|
NAME | SYNOPSIS | DESCRIPTION | SEE ALSO | COLOPHON |
|
security_getenforce(3) SELinux API documentation security_getenforce(3)
security_getenforce, security_setenforce, security_deny_unknown,
security_get_checkreqprot- get or set the enforcing state of SELinux
#include <selinux/selinux.h>
int security_getenforce(void);
int security_setenforce(int value);
int security_deny_unknown(void);
int security_get_checkreqprot(void);
security_getenforce() returns 0 if SELinux is running in permissive
mode, 1 if it is running in enforcing mode, and -1 on error.
security_setenforce() sets SELinux to enforcing mode if the value 1
is passed in, and sets it to permissive mode if 0 is passed in. On
success 0 is returned, on error -1 is returned.
security_deny_unknown() returns 0 if SELinux treats policy queries on
undefined object classes or permissions as being allowed, 1 if such
queries are denied, and -1 on error.
security_get_checkreqprot() can be used to determine whether SELinux
is configured to check the protection requested by the application or
the actual protection that will be applied by the kernel (including
the effects of READ_IMPLIES_EXEC) on mmap and mprotect calls. It
returns 0 if SELinux checks the actual protection, 1 if it checks the
requested protection, and -1 on error.
selinux(8)
This page is part of the selinux (Security-Enhanced Linux user-space
libraries and tools) project. Information about the project can be
found at ⟨https://github.com/SELinuxProject/selinux/wiki⟩. If you
have a bug report for this manual page, see
⟨https://github.com/SELinuxProject/selinux/wiki/Contributing⟩. This
page was obtained from the project's upstream Git repository
⟨https://github.com/SELinuxProject/selinux⟩ on 2018-02-02. (At that
time, the date of the most recent commit that was found in the repos‐
itory was 2018-01-25.) If you discover any rendering problems in
this HTML version of the page, or you believe there is a better or
more up-to-date source for the page, or you have corrections or
improvements to the information in this COLOPHON (which is not part
of the original manual page), send a mail to man-pages@man7.org
russell@coker.com.au 1 January 2004 security_getenforce(3)
Pages that refer to this page: security_disable(3), security_load_policy(3), selinux_status_open(3)
|
HTML rendering created 2018-02-02 by Michael Kerrisk, author of The Linux Programming Interface, maintainer of the Linux man-pages project. For details of in-depth Linux/UNIX system programming training courses that I teach, look here. Hosting by jambit GmbH.
|
|