Back to main site | Back to man page index

booleans(8)                               SELinux Command Line documentation                              booleans(8)



NAME
       booleans - Policy booleans enable runtime customization of SELinux policy

DESCRIPTION
       This  manual  page  describes SELinux policy booleans.   The SELinux policy can include conditional rules that
       are enabled or disabled based on the current values of a set of policy booleans.  These policy booleans  allow
       runtime modification of the security policy without having to load a new policy.

       For example, the boolean httpd_enable_cgi allows the httpd daemon to run cgi scripts if it is enabled.  If the
       administrator does not want to allow execution of cgi scripts, he can simply disable this boolean value.

       The policy defines a default value for each boolean, typically false.  These default values can be  overridden
       via  local  settings  created  via  the  setsebool(8)  utility, using -P to make the setting persistent across
       reboots.  The system-config-securitylevel tool provides a graphical interface for altering the settings.   The
       load_policy(8)  program will preserve current boolean settings upon a policy reload by default, or can optionā€
       ally reset booleans to the boot-time defaults via the -b option.

       Boolean values can be listed by using the getsebool(8) utility and passing it the -a option.

       Boolean values can also be changed at runtime via the setsebool(8) utility or the togglesebool(8) utility.  By
       default,  these  utilities  only  change  the current boolean value and do not affect the persistent settings,
       unless the -P option is used to setsebool.

AUTHOR
       This manual page was written by Dan Walsh <[email protected]>.  The SELinux  conditional  policy  support  was
       developed by Tresys Technology.

SEE ALSO
       getsebool(8), setsebool(8), selinux(8), togglesebool(8)



[email protected]                                    11 Aug 2004                                          booleans(8)