Expand description
SELinux security context labeling for filesystem trees.
This module implements SELinux policy parsing and file labeling functionality. It reads SELinux policy files (file_contexts, file_contexts.subs, etc.) and applies appropriate security.selinux extended attributes to filesystem nodes. The implementation uses regex automata for efficient pattern matching against file paths and types.
Structsยง
- Policy ๐
Functionsยง
- openat
- Open a file in the composefs store, handling inline vs external files.
- parse_
config ๐ - process_
spec_ ๐file - process_
subs_ ๐file - relabel ๐
- relabel_
dir ๐ - relabel_
inode ๐ - relabel_
leaf ๐ - selabel
- Applies SELinux security contexts to all files in a filesystem tree.