首頁 » 所有內容

selinux

由 datahunter 在 一, 19/11/2012 - 16:27 發表

 

 

Centos8

 

在 C8, 設定更改了位置, 由 /etc/sysconfig/selinux 改到 /etc/selinux/config

 

Centos7

 

在 C7.9, 設定更改了位置, 由 /etc/sysconfig/selinux 改到 /etc/selinux/config

 

# Check status

getsebool

getsebool:  SELinux is disabled

sestatus [-v]

-v              # Displays the contexts of files and processes listed  in  the  /etc/sestatus.conf

SELinux status:                 enabled
SELinuxfs mount:                /sys/fs/selinux
SELinux root directory:         /etc/selinux
Loaded policy name:             targeted
Current mode:                   enforcing
Mode from config file:          disabled
Policy MLS status:              enabled
Policy deny_unknown status:     allowed
Max kernel policy version:      28

sestatus -b

-b              # Display the current state of booleans.

...............
Policy booleans:
abrt_anon_write                             off
abrt_handle_event                           off
abrt_upload_watch_anon_write                on
antivirus_can_scan_system                   off
antivirus_use_jit                           off
auditadm_exec_content                       on
...............

 

Centos6

 

echo 0 > /selinux/enforce

/etc/selinux/config

# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.

SELINUX=enforcing
SELINUXTYPE=targeted

 

Temporary disable selinux

 

# Disable by file

C7

echo 0 > /sys/fs/selinux/enforce

C6

echo 0 > /selinux/enforce

Disable by cmd

# Use Enforcing or 1 to put SELinux in enforcing mode.

# Use Permissive or 0 to put SELinux in permissive mode.

setenforce 0

 

 

 

 

 

 

 

 

 

 

 

 

»
  • 瀏覽次數: 1108

Creative Commons license icon Creative Commons license icon