setfilecon, fsetfilecon, lsetfilecon - set SELinux security context of a file
#include <selinux/selinux.h>
int setfilecon(const char *path, const char
*con);
int setfilecon_raw(const char *path, const char
*con);
int lsetfilecon(const char *path, const char
*con);
int lsetfilecon_raw(const char *path, const char
*con);
int fsetfilecon(int fd, const char *con);
int fsetfilecon_raw(int fd, const char *con);
setfilecon() sets the security context of the file system object.
lsetfilecon() is identical to setfilecon, except in the case of a
symbolic link, where the link itself has it's context set, not the file that
it refers to.
fsetfilecon() is identical to setfilecon, only the open file pointed to
by filedes (as returned by
open(2)) has it's context set in place of
path. Since libselinux 3.4 a file opened via
O_PATH is supported.
setfilecon_raw(),
lsetfilecon_raw(), and
fsetfilecon_raw()
behave identically to their non-raw counterparts but do not perform context
translation.
On success, zero is returned. On failure, -1 is returned and
errno is set
appropriately.
If there is insufficient space remaining to store the extended attribute,
errno is set to either
ENOSPC, or
EDQUOT if quota
enforcement was the cause.
If extended attributes are not supported by the filesystem, or are disabled,
errno is set to
ENOTSUP.
The errors documented for the
stat(2) system call are also applicable
here.
selinux(3),
freecon(3),
getfilecon(3),
setfscreatecon(3)