set_matchpathcon_flags(3) SELinux API documentation set_matchpathcon_flags(3)
NAME
set_matchpathcon_flags, set_matchpathcon_invalidcon, set_matchpathcon_printf - set flags controlling the operation of matchpathcon or
matchpathcon_index and configure the behaviour of validity checking and error displaying
SYNOPSIS
#include <selinux/selinux.h>
void set_matchpathcon_flags(unsigned int flags);
void set_matchpathcon_invalidcon(int (*f)(const char *path, unsigned lineno, char *context));
void set_matchpathcon_printf(void (*f)(const char *fmt, ...));
DESCRIPTION
set_matchpathcon_flags() sets the flags controlling the operation of matchpathcon_init(3) and subsequently matchpathcon_index(3) or match-
pathcon(3). If the MATCHPATHCON_BASEONLY flag is set, then only the base file contexts configuration file will be processed, not any
dynamically generated entries or local customizations.
set_matchpathcon_invalidcon() sets the function used by matchpathcon_init(3) when checking the validity of a context in the file contexts
configuration. If not set, then this defaults to a test based on security_check_context(3), which checks validity against the active pol-
icy on a SELinux system. This can be set to instead perform checking based on a binary policy file, e.g. using sepol_check_context(3), as
is done by setfiles -c. The function is also responsible for reporting any such error, and may include the path and lineno in such error
messages.
set_matchpathcon_printf() sets the function used by matchpathcon_init(3) when displaying errors about the file contexts configuration. If
not set, then this defaults to fprintf(stderr, fmt, ...). This can be set to redirect error reporting to a different destination.
RETURN VALUE
Returns zero on success or -1 otherwise.
SEE ALSO
selinux(8), matchpathcon(3), matchpathcon_index(3), set_matchpathcon_invalidcon(3), set_matchpathcon_printf(3), freecon(3), setfilecon(3),
setfscreatecon(3)
sds@tycho.nsa.gov 21 November 2009 set_matchpathcon_flags(3)
