How to permanently disable SELinux

Others 2021-03-19 11:03:47 views: null

1. Introduction to SELinux

How to permanently disable SELinux how to permanently disable SELinux

Linux is considered to be one of the most secure operating systems today because of its outstanding security features, such as SELinux (Security Enhanced Linux).

For starters, SELinux is described as a mandatory access control (MAC) security structure implemented in the kernel. SELinux provides a way to enforce certain security policies, otherwise system administrators will not be able to effectively implement these policies. When you install RHEL/CentOS or other derivatives, the SELinux service is enabled by default, so some applications on your system may not support this security mechanism. Therefore, in order for such applications to run normally, SELinux must be disabled or closed.

SELinux has 3 states, namely Enforcing, Permissive and Disabled states. The first is the default state, which means that it is mandatory, and the second is forgiving, that is, most of the rules are allowed. The third is to disable, that is, do not set any rules. The first two states can only be set through the setenforce command, and if you want to change to the disabled state, you need to modify the configuration file and restart the system at the same time.

The first thing to do is to check the status of SELinux on the system, which can be done by running the following command :

sestatus
getenforce

As shown below:

Second, temporarily disable SELinux

echo 0 > /selinux/enforce
setenforce 0
setenforce Permissive

 

3. Permanently disable SELinux

1. Open the /etc/sysconfig/selinux file

vi /etc/sysconfig/selinux

2. Change the configuration SELinux=enforcing to SELinux=disabled

SELINUX=disabled

3. Save and exit the file. In order to make the configuration effective, you need to restart the system, and then use the sestatus command to check the status of SELinux

getenforce
reboot #重启电脑

Four, principle and attention

The permissions of linux adopt the file-user-user group model. The user who created the file has all the permissions of the file. Once a user is breached, the risk of the system increases infinitely.

How to enable and disable selinux?

Selinux is different. The administrator creates security rules to control resource access. For example, it defines which files and directories can be accessed by the http process. Even if root has all the file modification and access permissions, it violates the administrator's application rules. Inaccessible, of course the configuration will be more complicated. Redhat has already integrated some commonly used applications.

How to enable and disable selinux?

 

 

Guess you like

Origin blog.csdn.net/l_liangkk/article/details/114994446
Recommended
The number of MaxKB GitHub Stars, an open source knowledge base question and answer system based on large language models, exceeded 5,000!
Ranking
Getting the basic concepts of ROS + catkin Profile
Spring Learning (2) --- Assembling Beans in the IoC Container
js to get the src attribute of the image regularly
STM32 is based on CubeIDE and HAL library basics entry study notes: Bluetooth WIFI STM32 connects to Alibaba Cloud
Short video learning - 3, pandas simple use of pivot_table
Print directory of project configuration log, output log
Understand the difference between vi and vim in Linux in 3 minutes
1 + x certificate Web front-end development HTML5 special exercises
mangodb save and insert the difference
7-1 Family tree processing (50 points) (binary tree solution)
Daily
More
2024-05-13(8)
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)

Code World

© 2018 codetd.com