On Fri, Jul 24, 2020 at 1:57 PM Christian Göttsche <cgzones@xxxxxxxxxxxxxx> wrote: > > - Improve formatting of section DESCRIPTION by adding list points > - Mention errno is set on failure > - Mention the returned context is guaranteed to be non NULL on success > --- > diff --git a/libselinux/man/man3/getcon.3 b/libselinux/man/man3/getcon.3 > index 67872a4d..b618691f 100644 > --- a/libselinux/man/man3/getcon.3 > +++ b/libselinux/man/man3/getcon.3 > @@ -110,6 +120,8 @@ context and the > .BR setcon () > will fail if it is not allowed by policy. > > +.TP > +.BR *_raw() What's this? > .BR getcon_raw (), > .BR getprevcon_raw (), > .BR getpidcon_raw (), > @@ -118,9 +130,15 @@ and > .BR setcon_raw () > behave identically to their non-raw counterparts but do not perform context > translation. > -. > + > .SH "RETURN VALUE" > -On error \-1 is returned. On success 0 is returned. > -. > +On error \-1 is returned with errno set. On success 0 is returned. > + > +On success all this > +.BR *_get() Do you mean get*()? Probably should just enumerate them all since there aren't very many. > +functions guarantee to allocate and set > +.I *context > +to a non\-NULL security context. > + I guess technically if we are going to make this promise, then libselinux ought to explicitly implement it on the offhand chance that there is a kernel bug or someone calls one of these libselinux functions while running some other security module that doesn't provide the same guarantee.
