【就业班作业】【第十周】1、编写脚本selinux.sh，实现开启或禁用SELinux功能

编写脚本selinux.sh，实现开启或禁用SELinux功能：

#!/bin/bash
#
echo "########################################"
echo -e "Current status:\n`sestatus`"
echo "########################################"
echo -e "\n"
read -p "Please input enable|disable|permissive|quit to set selinux:" Arg
if [ $Arg == "enable" ] ; then
    setenforce 1
    sed -ri.bak  "s#^SELINUX=.*#SELINUX=enforcing#" /etc/selinux/config &>/dev/null
    echo "Selinux current status is `getenforce`"
    echo "Selinux'config file is set `sed -n "/^SELINUX=/p" /etc/selinux/config`"
    exit
elif [ $Arg == "disable" ] ; then
    setenforce 0
    sed -ri.bak  "s#^SELINUX=.*#SELINUX=disabled#" /etc/selinux/config &>/dev/null
    echo "Selinux current status is `getenforce`,But Disabled's status need to reboot"
    echo "Selinux'config file is set `sed -n "/^SELINUX=/p" /etc/selinux/config`"
    exit
elif [ $Arg == "permissive" ] ; then
    setenforce Permissive
    sed -ri.bak  "s#^SELINUX=.*#SELINUX=Permissive#" /etc/selinux/config &>/dev/null
    echo "Selinux current status is `getenforce`"
    echo "Selinux'config file is set `sed -n "/^SELINUX=/p" /etc/selinux/config`"
    exit
else [ $Arg == "quit" ] 
    echo "The shell exit"
    exit
fi

测试效果：

[root@localhost data]# bash +x ./selinuxset.sh 
########################################
Current status:
SELinux status:                 enabled
SELinuxfs mount:                /sys/fs/selinux
SELinux root directory:         /etc/selinux
Loaded policy name:             targeted
Current mode:                   permissive
Mode from config file:          permissive
Policy MLS status:              enabled
Policy deny_unknown status:     allowed
Max kernel policy version:      31
########################################

Please input enable|disable|permissive|quit to set selinux:enable
Selinux current status is Enforcing
Selinux'config file is set SELINUX=enforcing
[root@localhost data]# bash +x ./selinuxset.sh 
########################################
Current status:
SELinux status:                 enabled
SELinuxfs mount:                /sys/fs/selinux
SELinux root directory:         /etc/selinux
Loaded policy name:             targeted
Current mode:                   enforcing
Mode from config file:          enforcing
Policy MLS status:              enabled
Policy deny_unknown status:     allowed
Max kernel policy version:      31
########################################

Please input enable|disable|permissive|quit to set selinux:disable
Selinux current status is Permissive,But Disabled's status need to reboot
Selinux'config file is set SELINUX=disabled
[root@localhost data]# bash +x ./selinuxset.sh 
########################################
Current status:
SELinux status:                 enabled
SELinuxfs mount:                /sys/fs/selinux
SELinux root directory:         /etc/selinux
Loaded policy name:             targeted
Current mode:                   permissive
Mode from config file:          disabled
Policy MLS status:              enabled
Policy deny_unknown status:     allowed
Max kernel policy version:      31
########################################

Please input enable|disable|permissive|quit to set selinux:permissive
Selinux current status is Permissive
Selinux'config file is set SELINUX=Permissive
[root@localhost data]# sestatus
SELinux status:                 enabled
SELinuxfs mount:                /sys/fs/selinux
SELinux root directory:         /etc/selinux
Loaded policy name:             targeted
Current mode:                   permissive
Mode from config file:          permissive
Policy MLS status:              enabled
Policy deny_unknown status:     allowed
Max kernel policy version:      31
[root@localhost data]#

（结束）

posted @ 2020-10-09 13:04 sankeya 阅读(189) 评论(0) 编辑收藏举报

会员力量，点亮园子希望

刷新页面返回顶部

sankeya

【就业班作业】【第十周】1、编写脚本selinux.sh，实现开启或禁用SELinux功能

公告