57 lines
1.4 KiB
Plaintext
57 lines
1.4 KiB
Plaintext
'\"macro stdmacro
|
|
.if n .pH g3C.mac_get_proc
|
|
.nr X
|
|
.if \nX=0 .ds x} MAC_GET_PROC 3C "POSIX MAC Support" "\&"
|
|
.if \nX=1 .ds x} MAC_GET_PROC 3C "POSIX MAC Support"
|
|
.if \nX=2 .ds x} MAC_GET_PROC 3C "" "\&"
|
|
.if \nX=3 .ds x} MAC_GET_PROC "" "" "\&"
|
|
.TH \*(x}
|
|
.SH NAME
|
|
.upperok
|
|
mac_get_proc, mac_set_proc \- get or set the MAC label of this process
|
|
.SH SYNOPSIS
|
|
.B #include <sys/mac.h>
|
|
.PP
|
|
.B mac_t mac_get_proc(void);
|
|
.br
|
|
.B "int mac_set_proc(mac_t macp);"
|
|
.SH DESCRIPTION
|
|
.I mac_get_proc
|
|
returns a \f2mac_t\fP, a pointer to an allocated \f2struct mac_label\fP
|
|
which is the MAC label for this process.
|
|
.PP
|
|
.I mac_set_proc
|
|
sets the MAC label of the process.
|
|
The MAC label is first checked for validity by
|
|
\f2mac_valid\fP(3c).
|
|
The process must have CAP_MAC_RELABEL_SUBJ capability in its effective set to
|
|
change its MAC label.
|
|
.SH RETURN VALUES
|
|
.I mac_get_proc
|
|
a \f2mac_t\fP if successful, NULL otherwise.
|
|
The storage should be freed with a call to \f2mac_free\fP with the returned
|
|
pointer as an argument when it is no longer needed.
|
|
.PP
|
|
.I mac_set_proc
|
|
returns 0 if successful, -1 otherwise.
|
|
.SH ERRORS
|
|
.I mac_get_proc:
|
|
.TP 16
|
|
ENOMEM
|
|
allocation of the \f2mac_t\fP failed.
|
|
.TP 16
|
|
ENOSYS
|
|
MAC support is not available (not installed).
|
|
.PP
|
|
.I mac_set_proc:
|
|
.TP 16
|
|
EINVAL
|
|
\f2macp\fP points to an invalid MAC label.
|
|
.TP 16
|
|
ENOSYS
|
|
MAC support is not available (not installed).
|
|
.TP 16
|
|
EPERM
|
|
The process does not have appropriate privilege to
|
|
perform the operation to set the MAC label.
|