mac_library(3) DG/UX B2 Security R4.12MU02 mac_library(3)
NAME
maclibrary: macdominate, macequal, macfgetflabel, macfreelabel,
macgetflabel, macgetplabel, macgetsize, macglb,
maclabeltotext, maclub, macsetflabel, macsetplabel,
mactextlabellnth, mactexttolabel, macvalid,
macaliastocategory, macaliastohierarchy, macaliastolabel,
maccategorytoalias, macfsetflabel, macgetaliases,
macgetcategories, macgethierarchies, machierarchytoalias,
macinfoclose, macinfoopen, macinternalalloc, macinternalcopy,
macinternalfree, maclabeltoalias, macreadject, macwriteject,
rangealiastorange, rangegetsize, rangeinternalalloc,
rangeinternalcopy, rangeinternalfree, rangeintersect,
rangelohitorange, rangereadject, rangetoalias,
rangetolohi, rangevalid, rangewriteject,
dgtuplealiastotuple, dgtupleallocempty, dgtupleallocfull,
dgtupleclearregion, dgtuplecontainslabel, dgtuplecopy,
dgtuplefree, dgtuplegetsize, dgtupleintersect,
dgtupleisempty, dgtupleissubset, dgtupleregionexists,
dgtupletoalias, dgtupleupdaterange, dgtuplevalid - MAC
routines in libtrust.a
SYNOPSIS
The following functions are modeled after the POSIX 1003.6 Draft
ballot functions of the same name:
#include <sys/mac.h>
int macdominate (maclabelt labelA,
maclabelt labelB)
int macequal (maclabelt labelA,
maclabelt labelB)
ssizet macfgetflabel (int fildes,
maclabelt *labelp)
int macfreelabel (maclabelt label)
ssizet macgetflabel (const char *path,
maclabelt *labelp)
ssizet macgetplabel (maclabelt *labelp)
ssizet macgetsize (maclabelt label)
ssizet macglb (maclabelt labelA,
maclabelt labelB,
maclabelt *bound)
int maclabeltotext (maclabelt label,
char *text,
ssizet length)
ssizet maclub (maclabelt labelA,
maclabelt labelB,
maclabelt *bound)
int macsetflabel (const char *path,
maclabelt label)
int macsetplabel (maclabelt label)
int mactextlabellnth (maclabelt label)
ssizet mactexttolabel (maclabelt *labelp,
char *text)
int macvalid (maclabelt label)
The following functions are specific to the Data General
implementation and may not be portable to other systems:
#include <mac.h>
int macaliastocategory (int *catp,
char *alias)
int macaliastohierarchy (int *hierp,
char *alias)
ssizet macaliastolabel (maclabelt *labelp,
char *alias)
ssizet maccategorytoalias (int cat,
macaliastype type,
char **aliasp)
int macfsetflabel (int fildes,
maclabelt label)
ssizet macgetaliases (macaliastype type,
char **aliasp)
ssizet macgetcategories (macaliastype type,
char **aliasp)
ssizet macgethierarchies (macaliastype type,
char **aliasp)
ssizet machierarchytoalias (int hier,
macaliastype type,
char **aliasp)
int macinfoclose ();
int macinfoopen ();
int macinternalalloc (maclabelt *labelp)
int macinternalcopy (maclabelt src,
maclabelt dest)
int macinternalfree (maclabelt *labelp)
ssizet maclabeltoalias (maclabelt label,
macaliastype type,
char **aliasp)
int macreadject (jectjecttype jecttype,
int targtype,
const void *targ,
maclabelt label,
textmacpktt *textmacptr,
int flags)
int macwriteject (jectjecttype jecttype,
int targtype,
const void *targ,
maclabelt label,
textmacpktt *textmacptr,
int flags)
ssizet rangealiastorange (macranget *rangep,
char *alias)
ssizet rangegetsize (macranget range)
int rangeinternalalloc (macranget *rangep)
int rangeinternalcopy (macranget src,
macranget dest)
int rangeinternalfree (macranget *rangep)
int rangeintersect (macranget range1,
macranget range2,
macranget *rangep)
ssizet rangelohitorange (macranget *rangep,
char *lo,
char *hi)
int rangereadject (jectjecttype jecttype,
int targtype,
const void *targ,
macranget range,
textrangepktt *textrangeptr,
int flags)
ssizet rangetoalias (macranget range,
macaliastype type,
char **aliasp)
ssizet rangetolohi (macranget range,
macaliastype type,
char **lop,
char **hip)
int rangevalid (macranget range)
int rangewriteject (jectjecttype jecttype,
int targtype,
const void *targ,
macranget range,
textrangepktt *textrangeptr,
int flags)
int dgtuplealiastotuple (mactuplet *tuplep,
char *alias,
dgseccredt *seccredptr)
int dgtupleallocempty (mactuplet *tuplep)
int dgtupleallocfull (mactuplet *tuplep)
int dgtupleclearregion (mactuplet tuplep,
int region)
int dgtuplecontainslabel (mactuplet tuple,
maclabelt label)
int dgtuplecopy (mactuplet srctuple,
mactuplet *dsttuple)
void dgtuplefree (mactuplet *tuplep)
ssizet dgtuplegetsize (mactuplet tuplep)
int dgtupleintersect (mactuplet tuple1,
mactuplet tuple2,
mactuplet *resultp)
int dgtupleisempty (mactuplet tuplep)
int dgtupleissubset (mactuplet tuple1,
mactuplet tuple2)
int dgtupleregionexists (mactuplet tuplep,
int region)
ssizet dgtupletoalias (mactuplet tuplep,
macaliastype type,
char **alias,
dgseccredt *seccredptr)
int dgtupleupdaterange (mactuplet tuplep,
maclabelt lo,
maclabelt hi)
int dgtuplevalid (mactuplet tuplep)
DESCRIPTION
These functions implement mandatory access control (MAC).
macdominate
This function determines whether labelA dominates labelB. This check
is performed by macd(1M). This function returns a 0 if labelA
dominates labelB; otherwise, it returns -1.
Errors:
EINVAL labelA or labelB is not a previously allocated label.
EINVAL labelA does not dominate labelB.
macequal
This function determines whether labelA is equal to labelB. This
check is performed by macd(1M). This function returns a 0 if labelA
equals labelB; otherwise, it returns -1.
Errors:
EINVAL labelA or labelB is not a previously allocated label.
EINVAL labelA does not equal labelB.
macfgetflabel
This function reads the MAC label of a file object. Upon success the
function allocates storage space for the MAC label (which may be
freed with a call to macfreelabel()), places the internal
representation of the MAC label in this space, sets labelp to point
to this location, and returns its length. Upon failure the function
allocates no space, returns -1, and sets errno to the appropriate
value. To read the MAC label of a file object, a process must have
MAC attribute read access to the file object.
Errors:
ENOMEM The MAC label requires more memory than the system is able to
provide.
EBADF The file descriptor argument was out of range or did not
refer to an open file.
macfreelabel
This function frees memory previously allocated by calls to any MAC
label function that allocates memory on the caller's behalf.
Errors:
EINVAL label is not a previously allocated label.
macgetflabel
This function reads the MAC label of a file object. Upon success the
function allocates storage space for the MAC label (which may be
freed with a call to macfreelabel()), places the internal
representation of the MAC label in this space, sets labelp to point
to this location, and returns its length. Upon failure the function
allocates no space, returns -1, and sets errno to the appropriate
value. To read the MAC label of a file object, a process must have
MAC attribute read access to the file object.
Errors:
ENOMEM The MAC label requires more memory than the system is
able to provide.
EACCES Search permission is denied on a component of the path
prefix.
EACCES Attribute read access to the file object is denied.
ENAMETOOLONG The length of path exceeds {PATH_MAX}, or a pathname
component is longer than {NAME_MAX} while
{POSIX_NO_TRUNC} is in effect.
ENOTDIR A component of the path prefix is not a directory.
ENOENT The named file object does not exist or path points to
an empty string.
macgetplabel
This function reads the clearance label of the requesting process.
Upon success the function allocates storage space for the MAC label
(which may be freed with a call to macfreelabel()), places the
internal representation of the MAC label in this space, sets labelp
to point to this location, and returns its length. Upon failure the
function allocates no space, returns -1, and sets errno to the
appropriate value.
Errors:
ENOMEM The MAC label requires more memory than the system is able to
provide.
macgetsize
This function returns the size of the structure referred to by label.
Errors:
EINVAL label is not a previously allocated label.
macglb
This function (greatest lower bound) returns the (valid) MAC label
bound, if it exists, that is dominated by both the MAC labels labelA
and labelB and dominates all other valid MAC labels that are
dominated by both labelA and labelB.
Upon success the function allocates storage space for the MAC label
(which may be freed with a call to macfreelabel()), places the
internal representation of the MAC label in this space, sets labelp
to point to this location, and returns its length. Upon failure the
function allocates no space, returns -1, and sets errno to the
appropriate value.
Errors:
EINVAL labelA or labelB is not a previously allocated label.
ENOMEM The MAC label requires more memory than the system is able to
provide.
maclabeltotext
This function converts the internal representation of the MAC label
label into its text representation returned in text. The buffer
described by the text and length parameters should be large enough to
hold this representation. The buffer size required for the text
representation of a label may be obtained by calling
mactextlabellnth before calling this function.
Errors:
EINVAL label is not a previously allocated label or cannot be
converted to text by this process.
EINVAL the text and length parameters do not describe a sufficiently
large buffer.
maclub
This function (least upper bound) returns the (valid) MAC label
bound, if it exists, that dominates both the MAC labels labelA and
labelB and is dominated by all other valid MAC labels that dominate
both labelA and labelB.
Upon success the function allocates storage space for the MAC label
(which may be freed with a call to macfreelabel()), places the
internal representation of the MAC label in this space, sets labelp
to point to this location, and returns its length. Upon failure the
function allocates no space, returns -1, and sets errno to the
appropriate value.
Errors:
EINVAL labelA or labelB is not a previously allocated label.
ENOMEM The MAC label requires more memory than the system is able to
provide.
macsetflabel
This function sets the MAC label of a file object specified by path
to label. The caller must satisfy the requirements of the
dgsetomac(2) system call.
Errors:
EINVAL label is not a valid MAC label for path for this
process.
EACCES Search permission is denied on a component of the path
prefix.
EACCES Attribute read access to the file object is denied.
ENAMETOOLONG The length of path exceeds {PATH_MAX}, or a pathname
component is longer than {NAME_MAX} while
{POSIX_NO_TRUNC} is in effect.
ENOTDIR A component of the path prefix is not a directory.
ENOENT The named file object does not exist or path points to
an empty string.
EPERM An attempt was made to change the MAC label on a file
and the process does not have appropriate privilege.
EROFS An attempt was made to modify a file object on a file
system that is mounted read-only.
EBUSY The file object named by path is currently in use by
another process.
macsetplabel
This function writes the clearance label of the requesting process.
The new clearance label is specified by label. A process must
possess appropriate privilege to perform this action.
Errors:
EINVAL label is not a previously allocated label.
EPERM The process attempted to modify its clearance label and does
not have appropriate privilege.
mactextlabellnth
This function returns the length of the text representation that
would be generated by maclabeltotext() including the terminal NULL
character.
Errors:
EINVAL label is not a previously allocated label.
mactexttolabel
This function converts the text representation of a MAC label text
into its internal representation. Upon success the function
allocates storage space for the MAC label (which may be freed with a
call to macfreelabel()), places the internal representation of the
MAC label in this space, sets labelp to point to this location, and
returns its length. Upon failure the function allocates no space,
returns -1, and sets errno to the appropriate value.
Errors:
EINVAL label is not a previously allocated label.
ENOMEM The MAC label requires more memory than the system is able to
provide.
macvalid
This function determines if label is a valid MAC label. This
function returns a 0 if label is valid; otherwise, it returns -1.
Errors:
EINVAL label is not a valid MAC label.
macaliastocategory
This function translates a category alias to its value as defined in
the MAC alias database. catp is set to this value. The category
must be defined and the subject clearance label must contain the
specified category or the subject must have appropriate privilege in
order for this function to succeed.
Errors:
EINVAL alias is not a valid category alias for this process.
macaliastohierarchy
This function translates a hierarchy alias to its value as defined in
the MAC alias database. hierp is set to this value. The hierarchy
must be defined and the hierarchy in the subject clearance label must
be equal to or greater then the specified hierarchy or the subject
must have appropriate privilege in order for this function to
succeed.
Errors:
EINVAL alias is not a valid hierarchy alias for this process.
macaliastolabel
This function converts the text representation of a MAC label alias
into its internal representation. Upon success the function
allocates storage space for the MAC label (which may be freed with a
call to macfreelabel()), places the internal representation of the
MAC label in this space, sets labelp to point to this location, and
returns its length. Upon failure the function allocates no space,
returns -1, and sets errno to the appropriate value.
Errors:
EINVAL label is not a previously allocated label.
ENOMEM The MAC label requires more memory than the system is able to
provide.
maccategorytoalias
This function translates a category value to its alias as defined in
the mac alias database. The function returns the long form of the
alias by default. The category must be defined and the subject
clearance label must contain the specified category or the subject
must have appropriate privilege in order for this function to
succeed. The function allocates the string *aliasp and returns its
length upon success; it returns -1 and the appropriate errno on
failure.
type can have the following flags set:
M_ABBREV Return the abbreviation, not the default long name.
Errors:
EINVAL cat is not a valid category for this process.
macfsetflabel
This sets the MAC label on the file object specified by fildes to the
MAC label label. The function is similar to the POSIX
macsetflabel(), but it requires a file descriptor instead of a
pathname.
Errors:
EINVAL label is not a valid MAC label for path for this process.
EPERM An attempt was made to change the MAC label on a file and the
process does not have appropriate privilege.
EROFS An attempt was made to modify a file object on a file system
that is mounted read-only.
EBUSY The file object named by path is currently in use by another
process.
EBADF The file descriptor argument was out of range or did not
refer to an open file.
macgetaliases
This function lists all MAC label aliases currently defined in the
system for appropriately privileged subjects. Upon success, the
function allocates the string *aliasp and returns its length; on
failure, it returns -1 and the appropriate errno. The aliases are
listed (when possible) in order of ascending dominance.
type must have either M_ALIAS or M_DEFINITION set. M_ABBREV and
M_ALL are optional. Valid type flags are as follows:
M_ALIAS List the MAC label aliases if any exist. If none
exist, list the MAC label in terms of hierarchy and
categories. M_ALIAS and M_DEFINITION are mutually
exclusive.
M_DEFINITION List the MAC labels in terms of hierarchy and
categories instead of alias names. M_DEFINITION and
M_ALIAS are mutually exclusive.
M_ABBREV List abbreviations, not the default long names.
M_ABBREV can be OR'ed with any of the other MAC alias
type values.
M_ALL List all equivalent aliases on a separate line with
each alias separated by a single space character. The
last substring is the alias in terms of hierarchy and
categories. The newline character ('\n') is the last
character in the line. The last defined alias is
listed first. M_ALL can be OR'ed with any of the other
MAC alias type values.
Errors:
EPERM The subject is not appropriately privileged.
EINVAL type is not a valid choice as defined above.
ENOMEM There was insufficient memory to allocate *aliasp.
macgetcategories
This function lists all MAC label category aliases currently defined
in the system for appropriately privileged subjects. Upon success,
the function allocates the string *aliasp and returns its length; on
failure, it returns -1 and the appropriate errno. The aliases are
listed in order of ascending defined value.
type must be M_CAT. M_ABBREV is optional. type values are:
M_CAT List the MAC label category aliases if any exist.
M_ABBREV List the abbreviations, not the default long names.
M_ABBREV can be OR'ed with M_CAT.
Errors:
EPERM The subject is not appropriately privileged.
EINVAL type is not a valid choice as defined above.
ENOMEM There was insufficient memory to allocate *aliasp.
macgethierarchies
This function lists all MAC label hierarchy aliases currently defined
in the system for appropriately privileged subjects. Upon success,
the function allocates the string *aliasp and returns its length; on
failure, it returns -1 and the appropriate errno. The aliases are
listed in order of ascending dominance.
type must be M_HIER. M_ABBREV is optional. type values are:
M_HIER List the MAC label hierarchy aliases if any exist.
M_ABBREV List the abbreviations, not the default long names.
M_ABBREV can be OR'ed with M_HIER.
Errors:
EPERM The subject is not appropriately privileged.
EINVAL type is not a valid choice as defined above.
ENOMEM There was insufficient memory to allocate *aliasp.
machierarchytoalias
This function translates a hierarchy value to its alias as defined in
the mac alias database. The function returns the long form of the
alias by default. The hierarchy must be defined and hierarchy in the
subject clearance label must be equal to or greater than the
specified hierarchy or the subject must have appropriate privilege in
order for this function to succeed. The function allocates the
string *aliasp and returns its length upon success; it returns -1 and
the appropriate errno on failure.
type can have the following flags set:
M_ABBREV Return the abbreviation, not the default long name.
Errors:
EINVAL hier is not a valid category for this process.
macinfoclose
This function closes the connection to macd(1M). It is not necessary
to call this function unless you desire special processing outside
the features provided by the MAC library routines.
Errors:
None (other than ENOSYS).
macinfoopen
This function opens a connection to macd(1M). This call is not
necessary unless you need features not provided by the MAC library
routines. All functions that need to communicate with macd will
automatically open the connection.
If this function is not called, then every function call that uses
macd opens the connection and closes it when done. The connection to
macd should be held open only as long as is necessary and should be
closed as soon as possible with macinfoclose().
Errors:
None (other than ENOSYS).
macinternalalloc
This function allocates storage for a MAC label. The function
allocates a MAC label for macreadject() and macwriteject(). The
function also initializes the MAC label structure to currently valid
values specifying that it is not a MAC label. If successful, the
function returns 0; otherwise, the function returns -1 with the
appropriate errno.
Errors:
ENOMEM The MAC label requires more memory than the system is able to
provide.
macinternalcopy
This function is used to copy the MAC label src to the MAC label
dest.
Errors:
EINVAL src or dest is not a valid MAC label as allocated by
macinternalalloc().
macinternalfree
This function frees the specified MAC label storage pointed to by
labelp.
Errors
EINVAL labelp is not a label allocated by macinternalalloc() or
labelp is NULL.
maclabeltoalias
This function translates the specified MAC label to its alias as
defined in the MAC alias database. The label or its component
hierarchy and categories must be defined and the subject clearance
label must dominate the specified label or the subject must have
appropriate privilege in order for this function to succeed. The
function allocates the string *aliasp and returns its length upon
success; it returns -1 and the appropriate errno on failure.
type must have either M_ALIAS or M_DEFINITION set. M_ABBREV and
M_ALL are optional:
M_ALIAS Return the MAC label alias if one exists. If one does
not exist, return the MAC label in terms of hierarchy
and categories. M_ALIAS and M_DEFINITION are mutually
exclusive.
M_DEFINITION Return the MAC label in terms of hierarchy and
categories instead of a single alias name.
M_DEFINITION and M_ALIAS are mutually exclusive.
M_ABBREV Return the abbreviation, not the default long name.
M_ABBREV can be OR'ed with any of the other MAC alias
type values.
M_ALL Return all the aliases defined for this label. The
default is to return the last defined alias. M_ALL can
be OR'ed with any of the other MAC alias type values.
Errors:
EINVAL label is not a previously allocated label.
EINVAL type is not a valid choice as defined above.
macreadject
This function reads the MAC label of the specified target. The
process must have attribute read access to the target.
jecttype must be JECTOBJECT or JECTSUBJECT.
targtype If jecttype is JECTOBJECT, valid values are TFILE,
TSYMLINK and TFD. If jecttype is JECTSUBJECT, then
the only valid value is TPROC.
targ ject_type targ_type Value
JECTOBJECT TFILE pathname (char *)
JECTOBJECT TSYMLINK pathname (char *)
JECTOBJECT TFD pointer to file descriptor (int *)
JECTSUBJECT TPROC pointer to process ID (pidt *)
label MAC label previously allocated by macinternalalloc()
textmacptr Currently unused - must be set to NULL.
flags Must be 0. There are currently no values defined for
flags.
Errors:
EINVAL A parameter is not as defined above
EINVAL label is not a previously allocated label.
EACCES Search permission is denied on a component of the path
prefix.
EACCES Attribute read access to the file object is denied.
ENAMETOOLONG The length of path exceeds {PATH_MAX}, or a pathname
component is longer than {NAME_MAX} while
{POSIX_NO_TRUNC} is in effect.
ENOTDIR A component of the path prefix is not a directory.
ENOENT The named file object does not exist or path points to
an empty string.
macwriteject
This function sets the specified MAC label on the specified target.
A process must possess appropriate privilege to perform this action.
jecttype Must be JECTOBJECT or JECTSUBJECT.
targtype If jecttype is JECTOBJECT, valid values are TFILE,
TSYMLINK or TFD. If jecttype is JECTSUBJECT, then
the only valid value is TPROC.
targ ject_type targ_type Value
JECTOBJECT TFILE pathname (char *)
JECTOBJECT TSYMLINK pathname (char *)
JECTOBJECT TFD pointer to file descriptor (int *)
JECTSUBJECT TPROC pointer to process ID (pidt *)
label MAC label previously allocated by macinternalalloc()
textmacptr Currently unused - must be set to NULL.
flags Must be one of the following values:
MWJ_SETOMAC Set the MAC label implicit labels
can be affected
MWJ_SETOMAC_ONLY Set the explicit MAC label only
MWJ_SETTMPOMAC Set a temporary MAC label
MWJ_CVT_TO_IMPLICIT Convert the target's explicit MAC
label to an implicit if possible
Errors:
EINVAL label is not a valid MAC label for path for this
process.
EACCES Search permission is denied on a component of the path
prefix.
EACCES Attribute read access to the file object is denied.
ENAMETOOLONG The length of path exceeds {PATH_MAX}, or a pathname
component is longer than {NAME_MAX} while
{POSIX_NO_TRUNC} is in effect.
ENOTDIR A component of the path prefix is not a directory.
ENOENT The named file object does not exist or path points to
an empty string.
EPERM An attempt was made to change the MAC label on a file
and the process does not have appropriate privilege.
EROFS An attempt was made to modify a file object on a file
system that is mounted read-only.
EBUSY The file object named by path is currently in use by
another process.
rangealiastorange
This function converts the text representation of a MAC range text
into its internal representation. Upon success the function
allocates storage space for the MAC range (which may be freed with a
call to rangeinternalfree()), places the internal representation of
the range in this space, sets rangep to point to this location, and
returns its length. Upon failure the function allocates no space,
returns -1, and sets errno to the appropriate value.
Errors:
EINVAL range is not a previously allocated label.
ENOMEM The MAC range requires more memory than the system is able to
provide.
rangegetsize
This function returns the size in bytes of the MAC range structure
pointed to by range.
Errors:
EINVAL range is not a previously allocated range.
rangeinternalalloc
This function allocates storage for a MAC range. This function is
used to allocate a MAC range for rangereadject() and
rangewriteject(). The function also initializes the MAC range
structure to currently valid values specifying that it is not a MAC
range. If successful, the function returns 0; otherwise, the
function returns -1 with the appropriate errno.
Errors:
ENOMEM The MAC label requires more memory than the system is able to
provide.
rangeinternalcopy
This function is used to copy the MAC range src to the MAC range
dest.
Errors:
EINVAL src or dest is not a valid MAC range as allocated by
rangeinternalalloc().
rangeinternalfree
This function is used to free the specified MAC range storage pointed
to by rangep.
Errors:
EINVAL rangep is not a MAC range previously allocated by
rangeinternalalloc().
EINVAL rangep is NULL.
rangeintersect
This function takes two MAC ranges and generates their intersection.
Upon success, the function allocates storage space for the MAC
range (which may be freed with a call to rangeinternalfree()), sets
rangep to point to this location, and returns 0. Upon failure, the
function allocates no space, returns -1, and sets errno to the
appropriate value.
Errors:
EINVAL rangep is not a pointer to a NULL.
EINVAL range1 or range2 is NULL.
EINVAL range1 and range2 have different versions or types.
EINVAL range1 and range2 are completely disjoint, and have no
intersection.
ENOMEM The MAC range requires more memory than the system is able to
provide.
rangelohitorange
This function converts the text representation of a MAC range in
terms of its low MAC label alias lo and its high MAC label alias hi
into its internal representation. Upon success the function
allocates storage space for the MAC range (which may be freed with a
call to rangeinternalfree()), places the internal representation of
the range in this space, sets rangep to point to this location, and
returns its length. Upon failure the function allocates no space,
returns -1, and sets errno to the appropriate value.
Errors:
EINVAL range is not a previously allocated label.
ENOMEM The MAC range requires more memory than the system is able to
provide.
rangereadject
This function reads the MAC range of the specified target. The
process must have attribute read access to the target.
jecttype must be JECTOBJECT or JECTSUBJECT.
targtype If jecttype is JECTOBJECT, valid values are TFILE,
TSYMLINK and TFD. If jecttype is JECTSUBJECT, then
the only valid value is TPROC.
targ ject_type targ_type Value
JECTOBJECT TFILE pathname (char *)
JECTOBJECT TSYMLINK pathname (char *)
JECTOBJECT TFD pointer to file descriptor (int *)
JECTSUBJECT TPROC pointer to process ID (pidt *)
range MAC range previously allocated by
rangeinternalalloc().
textrangeptr Currently unused - must be set to NULL.
flags Must be 0. There are currently no values defined for
flags.
Errors:
EINVAL A parameter is not as defined above
EINVAL range is not a previously allocated range.
EACCES Search permission is denied on a component of the path
prefix.
EACCES Attribute read access to the file object is denied.
ENAMETOOLONG The length of path exceeds {PATH_MAX}, or a pathname
component is longer than {NAME_MAX} while
{POSIX_NO_TRUNC} is in effect.
ENOTDIR A component of the path prefix is not a directory.
ENOENT The named file object does not exist or path points to
an empty string.
rangetoalias
This function translates the specified MAC range to its alias. The
MAC range alias has the format RANGE_ALIAS_FMT as defined in mac.h
and is composed of the low MAC label alias and the high MAC label
alias. The range or its component hierarchies and categories must be
defined and the subject clearance label must dominate both the low
and high label of the specified range or the subject must have
appropriate privilege in order for this function to succeed. The
function allocates storage for lop and hip, the low and high label
aliases.
The function returns:
0 if the subject MAC label dominates both ends of the specified
MAC range. *aliasp is of the form:
-L low-end-MAC-alias -H high-end-MAC-alias
1 if the subject MAC label dominates the low end of the
specified MAC range, but not the high end. *aliasp is of the
form:
-L low-end-MAC-alias -H ?
-1 if the subject MAC label dominates neither end of the
specified MAC range. In this case *aliasp is not allocated
any memory.
type must have either M_ALIAS or M_DEFINITION set. M_ABBREV and
M_ALL are optional:
M_ALIAS Return the MAC range alias as two MAC label aliases if they
exist. If they do not exist, return the MAC labels in
terms of hierarchy and categories. M_ALIAS and
M_DEFINITION are mutually exclusive. M_DEFINITION Return
the low and high MAC label in terms of hierarchy and
categories instead of the alias name. M_DEFINITION and
M_ALIAS are mutually exclusive.
M_ABBREV Return the abbreviation, not the default long name.
M_ABBREV can be OR'ed with any of the other MAC alias type
values.
M_ALL Return all the aliases defined for the low and high MAC
label. The default is to return the last defined alias.
M_ALL can be OR'ed with any of the other MAC alias type
values.
*aliasp must be initialized to NULL.
Errors:
EINVAL range is not a previously allocated range.
EINVAL type is not a valid choice as defined above.
rangetolohi
This function translates the specified MAC range to its low and high
label aliases as defined in the MAC alias database. The range or its
component hierarchies and categories must be defined and the subject
clearance label must dominate both the low and high label of the
specified range or the subject must have appropriate privilege in
order for this function to succeed. The function allocates storage
for lop and hip, the low and high label aliases.
The function returns:
0 if the subject MAC label dominates both ends of the specified
MAC range. In this case *lop contains the MAC range low end
alias and *hip contains the MAC range high end alias.
1 if the subject MAC label dominates the low end of the
specified MAC range, but not the high end. In this case *lop
contains the MAC range low end alias and *hip is not allocated
any memory.
-1 if the subject MAC label dominates neither end of the
specified MAC range. In this case *lop and *hip are not
allocated any memory.
type must have either M_ALIAS or M_DEFINITION set. M_ABBREV and
M_ALL are optional. Valid types are:
M_ALIAS Return the MAC label alias if one exists. If one
does not exist, return the MAC label in terms of
hierarchy and categories. M_ALIAS and M_DEFINITION
are mutually exclusive. M_DEFINITION Return the MAC
label in terms of hierarchy and categories instead of
a single alias name. M_DEFINITION and M_ALIAS are
mutually exclusive.
M_ABBREV Return the abbreviation, not the default long name.
M_ABBREV can be OR'ed with any of the other MAC alias
type values.
M_ALL Return all the aliases defined for this label. The
default is to return the last defined alias. M_ALL
can be OR'ed with any of the other MAC alias type
values.
*lop and *hip must be initialized to NULL.
Errors:
EINVAL range is not a previously allocated range.
EINVAL type is not a valid choice as defined above.
rangevalid
This function determines if range is a valid MAC label. This
function returns a 0 if range is valid; otherwise, it returns -1.
Errors:
EINVAL range is not a valid MAC range.
rangewriteject
This function sets the specified MAC range on the specified target.
A process must possess appropriate privilege to perform this action.
jecttype Must be JECTOBJECT or JECTSUBJECT.
targtype If jecttype is JECTOBJECT, valid values are TFILE,
TSYMLINK or TFD. If jecttype is JECTSUBJECT, then
the only valid value is TPROC.
targ ject_type targ_type Value
JECTOBJECT TFILE pathname (char *)
JECTOBJECT TSYMLINK pathname (char *)
JECTOBJECT TFD pointer to file descriptor (int *)
JECTSUBJECT TPROC pointer to process ID (pidt *)
range MAC label previously allocated by
rangeinternalalloc()
textrangeptr Currently unused - must be set to NULL.
flags Must be 0.
Errors:
EINVAL range is not a valid MAC range for path for this
process.
EACCES Search permission is denied on a component of the path
prefix.
EACCES Attribute read access to the file object is denied.
ENAMETOOLONG The length of path exceeds {PATH_MAX}, or a pathname
component is longer than {NAME_MAX} while
{POSIX_NO_TRUNC} is in effect.
ENOTDIR A component of the path prefix is not a directory.
ENOENT The named file object does not exist or path points to
an empty string.
EPERM An attempt was made to change the MAC range on a file
and the process does not have appropriate privilege.
EROFS An attempt was made to modify a file object on a file
system that is mounted read-only.
EBUSY The file object named by path is currently in use by
another process.
dgtuplealiastotuple
This function converts the text representation of a MAC tuple alias
into its internal representation. Upon success the function
allocates storage space for the MAC tuple (which may be freed with a
call to dgtuplefree()), places the internal representation of the
MAC tuple in this space, sets tuplep to point to this location, and
returns its length. The calling process must have access to
translate the specified alias and, if the seccredptr argument is
not NULL, a process with the specified credentials must also have
access to translate the specified alias, or the call will fail. Upon
success the function returns 0. Upon failure, the function allocates
no space, returns -1, and sets errno to the appropriate value.
Errors:
EINVAL alias is not a a valid MAC tuple alias.
EACCES The calling process, and/or a process with the specified
credentials if seccredptr is not NULL, does not have access
to translate alias.
ENOMEM The MAC tuple requires more memory than the system is able to
provide.
dgtupleallocempty
This function allocates storage for a MAC tuple which is initially
empty. That is to say, the tuple contains no MAC ranges in any
region (the type of each range is set to MAC_RANGE_TYPE_NO_RANGE).
If successful, the function returns 0; otherwise, the function
returns -1 with the appropriate errno.
Errors:
ENOMEM The MAC tuple requires more memory than the system is able to
provide.
dgtupleallocfull
This function allocates storage for a MAC tuple which is initially
full. That is to say, the tuple contains all MAC ranges
(administrative region, user region and virus prevention region)
which cover their entire regions, respectively. If successful, the
function returns 0, otherwise, the function returns -1 with the
appropriate errno.
Errors:
ENOMEM The MAC tuple requires more memory than the system is able to
provide.
dgtupleclearregion
This function removes the MAC range from region in the specified
tuple. It does this by setting the type for the range in region to
MAC_RANGE_TYPE_NO_RANGE. region can have one of the following
values:
ADMIN_MAC_REGION Administrative MAC region.
USER_MAC_REGION User MAC region.
VP_MAC_REGION Virus prevention MAC region.
If successful, the function returns 0, otherwise, the function
returns -1 with the appropriate errno.
Errors:
EINVAL The specified tuple, tuplep is not valid or region is not a
valid region.
dgtuplecontainslabel
This function determines whether or not label is contained within
tuple. A MAC tuple contains a label if the label is within any of
the tuple's MAC ranges. If the tuple contains the label, the
function returns 1; otherwise, the function returns 0.
dgtuplecopy
This function allocates space for dsttuple and copies srctuple into
the newly allocated space. If successful, the function returns 0
otherwise, the function returns -1 with the appropriate errno.
Errors:
ENOMEM The MAC tuple requires more memory than the system is able to
provide.
dgtuplefree
This function frees memory previously allocated for a MAC tuple.
dgtuplegetsize
This function returns the size of the structure referred to by
tuplep.
dgtupleintersect
This function takes two MAC tuples and generates their intersection.
Upon success, the function allocates storage space for the MAC tuple,
sets resultp to point to this location, and returns 0. Upon
failure, the function allocates no space, returns -1, and sets errno
to the appropriate value. The intersection of two MAC tuples is
calculated as follows. For each region in the tuples, if both tuples
contain a range in the region, then the corresponding range in the
result tuple is the intersection of the two ranges. If either tuple
does not contain a range in the region, the corresponding region in
the result tuple does not contain a range.
Errors:
EINVAL tuple1 or tuple2 is NULL.
ENOMEM The MAC tuple requires more memory than the system is able to
provide.
dgtupleisempty
This function determines whether the MAC tuple referenced by tuplep
is empty. A MAC tuple is empty if it contains no MAC ranges in any
region. If tuple is empty, the function returns 0, otherwise, it
returns -1.
dgtupleissubset
This function determines whether or not tuple1 is a subset of tuple2.
tuple1 is a subset of tuple2 if each MAC range in tuple1 is a subset
of the corresponding MAC range in tuple2. If tuple1 is a subset of
tuple2, this function returns 1; otherwise, it returns 0.
dgtupleregionexists
This function determines whether or not a MAC range exists in region
of the MAC tuple referenced by tuplep. region can have one of the
following values:
ADMIN_MAC_REGION Administrative MAC region.
USER_MAC_REGION User MAC region.
VP_MAC_REGION Virus prevention MAC region.
If a range exists, this function returns 1; otherwise, it returns 0.
The function will also return 0 on error and will set errno to one of
the following values:
Errors:
EINVAL tuplep does not reference a valid MAC tuple.
dgtupletoalias
This function translates the specified MAC tuple to its alias as
defined in the MAC alias database. A MAC tuple alias is comprised of
the MAC range aliases for each MAC range in the tuple. For example,
an alias for a MAC tuple which has a full admin and user MAC range
would be "-L ADMIN_LO -H ADMIN_HI -L USER_LO -H USER_HI." All labels
or their component hierarchies and categories must be defined. The
calling process must have access to translate the specified tuple
and, if the seccredptr argument is not NULL, a process with the
specified credentials must also have access to translate the
specified tuple, or the call will fail. The function allocates the
string *aliasp and returns its length upon success; it returns -1 and
the appropriate errno on failure.
type must have either M_ALIAS or M_DEFINITION set. M_ABBREV and
M_ALL are optional:
M_ALIAS Return the aliases for the MAC labels if they exist.
If one does not exist, return that MAC label in terms
of hierarchy and categories. M_ALIAS and M_DEFINITION
are mutually exclusive.
M_DEFINITION Return the MAC labels in terms of hierarchy and
categories instead of single alias names. M_DEFINITION
and M_ALIAS are mutually exclusive.
M_ABBREV Return the abbreviation, not the default long name for
MAC label aliases. M_ABBREV can be OR'ed with any of
the other MAC alias type values.
M_ALL Return all the aliases defined for the labels. The
default is to return the last defined alias. M_ALL can
be OR'ed with any of the other MAC alias type values.
Errors:
EINVAL tuplep does not reference a valid MAC tuple.
EINVAL type is not a valid choice as defined above.
EACCES The calling process, or a process with the specified
credentials if seccredptr is not NULL, does not have access
to translate tuplep.
ENOMEM There was not enough memory to perform the operation.
dgtupleupdaterange
This function updates a MAC range in the MAC tuple referenced by
tuplep. The lo and hi MAC labels must be in the same MAC region and
hi must dominate lo. If tuplep did not previously have a range in
the region that contains lo and hi, the new range is added. If a
range already exists in the region, it is replaced by lo and hi.
Upon success, the function returns 0. Upon failure, the function
returns -1 and sets errno to the appropriate value.
Errors:
EINVAL tuplep does not reference a valid MAC tuple.
EINVAL lo or hi is not a valid MAC label.
EINVAL lo and hi are not in the same MAC region.
EINVAL hi does not dominate lo.
dgtuplevalid
This function determines if tuplep references a valid MAC tuple.
This function returns 0 if tuplep is valid; otherwise, it returns
-1.
Errors:
EINVAL tuplep does not reference a valid MAC tuple.
SEE ALSO
macd(1M), dgmacaccess(2), dgsetomac(2), dgsettuple(2),
settuple(1M), aalibrary(3), acllibrary(3), auditlibrary(3),
caplibrary(3), macdefs(4M).
Licensed material--property of copyright holder(s)