Table of Contents
What is SELinux?
SELinux installed on your device is a security control feature that restricts access to certain Kernel modules. CentOS 7 and RHEL implement SELinux by default to provide an additional layer of security for their systems. This article helps readers to enable or disable selinux, by disabling SELinux you can freely open any port on your server.
SELinux Modes
Enforcing: denies all unauthorized access.
Permissive: SELinux warns. Unlike the first state, this state accepts unauthorized access but displays a warning.
Disable Mode: This means turning off security features and allowing all accesses without displaying any warning.
Check Status of SELinux
you can run this command to check the status
sestatus
or by checking the config file
cat /etc/selinux/config
How to Disable SELinux
to disable selinux change the values of SELINUX to disabled by using text editor
vi /etc/selinux/config
example configuration file
# This file controls the state of SELinux on the system. # SELINUX= can take one of these three values: # enforcing - SELinux security policy is enforced. # permissive - SELinux prints warnings instead of enforcing. # disabled - No SELinux policy is loaded. SELINUX=disabled # SELINUXTYPE= can take one of three two values: # targeted - Targeted processes are protected, # minimum - Modification of targeted policy. Only selected processes are protected. # mls - Multi Level Security protection. SELINUXTYPE=targeted
and then reboot the server, done
How to Enable SELinux
The steps are very similar to disabling SELinux by changing the SELINUX value using a text editor
vi /etc/selinux/config
here is the example configuration file
# This file controls the state of SELinux on the system. # SELINUX= can take one of these three values: # enforcing - SELinux security policy is enforced. # permissive - SELinux prints warnings instead of enforcing. # disabled - No SELinux policy is loaded. SELINUX=enforcing # SELINUXTYPE= can take one of three two values: # targeted - Targeted processes are protected, # minimum - Modification of targeted policy. Only selected processes are protected. # mls - Multi Level Security protection. SELINUXTYPE=targeted
then please reboot the server to take effect
Cannot log in to the server after disabling SELinux
Recent data:
- SELinux is prevent vpn to connect