SELinux management

From TBwiki
Jump to: navigation, search

Contents

How to get SELinux status

The following command will retreive the SELinux status of your system (output may vary):

 sestatus

exemple from CentOS 5.3

 SELinux status: enabled
 SELinuxfs mount: /selinux
 Current mode: permissive
 Mode from config file: permissive
 Policy version: 21
 Policy from config file: targeted


How to disable SELinux

Set SELinux to permissive (not truly disabled)

 setenforce 0


Disable SELinux entirely

Edit the file:

 vi /etc/selinux/config

Set the line to SELINUX=disabled 

 # This file controls the state of SELinux on the system.
 # SELINUX= can take one of these three values:
 #       enforcing - SELinux security policy is enforced.
 #       permissive - SELinux prints warnings instead of enforcing.
 #       disabled - SELinux is fully disabled.
 SELINUX=disabled                                            <------ Line to modify
 # SELINUXTYPE= type of policy in use. Possible values are:
 #       targeted - Only targeted network daemons are protected.
 #       strict - Full SELinux protection.
 SELINUXTYPE=targeted

Reboot or use the setenforce command:

shutdown -r now
or
setenforce 0
Retrieved from "https://docs.telcobridges.com/mediawiki/index.php?title=SELinux_management&oldid=9558"
Personal tools