Function: file-selinux-context
file-selinux-context is a function defined in fileio.c.
Signature
(file-selinux-context FILENAME)
Documentation
Return SELinux context of file named FILENAME.
The return value is a list (USER ROLE TYPE RANGE), where the list elements are strings naming the user, role, type, and range of the file's SELinux security context.
Return (nil nil nil nil) if the file is nonexistent, or if SELinux is disabled, or if Emacs lacks SELinux support.
Other relevant functions are documented in the file group.
Probably introduced at or before Emacs version 24.1.
Shortdoc
;; file
(file-selinux-context "/tmp/foo")
-> [it depends]Source Code
// Defined in /usr/src/emacs/src/fileio.c
{
Lisp_Object user = Qnil, role = Qnil, type = Qnil, range = Qnil;
Lisp_Object absname = expand_and_dir_to_file (filename);
#ifdef HAVE_LIBSELINUX
const char *file;
#endif /* HAVE_LIBSELINUX */
/* If the file name has special constructs in it,
call the corresponding file name handler. */
Lisp_Object handler = Ffind_file_name_handler (absname,
Qfile_selinux_context);
if (!NILP (handler))
return calln (handler, Qfile_selinux_context, absname);
#ifdef HAVE_LIBSELINUX
file = SSDATA (ENCODE_FILE (absname));
if (selinux_enabled_p (file))
{
char *con;
int conlength = lgetfilecon (file, &con);
if (conlength > 0)
{
context_t context = context_new (con);
if (context_user_get (context))
user = build_string (context_user_get (context));
if (context_role_get (context))
role = build_string (context_role_get (context));
if (context_type_get (context))
type = build_string (context_type_get (context));
if (context_range_get (context))
range = build_string (context_range_get (context));
context_free (context);
freecon (con);
}
else if (! (errno == ENOENT || errno == ENOTDIR || errno == ENODATA
|| errno == ENOTSUP))
report_file_error ("getting SELinux context", absname);
}
#endif /* HAVE_LIBSELINUX */
return list4 (user, role, type, range);
}