1、查看内核、系统版本
[root@virtualboxcentos7 test]# hostnamectl Static hostname: virtualboxcentos7 Icon name: computer-vm Chassis: vm Machine ID: e8d08b54fc55254aaefd55597b2e435b Boot ID: f308a2863585439cb4c69007b56ad527 Virtualization: kvm Operating System: CentOS Linux 7 (Core) ## 发行版 CPE OS Name: cpe:/o:centos:centos:7 Kernel: Linux 3.10.0-1160.49.1.el7.x86_64 ## 内核 Architecture: x86-64
2、查看当前的SElinux状态,sestatus命令
[root@virtualboxcentos7 test]# sestatus ## 使用sestatus查看 SELinux status: enabled SELinuxfs mount: /sys/fs/selinux SELinux root directory: /etc/selinux Loaded policy name: targeted Current mode: enforcing ## 说明是启用状态 Mode from config file: enforcing Policy MLS status: enabled Policy deny_unknown status: allowed Max kernel policy version: 31
3、临时关闭(系统重启后仍然后启动SElinux)
[root@virtualboxcentos7 test]# sestatus ## 查看当前状态 SELinux status: enabled SELinuxfs mount: /sys/fs/selinux SELinux root directory: /etc/selinux Loaded policy name: targeted Current mode: enforcing Mode from config file: enforcing Policy MLS status: enabled Policy deny_unknown status: allowed Max kernel policy version: 31 [root@virtualboxcentos7 test]# setenforce 0 ## 临时关闭SElinux [root@virtualboxcentos7 test]# sestatus ## 查看状态 SELinux status: enabled SELinuxfs mount: /sys/fs/selinux SELinux root directory: /etc/selinux Loaded policy name: targeted Current mode: permissive ## 由enforcing 变为了 permissive Mode from config file: enforcing Policy MLS status: enabled Policy deny_unknown status: allowed Max kernel policy version: 31
4、重新开启SElinux
[root@virtualboxcentos7 test]# sestatus ## 查看状态 SELinux status: enabled SELinuxfs mount: /sys/fs/selinux SELinux root directory: /etc/selinux Loaded policy name: targeted Current mode: permissive Mode from config file: enforcing Policy MLS status: enabled Policy deny_unknown status: allowed Max kernel policy version: 31 [root@virtualboxcentos7 test]# setenforce 1 ## 开启SElinux [root@virtualboxcentos7 test]# sestatus ## 查看状态 SELinux status: enabled SELinuxfs mount: /sys/fs/selinux SELinux root directory: /etc/selinux Loaded policy name: targeted Current mode: enforcing ## 由permissive 改为了 enforcing Mode from config file: enforcing Policy MLS status: enabled Policy deny_unknown status: allowed Max kernel policy version: 31
5、修改配置文件,永久关闭SElinux
[root@virtualboxcentos7 test]# vim /etc/sysconfig/selinux # This file controls the state of SELinux on the system. # SELINUX= can take one of these three values: # enforcing - SELinux security policy is enforced. # permissive - SELinux prints warnings instead of enforcing. # disabled - No SELinux policy is loaded. SELINUX=disabled ## 此处改为disabled, 然后保存退出 # SELINUXTYPE= can take one of three values: # targeted - Targeted processes are protected, # minimum - Modification of targeted policy. Only selected processes are protected. # mls - Multi Level Security protection. SELINUXTYPE=targeted
6、重启系统、检查
[root@virtualboxcentos7 test]# reboot
[root@virtualboxcentos7 test]# sestatus
SELinux status: disabled
[root@virtualboxcentos7 test]# getenforce ## 说明已经禁用SElinux
Disabled
7、如果永久开启,在/etc/sysconfig/selinux配置文件中disabled改为enforcing,然后重启系统即可
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 [email protected] 举报,一经查实,本站将立刻删除。