Linux--selinux

SELinux 介绍

SELinux是美国国家安全局(NSA)对于强制访问控制的实现。大多数情况下我们会关闭SELinux。

永久关闭SELinux

  • 修改SELinux的配置文件:
[root@39 ~]# cp /etc/selinux/config /etc/selinux/config.bak 
[root@39 ~]# sed -i 's#SELINUX=enforcing#SELINUX=disabled#g' /etc/selinux/config 
[root@39 ~]# cat /etc/selinux/config

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing - SELinux security policy is enforced.        # 已经启动
#     permissive - SELinux prints warnings instead of enforcing.        # 临时停用,会有警告
#     disabled - No SELinux policy is loaded.        # 彻底关闭
SELINUX=disabled
# SELINUXTYPE= can take one of these two values:
#     targeted - Targeted processes are protected,
#     mls - Multi Level Security protection.
SELINUXTYPE=targeted 

注意:修改完配置文件后需要重启服务器才能生效

临时关闭SELinux

# 查看SELinux状态:
[root@39 ~]# getenforce 
Enforcing

[root@39 ~]# setenforce 
usage:  setenforce [ Enforcing | Permissive | 1 | 0 ]  
[root@u39 ~]# setenforce 0
[root@39 ~]# getenforce 
Permissive
posted @ 2019-11-21 20:23  忘川的彼岸  阅读(278)  评论(0编辑  收藏  举报