In CentOS 7, based on the open Linux kernel has a built-in security system called SELinux (Security Enhanced Linux). Thanks to this tool ensures the control of access controls. The administrator edits present policy, thereby tuning the optimum configuration utility. In the absence of rights to resolve the access is denied — this model applies to settings and other parameters. In view of the above, the tool determine the interaction between processes and users sometimes should be disabled. Today we would like to show two methods of carrying out this operation.
Disable SELinux in CentOS
The developers recommend to always keep the SELinux operating mode to”enforcing” — enforcement of rules. If the administrator will need to change this mode to “disabled”, it can be done in a single session, or permanently, by making changes to the configuration file. First check the current status of the utility to decide whether to disable it or not. For this produce just one command:
su -. After this, you will need to enter the password from root access. Written so the characters are never shown for security reasons.
sestatusby inserting it and pressing Enter.
Thus, using the built-in command you can quickly check the status of the built-in security system. Then I advise you to read with two methods of disabling SELinux that will be most useful in different situations.
Method 1: Disable the current session
Usually SELinux is disabled in order to check any OS settings or bug fixes. It is sufficient that the utility was disabled for a terminal session. It does not need to modify the configuration file, use the command
sudo setenforce 0, where 0 is the shutdown value.
To ensure that the protection was successfully disabled. After launching a new system platform it will continue its work in normal mode, that is specified in the configuration file. Don’t forget that after each restart of the OS the command given above will have to register again to re-disable SELinux.
Method 2: Permanently disable
Permanently disabling SELinux is active even after reboot of the OS, because the parameter can be set via the configuration file. As you might already know, change will have to manually. For this we recommend to use any convenient text editor.
sudo yum install nano.
sudo nano /etc/selinux/config.
sudo shutdown-r now.
After performing these actions the security system will be active only after you change its value back to “enabled”, “enforcing” or “permissive”. Otherwise it will remain disabled always, in any action by the user or processes. Is that possible at the current session to enable SELinux via the command
sudo setenforce 1.
Each user chooses the most appropriate method of disconnection is considered today tool, because they differ in principle. In General, in both cases, the procedure is quite simple and will not cause difficulties even for inexperienced users.