audit_log_semanage_message(3) [centos man page]
AUDIT_LOG_SEMANAGE_MESSAGE(3) Linux Audit API AUDIT_LOG_SEMANAGE_MESSAGE(3) NAME
audit_log_semanage_message - log a semanage message SYNOPSIS
#include <libaudit.h> int audit_log_semanage_message(int audit_fd, int type, const char *pgname, const char *op, const char *name, unsigned int id, const char *new_seuser, const char *new_role, const char *new_range, const char *old_seuser, const char *old_role, const char *old_range, const char *host, const char *addr, const char *tty, int result) DESCRIPTION
This function will log a message to the audit system using a predefined message format. It should be used for all SE linux user and role manipulation operations. The function parameters are as follows: audit_fd - The fd returned by audit_open type - type of message: AUDIT_ROLE_ASSIGN/REMOVE for changing any SE Linux user or role attributes. pgname - program's name op - operation. "adding-user", "adding-role", "deleting-user", "deleting-role" name - user's account. If not available use NULL. id - uid that the operation is being performed on. This is used only when name is NULL. new_seuser - the new seuser that the login user is getting new_role - the new_role that the login user is getting new_range - the new mls range that the login user is getting old_seuser - the old seuser that the login usr had old_role - the old role that the login user had old_range - the old mls range that the login usr had host - The hostname if known addr - The network address of the user tty - The tty of the user result - 1 is "success" and 0 is "failed" RETURN VALUE
It returns the sequence number which is > 0 on success or <= 0 on error. ERRORS
This function returns -1 on failure. Examine errno for more info. SEE ALSO
audit_log_user_message(3), audit_log_acct_message(3), audit_log_user_avc_message(3), audit_log_user_comm_message(3). AUTHOR
Steve Grubb Red Hat Jan 2012 AUDIT_LOG_SEMANAGE_MESSAGE(3)
Check Out this Related Man Page
get_ordered_context_list(3) SELinux get_ordered_context_list(3) NAME
get_ordered_context_list, get_ordered_context_list_with_level, get_default_context, get_default_context_with_level, get_default_con- text_with_role, get_default_context_with_rolelevel, query_user_context, manual_user_enter_context, get_default_role - determine SELinux context(s) for user sessions SYNOPSIS
#include <selinux/selinux.h> #include <selinux/get_context_list.h> int get_ordered_context_list(const char *user, security_context_t fromcon, security_context_t **list); int get_ordered_context_list_with_level(const char *user, const char *level, security_context_t fromcon, security_context_t **list); int get_default_context(const char *user, security_context_t fromcon, security_context_t *newcon); int get_default_context_with_level(const char *user, const char *level, security_context_t fromcon, security_context_t *newcon); int get_default_context_with_role(const char* user, const char *role, security_context_t fromcon, security_context_t *newcon); int get_default_context_with_rolelevel(const char* user, const char* level, const char *role, security_context_t fromcon, security_con- text_t *newcon); int query_user_context(security_context_t *list, security_context_t *newcon); int manual_user_enter_context(const char *user, security_context_t *newcon); int get_default_type(const char *role, char **type); DESCRIPTION
get_ordered_context_list invokes the security_compute_user function to obtain the list of contexts for the specified user that are reach- able from the specified fromcon context. The function then orders the resulting list based on the global /etc/selinux/<SELINUXTYPE>/con- texts/default_contexts file and the per-user /etc/selinux/<SELINUXTYPE>/contexts/users/<username> file if it exists. The fromcon parameter may be NULL to indicate that the current context should be used. The function returns the number of contexts in the list, or -1 upon errors. The list must be freed using the freeconary function. get_ordered_context_list_with_level invokes the get_ordered_context_list function and applies the specified level. get_default_context is the same as get_ordered_context_list but only returns a single context which has to be freed with freecon. get_default_context_with_level invokes the get_default_context function and applies the specified level. get_default_context_with_role is the same as get_default_context but only returns a context with the specified role, returning -1 if no such context is reachable for the user. get_default_context_with_rolelevel invokes the get_default_context_with_role function and applies the specified level. query_user_context takes a list of contexts, queries the user via stdin/stdout as to which context they want, and returns a new context as selected by the user (which has to be freed with freecon). manual_user_enter_context allows the user to manually enter a context as a fallback if a list of authorized contexts could not be obtained. Caller must free via freecon. get_default_type Get the default type (domain) for 'role' and set 'type' to refer to it, which has to be freed with free. RETURN VALUE
get_ordered_context_list and get_ordered_context_list_with_level return the number of contexts in the list upon success or -1 upon errors. The other functions return 0 for success or -1 for errors. SEE ALSO
selinux(8), freeconary(3), freecon(3), security_compute_av(3),getseuserbyname"(3)" russell@coker.com.au 1 January 2004 get_ordered_context_list(3)