labelmgr-1 - API for labels and clearances
#include <rad/client/1/labelmgr.h>
cc [ flag... ] file... -llabelmgr1_client [ library... ]
interface Label
const char ** labels ; (ro)
rc_err_t labelmgr_Label_getLabelInfo(rc_instance_t *inst,
const char *labelName,
const char *minLabel,
const char *maxLabel,
boolean_t userAccrdCheck,
labelmgr_LabelInfo_t **result,
labelmgr_LabelError_t **error);
rc_err_t labelmgr_Label_updateLabelInfo(rc_instance_t *inst,
const char *newLabelName,
int numClassses,
int numComps,
labelmgr_LabelInfo_t **result,
labelmgr_LabelError_t **error);
rc_err_t labelmgr_Label_hexLabelToString(rc_instance_t *inst,
const char *hexLabel,
char **result,
labelmgr_LabelError_t **error);
rc_err_t labelmgr_Label_stringLabelToHex(rc_instance_t *inst,
const char *label,
const char *curHexLabel,
char **result,
labelmgr_LabelError_t **error);
rc_err_t labelmgr_Label_getClearanceInfo(rc_instance_t *inst,
const char *clearance,
const char *minLabel,
const char *maxLabel,
labelmgr_LabelInfo_t **result,
labelmgr_LabelError_t **error);
rc_err_t labelmgr_Label_updateClearanceInfo(rc_instance_t *inst,
const char *newClearanceName,
int numClassses,
int numComps,
labelmgr_LabelInfo_t **result,
labelmgr_LabelError_t **error);
rc_err_t labelmgr_Label_hexClearanceToString(rc_instance_t *inst,
const char *clearance,
char **result,
labelmgr_LabelError_t **error);
rc_err_t labelmgr_Label_stringClearanceToHex(rc_instance_t *inst,
const char *clearance,
const char *curHexClearance,
char **result,
labelmgr_LabelError_t **error);
Enumerated Types
enum LabelErrorType
typedef enum labelmgr_LabelErrorType {
LLET_INVALID_DATA = 0,
LLET_BAD_LABEL = 1,
LLET_BAD_CLEARANCE = 2,
LLET_RUNTIME = 3,
} labelmgr_LabelErrorType_t;
Structured Types
struct LabelError
typedef struct labelmgr_LabelError labelmgr_LabelError_t;
struct labelmgr_LabelError {
labelmgr_LabelErrorType_t lle_errorCode;
};
void labelmgr_LabelError_free(labelmgr_LabelError_t *in);
struct LabelComponent
typedef struct labelmgr_LabelComponent labelmgr_LabelComponent_t;
struct labelmgr_LabelComponent {
char *llc_shortName;
char *llc_longName;
boolean_t llc_dim;
boolean_t llc_select;
};
void labelmgr_LabelComponent_free(labelmgr_LabelComponent_t *in);
struct LabelInfo
typedef struct labelmgr_LabelInfo labelmgr_LabelInfo_t;
struct labelmgr_LabelInfo {
labelmgr_LabelComponent_t **lli_classifications;
int lli_classifications_count;
labelmgr_LabelComponent_t **lli_compartments;
int lli_compartments_count;
char *lli_hexValue;
char *lli_stringValue;
};
void labelmgr_LabelInfo_free(labelmgr_LabelInfo_t *in);
LABELMGR-1(3rad) RAD Module Definitions LABELMGR-1(3rad)
NAME
labelmgr - API for labels and clearances
SYNOPSIS
#include <rad/client/1/labelmgr.h>
cc [ flag... ] file... -llabelmgr1_client [ library... ]
interface Label
const char ** labels ; (ro)
rc_err_t labelmgr_Label_getLabelInfo(rc_instance_t *inst,
const char *labelName,
const char *minLabel,
const char *maxLabel,
boolean_t userAccrdCheck,
labelmgr_LabelInfo_t **result,
labelmgr_LabelError_t **error);
rc_err_t labelmgr_Label_updateLabelInfo(rc_instance_t *inst,
const char *newLabelName,
int numClassses,
int numComps,
labelmgr_LabelInfo_t **result,
labelmgr_LabelError_t **error);
rc_err_t labelmgr_Label_hexLabelToString(rc_instance_t *inst,
const char *hexLabel,
char **result,
labelmgr_LabelError_t **error);
rc_err_t labelmgr_Label_stringLabelToHex(rc_instance_t *inst,
const char *label,
const char *curHexLabel,
char **result,
labelmgr_LabelError_t **error);
rc_err_t labelmgr_Label_getClearanceInfo(rc_instance_t *inst,
const char *clearance,
const char *minLabel,
const char *maxLabel,
labelmgr_LabelInfo_t **result,
labelmgr_LabelError_t **error);
rc_err_t labelmgr_Label_updateClearanceInfo(rc_instance_t *inst,
const char *newClearanceName,
int numClassses,
int numComps,
labelmgr_LabelInfo_t **result,
labelmgr_LabelError_t **error);
rc_err_t labelmgr_Label_hexClearanceToString(rc_instance_t *inst,
const char *clearance,
char **result,
labelmgr_LabelError_t **error);
rc_err_t labelmgr_Label_stringClearanceToHex(rc_instance_t *inst,
const char *clearance,
const char *curHexClearance,
char **result,
labelmgr_LabelError_t **error);
Enumerated Types
enum LabelErrorType
typedef enum labelmgr_LabelErrorType {
LLET_INVALID_DATA = 0,
LLET_BAD_LABEL = 1,
LLET_BAD_CLEARANCE = 2,
LLET_RUNTIME = 3,
} labelmgr_LabelErrorType_t;
Structured Types
struct LabelError
typedef struct labelmgr_LabelError labelmgr_LabelError_t;
struct labelmgr_LabelError {
labelmgr_LabelErrorType_t lle_errorCode;
};
void labelmgr_LabelError_free(labelmgr_LabelError_t *in);
struct LabelComponent
typedef struct labelmgr_LabelComponent labelmgr_LabelComponent_t;
struct labelmgr_LabelComponent {
char *llc_shortName;
char *llc_longName;
boolean_t llc_dim;
boolean_t llc_select;
};
void labelmgr_LabelComponent_free(labelmgr_LabelComponent_t *in);
struct LabelInfo
typedef struct labelmgr_LabelInfo labelmgr_LabelInfo_t;
struct labelmgr_LabelInfo {
labelmgr_LabelComponent_t **lli_classifications;
int lli_classifications_count;
labelmgr_LabelComponent_t **lli_compartments;
int lli_compartments_count;
char *lli_hexValue;
char *lli_stringValue;
};
void labelmgr_LabelInfo_free(labelmgr_LabelInfo_t *in);
DESCRIPTION
API com.oracle.solaris.rad.labelmgr [1]
These APIs provide functionality for selecting and combining labels and
clearances that are used for mandatory access control. For more
information about using labels and clearances see labels(7) and
clearance(7).
The list of available labels can be accessed by the Label() method.
Labels can be constructed by selecting a classification and one or more
compartments from the lists that are provided by the LabelInfo
stucture. The following example displays the lists of compartments and
markings from which labels components could be selected.
INTERFACES
interface Label
Set of operations that can be performed on sensitivity labels or
clearances.
Label Properties
const char ** labels (read-only) -- Lists available labels.
Lists the set of available labels that can be set as min_label
or clearance. The privilege sys_trans_label is required to
retrieve labels that are not dominated by the user's clearance.
rc_err_t labelmgr_Label_get_labels(rc_instance_t *inst,
char ***result,
int *result_cnt,
labelmgr_LabelError_t **error);
Get property value.
Arguments:
inst -- RAD instance
result -- Property value returned
result_cnt -- Number of items in result array
error
o RUNTIME - when unable to retrieve labels.
Read Error: labelmgr_LabelError_t **
o RUNTIME - when unable to retrieve labels.
Label Methods
rc_err_t labelmgr_Label_getLabelInfo(rc_instance_t *inst,
const char *labelName,
const char *minLabel,
const char *maxLabel,
boolean_t userAccrdCheck,
labelmgr_LabelInfo_t **result,
labelmgr_LabelError_t **error);
Get information for building a sensitivity label. The privilege
sys_trans_label is required to retrieve labels that are not
dominated by the user's clearance.
Given a label name, a label range and user's information,
return the information for building a sensitivity label.
Arguments:
inst -- RAD instance
labelName -- Label name.
minLabel -- Minmium label.
maxLabel -- Maximum label.
userAccrdCheck -- Set to true to do user accreditation check.
Otherwise, set to false.
result
error
o INVALID_DATA - when a required value is null.
o BAD_LABEL - when the label cannot be translated
o RUNTIME - when unable to retrieve labels.
rc_err_t labelmgr_Label_updateLabelInfo(rc_instance_t *inst,
const char *newLabelName,
int numClassses,
int numComps,
labelmgr_LabelInfo_t **result,
labelmgr_LabelError_t **error);
Get updated information for building a sensitivity label.
Given the current LabelInfo, a new label name, and user's
information, return the updated information for building a
sensitivity label. The privilege sys_trans_label is required to
retrieve labels that are not dominated by the user's clearance.
Arguments:
inst -- RAD instance
newLabelName -- New label name.
numClassses -- Number of classifications.
numComps -- Number of compartments.
result
error
o INVALID_DATA - when a required value is null.
o BAD_LABEL - when the label cannot be translated
o RUNTIME - when unable to retrieve labels.
rc_err_t labelmgr_Label_hexLabelToString(rc_instance_t *inst,
const char *hexLabel,
char **result,
labelmgr_LabelError_t **error);
Translate a hexadecimal label into its human-readable
representation.
Takes a hexadecimal label and translate it into its
human-readable label. Return the human-readable label as a
string. Null is returned if the label is invalid. The privilege
sys_trans_label is required to retrieve labels that are not
dominated by the user's clearance.
Arguments:
inst -- RAD instance
hexLabel -- Hexadecimal label as a string to be translated.
result
error
o INVALID_DATA - when a required value is null.
o BAD_LABEL - when the label cannot be translated
o RUNTIME - when unable to retrieve labels.
rc_err_t labelmgr_Label_stringLabelToHex(rc_instance_t *inst,
const char *label,
const char *curHexLabel,
char **result,
labelmgr_LabelError_t **error);
Translate a human-readable label into its hexadecimal
representation.
Takes a human-readable label and an optional hexadecimal label
and translates it into its a new hexadecimal label. Return the
hexadecimal label as a string. Null is returned if the label is
invalid. The privilege sys_trans_label is required to retrieve
labels that are not dominated by the user's clearance.
Arguments:
inst -- RAD instance
label -- Human-readable label to be translated.
curHexLabel (nullable) -- Current label to be modified (in hex)
result
error
o INVALID_DATA - when a required value is null.
o BAD_LABEL - when the label cannot be translated
o RUNTIME - when unable to retrieve labels.
rc_err_t labelmgr_Label_getClearanceInfo(rc_instance_t *inst,
const char *clearance,
const char *minLabel,
const char *maxLabel,
labelmgr_LabelInfo_t **result,
labelmgr_LabelError_t **error);
Get information for building a clearance.
Given a clearance name, a label range and user's information,
return the information for building a clearance. The privilege
sys_trans_label is required to retrieve labels that are not
dominated by the user's clearance.
Arguments:
inst -- RAD instance
clearance -- Clearance name.
minLabel -- Minmium label.
maxLabel -- Maximum label.
result
error
o INVALID_DATA - when a required value is null.
o RUNTIME - when unable to retrieve labels.
rc_err_t labelmgr_Label_updateClearanceInfo(rc_instance_t *inst,
const char *newClearanceName,
int numClassses,
int numComps,
labelmgr_LabelInfo_t **result,
labelmgr_LabelError_t **error);
Get updated information for building a clearance.
Given the current LabelInfo and a new clearance name, return
the updated information for building a clearance. The privilege
sys_trans_label is required to retrieve labels that are not
dominated by the user's clearance.
Arguments:
inst -- RAD instance
newClearanceName -- New clearance name.
numClassses -- Number of classifications.
numComps -- Number of compartments.
result
error
o INVALID_DATA - when a required value is null.
o BAD_CLEARANCE - when the clearance cannot be translated
o RUNTIME - when unable to retrieve labels.
rc_err_t labelmgr_Label_hexClearanceToString(rc_instance_t *inst,
const char *clearance,
char **result,
labelmgr_LabelError_t **error);
Translate a hexadecimal clearance into its human-readable
representation.
Takes a hexadecimal clearance and translate it into its
human-readable clearance. Return the human-readable clearance
as a string. Null is returned if the clearance is invalid.
Arguments:
inst -- RAD instance
clearance -- Hexadecimal clearance as a string to be
translated.
result
error
o INVALID_DATA - when a required value is null.
o BAD_CLEARANCE - when the clearance cannot be translated
o RUNTIME - when unable to retrieve labels.
rc_err_t labelmgr_Label_stringClearanceToHex(rc_instance_t *inst,
const char *clearance,
const char *curHexClearance,
char **result,
labelmgr_LabelError_t **error);
Translate a human-readable clearance into its hexadecimal
representation.
Takes a human-readable clearance and an optional hexadecimal
clearance and translates it into its a new hexadecimal
clearance. Return the hexadecimal clearance as a string. Null
is returned if the clearance is invalid. The privilege
sys_trans_label is required to retrieve labels that are not
dominated by the user's clearance.
Arguments:
inst -- RAD instance
clearance -- Human-readable clearance to be translated.
curHexClearance (nullable) -- Current clearance to be modified
(in hex)
result
error
o INVALID_DATA - when a required value is null.
o BAD_CLEARANCE - when the clearance cannot be translated
o RUNTIME - when unable to retrieve labels.
Label Retrieve
rc_err_t labelmgr_Label__rad_get_name(adr_name_t **result,
int n,
...);
Obtain RAD name of a Label object.
Arguments:
result -- RAD name
n -- Number of key-value pairs provided as variadic arguments
... -- Optional key-value pairs that compose the primary key
rc_err_t labelmgr_Label__rad_lookup(rc_conn_t *c,
boolean_t strict,
rc_instance_t **result,
int n,
...);
Lookup a Label instance.
Construct a RAD name for the interface based on the provided
key-value pairs and perform a lookup. If successful, instance
reference is returned in the result.
Arguments:
c -- RAD connection handle
strict -- Strict (B_TRUE) or relaxed (B_FALSE) versioning
result -- RAD instance
n -- Number of key-value pairs provided as variadic arguments
... -- Optional key-value pairs that compose the primary key
rc_err_t labelmgr_Label__rad_list(rc_conn_t *c,
boolean_t strict,
adr_pattern_scheme_t scheme,
adr_name_t ***result,
int *result_count,
int n,
...);
List RAD names of a available Label instances.
Returns an array and array size of matching object names.
Arguments:
c -- RAD connection handle
strict -- Strict (B_TRUE) or relaxed (B_FALSE) versioning
scheme -- Apply glob (NS_GLOB) or regex (NS_REGEX) matching
result -- Array of RAD names
result_count -- Number of names in result array
n -- Number of key-value pairs provided as variadic arguments
... -- Optional key-value pairs that compose the primary key
ENUMERATED TYPES
enum LabelErrorType -- Label Manager api error types
typedef enum labelmgr_LabelErrorType {
LLET_INVALID_DATA = 0,
LLET_BAD_LABEL = 1,
LLET_BAD_CLEARANCE = 2,
LLET_RUNTIME = 3,
} labelmgr_LabelErrorType_t;
LLET_INVALID_DATA (0)
LLET_BAD_LABEL (1)
LLET_BAD_CLEARANCE (2)
LLET_RUNTIME (3)
STRUCTURED TYPES
struct LabelError
typedef struct labelmgr_LabelError labelmgr_LabelError_t;
struct labelmgr_LabelError {
labelmgr_LabelErrorType_t lle_errorCode;
};
void labelmgr_LabelError_free(labelmgr_LabelError_t *in);
Fields:
lle_errorCode
struct LabelComponent -- Contain fields defining a single
classification or compartment in a sensitivity label or clearance.
typedef struct labelmgr_LabelComponent labelmgr_LabelComponent_t;
struct labelmgr_LabelComponent {
char *llc_shortName;
char *llc_longName;
boolean_t llc_dim;
boolean_t llc_select;
};
void labelmgr_LabelComponent_free(labelmgr_LabelComponent_t *in);
Fields:
llc_shortName -- Short name.
llc_longName -- Long name.
llc_dim -- Set to true if display of this classification or
compartment should be dimmed. Otherwise set to false.
llc_select -- Set to true if display of this classification or
compartment should be selected. Otherwise set to false.
struct LabelInfo
typedef struct labelmgr_LabelInfo labelmgr_LabelInfo_t;
struct labelmgr_LabelInfo {
labelmgr_LabelComponent_t **lli_classifications;
int lli_classifications_count;
labelmgr_LabelComponent_t **lli_compartments;
int lli_compartments_count;
char *lli_hexValue;
char *lli_stringValue;
};
void labelmgr_LabelInfo_free(labelmgr_LabelInfo_t *in);
Contains a list of classifications and a list of compartments, and
the label name. These can be used to build a sensitivity label or
clearance.
Fields:
lli_classifications -- List of classifications each described by
the LabelComponent struct.
lli_classifications_count
lli_compartments -- List of compartments each described by the
LabelComponent struct.
lli_compartments_count
lli_hexValue -- Hexadecimal value of the label or clearance
formatted as a string.
lli_stringValue -- Name of the label or clearance.
VERSION
1.0
ATTRIBUTES
See attributes(7) for descriptions of the following attributes:
+--------------------+-------------------------------------------+
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
+--------------------+-------------------------------------------+
|Availability | system/management/rad/module/rad-labelmgr |
+--------------------+-------------------------------------------+
|Interface Stability | Private |
+--------------------+-------------------------------------------+
SEE ALSO
rad(8)
NOTES
1. Accessing Python documentation for this module:
$ pydoc rad.bindings.com.oracle.solaris.rad.labelmgr_1
Solaris 11.4 2017-02-01 LABELMGR-1(3rad)