Shulou(Shulou.com)06/01 Report--

Editor to share with you what is the use of the setsebool command in Linux, I believe most people do not know much about it, so share this article for your reference, I hope you can learn a lot after reading this article, let's go to know it!

The Linux common command setsebool command is used to modify the Boolean values of the rules within the SElinux policy. The setsebool command and getsebool command are a set of tools for SELinux to modify and query Boolean values.

Setsebool modifies Boolean values of rules in SElinux policy

Add SELinux's policy and rule management related commands: seinfo command, sesearch command, getsebool command, setsebool command, semanage command.

Syntax setsebool [- P] Boolean value = [0 | 1] option-P: write the setting value directly to the configuration file, and the setting data will take effect in the future. Instance allows vsvtp anonymous user write permissions:

Setsebool-P allow_ftpd_anon_write=1 if you want your ftp users to access their home directories, you need to open:

Setsebool-P ftp_home_dir 1 if you want to run vsftpd as daemon, you need to turn on:

Setsebool-P ftpd_is_daemon 1 you can make SElinux stop protecting vsftpd in daemon mode:

Setsebool-P ftpd_disable_trans 1HTTP is set to allow cgi settings:

Setsebool-P httpd_enable_cgi 1 allows the user HHTP to access their home directory, which is limited to the user's home directory home page:

Setsebool-P httpd_enable_homedirs 1 chcon-R-t httpd_sys_content_t ~ user/public_html allows httpd to access the terminal:

Setsebool-P httpd_tty_comm 1 turns off Selinux's protection for httpd process daemons:

Setsebool-P httpd_disable_trans 1 service httpd restart updates selinux settings for named and master:

Setsebool-P named_write_master_zones 1 turns off process daemon protection for named:

Setsebool-P named_disable_trans 1 service named restartSelinux sets the native NFS share to read-only:

Setsebool-P nfs_export_all_ro 1SElinux sets the native NFS share to be readable and writable:

Setsebool-P nfs_export_all_rw 1 if you want to share the home directory of the remote NFS to this machine, you need to turn on:

Setsebool-P use_nfs_home_dirs 1 if the samba server shares a directory to multiple domains, you need to:

When the setsebool-P allow_smbd_anon_write=1samba server wants to share the home directory:

Setsebool-P samba_enable_home_dirs 1 if you need to use the home directory of the remote samba server on this machine:

Setsebool-P use_samba_home_dirs 1 turns off selinux's process daemon protection for samba:

When setsebool-P smbd_disable_trans 1 service smb restart allows rsync other users to write:

Setsebool-P allow_rsync_anon_write=1 stops the process protection of rsync

Setsebool-P rsync_disable_trans 1 allows the system to use kerberos:

When the setsebool-P allow_kerberos 1 system operates in a nis environment:

Setsebool-P allow_ypbind 1 and above are all the contents of this article entitled "what is the use of setsebool commands in Linux?" Thank you for reading! I believe we all have a certain understanding, hope to share the content to help you, if you want to learn more knowledge, welcome to follow the industry information channel!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.