LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 07-05-2014, 05:30 AM   #1
hashbangbinbash
Member
 
Registered: Mar 2008
Posts: 106

Rep: Reputation: 16
SELinux Booleans


Quik dumb question I've not been able to confirm via giyf...

selinux booleans are a way to turn off specific selinux rules right? So that instead of turning off the whole selinux thing, you can turn off or on a specific rule, right?
 
Old 07-05-2014, 05:42 AM   #2
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,331
Blog Entries: 55

Rep: Reputation: 3530Reputation: 3530Reputation: 3530Reputation: 3530Reputation: 3530Reputation: 3530Reputation: 3530Reputation: 3530Reputation: 3530Reputation: 3530Reputation: 3530
Quote:
Originally Posted by hashbangbinbash View Post
Quik dumb question I've not been able to confirm via giyf...
No need for that. Just 'man booleans'.
 
Old 07-05-2014, 04:00 PM   #3
jpollard
Senior Member
 
Registered: Dec 2012
Location: Washington DC area
Distribution: Fedora, CentOS, Slackware
Posts: 4,604

Rep: Reputation: 1241Reputation: 1241Reputation: 1241Reputation: 1241Reputation: 1241Reputation: 1241Reputation: 1241Reputation: 1241Reputation: 1241
Quote:
Originally Posted by hashbangbinbash View Post
Quik dumb question I've not been able to confirm via giyf...

selinux booleans are a way to turn off specific selinux rules right? So that instead of turning off the whole selinux thing, you can turn off or on a specific rule, right?
They are test points that permit/deny things that are already identified. Some sites allow users to have public HTML files in their home directories - other sites don't (usually these would be production web servers). This is controlled via a boolean (httpd_enable_homedirs) which permits apache to access the users home directory.

There are a number of such booleans to control various services (samba, sftpd, ssh, VMs, rsyncd,...). But it isn't a "on/off" for SELinux, it is to control services and users with the goal of protecting the system and users from vulnerabilities that may exist in the services.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] Not able to restrict ping command with the SELinux Booleans sandeep.patade Linux - Security 2 07-28-2012 02:00 AM
Where are the booleans for SELinux stored? amonamarth Linux - Server 2 09-30-2010 12:49 AM
PHP Booleans: trscookie Programming 1 07-29-2010 08:01 PM
booleans mintoo4linux Linux - Newbie 4 06-20-2008 09:39 AM
problem with booleans yadava Linux - Newbie 5 04-18-2008 10:16 AM


All times are GMT -5. The time now is 06:25 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration