| .TH "booleans" "5" "28-Nov-2011" "Security Enhanced Linux" "SELinux configuration" |
| .SH "NAME" |
| booleans \- The SELinux booleans configuration files |
| . |
| .SH "DESCRIPTION" |
| The \fIbooleans\fR file, if present contains booleans to support a specific distribution. |
| .sp |
| The \fIbooleans.local\fR file, if present contains locally generated booleans. |
| .sp |
| Both files contain a list of boolean names and their associated values. |
| .sp |
| Generally the \fIbooleans\fR and/or \fIbooleans.local\fR files are not present (they have been deprecated). However if there is an SELinux-aware application that uses the libselinux functions listed below, then these files may be present: |
| .sp |
| .RS |
| .BR security_set_boolean_list "(3) " |
| .RS |
| Writes a \fIbooleans.local\fR file if flag \fIpermanent\fR = \fI1\fR. |
| .sp |
| .RE |
| .RE |
| .RS |
| .BR security_load_booleans "(3) " |
| .RS |
| Looks for a \fIbooleans\fR and/or \fIbooleans.local\fR file at \fBselinux_booleans_path\fR(3) unless a specific path is specified as a parameter. |
| .RE |
| .RE |
| .sp |
| \fBbooleans\fR(8) has details on booleans and \fBsetsebool\fR(8) describes how booleans can now be set persistent across reboots. |
| .sp |
| \fBselinux_booleans_path\fR(3) will return the active policy path to these files. The default boolean files are: |
| .RS |
| .I /etc/selinux/{SELINUXTYPE}/booleans |
| .br |
| .I /etc/selinux/{SELINUXTYPE}/booleans.local |
| .RE |
| .sp |
| Where \fI{SELINUXTYPE}\fR is the entry from the selinux configuration file \fIconfig\fR (see \fBselinux_config\fR(5)). |
| . |
| .SH "FILE FORMAT" |
| Both boolean files have the same format and contain one or more boolean names and their value. |
| .sp |
| The format is: |
| .RS |
| .I boolean_name |
| .I value |
| .sp |
| .RE |
| Where: |
| .RS |
| .I boolean_name |
| .RS |
| The name of the boolean. |
| .RE |
| .I value |
| .RS |
| The default setting for the boolean. This can be one of the following: |
| .RS |
| .IR true " | " false " | " 1 " | " 0 |
| .RE |
| .RE |
| .RE |
| .sp |
| Note that if |
| .B SETLOCALDEFS |
| is set in the SELinux |
| .I config |
| file (see |
| .BR selinux_config "(5)), then " selinux_mkload_policy "(3) will check for a " |
| .I booleans.local |
| file in the |
| .BR selinux_booleans_path (3) |
| and also a |
| .I local.users |
| file (see |
| .BR local.users "(5)) in the " selinux_users_path "(3). " |
| . |
| .SH "SEE ALSO" |
| .ad l |
| .nh |
| .BR selinux "(8), " booleans "(8), " setsebool "(8), " semanage "(8), " selinux_booleans_path "(3), " security_set_boolean_list "(3), " security_load_booleans "(3), " selinux_mkload_policy "(3), " selinux_users_path "(3), " selinux_config "(5), " local.users "(5) " |