Security-Enhanced Linux is a Linux kernel security module that provides a mechanism for supporting access control security policies, including mandatory access controls.
It offers a means of executing some security policies which are usually not implemented effectively by system administrators.
SELinux is installed and enabled on CentOS by default. Some applications however may not support these security mechanisms and thus the need to disable either permanently or temporarily
Note: If you want to disable SELinux, ensure that you have implemented some mandatory access on files and services to function properly
Checking SELinux Status
The following command can be used to check the status of SELinux on your system.
$ sestatus
Disabling SELinux Temporarily
Disabling SELinux temporarily can be done by issuing the following command
# echo 0 > /selinux/enforce
SELinux will be disabled until the next reboot
Disabling SELinux permanently
To disable SELinux permanently, open the following file and edit as follows:
# vi /etc/sysconfig/selinux
Edit the
SELinux=enforcing directive to
SELinux=disabled as shown in the below
Save changes and exit.
Reboot the system for the changes to be effected.
Once the reboot is complete, check the SELinux status again as shown above
$ sestatus
The status should be displayed as disabled.