security_disable man page

security_disable — disable the SELinux kernel code at runtime

Synopsis

#include <selinux/selinux.h>

int security_disable(void);

Description

security_disable() disables the SELinux kernel code, unregisters selinuxfs from /proc/filesystems, and then unmounts /sys/fs/selinux.

This function can only be called at runtime and prior to the initial policy load. After the initial policy load, the SELinux kernel code cannot be disabled, but only placed in "permissive" mode by using security_setenforce(3).

Return Value

security_disable() returns zero on success or -1 on error.

Author

This manual page has been written by Guido Trentalancia <guido@trentalancia.com>

See Also

selinux(8), setenforce (8)

Referenced By

security_load_policy(3).

21 Nov 2009 SELinux API documentation