1sepol_genbools(3) SE Linux binary policy API documentation sepol_genbools(3)
2
3
4
6 sepol_genbools - Rewrite a binary policy with different boolean set‐
7 tings
8
10 #include <sepol/sepol.h>
11
12 int sepol_genbools(void *data, size_t len, char *boolpath);
13 int sepol_genbools_array(void *data, size_t len, char **names, int
14 *values, int nel);
15
16
18 sepol_genbools rewrites a binary policy stored in the memory region
19 described by (data, len) to use the boolean settings specified in the
20 file named by boolpath. The boolean settings are specified by
21 name=value lines where value may be 0 or false to disable or 1 or true
22 to enable. The binary policy is rewritten in place in memory.
23
24 sepol_genbools_array does likewise, but obtains the boolean settings
25 from the parallel arrays (names, values) with nel elements each.
26
27
29 Returns 0 on success or -1 otherwise, with errno set appropriately. An
30 errno of ENOENT indicates that the boolean file did not exist. An
31 errno of EINVAL indicates that one or more booleans listed in the bool‐
32 ean file was undefined in the policy or had an invalid value specified;
33 in this case, the binary policy is still rewritten but any invalid
34 boolean settings are ignored.
35
36
37
38
39sds@epoch.ncsc.mil 11 August 2004 sepol_genbools(3)