Monday, April 23, 2012

HowTo: Temporarily Switch Off SELinux Enforcement

How do I temporarily switch off SELinux enforcement under Red Hat Enterprise Linux server version 6.x using command prompt? How do I turn on SELinux enforcement again?

SELinux can be any one of the following mode at any given time:
  1. enforcing : SELinux security policy is enforced.
  2. permissive : SELinux prints warnings instead of enforcing.
  3. disabled : SELinux is fully disabled.
You can use /selinux/enforce file to temporarily switch off SELinux enforcement on or off (i.e. set in permissive mode) using the following syntax.

Temporarily switch off SELinux enforcement

Type the following command as root user:
# echo 0 >/selinux/enforce
Type the following command to see current status, enter:
# sestatus
Sample outputs:
SELinux status:                 enabled
SELinuxfs mount:                /selinux
Current mode:                   permissive
Mode from config file:          enforcing
Policy version:                 24
Policy from config file:        targeted

Temporarily switch on SELinux enforcement

Type the following command as root user:
# echo 1 >/selinux/enforce
Type the following command to see current status, enter:
# sestatus
Sample outputs:
SELinux status:                 enabled
SELinuxfs mount:                /selinux
Current mode:                   enforcing
Mode from config file:          enforcing
Policy version:                 24
Policy from config file:        targeted


Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)