NAME¶

security_load_booleans, security_set_boolean, security_commit_booleans, security_get_boolean_names, security_get_boolean_active, security_get_boolean_pending - routines for manipulating SELinux boolean values

SYNOPSIS¶

#include <selinux/selinux.h> int security_load_booleans(char *path); int security_get_boolean_names(char ***names, int *len); int security_get_boolean_pending(const char *name); int security_get_boolean_active(const char *name); int security_set_boolean(const char *name, int value); int security_set_boolean_list(size_t boolcnt, SELboolean *boollist, int permanent); int security_commit_booleans(void);

DESCRIPTION¶

The SELinux policy can include conditional rules that are enabled or disabled based on the current values of a set of policy booleans. These policy booleans allow runtime modification of the security policy without having to load a new policy. The SELinux API allows for a transaction based update. So you can set several boolean values and then commit them all at once. security_load_booleans loads policy boolean settings. Path may be NULL, in which case the booleans are loaded from the active policy boolean configuration file. security_get_boolean_names provides a list of boolean names, currently supported by the loaded policy. security_get_boolean_pending returns the pending value for boolean or -1 on failure. security_get_boolean_active returns the active value for boolean or -1 on failure. security_set_boolean sets the pending value for boolean security_set_boolean_list saves a list of booleans in a single transaction. security_commit_booleans commits all pending values for the booleans.

RETURN VALUE¶

Where not otherwise stated, functions described in this manual page return zero on success or -1 on error.

AUTHOR ¶

This manual page was written by Dan Walsh <dwalsh@redhat.com>.

SEE ALSO¶

selinux(8), getsebool(8), booleans(8), togglesebool(8)