semanage-boolean(8) [centos man page]
semanage-boolean(8) semanage-boolean(8) NAME
semanage boolean- SELinux Policy Management boolean tool SYNOPSIS
semanage boolean [-h] [-n] [-N] [-s STORE] [ --extract | --deleteall | --list [-C] | --modify ( --on | --off ) boolean ] DESCRIPTION
semanage is used to configure certain elements of SELinux policy without requiring modification to or recompilation from policy sources. semanage boolean command controls the settings of booleans in SELinux policy. booleans are if-then-else rules written in SELinux Policy. They can be used to customize the way that SELinux Policy rules effect a confined domain. OPTIONS
-h, --help show this help message and exit -n, --noheading Do not print heading when listing the specified object type -N, --noreload Do not reload policy after commit -S STORE, --store STORE Select an alternate SELinux Policy Store to manage -C, --locallist List local customizations -m, --modify Modify a record of the specified object type -l, --list List records of the specified object type -E, --extract Extract customizable commands, for use within a transaction -D, --deleteall Remove all local customizations -1, --on Enable the boolean -0, --off Disable the boolean EXAMPLE
Turn on the apache can send mail boolan # semanage boolean -m --on httpd_can_sendmail List customized booleans # semanage boolean -l -C SEE ALSO
selinux (8), semanage (8) setsebool (8) getsebool (8) AUTHOR
This man page was written by Daniel Walsh <dwalsh@redhat.com> 20130617 semanage-boolean(8)
Check Out this Related Man Page
semanage(8) semanage(8) NAME
semanage - SELinux Policy Management tool SYNOPSIS
semanage {import,export,login,user,port,interface,module,node,fcontext,boolean,permissive,dontaudit} ... positional arguments: import Import local customizations export Output local customizations login Manage login mappings between linux users and SELinux confined users user Manage SELinux confined users (Roles and levels for an SELinux user) port Manage network port type definitions interface Manage network interface type definitions module Manage SELinux policy modules node Manage network node type definitions fcontext Manage file context mapping definitions boolean Manage booleans to selectively enable functionality permissive Manage process type enforcement mode dontaudit Disable/Enable dontaudit rules in policy DESCRIPTION
semanage is used to configure certain elements of SELinux policy without requiring modification to or recompilation from policy sources. This includes the mapping from Linux usernames to SELinux user identities (which controls the initial security context assigned to Linux users when they login and bounds their authorized role set) as well as security context mappings for various kinds of objects, such as net- work ports, interfaces, and nodes (hosts) as well as the file context mapping. See the EXAMPLES section below for some examples of common usage. Note that the semanage login command deals with the mapping from Linux usernames (logins) to SELinux user identities, while the semanage user command deals with the mapping from SELinux user identities to authorized role sets. In most cases, only the former mapping needs to be adjusted by the administrator; the latter is principally defined by the base policy and usually does not require modification. OPTIONS
-h, --help List help information SEE ALSO
selinux (8), semanage-boolean (8), semanage-dontaudit (8), semanage-export (8), semanage-fcontext (8), semanage-import (8), semanage-inter- face (8), semanage-login (8), semanage-module (8), semanage-node (8), semanage-permissive (8), semanage-port (8), semanage-user (8) AUTHOR
This man page was written by Daniel Walsh <dwalsh@redhat.com> and Russell Coker <rcoker@redhat.com>. Examples by Thomas Bleher <ThomasBleher@gmx.de>. usage: semanage [-h] 20100223 semanage(8)