How to disable SELinux in CentOS 7
—
At first let’s to check status of SELinux. To check current state of SELinux and the SELinux policy that is used on your system, use the sestatus command:
sestatus
SELinux status: enabled
SELinuxfs mount: /sys/fs/selinux
SELinux root directory: /etc/selinux
Loaded policy name: targeted
Current mode: enforcing
Mode from config file: enforcing
Policy MLS status: enabled
Policy deny_unknown status: allowed
Max kernel policy version: 31
SELinuxfs mount: /sys/fs/selinux
SELinux root directory: /etc/selinux
Loaded policy name: targeted
Current mode: enforcing
Mode from config file: enforcing
Policy MLS status: enabled
Policy deny_unknown status: allowed
Max kernel policy version: 31
From the above output, it is clear that SELinux is turned on and set to forced mode.
If you want permanently disable SELinux on your CentOS 7 system, follow these steps:
1. open file /etc/selinux/config and set SELINUX mode disabled:
1. open file /etc/selinux/config and set SELINUX mode disabled:
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of these two values:
# targeted - Targeted processes are protected,
# mls - Multi Level Security protection.
SELINUXTYPE=targeted
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of these two values:
# targeted - Targeted processes are protected,
# mls - Multi Level Security protection.
SELINUXTYPE=targeted
2. Safe file and restart system Centos
sudo shutdown -r now
3. When system reload, please check your changings with sestatus command
sestatus
In the end you will see that Selinux disabled on your server
SELinux status: disabled