Provided by: selinux-utils_2.1.0-4.1ubuntu1_amd64 bug

NAME

       selabel_file - userspace SELinux labeling interface: file contexts backend.

SYNOPSIS

       #include <selinux/selinux.h>

       #include <selinux/label.h>

       int selabel_lookup(struct selabel_handle *hnd,
                          security_context_t *context,

                          const char *path, int mode);

DESCRIPTION

       The file contexts backend maps from pathname/mode combinations into security contexts.  It
       is used to find the appropriate context for each file when relabeling a file system.

       The path argument should be set to the full pathname of the file whose assigned context is
       being  checked.   The  mode  argument  should  be  set  to  the  mode bits of the file, as
       determined by lstat(2).

OPTIONS

       In addition to the global options described in selabel_open(3),  this  backend  recognizes
       the following options:

       SELABEL_OPT_PATH
              A  non-null value for this option specifies a path to a file that will be opened in
              lieu of the standard file contexts file.  This value is also used as the base  name
              for determining the names of local customization files.

       SELABEL_OPT_BASEONLY
              A  non-null  value  for  this option indicates that any local customizations to the
              file contexts mapping should be ignored.

       SELABEL_OPT_SUBSET
              A non-null value for this option is interpreted  as  a  path  prefix,  for  example
              "/etc".   Only  file  context  specifications  starting  with  the given prefix are
              loaded.  This may increase lookup performance, however any attempt  to  look  up  a
              path not starting with the given prefix will fail.

SEE ALSO

       selabel_open(3), selabel_lookup(3), selabel_stats(3), selinux(8)

                                           18 Jun 2007                            selabel_file(5)