MAN page from OpenSuSE libsepol-devel-2.1.9-51.40.x86_64.rpm
Section: SE Linux binary policy API documentation (3)
Updated: 15 March 2005Index
sepol_genusers - Generate a new binary policy image with a customized user configuration
int sepol_genusers(void *data, size_t len, const char *usersdir, void *newdata, size_t *newlen);
void sepol_set_delusers(int on);
generates a new binary policy image from an existing binary policy image stored in the memory region described bythe starting addressdata
and the lengthlen
and a pair of user configuration files named system.users
from the directory specified byusersdir.
The resulting binary policy is placed into dynamically allocatedmemory and the variablesnewdata
are set to refer to the new binary image's starting address and length.The original binary policy image is not modified.
By default, sepol_genuserswill preserve user entries that are defined in the original binary policy imagebut not defined in the user configuration files. If such user entriesshould instead by omitted entirely from the new binary policy image, thenthesepol_set_delusersfunction may be called with onset to 1 prior to callingsepol_genusersin order to enable deletion of such users.
Returns 0 on success or -1 otherwise, with errno set appropriately.An errno of ENOENT indicates that one or both of the userconfiguration files did not exist. An errno of EINVAL indicates thateither the original binary policy image or the generated one wereinvalid. An errno of ENOMEM indicates that insufficient memory wasavailable to process the original binary policy image or to generatethe new policy image. Invalid entries in the user configuration filesare skipped with a warning.
- RETURN VALUE
This document was created byman2html,using the manual pages.