How to Disable SELinux on CentOS

Estimated reading: 2 minutes 811 views

Introduction

Security-Enhanced Linux (SELinux

) adds policy-based security to the CentOS Linux kernel. System administrators set SELinux policy rules to specify access controls to processes, users, and files. By default, SELinux denies access to objects if no policy rule explicitly allows access.

Perform these steps as a sudo-enabled user, or root. This guide has been tested on:

  • CentOS 9
  • CentOS 8
  • CentOS 7
Prerequisites
  • A VPS/server running CentOS
  • Full root access
About SELinux Modes

SELinux operates in one of three modes:

  • Enforcing: SELinux controls access through policy rules.
  • Permissive: SELinux only logs actions that would have been denied.
  • Disabled: SELinux is disabled and does not create logs.

We recommend using SELinux in enforcing mode. If your application is not compatible with SELinux, you may need to disable it completely.

Check SELinux Status

Check the status of SELinux:

# sestatus

Find the lines relevant to this tutorial with grep:

# sestatus | grep 'SELinux status'
sestatus | grep 'Current mode'
Temporarily Disable SELinux

To temporarily disable SELinux, use setenforce.

# setenforce 0
# sestatus | grep 'Current mode'

  • enforcing – SELinux security policy is enforced.
  • permissive – SELinux prints warnings instead of enforcing (disabled).

Notice that Current mode is now permissive. This change will only persist until the next reboot.

Permanently Disable SELinux

To disable SELinux and make it persist across reboots, edit /etc/selinux/config.

# vi /etc/selinux/config

Change the SELINUX directive with either permissive or disabled.

SELINUX=disabled

Save and exit the file, then reboot.

# reboot

After the reboot, check the status.

# sestatus
And that’s it! Enjoy GreenCloudVPS services!


Leave a Comment

Share this Doc

How to Disable SELinux on CentOS

Or copy link

CONTENTS