NAME | SYNOPSIS | DESCRIPTION | RETURN VALUES | ERRORS | SEE ALSO
#include <tsol/secflgs.h>int getfattrflag(const char *path, secflgs_t *flags);
setfattrflag(), fsetfattrflag(), and mldsetfattrflag() set the security flags of the file whose name is given by path or referred to by the open file descriptor fildes. The bit pattern contained in which is used to indicate which flags are being affected. The corresponding bits in flags are set to 1 or 0 to indicate whether the affected flags are being set or unset respectively.
getfattrflag(), fgetfattrflag(), and mldgetfattrflag() get the security flags of the file whose name is given by path or referred to by the open file descriptor fildes and store it in the location pointed to by flags.
Attribute bits are interpreted as follows:
Directory has MLD semantics.
Filesystem object is a public object.
Directory is an SLD.
Attribute flags are constructed by OR'ing the attribute flag bits.
FAF_MLD is the only flag that may be modified without privilege if the directory is empty, the effective user ID of the process matches the directory owner, and the process has mandatory as well as discretionary write access. The FAF_MLD flag,
once set, cannot be unset. Additionally, the FAF_MLD flag may only be set via the mldsetfattrflag interface. The FAF_PUBLIC flag can only be read or modified by a process possessing the PRIV_FILE_AUDIT
privilege.
A process attempting to read the FAF_PUBLIC flag without the PRIV_FILE_AUDIT
privilege in effect will not fail. However the value of FAF_PUBLIC will be returned as unset. The FAF_SLD flag can never be set.
The ability to read any flag is dependant upon the process having mandatory and discretionary read access to the file. The ability to set any flag is dependant upon the process having mandatory and discretionary write access to the file.
If path is a symbolic link, the target's attribute flags are affected rather than the link's. If path is a multilevel directory, getfattrflag() and setfattrflag() will affect the underlying single-level directory beneath (unless path is adorned). mldgetfattrflag() and mldsetfattrflag() do not translate multi-level directories to underlying single-level directories. fgetfattrflag() and fsetsattrflag() affect only the file referred to by fildes.
getfattrflag() and mldgetfattrflag() will fail if one or more of the following are true:
Search permission is denied on a component of the path prefix of path. To override this restriction, the calling process may assert the PRIV_FILE_DAC_SEARCH
privilege and/or the PRIV_FILE_MAC_SEARCH
privilege.
Read permission is denied the final component of path. To override this restriction, the calling process may assert the PRIV_FILE_MAC_READ
privilege.
path points to an illegal address.
A signal was caught during execution of the function.
An I/O error occurred while reading from the file system.
Too many symbolic links were encountered in translating path.
Components of path require hopping to multiple remote machines and file system type does not allow it.
The length of the path argument exceeds PATH_MAX, or the length of a path component exceeds NAME_MAX while _POSIX_NO_TRUNC is in effect.
Either a component of the path prefix, or the file referred to by path does not exist or is a null pathname.
fildes points to a remote machine and the link to that machine is no longer active.
A component of the prefix of path is not a directory.
fgetfattrflag() fails and the file mode is unchanged if:
Read permission is denied on fildes. To override this restriction, the calling process may assert the PRIV_FILE_MAC_READ
privilege.
fildes is not an open file descriptor.
An I/O error occurred while reading from the file system.
A signal was caught during execution of the fgetfattrflag() function.
setfattrflag() and mldsetfattrflag() will fail and the file mode is unchanged if one or more of the following are true:
Search permission is denied on a component of the path prefix of path. To override this restriction, the calling process may assert the PRIV_FILE_DAC_SEARCH
privilege and/or the PRIV_FILE_MAC_SEARCH
privilege.
Write permission is denied path. To override this restriction, the calling process may assert the PRIV_FILE_MAC_WRITE
privilege.
The calling process does not own fildes. To override this restriction, the calling process may assert the PRIV_FILE_OWNER
privilege.
path points to an illegal address.
A signal was caught during execution of the function.
path is not a valid pathname. When setting FAF_MLD, path must refer to an empty directory.
An I/O error occurred while writing to the file system.
Too many symbolic links were encountered in translating path.
Components of path require hopping to multiple remote machines and filesystem type does not allow it.
The length of the path argument exceeds PATH_MAX, or the length of a path component exceeds NAME_MAX while _POSIX_NO_TRUNC is in effect.
Either a component of the path prefix, or the file referred to by path does not exist or is a null pathname.
path points to a remote machine and the link to that machine is no longer active.
A component of the prefix of path is not a directory.
The effective user ID does not match the owner of the file and the process does not possess the privilege PRIV_FILE_OWNER
.
The process does not possess the privilege PRIV_FILE_AUDIT
and is attempting to set the FAF_PUBLIC flag.
The file referred to by path resides on a read-only file system.
fsetfattrflag() fails and the file mode is unchanged if:
The calling process does not own fildes. To override this restriction, the calling process may assert the PRIV_FILE_OWNER
privilege.
Write access is denied on fildes. To override this restriction, the calling process may assert the PRIV_FILE_MAC_WRITE
privilege.
fildes is not a valid pathname. When setting FAF_MLD, fildes must refer to an empty directory.
fildes is not an open file descriptor.
An I/O error occurred while writing to the file system.
A signal was caught during execution of the fsetfattrflag() function.
The process does not possess the privilege PRIV_FILE_AUDIT
and is attempting to set the FAF_PUBLIC flag.
The file referred to by fildes resides on a read-only file system.
NAME | SYNOPSIS | DESCRIPTION | RETURN VALUES | ERRORS | SEE ALSO