selinux_raw_context_to_color(3)selinux_raw_context_to_color(3)NAMEselinux_raw_context_to_color - Return RGB color string for an SELinux
security context.
SYNOPSIS
#include <selinux/selinux.h>
int selinux_raw_context_to_color(security_context_t raw,
char **color_str);
DESCRIPTIONselinux_raw_context_to_color returns a color_str associated to the raw
context raw provided that the mcstransd(8) daemon is running, the pol‐
icy is an MLS type policy (MCS or MLS) and there is a color configura‐
tion file secolor.conf(5) (see the FILES section).
The color_str string is a space separated list of eight hexadecimal RGB
triples, each prefixed by a hash character (#). These represent the
user:role:type:range components of the foreground and background col‐
ors. An example string is shown in the EXAMPLE section.
The returned color_str string must be freed with free(3).
If a color has not been configured for a specific user, role, type
and/or range component of context raw, then selinux_raw_con‐
text_to_color will select the color returned in color_str in order of
precedence as follows:
role, type, range
user, type, range
user, role, range
user, role, type
If there are no entries in the secolor.conf file for any of the compo‐
nents of context raw (or the file is not present), then the default
string returned in color_str is:
----- user ---- ---- role -------- type -------- range ----
#000000 #ffffff #000000 #ffffff #000000 #ffffff #000000 #ffffff
RETURN VALUE
On success, zero is returned.
On failure, -1 is returned with errno set appropriately.
ERRORS
ENOENT If the mcstransd(8) daemon is not running.
FILESselinux_raw_context_to_color obtains the translated entry from the
active policy secolor.conf(5) file as returned by selinux_col‐
ors_path(3). The file format is described in secolor.conf(5).
NOTES
1. The primary use of selinux_raw_context_to_color is to return a color
that corresponds to a range, that can then be used to highlight infor‐
mation at different MLS levels.
2. The mcstransd(8) daemon process security level must dominate the raw
security level passed to it by the selinux_raw_context_to_color func‐
tion. If not, the range color selected will be as defined by the order
of precedence.
EXAMPLEselinux_raw_context_to_color returns the foreground and background col‐
ors of the context string components (user:role:type:range) as RGB
triples as follows:
user : role : type : range
fg bg : fg bg : fg bg : fg bg
#000000 #ffffff #ffffff #000000 #d2b48c #ffa500 #000000 #008000
black white : white black : tan orange : black green
SEE ALSOselinux(8), selinux_colors_path(3), mcstransd(8), secolor.conf(5),
selinux_raw_to_trans_context(3), selinux_trans_to_raw_context(3),
free(3)SELinux API documentation 08 April 2011 selinux_raw_context_to_color(3)