Go to main content

man pages section 3: Extended Library Functions, Volume 4

Exit Print View

Updated: July 2017
 
 

labeling_set_encodings(3TSOL)

Name

labeling_enable, labeling_disable, labeling_set_encodings - Manage labeling

Synopsis

cc [flag...] 
file... -ltsol [library...]

#include <tsol/label.h>
int labeling_enable(uint_t
 flags);
int labeling_disable(uint_t
 flags);
int labeling_set_encodings(
const char *path);

Description

The labeling_enable() and labeling_disable () functions enable and disable the security labeling services which are provided by the Trusted Extensions feature. These functions operate asynchronously, and the functions return before enabling or disabling is complete. Note that the is_system_labeled(3C) function may be used to determine if labeling services are active.

The enabling and disabling process affects all zones and system services and may take several minutes to complete. All zones are halted and may be automatically rebooted. Refer to the labeladm(1M) man page for details on this process.

The flags argument is a bitwise-inclusive OR of zero or more of the following flags, defined in the tsol/label.h header:

LABELING_FORCE

If set, enabling or disabling will be done without making prior checks of current state and other conditions.

LABELING_SYSLOG

If set, a message will be sent to syslog upon the successful or unsuccessful completion of enabling or disabling.

LABELING_DELAY

If set, enabling or disabling will not be effective until the system is rebooted. Zones and system services are not affected except normal boot processing.

The LABELING_SYSLOG and LABELING_DELAY flags may not be specified together.

The labeling_set_encodings() function sets the effective label-encodings file. The file specified by the path argument is verified by chk_encodings(1M) and then copied to a system directory with a unique name.

Return Values

Upon successful completion, labeling_enable(), labeling_disable(), and labeling_set_encodings()return 0. Otherwise, they return -1, and errno is set to indicate the error.

Errors

The labeling_enable() and labeling_disable () functions will fail if:

EINVAL

Invalid flags.

The labeling_set_encodings() function will fail if:

EINVAL

Invalid encoding file as determined by chk_encodings(1M).

For the list of possible errors that can occur when accessing the specified file, such as ENOENT, EACCES, see access(2) man page.

Attributes

See attributes(5) for descriptions of the following attributes:

ATTRIBUTE TYPE
ATTRIBUTE VALUE
Interface Stability
See below.
MT-Level
MT-Safe

See Also

labels(5), trusted_extensions(5), labeld(1M), labeladm(1M), chk_encodings(1M), tncfg(1M), is_system_labeled(3C)

Copyright © 1993, 2017, Oracle and/or its affiliates. All rights reserved. 
Previous
Next