Tribblix: manual page: setflabel.3tsol

SETFLABEL(3TSOL) Trusted Extensions Library Functions SETFLABEL(3TSOL)

NAME

setflabel - move file to zone with corresponding sensitivity label

SYNOPSIS

cc [flag...] file... -ltsol [library...]

#include <tsol/label.h>

int setflabel(const char *path, const m_label_t *label_p);

DESCRIPTION

The file that is named by path is relabeled by moving it to a new
pathname relative to the root directory of the zone corresponding to
label_p. If the source and destination file systems are loopback
mounted from the same underlying file system, the file is renamed.
Otherwise, the file is copied and removed from the source directory.

The setflabel() function enforces the following policy checks:

o If the sensitivity label of label_p equals the existing
sensitivity label, then the file is not moved.

o If the corresponding directory does not exist in the
destination zone, or if the directory exists, but has a
different label than label_p, the file is not moved. Also,
if the file already exists in the destination directory,
the file is not moved.

o If the sensitivity label of the existing file is not equal
to the calling process label and the caller is not in the
global zone, then the file is not moved. If the caller is
in the global zone, the existing file label must be in a
labeled zone (not ADMIN_LOW or ADMIN_HIGH).

o If the calling process does not have write access to both
the source and destination directories, then the calling
process must have PRIV_FILE_DAC_WRITE in its set of
effective privileges.

o If the sensitivity label of label_p provides read only
access to the existing sensitivity label (an upgrade),
then the user must have the solaris.label.file.upgrade
authorization. In addition, if the current zone is a
labeled zone, then it must have been assigned the
privilege PRIV_FILE_UPGRADE_SL when the zone was
configured.

o If the sensitivity label of label_p does not provide
access to the existing sensitivity label (a downgrade),
then the calling user must have the
solaris.label.file.downgrade authorization. In addition,
if the current zone is a labeled zone, then it must have
been assigned the privilege PRIV_FILE_DOWNGRADE_SL when
the zone was configured.

o If the calling process is not in the global zone, and the
user does not have the solaris.label.range authorization,
then label_p must be within the user's label range and
within the system accreditation range.

o If the existing file is in use (not tranquil) it is not
moved. This tranquility check does not cover race
conditions nor remote file access.

Additional policy constraints can be implemented by customizing the
shell script /etc/security/tsol/relabel. See the comments in this
file.

RETURN VALUES

Upon successful completion, setflabel() returns 0. Otherwise it
returns -1 and sets errno to indicate the error.

ERRORS

The setflabel() function fails and the file is unchanged if:

EACCES
Search permission is denied for a component of the
path prefix of path.

The calling process does not have mandatory write
access to the final component of path because the
sensitivity label of the final component of path does
not dominate the sensitivity label of the calling
process and the calling process does not have
PRIV_FILE_MAC_WRITE in its set of effective
privileges.

EBUSY
There is an open file descriptor reference to the
final component of path.

ECONNREFUSED
A connection to the label daemon could not be
established.

EEXIST
A file with the same name exists in the destination
directory.

EINVAL
Improper parameters were received by the label
daemon.

EISDIR
The existing file is a directory.

ELOOP
Too many symbolic links were encountered in
translating path.

EMLINK
The existing file is hardlinked to another file.

ENAMETOOLONG
The length of the path argument exceeds PATH_MAX.

ENOENT
The file referred to by path does not exist.

EROFS
The file system is read-only or its label is
ADMIN_LOW or ADMIN_HIGH.

ATTRIBUTES

NOTES

The functionality described on this manual page is available only if
the system is configured with Trusted Extensions.

July 20, 2007 SETFLABEL(3TSOL)