Provided by: libselinux1-dev_3.7-3ubuntu1_amd64 bug

NAME

       getfscreatecon, setfscreatecon - get or set the SELinux security context used for creating
       a new file system object

SYNOPSIS

       #include <selinux/selinux.h>

       int getfscreatecon(char **con);

       int getfscreatecon_raw(char **con);

       int setfscreatecon(const char *context);

       int setfscreatecon_raw(const char *context);

DESCRIPTION

       getfscreatecon() retrieves the context used for creating a new file system  object.   This
       returned  context should be freed with freecon(3) if non-NULL.  getfscreatecon() sets *con
       to NULL if no fscreate context has been explicitly set by  the  program  (i.e.  using  the
       default policy behavior).

       setfscreatecon() sets the context used for creating a new file system object.  NULL can be
       passed to setfscreatecon() to reset to the default policy behavior.  The fscreate  context
       is  automatically  reset after the next execve(2), so a program doesn't need to explicitly
       sanitize it upon startup.

       setfscreatecon() can be applied prior to library functions that internally perform an file
       creation, in order to set an file context on the objects.

       getfscreatecon_raw()   and   setfscreatecon_raw()  behave  identically  to  their  non-raw
       counterparts but do not perform context translation.

       Note: Signal handlers that perform a setfscreatecon() must take care to save,  reset,  and
       restore the fscreate context to avoid unexpected behavior.

       Note: Contexts are thread specific.

RETURN VALUE

       On error -1 is returned.  On success 0 is returned.

SEE ALSO

       selinux(8), freecon(3), getcon(3), getexeccon(3)