Home | History | Annotate | Download | only in man5 
 Hey Emacs! This file is -*- nroff -*- source.

 Author: Eamon Walsh (ewalsh (at] tycho.nsa.gov) 2007
 "selabel_x" "5" "29  2011" "Security Enhanced Linux" " API SELinux"
 ""
selabel_x -    SELinux              X Window System.          ,       X
.

 ""
 #include <selinux/label.h>  "int selabel_lookup(struct selabel_handle *" hnd ,  "char **" context ,  "const char *" object_name ", int " object_type ");"  "int selabel_lookup_raw(struct selabel_handle *" hnd ,  "char **" context ,  "const char *" object_name ", int " object_type ");" .

 ""
   X    X Window System   .          X Window System,  /       .    context   freecon(3).
selabel_lookup(3)         .
         ,        X.
  object_type      :




 SELABEL_X_PROP 
 object_name    , , "WM_NAME".


 SELABEL_X_SELN 
 object_name   , , "PRIMARY".


 SELABEL_X_EXT 
 object_name    , , "RENDER".


 SELABEL_X_EVENT 
 object_name    , , "X11:ButtonPress".


 SELABEL_X_CLIENT 
 object_name ,       * (, ' ':     ),   ,   "remote"    X,     .        ,      X.


 SELABEL_X_POLYPROP  
 SELABEL_X_PROP ,  ,      . .  .


 SELABEL_X_POLYSELN 
 SELABEL_X_SELN ,  ,      . .  .


 ,  selabel_lookup(3),     stderr.       selinux_set_callback(3).
 selabel_lookup_raw   selabel_lookup,     .
      ,       .
.

 ""
  ,     selabel_open(3),      :




 SELABEL_OPT_PATH   ,   null,    ,         (  .   ).


.

 ""
,           ,    SELABEL_OPT_PATH,   selabel_open(3).  NULL,   SELABEL_OPT_PATH         ( selinux_x_context_path(3)).         SELABEL_OPT_PATH.
     :


 /etc/selinux/{SELINUXTYPE}/contexts/x_contexts 

 {SELINUXTYPE} -     selinux config (. selinux_config(5)).
,     X,          .
.

 "   "
 ,   object_type,       X:





object_type@ 
SELABEL_X_PROP@property
SELABEL_X_SELN@selection
SELABEL_X_EXT@extension
SELABEL_X_EVENT@event
SELABEL_X_CLIENT@client
SELABEL_X_POLYPROP@poly_property
SELABEL_X_POLYSELN@poly_selection

.

 " "
     X   :


 object_type object_name context 

:


 object_type 

    ,       .
        object_type    (    object_name).


 object_name 

      X, ,
PRIMARY, CUT_BUFFER0  ..        X (protocol.txt  BuiltInAtoms  
dix   xorg-server).
     '*'  '?'       .
 ,    '*'     . '*'      ,       ,        object_type.


 context 

 ,     .




 1:

# object_type object_name context
selection PRIMARY system_u:object_r:clipboard_xselection_t:s0
selection * system_u:object_r:xselection_t:s0


 2 -   ,       ,    :

# object_type object_name context
client * system_u:object_r:remote_t:s0


.

 ""
 "1." 4
       .      "POLY"    ,    ,          ,     .          ()      (,   ).

 "2." 4
    ,     SELABEL_OPT_VALIDATE   selabel_open(3).     ,     .
.

 " "
.ad l
.nh
 selinux "(8), " selabel_open "(3), " selabel_lookup "(3), " selabel_stats "(3), " selabel_close "(3), " selinux_set_callback "(3), " selinux_x_context_path "(3), " freecon "(3), " selinux_config "(5) " 


 
       <gammaray (at] basealt.ru>.