CentOS7中关闭selinux
时间:2015-06-18 12:20来源:linux.it.net.cn 作者:IT
在安装Cobbler和Puppet时需要关闭selinux,但是通常情况下载安装完CentOS7后,默认情况下SElinux是启用状态,
如下所示:
-
[root@rdo ~]# sestatus
-
SELinux status: enabled
-
SELinuxfs mount: /sys/fs/selinux
-
SELinux root directory: /etc/selinux
-
Loaded policy name: targeted
-
Current mode: enforcing
-
Mode from config file: enforcing
-
Policy MLS status: enabled
-
Policy deny_unknown status: allowed
-
Max kernel policy version: 28
1、如果要临时关闭,可以执行
此时的状态如下
-
[root@rdo ~]# sestatus
-
SELinux status: enabled
-
SELinuxfs mount: /sys/fs/selinux
-
SELinux root directory: /etc/selinux
-
Loaded policy name: targeted
-
Current mode: permissive
-
Mode from config file: enforcing
-
Policy MLS status: enabled
-
Policy deny_unknown status: allowed
-
Max kernel policy version: 28
2、如果要永久关闭,可以修改配置文件/etc/selinux/config,将SELINU置为disabled。
-
[root@rdo ~]# cat /etc/selinux/config
-
-
# This file controls the state of SELinux on the system.
-
# SELINUX= can take one of these three values:
-
# enforcing - SELinux security policy is enforced.
-
# permissive - SELinux prints warnings instead of enforcing.
-
# disabled - No SELinux policy is loaded.
-
#SELINUX=enforcing
-
SELINUX=disabled
-
# SELINUXTYPE= can take one of three two values:
-
# targeted - Targeted processes are protected,
-
# minimum - Modification of targeted policy. Only selected processes are protected.
-
# mls - Multi Level Security protection.
-
SELINUXTYPE=targeted
修改该配置文件也可以执行下面的命令来完成
-
sed -i '/SELINUX/s/enforcing/disabled/' /etc/selinux/config
修改完成后,保存重启,重启后状态如下:
-
[root@rdo ~]# sestatus
-
SELinux status: disabled
-
(责任编辑:IT) |
------分隔线----------------------------