* selinux_restorecon - Relabel files.
* @pathname: specifies file/directory to relabel.
* @restorecon_flags: specifies the actions to be performed when relabeling.
* selinux_restorecon(3) will automatically call
* selinux_restorecon_default_handle(3) and selinux_restorecon_set_sehandle(3)
* first time through to set the selabel_open(3) parameters to use the
* currently loaded policy file_contexts and request their computed digest.
* Should other selabel_open(3) parameters be required see
* selinux_restorecon_set_sehandle(3).
extern int selinux_restorecon(const char *pathname,
unsigned int restorecon_flags);
* restorecon_flags options
* Force the checking of labels even if the stored SHA1
* digest matches the specfiles SHA1 digest.
#define SELINUX_RESTORECON_IGNORE_DIGEST 0x0001
* Do not change file labels.
#define SELINUX_RESTORECON_NOCHANGE 0x0002
* If set, change file label to that in spec file.
* If not, only change type component to that in spec file.
#define SELINUX_RESTORECON_SET_SPECFILE_CTX 0x0004
* Recursively descend directories.
#define SELINUX_RESTORECON_RECURSE 0x0008
* Log changes to selinux log. Note that if VERBOSE and
* PROGRESS are set, then PROGRESS will take precedence.
#define SELINUX_RESTORECON_VERBOSE 0x0010
* If SELINUX_RESTORECON_PROGRESS is true and
* SELINUX_RESTORECON_MASS_RELABEL is true, then output approx % complete,
* else output the number of files in 1k blocks processed to stdout.
#define SELINUX_RESTORECON_PROGRESS 0x0020
* Convert passed-in pathname to canonical pathname.
#define SELINUX_RESTORECON_REALPATH 0x0040
* Prevent descending into directories that have a different
* device number than the pathname from which the descent began.
#define SELINUX_RESTORECON_XDEV 0x0080
* Attempt to add an association between an inode and a specification.
* If there is already an association for the inode and it conflicts
* with the specification, then use the last matching specification.
#define SELINUX_RESTORECON_ADD_ASSOC 0x0100
* Abort on errors during the file tree walk.
#define SELINUX_RESTORECON_ABORT_ON_ERROR 0x0200
* Log any label changes to syslog.
#define SELINUX_RESTORECON_SYSLOG_CHANGES 0x0400
* Log what spec matched each file.
#define SELINUX_RESTORECON_LOG_MATCHES 0x0800
* Ignore files that do not exist.
#define SELINUX_RESTORECON_IGNORE_NOENTRY 0x1000
* Do not read /proc/mounts to obtain a list of non-seclabel
* mounts to be excluded from relabeling checks.
#define SELINUX_RESTORECON_IGNORE_MOUNTS 0x2000
* Set if there is a mass relabel required.
* See SELINUX_RESTORECON_PROGRESS flag for details.
#define SELINUX_RESTORECON_MASS_RELABEL 0x4000
* selinux_restorecon_set_sehandle - Set the global fc handle.
* @hndl: specifies handle to set as the global fc handle.
* Called by a process that has already called selabel_open(3) with it's
* required parameters, or if selinux_restorecon_default_handle(3) has been
* called to set the default selabel_open(3) parameters.
extern void selinux_restorecon_set_sehandle(struct selabel_handle *hndl);
* selinux_restorecon_default_handle - Sets default selabel_open(3) parameters
* to use the currently loaded policy and
* file_contexts, also requests the digest.
* Return value is the created handle on success or NULL with @errno set on
extern struct selabel_handle *selinux_restorecon_default_handle(void);
* selinux_restorecon_set_exclude_list - Add a list of directories that are
* to be excluded from relabeling.
* @exclude_list: containing a NULL terminated list of one or more
* directories not to be relabeled.
extern void selinux_restorecon_set_exclude_list(const char **exclude_list);
* selinux_restorecon_set_alt_rootpath - Use alternate rootpath.
* @alt_rootpath: containing the alternate rootpath to be used.
* Return %0 on success, -%1 with @errno set on failure.
extern int selinux_restorecon_set_alt_rootpath(const char *alt_rootpath);
* selinux_restorecon_xattr - Read/remove RESTORECON_LAST xattr entries.
* @pathname: specifies directory path to check.
* @xattr_flags: specifies the actions to be performed.
* @xattr_list: a linked list of struct dir_xattr structures containing
* the directory, digest and result of the action on the
* selinux_restorecon_xattr(3) will automatically call
* selinux_restorecon_default_handle(3) and selinux_restorecon_set_sehandle(3)
* first time through to set the selabel_open(3) parameters to use the
* currently loaded policy file_contexts and request their computed digest.
* Should other selabel_open(3) parameters be required see
* selinux_restorecon_set_sehandle(3), however note that a file_contexts
* computed digest is required for selinux_restorecon_xattr().
char *digest; /* A hex encoded string that can be printed. */
enum digest_result result;
extern int selinux_restorecon_xattr(const char *pathname,
unsigned int xattr_flags,
struct dir_xattr ***xattr_list);
/* Recursively descend directories. */
#define SELINUX_RESTORECON_XATTR_RECURSE 0x0001
/* Delete non-matching digests from each directory in pathname. */
#define SELINUX_RESTORECON_XATTR_DELETE_NONMATCH_DIGESTS 0x0002
/* Delete all digests found in pathname. */
#define SELINUX_RESTORECON_XATTR_DELETE_ALL_DIGESTS 0x0004
/* Do not read /proc/mounts. */
#define SELINUX_RESTORECON_XATTR_IGNORE_MOUNTS 0x0008
It is recommended that you Edit text format, this type of Fix handles quite a lot in one request
