Enabling or reinstalling SELinux on CentOS
SE Linux is the acronym for Security-Enhanced Linux, a system for controlling access to Linux systems built into the kernel. Typically, it is used to determine the number of access users, programs, or services have to a system. According to its default enforcement mode, SELinux prevents unauthorized access to any resource by logging all attempts. This principle, which aims to give as little power as possible to a user or program, requires explicit permission from these individuals for the use of files, directories, sockets, and other resources.
Before we get started, let me give you a quick overview of the SELinux modes,
There are three modes in which SELinux operates:
- Enforcing: SELinux manages access via policy rules.
- Permissive: SELinux only logs actions if they would have been forbidden.
- Disabled: SELinux is disabled and no logs are generated.
SELinux should be used in the enforcing mode. When an application is incompatible with SELinux, it may be necessary to remove it entirely. We cover this procedure here.
Let’s start,
Step 1: Disable and Remove SELinux
Our discussion of this part already took place, so take a look to learn more.
Run the command below to remove SELinux,
$ setenforce 0
$ yum remove selinux-policy\*
$ rm -rf /etc/selinux/targeted /etc/selinux/config
Step 2: Install SELinux
Run the following command,
$ yum install selinux-policy-targeted
$ yum install selinux-policy-devel policycoreutils
$ touch /.autorelabel; reboot
Step 3: Check SELinux Status
Use the following command to check the status,
sudo sestatus
VPSie is looking forward to embarking on a new journey with you!.
Get the most out of learning with VPSie.com
