bionic (3) selinux_raw_context_to_color.3.gz

Provided by: libselinux1-dev_2.7-2build2_amd64 bug

NAME
       selinux_raw_context_to_color - Return RGB color string for an SELinux security context


SYNOPSIS
       #include <selinux/selinux.h>

       int selinux_raw_context_to_color(char *raw,
              char **color_str);


DESCRIPTION
       selinux_raw_context_to_color()  returns  a  color_str associated to the raw context raw provided that the
       mcstransd(8) daemon is running, the policy is an MLS type policy (MCS  or  MLS)  and  there  is  a  color
       configuration file secolor.conf(5) (see the FILES section).

       The  color_str string is a space separated list of eight hexadecimal RGB triples, each prefixed by a hash
       character (#). These represent the user:role:type:range  components  of  the  foreground  and  background
       colors. An example string is shown in the EXAMPLE section.

       The returned color_str string must be freed with free(3).

       If a color has not been configured for a specific user, role, type and/or range component of context raw,
       then selinux_raw_context_to_color() will select the color returned in color_str in order of precedence as
       follows:
              role, type, range
              user, type, range
              user, role, range
              user, role, type

       If there are no entries in the secolor.conf(5) file for any of the components of context raw (or the file
       is not present), then the default string returned in color_str is:

              ----- user ---- ---- role ----  ---- type ----  ---- range ----
              #000000 #ffffff #000000 #ffffff #000000 #ffffff #000000 #ffffff


RETURN VALUE
       On success, zero is returned.
       On failure, -1 is returned with errno set appropriately.


ERRORS
       ENOENT If the mcstransd(8) daemon is not running.


FILES
       selinux_raw_context_to_color() obtains the translated entry from the active policy  secolor.conf(5)  file
       as returned by selinux_colors_path(3).  The file format is described in secolor.conf(5).


NOTES
       1.  The  primary  use of selinux_raw_context_to_color() is to return a color that corresponds to a range,
       that can then be used to highlight information at different MLS levels.

       2. The mcstransd(8) daemon process security level must dominate the raw security level passed  to  it  by
       the  selinux_raw_context_to_color()  function. If not, the range color selected will be as defined by the
       order of precedence.


EXAMPLE
       selinux_raw_context_to_color() returns the  foreground  and  background  colors  of  the  context  string
       components (user:role:type:range) as RGB triples as follows:

             user     :       role      :      type      :      range
         fg       bg  :   fg       bg   :  fg       bg   :  fg       bg
       #000000 #ffffff  #ffffff #000000  #d2b48c #ffa500  #000000 #008000
        black   white :  white   black  : tan    orange  : black   green


SEE ALSO
       selinux(8), selinux_colors_path(3), mcstransd(8), secolor.conf(5), selinux_raw_to_trans_context(3),
       selinux_trans_to_raw_context(3), free(3)