Wednesday, August 11, 2010

Disabling SELinux

How to disable SElinux?
SElinux is a security feature which was shipped with RHEL5, it is much secure than any other security priviously such as PAM and Initd

Here we are going to see some basics of SElinux.

Step1:Seeing whether SELinux is enabled or not ?

Step2:To see SELinux status in elaborated way you can use sestatus
SElinux status : enabled
SELinux mount : /selinux
Current mode : enforcing
Mode from config file : enforcing
Policy version : 21
Policy from config file : targeted

From the above output we can see that SElinux is enabled and its in enforced mode.
and to see detailed status you can use -b option, this will give which service are SElinux enabled and which services are disabled.

/etc/grub.conf and /etc/selinux/config

Step3:disabling SElinux
We can do it in two ways
1)Perminant way : edit /etc/selinux/config

change the status from enable to disable and selinux type from strict to targeted, after changes are made we have to restart, if the server's are in production and don't want to restart the server follow the temporary way of disabling it.

2)Temporary way : echo 0 > /selinux/enforceFor your info if you want to enable it again, try below commandecho 1 > /selinux/enforce.
Selinux is a vast subject and can not deal in one post, see for my other posts regarding Selinux.