How to disable SELinux
Last updated on December 1, 2020 by Dan Nanni
Security-Enhanced Linux (SELinux) is a set of kernel enhancements and user-space tools to enforce mandatory access control and security policies. When SELinux is enabled on your system, there may be cases where you would like to turn off SELinux temporarily, for example when you are experimenting with Apache or NFS server, and SELinux gets in the way, blocking necessary port access.
Disable SELinux Temporarily
To disable SELinux temporarily, run the following command:
$ sudo sh -c 'echo 0 > /selinux/enforce'
or alternatively:
$ sudo setenforce 0
Note that you can use echo 1 > /selinux/enforce or setenforce 1 to re-enable SELinux.
Disable SELinux Permanently with /etc/selinux/config
The above configuration will not survive the reboot. If you want to turn off SELinux permanently for good, edit /etc/selinux/config file as follows.
$ sudo vi /etc/selinux/config
SELINUX=permissive (or disabled)
Finally, reboot the machine to activate the change.
$ sudo reboot
Note that when you are disabling SELinux using /etc/selinux/config, there are two different options that you can use: permissive and disabled. In permissive mode, security policies are no longer enforced, but violations are still logged. In disabled mode, SELinux is completely switched off, and no violation is logged.
Disable SELinux Permanently with GRUB
If you cannot find /etc/selinux/config on your system, you can disable SELinux permanently by adding selinux=0 to /boot/grub/grub.conf as follows. In this case, Grub Boot Loader will pass the kernel parameter selinux=0 to the kernel at boot time, and SELinux will remain disabled permanently upon boot.
$ sudo vi /boot/grub/grub.conf
# grub.conf generated by anaconda
#
default=0
timeout=5
splashimage=(hd0,0)/grub/splash.xpm.gz
hiddenmenu
title CentOS (2.6.18-238.9.1.el5)
root (hd0,0)
kernel /vmlinuz-2.6.18-238.9.1.el5 ro root=LABEL=/ selinux=0
initrd /initrd-2.6.18-238.9.1.el5.img
title CentOS (2.6.18-164.9.1.el5)
root (hd0,0)
kernel /vmlinuz-2.6.18-164.9.1.el5 ro root=LABEL=/ selinux=0
initrd /initrd-2.6.18-164.9.1.el5.img
title CentOS (2.6.18-164.el5)
root (hd0,0)
kernel /vmlinuz-2.6.18-164.el5 ro root=LABEL=/ selinux=0
initrd /initrd-2.6.18-164.el5.img
Support Xmodulo
This website is made possible by minimal ads and your gracious donation via PayPal or credit card
Please note that this article is published by Xmodulo.com under a Creative Commons Attribution-ShareAlike 3.0 Unported License. If you would like to use the whole or any part of this article, you need to cite this web page at Xmodulo.com as the original source.
Xmodulo © 2021 ‒ About ‒ Write for Us ‒ Feed ‒ Powered by DigitalOcean