{"description": "Enable or Disable runtime customization of SELinux system policies\nwithout having to reload or recompile the SELinux policy.", "warnings": [], "requires": [], "conflicts": [], "values": ["var_abrt_anon_write", "var_abrt_handle_event", "var_abrt_upload_watch_anon_write", "var_antivirus_can_scan_system", "var_antivirus_use_jit", "var_auditadm_exec_content", "var_authlogin_nsswitch_use_ldap", "var_authlogin_radius", "var_authlogin_yubikey", "var_awstats_purge_apache_log_files", "var_boinc_execmem", "var_cdrecord_read_content", "var_cluster_can_network_connect", "var_cluster_manage_all_files", "var_cluster_use_execmem", "var_cobbler_anon_write", "var_cobbler_can_network_connect", "var_cobbler_use_cifs", "var_cobbler_use_nfs", "var_collectd_tcp_network_connect", "var_condor_tcp_network_connect", "var_conman_can_network", "var_container_connect_any", "var_cron_can_relabel", "var_cron_system_cronjob_use_shares", "var_cron_userdomain_transition", "var_cups_execmem", "var_cvs_read_shadow", "var_daemons_dump_core", "var_daemons_enable_cluster_mode", "var_daemons_use_tcp_wrapper", "var_daemons_use_tty", "var_dbadm_exec_content", "var_dbadm_manage_user_files", "var_dbadm_read_user_files", "var_deny_execmem", "var_deny_ptrace", "var_dhcpc_exec_iptables", "var_dhcpd_use_ldap", "var_domain_fd_use", "var_domain_kernel_load_modules", "var_entropyd_use_audio", "var_exim_can_connect_db", "var_exim_manage_user_files", "var_exim_read_user_files", "var_fcron_crond", "var_fenced_can_network_connect", "var_fenced_can_ssh", "var_fips_mode", "var_ftpd_anon_write", "var_ftpd_connect_all_unreserved", "var_ftpd_connect_db", "var_ftpd_full_access", "var_ftpd_use_cifs", "var_ftpd_use_fusefs", "var_ftpd_use_nfs", "var_ftpd_use_passive_mode", "var_git_cgi_enable_homedirs", "var_git_cgi_use_cifs", "var_git_cgi_use_nfs", "var_git_session_bind_all_unreserved_ports", "var_git_session_users", "var_git_system_enable_homedirs", "var_git_system_use_cifs", "var_git_system_use_nfs", "var_gitosis_can_sendmail", "var_glance_api_can_network", "var_glance_use_execmem", "var_glance_use_fusefs", "var_global_ssp", "var_gluster_anon_write", "var_gluster_export_all_ro", "var_gluster_export_all_rw", "var_gpg_web_anon_write", "var_gssd_read_tmp", "var_guest_exec_content", "var_haproxy_connect_any", "var_httpd_anon_write", "var_httpd_builtin_scripting", "var_httpd_can_check_spam", "var_httpd_can_connect_ftp", "var_httpd_can_connect_ldap", "var_httpd_can_connect_mythtv", "var_httpd_can_connect_zabbix", "var_httpd_can_network_connect", "var_httpd_can_network_connect_cobbler", "var_httpd_can_network_connect_db", "var_httpd_can_network_memcache", "var_httpd_can_network_relay", "var_httpd_can_sendmail", "var_httpd_dbus_avahi", "var_httpd_dbus_sssd", "var_httpd_dontaudit_search_dirs", "var_httpd_enable_cgi", "var_httpd_enable_ftp_server", "var_httpd_enable_homedirs", "var_httpd_execmem", "var_httpd_graceful_shutdown", "var_httpd_manage_ipa", "var_httpd_mod_auth_ntlm_winbind", "var_httpd_mod_auth_pam", "var_httpd_read_user_content", "var_httpd_run_ipa", "var_httpd_run_preupgrade", "var_httpd_run_stickshift", "var_httpd_serve_cobbler_files", "var_httpd_setrlimit", "var_httpd_ssi_exec", "var_httpd_sys_script_anon_write", "var_httpd_tmp_exec", "var_httpd_tty_comm", "var_httpd_unified", "var_httpd_use_cifs", "var_httpd_use_fusefs", "var_httpd_use_gpg", "var_httpd_use_nfs", "var_httpd_use_openstack", "var_httpd_use_sasl", "var_httpd_verify_dns", "var_icecast_use_any_tcp_ports", "var_irc_use_any_tcp_ports", "var_irssi_use_full_network", "var_kdumpgui_run_bootloader", "var_kerberos_enabled", "var_ksmtuned_use_cifs", "var_ksmtuned_use_nfs", "var_logadm_exec_content", "var_logging_syslogd_can_sendmail", "var_logging_syslogd_run_nagios_plugins", "var_logging_syslogd_use_tty", "var_login_console_enabled", "var_logrotate_use_nfs", "var_logwatch_can_network_connect_mail", "var_lsmd_plugin_connect_any", "var_mailman_use_fusefs", "var_mcelog_client", "var_mcelog_exec_scripts", "var_mcelog_foreground", "var_mcelog_server", "var_minidlna_read_generic_user_content", "var_mmap_low_allowed", "var_mock_enable_homedirs", "var_mount_anyfile", "var_mozilla_plugin_bind_unreserved_ports", "var_mozilla_plugin_can_network_connect", "var_mozilla_plugin_use_bluejeans", "var_mozilla_plugin_use_gps", "var_mozilla_plugin_use_spice", "var_mozilla_read_content", "var_mpd_enable_homedirs", "var_mpd_use_cifs", "var_mpd_use_nfs", "var_mplayer_execstack", "var_mysql_connect_any", "var_nagios_run_pnp4nagios", "var_nagios_run_sudo", "var_named_tcp_bind_http_port", "var_named_write_master_zones", "var_neutron_can_network", "var_nfs_export_all_ro", "var_nfs_export_all_rw", "var_nfsd_anon_write", "var_nis_enabled", "var_nscd_use_shm", "var_openshift_use_nfs", "var_openvpn_can_network_connect", "var_openvpn_enable_homedirs", "var_openvpn_run_unconfined", "var_pcp_bind_all_unreserved_ports", "var_pcp_read_generic_logs", "var_piranha_lvs_can_network_connect", "var_polipo_connect_all_unreserved", "var_polipo_session_bind_all_unreserved_ports", "var_polipo_session_users", "var_polipo_use_cifs", "var_polipo_use_nfs", "var_polyinstantiation_enabled", "var_postfix_local_write_mail_spool", "var_postgresql_can_rsync", "var_postgresql_selinux_transmit_client_label", "var_postgresql_selinux_unconfined_dbadm", "var_postgresql_selinux_users_ddl", "var_pppd_can_insmod", "var_pppd_for_user", "var_privoxy_connect_any", "var_prosody_bind_http_port", "var_puppetagent_manage_all_files", "var_puppetmaster_use_db", "var_racoon_read_shadow", "var_rsync_anon_write", "var_rsync_client", "var_rsync_export_all_ro", "var_rsync_full_access", "var_samba_create_home_dirs", "var_samba_domain_controller", "var_samba_enable_home_dirs", "var_samba_export_all_ro", "var_samba_export_all_rw", "var_samba_load_libgfapi", "var_samba_portmapper", "var_samba_run_unconfined", "var_samba_share_fusefs", "var_samba_share_nfs", "var_sanlock_use_fusefs", "var_sanlock_use_nfs", "var_sanlock_use_samba", "var_saslauthd_read_shadow", "var_secadm_exec_content", "var_secure_mode", "var_secure_mode_insmod", "var_secure_mode_policyload", "var_selinuxuser_direct_dri_enabled", "var_selinuxuser_execheap", "var_selinuxuser_execmod", "var_selinuxuser_execstack", "var_selinuxuser_mysql_connect_enabled", "var_selinuxuser_ping", "var_selinuxuser_postgresql_connect_enabled", "var_selinuxuser_rw_noexattrfile", "var_selinuxuser_share_music", "var_selinuxuser_tcp_server", "var_selinuxuser_udp_server", "var_selinuxuser_use_ssh_chroot", "var_sge_domain_can_network_connect", "var_sge_use_nfs", "var_smartmon_3ware", "var_smbd_anon_write", "var_spamassassin_can_network", "var_spamd_enable_home_dirs", "var_squid_connect_any", "var_squid_use_tproxy", "var_ssh_chroot_rw_homedirs", "var_ssh_keysign", "var_ssh_sysadm_login", "var_staff_exec_content", "var_staff_use_svirt", "var_swift_can_network", "var_sysadm_exec_content", "var_telepathy_connect_all_ports", "var_telepathy_tcp_connect_generic_network_ports", "var_tftp_anon_write", "var_tftp_home_dir", "var_tmpreaper_use_nfs", "var_tmpreaper_use_samba", "var_tor_bind_all_unreserved_ports", "var_tor_can_network_relay", "var_unconfined_chrome_sandbox_transition", "var_unconfined_login", "var_unconfined_mozilla_plugin_transition", "var_unprivuser_use_svirt", "var_use_ecryptfs_home_dirs", "var_use_fusefs_home_dirs", "var_use_lpd_server", "var_use_nfs_home_dirs", "var_use_samba_home_dirs", "var_user_exec_content", "var_varnishd_connect_any", "var_virt_read_qemu_ga_data", "var_virt_rw_qemu_ga_data", "var_virt_sandbox_use_all_caps", "var_virt_sandbox_use_audit", "var_virt_sandbox_use_mknod", "var_virt_sandbox_use_netlink", "var_virt_sandbox_use_sys_admin", "var_virt_transition_userdomain", "var_virt_use_comm", "var_virt_use_execmem", "var_virt_use_fusefs", "var_virt_use_nfs", "var_virt_use_rawip", "var_virt_use_samba", "var_virt_use_sanlock", "var_virt_use_usb", "var_virt_use_xserver", "var_webadm_manage_user_files", "var_webadm_read_user_files", "var_wine_mmap_zero_ignore", "var_xdm_bind_vnc_tcp_port", "var_xdm_exec_bootloader", "var_xdm_sysadm_login", "var_xdm_write_home", "var_xen_use_nfs", "var_xend_run_blktap", "var_xend_run_qemu", "var_xguest_connect_network", "var_xguest_exec_content", "var_xguest_mount_media", "var_xguest_use_bluetooth", "var_xserver_clients_write_xshm", "var_xserver_execmem", "var_xserver_object_manager", "var_zabbix_can_network", "var_zarafa_setrlimit", "var_zebra_write_config", "var_zoneminder_anon_write", "var_zoneminder_run_sudo"], "groups": {}, "rules": ["sebool_abrt_anon_write", "sebool_abrt_handle_event", "sebool_abrt_upload_watch_anon_write", "sebool_antivirus_can_scan_system", "sebool_antivirus_use_jit", "sebool_auditadm_exec_content", "sebool_authlogin_nsswitch_use_ldap", "sebool_authlogin_radius", "sebool_authlogin_yubikey", "sebool_awstats_purge_apache_log_files", "sebool_boinc_execmem", "sebool_cdrecord_read_content", "sebool_cluster_can_network_connect", "sebool_cluster_manage_all_files", "sebool_cluster_use_execmem", "sebool_cobbler_anon_write", "sebool_cobbler_can_network_connect", "sebool_cobbler_use_cifs", "sebool_cobbler_use_nfs", "sebool_collectd_tcp_network_connect", "sebool_condor_tcp_network_connect", "sebool_conman_can_network", "sebool_container_connect_any", "sebool_cron_can_relabel", "sebool_cron_system_cronjob_use_shares", "sebool_cron_userdomain_transition", "sebool_cups_execmem", "sebool_cvs_read_shadow", "sebool_daemons_dump_core", "sebool_daemons_enable_cluster_mode", "sebool_daemons_use_tcp_wrapper", "sebool_daemons_use_tty", "sebool_dbadm_exec_content", "sebool_dbadm_manage_user_files", "sebool_dbadm_read_user_files", "sebool_deny_execmem", "sebool_deny_ptrace", "sebool_dhcpc_exec_iptables", "sebool_dhcpd_use_ldap", "sebool_domain_fd_use", "sebool_domain_kernel_load_modules", "sebool_entropyd_use_audio", "sebool_exim_can_connect_db", "sebool_exim_manage_user_files", "sebool_exim_read_user_files", "sebool_fcron_crond", "sebool_fenced_can_network_connect", "sebool_fenced_can_ssh", "sebool_fips_mode", "sebool_ftpd_anon_write", "sebool_ftpd_connect_all_unreserved", "sebool_ftpd_connect_db", "sebool_ftpd_full_access", "sebool_ftpd_use_cifs", "sebool_ftpd_use_fusefs", "sebool_ftpd_use_nfs", "sebool_ftpd_use_passive_mode", "sebool_git_cgi_enable_homedirs", "sebool_git_cgi_use_cifs", "sebool_git_cgi_use_nfs", "sebool_git_session_bind_all_unreserved_ports", "sebool_git_session_users", "sebool_git_system_enable_homedirs", "sebool_git_system_use_cifs", "sebool_git_system_use_nfs", "sebool_gitosis_can_sendmail", "sebool_glance_api_can_network", "sebool_glance_use_execmem", "sebool_glance_use_fusefs", "sebool_global_ssp", "sebool_gluster_anon_write", "sebool_gluster_export_all_ro", "sebool_gluster_export_all_rw", "sebool_gpg_web_anon_write", "sebool_gssd_read_tmp", "sebool_guest_exec_content", "sebool_haproxy_connect_any", "sebool_httpd_anon_write", "sebool_httpd_builtin_scripting", "sebool_httpd_can_check_spam", "sebool_httpd_can_connect_ftp", "sebool_httpd_can_connect_ldap", "sebool_httpd_can_connect_mythtv", "sebool_httpd_can_connect_zabbix", "sebool_httpd_can_network_connect", "sebool_httpd_can_network_connect_cobbler", "sebool_httpd_can_network_connect_db", "sebool_httpd_can_network_memcache", "sebool_httpd_can_network_relay", "sebool_httpd_can_sendmail", "sebool_httpd_dbus_avahi", "sebool_httpd_dbus_sssd", "sebool_httpd_dontaudit_search_dirs", "sebool_httpd_enable_cgi", "sebool_httpd_enable_ftp_server", "sebool_httpd_enable_homedirs", "sebool_httpd_execmem", "sebool_httpd_graceful_shutdown", "sebool_httpd_manage_ipa", "sebool_httpd_mod_auth_ntlm_winbind", "sebool_httpd_mod_auth_pam", "sebool_httpd_read_user_content", "sebool_httpd_run_ipa", "sebool_httpd_run_preupgrade", "sebool_httpd_run_stickshift", "sebool_httpd_serve_cobbler_files", "sebool_httpd_setrlimit", "sebool_httpd_ssi_exec", "sebool_httpd_sys_script_anon_write", "sebool_httpd_tmp_exec", "sebool_httpd_tty_comm", "sebool_httpd_unified", "sebool_httpd_use_cifs", "sebool_httpd_use_fusefs", "sebool_httpd_use_gpg", "sebool_httpd_use_nfs", "sebool_httpd_use_openstack", "sebool_httpd_use_sasl", "sebool_httpd_verify_dns", "sebool_icecast_use_any_tcp_ports", "sebool_irc_use_any_tcp_ports", "sebool_irssi_use_full_network", "sebool_kdumpgui_run_bootloader", "sebool_kerberos_enabled", "sebool_ksmtuned_use_cifs", "sebool_ksmtuned_use_nfs", "sebool_logadm_exec_content", "sebool_logging_syslogd_can_sendmail", "sebool_logging_syslogd_run_nagios_plugins", "sebool_logging_syslogd_use_tty", "sebool_login_console_enabled", "sebool_logrotate_use_nfs", "sebool_logwatch_can_network_connect_mail", "sebool_lsmd_plugin_connect_any", "sebool_mailman_use_fusefs", "sebool_mcelog_client", "sebool_mcelog_exec_scripts", "sebool_mcelog_foreground", "sebool_mcelog_server", "sebool_minidlna_read_generic_user_content", "sebool_mmap_low_allowed", "sebool_mock_enable_homedirs", "sebool_mount_anyfile", "sebool_mozilla_plugin_bind_unreserved_ports", "sebool_mozilla_plugin_can_network_connect", "sebool_mozilla_plugin_use_bluejeans", "sebool_mozilla_plugin_use_gps", "sebool_mozilla_plugin_use_spice", "sebool_mozilla_read_content", "sebool_mpd_enable_homedirs", "sebool_mpd_use_cifs", "sebool_mpd_use_nfs", "sebool_mplayer_execstack", "sebool_mysql_connect_any", "sebool_nagios_run_pnp4nagios", "sebool_nagios_run_sudo", "sebool_named_tcp_bind_http_port", "sebool_named_write_master_zones", "sebool_neutron_can_network", "sebool_nfs_export_all_ro", "sebool_nfs_export_all_rw", "sebool_nfsd_anon_write", "sebool_nis_enabled", "sebool_nscd_use_shm", "sebool_openshift_use_nfs", "sebool_openvpn_can_network_connect", "sebool_openvpn_enable_homedirs", "sebool_openvpn_run_unconfined", "sebool_pcp_bind_all_unreserved_ports", "sebool_pcp_read_generic_logs", "sebool_piranha_lvs_can_network_connect", "sebool_polipo_connect_all_unreserved", "sebool_polipo_session_bind_all_unreserved_ports", "sebool_polipo_session_users", "sebool_polipo_use_cifs", "sebool_polipo_use_nfs", "sebool_polyinstantiation_enabled", "sebool_postfix_local_write_mail_spool", "sebool_postgresql_can_rsync", "sebool_postgresql_selinux_transmit_client_label", "sebool_postgresql_selinux_unconfined_dbadm", "sebool_postgresql_selinux_users_ddl", "sebool_pppd_can_insmod", "sebool_pppd_for_user", "sebool_privoxy_connect_any", "sebool_prosody_bind_http_port", "sebool_puppetagent_manage_all_files", "sebool_puppetmaster_use_db", "sebool_racoon_read_shadow", "sebool_rsync_anon_write", "sebool_rsync_client", "sebool_rsync_export_all_ro", "sebool_rsync_full_access", "sebool_samba_create_home_dirs", "sebool_samba_domain_controller", "sebool_samba_enable_home_dirs", "sebool_samba_export_all_ro", "sebool_samba_export_all_rw", "sebool_samba_load_libgfapi", "sebool_samba_portmapper", "sebool_samba_run_unconfined", "sebool_samba_share_fusefs", "sebool_samba_share_nfs", "sebool_sanlock_use_fusefs", "sebool_sanlock_use_nfs", "sebool_sanlock_use_samba", "sebool_saslauthd_read_shadow", "sebool_secadm_exec_content", "sebool_secure_mode", "sebool_secure_mode_insmod", "sebool_secure_mode_policyload", "sebool_selinuxuser_direct_dri_enabled", "sebool_selinuxuser_execheap", "sebool_selinuxuser_execmod", "sebool_selinuxuser_execstack", "sebool_selinuxuser_mysql_connect_enabled", "sebool_selinuxuser_ping", "sebool_selinuxuser_postgresql_connect_enabled", "sebool_selinuxuser_rw_noexattrfile", "sebool_selinuxuser_share_music", "sebool_selinuxuser_tcp_server", "sebool_selinuxuser_udp_server", "sebool_selinuxuser_use_ssh_chroot", "sebool_sge_domain_can_network_connect", "sebool_sge_use_nfs", "sebool_smartmon_3ware", "sebool_smbd_anon_write", "sebool_spamassassin_can_network", "sebool_spamd_enable_home_dirs", "sebool_squid_connect_any", "sebool_squid_use_tproxy", "sebool_ssh_chroot_rw_homedirs", "sebool_ssh_keysign", "sebool_ssh_sysadm_login", "sebool_staff_exec_content", "sebool_staff_use_svirt", "sebool_swift_can_network", "sebool_sysadm_exec_content", "sebool_telepathy_connect_all_ports", "sebool_telepathy_tcp_connect_generic_network_ports", "sebool_tftp_anon_write", "sebool_tftp_home_dir", "sebool_tmpreaper_use_nfs", "sebool_tmpreaper_use_samba", "sebool_tor_bind_all_unreserved_ports", "sebool_tor_can_network_relay", "sebool_unconfined_chrome_sandbox_transition", "sebool_unconfined_login", "sebool_unconfined_mozilla_plugin_transition", "sebool_unprivuser_use_svirt", "sebool_use_ecryptfs_home_dirs", "sebool_use_fusefs_home_dirs", "sebool_use_lpd_server", "sebool_use_nfs_home_dirs", "sebool_use_samba_home_dirs", "sebool_user_exec_content", "sebool_varnishd_connect_any", "sebool_virt_read_qemu_ga_data", "sebool_virt_rw_qemu_ga_data", "sebool_virt_sandbox_use_all_caps", "sebool_virt_sandbox_use_audit", "sebool_virt_sandbox_use_mknod", "sebool_virt_sandbox_use_netlink", "sebool_virt_sandbox_use_sys_admin", "sebool_virt_transition_userdomain", "sebool_virt_use_comm", "sebool_virt_use_execmem", "sebool_virt_use_fusefs", "sebool_virt_use_nfs", "sebool_virt_use_rawip", "sebool_virt_use_samba", "sebool_virt_use_sanlock", "sebool_virt_use_usb", "sebool_virt_use_xserver", "sebool_webadm_manage_user_files", "sebool_webadm_read_user_files", "sebool_wine_mmap_zero_ignore", "sebool_xdm_bind_vnc_tcp_port", "sebool_xdm_exec_bootloader", "sebool_xdm_sysadm_login", "sebool_xdm_write_home", "sebool_xen_use_nfs", "sebool_xend_run_blktap", "sebool_xend_run_qemu", "sebool_xguest_connect_network", "sebool_xguest_exec_content", "sebool_xguest_mount_media", "sebool_xguest_use_bluetooth", "sebool_xserver_clients_write_xshm", "sebool_xserver_execmem", "sebool_xserver_object_manager", "sebool_zabbix_can_network", "sebool_zarafa_setrlimit", "sebool_zebra_write_config", "sebool_zoneminder_anon_write", "sebool_zoneminder_run_sudo"], "platform": "selinux or bootc or osbuild", "platforms": ["selinux or bootc or osbuild"], "inherited_platforms": ["system_with_kernel"], "cpe_platform_names": ["bootc_or_osbuild_or_selinux"], "title": "SELinux - Booleans", "definition_location": "/aptdata/openscap/scap-security-guide/linux_os/guide/system/selinux/selinux-booleans/group.yml"}