CentOS7中关闭selinux
2015-10-27 15:53
441 查看
在安装Cobbler和Puppet时需要关闭selinux,但是通常情况下载安装完CentOS7后,默认情况下SElinux是启用状态,
如下所示:
[csharp] view plaincopy
[root@rdo ~]# sestatus
SELinux status: enabled
SELinuxfs mount: /sys/fs/selinux
SELinux root directory: /etc/selinux
Loaded policy name: targeted
Current mode: enforcing
Mode from config file: enforcing
Policy MLS status: enabled
Policy deny_unknown status: allowed
Max kernel policy version: 28
1、如果要临时关闭,可以执行
[cpp] view plaincopy
setenforce 0
此时的状态如下
[html] view plaincopy
[root@rdo ~]# sestatus
SELinux status: enabled
SELinuxfs mount: /sys/fs/selinux
SELinux root directory: /etc/selinux
Loaded policy name: targeted
Current mode: permissive
Mode from config file: enforcing
Policy MLS status: enabled
Policy deny_unknown status: allowed
Max kernel policy version: 28
2、如果要永久关闭,可以修改配置文件/etc/selinux/config,将SELINU置为disabled。
[html] view plaincopy
[root@rdo ~]# cat /etc/selinux/config
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
#SELINUX=enforcing
SELINUX=disabled
# SELINUXTYPE= can take one of three two values:
# targeted - Targeted processes are protected,
# minimum - Modification of targeted policy. Only selected processes are protected.
# mls - Multi Level Security protection.
SELINUXTYPE=targeted
修改该配置文件也可以执行下面的命令来完成
[html] view plaincopy
sed -i '/SELINUX/s/enforcing/disabled/' /etc/selinux/config
修改完成后,保存重启,重启后状态如下:
[html] view plaincopy
[root@rdo ~]# sestatus
SELinux status: disabled
如下所示:
[csharp] view plaincopy
[root@rdo ~]# sestatus
SELinux status: enabled
SELinuxfs mount: /sys/fs/selinux
SELinux root directory: /etc/selinux
Loaded policy name: targeted
Current mode: enforcing
Mode from config file: enforcing
Policy MLS status: enabled
Policy deny_unknown status: allowed
Max kernel policy version: 28
1、如果要临时关闭,可以执行
[cpp] view plaincopy
setenforce 0
此时的状态如下
[html] view plaincopy
[root@rdo ~]# sestatus
SELinux status: enabled
SELinuxfs mount: /sys/fs/selinux
SELinux root directory: /etc/selinux
Loaded policy name: targeted
Current mode: permissive
Mode from config file: enforcing
Policy MLS status: enabled
Policy deny_unknown status: allowed
Max kernel policy version: 28
2、如果要永久关闭,可以修改配置文件/etc/selinux/config,将SELINU置为disabled。
[html] view plaincopy
[root@rdo ~]# cat /etc/selinux/config
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
#SELINUX=enforcing
SELINUX=disabled
# SELINUXTYPE= can take one of three two values:
# targeted - Targeted processes are protected,
# minimum - Modification of targeted policy. Only selected processes are protected.
# mls - Multi Level Security protection.
SELINUXTYPE=targeted
修改该配置文件也可以执行下面的命令来完成
[html] view plaincopy
sed -i '/SELINUX/s/enforcing/disabled/' /etc/selinux/config
修改完成后,保存重启,重启后状态如下:
[html] view plaincopy
[root@rdo ~]# sestatus
SELinux status: disabled
相关文章推荐
- windos批处理从dos界面传入参数到批处理文件的方法
- CentOS系统安装JDK
- linux内核官方网站
- Linux驱动修炼之道-SPI驱动框架源码分析(下)
- Centos 5.6下rsync安装配置(yum)
- Linux驱动修炼之道-SPI驱动框架源码分析(中)
- Linux 下操作GPIO(两种方法,驱动和mmap)(转载)
- Linux内核访问外设I/O--动态映射(ioremap)和静态映射(map_desc) (转载)
- CentOS 7 下安装 NS2
- Linux驱动修炼之道-SPI驱动框架源码分析(上)
- linux 常用命令
- PASSION之Linux中netstat命令和管道命令
- Linux IPMI 安装配置实用
- Linux基础命令日常积累
- linux tmpfs与/dev/shm探讨及其应用
- linux tmpfs与/dev/shm探讨及其应用
- arm-linux-gnueabihf-gcc下载
- linux svn切换用户
- linuxc_螺纹锁紧pthread_mutex_t
- nagios 监控 linux主机的信息