security_disable - Man Page

disable the SELinux kernel code at runtime


#include <selinux/selinux.h>

int security_disable(void);


security_disable() disables the SELinux kernel code, unregisters selinuxfs from /proc/filesystems, and then unmounts /sys/fs/selinux.

This function can only be called at runtime and prior to the initial policy load. After the initial policy load, the SELinux kernel code cannot be disabled, but only placed in "permissive" mode by using security_setenforce(3).

Return Value

security_disable() returns zero on success or -1 on error.


This manual page has been written by Guido Trentalancia <>

See Also

selinux(8), setenforce (8)

Referenced By


21 Nov 2009 SELinux API documentation