selinux.h 2.1 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960
  1. /* Header for nscd SELinux access controls.
  2. Copyright (C) 2004-2026 Free Software Foundation, Inc.
  3. This file is part of the GNU C Library.
  4. The GNU C Library is free software; you can redistribute it and/or
  5. modify it under the terms of the GNU Lesser General Public
  6. License as published by the Free Software Foundation; either
  7. version 2.1 of the License, or (at your option) any later version.
  8. The GNU C Library is distributed in the hope that it will be useful,
  9. but WITHOUT ANY WARRANTY; without even the implied warranty of
  10. MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
  11. Lesser General Public License for more details.
  12. You should have received a copy of the GNU Lesser General Public
  13. License along with the GNU C Library; if not, see
  14. <https://www.gnu.org/licenses/>. */
  15. #ifndef _SELINUX_H
  16. #define _SELINUX_H 1
  17. #include "nscd.h"
  18. #ifdef HAVE_LIBCAP
  19. # include <sys/capability.h>
  20. #endif
  21. #ifdef HAVE_SELINUX
  22. /* Global variable to tell if the kernel has SELinux support. */
  23. extern int selinux_enabled;
  24. /* Define this for AVC stat usage. */
  25. struct avc_cache_stats;
  26. /* Initialize the userspace AVC. */
  27. extern void nscd_avc_init (void);
  28. /* Determine if we are running on an SELinux kernel. */
  29. extern void nscd_selinux_enabled (int *selinux_enabled);
  30. /* Check if the client has permission for the request type. */
  31. extern int nscd_request_avc_has_perm (int fd, request_type req);
  32. /* Initialize AVC statistic information. */
  33. extern void nscd_avc_cache_stats (struct avc_cache_stats *cstats);
  34. /* Display statistics on AVC usage. */
  35. extern void nscd_avc_print_stats (struct avc_cache_stats *cstats);
  36. # ifdef HAVE_LIBCAP
  37. /* Preserve capabilities to connect to the audit daemon. */
  38. extern cap_t preserve_capabilities (void);
  39. /* Install final capabilities. */
  40. extern void install_real_capabilities (cap_t new_caps);
  41. # endif
  42. #else
  43. # define selinux_enabled 0
  44. # define nscd_avc_init() (void) 0
  45. # define nscd_selinux_enabled(selinux_enabled) (void) 0
  46. # define nscd_request_avc_has_perm(fd, req) 0
  47. # define nscd_avc_cache_stats(cstats) (void) 0
  48. # define nscd_avc_print_stats(cstats) (void) 0
  49. #endif /* HAVE_SELINUX */
  50. #endif /* _SELINUX_H */