Saturday, 24 June 2017

How to disable the SELinux in Linux operating system machine

Security-enhanced Linux (SELINUX): SELinux is know as Security enhanced linux system which is the security feature of the Linux kernel system. It is define the security Policy which makes system proctative agaginst the misconfiguration of the daemons. SELinux running in 3 modes which is disabled, enabled and permissive. We will explain these mode in configuration steps.

Here, you can find the all the steps which is required to enable or disable the SELinux configuration.

How to disable SELinux on Linux operating system:

➤ In the first step you can check the current status of SELinux. To do this please run the below command.

[root@localhost]# getenforce
Enabled

"getenforce" command is used for checking the current status of SELinux.

➤ As you see on my machine when I run the above command my SElinux is enabled, So in this step we will change the SELinux mode.

[root@localhost]# vi /etc/sysconfig/selinux

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of these two values:
# targeted - Targeted processes are protected,
# mls - Multi Level Security protection.
SELINUXTYPE=targeted

Normally selinux configuration file you can found on the above location. You can edit the SELINUX entry to disabled. All the command is run by super user "root" only.

➤ Once you change the entry in SELinux configuration file then for permanent effect you need to take a reboot of the system.

[root@localhost]# init 6

Once you reboot the server all the configuration files changes has been done.

➤ In the last step you will run the "getenforce" command again to verify the new status of SELinux.

[root@localhost]# getenforce
Disabled

If you comparison the both step 1 and this step output you can found that SELinux policy is not disabled on the Linux operating system.

No comments:

Post a Comment