SELinux API documentation

NAME¶

security_getenforce, security_setenforce, security_deny_unknown - get or set the enforcing state of SELinux

SYNOPSIS¶

#include <selinux/selinux.h>

int security_getenforce(void);

int security_setenforce(int value);

int security_deny_unknown(void);

DESCRIPTION¶

security_getenforce() returns 0 if SELinux is running in permissive mode, 1 if it is running in enforcing mode, and -1 on error.

security_setenforce() sets SELinux to enforcing mode if the value 1 is passed in, and sets it to permissive mode if 0 is passed in. On success 0 is returned, on error -1 is returned.

security_deny_unknown() returns 0 if SELinux treats policy queries on undefined object classes or permissions as being allowed, 1 if such queries are denied, and -1 on error.

Source file:	security_deny_unknown.3.en.gz (from libselinux1-dev 2.3-2)
Source last updated:	2017-01-11T14:44:26Z
Converted to HTML:	2018-08-09T22:41:04Z

NAME¶

SYNOPSIS¶

DESCRIPTION¶

SEE ALSO¶