selinux: how to query if selinux is enabled

Paul Moore paul at paul-moore.com
Thu Oct 8 01:07:08 UTC 2020


On Wed, Oct 7, 2020 at 8:41 PM Olga Kornievskaia <aglo at umich.edu> wrote:
> Hi folks,
>
> From some linux kernel module, is it possible to query and find out
> whether or not selinux is currently enabled or not?
>
> Thank you.

[NOTE: CC'ing the SELinux list as it's probably a bit more relevant
that the LSM list]

In general most parts of the kernel shouldn't need to worry about what
LSMs are active and/or enabled; the simply interact with the LSM(s)
via the interfaces defined in include/linux/security.h (there are some
helpful comments in include/linux/lsm_hooks.h).  Can you elaborate a
bit more on what you are trying to accomplish?

P.S. Go Blue :)

-- 
paul moore
www.paul-moore.com



More information about the Linux-security-module-archive mailing list