mirror of
https://gitlab.com/apparmor/apparmor.git
synced 2025-03-04 08:24:42 +01:00
Add missing documentation updates for aa_is_confined and aa_get_con.
This documentation should have been checked in as part of the patches that added aa_is_confined and aa_get_con. Signed-off-by: John Johansen <john.johansen@canonical.com>
This commit is contained in:
John Johansen
parent
ac77e10a0f
commit
1056ef8418
2 changed files with 47 additions and 1 deletions
|
|
@ -22,24 +22,36 @@
|
|||
|
||||
=head1 NAME
|
||||
|
||||
aa_is_enabled - determine if apparmor is available
|
||||
|
||||
aa_find_mountpoint - find where the apparmor interface filesystem is mounted
|
||||
|
||||
=head1 SYNOPSIS
|
||||
|
||||
B<#include E<lt>sys/apparmor.hE<gt>>
|
||||
|
||||
B<int aa_is_enabled(void);>
|
||||
|
||||
B<int aa_find_mountpoint(char **mnt);>
|
||||
|
||||
Link with B<-lapparmor> when compiling.
|
||||
|
||||
=head1 DESCRIPTION
|
||||
|
||||
The aa_is_enabled function returns true (1) if apparmor is enabled. If it
|
||||
isn't it sets the errno to reflect the reason it is not enabled and returns 0.
|
||||
|
||||
The aa_find_mountpoint function finds where the apparmor filesystem is mounted
|
||||
on the system, and returns a string containing the mount path. It is the
|
||||
caller's responsibility to free(3) the returned path.
|
||||
|
||||
=head1 RETURN VALUE
|
||||
|
||||
B<aa_is_enabled>
|
||||
On success 1 is returned. On error, 0 is returned, and errno(3) is set
|
||||
appropriately.
|
||||
|
||||
B<aa_find_mountpoint>
|
||||
On success zero is returned. On error, -1 is returned, and errno(3) is set
|
||||
appropriately.
|
||||
|
||||
|
|
@ -47,6 +59,36 @@ appropriately.
|
|||
|
||||
=over 4
|
||||
|
||||
B<aa_is_enabled>
|
||||
|
||||
=item B<ENOSYS>
|
||||
|
||||
AppArmor extensions to the system are not available.
|
||||
|
||||
=item B<ECANCELED>
|
||||
|
||||
AppArmor is available on the system but has been disabled at boot.
|
||||
|
||||
=item B<ENOENT>
|
||||
|
||||
AppArmor is available (and maybe even enforcing policy) but the interface is
|
||||
not available.
|
||||
|
||||
=item B<ENOMEM>
|
||||
|
||||
Insufficient memory was available.
|
||||
|
||||
=item B<EPERM>
|
||||
|
||||
Did not have sufficient permissions to determine if AppArmor is enabled.
|
||||
|
||||
=item B<EACCES>
|
||||
|
||||
+Did not have sufficient permissions to determine if AppArmor is enabled.
|
||||
|
||||
|
||||
B<aa_find_mountpoint>
|
||||
|
||||
=item B<ENOMEM>
|
||||
|
||||
Insufficient memory was available.
|
||||
|
|
|
|||
|
|
@ -33,7 +33,7 @@ aa_getpeercon - get the confinement of a socket's other end (peer)
|
|||
B<#include E<lt>sys/apparmor.hE<gt>>
|
||||
|
||||
B<int aa_getprocattr_raw(pid_t tid, const char *attr, char *buf, int len,
|
||||
char **mode);>
|
||||
char **mode);>
|
||||
|
||||
B<int aa_getprocattr(pid_t tid, const char *attr, char **buf, char **mode);>
|
||||
|
||||
|
|
@ -93,6 +93,10 @@ Access to the specified I<file/task> was denied.
|
|||
|
||||
The specified I<file/task> does not exist or is not visible.
|
||||
|
||||
=item B<ERANGE>
|
||||
|
||||
The confinement data is to large to fit in the supplied buffer.
|
||||
|
||||
=back
|
||||
|
||||
=head1 BUGS
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue