1.\" Copyright (c) 2001 Networks Associates Technology, Inc. 2.\" All rights reserved. 3.\" 4.\" This software was developed for the FreeBSD Project by Chris 5.\" Costello at Safeport Network Services and NAI Labs, the Security 6.\" Research Division of Network Associates, Inc. under DARPA/SPAWAR 7.\" contract N66001-01-C-8035 ("CBOSS"), as part of the DARPA CHATS 8.\" research program. 9.\" 10.\" Redistribution and use in source and binary forms, with or without 11.\" modification, are permitted provided that the following conditions 12.\" are met: 13.\" 1. Redistributions of source code must retain the above copyright 14.\" notice, this list of conditions and the following disclaimer. 15.\" 2. Redistributions in binary form must reproduce the above copyright 16.\" notice, this list of conditions and the following disclaimer in the 17.\" documentation and/or other materials provided with the distribution. 18.\" 19.\" THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND 20.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 21.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 22.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE 23.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 24.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 25.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 26.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 27.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29.\" SUCH DAMAGE. 30.\" 31.\" $FreeBSD$ 32.\" 33.Dd December 21, 2001 34.Dt MAC_GET 3 35.Os 36.Sh NAME 37.Nm mac_get_file , 38.Nm mac_get_fd , 39.Nm mac_get_proc 40.Nd get the label of a file, socket, socket peer or process 41.Sh LIBRARY 42.Lb libc 43.Sh SYNOPSIS 44.In sys/mac.h 45.Ft int 46.Fn mac_get_file "const char *path" "mac_t label" 47.Ft int 48.Fn mac_get_fd "int fd" "mac_t label" 49.Ft int 50.Fn mac_get_pid "pid_t pid" "mac_t label" 51.Ft int 52.Fn mac_get_proc "mac_t label" 53.Sh DESCRIPTION 54The 55.Fn mac_get_file 56and 57.Fn mac_get_fd 58functions fill in 59.Fa label 60(which must first be allocated by 61.Xr mac_prepare 3 ) 62with the MAC label associated with the file referenced by 63.Fa path 64or the file descriptor specified by 65.Fa fd , 66respectively. 67Note that this function will fail on socket descriptors. 68For information on 69getting MAC labels on socket descriptors see 70.Xr getsockopt 2 . 71.Pp 72The 73.Fn mac_get_proc 74and 75.Fn mac_get_pid 76functions fill in 77.Fa label 78(which must first be allocated by 79.Xr mac_prepare 3 ) 80with the MAC label associated 81with the requesting process 82or the specified process, respectively. 83.Sh ERRORS 84.Bl -tag -width Er 85.It Bq Er EACCES 86A component of 87.Fa path 88is not searchable, 89or MAC read access to the file 90is denied. 91.It Bq Er ENAMETOOLONG 92The pathname pointed to by 93.Fa path 94exceeds 95.Dv PATH_MAX , 96or a component of the pathname exceeds 97.Dv NAME_MAX . 98.It Bq Er ENOENT 99A component of 100.Fa path 101does not exist. 102.It Bq Er ENOMEM 103Insufficient memory is available 104to allocate a new MAC label structure. 105.It Bq Er ENOTDIR 106A component of 107.Fa path 108is not a directory. 109.El 110.Sh SEE ALSO 111.Xr mac 3 , 112.Xr mac_free 3 , 113.Xr mac_text 3 , 114.Xr mac_prepare 3 , 115.Xr mac_set 3 , 116.Xr mac 4 , 117.Xr mac 9 118.Sh STANDARDS 119POSIX.1e is described in IEEE POSIX.1e draft 17. 120Discussion of the draft 121continues on the cross-platform POSIX.1e implementation mailing list. 122To join this list, see the 123.Fx 124POSIX.1e implementation page 125for more information. 126.Sh HISTORY 127Support for Mandatory Access Control was introduced in 128.Fx 5.0 129as part of the 130.Tn TrustedBSD 131Project. 132