secpol_open()

Updated: April 19, 2023

Open a security policy file

Synopsis:

#include <secpol/secpol.h>
secpol_file_t* secpol_open(const char *path,
                           uint32_t flags)

Arguments:

path
Path to the file. If NULL, the default path is used.
flags
Zero or more flags from secpol_open_flags_e ORred together.

Library:

libsecpol

Description:

In most cases, you set path to NULL and flags to SECPOL_USE_AS_DEFAULT to ensure a common security policy file is used by all processes and avoid the file being opened multiple times.

However, if you are calling a single function, instead of preceding the call with secpol_open() to set the default security policy file, pass NULL for the function's handle. This opens the system's default security policy file for the duration of the function and then closes it.

If SECPOL_USE_AS_DEFAULT is used and a previous call installed a default handle, the call will fail with an errno of EBUSY. This error can usually be ignored as there is already a policy file accessible for other functions to use.

Returns:

A handle to the file, or NULL if open failed (errno is set).