In this article, we will have explained the necessary steps to Disable SELinux on CentOS 7. Before continuing with this tutorial, make sure you are logged in as a user with sudo privileges. All the commands in this tutorial should be run as a non-root user.
SELinux stands for Security Enhanced Linux. SELinux mainly used to control access to files, users, applications and network resources in the Linux. It allows access to files, users, etc. following SELinux rules. In the CentOS system, SELinux by default enabled.
SELinux has three modes:
- Enforcing: SELinux allows access based on SELinux policy rules.
- Permissive: SELinux only logs actions that would have been denied if running in enforcing mode.
- Disabled: No SELinux policy is loaded.
Disable SELinux on CentOS
Step 1. The first command will update the package lists to ensure you get the latest version and dependencies.
sudo yum install epel-release sudo yum update
Step 2. Checking the Current Status and Mode of SELinux.
Run the following command to check the current status and mode of SELinux:
SELinux status: enabled SELinuxfs mount: /sys/fs/selinux SELinux root directory: /etc/selinux Loaded policy name: targeted Current mode: enforcing Mode from config file: enforcing Policy MLS status: enabled Policy deny_unknown status: allowed Max kernel policy version: 46
Step 3. Temporarily Disable SELinux on CentOS.
You can run the following command to set SELinux to permissive mode temporarily:
sudo setenforce 0
Verify the change with the sestatus command:
SELinux status: disabled
Step 4. Permanently Disable SELinux on CentOS 7.
To permanently disable SELinux on your CentOS system, follow the steps below:
# This file controls the state of SELinux on the system. # SELINUX= can take one of these three values: # enforcing - SELinux security policy is enforced. # permissive - SELinux prints warnings instead of enforcing. # disabled - No SELinux policy is loaded. SELINUX=disabled # SELINUXTYPE= can take one of these two values: # targeted - Targeted processes are protected, # mls - Multi Level Security protection. SELINUXTYPE=targeted
Now reboot your system running below command to make changes permanent:
After reboot process completes, check the SELinux status by running the following command:
SELinux status: disabled
Congratulation, you have learned how to Disable SELinux on CentOS 7. If you have any question, please leave a comment below.