There is a Linux kernel module that protects your system from security issues. It allows Linux users to have better control of their systems. It is called SELinux (Security-Enhanced Linux).
With SELinux, administrators, and users specify the policy rules that control how processes running on the system and users interact with each other. Besides, the SELinux also rules the way how users and processes interact with files.
Here at Ibmi Media, as part of our Server Management Services, we regularly help our customers to perform related SELinux queries on Linux systems.
In this context, we shall look into how to disable SELinux on CentOS 7.
Different modes of SELinux:
- Enforcing: SELinux will be based on policy rules to allow access.
- Permissive: SELinux will log all actions that been denied if they running in the enforcing mode.
- Disabled: There is no SELinux policy loaded.
By default, SELinux is enabled in enforcing mode on CentOS 7. It's highly recommended to enable the SELinux and keep it running in enforcing mode. However, in some cases, you need to set the SELinux in the permissive mode or disable it.
How to Verify the SELinux status ?
In order to check whether the SELinux is enabled or not? Let's run the following commands:
$ sudo sestatus
How to Disable the SELinux status ?
You can simply change the mode of SELinux from enforcing to permissive by running the following command:
$ sudo setenforce 0
The above command only affects the current session. In order to disable the SELinux permanently, you need to edit /etc/selinux/config file:
Now, reboot your CentOS system then check the SELinux status again:
$ sudo sestatus
[Need help in fixing Linux system issues? We can help you. ]