SELinux API documentation

NAME¶

security_getenforce, security_setenforce, security_deny_unknown - get or set the enforcing state of SELinux

SYNOPSIS¶

#include <selinux/selinux.h>

int security_getenforce(void);

int security_setenforce(int value);

int security_deny_unknown(void);

DESCRIPTION¶

security_getenforce returns 0 if SELinux is running in permissive mode, 1 if it is running in enforcing mode, and -1 on error.

security_setenforce sets SELinux to enforcing mode if the value 1 is passed in, and sets it to permissive mode if 0 is passed in. On success 0 is returned, on error -1 is returned.

security_deny_unknown returns 0 if SELinux treats policy queries on undefined object classes or permissions as being allowed, 1 if such queries are denied, and -1 on error.

Source file:	security_setenforce.3.en.gz (from libselinux1-dev 2.1.9-5)
Source last updated:	2012-06-10T06:36:09Z
Converted to HTML:	2017-06-07T16:48:54Z

NAME¶

SYNOPSIS¶

DESCRIPTION¶

SEE ALSO¶