1#ifndef _SEPOL_USERS_H_ 2#define _SEPOL_USERS_H_ 3 4#include <sepol/policydb.h> 5#include <sepol/user_record.h> 6#include <sepol/handle.h> 7#include <stddef.h> 8#include <sys/cdefs.h> 9 10__BEGIN_DECLS 11 12/*---------compatibility------------*/ 13 14/* Given an existing binary policy (starting at 'data with length 'len') 15 and user configurations living in 'usersdir', generate a new binary 16 policy for the new user configurations. Sets '*newdata' and '*newlen' 17 to refer to the new binary policy image. */ 18extern int sepol_genusers(void *data, size_t len, 19 const char *usersdir, 20 void **newdata, size_t * newlen); 21 22/* Enable or disable deletion of users by sepol_genusers(3) when 23 a user in original binary policy image is not defined by the 24 new user configurations. Defaults to disabled. */ 25extern void sepol_set_delusers(int on); 26 27/*--------end compatibility----------*/ 28 29/* Modify the user, or add it, if the key is not found */ 30extern int sepol_user_modify(sepol_handle_t * handle, 31 sepol_policydb_t * policydb, 32 const sepol_user_key_t * key, 33 const sepol_user_t * data); 34 35/* Return the number of users */ 36extern int sepol_user_count(sepol_handle_t * handle, 37 const sepol_policydb_t * p, unsigned int *response); 38 39/* Check if the specified user exists */ 40extern int sepol_user_exists(sepol_handle_t * handle, 41 const sepol_policydb_t * policydb, 42 const sepol_user_key_t * key, int *response); 43 44/* Query a user - returns the user or NULL if not found */ 45extern int sepol_user_query(sepol_handle_t * handle, 46 const sepol_policydb_t * p, 47 const sepol_user_key_t * key, 48 sepol_user_t ** response); 49 50/* Iterate the users 51 * The handler may return: 52 * -1 to signal an error condition, 53 * 1 to signal successful exit 54 * 0 to signal continue */ 55extern int sepol_user_iterate(sepol_handle_t * handle, 56 const sepol_policydb_t * policydb, 57 int (*fn) (const sepol_user_t * user, 58 void *fn_arg), void *arg); 59 60__END_DECLS 61#endif 62