NAME¶
security_load_booleans, security_set_boolean, security_commit_booleans,
security_get_boolean_names, security_get_boolean_active,
security_get_boolean_pending - routines for manipulating SELinux boolean
values
SYNOPSIS¶
#include <selinux/selinux.h>
int security_load_booleans(char *path);
int security_get_boolean_names(char ***names, int
*len);
int security_get_boolean_pending(const char *name);
int security_get_boolean_active(const char *name);
int security_set_boolean(const char *name, int
value);
int security_set_boolean_list(size_t boolcnt, SELboolean
*boollist, int permanent);
int security_commit_booleans(void);
DESCRIPTION¶
The SELinux policy can include conditional rules that are enabled or disabled
based on the current values of a set of policy booleans. These policy booleans
allow runtime modification of the security policy without having to load a new
policy.
The SELinux API allows for a transaction based update. So you can set several
boolean values and then commit them all at once.
security_load_booleans
loads policy boolean settings. Path may be NULL, in which case the booleans are
loaded from the active policy boolean configuration file.
security_get_boolean_names
provides a list of boolean names, currently supported by the loaded policy.
security_get_boolean_pending
returns the pending value for boolean or -1 on failure.
security_get_boolean_active
returns the active value for boolean or -1 on failure.
security_set_boolean
sets the pending value for boolean
security_set_boolean_list
saves a list of booleans in a single transaction.
security_commit_booleans
commits all pending values for the booleans.
RETURN VALUE¶
Where not otherwise stated, functions described in this manual page return zero
on success or -1 on error.
AUTHOR ¶
This manual page was written by Dan Walsh <dwalsh@redhat.com>.
SEE ALSO¶
selinux(8),
getsebool(8),
booleans(8),
togglesebool(8)