/usr/include/qpol/class_perm_query.h is in libqpol-dev 3.3.8-3.1.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 | /**
* @file
* Defines the public interface for searching and iterating over
* classes, commons, and permissions.
*
* @author Kevin Carr kcarr@tresys.com
* @author Jeremy A. Mowery jmowery@tresys.com
* @author Jason Tang jtang@tresys.com
*
* Copyright (C) 2006-2007 Tresys Technology, LLC
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; either
* version 2.1 of the License, or (at your option) any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, write to the Free Software
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
*/
#ifndef QPOL_CLASS_PERM_QUERY_H
#define QPOL_CLASS_PERM_QUERY_H
#ifdef __cplusplus
extern "C"
{
#endif
#include <stddef.h>
#include <stdint.h>
#include <qpol/iterator.h>
#include <qpol/policy.h>
typedef struct qpol_class qpol_class_t;
typedef struct qpol_common qpol_common_t;
/* perms */
/**
* Get an iterator over the set of classes which contain a permission
* with the name perm. This function does not search for the permission
* in the class's inherited common.
* @param policy The policy from which to query the classes.
* @param perm The name of the permission to be matched. Must be non-NULL.
* @param classes The iterator of type qpol_class_t returned;
* the user is responsible for calling qpol_iterator_destroy
* to free memory used. It is also important to note
* that an iterator is only valid as long as the policy is unchanged.
* @return Returns 0 on success and < 0 on failure; if the call fails,
* errno will be set and *classes will be NULL;
*/
extern int qpol_perm_get_class_iter(const qpol_policy_t * policy, const char *perm, qpol_iterator_t ** classes);
/**
* Get an iterator over the set of commons which contain a permission
* with the name perm.
* @param policy The policy from which to query the commons.
* @param perm The name of the permission to be matched. Must be non-NULL.
* @param commons The iterator of type qpol_common_t returned;
* the user is responsible for calling qpol_iterator_destroy
* to free memory used. It is also important to note
* that an iterator is only valid as long as the policy is unchanged.
* @return Returns 0 on success and < 0 on failure; if the call fails,
* errno will be set and *commons will be NULL;
*/
extern int qpol_perm_get_common_iter(const qpol_policy_t * policy, const char *perm, qpol_iterator_t ** commons);
/* classes */
/**
* Get an object class by name.
* @param policy The policy from which to get the class.
* @param name The name of the class; searching is case sensitive.
* @param obj_class Pointer in which to store the class.
* Caller should not free this pointer.
* @return Returns 0 for success and < 0 for failure; if the call fails,
* errno will be set and *obj_class will be NULL;
*/
extern int qpol_policy_get_class_by_name(const qpol_policy_t * policy, const char *name, const qpol_class_t ** obj_class);
/**
* Get an iterator for object classes in the policy.
* @param policy The policy database from which to create the iterator.
* @param iter Iterator of type qpol_class_t* returned; the user
* is responsible for calling qpol_iterator_destroy to free memory used.
* It is also important to note that an iterator is only valid as long
* as the policy is unchanged.
* @return Returns 0 for success and < 0 for failure; if the call fails,
* errno will be set and *iter will be NULL.
*/
extern int qpol_policy_get_class_iter(const qpol_policy_t * policy, qpol_iterator_t ** iter);
/**
* Get the integer value associated with a class. Values range from 1 to
* the number of object classes declared in the policy.
* @param policy The policy with which the class is associated.
* @param obj_class Class from which to get the value. Must be non-NULL.
* @param value Pointer to the integer to be set to value. Must be non-NULL.
* @return Returns 0 on success and < 0 on failure; if the call fails,
* errno will be set and *value will be 0.
*/
extern int qpol_class_get_value(const qpol_policy_t * policy, const qpol_class_t * obj_class, uint32_t * value);
/**
* Get the common used by a class.
* @param policy The policy with which the class is associated.
* @param obj_class Class from which to get the value. Must be non-NULL.
* @param common Pointer to the common associated with this
* class; the caller should not free this pointer. Not all classes have an
* associated common so it is possible for *common to be NULL on success.
* @return Returns 0 on success and < 0 on failure; if the call fails,
* errno will be set and *common will be NULL.
*/
extern int qpol_class_get_common(const qpol_policy_t * policy, const qpol_class_t * obj_class,
const qpol_common_t ** common);
/**
* Get an iterator for the set of (unique) permissions for a class.
* @param policy The policy with which the class is associated.
* @param obj_class The class from which to get the permissions.
* @param perms Iterator of type char* returned for the list of
* permissions for this class. The list only contains permissions unique
* to the class not those included from a common. The iterator is only
* valid as long as the policy is unchanged; the caller is responsible
* for calling qpol_iterator_destroy to free memory used.
* @return Returns 0 for success and < 0 for failure; if the call fails,
* errno will be set and *perms will be NULL.
*/
extern int qpol_class_get_perm_iter(const qpol_policy_t * policy, const qpol_class_t * obj_class, qpol_iterator_t ** perms);
/**
* Get the name which identifies a class.
* @param policy The policy with which the class is associated.
* @param datum Class for which to get the name. Must be non-NULL.
* @param name Pointer to the string in which to store the name.
* Must be non-NULL. Caller should not free the string.
* @return Returns 0 on success and < 0 on failure; if the call fails,
* errno will be set and *name will be NULL.
*/
extern int qpol_class_get_name(const qpol_policy_t * policy, const qpol_class_t * obj_class, const char **name);
/* commons */
/**
* Get a common by name.
* @param policy from which to get the common.
* @param name The name of the common; searching is case sensitive.
* @param common Pointer in which to store the common.
* Caller should not free this pointer.
* @return Returns 0 on success and < 0 on failure; if the call fails,
* errno will be set and *common will be NULL.
*/
extern int qpol_policy_get_common_by_name(const qpol_policy_t * policy, const char *name, const qpol_common_t ** common);
/**
* Get an iterator for commons in the policy
* @param policy The policy from which to create the iterator.
* @param iter Iterator of type qpol_common_t* returned;
* the user is responsible for calling qpol_iterator_destroy to
* free memory used. It is also important to note that an iterator is
* only valid as long as the policy is unchanged.
* @return Returns 0 on success and < 0 on failure; if the call fails,
* errno will be set and *iter will be NULL.
*/
extern int qpol_policy_get_common_iter(const qpol_policy_t * policy, qpol_iterator_t ** iter);
/**
* Get the integer value associated with a common. Values range from 1 to
* the number of commons declared in the policy.
* @param policy The policy associated with the common.
* @param common The common from which to get the value.
* @param value Pointer to the integer to be set to value. Must be non-NULL.
* @return Returns 0 on success and < 0 on failure; if the call fails,
* errno will be set and *value will be 0.
*/
extern int qpol_common_get_value(const qpol_policy_t * policy, const qpol_common_t * common, uint32_t * value);
/**
* Get an iterator for the permissions included in a common.
* @param policy The policy associated with the common.
* @param common The common from which to get permissions.
* @param perms Iterator of type char* returned for the list of
* permissions for this common. The iterator is only valid as long
* as the policy is unchanged; the caller is responsible for calling
* qpol_iterator_destroy to free memory used.
* @return Returns 0 on success and < 0 on failure; if the call fails,
* errno will be set and *perms will be NULL.
*/
extern int qpol_common_get_perm_iter(const qpol_policy_t * policy, const qpol_common_t * common, qpol_iterator_t ** perms);
/**
* Get the name which identifies a common.
* @param policy associated with the common.
* @param common The common from which to get the name.
* @param name Pointer in which to store the name. Must be non-NULL;
* the caller should not free the string.
* @return Returns 0 on success and < 0 on failure; if the call fails,
* errno will be set and *name will be NULL.
*/
extern int qpol_common_get_name(const qpol_policy_t * policy, const qpol_common_t * common, const char **name);
#ifdef __cplusplus
}
#endif
#endif /* QPOL_CLASS_PERM_QUERY_H */
|