Petr Lautrbach <plautrba@xxxxxxxxxx> writes: > Christian Göttsche <cgzones@xxxxxxxxxxxxxx> writes: > >> Improve formatting of section DESCRIPTION by adding list points. > > I checked several man pages and it doesn't look like a common construct > multi function man pages. But I haven't found any specific guideline > related to this and it looks better. > > >> Mention errno is set on failure. >> Mention the returned context might be NULL if SELinux is not enabled. >> Align setcon/_raw parameter by adding const. >> >> Signed-off-by: Christian Göttsche <cgzones@xxxxxxxxxxxxxx> >> > > Acked-by: Petr Lautrbach <plautrba@xxxxxxxxxx> Merged. > Thanks! > > >> --- >> libselinux/man/man3/getcon.3 | 41 +++++++++++++++++++++++++----------- >> 1 file changed, 29 insertions(+), 12 deletions(-) >> >> diff --git a/libselinux/man/man3/getcon.3 b/libselinux/man/man3/getcon.3 >> index 67872a4d..e7e394f3 100644 >> --- a/libselinux/man/man3/getcon.3 >> +++ b/libselinux/man/man3/getcon.3 >> @@ -7,7 +7,7 @@ freecon, freeconary \- free memory associated with SELinux security contexts >> getpeercon \- get security context of a peer socket >> >> setcon \- set current security context of a process >> -. >> + >> .SH "SYNOPSIS" >> .B #include <selinux/selinux.h> >> .sp >> @@ -31,30 +31,39 @@ setcon \- set current security context of a process >> .sp >> .BI "void freeconary(char **" con ); >> .sp >> -.BI "int setcon(char *" context ); >> +.BI "int setcon(const char *" context ); >> .sp >> -.BI "int setcon_raw(char *" context ); >> -. >> +.BI "int setcon_raw(const char *" context ); >> + >> .SH "DESCRIPTION" >> +.TP >> .BR getcon () >> retrieves the context of the current process, which must be free'd with >> -freecon. >> +.BR freecon (). >> >> +.TP >> .BR getprevcon () >> same as getcon but gets the context before the last exec. >> >> +.TP >> .BR getpidcon () >> -returns the process context for the specified PID. >> +returns the process context for the specified PID, which must be free'd with >> +.BR freecon (). >> >> +.TP >> .BR getpeercon () >> -retrieves context of peer socket, and set >> -.BI * context >> -to refer to it, which must be free'd with >> +retrieves the context of the peer socket, which must be free'd with >> .BR freecon (). >> >> +.TP >> .BR freecon () >> frees the memory allocated for a security context. >> >> +If >> +.I con >> +is NULL, no operation is performed. >> + >> +.TP >> .BR freeconary () >> frees the memory allocated for a context array. >> >> @@ -62,6 +71,7 @@ If >> .I con >> is NULL, no operation is performed. >> >> +.TP >> .BR setcon () >> sets the current security context of the process to a new value. Note >> that use of this function requires that the entire application be >> @@ -110,6 +120,8 @@ context and the >> .BR setcon () >> will fail if it is not allowed by policy. >> >> +.TP >> +.BR *_raw() >> .BR getcon_raw (), >> .BR getprevcon_raw (), >> .BR getpidcon_raw (), >> @@ -118,9 +130,14 @@ and >> .BR setcon_raw () >> behave identically to their non-raw counterparts but do not perform context >> translation. >> -. >> + >> .SH "RETURN VALUE" >> -On error \-1 is returned. On success 0 is returned. >> -. >> +On error \-1 is returned with errno set. On success 0 is returned. >> + >> +.SH "NOTES" >> +The retrieval functions might return success and set >> +.I *context >> +to NULL if and only if SELinux is not enabled. >> + >> .SH "SEE ALSO" >> .BR selinux "(8), " setexeccon "(3)" >> -- >> 2.32.0.rc2
