selinux/libselinux/man/man8/booleans.8 - nest-cam/4320010/selinux - Git at Google

 .TH "booleans" "8" "11 Aug 2004" "dwalsh@redhat.com" "SELinux Command Line documentation"
 .SH "NAME"
 booleans \- Policy booleans enable runtime customization of SELinux policy
 .
 .SH "DESCRIPTION"
 This manual page describes SELinux policy booleans.
 .BR
 The SELinux policy can include conditional rules that are enabled or
 disabled based on the current values of a set of policy booleans.
 These policy booleans allow runtime modification of the security
 policy without having to load a new policy.

 For example, the boolean httpd_enable_cgi allows the httpd daemon to
 run cgi scripts if it is enabled.  If the administrator does not want
 to allow execution of cgi scripts, he can simply disable this boolean
 value.

 The policy defines a default value for each boolean, typically false.
 These default values can be overridden via local settings created via the
 .BR setsebool (8)
 utility, using
 .B \-P
 to make the setting persistent across reboots.  The
 .B system\-config\-securitylevel
 tool provides a graphical interface for altering
 the settings.  The
 .BR load_policy (8)
 program will preserve
 current boolean settings upon a policy reload by default, or can
 optionally reset booleans to the boot-time defaults via the
 .B \-b
 option.

 Boolean values can be listed by using the
 .BR getsebool (8)
 utility and passing it the
 .B \-a
 option.

 Boolean values can also be changed at runtime via the
 .BR setsebool (8)
 utility or the
 .BR togglesebool (8)
 utility.  By default, these utilities only change the
 current boolean value and do not affect the persistent settings,
 unless the
 .B \-P
 option is used to setsebool.
 .
 .SH AUTHOR
 This manual page was written by Dan Walsh <dwalsh@redhat.com>.
 The SELinux conditional policy support was developed by Tresys Technology.
 .
 .SH "SEE ALSO"
 .BR getsebool (8),
 .BR setsebool (8),
 .BR selinux (8),
 .BR togglesebool (8)
	.TH "booleans" "8" "11 Aug 2004" "dwalsh@redhat.com" "SELinux Command Line documentation"
	.SH "NAME"
	booleans \- Policy booleans enable runtime customization of SELinux policy
	.
	.SH "DESCRIPTION"
	This manual page describes SELinux policy booleans.
	.BR
	The SELinux policy can include conditional rules that are enabled or
	disabled based on the current values of a set of policy booleans.
	These policy booleans allow runtime modification of the security
	policy without having to load a new policy.

	For example, the boolean httpd_enable_cgi allows the httpd daemon to
	run cgi scripts if it is enabled. If the administrator does not want
	to allow execution of cgi scripts, he can simply disable this boolean
	value.

	The policy defines a default value for each boolean, typically false.
	These default values can be overridden via local settings created via the
	.BR setsebool (8)
	utility, using
	.B \-P
	to make the setting persistent across reboots. The
	.B system\-config\-securitylevel
	tool provides a graphical interface for altering
	the settings. The
	.BR load_policy (8)
	program will preserve
	current boolean settings upon a policy reload by default, or can
	optionally reset booleans to the boot-time defaults via the
	.B \-b
	option.

	Boolean values can be listed by using the
	.BR getsebool (8)
	utility and passing it the
	.B \-a
	option.

	Boolean values can also be changed at runtime via the
	.BR setsebool (8)
	utility or the
	.BR togglesebool (8)
	utility. By default, these utilities only change the
	current boolean value and do not affect the persistent settings,
	unless the
	.B \-P
	option is used to setsebool.
	.
	.SH AUTHOR
	This manual page was written by Dan Walsh <dwalsh@redhat.com>.
	The SELinux conditional policy support was developed by Tresys Technology.
	.
	.SH "SEE ALSO"
	.BR getsebool (8),
	.BR setsebool (8),
	.BR selinux (8),
	.BR togglesebool (8)