sepol_genbools(3) SE Linux binary policy API documentation sepol_genbools(3)NAME
sepol_genbools - Rewrite a binary policy with different boolean settings
SYNOPSIS
#include <sepol/sepol.h>
int sepol_genbools(void *data, size_t len, char *boolpath);
int sepol_genbools_array(void *data, size_t len, char **names, int *values, int nel);
DESCRIPTION
sepol_genbools rewrites a binary policy stored in the memory region described by (data, len) to use the boolean settings specified in the
file named by boolpath. The boolean settings are specified by name=value lines where value may be 0 or false to disable or 1 or true to
enable. The binary policy is rewritten in place in memory.
sepol_genbools_array does likewise, but obtains the boolean settings from the parallel arrays (names, values) with nel elements each.
RETURN VALUE
Returns 0 on success or -1 otherwise, with errno set appropriately. An errno of ENOENT indicates that the boolean file did not exist. An
errno of EINVAL indicates that one or more booleans listed in the boolean file was undefined in the policy or had an invalid value speci-
fied; in this case, the binary policy is still rewritten but any invalid boolean settings are ignored.
sds@epoch.ncsc.mil 11 August 2004 sepol_genbools(3)
Check Out this Related Man Page
security_get_boolean_names(3) SELinux API Documentation security_get_boolean_names(3)NAME
security_load_booleans, security_set_boolean, security_commit_booleans, security_get_boolean_names, security_get_boolean_active, secu-
rity_get_boolean_pending - routines for manipulating SELinux boolean values
SYNOPSIS
#include <selinux/selinux.h>
int security_load_booleans(char *path);
int security_get_boolean_names(char ***names, int *len);
int security_get_boolean_pending(const char *name);
int security_get_boolean_active(const char *name);
int security_set_boolean(const char *name, int value);
int security_set_boolean_list(size_t boolcnt, SELboolean *boollist, int permanent);
int security_commit_booleans(void);
DESCRIPTION
The SELinux policy can include conditional rules that are enabled or disabled based on the current values of a set of policy booleans.
These policy booleans allow runtime modification of the security policy without having to load a new policy.
The SELinux API allows for a transaction based update. So you can set several boolean values and then commit them all at once.
security_load_booleans
loads policy boolean settings. Path may be NULL, in which case the booleans are loaded from the active policy boolean configuration file.
security_get_boolean_names
provides a list of boolean names, currently supported by the loaded policy.
security_get_boolean_pending
returns the pending value for boolean or -1 on failure.
security_get_boolean_active
returns the active value for boolean or -1 on failure.
security_set_boolean
sets the pending value for boolean
security_set_boolean_list
saves a list of booleans in a single transaction.
security_commit_booleans
commits all pending values for the booleans.
RETURN VALUE
Where not otherwise stated, functions described in this manual page return zero on success or -1 on error.
AUTHOR
This manual page was written by Dan Walsh <dwalsh@redhat.com>.
SEE ALSO selinux(8), getsebool(8), booleans(8), togglesebool(8)dwalsh@redhat.com 15 November 2004 security_get_boolean_names(3)
Hi everyone,
I know the following questions are noobish questions but I am asking them because I am confused about the basics of history behind UNIX and LINUX.
Ok onto business, my questions are-:
Was/Is UNIX ever an open source operating system ?
If UNIX was... (21 Replies)
Hello and thanks in advance for any help anyone can offer me
I'm trying to learn the find command and thought I was understanding it... Apparently I was wrong. I was doing compound searches and I started getting weird results with the -size test. I was trying to do a search on a 1G file owned by... (14 Replies)
hi all,
i have installed quota on my centos 7 machine and its what im after (setting size limit on users, so they cant fill the hard drive)
i want to now make this part of my create user script for my sftp server so i want to do a echo and a read command so i capture the limit they enter... (0 Replies)
Hi everybody,
Which Unix base OS have best performance for HOST virtualization?
I tested SmartOS but it needs another OS to connect remotely!
Thanks in advance. (11 Replies)
Hi All,
I need to write a shell script which opens a file and increments the version(text) within the file every time the script runs. For example:
$ cat docker_file.yml
version: '3.1'
services:
ui:
image: repo-srv.dev.io:5000/facebook/ui:0.0.2-QA1
$
So, I would like... (6 Replies)
Dear Team
We use DB2 v10.5 and using DBArtisan tool
Can someone please guide how to convert digits to binary numbers using db2 feature.
Ex> for number 9 , binary should be 1001 ( 8+1)
Any help appreciated. Thanks (2 Replies)
hi folks,
how to using tar with exclude directory and compress it using tar.Z
i only know how to exclude dir only with this command below:
tar -cvf /varios/restore/test.tar -X excludefile.txt /jfma/test1/
how to compress it using 1 command?
Thanx
Please use CODE tags as... (6 Replies)
Quite an obscure question I think.
We have a rebuild process for remote sites that allows us to PXE rebuild a till (actually a PC with a touch screen and various fancy bits) running CentOS. The current CentOS5 tills work just fine with a tar image restore and some personalisation. Sadly,... (4 Replies)
Hello All,
I had recently learnt a bit of Docker(which provides containerization process).
Here are some of my learning points from it.
Let us start first with very basic question:
What is Docker:
Docker is a platform for sysadmins and developers to DEPLOY, DEVELOP and RUN applications ... (7 Replies)
What is the point of this? Whenever I close my shell it appends to the history file without adding this. I have never seen it overwrite my history file.
# When the shell exits, append to the history file instead of overwriting it
shopt -s histappend (3 Replies)
Hello... And thanks in advance for any help anyone can offer me
I was trying to work out the differences between displaying modify, access, and change times with the 'ls' command. Everything seems in order when I look at files, but the access time on a directory doesn't seem to change when I... (4 Replies)
Hello everyone,
I am having an issue here with CentOS release 6.6 (Final) that shows all of the space used up, but I can't tell where the space went.
Seemingly I am using up 100%, according to
df -h
Filesystem Size Used Avail Use% Mounted on... (27 Replies)
I'm trying to use a bash script for a psych experiment that involves listening to sound files and responding. If I have something like the code below, how can I make sure that a key press is assigned to RESPONSE only after the second echo statement?
for i in 1 2 3; do
echo "Ready?"
sleep 2
... (10 Replies)
After the success of the jq - tool for parsing and manipulating JSON-Data someone wrote a tool called yq, which aims to be the same for YAML, what jq is for JSON. Seems to work fine. I'll definitely give it a chance in future.
Example YAML-File:
--- !ruby/object:Puppet::Node::Facts
... (1 Reply)
Dear All,
I am very pleased to announce that Dave Munro (gull04) is joining the Moderation Team, after being a very valuable member of UNIX.com for 15+ years.
Dave is an IT Consultant with 30 years of experience this year, has worked in many of the industry vertical market segments and has... (6 Replies)