Provided by: libselinux1-dev_2.1.0-4.1ubuntu1_amd64
getsockcreatecon, setsockcreatecon - get or set the SELinux security context used for creating a new labeled sockets.
#include <selinux/selinux.h> int getsockcreatecon(security_context_t *con); int setsockcreatecon(security_context_t context);
getsockcreatecon retrieves the context used for creating a new labeled network socket. This returned context should be freed with freecon if non-NULL. getsockcreatecon sets *con to NULL if no sockcreate context has been explicitly set by the program (i.e. using the default policy behavior). setsockcreatecon sets the context used for creating a new labeled network sockets NULL can be passed to setsockcreatecon to reset to the default policy behavior. The sockcreate context is automatically reset after the next execve, so a program doesn't need to explicitly sanitize it upon startup. setsockcreatecon can be applied prior to library functions that internally perform an file creation, in order to set an file context on the objects. Note: Signal handlers that perform an setsockcreate must take care to save, reset, and restore the sockcreate context to avoid unexpected behavior.
On error -1 is returned. On success 0 is returned.
selinux(8), freecon(3), getcon(3) firstname.lastname@example.org from email@example.comSeptember 2008 getsockcreatecon(3)