Manpages

LIBUGIDFW(3) BSD Library Functions Manual LIBUGIDFW(3)

NAME

libugidfw — library interface to the file system firewall MAC policy

LIBRARY

File System Firewall Interface Library (libugidfw, −lugidfw)

SYNOPSIS

#include <ugidfw.h>

DESCRIPTION

The libugidfw library routines provide an interface to the mac_bsdextended(4) file system firewall MAC policy.

The libugidfw library defines the following functions:

bsde_rule_to_string()

Converts the internal representation of a rule (struct mac_bsdextended_rule) into its text representation; see bsde_rule_to_string(3).

bsde_parse_identity()

Parses the identity of a subject or object; see bsde_parse_identity(3).

bsde_parse_mode()

Parses the access mode for a ugidfw rule; see bsde_parse_mode(3).

bsde_parse_rule()

Parses an entire rule (in argument array form); see bsde_parse_rule(3).

bsde_parse_rule_string()

Parses an entire rule string; see bsde_parse_rule_string(3).

bsde_get_rule_count()

Returns the total number of ugidfw rules being enforced in the system; see bsde_get_rule_count(3).

bsde_get_rule_slots()

Returns the total number of used rule slots; see bsde_get_rule_slots(3).

bsde_get_rule()

Returns a rule by its rule number; see bsde_get_rule(3).

bsde_delete_rule()

Deletes a rule by its rule number; see bsde_delete_rule(3).

bsde_set_rule()

Uploads the rule to the mac_bsdextended(4) module and applies it; see bsde_set_rule(3).

bsde_add_rule()

Upload the rule to the module, automatically selecting the next available rule number; see bsde_add_rule(3).

SEE ALSO

bsde_delete_rule(3), bsde_get_rule(3), bsde_get_rule_count(3), bsde_get_rule_slots(3), bsde_parse_identity(3), bsde_parse_mode(3), bsde_parse_rule(3), bsde_parse_rule_string(3), bsde_rule_to_string(3), bsde_set_rule(3)

AUTHORS

This software was contributed to the FreeBSD Project by Network Associates Labs, the Security Research Division of Network Associates Inc. under DARPA/SPAWAR contract N66001-01-C-8035 (’’CBOSS’’), as part of the DARPA CHATS research program.

BSD February 25, 2004 BSD