booleans

Section: SELinux configuration (5)
Updated: 28-Nov-2011
Page Index

NAME

booleans - The SELinux booleans configuration files

DESCRIPTION

The booleans file, if present contains booleans to support a specific distribution.

The booleans.local file, if present contains locally generated booleans.

Both files contain a list of boolean names and their associated values.

Generally the booleans and/or booleans.local files are not present (they have been deprecated). However if there is an SELinux-aware application that uses the libselinux functions listed below, then these files may be present:

security_set_boolean_list(3)

: Writes a booleans.local file if flag permanent = 1.

security_load_booleans(3)

: Looks for a booleans and/or booleans.local file at selinux_booleans_path(3) unless a specific path is specified as a parameter.

booleans(8) has details on booleans and setsebool(8) describes how booleans can now be set persistent across reboots.

selinux_booleans_path(3) will return the active policy path to these files. The default boolean files are:

: /etc/selinux/{SELINUXTYPE}/booleans
/etc/selinux/{SELINUXTYPE}/booleans.local

Where {SELINUXTYPE} is the entry from the selinux configuration file config (see selinux_config(5)).

FILE FORMAT

Both boolean files have the same format and contain one or more boolean names and their value.

The format is:

: boolean_name value

Where:

boolean_name

: The name of the boolean.

value

The default setting for the boolean. This can be one of the following:

: true | false | 1 | 0

Note that if SETLOCALDEFS is set in the SELinux config file (see selinux_config(5)), then selinux_mkload_policy(3) will check for a booleans.local file in the selinux_booleans_path(3) and also a local.users file (see local.users(5)) in the selinux_users_path(3).

booleans

NAME

DESCRIPTION

FILE FORMAT

SEE ALSO

Index