NAME
security_getenforce, security_setenforce, security_deny_unknown - get
or set the enforcing state of SELinux
SYNOPSIS
#include <selinux/selinux.h>
int security_getenforce(void);
int security_setenforce(int value);
int security_deny_unknown(void);
DESCRIPTION
security_getenforce returns 0 if SELinux is running in permissive mode,
1 if it is running in enforcing mode, and -1 on error.
security_setenforce sets SELinux to enforcing mode if the value 1 is
passed in, and sets it to permissive mode if 0 is passed in. On
success 0 is returned, on error -1 is returned.
security_deny_unknown returns 0 if SELinux treats policy queries on
undefined object classes or permissions as being allowed, 1 if such
queries are denied, and -1 on error.
SEE ALSO
selinux(8)