booleans(8) — Linux manual page


booleans(8)          SELinux Command Line documentation          booleans(8)

NAME         top

       booleans  -  Policy  booleans enable runtime customization of SELinux

DESCRIPTION         top

       This manual page describes SELinux policy booleans.   The SELinux
       policy can include conditional rules that are enabled or disabled
       based on the current values of a set of policy booleans.  These
       policy booleans allow runtime modification of the security policy
       without having to load a new policy.

       For example, the boolean httpd_enable_cgi allows the httpd daemon to
       run cgi scripts if it is enabled.  If the administrator does not want
       to allow execution of cgi scripts, he can simply disable this boolean

       The policy defines a default value for each boolean, typically false.
       These default values can be overridden via local settings created via
       the setsebool(8) utility, using -P to make the setting persistent
       across reboots.  The system-config-securitylevel tool provides a
       graphical interface for altering the settings.  The load_policy(8)
       program will preserve current boolean settings upon a policy reload
       by default, or can optionally reset booleans to the boot-time
       defaults via the -b option.

       Boolean values can be listed by using the getsebool(8) utility and
       passing it the -a option.

       Boolean values can also be changed at runtime via the setsebool(8)
       utility or the togglesebool(8) utility.  By default, these utilities
       only change the current boolean value and do not affect the
       persistent settings, unless the -P option is used to setsebool.

AUTHOR         top

       This manual page was written by Dan Walsh <>.  The
       SELinux conditional policy support was developed by Tresys

SEE ALSO         top

       getsebool(8), setsebool(8), selinux(8), togglesebool(8)

COLOPHON         top

       This page is part of the selinux (Security-Enhanced Linux user-space
       libraries and tools) project.  Information about the project can be
       found at ⟨⟩.  If you
       have a bug report for this manual page, see
       ⟨⟩.  This
       page was obtained from the project's upstream Git repository
       ⟨⟩ on 2020-09-18.  (At that
       time, the date of the most recent commit that was found in the repos‐
       itory was 2020-09-17.)  If you discover any rendering problems in
       this HTML version of the page, or you believe there is a better or
       more up-to-date source for the page, or you have corrections or
       improvements to the information in this COLOPHON (which is not part
       of the original manual page), send a mail to                11 Aug 2004                     booleans(8)

Pages that refer to this page: security_commit_booleans(3)security_get_boolean_active(3)security_get_boolean_names(3)security_get_boolean_pending(3)security_load_booleans(3)security_set_boolean(3)getsebool(8)load_policy(8)selinux(8)SELinux(8)setsebool(8)togglesebool(8)