How to Disable/Enable SELinux on Linux?

SELinux (Security Enhanced Linux) is a Linux security module which controls access to files and directories.

However, sometimes we like to enable or disable SELinux as per our server infrastructure. So here we'll learn how to enable (temporarily or otherwise) or to disable SELinux.

There are actually three modes on SELinux which are as follows:-

Enforcing = In this mode SELinux aggressively enables and provides control over accessing or not accessing files and directories.
Permissive = This is the mode where SELinux allow the files to be accessed without being controlled by SELinux.
Disabled = This is the mode where SELinux is completely disabled.

To check which mode is active currently, we can use the command below:-

getenforce

If we get the output as 'Enforcing', this means that SELinux is enabled in the Enforcing mode.

To make it permissive we can use the command below:-

setenforce 0

Then check again with getenforce and you'll get the output as:-

Permissive.

However, the above permissive mode is temporary and will last only till the next system reboot after which SELinux will be again in the enforcing mode. So to disable SELinux permanently across reboots even, one can do as below:-

Open the file /etc/sysconfig/selinux

Find "selinux=enabled" and change it to "selinux=disabled" and then save the file and reboot the system.

After this SELinux will be disabled permanently.

Sachin Thursday 07 November 2013 - 11:17 pm | | Default
Used tags: , , , , , , , , , , ,

No comments

(optional field)
(optional field)

Comment moderation is enabled on this site. This means that your comment will not be visible until it has been approved by an editor.

Remember personal info?
Small print: All html tags except <b> and <i> will be removed from your comment. You can make links by just typing the url or mail-address.
« MySQL Error: Prepared… | Home | How to check for the … »