setfilecon

Section: SELinux API documentation (3)
Updated: 1 January 2004
Index Return to Main Contents
 

NAME

setfilecon, fsetfilecon, lsetfilecon - set SELinux security context of a file

 

SYNOPSIS

#include <selinux/selinux.h>

int setfilecon(const char *path, security_context_t con);

int lsetfilecon(const char *path, security_context_t con);

int fsetfilecon(int fd, security_context_t con);

 

DESCRIPTION

setfilecon sets the security context of the file system object.

lsetfilecon is identical to setfilecon, except in the case of a symbolic link, where the link itself has it's context set, not the file that it refers to.

fsetfilecon is identical to setfilecon, only the open file pointed to by filedes (as returned by open(2)) has it's context set in place of path.

 

RETURN VALUE

On success, zero is returned. On failure, -1 is returned and errno is set appropriately.

If there is insufficient space remaining to store the extended attribute, errno is set to either ENOSPC, or EDQUOT if quota enforce- ment was the cause.

If extended attributes are not supported by the filesystem, or are dis- abled, errno is set to ENOTSUP.

The errors documented for the stat(2) system call are also applicable here.

 

SEE ALSO

selinux(3), freecon(3), getfilecon(3), setfscreatecon(3)