LinuxCommandLibrary

setsebool

Set SELinux boolean values at runtime

TLDR

Set a boolean temporarily

$ sudo setsebool [boolean_name] on
copy
Unset a boolean temporarily
$ sudo setsebool [boolean_name] off
copy
Set a boolean persistently across reboots
$ sudo setsebool -P [boolean_name] on
copy
Set multiple booleans persistently
$ sudo setsebool -P [key1] [1] [key2] [0]
copy

SYNOPSIS

setsebool [-PNV] boolean value | bool1=val1 bool2=val2...

DESCRIPTION

setsebool sets the current state of SELinux booleans. Booleans allow runtime customization of SELinux policy without requiring policy modification or recompilation.
Values can be specified as 1, true, on for enabled or 0, false, off for disabled.

PARAMETERS

-P

Make changes persistent across reboots
-N
Don't reload policy after change
-V
Verbose output

CAVEATS

Requires root privileges. Without -P flag, changes are lost on reboot. Use getsebool to view current boolean values. SELinux must be enabled for this command to work.

SEE ALSO

getsebool(8), semanage-boolean(8), setenforce(8)

> TERMINAL_GEAR

Curated for the Linux community

Copied to clipboard

> TERMINAL_GEAR

Curated for the Linux community