LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 07-05-2014, 04:30 AM   #1
hashbangbinbash
Member
 
Registered: Mar 2008
Posts: 108

Rep: Reputation: 16
SELinux Booleans


Quik dumb question I've not been able to confirm via giyf...

selinux booleans are a way to turn off specific selinux rules right? So that instead of turning off the whole selinux thing, you can turn off or on a specific rule, right?
 
Old 07-05-2014, 04:42 AM   #2
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,354
Blog Entries: 55

Rep: Reputation: 3541Reputation: 3541Reputation: 3541Reputation: 3541Reputation: 3541Reputation: 3541Reputation: 3541Reputation: 3541Reputation: 3541Reputation: 3541Reputation: 3541
Quote:
Originally Posted by hashbangbinbash View Post
Quik dumb question I've not been able to confirm via giyf...
No need for that. Just 'man booleans'.
 
Old 07-05-2014, 03:00 PM   #3
jpollard
Senior Member
 
Registered: Dec 2012
Location: Washington DC area
Distribution: Fedora, CentOS, Slackware
Posts: 4,702

Rep: Reputation: 1270Reputation: 1270Reputation: 1270Reputation: 1270Reputation: 1270Reputation: 1270Reputation: 1270Reputation: 1270Reputation: 1270
Quote:
Originally Posted by hashbangbinbash View Post
Quik dumb question I've not been able to confirm via giyf...

selinux booleans are a way to turn off specific selinux rules right? So that instead of turning off the whole selinux thing, you can turn off or on a specific rule, right?
They are test points that permit/deny things that are already identified. Some sites allow users to have public HTML files in their home directories - other sites don't (usually these would be production web servers). This is controlled via a boolean (httpd_enable_homedirs) which permits apache to access the users home directory.

There are a number of such booleans to control various services (samba, sftpd, ssh, VMs, rsyncd,...). But it isn't a "on/off" for SELinux, it is to control services and users with the goal of protecting the system and users from vulnerabilities that may exist in the services.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] Not able to restrict ping command with the SELinux Booleans sandeep.patade Linux - Security 2 07-28-2012 01:00 AM
Where are the booleans for SELinux stored? amonamarth Linux - Server 2 09-29-2010 11:49 PM
PHP Booleans: trscookie Programming 1 07-29-2010 07:01 PM
booleans mintoo4linux Linux - Newbie 4 06-20-2008 08:39 AM
problem with booleans yadava Linux - Newbie 5 04-18-2008 09:16 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 02:41 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration