In this article, we will have explained the necessary steps to Disable SELinux on CentOS 8. Before continuing with this tutorial, make sure you are logged in as a user with sudo privileges. All the commands in this tutorial should be run as a non-root user.
SELinux, also known as Security-Enhanced Linux. SELinux mainly used to control access to files, users, applications and network resources in the Linux. It allows access to files, users, etc. following SELinux rules. In the CentOS system, SELinux by default enabled.
SELinux has three modes:
- Enforcing – This is SELinux’s default installation at Installation. It enforces default policies on the system, logs actions, and denies access to some services.
- Permissive – In this mode, policies will not be enforced, but violations will be logged and a warning triggered
- Disabled – As the name suggests, this implies that SELinux is turned off and security polices will no longer protect the server.
Disable SELinux on CentOS 8
Step 1. The first command will update the package lists to ensure you get the latest version and dependencies.
sudo dnf update
Step 2. Checking the Current Status and Mode of SELinux.
Use the sestatus command to check the status and the mode in which SELinux is running:
sestatus
SELinux status: enabled SELinuxfs mount: /sys/fs/selinux SELinux root directory: /etc/selinux Loaded policy name: targeted Current mode: enforcing Mode from config file: enforcing Policy MLS status: enabled Policy deny_unknown status: allowed Max kernel policy version: 36
Step 3. Temporarily Disable SELinux on CentOS.
You can run the following command to set SELinux to permissive mode temporarily:
sudo setenforce 0
Verify the change with the sestatus command:
sestatus
SELinux status: disabled
Step 4. Permanently Disable SELinux on CentOS 8.
To permanently disable SELinux on your CentOS system, follow the steps below:
nano /etc/selinux/config
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of these two values:
# targeted - Targeted processes are protected,
# mls - Multi Level Security protection.
SELINUXTYPE=targeted
Now reboot your system running below command to make changes permanent:
sudo shutdown -r now
When the system is booted, use the sestatus command to verify that SELinux has been disabled:
sestatus
SELinux status: disabled
Congratulation, you have learned how to Disable SELinux on CentOS 8. If you have any question, please leave a comment below.