selinux 安全开启与关闭
2016-02-23 17:56
246 查看
修改/etc/sysconfig/selinux,将SELINUX设定为disable, 使用命令setenforce
0让selinux配置文件生效。
/etc/sysconfig/selinux配置文件
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#
enforcing - SELinux security policy is enforced.
#
permissive - SELinux prints warnings instead of enforcing.
#
disabled - SELinux is fully disabled.
SELINUX=enforcing
# enforcing 改为disabled
#
SELINUXTYPE= type of policy in use. Possible values are:
#
targeted - Only targeted network daemons are protected.
#
strict - Full SELinux protection.
SELINUXTYPE=targeted
Linux核心参数(Kernel Parameter)
或者在/boot/grub/menu.lst中修改核心参数后加上: selinux=0 (停止) 或 selinux=1
(开启)
/boot/grub/menu.lst配置文件
# grub.conf generated by anaconda
# Note that you do not have to rerun grub after making changes to
this file
# NOTICE: You do not have a /boot
partition. This means that
#
all kernel and initrd paths are relative to /, eg.
#
root (hd0,0)
#
kernel /boot/vmlinuz-version ro root=/dev/hda1
#
initrd /boot/initrd-version.img
#boot=/dev/hda
default=0
timeout=5
splashimage=(hd0,0)/boot/grub/splash.xpm.gz
hiddenmenu
title CentOS (2.6.9-78.EL)
root (hd0,0)
kernel /boot/vmlinuz-2.6.9-78.EL ro root=LABEL=/ rhgb quiet
selinux=0
initrd /boot/initrd-2.6.9-78.EL.img
检查SELinux当前况态
[root@info bash]# getenforce
Disabled
最后我发现修改了,并不能立即生效,我重启后才生效。
0让selinux配置文件生效。
/etc/sysconfig/selinux配置文件
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#
enforcing - SELinux security policy is enforced.
#
permissive - SELinux prints warnings instead of enforcing.
#
disabled - SELinux is fully disabled.
SELINUX=enforcing
# enforcing 改为disabled
#
SELINUXTYPE= type of policy in use. Possible values are:
#
targeted - Only targeted network daemons are protected.
#
strict - Full SELinux protection.
SELINUXTYPE=targeted
Linux核心参数(Kernel Parameter)
或者在/boot/grub/menu.lst中修改核心参数后加上: selinux=0 (停止) 或 selinux=1
(开启)
/boot/grub/menu.lst配置文件
# grub.conf generated by anaconda
# Note that you do not have to rerun grub after making changes to
this file
# NOTICE: You do not have a /boot
partition. This means that
#
all kernel and initrd paths are relative to /, eg.
#
root (hd0,0)
#
kernel /boot/vmlinuz-version ro root=/dev/hda1
#
initrd /boot/initrd-version.img
#boot=/dev/hda
default=0
timeout=5
splashimage=(hd0,0)/boot/grub/splash.xpm.gz
hiddenmenu
title CentOS (2.6.9-78.EL)
root (hd0,0)
kernel /boot/vmlinuz-2.6.9-78.EL ro root=LABEL=/ rhgb quiet
selinux=0
initrd /boot/initrd-2.6.9-78.EL.img
检查SELinux当前况态
[root@info bash]# getenforce
Disabled
最后我发现修改了,并不能立即生效,我重启后才生效。
相关文章推荐
- Linux 下DNS配置小结
- Linux netstat -tl 显示当前监听的…
- Linux 如何关闭及启用一个端口
- LINUX 设置开机时启动服务的方法
- linux下查看CPU.内存型号.pci 转自…
- 转载:Linux全攻略--DNS服务器配置…
- linux Tar 命令详解
- linux 默认语言选中文后中断出现乱…
- linux 命令 大全
- centos 配置DNS服务器
- 设置linux默认启动级别为文本
- linux下mysql(rpm)安装使用手册
- linux 系统软件安装与删除
- linux下如何挂载光驱
- linux下配置IP地址老是忘记怎么配…
- Centos Linux安装
- Linux常用命令大全
- CentOS 6.5下搭建NFS文件服务器
- pietty 指定私钥远程登陆linux主机问题
- CentOS 5/6上安装EPEL源