Expand description
SELinux security context labeling for filesystem trees.
This module implements SELinux policy parsing and file labeling functionality. It reads SELinux policy files (file_contexts, file_contexts.subs, etc.) and applies appropriate security.selinux extended attributes to filesystem nodes. The implementation uses regex automata for efficient pattern matching against file paths and types.
Structsยง
- Policy ๐
Constantsยง
- XATTR_
SECURITY_ SELINUX - The SELinux security context extended attribute name.
Functionsยง
- openat
- Open a file in the composefs store, handling inline vs external files.
- parse_
config ๐ - process_
spec_ ๐file - process_
subs_ ๐file - relabel ๐
- relabel_
dir ๐ - relabel_
inode ๐ - relabel_
leaf ๐ - selabel
- Applies SELinux security contexts to all files in a filesystem tree.
- strip_
selinux_ ๐labels