTING = (1 << 1) } OstreeSePolicyRestoreconFlags;
gboolean ostree_sepolicy_restorecon (OstreeSePolicy *self
,const char *path
,GFileInfo *info
,GFile *target
,OstreeSePolicyRestoreconFlags flags
,char **out_new_label
,GCancellable *cancellable
,GError **error
);
Reset the security context of target
based on the SELinux policy.
|
Self |
|
Path string to use for policy lookup |
|
File attributes. [allow-none] |
|
Physical path to target file |
|
Flags controlling behavior |
|
New label, or NULL if unchanged. [allow-none][out]
|
|
Cancellable |
|
Error |