selinux_raw_context_to_color

Section: Misc. Reference Manual Pages (3)
Updated: 08 April 2011
Page Index
 

NAME

selinux_raw_context_to_color - Return RGB color string for an SELinux security context  

SYNOPSIS

#include <selinux/selinux.h>

int selinux_raw_context_to_color(char *raw,

char **color_str);
 

DESCRIPTION

selinux_raw_context_to_color() returns a color_str associated to the raw context raw provided that the mcstransd(8) daemon is running, the policy is an MLS type policy (MCS or MLS) and there is a color configuration file secolor.conf(5) (see the FILES section).

The color_str string is a space separated list of eight hexadecimal RGB triples, each prefixed by a hash character (#). These represent the user:role:type:range components of the foreground and background colors. An example string is shown in the EXAMPLE section.

The returned color_str string must be freed with free(3).

If a color has not been configured for a specific user, role, type and/or range component of context raw, then selinux_raw_context_to_color() will select the color returned in color_str in order of precedence as follows:

role, type, range
user, type, range
user, role, range
user, role, type

If there are no entries in the secolor.conf(5) file for any of the components of context raw (or the file is not present), then the default string returned in color_str is:

----- user ---- ---- role ---- ---- type ---- ---- range ----
#000000 #ffffff #000000 #ffffff #000000 #ffffff #000000 #ffffff

 

RETURN VALUE

On success, zero is returned.
On failure, -1 is returned with errno set appropriately.  

ERRORS

ENOENT If the mcstransd(8) daemon is not running.  

FILES

selinux_raw_context_to_color() obtains the translated entry from the active policy secolor.conf(5) file as returned by selinux_colors_path(3). The file format is described in secolor.conf(5).  

NOTES

1. The primary use of selinux_raw_context_to_color() is to return a color that corresponds to a range, that can then be used to highlight information at different MLS levels.

2. The mcstransd(8) daemon process security level must dominate the raw security level passed to it by the selinux_raw_context_to_color() function. If not, the range color selected will be as defined by the order of precedence.  

EXAMPLE

selinux_raw_context_to_color() returns the foreground and background colors of the context string components (user:role:type:range) as RGB triples as follows:


      user     :       role      :      type      :      range

  fg       bg  :   fg       bg   :  fg       bg   :  fg       bg  
#000000 #ffffff #ffffff #000000 #d2b48c #ffa500 #000000 #008000

 black   white :  white   black  : tan    orange  : black   green 
 

SEE ALSO

selinux(8), selinux_colors_path(3), mcstransd(8), secolor.conf(5), selinux_raw_to_trans_context(3), selinux_trans_to_raw_context(3), free(3)

 

Index

NAME
SYNOPSIS
DESCRIPTION
RETURN VALUE
ERRORS
FILES
NOTES
EXAMPLE
SEE ALSO