Provided by: selinux-utils_2.4-3build2_i386 bug


       booleans  -  Policy  booleans  enable  runtime customization of SELinux


       This manual page describes  SELinux  policy  booleans.     The  SELinux
       policy can include conditional rules that are enabled or disabled based
       on the current values of  a  set  of  policy  booleans.   These  policy
       booleans  allow  runtime  modification  of  the security policy without
       having to load a new policy.

       For example, the boolean httpd_enable_cgi allows the  httpd  daemon  to
       run  cgi  scripts if it is enabled.  If the administrator does not want
       to allow execution of cgi scripts, he can simply disable  this  boolean

       The  policy  defines a default value for each boolean, typically false.
       These default values can be overridden via local settings  created  via
       the  setsebool(8)  utility,  using  -P  to  make the setting persistent
       across  reboots.   The  system-config-securitylevel  tool  provides   a
       graphical  interface  for  altering  the  settings.  The load_policy(8)
       program will preserve current boolean settings upon a policy reload  by
       default, or can optionally reset booleans to the boot-time defaults via
       the -b option.

       Boolean values can be listed by  using  the  getsebool(8)  utility  and
       passing it the -a option.

       Boolean  values  can  also  be  changed at runtime via the setsebool(8)
       utility or the togglesebool(8) utility.  By  default,  these  utilities
       only  change the current boolean value and do not affect the persistent
       settings, unless the -P option is used to setsebool.


       This manual page was written by  Dan  Walsh  <>.   The
       SELinux conditional policy support was developed by Tresys Technology.


       getsebool(8), setsebool(8), selinux(8), togglesebool(8)