процедуры для управления логическими значениями SELinux (routines for manipulating SELinux boolean values)
Имя (Name)
security_set_boolean, security_commit_booleans,
security_get_boolean_names, security_get_boolean_active,
security_get_boolean_pending - routines for manipulating SELinux
boolean values
Синопсис (Synopsis)
#include <selinux/selinux.h>
int security_get_boolean_names(char ***names, int *len);
int security_get_boolean_pending(const char *name);
int security_get_boolean_active(const char *name);
int security_set_boolean(const char *name, int value);
int security_set_boolean_list(size_t boolcnt, SELboolean
*boollist, int permanent);
int security_commit_booleans(void);
Описание (Description)
The SELinux policy can include conditional rules that are enabled
or disabled based on the current values of a set of policy
booleans. These policy booleans allow runtime modification of
the security policy without having to load a new policy.
The SELinux API allows for a transaction based update. So you can
set several boolean values and then commit them all at once.
security_get_boolean_names() provides a list of boolean names,
currently supported by the loaded policy.
security_get_boolean_pending() returns the pending value for
boolean or -1 on failure.
security_get_boolean_active() returns the active value for
boolean or -1 on failure.
security_set_boolean() sets the pending value for boolean
security_set_boolean_list() saves a list of booleans in a single
transaction. Note that the int permanent flag is deprecated and
should be set to zero.
security_commit_booleans() commits all pending values for the
booleans.
Возвращаемое значение (Return value)
Where not otherwise stated, functions described in this manual
page return zero on success or -1 on error.
