22.3. Booleans

download PDF
SELinux is based on the least level of access required for a service to run. Services can be run in a variety of ways; therefore, you need to specify how you run your services. Use the following Booleans to set up SELinux:
Having this Boolean enabled allows rsync in the rsync_t domain to manage files, links and directories that have a type of public_content_rw_t. Often these are public files used for public file transfer services. Files and directories must be labeled this type.
Having this Boolean enabled allows rsync to initiate connections to ports defined as rsync_port_t, as well as allowing the daemon to manage files, links, and directories that have a type of rsync_data_t. Note that rsync must be in the rsync_t domain in order for SELinux to enact its control over it. The configuration example in this chapter demonstrates rsync running in the rsync_t domain.
Having this Boolean enabled allows rsync in the rsync_t domain to export NFS and CIFS volumes with read-only access to clients.


Due to the continuous development of the SELinux policy, the list above might not contain all Booleans related to the service at all times. To list them, enter the following command:
~]$ getsebool -a | grep service_name
Enter the following command to view description of a particular Boolean:
~]$ sepolicy booleans -b boolean_name
Note that the additional policycoreutils-devel package providing the sepolicy utility is required for this command to work.
Red Hat logoGithubRedditYoutubeTwitter


Try, buy, & sell


About Red Hat Documentation

We help Red Hat users innovate and achieve their goals with our products and services with content they can trust.

Making open source more inclusive

Red Hat is committed to replacing problematic language in our code, documentation, and web properties. For more details, see the Red Hat Blog.

About Red Hat

We deliver hardened solutions that make it easier for enterprises to work across platforms and environments, from the core datacenter to the network edge.

© 2024 Red Hat, Inc.