Knowledgebase

  1. Portal Home
  2. Knowledgebase
  3. Operating Systems
  4. CentOS
  5. How to Disable SELinux on CentOS

  Categories

23
Accounts
 16
App Platform
 8
Backups
 7
Billing
 4
Connectivity Troubleshooting
 148
Data Management
 1
Ddos
 197
Development
 13
DNS
 41
Game Servers
 5
Hosting Packages
 97
Infrastructure
 6
IPv6
 48
Kubernetes
 11
Load Balancers
 34
Machine Learning
 10
MongoDB
 1
Monitoring
 21
MySQL
 14
Networking
 1039
Operating Systems
 21
PostgreSQL
 1
Private Internet Guardian (VPN)
 1
Products
 7
Redis
 100
Reference Guides
 4
Resellers
 6
Reserved IPs
 86
Server
 322
Server Apps
 7
Site Management Tools
 1
SnapShooter
 16
Snapshots
 3
Spaces
 4
SSH Troubleshooting
 5
SSL
 2
Streaming and Broadcasting
 23
Support Plans FAQ
 2
Teams
 6
Third-Party Applications
 5
Volumes
 1
VPC
 2
Windows Security

  Categories

  Support

  My Support Tickets   Announcements   Knowledgebase   Downloads   Network Status   Open Ticket

How to Disable SELinux on CentOS Print

  • 0

Introduction

Security-Enhanced Linux (SELinux) adds policy-based security to the CentOS Linux kernel. System administrators set SELinux policy rules to specify access controls to processes, users, and files. By default, SELinux denies access to objects if no policy rule explicitly allows access.

Perform these steps as a sudo-enabled user, or root. This guide has been tested on:

  • CentOS 8
  • CentOS 7
  • CentOS 6

About SELinux Modes

SELinux operates in one of three modes:

  • Enforcing: SELinux controls access through policy rules.
  • Permissive: SELinux only logs actions that would have been denied.
  • Disabled: SELinux is disabled and does not create logs.

We recommend using SELinux in enforcing mode. If your application is not compatible with SELinux, you may need to disable it completely.

Check SELinux Status

Check the status of SELinux:

$ sudo sestatus

Find the lines relevant to this tutorial with grep:

$ sudo sestatus | grep 'SELinux status\|Current mode'

SELinux status:                 enabled
Current mode:                   enforcing

Temporarily Disable SELinux

To temporarily disable SELinux, use setenforce.

$ sudo setenforce 0
$ sudo sestatus | grep 'SELinux status\|Current mode'
SELinux status:                 enabled
Current mode:                   permissive

Notice that Current mode is now permissive. This change will only persist until the next reboot.

Permanently Disable SELinux

To disable SELinux and make it persist across reboots, edit /etc/selinux/config.

$ sudo nano /etc/selinux/config

Change the SELINUX directive with either permissive or disabled.

SELINUX=disabled

Save and exit the file, then reboot.

$ sudo shutdown -r now

After the reboot, check the status.

$ sudo sestatus
SELinux status:                 disabled
Introduction Security-Enhanced Linux (SELinux) adds policy-based security to the CentOS Linux kernel. System administrators set SELinux policy rules to specify access controls to processes, users, and files. By default, SELinux denies access to objects if no policy rule explicitly allows access. Perform these steps as a sudo-enabled user, or root. This guide has been tested on: CentOS 8 CentOS 7 CentOS 6 About SELinux Modes SELinux operates in one of three modes: Enforcing: SELinux controls access through policy rules. Permissive: SELinux only logs actions that would have been denied. Disabled: SELinux is disabled and does not create logs. We recommend using SELinux in enforcing mode. If your application is not compatible with SELinux, you may need to disable it completely. Check SELinux Status Check the status of SELinux: $ sudo sestatus Find the lines relevant to this tutorial with grep: $ sudo sestatus | grep 'SELinux status\|Current mode' SELinux status: enabled Current mode: enforcing Temporarily Disable SELinux To temporarily disable SELinux, use setenforce. $ sudo setenforce 0 $ sudo sestatus | grep 'SELinux status\|Current mode' SELinux status: enabled Current mode: permissive Notice that Current mode is now permissive. This change will only persist until the next reboot. Permanently Disable SELinux To disable SELinux and make it persist across reboots, edit /etc/selinux/config. $ sudo nano /etc/selinux/config Change the SELINUX directive with either permissive or disabled. SELINUX=disabled Save and exit the file, then reboot. $ sudo shutdown -r now After the reboot, check the status. $ sudo sestatus SELinux status: disabled Related Documentation How to Enable or Reinstall SELinux on CentOS The official CentOS SELinux How To SELinux Project Wiki
Was this answer helpful?

Related Articles

Install and Configure Redis on CentOS 8   Introduction Redis is an open-source in-memory data structure store. You can use it as a... Install MongoDB on CentOS .article--sm, .article--sm .alert { font-size: 15px; line-height: 24px;... Install MongoDB on CentOS .article--sm, .article--sm .alert { font-size: 15px; line-height: 24px;... How to Set Up SSH Keys on Ubuntu 20.04 .Markdown_markdown___3RCz pre.prefixed code ol { list-style: none; margin: 0;... Install Apache Maven on Ubuntu 18.04 .article--sm, .article--sm .alert { font-size: 15px; line-height: 24px;...
Back

Powered by WHMCompleteSolution

  Support

  My Support Tickets   Announcements   Knowledgebase   Downloads   Network Status   Open Ticket