How to save selinux setsebool configuration

Miroslav Grepl mgrepl at redhat.com
Tue Jul 3 06:26:02 UTC 2012 

On 07/03/2012 03:15 AM, 余水保 wrote:
>
> On Mon, Jul 2, 2012 at 8:08 PM, Tristan Santore 
> <tristan.santore at internexusconnect.net 
> <mailto:tristan.santore at internexusconnect.net>> wrote:
>
>     On 02/07/12 13:06, 余水保 wrote:
>     > Hi friends,
>     > After change the selinux settings as:
>     >  setsebool httpd_can_network_connect on
>     > It works.   But when reboot,  the setings are lost. Is there a
>     way to
>     > save the configuration?
>     >
>     >
>     >
>     >
>     > --
>     > selinux mailing list
>     > selinux at lists.fedoraproject.org
>     <mailto:selinux at lists.fedoraproject.org>
>     > https://admin.fedoraproject.org/mailman/listinfo/selinux
>     A simple man setsebool would have shown you, that the -P argument
>     does that.
>
>     Regards,
>     Tristan
>
>     --
>     Tristan Santore BSc MBCS
>     TS4523-RIPE
>     Network and Infrastructure Operations
>     InterNexusConnect
>     Mobile +44-78-55069812 <tel:%2B44-78-55069812>
>     Tristan.Santore at internexusconnect.net
>     <mailto:Tristan.Santore at internexusconnect.net>
>
>     Former Thawte Notary
>     (Please note: Thawte has closed its WoT programme down,
>     and I am therefore no longer able to accredit trust)
>
>     For Fedora related issues, please email me at:
>     TSantore at fedoraproject.org <mailto:TSantore at fedoraproject.org>
>     --
>     selinux mailing list
>     selinux at lists.fedoraproject.org
>     <mailto:selinux at lists.fedoraproject.org>
>     https://admin.fedoraproject.org/mailman/listinfo/selinux
>
>
>
> Thank you, Tristan.   The simple answer surprises me,  and gives me a 
> deep lesson .  I have tried "man setsebool"  without reading 
> carefully,  because a misconception leads me  to find separate command 
> to do that.
> As years-age MS windows engineer,   this shows that I  am  newbie to 
> linux core value.
>
>
>
>
>
> --
> selinux mailing list
> selinux at lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/selinux
How Tristan wrote

-P ... persistent change

So you need

setsebool -P httpd_can_network_connect 1

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/selinux/attachments/20120703/8c772d20/attachment.html>

More information about the selinux mailing list