Query the Boolean values of each rule in the SElinux policy
getsebool command is used to query the Boolean values of various rules in the SElinux policy. SELinux policy and rule management related commands: seinfo command, sesearch command, getsebool command, setsebool command, semanage command.
getsebool [-a] [boolean clause]
-a: Lists all Boolean terms currently set to on or off values on the system.
Query the setting status of all Boolean values in this system:
getsebool -a
NetworkManager_disable_trans --> off
allow_console_login --> off
allow_cvs_read_shadow --> off
allow_daemons_dump_core --> on
....(omitted below)....
Check whether httpd_enable_homedirs is closed. If not, please close it:
getsebool httpd_enable_homedirs
setsebool -P httpd_enable_homedirs=0 # 0 is closed, 1 is enabled