security_getenforce(3)    SELinux API documentation   security_getenforce(3)

NAME         top

       security_getenforce, security_setenforce, security_deny_unknown - get
       or set the enforcing state of SELinux

SYNOPSIS         top

       #include <selinux/selinux.h>

       int security_getenforce(void);

       int security_setenforce(int value);

       int security_deny_unknown(void);

DESCRIPTION         top

       security_getenforce() returns 0 if SELinux is running in permissive
       mode, 1 if it is running in enforcing mode, and -1 on error.

       security_setenforce() sets SELinux to enforcing mode if the value 1
       is passed in, and sets it to permissive mode if 0 is passed in.  On
       success 0 is returned, on error -1 is returned.

       security_deny_unknown() returns 0 if SELinux treats policy queries on
       undefined object classes or permissions as being allowed, 1 if such
       queries are denied, and -1 on error.

SEE ALSO         top


COLOPHON         top

       This page is part of the selinux (Security-Enhanced Linux user-space
       libraries and tools) project.  Information about the project can be
       found at ⟨⟩.  If you
       have a bug report for this manual page, see 
       ⟨⟩.  This
       page was obtained from the project's upstream Git repository 
       ⟨⟩ on 2017-05-03.  If you
       discover any rendering problems in this HTML version of the page, or
       you believe there is a better or more up-to-date source for the page,
       or you have corrections or improvements to the information in this
       COLOPHON (which is not part of the original manual page), send a mail
       to           1 January 2004         security_getenforce(3)

Pages that refer to this page: security_disable(3)security_load_policy(3)selinux_status_open(3)