On Mon, Mar 7, 2016 at 12:32 PM, Stephen Smalley <sds@xxxxxxxxxxxxx> wrote:
I guess context_to_string() on the context structure would work better for your purposes. sepol_sid_to_context() would require loading the sidtab via policydb_load_isids() and setting the internal policydb to the one you loaded via sepol_set_policydb().On 03/07/2016 01:44 PM, Stephen Smalley wrote:
On 03/07/2016 10:41 AM, Richard Haines wrote:
On Saturday, 5 March 2016, 14:48, Richard Haines
<richard_c_haines@xxxxxxxxxxxxxx> wrote:
On Friday, 4 March 2016, 21:18, "Roberts, William C"
<william.c.roberts@xxxxxxxxx> wrote:
via libsepol?
How can one obtain the same value as
/sys/fs/selinux/initial_contexts/file
*)pol.db)->ocontexts[OCON_ISID]->context[0];
I’ve been digging around libsepol and its not quite clear to me.
It looks as though the record is here:
context_struct_t *a = &((policydb_t
context_struct_t *b = &((policydb_t*)pol.db)->ocontexts[OCON_ISID]->context[1];
I didn’t see any helpers.
printf("%u\n", a->type);
printf("%u\n",b->type);
Prints:
185
0
Not sure if this is right, and how to format the context struct to a
string.
I've attached an example, hope it's useful
I've updated the example with more detail and display SID name using
SID value not counter.
Any particular reason you didn't use sepol_sid_to_context()?
Seems as though its not exported api, but it does indeed print something:
code:
char *s;
size_t len;
context_struct_t *a = &((policydb_t *)pol.db)->ocontexts[OCON_ISID]->context[0];
int rc = context_to_string(pol.handle, (policydb_t *)pol.db, a, &s, &len);
printf("rc: %d\n", rc);
printf("con: %s\n", s);
prints:
rc: 0
con: u:object_r:null_device:s0
However, I am after the initial sid for file, which this isn't it... is it in the ocontexts array under a different index?
Bill
_______________________________________________
Selinux mailing list
Selinux@xxxxxxxxxxxxx
To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx.
To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
Respectfully,
William C Roberts
William C Roberts
_______________________________________________ Selinux mailing list Selinux@xxxxxxxxxxxxx To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx. To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
