dg_gettuple(2) DG/UX B2 Security R4.12MU02 dg_gettuple(2)
NAME
dggettuple - get the mandatory access control (MAC) range tuple of
an object
SYNOPSIS
#include <sys/types.h>
#include <sys/dgtparms.h>
#include <sys/mac.h>
int dggettuple(targtype, targ, tuple, tuplesize, texttuple,
texttuplesize)
int targtype;
const void *targ;
mactuplestructt *tuple;
int *tuplesize;
char *texttuple;
int *texttuplesize;
where:
targtype A token that identifies the type of object whose MAC
range tuple is fetched. The available tokens are
defined in sys/dgtparms.h as follows:
TPROC The object is an existing process on the
system.
TFILE The object is a file identified by a
pathname.
TFD The object is a file, socket or pipe
identified by a descriptor.
TMSG The object is a message queue identified by
a message queue identifier.
TSHM The object is a shared memory segment
identified by a shared memory segment
identifier.
TSEM The object is a semaphore identified by a
semaphore set identifier.
targ The address of the identifier of the object whose MAC
range tuple is to be fetched. The value of targtype
determines the type of entity that targ points to as
follows:
TPROC targ points to a process id (type pidt).
TFILE targ points to a pathname string.
TFD targ points to a file, socket or pipe
descriptor.
TMSG targ points to a message queue identifier.
TSHM targ points to shared memory segment
identifier.
TSEM targ points to a semaphore set identifier.
tuple The address of a mactuplestructt structure into
which dggettuple copies the object's MAC range tuple.
tuplesize Pointer to an integer containing the size in bytes of
the MAC range tuple structure pointed to by tuple.
texttuple Currently unused. Should be a NULL pointer.
texttuplesize Currently unused. Should be a NULL pointer.
DESCRIPTION
The dggetuple system call gets the MAC range tuple for the object
identified by targtype and targ, and copies it into the
mactuplestructt structure pointed to by tuple.
ACCESS CONTROL
To get the MAC range tuple of an object, a process must have MAC read
access to the object. When the object is a file name the process
must also have MAC read access to the file's parent directory, and
have search access to the file's parent directory path.
RETURN VALUE
0 Successful completion.
-1 An error occurred. errno is set to indicate the error.
ERRORS
Errno may be set to one of the following error codes:
EACCES The caller does not have the required access rights to
the object.
ENOENT The object does not exist.
ENAMETOOLONG A component of the pathname pointed at by targ exceeds
the length limit for filenames.
EFAULT The tuple parameter specified as area of memory not
accessible to the calling process.
ENOMEM The operating system was unable to allocate sufficient
internal memory to process the system call.
EINVAL Invalid parameter passed.
EOPNOTSUPP This operation is not supported for the targtype or
object passed.
ENOSYS MAC is not configured on the system.
EDGNOATTR The object has no MAC range tuple.
E2BIG The supplied buffer is too small. The required size is
stored in tuplesize.
SEE ALSO
gettuple(1), settuple(1M), dggetomac(2), dgsetomac(2),
dgsettuple(2), dgsettmpomac(2), capdefaults(5), macdefs(5).
Licensed material--property of copyright holder(s)