HTML rendering created 2025-09-06 byMichael Kerrisk, author ofThe Linux Programming Interface. For details of in-depthLinux/UNIX system programming training courses that I teach, lookhere. Hosting byjambit GmbH. |  |
NAME |SYNOPSIS |DESCRIPTION |RETURN VALUE |ERRORS |AUTHOR |SEE ALSO |COLOPHON | |
security...o_string(3) SELinux API documentationsecurity...o_string(3)security_class_to_string, security_av_perm_to_string, string_to_security_class, string_to_av_perm, security_av_string, mode_to_security_class - convert between SELinux class and permission values and string names. print_access_vector - display an access vector in human-readable form.
#include <selinux/selinux.h>const char *security_class_to_string(security_class_ttclass);const char *security_av_perm_to_string(security_class_ttclass,access_vector_tav);int security_av_string(security_class_ttclass, access_vector_tav, char **result);security_class_t string_to_security_class(const char *name);security_class_t mode_to_security_class(mode_tmode);access_vector_t string_to_av_perm(security_class_ttclass, constchar *name);void print_access_vector(security_class_ttclass, access_vector_tav);
security_class_to_string() returns a string name for classtclass, or NULL if the class is invalid. The returned string must not be modified or freed.security_av_perm_to_string() returns a string name for the access vector bitav of classtclass, or NULL if either argument is invalid. The returned string must not be modified or freed.security_av_string() computes a full access vector string representation usingtclass andav, which may have multiple bits set. The string is returned in the memory pointed to byresult, and should be freed by the caller usingfree(3).string_to_security_class() returns the class value corresponding to the string namename, or zero if no such class exists.mode_to_security_class() returns the class value corresponding to the specifiedmode, or zero if no such class exists.string_to_av_perm() returns the access vector bit corresponding to the string namename and security classtclass, or zero if no such value exists.print_access_vector() displays an access vector in human-readable form on the standard output stream.
security_av_string() returns zero on success or -1 on error witherrno set appropriately.print_access_vector() does not return a value. All other functions return zero or NULL on error.
EINVALA class or access vector argument is not recognized by the currently loaded policy.ENOMEMAn attempt to allocate memory failed.
Eamon Walsh <ewalsh@tycho.nsa.gov>
selinux(8),getcon(3),getfilecon(3)stat(3)
This page is part of theselinux (Security-Enhanced Linux user- space libraries and tools) project. Information about the project can be found at ⟨https://github.com/SELinuxProject/selinux/wiki⟩. If you have a bug report for this manual page, see ⟨https://github.com/SELinuxProject/selinux/wiki/Contributing⟩. This page was obtained from the project's upstream Git repository ⟨https://github.com/SELinuxProject/selinux⟩ on 2025-08-11. (At that time, the date of the most recent commit that was found in the repository was 2025-08-04.) If you discover any rendering problems in this HTML version of the page, or you believe there is a better or more up-to-date source for the page, or you have corrections or improvements to the information in this COLOPHON (which isnot part of the original manual page), send a mail to man-pages@man7.org 30 Mar 2007security...o_string(3)Pages that refer to this page:avc_has_perm(3), security_compute_av(3)
HTML rendering created 2025-09-06 byMichael Kerrisk, author ofThe Linux Programming Interface. For details of in-depthLinux/UNIX system programming training courses that I teach, lookhere. Hosting byjambit GmbH. | |