linux中如何关闭\开启SElinux
2022/2/1 7:27:40
本文主要是介绍linux中如何关闭\开启SElinux,对大家解决编程问题具有一定的参考价值,需要的程序猿们随着小编来一起学习吧!
1、查看内核、系统版本
[root@virtualboxcentos7 test]# hostnamectl Static hostname: virtualboxcentos7 Icon name: computer-vm Chassis: vm Machine ID: e8d08b54fc55254aaefd55597b2e435b Boot ID: f308a2863585439cb4c69007b56ad527 Virtualization: kvm Operating System: CentOS Linux 7 (Core) ## 发行版 CPE OS Name: cpe:/o:centos:centos:7 Kernel: Linux 3.10.0-1160.49.1.el7.x86_64 ## 内核 Architecture: x86-64
2、查看当前的SElinux状态,sestatus命令
[root@virtualboxcentos7 test]# sestatus ## 使用sestatus查看 SELinux status: enabled SELinuxfs mount: /sys/fs/selinux SELinux root directory: /etc/selinux Loaded policy name: targeted Current mode: enforcing ## 说明是启用状态 Mode from config file: enforcing Policy MLS status: enabled Policy deny_unknown status: allowed Max kernel policy version: 31
3、临时关闭(系统重启后仍然后启动SElinux)
[root@virtualboxcentos7 test]# sestatus ## 查看当前状态 SELinux status: enabled SELinuxfs mount: /sys/fs/selinux SELinux root directory: /etc/selinux Loaded policy name: targeted Current mode: enforcing Mode from config file: enforcing Policy MLS status: enabled Policy deny_unknown status: allowed Max kernel policy version: 31 [root@virtualboxcentos7 test]# setenforce 0 ## 临时关闭SElinux [root@virtualboxcentos7 test]# sestatus ## 查看状态 SELinux status: enabled SELinuxfs mount: /sys/fs/selinux SELinux root directory: /etc/selinux Loaded policy name: targeted Current mode: permissive ## 由enforcing 变为了 permissive Mode from config file: enforcing Policy MLS status: enabled Policy deny_unknown status: allowed Max kernel policy version: 31
4、重新开启SElinux
[root@virtualboxcentos7 test]# sestatus ## 查看状态 SELinux status: enabled SELinuxfs mount: /sys/fs/selinux SELinux root directory: /etc/selinux Loaded policy name: targeted Current mode: permissive Mode from config file: enforcing Policy MLS status: enabled Policy deny_unknown status: allowed Max kernel policy version: 31 [root@virtualboxcentos7 test]# setenforce 1 ## 开启SElinux [root@virtualboxcentos7 test]# sestatus ## 查看状态 SELinux status: enabled SELinuxfs mount: /sys/fs/selinux SELinux root directory: /etc/selinux Loaded policy name: targeted Current mode: enforcing ## 由permissive 改为了 enforcing Mode from config file: enforcing Policy MLS status: enabled Policy deny_unknown status: allowed Max kernel policy version: 31
5、修改配置文件,永久关闭SElinux
[root@virtualboxcentos7 test]# vim /etc/sysconfig/selinux # This file controls the state of SELinux on the system. # SELINUX= can take one of these three values: # enforcing - SELinux security policy is enforced. # permissive - SELinux prints warnings instead of enforcing. # disabled - No SELinux policy is loaded. SELINUX=disabled ## 此处改为disabled, 然后保存退出 # SELINUXTYPE= can take one of three values: # targeted - Targeted processes are protected, # minimum - Modification of targeted policy. Only selected processes are protected. # mls - Multi Level Security protection. SELINUXTYPE=targeted
6、重启系统、检查
[root@virtualboxcentos7 test]# reboot
[root@virtualboxcentos7 test]# sestatus SELinux status: disabled [root@virtualboxcentos7 test]# getenforce ## 说明已经禁用SElinux Disabled
7、如果永久开启,在/etc/sysconfig/selinux配置文件中disabled改为enforcing,然后重启系统即可
这篇关于linux中如何关闭\开启SElinux的文章就介绍到这儿,希望我们推荐的文章对大家有所帮助,也希望大家多多支持为之网!
- 2024-03-30[译]漫画SELinux概念
- 2024-03-29linux 移动文件
- 2024-03-28linux .so file
- 2024-03-28Linux 磁盘管理
- 2024-03-28Linux学习笔记(十三)磁盘管理(一):磁盘分区
- 2024-03-26linux 创建 文件
- 2024-03-25使用SecureCRT对Linux vim进行颜色设置
- 2024-03-202019-2020-12 20199317 《Linux内核原理与分析》 第十二周作业
- 2024-03-20Linux运维的第二周总结
- 2024-03-13how to count number of directories in linux