linux中如何关闭\开启SElinux
1、查看内核、系统版本
[root@virtualboxcentos7 test]# hostnamectl Static hostname: virtualboxcentos7 Icon name: computer-vm Chassis: vm Machine ID: e8d08b54fc55254aaefd55597b2e435b Boot ID: f308a2863585439cb4c69007b56ad527 Virtualization: kvm Operating System: CentOS Linux 7 (Core) ## 发行版 CPE OS Name: cpe:/o:centos:centos:7 Kernel: Linux 3.10.0-1160.49.1.el7.x86_64 ## 内核 Architecture: x86-64
2、查看当前的SElinux状态,sestatus命令
[root@virtualboxcentos7 test]# sestatus ## 使用sestatus查看 SELinux status: enabled SELinuxfs mount: /sys/fs/selinux SELinux root directory: /etc/selinux Loaded policy name: targeted Current mode: enforcing ## 说明是启用状态 Mode from config file: enforcing Policy MLS status: enabled Policy deny_unknown status: allowed Max kernel policy version: 31
3、临时关闭(系统重启后仍然后启动SElinux)
[root@virtualboxcentos7 test]# sestatus ## 查看当前状态 SELinux status: enabled SELinuxfs mount: /sys/fs/selinux SELinux root directory: /etc/selinux Loaded policy name: targeted Current mode: enforcing Mode from config file: enforcing Policy MLS status: enabled Policy deny_unknown status: allowed Max kernel policy version: 31 [root@virtualboxcentos7 test]# setenforce 0 ## 临时关闭SElinux [root@virtualboxcentos7 test]# sestatus ## 查看状态 SELinux status: enabled SELinuxfs mount: /sys/fs/selinux SELinux root directory: /etc/selinux Loaded policy name: targeted Current mode: permissive ## 由enforcing 变为了 permissive Mode from config file: enforcing Policy MLS status: enabled Policy deny_unknown status: allowed Max kernel policy version: 31
4、重新开启SElinux
[root@virtualboxcentos7 test]# sestatus ## 查看状态 SELinux status: enabled SELinuxfs mount: /sys/fs/selinux SELinux root directory: /etc/selinux Loaded policy name: targeted Current mode: permissive Mode from config file: enforcing Policy MLS status: enabled Policy deny_unknown status: allowed Max kernel policy version: 31 [root@virtualboxcentos7 test]# setenforce 1 ## 开启SElinux [root@virtualboxcentos7 test]# sestatus ## 查看状态 SELinux status: enabled SELinuxfs mount: /sys/fs/selinux SELinux root directory: /etc/selinux Loaded policy name: targeted Current mode: enforcing ## 由permissive 改为了 enforcing Mode from config file: enforcing Policy MLS status: enabled Policy deny_unknown status: allowed Max kernel policy version: 31
5、修改配置文件,永久关闭SElinux
[root@virtualboxcentos7 test]# vim /etc/sysconfig/selinux # This file controls the state of SELinux on the system. # SELINUX= can take one of these three values: # enforcing - SELinux security policy is enforced. # permissive - SELinux prints warnings instead of enforcing. # disabled - No SELinux policy is loaded. SELINUX=disabled ## 此处改为disabled, 然后保存退出 # SELINUXTYPE= can take one of three values: # targeted - Targeted processes are protected, # minimum - Modification of targeted policy. Only selected processes are protected. # mls - Multi Level Security protection. SELINUXTYPE=targeted
6、重启系统、检查
[root@virtualboxcentos7 test]# reboot
[root@virtualboxcentos7 test]# sestatus
SELinux status: disabled
[root@virtualboxcentos7 test]# getenforce ## 说明已经禁用SElinux
Disabled
7、如果永久开启,在/etc/sysconfig/selinux配置文件中disabled改为enforcing,然后重启系统即可
分类:
linux shell
【推荐】国内首个AI IDE,深度理解中文开发场景,立即下载体验Trae
【推荐】编程新体验,更懂你的AI,立即体验豆包MarsCode编程助手
【推荐】抖音旗下AI助手豆包,你的智能百科全书,全免费不限次数
【推荐】轻量又高性能的 SSH 工具 IShell:AI 加持,快人一步
· 震惊!C++程序真的从main开始吗?99%的程序员都答错了
· 【硬核科普】Trae如何「偷看」你的代码?零基础破解AI编程运行原理
· 单元测试从入门到精通
· 上周热点回顾(3.3-3.9)
· winform 绘制太阳,地球,月球 运作规律
2021-02-01 linux系统redhat8.3安装R-4.0.3(编译安装)
2021-02-01 linux系统redhat 8.3 安装R
2021-02-01 linux系统centos8.0 安装R
2021-02-01 linux系统redhat7.9 安装R(编译安装)
2021-02-01 linux系统centos7.9安装R(编译安装)