Sysctl: ipe.enforce
This sysctl key defines if a system should run the Linux security module IPE in permissive or enforce mode.
Values
Value | Description |
---|---|
0 | IPE in permissive mode |
1 | IPE in enforce mode |
Most systems have by default ipe.enforce set to value 1.
Show current value
The value of the ipe.enforce can be retrieved using the sysctl command.
sysctl ipe.enforce
or using the proc file system:
sysctl /proc/sys/ipe/enforce
Configure new value
To apply a new value, use the option --write, followed by the key and value.
sysctl --write ipe.enforce=NEWVALUE
To ensure that these changes are also applied during the next boot, add them to a configuration file, typically something like /etc/sysctl.d/99-custom.conf.