selinux 安全开启与关闭

修改/etc/sysconfig/selinux,将SELINUX设定为disable, 使用命令setenforce
0让selinux配置文件生效。

/etc/sysconfig/selinux配置文件

# This file controls the state of SELinux on the system.

# SELINUX= can take one of these three values:

#
enforcing - SELinux security policy is enforced.

#
permissive - SELinux prints warnings instead of enforcing.

#
disabled - SELinux is fully disabled.

SELINUX=enforcing

# enforcing 改为disabled
#
SELINUXTYPE= type of policy in use. Possible values are:

#
targeted - Only targeted network daemons are protected.

#
strict - Full SELinux protection.

SELINUXTYPE=targeted

Linux核心参数(Kernel Parameter)

或者在/boot/grub/menu.lst中修改核心参数后加上： selinux=0 （停止） 或 selinux=1
(开启）

/boot/grub/menu.lst配置文件

# grub.conf generated by anaconda

# Note that you do not have to rerun grub after making changes to
this file

# NOTICE: You do not have a /boot
partition. This means that

#
all kernel and initrd paths are relative to /, eg.

#
root (hd0,0)

#
kernel /boot/vmlinuz-version ro root=/dev/hda1

#
initrd /boot/initrd-version.img

#boot=/dev/hda

default=0

timeout=5

splashimage=(hd0,0)/boot/grub/splash.xpm.gz

hiddenmenu

title CentOS (2.6.9-78.EL)

root (hd0,0)

kernel /boot/vmlinuz-2.6.9-78.EL ro root=LABEL=/ rhgb quiet
selinux=0

initrd /boot/initrd-2.6.9-78.EL.img

检查SELinux当前况态

[root@info bash]# getenforce

Disabled

最后我发现修改了，并不能立即生效，我重启后才生效。