check status selinux

Enable or Disable SELinux

Posted on

What is SELinux?

SELinux installed on your device is a security control feature that restricts access to certain Kernel modules. CentOS 7 and RHEL implement SELinux by default to provide an additional layer of security for their systems. This article helps readers to enable or disable selinux, by disabling SELinux you can freely open any port on your server.

 

SELinux Modes

Enforcing: denies all unauthorized access.
Permissive: SELinux warns. Unlike the first state, this state accepts unauthorized access but displays a warning.
Disable Mode: This means turning off security features and allowing all accesses without displaying any warning.

 

Check Status of SELinux

you can run this command to check the status

sestatus

or by checking the config file

cat /etc/selinux/config

status selinux

 

 

How to Disable SELinux

to disable selinux change the values of SELINUX to disabled by using text editor

vi /etc/selinux/config

example configuration file

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of three two values:
#     targeted - Targeted processes are protected,
#     minimum - Modification of targeted policy. Only selected processes are protected.
#     mls - Multi Level Security protection.
SELINUXTYPE=targeted

and then reboot the server, done

 

READ  How to Create LVM & Thin LVM

How to Enable SELinux

The steps are very similar to disabling SELinux by changing the SELINUX value using a text editor

vi /etc/selinux/config

here is the example configuration file

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
SELINUX=enforcing
# SELINUXTYPE= can take one of three two values:
#     targeted - Targeted processes are protected,
#     minimum - Modification of targeted policy. Only selected processes are protected.
#     mls - Multi Level Security protection.
SELINUXTYPE=targeted

then please reboot the server to take effect

 

Cannot log in to the server after disabling SELinux