Copyright (c) 2006, Sun Microsystems Inc. All Rights Reserved.
The contents of this file are subject to the terms of the Common Development and Distribution License (the "License"). You may not use this file except in compliance with the License.
You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE or http://www.opensolaris.org/os/licensing. See the License for the specific language governing permissions and limitations under the License.
When distributing Covered Code, include this CDDL HEADER in each file and include the License file at usr/src/OPENSOLARIS.LICENSE. If applicable, add the following below this CDDL HEADER, with the fields enclosed by brackets "[]" replaced with your own identifying information: Portions Copyright [yyyy] [name of copyright owner]
cc [flags...] file... -ltsol [library...]
#include <tsol/label.h> int getlabel(const char *path, m_label_t *label_p);
int fgetlabel(int fd, m_label_t *label_p);
The getlabel() function obtains the sensitivity label of the file that is named by path. Discretionary read, write or execute permission to the final component of path is not required, but all directories in the path prefix of path must be searchable.
The fgetlabel() function obtains the label of an open file that is referred to by the argument descriptor, such as would be obtained by an open(2) call.
The label_p argument is a pointer to an opaque label structure. The caller must allocate space for label_p by using m_label_alloc(3TSOL).
Upon successful completion, getlabel() and fgetlabel() return 0. Otherwise they return -1 and set errno to indicate the error.
The getlabel() function will fail if: EACCES
Search permission is denied for a component of the path prefix of path. To override this restriction, the calling process can assert the PRIV_FILE_DAC_SEARCH privilege.
label_p or path points to an invalid address.
An I/O error occurred while reading from or writing to the file system.
Too many symbolic links were encountered in translating path.
The length of the path argument exceeds PATH_MAX, or a pathname component is longer than NAME_MAX while _POSIX_NO_TRUNC is in effect (see pathconf(2)).
The file referred to by path does not exist.
A component of the path prefix of path is not a directory.
The fgetlabel() function will fail if: EBADF
The fd argument is not a valid open file descriptor.
The label_p argument points to an invalid address.
An I/O error occurred while reading from or writing to the file system.
See attributes(5) for descriptions of the following attributes:
ATTRIBUTE TYPE ATTRIBUTE VALUE |
Interface Stability Committed |
open(2), pathconf(2), m_label_alloc(3TSOL), attributes(5), labels(5)
Obtaining a File Label in Solaris Trusted Extensions Developer's Guide
The functionality described on this manual page is available only if the system is configured with Trusted Extensions.