public class SELinux extends Object
Constructor and Description |
---|
SELinux() |
Modifier and Type | Method and Description |
---|---|
static boolean |
checkSELinuxAccess(String scon,
String tcon,
String tclass,
String perm)
Check permissions between two security contexts.
|
static String |
getContext()
Gets the security context of the current process.
|
static String |
getFileContext(String path)
Get the security context of a file object.
|
static String |
getPeerContext(FileDescriptor fd)
Get the security context of a peer socket.
|
static String |
getPidContext(int pid)
Gets the security context of a given process id.
|
static boolean |
isSELinuxEnabled()
Determine whether SELinux is disabled or enabled.
|
static boolean |
isSELinuxEnforced()
Determine whether SELinux is permissive or enforcing.
|
static boolean |
restorecon(File file)
Restores a file to its default SELinux security context.
|
static boolean |
restorecon(String pathname)
Restores a file to its default SELinux security context.
|
static boolean |
restoreconRecursive(File file)
Recursively restores all files under the given path to their default
SELinux security context.
|
static boolean |
setFileContext(String path,
String context)
Change the security context of an existing file object.
|
static boolean |
setFSCreateContext(String context)
Sets the security context for newly created file objects.
|
public static final boolean isSELinuxEnabled()
public static final boolean isSELinuxEnforced()
public static final boolean setFSCreateContext(String context)
context
- a security context given as a String.public static final boolean setFileContext(String path, String context)
path
- representing the path of file object to relabel.context
- new security context given as a String.public static final String getFileContext(String path)
path
- the pathname of the file object.public static final String getPeerContext(FileDescriptor fd)
fd
- FileDescriptor class of the peer socket.public static final String getContext()
public static final String getPidContext(int pid)
pid
- an int representing the process id to check.public static final boolean checkSELinuxAccess(String scon, String tcon, String tclass, String perm)
scon
- The source or subject security context.tcon
- The target or object security context.tclass
- The object security class name.perm
- The permission name.public static boolean restorecon(String pathname) throws NullPointerException
true
is automatically returned.
If SELinux is compiled in, but disabled, then true
is
returned.pathname
- The pathname of the file to be relabeled.NullPointerException
- if the pathname is a null object.public static boolean restorecon(File file) throws NullPointerException
true
is automatically returned.
If SELinux is compiled in, but disabled, then true
is
returned.file
- The File object representing the path to be relabeled.NullPointerException
- if the file is a null object.public static boolean restoreconRecursive(File file)
true
is automatically returned. If SELinux is compiled in,
but disabled, then true
is returned.