Centos8
在 C8, 設定更改了位置, 由 /etc/sysconfig/selinux 改到 /etc/selinux/config
Centos7
在 C7.9, 設定更改了位置, 由 /etc/sysconfig/selinux 改到 /etc/selinux/config
# Check status
getsebool
getsebool: SELinux is disabled
sestatus [-v]
-v # Displays the contexts of files and processes listed in the /etc/sestatus.conf
SELinux status: enabled
SELinuxfs mount: /sys/fs/selinux
SELinux root directory: /etc/selinux
Loaded policy name: targeted
Current mode: enforcing
Mode from config file: disabled
Policy MLS status: enabled
Policy deny_unknown status: allowed
Max kernel policy version: 28
sestatus -b
-b # Display the current state of booleans.
............... Policy booleans: abrt_anon_write off abrt_handle_event off abrt_upload_watch_anon_write on antivirus_can_scan_system off antivirus_use_jit off auditadm_exec_content on ...............
Centos6
echo 0 > /selinux/enforce
/etc/selinux/config
# permissive - SELinux prints warnings instead of enforcing. # disabled - No SELinux policy is loaded. SELINUX=enforcing SELINUXTYPE=targeted
Temporary disable selinux
# Disable by file
C7
echo 0 > /sys/fs/selinux/enforce
C6
echo 0 > /selinux/enforce
Disable by cmd
# Use Enforcing or 1 to put SELinux in enforcing mode.
# Use Permissive or 0 to put SELinux in permissive mode.
setenforce 0