Hey Emacs! This file is -*- nroff -*- source.
Author: Eamon Walsh (ewalsh (at] tycho.nsa.gov) 2007
<gammaray (at] basealt.ru>.
Author: Eamon Walsh (ewalsh (at] tycho.nsa.gov) 2007
"selabel_media" "5" "29 2011" "Security Enhanced Linux" " API SELinux"
""
selabel_media - SELinux
.
""
#include <selinux/label.h> "int selabel_lookup(struct selabel_handle *" hnd , "char **" context , "const char *" device_name ", int " unused ");" "int selabel_lookup_raw(struct selabel_handle *" hnd , "char **" context , "const char *" device_name ", int " unused ");" .
""
, , "cdrom" "floppy", . . context freecon(3).
selabel_lookup(3) .
, .
, selabel_lookup(3), stderr. selinux_set_callback(3).
selabel_lookup_raw (3) selabel_lookup(3), .
, .
.
""
, selabel_open(3), :
SELABEL_OPT_PATH , null, , media. .
""
, , SELABEL_OPT_PATH, selabel_open\FR(3). NULL, SELABEL_OPT_PATH ( selinux_media_context_path(3)). SELABEL_OPT_PATH.
:
/etc/selinux/{SELINUXTYPE}/contexts/files/media
{SELINUXTYPE} - selinux config (. selinux_config(5)).
.
" "
media :
device_name context
:
device_name
(, cdrom, floppy, disk usb).
context
, .
:
# contexts/files/media
cdrom system_u:object_r:removable_device_t
floppy system_u:object_r:removable_device_t
disk system_u:object_r:fixed_disk_device_t
.
""
, SELABEL_OPT_VALIDATE selabel_open(3). , .
.
" "
.ad l
.nh
selinux "(8), " selabel_open "(3), " selabel_lookup "(3), " selabel_stats "(3), " selabel_close "(3), " selinux_set_callback "(3), " selinux_media_context_path "(3), " freecon "(3), " selinux_config "(5) "
