getsebool -d

[Matthew Ife]

Would it be possible to add a description flag for getsebool so that it
will produce a description of a bool out to the user when they pass -d?

One of the problems of getsebool is that it only shows you what bools
are there but not what they are supposed to do. I expect this should
make it much more straightforward for sysadmins to implement selinux on
their systems.

Im aware that man pages do produce useful descriptions of bools however
I would think it would be much more convenient to do it this way. Also
some tunables for whatever reason might not be documented in man pages
or custom policy may not have man pages for it but it could add the bool
description in XML somewhere else.

Additionally getsebool -a -d should produce a description for all bools
so a sysadmin can grep for keywords.

How feasible would this be to do?