Working with SELinux policies
So far, all we've looked at is what happens when we have an incorrect SELinux type set on a file and what to do to set the correct type. Another problem we may have would come about if we need to allow an action that is prohibited by the active SELinux policy.
Viewing the Booleans
Booleans are part of what makes up an SELinux policy, and each Boolean represents a binary choice. In SELinux policies, a Boolean either allows something or it prohibits something. To see all of the Booleans on your system, run the getsebool -a command. (It's a long list, so I'll only show partial output here.):
[donnie@localhost ~]$ getsebool -a abrt_anon_write --> off abrt_handle_event --> off abrt_upload_watch_anon_write --> on antivirus_can_scan_system --> off antivirus_use_jit --> off auditadm_exec_content --> on . . . . . . xserver_object_manager --> off zabbix_can_network --> off zarafa_setrlimit --> off zebra_write_config --> off zoneminder_anon_write...
