1.\" Copyright (c) 2003 Networks Associates Technology, Inc. 2.\" All rights reserved. 3.\" 4.\" This software was developed for the FreeBSD Project by Chris 5.\" Costello at Safeport Network Services and Network Associates 6.\" Laboratories, the Security Research Division of Network Associates, 7.\" Inc. under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part 8.\" of the DARPA CHATS research program. 9.\" 10.\" Redistribution and use in source and binary forms, with or without 11.\" modification, are permitted provided that the following conditions 12.\" are met: 13.\" 1. Redistributions of source code must retain the above copyright 14.\" notice, this list of conditions and the following disclaimer. 15.\" 2. Redistributions in binary form must reproduce the above copyright 16.\" notice, this list of conditions and the following disclaimer in the 17.\" documentation and/or other materials provided with the distribution. 18.\" 19.\" THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND 20.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 21.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 22.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE 23.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 24.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 25.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 26.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 27.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29.\" SUCH DAMAGE. 30.\" 31.\" $FreeBSD$ 32.Dd JANUARY 5, 2003 33.Os 34.Dt LIBUGIDFW 3 35.Sh NAME 36.Nm libugidfw 37.Nd library interface to the file system firewall MAC policy 38.Sh LIBRARY 39.Lb libugidfw 40.Sh SYNOPSIS 41.In ugidfw.h 42.Sh DESCRIPTION 43The 44.Nm 45library routines provide an interface to the 46.Xr mac_bsdextended 4 47file system firewall MAC policy. 48.Pp 49The 50.Nm 51library defines the following functions: 52.Bl -tag -width "bsde_parse_rule_strong" 53.It Fn bsde_rule_to_string 54Converts the internal representation of a rule 55.Vt ( "struct mac_bsdextended_rule" ) 56into its text representation; 57see 58.Xr bsde_rule_to_string 3 . 59.It Fn bsde_parse_identity 60Parses the identity of a subject or object; 61see 62.Xr bsde_parse_identity 3 . 63.It Fn bsde_parse_mode 64Parses the access mode for a ugidfw rule; 65see 66.Xr bsde_parse_mode 3 . 67.It Fn bsde_parse_rule 68Parses an entire rule 69(in argument array form); 70see 71.Xr bsde_parse_rule 3 . 72.It Fn bsde_parse_rule_string 73Parses an entire rule string; 74see 75.Xr bsde_parse_rule_string 3 . 76.It Fn bsde_get_rule_count 77Returns the total number of ugidfw rules being enforced in the system; 78see 79.Xr bsde_get_rule_count 3 . 80.It Fn bsde_get_rule_slots 81Returns the total number of used rule slots; 82see 83.Xr bsde_get_rule_slots 3 . 84.It Fn bsde_get_rule 85Returns a rule by its rule number; 86see 87.Xr bsde_get_rule 3 . 88.It Fn bsde_delete_rule 89Deletes a rule by its rule number; 90see 91.Xr bsde_delete_rule 3 . 92.It Fn bsde_set_rule 93Uploads the rule to the 94.Xr mac_bsdextended 4 95module and applies it; 96see 97.Xr bsde_set_rule 3 . 98.El 99.Sh SEE ALSO 100.Xr bsde_delete_rule 3 , 101.Xr bsde_get_rule 3 , 102.Xr bsde_get_rule_count 3 , 103.Xr bsde_get_rule_slots 3 , 104.Xr bsde_parse_identity 3 , 105.Xr bsde_parse_mode 3 , 106.Xr bsde_parse_rule 3 , 107.Xr bsde_parse_rule_string 3 , 108.Xr bsde_rule_to_string 3 , 109.Xr bsde_set_rule 3 110.Sh AUTHORS 111This software was contributed to the 112.Fx 113Project by Network Associates Labs, 114the Security Research Division of Network Associates 115Inc. under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), 116as part of the DARPA CHATS research program. 117