How to Disable SELinux on CentOS

 

 

SE Linux is the acronym for Security-Enhanced Linux, a system for controlling access to Linux systems built into the kernel. Typically, it is used to determine the number of access users, programs, or services have to a system. According to its default enforcement mode, SELinux prevents unauthorized access to any resource by logging all attempts. This principle, which aims to give as little power as possible to a user or program, requires explicit permission from these individuals for the use of files, directories, sockets, and other resources.

 

 

 

 

Before we get started, let me give you a quick overview of the SELinux modes,

 

 

 

 

There are three modes in which SELinux operates:

 

 

 

1) Enforcing: SELinux manages access via policy rules.

 

 

2) Permissive: SELinux only logs actions if they would have been forbidden.

 

 

3) Disabled: SELinux is disabled and no logs are generated.

 

 

 

 

SELinux should be used in the enforcing mode. When an application is incompatible with SELinux, it may be necessary to remove it entirely. We cover this procedure here. 

 

 

 

Let’s start,

 

 

 

 

 

Step 1:  Check SELinux Status

 

 

 

Use the following command:

 

sudo sestatus

 

 

 

Find the lines relevant to this tutorial with grep:

 

 

# sudo sestatus | grep 'SELinux status\|Current mode'

SELinux status:                 enabled
Current mode:                   enforcing

 

 

 

 

Step 2: Temporarily Disable SELinux

 

 

sudo setenforce 0

 

 

 

Check again,

 

 

# sudo sestatus | grep 'SELinux status\|Current mode'
SELinux status: enabled Current mode: permissive

 

Please note that the Current mode is now permissive. Note that this change is only valid until the next reboot.

 

 

 

 

 

Step 3: Permanently Disable SELinux

 

 

You can disable SELinux and make it persistent across reboots by editing /etc/selinux/config.

 

 

sudo nano /etc/selinux/config

 

 

 

Specify permissive or disabled for SELINUX directive.  

 

 

SELINUX=disabled

 

 

 

Once the file is saved and exited, restart your system,

 

sudo shutdown -r now

 

 

Then, check the status.

 

 

# sudo sestatus
SELinux status: disabled

 

 

 


 

That’s it!

 

 




 

VPSie is looking forward to embarking on a new journey with you!.

 

 

 

 

 

Get the most out of learning with VPSie.com