| Top |  |  |  |  | 
| SELinux policy managementSELinux policy management — Read SELinux policy and manage filesystem labels | 
| OstreeSePolicy * | ostree_sepolicy_new () | 
| OstreeSePolicy * | ostree_sepolicy_new_at () | 
| OstreeSePolicy * | ostree_sepolicy_new_from_commit () | 
| GFile * | ostree_sepolicy_get_path () | 
| const char * | ostree_sepolicy_get_name () | 
| gboolean | ostree_sepolicy_get_label () | 
| const char * | ostree_sepolicy_get_csum () | 
| gboolean | ostree_sepolicy_restorecon () | 
| gboolean | ostree_sepolicy_setfscreatecon () | 
| void | ostree_sepolicy_fscreatecon_cleanup () | 
A OstreeSePolicy object can load the SELinux policy from a given root and perform labeling.
OstreeSePolicy * ostree_sepolicy_new (GFile *path,GCancellable *cancellable,GError **error);
OstreeSePolicy * ostree_sepolicy_new_at (int rootfs_dfd,GCancellable *cancellable,GError **error);
| rootfs_dfd | Directory fd for rootfs (will not be cloned) | |
| cancellable | Cancellable | |
| error | Error | 
Since: 2017.4
OstreeSePolicy * ostree_sepolicy_new_from_commit (OstreeRepo *repo,const char *rev,GCancellable *cancellable,GError **error);
Extract the SELinux policy from a commit object via a partial checkout. This is useful for labeling derived content as separate commits.
This function is the backend of ostree_repo_commit_modifier_set_sepolicy_from_commit()
GFile *
ostree_sepolicy_get_path (OstreeSePolicy *self);
This API should be considered deprecated, because it's supported for policy objects to be created from file-descriptor relative paths, which may not be globally accessible.
gboolean ostree_sepolicy_get_label (OstreeSePolicy *self,const char *relpath,guint32 unix_mode,char **out_label,GCancellable *cancellable,GError **error);
Store in out_label
 the security context for the given relpath
 and
mode unix_mode
.  If the policy does not specify a label, NULL
will be returned.
| self | Self | |
| relpath | Path | |
| unix_mode | Unix mode | |
| out_label | Return location for security context. | [allow-none][out][transfer full] | 
| cancellable | Cancellable | |
| error | Error | 
const char *
ostree_sepolicy_get_csum (OstreeSePolicy *self);
Since: 2016.5
gboolean ostree_sepolicy_restorecon (OstreeSePolicy *self,const char *path,GFileInfo *info,GFile *target,OstreeSePolicyRestoreconFlags flags,char **out_new_label,GCancellable *cancellable,GError **error);
Reset the security context of target
 based on the SELinux policy.
| self | Self | |
| path | Path string to use for policy lookup | |
| info | File attributes. | [allow-none] | 
| target | Physical path to target file | |
| flags | Flags controlling behavior | |
| out_new_label | New label, or  | [allow-none][out] | 
| cancellable | Cancellable | |
| error | Error | 
gboolean ostree_sepolicy_setfscreatecon (OstreeSePolicy *self,const char *path,guint32 mode,GError **error);
void
ostree_sepolicy_fscreatecon_cleanup (void **unused);
Cleanup function for ostree_sepolicy_setfscreatecon().