SELinux management
From TBwiki
(Difference between revisions)
(fix SELinux commands to disable and set to permissive) |
|||
| (One intermediate revision by one user not shown) | |||
| Line 43: | Line 43: | ||
SELINUXTYPE=targeted | SELINUXTYPE=targeted | ||
| − | Reboot | + | Reboot or use the setenforce command:<br> |
| − | <pre>shutdown -r now</pre> | + | <pre>shutdown -r now |
| + | or | ||
| + | setenforce 0 | ||
| + | </pre> | ||
Latest revision as of 07:46, 22 July 2011
Contents |
How to get SELinux status
The following command will retreive the SELinux status of your system (output may vary):
sestatus
exemple from CentOS 5.3
SELinux status: enabled SELinuxfs mount: /selinux Current mode: permissive Mode from config file: permissive Policy version: 21 Policy from config file: targeted
How to disable SELinux
Set SELinux to permissive (not truly disabled)
setenforce 0
Disable SELinux entirely
Edit the file:
vi /etc/selinux/config
Set the line to SELINUX=disabled
# This file controls the state of SELinux on the system. # SELINUX= can take one of these three values: # enforcing - SELinux security policy is enforced. # permissive - SELinux prints warnings instead of enforcing. # disabled - SELinux is fully disabled. SELINUX=disabled <------ Line to modify # SELINUXTYPE= type of policy in use. Possible values are: # targeted - Only targeted network daemons are protected. # strict - Full SELinux protection. SELINUXTYPE=targeted
Reboot or use the setenforce command:
shutdown -r now or setenforce 0
