SIMPLE SOLUTIONS

BOOLEANS(8) - Linux man page online | Administration and privileged commands

Policy booleans enable runtime customization of SELinux policy.

Chapter
11 Aug 2004
booleans(8) SELinux Command Line documentation booleans(8)

NAME

booleans - Policy booleans enable runtime customization of SELinux policy

DESCRIPTION

This manual page describes SELinux policy booleans. The SELinux policy can include con‐ ditional rules that are enabled or disabled based on the current values of a set of policy booleans. These policy booleans allow runtime modification of the security policy without having to load a new policy. For example, the boolean httpd_enable_cgi allows the httpd daemon to run cgi scripts if it is enabled. If the administrator does not want to allow execution of cgi scripts, he can simply disable this boolean value. The policy defines a default value for each boolean, typically false. These default val‐ ues can be overridden via local settings created via the setsebool(8) utility, using -P to make the setting persistent across reboots. The system-config-securitylevel tool provides a graphical interface for altering the settings. The load_policy(8) program will preserve current boolean settings upon a policy reload by default, or can optionally reset booleans to the boot-time defaults via the -b option. Boolean values can be listed by using the getsebool(8) utility and passing it the -a option. Boolean values can also be changed at runtime via the setsebool(8) utility or the toggle‐ sebool(8) utility. By default, these utilities only change the current boolean value and do not affect the persistent settings, unless the -P option is used to setsebool.

AUTHOR

This manual page was written by Dan Walsh <@redhat.com>. The SELinux conditional policy support was developed by Tresys Technology.

SEE ALSO

getsebool(8), setsebool(8), selinux(8), togglesebool(8)
@redhat.com 11 Aug 2004 booleans(8)
This manual Reference Other manuals
booleans(8) referred by booleans(5) | getsebool(8) | load_policy(8) | security_load_booleans(3) | selinux(8) | setsebool(8) | togglesebool(8)
refer to getsebool(8) | load_policy(8) | selinux(8) | setsebool(8) | togglesebool(8)
Download raw manual
Main page SELinux Command Line documentation (+16) dwalsh@redhat.com (+75) № 8 (+5755)
Go top