- get file sensitivity label
cc [flags...] file... -ltsol [library...]
#include <tsol/label.h> int getlabel(const char *path, m_label_t *label_p);
int fgetlabel(int fd, m_label_t *label_p);
getlabel() obtains the sensitivity label of the file that is named by path. Discretionary read, write or execute permission to the final component of path is not required, but all directories in the path prefix of path must be searchable.
fgetlabel() obtains the label of an open file that is referred to by the argument descriptor, such as would be obtained by an open(2) call.
label_p is a pointer to an opaque label structure. The caller must allocate space for label_p by using m_label_alloc(3TSOL).
getlabel() and fgetlabel() return:
On success.
On failure, and set errno to indicate the error.
getlabel() fails if one or more of the following are true:
Search permission is denied for a component of the path prefix of path. To override this restriction, the calling process can assert the PRIV_FILE_DAC_SEARCH privilege.
label_p or path points to an invalid address.
An I/O error occurred while reading from or writing to the file system.
Too many symbolic links were encountered in translating path.
The length of the path argument exceeds PATH_MAX.
A pathname component is longer than NAME_MAX while _POSIX_NO_TRUNC is in effect (see pathconf(2)).
The file referred to by path does not exist.
A component of the path prefix of path is not a directory.
fgetlabel() fails if one or more of the following are true:
fd is not a valid open file descriptor.
label_p points to an invalid address.
An I/O error occurred while reading from or writing to the file system.
See attributes(5) for descriptions of the following attributes:
|
open(2), pathconf(2), m_label_alloc(3TSOL), attributes(5), labels(5)
Obtaining a File Label in Solaris Trusted Extensions Developer’s Guide