CentOS7中关闭selinux
2015-09-10 22:01
579 查看
在安装Cobbler和Puppet时需要关闭selinux,但是通常情况下载安装完CentOS7后,默认情况下SElinux是启用状态,
如下所示:
[csharp] view plaincopy
[root@rdo ~]# sestatus
SELinux status: enabled
SELinuxfs mount: /sys/fs/selinux
SELinux root directory: /etc/selinux
Loaded policy name: targeted
Current mode: enforcing
Mode from config file: enforcing
Policy MLS status: enabled
Policy deny_unknown status: allowed
Max kernel policy version: 28
1、如果要临时关闭,可以执行
[cpp] view plaincopy
setenforce 0
此时的状态如下
[html] view plaincopy
[root@rdo ~]# sestatus
SELinux status: enabled
SELinuxfs mount: /sys/fs/selinux
SELinux root directory: /etc/selinux
Loaded policy name: targeted
Current mode: permissive
Mode from config file: enforcing
Policy MLS status: enabled
Policy deny_unknown status: allowed
Max kernel policy version: 28
2、如果要永久关闭,可以修改配置文件/etc/selinux/config,将SELINU置为disabled。
[html] view plaincopy
[root@rdo ~]# cat /etc/selinux/config
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
#SELINUX=enforcing
SELINUX=disabled
# SELINUXTYPE= can take one of three two values:
# targeted - Targeted processes are protected,
# minimum - Modification of targeted policy. Only selected processes are protected.
# mls - Multi Level Security protection.
SELINUXTYPE=targeted
修改该配置文件也可以执行下面的命令来完成
[html] view plaincopy
sed -i '/SELINUX/s/enforcing/disabled/' /etc/selinux/config
修改完成后,保存重启,重启后状态如下:
[html] view plaincopy
[root@rdo ~]# sestatus
SELinux status: disabled
http://www.centoscn.com/CentOS/config/2015/0618/5681.html
如下所示:
[csharp] view plaincopy
[root@rdo ~]# sestatus
SELinux status: enabled
SELinuxfs mount: /sys/fs/selinux
SELinux root directory: /etc/selinux
Loaded policy name: targeted
Current mode: enforcing
Mode from config file: enforcing
Policy MLS status: enabled
Policy deny_unknown status: allowed
Max kernel policy version: 28
1、如果要临时关闭,可以执行
[cpp] view plaincopy
setenforce 0
此时的状态如下
[html] view plaincopy
[root@rdo ~]# sestatus
SELinux status: enabled
SELinuxfs mount: /sys/fs/selinux
SELinux root directory: /etc/selinux
Loaded policy name: targeted
Current mode: permissive
Mode from config file: enforcing
Policy MLS status: enabled
Policy deny_unknown status: allowed
Max kernel policy version: 28
2、如果要永久关闭,可以修改配置文件/etc/selinux/config,将SELINU置为disabled。
[html] view plaincopy
[root@rdo ~]# cat /etc/selinux/config
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
#SELINUX=enforcing
SELINUX=disabled
# SELINUXTYPE= can take one of three two values:
# targeted - Targeted processes are protected,
# minimum - Modification of targeted policy. Only selected processes are protected.
# mls - Multi Level Security protection.
SELINUXTYPE=targeted
修改该配置文件也可以执行下面的命令来完成
[html] view plaincopy
sed -i '/SELINUX/s/enforcing/disabled/' /etc/selinux/config
修改完成后,保存重启,重启后状态如下:
[html] view plaincopy
[root@rdo ~]# sestatus
SELinux status: disabled
http://www.centoscn.com/CentOS/config/2015/0618/5681.html
相关文章推荐
- 学习linux
- Linux上使用SMART检测硬盘
- Linux V4L2 摄像头视频采集
- 在CentOS 6.3中安装与配置JDK-7
- [转]Linux上程序执行的入口--Main
- linux likely & unlikely 宏
- 【1】基于TQ2440的MP3设计——【5、裁剪和移植Linux 2.6 内核】
- Linux下常用命令-权限管理命令
- linux相关的关机命令shutdown、halt、poweroff、init
- 《神探tcpdump终结招》-linux命令五分钟系列之四十三
- 《神探tcpdump第八招》-linux命令五分钟系列之四十二
- 《神探tcpdump第七招》-linux命令五分钟系列之四十一
- 《rsync同步的艺术》–linux命令五分钟系列之四十五
- 《ssh-copy-id帮你建立信任》–linux命令五分钟系列之四十四
- 《神探tcpdump第六招》-linux命令五分钟系列之四十
- 《神探tcpdump第五招》-linux命令五分钟系列之三十九
- 《神探tcpdump第四招》-linux命令五分钟系列之三十八
- 《神探tcpdump第三招》-linux命令五分钟系列之三十七
- 《神探tcpdump第二招》-linux命令五分钟系列之三十六
- 《神探tcpdump第一招》-linux命令五分钟系列之三十五