| .TH "security_getenforce" "3" "1 January 2004" "russell@coker.com.au" "SELinux API documentation" |
| .SH "NAME" |
| security_getenforce, security_setenforce, security_deny_unknown \- get or set the enforcing state of SELinux |
| . |
| .SH "SYNOPSIS" |
| .B #include <selinux/selinux.h> |
| .sp |
| .B int security_getenforce(void); |
| .sp |
| .BI "int security_setenforce(int "value ); |
| .sp |
| .B int security_deny_unknown(void); |
| . |
| .SH "DESCRIPTION" |
| .BR security_getenforce () |
| returns 0 if SELinux is running in permissive mode, 1 if it is running in |
| enforcing mode, and \-1 on error. |
| |
| .BR security_setenforce () |
| sets SELinux to enforcing mode if the value 1 is passed in, and sets it to |
| permissive mode if 0 is passed in. On success 0 is returned, on error \-1 is |
| returned. |
| |
| .BR security_deny_unknown () |
| returns 0 if SELinux treats policy queries on undefined object classes or |
| permissions as being allowed, 1 if such queries are denied, and \-1 on error. |
| . |
| .SH "SEE ALSO" |
| .BR selinux "(8)" |