security_compute_create man page on Scientific

Man page or keyword search:  
man Server   26626 pages
apropos Keyword Search (all sections)
Output format
Scientific logo
[printable version]

security_compute_av(3)	   SELinux API documentation	security_compute_av(3)

       security_compute_av,  security_compute_av_flags,	 security_compute_cre‐
       ate, security_compute_relabel,  security_compute_member,	 security_com‐
       pute_user,  security_get_initial_context	 -  query  the	SELinux policy
       database in the kernel.

       #include <selinux/selinux.h>

       #include <selinux/flask.h>

       int  security_compute_av(security_context_t  scon,   security_context_t
       tcon,   security_class_t	  tclass,  access_vector_t  requested,	struct
       av_decision *avd);

       int  security_compute_av_flags(security_context_t  scon,	 security_con‐
       text_t tcon, security_class_t tclass, access_vector_t requested, struct
       av_decision *avd);

       int security_compute_create(security_context_t scon, security_context_t
       tcon, security_class_t tclass, security_context_t *newcon);

       int   security_compute_relabel(security_context_t  scon,	 security_con‐
       text_t tcon, security_class_t tclass, security_context_t *newcon);

       int security_compute_member(security_context_t scon, security_context_t
       tcon, security_class_t tclass, security_context_t *newcon);

       int  security_compute_user(security_context_t  scon,  const char *user‐
       name, security_context_t **con);

       int security_get_initial_context(const char  *name,  security_context_t

       int selinux_check_passwd_access(access_vector_t requested);

       int checkPasswdAccess(access_vector_t requested);

       security_compute_av  queries whether the policy permits the source con‐
       text scon to access the target context tcon via class tclass  with  the
       requested access vector.	 The decision is returned in avd.

       security_compute_av_flags is identical to security_compute_av but addi‐
       tionally sets the flags field of avd.  Currently one flag is supported:
       SELINUX_AVD_FLAGS_PERMISSIVE,  which indicates the decision is computed
       on a permissive domain.

       security_compute_create is used to compute a context to use for	label‐
       ing a new object in a particular class based on a SID pair.

       security_compute_relabel is used to compute the new context to use when
       relabeling an object, it is used in the source  and  the
       newrole	source	to  determine  the  correct label for the tty at login
       time, but can be used for other things.

       security_compute_member is used to compute  the	context	 to  use  when
       labeling a polyinstantiated object instance.

       security_compute_user  is  used	to  determine the set of user contexts
       that can be reached from	 a  source  context.  It  is  mainly  used  by

       security_get_initial_context  is	 used  to  get the context of a kernel
       initial security identifier specified by name

       selinux_check_passwd_access is used to check for a  permission  in  the
       passwd  class.	selinux_check_passwd_access  uses getprevcon() for the
       source and target security contexts.

       checkPasswdAccess     is	    a	  deprecated	 alias	   of	   the
       selinux_check_passwd_access function.

       Returns zero on success or -1 on error.

       selinux(8), getcon(3), getfilecon(3), get_ordered_context_list(3)		1 January 2004		security_compute_av(3)

List of man pages available for Scientific

Copyright (c) for man pages and the logo by the respective OS vendor.

For those who want to learn more, the polarhome community provides shell access and support.

[legal] [privacy] [GNU] [policy] [cookies] [netiquette] [sponsors] [FAQ]
Polarhome, production since 1999.
Member of Polarhome portal.
Based on Fawad Halim's script.
Vote for polarhome
Free Shell Accounts :: the biggest list on the net