Provided by: libselinux1-dev_2.1.0-4.1ubuntu1_amd64 bug

NAME

       getsockcreatecon,  setsockcreatecon  -  get  or  set the SELinux security context used for
       creating a new labeled sockets.

SYNOPSIS

       #include <selinux/selinux.h>

       int getsockcreatecon(security_context_t *con);

       int setsockcreatecon(security_context_t context);

DESCRIPTION

       getsockcreatecon retrieves the context used for creating a  new  labeled  network  socket.
       This  returned  context  should  be freed with freecon if non-NULL.  getsockcreatecon sets
       *con to NULL if no sockcreate context has been explicitly set by the program  (i.e.  using
       the default policy behavior).

       setsockcreatecon sets the context used for creating a new labeled network sockets NULL can
       be passed to setsockcreatecon to reset to the default  policy  behavior.   The  sockcreate
       context  is  automatically  reset  after  the  next  execve,  so a program doesn't need to
       explicitly sanitize it upon startup.

       setsockcreatecon can be applied prior to library functions that internally perform an file
       creation, in order to set an file context on the objects.

       Note:  Signal  handlers  that  perform an setsockcreate must take care to save, reset, and
       restore the sockcreate context to avoid unexpected behavior.

RETURN VALUE

       On error -1 is returned.  On success 0 is returned.

SEE ALSO

       selinux(8), freecon(3), getcon(3)

dwalsh@redhat.com from russell@coker.com24uSeptember 2008                     getsockcreatecon(3)