/* Void Main's man pages */

{ phpMan } else { main(); }

Command: man perldoc info search(apropos)  

selabel_db(5)                                       SELinux API documentation                                      selabel_db(5)



NAME
       selabel_db - userspace SELinux labeling interface: DB objects contexts backend.

SYNOPSIS
       #include <selinux/selinux.h>

       #include <selinux/label.h>

       int selabel_lookup(struct selabel_handle *hnd,
                          security_context_t *context,

                          const char *object_name, int object_type);


DESCRIPTION
       The  DB  contexts backend maps from a pair of object name and class into security contexts. It is used to find the appro-
       priate context for database objects when relabeling a certain database.

       The object_name should be fully qualified name using the hierarchy of database objects.  For example, the pg_class  table
       in the postgres database and pg_catalog schema should be qualified as postgres.pg_catalog.pg_class .

       The object_type argument should be set to one of the following values:

       SELABEL_DB_DATABASE
              The object_name argument specifies the name of a database itself, such as "postgres".

       SELABEL_DB_SCHEMA
              The object_name argument specifies the name of a schema object, such as "postgres.public".

       SELABEL_DB_TABLE
              The object_name argument specifies the name of a table object, such as "postgres.public.my_table"

       SELABEL_DB_COLUMN
              The object_name argument specifies the name of a column object, such as "postgres.public.my_table.user_id"

       SELABEL_DB_TUPLE
              The  object_name  argument specifies the name of a table object which contains the tuples to be relabeled, such as
              "postgresql.public.my_table". Note that we have no way to identify individual  tuple  objects,  except  for  WHERE
              clause on DML statements, because it has no name.

       SELABEL_DB_PROCEDURE
              The object_name argument specifies the name of a procedure object, such as "postgres.public.my_func". Note that we
              don't support to lookup individual security contexts for each procedures which have same name but different  argu-
              ments.

       SELABEL_DB_SEQUENCE
              The object_name argument specifies the name of a sequence object, such as "postgres.public.my_seq".

       SELABEL_DB_BLOB
              The object_name argument specifies the name of a large object, such as "postgres.16308".  Note that a large object
              does not have its name, so it is identified by its identifier value.


OPTIONS
       In addition to the global options described in selabel_open(3), this backend recognizes the following options:


       SELABEL_OPT_PATH
              A non-null value for this option specifies a path to a file that will be opened in lieu of the  standard  DB  con-
              texts  file.   It  tries  to open the specfile designed for SE-PostgreSQL in the default, so if another RDBMS uses
              this interface, it needs to give an explicit specfile designed for the RDBMS.


SEE ALSO
       selabel_open(3), selabel_lookup(3), selabel_stats(3), selinux(8)




                                                           22 Nov 2009                                             selabel_db(5)
Valid XHTML 1.0!Valid CSS!