How to disable selinux on Centos7 machine without reboot/restart ?
How to disable selinux on Centos machine without reboot/restart ?
In this article we will explain how to disable selinux on Centos 7 machine without server restart/reboot.
You can check if “selinux” is enabled , by using following command
|
1
2
3
4
5
|
[root@testlocal ~]# getenforce
Enforcing
[root@testlocal ~]#
|
In the above example , selinux is enabled on the machine
Now we will disable it by running following command
|
1
2
3
|
[root@testlocal ~]# setenforce 0
|
Now check again
|
1
2
3
4
5
|
[root@testlocal ~]# getenforce
Permissive
[root@testlocal ~]#
|
You can see that selinux is disabled now. This change is not permanent. ie, this will go away during next systsem restart/reboot. So let us make this change permanent
Open file /etc/sysconfig/selinux using vi editor
|
1
2
3
|
vi /etc/sysconfig/selinux
|
Comment out following line
|
1
2
3
|
SELINUX=enforcing
|
Add the following line
|
1
2
3
|
SELINUX=disabled
|
After making the changes, file will be like following
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
|
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing – SELinux security policy is enforced.
# permissive – SELinux prints warnings instead of enforcing.
# disabled – No SELinux policy is loaded.
#SELINUX=enforcing
SELINUX=disabled
# SELINUXTYPE= can take one of three two values:
# targeted – Targeted processes are protected,
# minimum – Modification of targeted policy. Only selected processes are protected.
# mls – Multi Level Security protection.
SELINUXTYPE=targeted
|
Then, save and exit the file. This way we ensure that “selinux” will be disabled even after the next server reboot.