HTML rendering created 2025-09-06 byMichael Kerrisk, author ofThe Linux Programming Interface. For details of in-depthLinux/UNIX system programming training courses that I teach, lookhere. Hosting byjambit GmbH. |  |
NAME |SYNOPSIS |DESCRIPTION |RETURN VALUE |SEE ALSO |COLOPHON | |
getsockcreatecon(3) SELinux API documentationgetsockcreatecon(3)getsockcreatecon, setsockcreatecon - get or set the SELinux security context used for creating a new labeled sockets
#include <selinux/selinux.h>int getsockcreatecon(char **con);int getsockcreatecon_raw(char **con);int setsockcreatecon(const char *context);int setsockcreatecon_raw(const char *context);
getsockcreatecon() retrieves the context used for creating a new labeled network socket. This returned context should be freed withfreecon(3) if non-NULL.getsockcreatecon() sets *con to NULL if no sockcreate context has been explicitly set by the program (i.e. using the default policy behavior).setsockcreatecon() sets the context used for creating a new labeled network sockets NULL can be passed tosetsockcreatecon() to reset to the default policy behavior. The sockcreate context is automatically reset after the nextexecve(2), so a program doesn't need to explicitly sanitize it upon startup.setsockcreatecon() can be applied prior to library functions that internally perform an file creation, in order to set an file context on the objects.getsockcreatecon_raw() andsetsockcreatecon_raw() behave identically to their non-raw counterparts but do not perform context translation.Note:Signal handlers that perform asetsockcreatecon() must take care to save, reset, and restore the sockcreate context to avoid unexpected behavior.Note:Contexts are thread specific.
On error -1 is returned. On success 0 is returned.
selinux(8),freecon(3),getcon(3)
This page is part of theselinux (Security-Enhanced Linux user- space libraries and tools) project. Information about the project can be found at ⟨https://github.com/SELinuxProject/selinux/wiki⟩. If you have a bug report for this manual page, see ⟨https://github.com/SELinuxProject/selinux/wiki/Contributing⟩. This page was obtained from the project's upstream Git repository ⟨https://github.com/SELinuxProject/selinux⟩ on 2025-08-11. (At that time, the date of the most recent commit that was found in the repository was 2025-08-04.) If you discover any rendering problems in this HTML version of the page, or you believe there is a better or more up-to-date source for the page, or you have corrections or improvements to the information in this COLOPHON (which isnot part of the original manual page), send a mail to man-pages@man7.orgdwalsh@redhat.com 24 September 2008getsockcreatecon(3)HTML rendering created 2025-09-06 byMichael Kerrisk, author ofThe Linux Programming Interface. For details of in-depthLinux/UNIX system programming training courses that I teach, lookhere. Hosting byjambit GmbH. | |