[PATCH 1/1] Add libselinux man pages for colour functions

[PATCH 1/1] Add libselinux man pages for colour functions

[Richard Haines]

Add man pages for selinux_raw_context_to_color(5), selinux_colors_path(3) and secolors.conf(5).

Signed-off-by: root Richard Haines <richard_c_haines@btinternet.com>
---
 libselinux/man/man3/selinux_colors_path.3          |   36 ++++
 libselinux/man/man3/selinux_raw_context_to_color.3 |  124 +++++++++++++
 libselinux/man/man5/secolors.conf.5                |  181 ++++++++++++++++++++
 3 files changed, 341 insertions(+), 0 deletions(-)
 create mode 100644 libselinux/man/man3/selinux_colors_path.3
 create mode 100644 libselinux/man/man3/selinux_raw_context_to_color.3
 create mode 100644 libselinux/man/man5/secolors.conf.5

diff --git a/libselinux/man/man3/selinux_colors_path.3 b/libselinux/man/man3/selinux_colors_path.3
new file mode 100644
index 0000000..2a117d1
--- /dev/null
+++ b/libselinux/man/man3/selinux_colors_path.3
@@ -0,0 +1,36 @@
+.TH "selinux_colors_path" "3" "08 April 2011" "SELinux API documentation"
+
+.SH "NAME"
+selinux_colors_path \- Return a path to the active SELinux policy color configuration file.
+.SH "SYNOPSIS"
+.B #include <selinux/selinux.h>
+.sp
+.B const char *selinux_colors_path(void);
+
+.SH "DESCRIPTION"
+.B selinux_colors_path
+returns the path to the active policy color configuration file. 
+.sp
+The path is built from the path returned by 
+.BR selinux_policy_root "(3)"
+with 
+.B /secolor.conf
+appended.
+.sp
+This optional configuration file whose format is shown in 
+.BR secolor.conf "(5),"
+controls the colors to be associated with the 
+.I raw
+context components of the
+.BR selinux_raw_context_to_color "(3)"
+function when information is to be displayed by an SELinux color-aware application.
+
+.SH "RETURN VALUE"
+On success, the path to the active policy color configuration file is returned. If a path is not available NULL is returned.
+
+.SH "ERRORS"
+None.
+
+.SH "SEE ALSO"
+.BR selinux "(8), " selinux_policy_root "(3), " selinux_config "(5), " selinux_raw_context_to_color "(3), " secolor.conf  "(5)"
+
diff --git a/libselinux/man/man3/selinux_raw_context_to_color.3 b/libselinux/man/man3/selinux_raw_context_to_color.3
new file mode 100644
index 0000000..af12877
--- /dev/null
+++ b/libselinux/man/man3/selinux_raw_context_to_color.3
@@ -0,0 +1,124 @@
+.TH "selinux_raw_context_to_color" "3" "08 April 2011" "SELinux API documentation"
+
+.SH "NAME"
+selinux_raw_context_to_color \- Return RGB color string for an SELinux security context.
+
+.SH "SYNOPSIS"
+.B #include <selinux/selinux.h>
+.sp
+.BI "int selinux_raw_context_to_color(security_context_t " raw ", "
+.RS
+.BI "char **" color_str ");"
+.RE
+
+.SH "DESCRIPTION"
+.B selinux_raw_context_to_color
+returns a 
+.I color_str
+associated to the raw context 
+.I raw
+provided that the 
+.BR mcstransd "(8)"
+daemon is running, the policy is an MLS type policy (MCS or MLS) and there is a color configuration file
+.BR secolors.conf "(5)"
+(see the
+.B FILES
+section).
+.sp
+The 
+.I color_str
+string is a space separated list of eight hexadecimal RGB triples, each prefixed by a hash character (#). These represent the user:role:type:range components of the foreground and background colors. An example string is shown in the 
+.B EXAMPLE
+section.
+
+The returned
+.I color_str
+string must be freed with 
+.BR free "(3)." 
+
+If a color has not been configured for a specific user, role, type and/or range component of context 
+.IR raw ","
+then
+.B selinux_raw_context_to_color
+will select the color returned in 
+.I color_str
+in order of precedence as follows:
+.RS
+role, type, range
+.br
+user, type, range
+.br
+user, role, range 
+.br
+user, role, type 
+.br
+.RE
+
+If there are no entries in the 
+.B secolor.conf
+file for any of the components of context 
+.I raw
+(or the file is not present), then the default string returned in 
+.I color_str
+is:
+.sp
+.RS
+----- user ---- ---- role ----  ---- type ----  ---- range ----
+.br
+#000000 #ffffff #000000 #ffffff #000000 #ffffff #000000 #ffffff
+.sp
+.RE
+
+.SH "RETURN VALUE"
+On success, zero is returned.
+.br
+On failure, \-1 is returned with 
+.I errno
+set appropriately.
+
+.SH "ERRORS"
+.B ENOENT
+If the 
+.BR mcstransd "(8)"
+daemon is not running. 
+
+.SH "FILES"
+.B selinux_raw_context_to_color
+obtains the translated entry from the active policy 
+.BR secolors.conf "(5)"
+file as returned by
+.BR selinux_colors_path "(3)."
+The file format is described in 
+.BR secolors.conf "(5)."
+
+.SH "NOTES"
+1. The primary use of 
+.B selinux_raw_context_to_color
+is to return a color that corresponds to a range, that can then be used to highlight information at different MLS levels.
+.sp
+2. The 
+.BR mcstransd "(8)"
+daemon process security level must dominate the 
+.I raw
+security level passed to it by the 
+.B selinux_raw_context_to_color
+function. If not, the range color selected will be as defined by the order of precedence.
+
+.SH "EXAMPLE"
+.B selinux_raw_context_to_color
+returns the foreground and background colors of the context string components (user:role:type:range) as RGB triples as follows:
+.sp
+
+      user     :       role      :      type      :      range
+.br
+  fg       bg  :   fg       bg   :  fg       bg   :  fg       bg  
+.br
+#000000 #ffffff  #ffffff #000000  #d2b48c #ffa500  #000000 #008000
+.br
+ black   white :  white   black  : tan    orange  : black   green 
+.br
+
+.SH "SEE ALSO"
+.BR selinux "(8), " selinux_colors_path "(3), " mcstransd "(8), " secolor.conf "(5), " selinux_raw_to_trans_context "(3), " selinux_trans_to_raw_context "(3), " free "(3)"
+
+
diff --git a/libselinux/man/man5/secolors.conf.5 b/libselinux/man/man5/secolors.conf.5
new file mode 100644
index 0000000..91cb4cb
--- /dev/null
+++ b/libselinux/man/man5/secolors.conf.5
@@ -0,0 +1,181 @@
+.TH "secolors.conf" "5" "08 April 2011" "SELinux API documentation"
+
+.SH "NAME"
+secolors.conf \- The SELinux color configuration file.
+
+.SH "DESCRIPTION"
+This optional file controls the color to be associated to the context components associated to the 
+.I raw
+context passed by 
+.BR selinux_raw_context_to_color "(3),"
+when context related information is to be displayed in color by an SELinux-aware application. 
+.sp
+.BR selinux_raw_context_to_color "(3)"
+obtains this color information from the active policy 
+.B secolor.conf
+file as returned by 
+.BR selinux_colors_path "(3)."
+
+.SH "FILE FORMAT"
+The file format is as follows:
+.RS
+.B color
+.I color_name
+.BI "= #"color_mask
+.br
+[...]
+.sp
+.I context_component string
+.B =
+.I fg_color_name bg_color_name
+.br
+[...]
+.sp 
+.RE
+
+Where:
+.br
+.B color
+.RS
+The color keyword. Each color entry is on a new line.
+.RE
+.I color_name
+.RS
+A single word name for the color (e.g. red).
+.RE
+.I color_mask
+.RS
+A color mask starting with a hash (#) that describes the hexadecimal RGB colors with black being #ffffff and white being #000000.
+.RE
+.I context_component
+.RS
+The context component name that must be one of the following:
+.br
+.RS
+user, role, type or range 
+.RE
+Each
+.IR context_component " " string " ..."
+entry is on a new line.
+.RE
+.I string
+.RS
+This is the 
+.I context_component
+string that will be matched with the 
+.I raw
+context component passed by
+.BR selinux_raw_context_to_color "(3)."
+.br
+A wildcard '*' may be used to match any undefined string for the user, role and type 
+.I context_component
+entries only.
+.RE
+
+.I fg_color_name
+.RS
+The color_name string that will be used as the foreground color.
+A 
+.I color_mask
+may also be used.
+.RE
+.I bg_color_name
+.RS
+The color_name string that will be used as the background color.
+A 
+.I color_mask
+may also be used.
+.RE
+
+.SH "EXAMPLES"
+Example 1 entries are:
+.RS
+color black  = #000000
+.br
+color green  = #008000
+.br
+color yellow = #ffff00
+.br
+color blue   = #0000ff
+.br
+color white  = #ffffff
+.br
+color red    = #ff0000
+.br
+color orange = #ffa500
+.br
+color tan    = #D2B48C
+.sp
+user * = black white
+.br
+role * = white black
+.br
+type * = tan orange
+.br
+range s0-s0:c0.c1023 = black green
+.br
+range s1-s1:c0.c1023 = white green
+.br
+range s3-s3:c0.c1023 = black tan
+.br
+range s5-s5:c0.c1023 = white blue
+.br
+range s7-s7:c0.c1023 = black red
+.br
+range s9-s9:c0.c1023 = black orange
+.br
+range s15:c0.c1023   = black yellow
+.RE
+
+.sp
+Example 2 entries are:
+.RS
+color black  = #000000
+.br
+color green  = #008000
+.br
+color yellow = #ffff00
+.br
+color blue   = #0000ff
+.br
+color white  = #ffffff
+.br
+color red    = #ff0000
+.br
+color orange = #ffa500
+.br
+color tan    = #d2b48c
+.sp
+user unconfined_u = #ff0000 green
+.br
+role unconfined_r = red #ffffff
+.br
+type unconfined_t = red orange
+.br
+user user_u       = black green
+.br
+role user_r       = white black
+.br
+type user_t       = tan red
+.br
+user xguest_u     = black yellow
+.br
+role xguest_r     = black red
+.br
+type xguest_t     = black green
+.br
+user sysadm_u     = white black
+.br
+range s0:c0.c1023 = black white
+.br
+user *            = black white
+.br
+role *            = black white
+.br
+type *            = black white
+.RE
+
+.SH "SEE ALSO"
+.BR selinux "(8), " selinux_raw_context_to_color "(3), " selinux_colors_path "(3)"
+
+
-- 
1.7.3.2


Richard


--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

Re: [PATCH 1/1] Add libselinux man pages for colour functions

[Steve Lawrence]

On 04/10/2011 12:25 PM, Richard Haines wrote:
> Add man pages for selinux_raw_context_to_color(5), selinux_colors_path(3) and secolors.conf(5).
> 
> Signed-off-by: root Richard Haines <richard_c_haines@btinternet.com>
> ---
>  libselinux/man/man3/selinux_colors_path.3          |   36 ++++
>  libselinux/man/man3/selinux_raw_context_to_color.3 |  124 +++++++++++++
>  libselinux/man/man5/secolors.conf.5                |  181 ++++++++++++++++++++
>  3 files changed, 341 insertions(+), 0 deletions(-)
>  create mode 100644 libselinux/man/man3/selinux_colors_path.3
>  create mode 100644 libselinux/man/man3/selinux_raw_context_to_color.3
>  create mode 100644 libselinux/man/man5/secolors.conf.5
> 
> diff --git a/libselinux/man/man3/selinux_colors_path.3 b/libselinux/man/man3/selinux_colors_path.3
> new file mode 100644
> index 0000000..2a117d1
> --- /dev/null
> +++ b/libselinux/man/man3/selinux_colors_path.3
> @@ -0,0 +1,36 @@
> +.TH "selinux_colors_path" "3" "08 April 2011" "SELinux API documentation"
> +
> +.SH "NAME"
> +selinux_colors_path \- Return a path to the active SELinux policy color configuration file.
> +.SH "SYNOPSIS"
> +.B #include <selinux/selinux.h>
> +.sp
> +.B const char *selinux_colors_path(void);
> +
> +.SH "DESCRIPTION"
> +.B selinux_colors_path
> +returns the path to the active policy color configuration file. 
> +.sp
> +The path is built from the path returned by 
> +.BR selinux_policy_root "(3)"
> +with 
> +.B /secolor.conf
> +appended.
> +.sp
> +This optional configuration file whose format is shown in 
> +.BR secolor.conf "(5),"
> +controls the colors to be associated with the 
> +.I raw
> +context components of the
> +.BR selinux_raw_context_to_color "(3)"
> +function when information is to be displayed by an SELinux color-aware application.
> +
> +.SH "RETURN VALUE"
> +On success, the path to the active policy color configuration file is returned. If a path is not available NULL is returned.
> +
> +.SH "ERRORS"
> +None.
> +
> +.SH "SEE ALSO"
> +.BR selinux "(8), " selinux_policy_root "(3), " selinux_config "(5), " selinux_raw_context_to_color "(3), " secolor.conf  "(5)"
> +
> diff --git a/libselinux/man/man3/selinux_raw_context_to_color.3 b/libselinux/man/man3/selinux_raw_context_to_color.3
> new file mode 100644
> index 0000000..af12877
> --- /dev/null
> +++ b/libselinux/man/man3/selinux_raw_context_to_color.3
> @@ -0,0 +1,124 @@
> +.TH "selinux_raw_context_to_color" "3" "08 April 2011" "SELinux API documentation"
> +
> +.SH "NAME"
> +selinux_raw_context_to_color \- Return RGB color string for an SELinux security context.
> +
> +.SH "SYNOPSIS"
> +.B #include <selinux/selinux.h>
> +.sp
> +.BI "int selinux_raw_context_to_color(security_context_t " raw ", "
> +.RS
> +.BI "char **" color_str ");"
> +.RE
> +
> +.SH "DESCRIPTION"
> +.B selinux_raw_context_to_color
> +returns a 
> +.I color_str
> +associated to the raw context 
> +.I raw
> +provided that the 
> +.BR mcstransd "(8)"
> +daemon is running, the policy is an MLS type policy (MCS or MLS) and there is a color configuration file
> +.BR secolors.conf "(5)"
> +(see the
> +.B FILES
> +section).
> +.sp
> +The 
> +.I color_str
> +string is a space separated list of eight hexadecimal RGB triples, each prefixed by a hash character (#). These represent the user:role:type:range components of the foreground and background colors. An example string is shown in the 
> +.B EXAMPLE
> +section.
> +
> +The returned
> +.I color_str
> +string must be freed with 
> +.BR free "(3)." 
> +
> +If a color has not been configured for a specific user, role, type and/or range component of context 
> +.IR raw ","
> +then
> +.B selinux_raw_context_to_color
> +will select the color returned in 
> +.I color_str
> +in order of precedence as follows:
> +.RS
> +role, type, range
> +.br
> +user, type, range
> +.br
> +user, role, range 
> +.br
> +user, role, type 
> +.br
> +.RE
> +
> +If there are no entries in the 
> +.B secolor.conf
> +file for any of the components of context 
> +.I raw
> +(or the file is not present), then the default string returned in 
> +.I color_str
> +is:
> +.sp
> +.RS
> +----- user ---- ---- role ----  ---- type ----  ---- range ----
> +.br
> +#000000 #ffffff #000000 #ffffff #000000 #ffffff #000000 #ffffff
> +.sp
> +.RE
> +
> +.SH "RETURN VALUE"
> +On success, zero is returned.
> +.br
> +On failure, \-1 is returned with 
> +.I errno
> +set appropriately.
> +
> +.SH "ERRORS"
> +.B ENOENT
> +If the 
> +.BR mcstransd "(8)"
> +daemon is not running. 
> +
> +.SH "FILES"
> +.B selinux_raw_context_to_color
> +obtains the translated entry from the active policy 
> +.BR secolors.conf "(5)"
> +file as returned by
> +.BR selinux_colors_path "(3)."
> +The file format is described in 
> +.BR secolors.conf "(5)."
> +
> +.SH "NOTES"
> +1. The primary use of 
> +.B selinux_raw_context_to_color
> +is to return a color that corresponds to a range, that can then be used to highlight information at different MLS levels.
> +.sp
> +2. The 
> +.BR mcstransd "(8)"
> +daemon process security level must dominate the 
> +.I raw
> +security level passed to it by the 
> +.B selinux_raw_context_to_color
> +function. If not, the range color selected will be as defined by the order of precedence.
> +
> +.SH "EXAMPLE"
> +.B selinux_raw_context_to_color
> +returns the foreground and background colors of the context string components (user:role:type:range) as RGB triples as follows:
> +.sp
> +
> +      user     :       role      :      type      :      range
> +.br
> +  fg       bg  :   fg       bg   :  fg       bg   :  fg       bg  
> +.br
> +#000000 #ffffff  #ffffff #000000  #d2b48c #ffa500  #000000 #008000
> +.br
> + black   white :  white   black  : tan    orange  : black   green 
> +.br
> +
> +.SH "SEE ALSO"
> +.BR selinux "(8), " selinux_colors_path "(3), " mcstransd "(8), " secolor.conf "(5), " selinux_raw_to_trans_context "(3), " selinux_trans_to_raw_context "(3), " free "(3)"
> +
> +
> diff --git a/libselinux/man/man5/secolors.conf.5 b/libselinux/man/man5/secolors.conf.5
> new file mode 100644
> index 0000000..91cb4cb
> --- /dev/null
> +++ b/libselinux/man/man5/secolors.conf.5
> @@ -0,0 +1,181 @@
> +.TH "secolors.conf" "5" "08 April 2011" "SELinux API documentation"
> +
> +.SH "NAME"
> +secolors.conf \- The SELinux color configuration file.
> +
> +.SH "DESCRIPTION"
> +This optional file controls the color to be associated to the context components associated to the 
> +.I raw
> +context passed by 
> +.BR selinux_raw_context_to_color "(3),"
> +when context related information is to be displayed in color by an SELinux-aware application. 
> +.sp
> +.BR selinux_raw_context_to_color "(3)"
> +obtains this color information from the active policy 
> +.B secolor.conf
> +file as returned by 
> +.BR selinux_colors_path "(3)."
> +
> +.SH "FILE FORMAT"
> +The file format is as follows:
> +.RS
> +.B color
> +.I color_name
> +.BI "= #"color_mask
> +.br
> +[...]
> +.sp
> +.I context_component string
> +.B =
> +.I fg_color_name bg_color_name
> +.br
> +[...]
> +.sp 
> +.RE
> +
> +Where:
> +.br
> +.B color
> +.RS
> +The color keyword. Each color entry is on a new line.
> +.RE
> +.I color_name
> +.RS
> +A single word name for the color (e.g. red).
> +.RE
> +.I color_mask
> +.RS
> +A color mask starting with a hash (#) that describes the hexadecimal RGB colors with black being #ffffff and white being #000000.
> +.RE
> +.I context_component
> +.RS
> +The context component name that must be one of the following:
> +.br
> +.RS
> +user, role, type or range 
> +.RE
> +Each
> +.IR context_component " " string " ..."
> +entry is on a new line.
> +.RE
> +.I string
> +.RS
> +This is the 
> +.I context_component
> +string that will be matched with the 
> +.I raw
> +context component passed by
> +.BR selinux_raw_context_to_color "(3)."
> +.br
> +A wildcard '*' may be used to match any undefined string for the user, role and type 
> +.I context_component
> +entries only.
> +.RE
> +
> +.I fg_color_name
> +.RS
> +The color_name string that will be used as the foreground color.
> +A 
> +.I color_mask
> +may also be used.
> +.RE
> +.I bg_color_name
> +.RS
> +The color_name string that will be used as the background color.
> +A 
> +.I color_mask
> +may also be used.
> +.RE
> +
> +.SH "EXAMPLES"
> +Example 1 entries are:
> +.RS
> +color black  = #000000
> +.br
> +color green  = #008000
> +.br
> +color yellow = #ffff00
> +.br
> +color blue   = #0000ff
> +.br
> +color white  = #ffffff
> +.br
> +color red    = #ff0000
> +.br
> +color orange = #ffa500
> +.br
> +color tan    = #D2B48C
> +.sp
> +user * = black white
> +.br
> +role * = white black
> +.br
> +type * = tan orange
> +.br
> +range s0-s0:c0.c1023 = black green
> +.br
> +range s1-s1:c0.c1023 = white green
> +.br
> +range s3-s3:c0.c1023 = black tan
> +.br
> +range s5-s5:c0.c1023 = white blue
> +.br
> +range s7-s7:c0.c1023 = black red
> +.br
> +range s9-s9:c0.c1023 = black orange
> +.br
> +range s15:c0.c1023   = black yellow
> +.RE
> +
> +.sp
> +Example 2 entries are:
> +.RS
> +color black  = #000000
> +.br
> +color green  = #008000
> +.br
> +color yellow = #ffff00
> +.br
> +color blue   = #0000ff
> +.br
> +color white  = #ffffff
> +.br
> +color red    = #ff0000
> +.br
> +color orange = #ffa500
> +.br
> +color tan    = #d2b48c
> +.sp
> +user unconfined_u = #ff0000 green
> +.br
> +role unconfined_r = red #ffffff
> +.br
> +type unconfined_t = red orange
> +.br
> +user user_u       = black green
> +.br
> +role user_r       = white black
> +.br
> +type user_t       = tan red
> +.br
> +user xguest_u     = black yellow
> +.br
> +role xguest_r     = black red
> +.br
> +type xguest_t     = black green
> +.br
> +user sysadm_u     = white black
> +.br
> +range s0:c0.c1023 = black white
> +.br
> +user *            = black white
> +.br
> +role *            = black white
> +.br
> +type *            = black white
> +.RE
> +
> +.SH "SEE ALSO"
> +.BR selinux "(8), " selinux_raw_context_to_color "(3), " selinux_colors_path "(3)"
> +
> +

Only issues were secolors.conf should be secolor.conf and there was a
black/white hex mixup. Other than that, looks good.

I fixed those and applied to libselinux-2.0.102

Thanks!

--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.