getcon(3) — Linux manual page


getcon(3)               SELinux API documentation              getcon(3)

NAME         top

       getcon, getprevcon, getpidcon - get SELinux security context of a

       freecon, freeconary - free memory associated with SELinux
       security contexts

       getpeercon - get security context of a peer socket

       setcon - set current security context of a process

SYNOPSIS         top

       #include <selinux/selinux.h>

       int getcon(char **context);

       int getcon_raw(char **context);

       int getprevcon(char **context);

       int getprevcon_raw(char **context);

       int getpidcon(pid_t pid, char **context);

       int getpidcon_raw(pid_t pid, char **context);

       int getpidprevcon(pid_t pid, char **context);

       int getpidprevcon_raw(pid_t pid, char **context);

       int getpeercon(int fd, char **context);

       int getpeercon_raw(int fd, char **context);

       void freecon(char *con);

       void freeconary(char **con);

       int setcon(const char *context);

       int setcon_raw(const char *context);

DESCRIPTION         top

              retrieves the context of the current process, which must
              be free'd with freecon().

              same as getcon but gets the context before the last exec.

              returns the process context for the specified PID, which
              must be free'd with freecon().

              returns the process context before the last exec for the
              specified PID, which must be free'd with freecon().

              retrieves the context of the peer socket, which must be
              free'd with freecon().

              frees the memory allocated for a security context.

              If con is NULL, no operation is performed.

              frees the memory allocated for a context array.

              If con is NULL, no operation is performed.

              sets the current security context of the process to a new
              value.  Note that use of this function requires that the
              entire application be trusted to maintain any desired
              separation between the old and new security contexts,
              unlike exec-based transitions performed via setexeccon(3).
              When possible, decompose your application and use
              setexeccon(3) and execve(3) instead.

              Since access to file descriptors is revalidated upon use
              by SELinux, the new context must be explicitly authorized
              in the policy to use the descriptors opened by the old
              context if that is desired.  Otherwise, attempts by the
              process to use any existing descriptors (including stdin,
              stdout, and stderr) after performing the setcon() will

              A multi-threaded application can perform a setcon() prior
              to creating any child threads, in which case all of the
              child threads will inherit the new context.  However,
              prior to Linux 2.6.28, setcon() would fail if there are
              any other threads running in the same process since this
              would yield an inconsistency among the security contexts
              of threads sharing the same memory space.  Since Linux
              2.6.28, setcon() is permitted for threads within a multi-
              threaded process if the new security context is bounded by
              the old security context, where the bounded relation is
              defined through typebounds statements in the policy and
              guarantees that the new security context has a subset of
              the permissions of the old security context.

              If the process was being ptraced at the time of the
              setcon() operation, ptrace permission will be revalidated
              against the new context and the setcon() will fail if it
              is not allowed by policy.

              getcon_raw(), getprevcon_raw(), getpidcon_raw(),
              getpidprevcon_raw(), getpeercon_raw() and setcon_raw()
              behave identically to their non-raw counterparts but do
              not perform context translation.

RETURN VALUE         top

       On error -1 is returned with errno set.  On success 0 is

NOTES         top

       The retrieval functions might return success and set *context to
       NULL if and only if SELinux is not enabled.

       Querying a foreign process via its PID, e.g. getpidcon() or
       getpidprevcon(), is inherently racy and therefore should never be
       relied upon for security purposes.

SEE ALSO         top

       selinux(8), setexeccon(3)

COLOPHON         top

       This page is part of the selinux (Security-Enhanced Linux user-
       space libraries and tools) project.  Information about the
       project can be found at 
       ⟨⟩.  If you have a
       bug report for this manual page, see
       This page was obtained from the project's upstream Git repository
       ⟨⟩ on 2024-06-14.  (At
       that time, the date of the most recent commit that was found in
       the repository was 2023-05-11.)  If you discover any rendering
       problems in this HTML version of the page, or you believe there
       is a better or more up-to-date source for the page, or you have
       corrections or improvements to the information in this COLOPHON
       (which is not part of the original manual page), send a mail to        21 December 2011                   getcon(3)

Pages that refer to this page: avc_context_to_sid(3)getexeccon(3)getfilecon(3)getfscreatecon(3)getkeycreatecon(3)get_ordered_context_list(3)getsockcreatecon(3)matchmediacon(3)matchpathcon(3)matchpathcon_checkmatches(3)security_class_to_string(3)security_compute_av(3)selabel_lookup(3)selabel_lookup_best_match(3)selinux_lsetfilecon_default(3)selinux_set_callback(3)setfilecon(3)set_matchpathcon_flags(3)selabel_db(5)selabel_file(5)selabel_media(5)selabel_x(5)