The SELinux policy can include conditional rules that are enabled or
disabled based on the current values of a set of policy booleans.
These policy booleans allow runtime modification of the security
policy without having to load a new policy.
The SELinux API allows for a transaction based update. So you can set
several boolean values and then commit them all at once.
security_load_booleans() loads policy boolean settings. Path may be
NULL, in which case the booleans are loaded from the active policy
boolean configuration file.
security_get_boolean_names() provides a list of boolean names,
currently supported by the loaded policy.
security_get_boolean_pending() returns the pending value for boolean
or -1 on failure.
security_get_boolean_active() returns the active value for boolean or
-1 on failure.
security_set_boolean() sets the pending value for boolean
security_set_boolean_list() saves a list of booleans in a single
security_commit_booleans() commits all pending values for the
This page is part of the selinux (Security-Enhanced Linux user-space
libraries and tools) project. Information about the project can be
found at ⟨https://github.com/SELinuxProject/selinux/wiki⟩. If you
have a bug report for this manual page, see
page was obtained from the project's upstream Git repository
⟨https://github.com/SELinuxProject/selinux⟩ on 2017-03-13. If you
discover any rendering problems in this HTML version of the page, or
you believe there is a better or more up-to-date source for the page,
or you have corrections or improvements to the information in this
COLOPHON (which is not part of the original manual page), send a mail
email@example.com 15 November 2004 security_get_boolean_names(3)