Provided by: libselinux1-dev_2.1.0-4.1ubuntu1_amd64 bug

NAME

       matchpathcon,  matchpathcon_index  -  get  the  default  SELinux  security context for the
       specified path from the file contexts configuration.

SYNOPSIS

       #include <selinux/selinux.h>

       int matchpathcon_init(const char *path);

       int matchpathcon_init_prefix(const char *path, const char *subset);

       int matchpathcon_fini(void);

       int matchpathcon(const char *path, mode_t mode, security_context_t *con);

       int matchpathcon_index(const char *name, mode_t mode, security_context_t * con);

DESCRIPTION

       matchpathcon_init loads the file contexts configuration specified by path into memory  for
       use  by  subsequent  matchpathcon  calls.   If path is NULL, then the active file contexts
       configuration    is    loaded    by    default,    i.e.    the    path     returned     by
       selinux_file_context_path(3).   Unless  the  MATCHPATHCON_BASEONLY  flag  has been set via
       set_matchpathcon_flags(3), files with the same path prefix  but  a  .homedirs  and  .local
       suffix  are  also  looked  up  and  loaded  if  present.   These files provide dynamically
       generated entries for user home directories and for local customizations.

       matchpathcon_init_prefix is the same as matchpathcon_init  but  only  loads  entries  with
       regular expressions that have stems prefixed by prefix.

       matchpathcon_fini  frees  the memory allocated by a prior call to matchpathcon_init.  This
       function  can  be  used  to  free  and  reset  the   internal   state   between   multiple
       matchpathcon_init calls, or to free memory when finished using matchpathcon.

       matchpathcon   matches   the  specified  pathname  and  mode  against  the  file  contexts
       configuration and sets the security context con to refer to  the  resulting  context.  The
       caller  must  free  the returned security context con using freecon(3) when finished using
       it.  mode can be 0 to disable mode matching, but should be provided whenever possible,  as
       it  may  affect  the matching.  Only the file format bits (i.e. the file type) of the mode
       are used.  If matchpathcon_init has not already been called, then this function will  call
       it  upon  its  first  invocation  with a NULL path, defaulting to the active file contexts
       configuration.

       matchpathcon_index is the same as matchpathcon but returns a specification index that  can
       later be used in a matchpathcon_filespec_add(3) call.

RETURN VALUE

       Returns zero on success or -1 otherwise.

SEE ALSO

       selinux(8),           set_matchpathcon_flags(3),           set_matchpathcon_invalidcon(3),
       set_matchpathcon_printf(3),  matchpathcon_filespec_add(3),   matchpathcon_checkmatches(3),
       freecon(3), setfilecon(3), setfscreatecon(3)