Provided by: selinux-utils_3.5-2ubuntu2.1_amd64 bug

NAME
       booleans - Policy booleans enable runtime customization of SELinux policy


DESCRIPTION
       This  manual  page  describes SELinux policy booleans.   The SELinux policy can include conditional rules
       that are enabled or disabled based on the current values of a  set  of  policy  booleans.   These  policy
       booleans allow runtime modification of the security policy without having to load a new policy.

       For  example,  the  boolean httpd_enable_cgi allows the httpd daemon to run cgi scripts if it is enabled.
       If the administrator does not want to allow execution of cgi scripts, he can simply disable this  boolean
       value.

       The  policy  defines  a  default  value  for  each boolean, typically false.  These default values can be
       overridden via local settings created via  the  setsebool(8)  utility,  using  -P  to  make  the  setting
       persistent  across  reboots.   The  system-config-securitylevel  tool  provides a graphical interface for
       altering the settings.  The load_policy(8) program will preserve current boolean settings upon  a  policy
       reload by default, or can optionally reset booleans to the boot-time defaults via the -b option.

       Boolean values can be listed by using the getsebool(8) utility and passing it the -a option.

       Boolean  values  can  also  be  changed  at  runtime  via the setsebool(8) utility or the togglesebool(8)
       utility.  By default, these utilities only change the  current  boolean  value  and  do  not  affect  the
       persistent settings, unless the -P option is used to setsebool.


AUTHOR
       This  manual  page  was written by Dan Walsh <dwalsh@redhat.com>.  The SELinux conditional policy support
       was developed by Tresys Technology.


SEE ALSO
       getsebool(8), setsebool(8), selinux(8), togglesebool(8)