Provided by: libselinux1-dev_2.2.2-1ubuntu0.1_amd64 bug

NAME

       matchpathcon,  matchpathcon_index  -  get  the  default  SELinux  security context for the
       specified path from the file contexts configuration

SYNOPSIS

       #include <selinux/selinux.h>

       int matchpathcon_init(const char *path);

       int matchpathcon_init_prefix(const char *path, const char *subset);

       int matchpathcon_fini(void);

       int matchpathcon(const char *path, mode_t mode, security_context_t *con);

       int matchpathcon_index(const char *name, mode_t mode, security_context_t *con);

DESCRIPTION

       matchpathcon_init() loads the file contexts configuration specified by  path  into  memory
       for  use  by  subsequent  matchpathcon()  calls.   If  path  is NULL, then the active file
       contexts   configuration   is   loaded   by   default,   i.e.   the   path   returned   by
       selinux_file_context_path(3).   Unless  the  MATCHPATHCON_BASEONLY  flag  has been set via
       set_matchpathcon_flags(3), files with the same path prefix  but  a  .homedirs  and  .local
       suffix  are  also  looked  up  and  loaded  if  present.   These files provide dynamically
       generated entries for user home directories and for local customizations.

       matchpathcon_init_prefix() is the same as matchpathcon_init() but only loads entries  with
       regular expressions that have stems prefixed by prefix.

       matchpathcon_fini()  frees  the  memory  allocated by a prior call to matchpathcon_init.()
       This function can  be  used  to  free  and  reset  the  internal  state  between  multiple
       matchpathcon_init() calls, or to free memory when finished using matchpathcon().

       matchpathcon()  matches  the  specified  pathname  and  mode  against  the  file  contexts
       configuration and sets the security context con to refer to  the  resulting  context.  The
       caller  must  free  the returned security context con using freecon(3) when finished using
       it.  mode can be 0 to disable mode matching, but should be provided whenever possible,  as
       it  may  affect  the matching.  Only the file format bits (i.e. the file type) of the mode
       are used.  If matchpathcon_init() has not already been called,  then  this  function  will
       call it upon its first invocation with a NULL path, defaulting to the active file contexts
       configuration.

       matchpathcon_index() is the same as matchpathcon() but returns a specification index  that
       can later be used in a matchpathcon_filespec_add(3) call.

RETURN VALUE

       Returns zero on success or -1 otherwise.

SEE ALSO

       selinux(8), set_matchpathcon_flags(3), set_matchpathcon_invalidcon(3),
       set_matchpathcon_printf(3), matchpathcon_filespec_add(3), matchpathcon_checkmatches(3),
       freecon(3), setfilecon(3), setfscreatecon(3)