svcadm(1M)을 검색하려면 섹션에서 1M 을 선택하고, 맨 페이지 이름에 svcadm을 입력하고 검색을 누른다.
setflabel(3tsol)
Trusted Extensions Library Functions setflabel(3TSOL)
NAME
setflabel - change effective sensitivity label of a file
SYNOPSIS
cc [flag...] file... -ltsol [library...]
#include <tsol/label.h>
int setflabel(const char *path, const m_label_t *label_p);
DESCRIPTION
The setflabel() function applies the specified label to the files or
directories that exist within multilevel ZFS file systems.
When Trusted Extensions is enabled, setflabel() can also be used with
single-level filesystems. In that case files are moved into the zone
whose label corresponds to newlabel. The old file pathname is adjusted
so that it is relative to the root pathname of the new zone. If the old
pathname for a file's parent directory does not exist as a directory in
the new zone, the file is not moved. Once moved, the file might no
longer be accessible in the current zone.
The setflabel() function enforces the following policy checks:
o Files and directories on multilevel file systems are rela‐
beled in place; they are not moved, and the relabel script
described below does not apply to them.
For multilevel file systems, the label of a directory cannot
be changed if the directory is not empty. The new label for
an object must dominate the label of its parent directory.
If the new label does not match the label of the parent
directory, the caller must have the PRIV_FILE_UPGRADE_SL
privilege. The new label must be dominated by the mlslabel
property of the file system. If the caller is not in the
global zone, the zone label must dominate the new label.
The remaining policy checks below apply to multilevel file
systems as well, except where otherwise noted.
o If the sensitivity label of label_p equals the existing sen‐
sitivity label, then the file is not affected.
o If the corresponding directory does not exist in the desti‐
nation zone, or if the directory exists, but has a different
label than label_p, the file is not moved. Also, if the file
already exists in the destination directory, the file is not
moved. This does not apply to multilevel file systems.
o If the sensitivity label of the existing file is not equal
to the calling process label and the caller is not in the
global zone, then the file is not affected. If the caller is
in the global zone and the file in not on a multilevel file
systems, the existing file label must be in a labeled zone
(not ADMIN_LOW or ADMIN_HIGH).
o If the calling process does not have write access to both
the source and destination directories, then the calling
process must have PRIV_FILE_DAC_WRITE in its set of effec‐
tive privileges.
o If the sensitivity label of label_p provides read only
access to the existing sensitivity label (an upgrade), then
the user must have the solaris.label.file.upgrade authoriza‐
tion. In addition, if the current zone is a labeled zone,
then it must have been assigned the privilege
PRIV_FILE_UPGRADE_SL when the zone was configured.
o If the sensitivity label of label_p does not provide access
to the existing sensitivity label (a downgrade), then the
calling user must have the solaris.label.file.downgrade
authorization. In addition, if the current zone is a labeled
zone, then it must have been assigned the privilege
PRIV_FILE_DOWNGRADE_SL when the zone was configured.
o If the calling process is not in the global zone, and the
user does not have the solaris.label.range authorization,
then label_p must be within the user's label range and
within the system accreditation range.
o If the existing file is in use (not tranquil) it is not
affected. This tranquility check does not cover race condi‐
tions nor remote file access.
Additional policy constraints can be implemented by customizing the
shell script /etc/security/tsol/relabel. See the comments in this file.
Note that this script does not apply to multilevel file systems.
RETURN VALUES
Upon successful completion, setflabel() returns 0. Otherwise it returns
-1 and sets errno to indicate the error.
ERRORS
The setflabel() function fails and the file is unchanged if:
EACCES Search permission is denied for a component of the path
prefix of path.
The calling process does not have mandatory write
access to the final component of path because the sen‐
sitivity label of the final component of path does not
dominate the sensitivity label of the calling process
and the calling process does not have
PRIV_FILE_MAC_WRITE in its set of effective privileges.
EBUSY There is an open file descriptor reference to the final
component of path.
ECONNREFUSED A connection to the label daemon could not be estab‐
lished.
EEXIST A file with the same name exists in the destination
directory.
EINVAL Improper parameters were received by the label daemon.
For callers not in the global zone and when path is not
on a multilevel ZFS file system, the specified label
does not match the caller's label.
For multilevel ZFS file systems, the specified label is
not dominated by all of the following: the file system
MLSLABEL property, the label of the parent directory of
path, and the caller's label.
EISDIR The existing file is a directory.
ELOOP Too many symbolic links were encountered in translating
path.
EMLINK The existing file is hardlinked to another file.
ENAMETOOLONG The length of the path argument exceeds PATH_MAX.
ENOENT The file referred to by path does not exist.
EROFS The file system is read-only or its label is ADMIN_LOW
or ADMIN_HIGH.
ATTRIBUTES
See attributes(7) for descriptions of the following attributes:
tab() box; cw(2.17i) |cw(3.33i) lw(2.17i) |lw(3.33i) ATTRIBUTE TYPEAT‐
TRIBUTE VALUE _ Interface StabilityCommitted _ MT-LevelMT-Safe
SEE ALSO
libtsol(3LIB), attributes(7), zfs(8)
Oracle Solaris 11.4 18 Aug 2014 setflabel(3TSOL)