The /usr/sbin/setsebool command turns Booleans on or off, where boolean-name xboolean-name is a Boolean name, and x is either on to turn the Boolean on, or off to turn it off.
The following example demonstrates configuring the httpd_can_network_connect_db Boolean:
By default, the httpd_can_network_connect_db Boolean is off, preventing Apache HTTP Server scripts and modules from connecting to database servers:
$ /usr/sbin/getsebool httpd_can_network_connect_db httpd_can_network_connect_db --> off
To temporarily enable Apache HTTP Server scripts and modules to connect to database servers, as the Linux root user, run the /usr/sbin/setsebool httpd_can_network_connect_db on command.
Use the /usr/sbin/getsebool httpd_can_network_connect_db command to verify the Boolean is turned on:
$ /usr/sbin/getsebool httpd_can_network_connect_db httpd_can_network_connect_db --> on
This allows Apache HTTP Server scripts and modules to connect to database servers.
This change is not persistent across reboots. To make changes persistent across reboots, as the Linux root user, run the /usr/sbin/setsebool -P command. For example:
boolean-name on
# /usr/sbin/setsebool -P httpd_can_network_connect_db on
To temporarily revert to the default behavior, as the Linux root user, run the /usr/sbin/setsebool httpd_can_network_connect_db off command. For changes that persist across reboots, run the /usr/sbin/setsebool -P httpd_can_network_connect_db off command.