HTML rendering created 2025-09-06 byMichael Kerrisk, author ofThe Linux Programming Interface. For details of in-depthLinux/UNIX system programming training courses that I teach, lookhere. Hosting byjambit GmbH. |  |
NAME |SYNOPSIS |DESCRIPTION |RETURN VALUE |AUTHOR |SEE ALSO |COLOPHON | |
security...an_names(3) SELinux API Documentationsecurity...an_names(3)security_set_boolean, security_commit_booleans, security_get_boolean_names, security_get_boolean_active, security_get_boolean_pending - routines for manipulating SELinux boolean values
#include <selinux/selinux.h>int security_get_boolean_names(char ***names, int *len);int security_get_boolean_pending(const char *name);int security_get_boolean_active(const char *name);int security_set_boolean(const char *name, intvalue);int security_set_boolean_list(size_tboolcnt, SELboolean*boollist, intpermanent);int security_commit_booleans(void);
The SELinux policy can include conditional rules that are enabled or disabled based on the current values of a set of policy booleans. These policy booleans allow runtime modification of the security policy without having to load a new policy. The SELinux API allows for a transaction based update. So you can set several boolean values and then commit them all at once.security_get_boolean_names() provides a list of boolean names, currently supported by the loaded policy.security_get_boolean_pending() returns the pending value for boolean or -1 on failure.security_get_boolean_active() returns the active value for boolean or -1 on failure.security_set_boolean() sets the pending value for booleansecurity_set_boolean_list() saves a list of booleans in a single transaction. Note that theintpermanent flag is deprecated and should be set to zero.security_commit_booleans() commits all pending values for the booleans.
Where not otherwise stated, functions described in this manual page return zero on success or -1 on error.
This manual page was written by Dan Walsh <dwalsh@redhat.com>.
selinux(8),getsebool(8),booleans(8),togglesebool(8)
This page is part of theselinux (Security-Enhanced Linux user- space libraries and tools) project. Information about the project can be found at ⟨https://github.com/SELinuxProject/selinux/wiki⟩. If you have a bug report for this manual page, see ⟨https://github.com/SELinuxProject/selinux/wiki/Contributing⟩. This page was obtained from the project's upstream Git repository ⟨https://github.com/SELinuxProject/selinux⟩ on 2025-08-11. (At that time, the date of the most recent commit that was found in the repository was 2025-08-04.) If you discover any rendering problems in this HTML version of the page, or you believe there is a better or more up-to-date source for the page, or you have corrections or improvements to the information in this COLOPHON (which isnot part of the original manual page), send a mail to man-pages@man7.orgdwalsh@redhat.com 15 November 2004security...an_names(3)Pages that refer to this page:selinux_boolean_sub(3)
HTML rendering created 2025-09-06 byMichael Kerrisk, author ofThe Linux Programming Interface. For details of in-depthLinux/UNIX system programming training courses that I teach, lookhere. Hosting byjambit GmbH. | |