RHEL 7关闭防火墙及SElinux

Red Hat Enterprise Linux 7关闭防火墙及SElinux
一、关闭防火墙
1. 先查看防火墙状态
[root@db1 ~]#systemctl status firewalld
firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled)
Active: active (running) since 三 2017-10-11 15:31:32 CST; 2min 20s ago
Main PID: 809 (firewalld)
CGroup: /system.slice/firewalld.service
└─809 /usr/bin/python -Es /usr/sbin/firewalld --nofork --nopid
10月 11 15:32:32 db1 systemd[1]: Started firewalld - dynamic firewall daemon.

2. 关闭防火墙
[root@db1 ~]#systemctl stop firewalld
[root@db1 ~]#systemctl status firewalld
firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled)
Active: inactive (dead)

10月 11 23:31:18 db1 systemd[1]: Starting firewalld - dynamic firewall dae.....
10月 11 15:31:32 db1 systemd[1]: Started firewalld - dynamic firewall daemon.
10月 11 15:34:54 db1 systemd[1]: Stopping firewalld - dynamic firewall dae.....
10月 11 15:34:55 db1 systemd[1]: Stopped firewalld - dynamic firewall daemon.

3. 查看防火墙服务是否开机启动
[root@db1 ~]#systemctl is-enabled firewalld
enabled #开启

4. 关闭防火墙开机启动
[root@db1 ~]#systemctl disable firewalld
rm '/etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service'
rm '/etc/systemd/system/basic.target.wants/firewalld.service'
[root@db1 ~]#systemctl is-enabled firewalld
disabled

二、关闭SELinux
1. 查看当前SELinux状态
[root@db1 ~]#getenforce
Enforcing

2. 关闭SElinux
[root@db1 ~]# getenforce 0
[root@db1 ~]# getenforce
Permissive

3. 编辑配置文件
[root@db1 ~]#vim /etc/selinux/config
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=permissive #修改此参数
# SELINUXTYPE= can take one of three two values:
# targeted - Targeted processes are protected,
# minimum - Modification of targeted policy. Only selected processes are protected.
# mls - Multi Level Security protection.
#SELINUXTYPE=targeted #注释此行