How to Temporarily or Permanently Disable SELinux on Linux
Hello colleagues.
Today we will talk about how to disable SELinux. Security is an important part of server management. However, a security policy that is too strict can prevent some tasks from being completed. This is why it is sometimes necessary to disable individual security features.
SELinux is a security control feature that restricts access to certain kernel modules.
SELinux has three modes:
- Enforcing: Allows access based on SELinux policy rules.
- Permissive: Registers only those actions that would be denied if they were to run in forced execution mode.
- Disabled: The policy was not loaded.
By default on Linux, SELinux is enabled and in enforcement mode.
The content of the article:
- Checking the status of SELinux.
- Disable SELinux temporarily.
- Disable SELinux permanently.
STEP 1. Check the status of SELinux.
To view the current SELinux state and SELinux policy, use the command:
$. sudo sestatus
STEP 2. Disable SELinux temporarily.
You can temporarily change the SELinux mode from targeted to permissive with the following command:
$. sudo setenforce 0
However, the change will only be valid for the current session.
STEP 3. Disable SELinux permanently.
To permanently disable SELinux follow these steps:
1. Open /etc/selinux/config file and set SELINUX to disabled mode:
Save the file and restart the server with the command:
$. sudo shutdown -r now
READY.
Thank you all, I hope my article was of some help to you.