check status selinux

Enable or Disable SELinux

By Posted on

What is SELinux?

SELinux installed on your device is a security control feature that restricts access to certain Kernel modules. CentOS 7 and RHEL implement SELinux by default to provide an additional layer of security for their systems. This article helps readers to enable or disable selinux, by disabling SELinux you can freely open any port on your server.

 

SELinux Modes

Enforcing: denies all unauthorized access.
 Permissive: SELinux warns. Unlike the first state, this state accepts unauthorized access but displays a warning.
 Disable Mode: This means turning off security features and allowing all accesses without displaying any warning.

 

Check Status of SELinux

you can run this command to check the status
 

sestatus

or by checking the config file 

cat /etc/selinux/config

status selinux

 

 

How to Disable SELinux

to disable selinux change the values of SELINUX to disabled by using text editor 

vi /etc/selinux/config

example configuration file 

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of three two values:
#     targeted - Targeted processes are protected,
#     minimum - Modification of targeted policy. Only selected processes are protected.
#     mls - Multi Level Security protection.
SELINUXTYPE=targeted

and then reboot the server, done

See also  Zip all files on Linux

 

How to Enable SELinux

The steps are very similar to disabling SELinux by changing the SELINUX value using a text editor
 

vi /etc/selinux/config

here is the example configuration file 

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
SELINUX=enforcing
# SELINUXTYPE= can take one of three two values:
#     targeted - Targeted processes are protected,
#     minimum - Modification of targeted policy. Only selected processes are protected.
#     mls - Multi Level Security protection.
SELINUXTYPE=targeted

then please reboot the server to take effect

 

Cannot log in to the server after disabling SELinux

Related posts: