Linux is considered to be one of the most secure operating system, which is achieved due to its excellent safety features, such as SELinux (Security Enhanced Linux).
For beginners, SELinux is described as mandatory access control (MAC) security architecture performed in the kernel. SELinux provides a method to enforce certain security policies, or the system administrator can not effectively implement these strategies.
How to disable SELinux in Linux
First check the state of SELinux on your system, you can do this by running the following command:
Returned the following results:
SELinux status: enabled
SELinuxfs mount: /sys/fs/selinux
SELinux root directory: /etc/selinux
Loaded policy name: targeted
Current mode: enforcing
Mode from config file: enforcing
Policy MLS status: enabled
Policy deny_unknown status: allowed
Max kernel policy version: 31
Next, continue disabled on the system SELinux, which may temporarily or permanently complete, depending on the goals you want to achieve.
Temporarily disable SELinux
To temporarily disable SELinux, issue the following command as root.
In CentOS 6.7 and previous versions, run the following command:
# echo 0 > /selinux/enforce
This will temporarily turn off SELinux, use the command will reopen or resume after reboot the system. If you want to re-open, just need to run the following command:
# echo 1 > /selinux/enforce
Alternatively, you can use setenforce tool, as shown below.
In CentOS 7 can be performed,
# setenforce 0
Comes the SELinux mode (Mode) is set to Permissive, the equivalent of let it continue running, monitoring and recording of information, but do not take any action to intercept, it is equivalent to a temporarily disable SELinux. But it will be restored to its original state after reboot the system.
You can always restore it, or temporarily enable,
# setenforce 1
The above command is to enable the service on or off SELinux to '1' or '0' by modifying the content profile / selinux / enforce a.
Otherwise, use the Permissive option instead of 0, as shown below:
# setenforce Permissive
The above method can only be used at the next reboot, so to permanently disable SELinux, please go to the next section.
Permanently disable SELinux
To permanently disable SELinux, use your favorite text editor to open the file / etc / sysconfig / selinux, as follows:
SELinux force (SELinux Enforcing) mode
The instruction is then changed to SELinux = enforcing SELinux = disabled, as shown below.
SELINUX=disabled
Permanently disable SELinux
Then, save and exit the file, make the changes to take effect, you need to restart the system, and then use the sestatus command to check the status of SELinux, as follows:
Returned the following results:
SELinux status: disabled
In short, we have a few simple steps, you can disable SELinux on CentOS / RHEL and Fedora. Under this theme seems to have nothing to discuss, but in addition, more information about SELinux is particularly useful for those who are interested in exploring Linux for security features.