selinux-commits

[Selinux-commits] SF.net SVN: selinux: [2316] trunk/libselinux/man/man3

[<ssm...@us...>]

Revision: 2316
          http://svn.sourceforge.net/selinux/?rev=2316&view=rev
Author:   ssmalley
Date:     2007-03-30 11:50:23 -0700 (Fri, 30 Mar 2007)

Log Message:
-----------
Author: Eamon Walsh
Email: ew...@ty...
Subject: libselinux: string and compute_create functions
Date: Fri, 30 Mar 2007 13:55:47 -0400

Man pages for new (and old string) functions.

--

Added Paths:
-----------
    trunk/libselinux/man/man3/avc_compute_create.3
    trunk/libselinux/man/man3/security_av_perm_to_string.3
    trunk/libselinux/man/man3/security_av_string.3
    trunk/libselinux/man/man3/security_class_to_string.3
    trunk/libselinux/man/man3/string_to_av_perm.3
    trunk/libselinux/man/man3/string_to_security_class.3

Added: trunk/libselinux/man/man3/avc_compute_create.3
===================================================================
--- trunk/libselinux/man/man3/avc_compute_create.3	                        (rev 0)
+++ trunk/libselinux/man/man3/avc_compute_create.3	2007-03-30 18:50:23 UTC (rev 2316)
@@ -0,0 +1,58 @@
+.\" Hey Emacs! This file is -*- nroff -*- source.
+.\"
+.\" Author: Eamon Walsh (ew...@ty...) 2007
+.TH "avc_compute_create" "3" "30 Mar 2007" "" "SE Linux API documentation"
+.SH "NAME"
+avc_compute_create \- obtain SELinux label for new object.
+.SH "SYNOPSIS"
+.B #include <selinux/selinux.h>
+.br
+.B #include <selinux/avc.h>
+.sp
+.BI "int avc_compute_create(security_id_t " ssid ", security_id_t " tsid ,
+.in +\w'int avc_compute_create('u
+.BI "security_class_t " tclass ", security_id_t *" newsid ");"
+.in
+.SH "DESCRIPTION"
+.B avc_compute_create
+is used to compute a SID to use for labeling a new object in a particular class based on a SID pair.  This call is identical to
+.BR security_compute_create ,
+but does not require converting from userspace SID's to contexts and back again.
+
+.B avc_compute_create
+returns a SID for the computed context in the memory referenced by
+.IR sid ,
+incrementing its reference count by 1.
+
+.SH "RETURN VALUE"
+On success, zero is returned.  On error, \-1 is returned and
+.I errno
+is set appropriately.
+
+.SH "ERRORS"
+.TP
+.B EINVAL
+The
+.I tclass
+and/or the security contexts referenced by
+.I ssid
+and
+.I tsid
+are not recognized by the currently loaded policy, or 
+.I tsid
+or
+.I ssid
+has a zero reference count and is invalid.
+
+.TP
+.B ENOMEM
+An attempt to allocate memory failed.
+
+.SH "AUTHOR"
+Eamon Walsh <ew...@ty...>
+
+.SH "SEE ALSO"
+.BR avc_init (3),
+.BR avc_context_to_sid (3),
+.BR security_compute_create (3),
+.BR selinux (8)

Added: trunk/libselinux/man/man3/security_av_perm_to_string.3
===================================================================
--- trunk/libselinux/man/man3/security_av_perm_to_string.3	                        (rev 0)
+++ trunk/libselinux/man/man3/security_av_perm_to_string.3	2007-03-30 18:50:23 UTC (rev 2316)
@@ -0,0 +1 @@
+.so man3/security_class_to_string.3

Added: trunk/libselinux/man/man3/security_av_string.3
===================================================================
--- trunk/libselinux/man/man3/security_av_string.3	                        (rev 0)
+++ trunk/libselinux/man/man3/security_av_string.3	2007-03-30 18:50:23 UTC (rev 2316)
@@ -0,0 +1 @@
+.so man3/security_class_to_string.3

Added: trunk/libselinux/man/man3/security_class_to_string.3
===================================================================
--- trunk/libselinux/man/man3/security_class_to_string.3	                        (rev 0)
+++ trunk/libselinux/man/man3/security_class_to_string.3	2007-03-30 18:50:23 UTC (rev 2316)
@@ -0,0 +1,80 @@
+.\" Hey Emacs! This file is -*- nroff -*- source.
+.\"
+.\" Author: Eamon Walsh (ew...@ty...) 2007
+.TH "security_class_to_string" "3" "30 Mar 2007" "" "SE Linux API documentation"
+.SH "NAME"
+security_class_to_string, security_av_perm_to_string, string_to_security_class, string_to_av_perm, security_av_string \- convert
+between SELinux class and permission values and string names.
+
+.SH "SYNOPSIS"
+.B #include <selinux/selinux.h>
+.br
+.B #include <selinux/flask.h>
+.sp
+.BI "const char * security_class_to_string(security_class_t " tclass ");"
+.sp
+.BI "const char * security_av_perm_to_string(security_class_t " tclass ", access_vector_t " av ");"
+.sp
+.BI "int security_av_string(security_class_t " tclass ", access_vector_t " av ", char **" result ");"
+.sp
+.BI "security_class_t string_to_security_class(const char *" name ");"
+.sp
+.BI "access_vector_t string_to_av_perm(security_class_t " tclass ", const char *" name ");"
+
+.SH "DESCRIPTION"
+.B security_class_to_string
+returns a string name for class
+.IR tclass ,
+or NULL if the class is invalid.  The returned string must not be modified or freed.
+
+.B security_av_perm_to_string
+returns a string name for the access vector bit
+.I av
+of class
+.IR tclass ,
+or NULL if either argument is invalid.  The returned string must not be modified or freed.
+
+.B security_av_string
+computes a full access vector string representation using
+.I tclass
+and
+.IR av ,
+which may have multiple bits set.  The string is returned in the memory pointed to by
+.IR result ,
+and should be freed by the caller using
+.BR free (3).
+
+.B string_to_security_class
+returns the class value corresponding to the string name
+.IR name ,
+or zero if no such class exists.
+
+.B string_to_av_perm
+returns the access vector bit corresponding to the string name
+.I name
+and security class
+.IR tclass ,
+or zero if no such value exists.
+
+.SH "RETURN VALUE"
+.B security_av_string
+returns returns zero on success or \-1 on error with
+.I errno
+set appropriately.  All other functions return zero or NULL on error.
+
+.SH "ERRORS"
+.TP
+.B EINVAL
+A class or access vector argument is not recognized by the currently loaded policy.
+
+.TP
+.B ENOMEM
+An attempt to allocate memory failed.
+
+.SH "AUTHOR"
+Eamon Walsh <ew...@ty...>
+
+.SH "SEE ALSO"
+.BR selinux (8),
+.BR getcon (3),
+.BR getfilecon (3)

Added: trunk/libselinux/man/man3/string_to_av_perm.3
===================================================================
--- trunk/libselinux/man/man3/string_to_av_perm.3	                        (rev 0)
+++ trunk/libselinux/man/man3/string_to_av_perm.3	2007-03-30 18:50:23 UTC (rev 2316)
@@ -0,0 +1 @@
+.so man3/security_class_to_string.3

Added: trunk/libselinux/man/man3/string_to_security_class.3
===================================================================
--- trunk/libselinux/man/man3/string_to_security_class.3	                        (rev 0)
+++ trunk/libselinux/man/man3/string_to_security_class.3	2007-03-30 18:50:23 UTC (rev 2316)
@@ -0,0 +1 @@
+.so man3/security_class_to_string.3


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.

[Selinux-commits] SF.net SVN: selinux: [2331] trunk/libselinux/man/man3

[<ssm...@us...>]

Revision: 2331
          http://svn.sourceforge.net/selinux/?rev=2331&view=rev
Author:   ssmalley
Date:     2007-04-09 14:28:57 -0700 (Mon, 09 Apr 2007)

Log Message:
-----------
Tidy up man pages.

Modified Paths:
--------------
    trunk/libselinux/man/man3/avc_context_to_sid.3
    trunk/libselinux/man/man3/security_compute_av.3

Modified: trunk/libselinux/man/man3/avc_context_to_sid.3
===================================================================
--- trunk/libselinux/man/man3/avc_context_to_sid.3	2007-04-09 18:34:19 UTC (rev 2330)
+++ trunk/libselinux/man/man3/avc_context_to_sid.3	2007-04-09 21:28:57 UTC (rev 2331)
@@ -16,6 +16,7 @@
 .BI "int sidget(security_id_t " sid ");"
 .sp
 .BI "int sidput(security_id_t " sid ");"
+.sp
 .BI "int avc_get_initial_sid(const char *" name ", security_id_t *" sid ");"
 .sp
 .SH "DESCRIPTION"
@@ -48,7 +49,8 @@
 invalid and must not be used any further.
 
 .B avc_get_initial_sid
-returns a SID for the initial kernel security identifier specified by name
+returns a SID for the kernel initial security identifier specified by 
+.I name
 
 .SH "RETURN VALUE"
 .B sidget

Modified: trunk/libselinux/man/man3/security_compute_av.3
===================================================================
--- trunk/libselinux/man/man3/security_compute_av.3	2007-04-09 18:34:19 UTC (rev 2330)
+++ trunk/libselinux/man/man3/security_compute_av.3	2007-04-09 21:28:57 UTC (rev 2331)
@@ -49,7 +49,8 @@
 .B get_ordered_context_list.
 
 .B security_get_initial_context
-is used to get the context of an initial kernel security identifier by name.
+is used to get the context of a kernel initial security identifier specified by 
+.I name
 
 .B checkPasswdAccess
 This functions is a helper functions that allows you to check for a permission in the passwd class. checkPasswdAccess uses getprevcon() for the source and target security contexts.


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.

[Selinux-commits] SF.net SVN: selinux: [2801] trunk/libselinux/man/man3

[<ew...@us...>]

Revision: 2801
          http://selinux.svn.sourceforge.net/selinux/?rev=2801&view=rev
Author:   ewalsh
Date:     2008-02-08 10:09:01 -0800 (Fri, 08 Feb 2008)

Log Message:
-----------
Man page redirect and blurb for security_compute_member().

Modified Paths:
--------------
    trunk/libselinux/man/man3/security_compute_av.3

Added Paths:
-----------
    trunk/libselinux/man/man3/security_compute_member.3

Modified: trunk/libselinux/man/man3/security_compute_av.3
===================================================================
--- trunk/libselinux/man/man3/security_compute_av.3	2008-02-08 18:03:06 UTC (rev 2800)
+++ trunk/libselinux/man/man3/security_compute_av.3	2008-02-08 18:09:01 UTC (rev 2801)
@@ -1,7 +1,7 @@
 .TH "security_compute_av" "3" "1 January 2004" "ru...@co..." "SELinux API documentation"
 .SH "NAME"
 security_compute_av, security_compute_create, security_compute_relabel,
-security_compute_user, security_get_initial_context \- query
+security_compute_member, security_compute_user, security_get_initial_context \- query
 the SELinux policy database in the kernel.
 
 .SH "SYNOPSIS"
@@ -15,6 +15,8 @@
 .sp
 .BI "int security_compute_relabel(security_context_t "scon ", security_context_t "tcon ", security_class_t "tclass ", security_context_t *" newcon );
 .sp
+.BI "int security_compute_member(security_context_t "scon ", security_context_t "tcon ", security_class_t "tclass ", security_context_t *" newcon );
+.sp
 .BI "int security_compute_user(security_context_t "scon ", const char *" username ", security_context_t **" con );
 .sp
 .BI "int security_get_initial_context(const char *" name ", security_context_t
@@ -43,6 +45,10 @@
 in the pam_selinux.so source and the newrole source to determine the correct
 label for the tty at login time, but can be used for other things.
 
+.B security_compute_member
+is used to compute the context to use when labeling a polyinstantiated object
+instance.
+
 .B security_compute_user
 is used to determine the set of user contexts that can be reached from a
 source context. Is mainly used by

Added: trunk/libselinux/man/man3/security_compute_member.3
===================================================================
--- trunk/libselinux/man/man3/security_compute_member.3	                        (rev 0)
+++ trunk/libselinux/man/man3/security_compute_member.3	2008-02-08 18:09:01 UTC (rev 2801)
@@ -0,0 +1 @@
+.so man3/security_compute_av.3


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.

[Selinux-commits] SF.net SVN: selinux: [2859] trunk/libselinux/man/man3

[<ssm...@us...>]

Revision: 2859
          http://selinux.svn.sourceforge.net/selinux/?rev=2859&view=rev
Author:   ssmalley
Date:     2008-03-31 07:21:13 -0700 (Mon, 31 Mar 2008)

Log Message:
-----------
Author: Jim Meyering
Email: ji...@me...
Subject: doc typo fix: s/behaviors/behavior/
Date: Sat, 29 Mar 2008 19:23:35 +0100

Here's a tiny typo fix:

Acked-by:  Stephen Smalley <sd...@ty...>

Modified Paths:
--------------
    trunk/libselinux/man/man3/getexeccon.3
    trunk/libselinux/man/man3/getfscreatecon.3

Modified: trunk/libselinux/man/man3/getexeccon.3
===================================================================
--- trunk/libselinux/man/man3/getexeccon.3	2008-03-24 20:19:06 UTC (rev 2858)
+++ trunk/libselinux/man/man3/getexeccon.3	2008-03-31 14:21:13 UTC (rev 2859)
@@ -34,7 +34,7 @@
 
 
 Note: Signal handlers that perform an execve must take care to
-save, reset, and restore the exec context to avoid unexpected behaviors.
+save, reset, and restore the exec context to avoid unexpected behavior.
 
 
 .B rpm_execcon

Modified: trunk/libselinux/man/man3/getfscreatecon.3
===================================================================
--- trunk/libselinux/man/man3/getfscreatecon.3	2008-03-24 20:19:06 UTC (rev 2858)
+++ trunk/libselinux/man/man3/getfscreatecon.3	2008-03-31 14:21:13 UTC (rev 2859)
@@ -29,7 +29,7 @@
 
 
 Note: Signal handlers that perform an setfscreate must take care to
-save, reset, and restore the fscreate context to avoid unexpected behaviors.
+save, reset, and restore the fscreate context to avoid unexpected behavior.
 .SH "RETURN VALUE"
 On error -1 is returned.
 On success 0 is returned.


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.