How to disable & Enable SELinux on RHEL and CentOS Linux

Security-Enhanced Linux (SELinux) was integrated into the upstream Linux kernel in 2003. It’s a Linux kernel security features  for access control. SELinux defines access controls for the applications, processes, and files on a system. SELinux provides the extra layer of security on the running system. 

We must enable SELinux as far as the security is concerned if the systems are in the production environment. If the SELinux is enabled and permission is denied a message “avc:denied” will be printed in /var/log/messages. By default, SELinux is enabled and enforcing mode. You must be wondering why are we disabling the SELinux. Sometime we may have to disable SELinux to check the proper functioning of the application also you may disabled the SELinux in UAT/testing environment. In this page, we are going to see the simple steps to disable SELinux in Red Hat and CentOS Linux 8/7/6.

There are three modes of SELinux
Enforcing – It’s is default mode, it will enforce the policies on the system.
Permissive – In this mode SELinux is enables but not enforcing the security policies. But warnings and logs will be printed if SELinux policy setting is breached.
DisabledThis will totally disabled the SELinux.
Step 1:Get the current status of SELinux.

# getenforce
or 
# sestatus

From the above output, we can see that SELinux is enabled and enforcing mode. We can see the details status using -b option along with sestatus command. Which shows the details description of the services are enabled and disabled.
# sestatus -b

Step 2Temporary way to disable SELinux. Execute below command. But SELinux will be enabled once the system is reboot.

setenforce 0
or 
setenforce Permissive

Step 3Disable SELinux permanently
# vi /etc/selinux/config

Save and exit the file. Need to restart your system to take effect. 
Now check the status of SELinux with below command.

# sestatus
Conclusion: In this tutorial, we have seen some easy steps to enable and disable SELinux. Still we strongly recommend to enable it for extra layer of security. Big thanks for reading all the way to the end. Please share it with Your Friends & Help Someone… and also Like Our Facebook Page. kindly share your inputs through comment section below !!

Leave a Comment