Disable SELinux CentOS 6

You need to be aware that by disabling SELinux you will be removing a security mechanism on your CentOS system. Think about this carefully, and if your system is on the Internet and accessed by the public, then think about it some more.

Applications should be fixed to work with SELinux, rather than disabling the OS security mechanism.

You could even switch to Permissive mode where every operation is allowed. Operations that would be denied are allowed and a message is logged identifying that it would be denied.

If you really need to disable SELinux on CentOS 6 please consider the following:

SELinux Warning

# vi /etc/selinux/config

Change SELINUX=enforcing

1
2
3
4
5
6
7
8
9
10
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
SELINUX=enforcing
# SELINUXTYPE= can take one of these two values:
#     targeted - Targeted processes are protected,
#     mls - Multi Level Security protection.
SELINUXTYPE=targeted

to SELINUX=disabled

1
2
3
4
5
6
7
8
9
10
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#       enforcing - SELinux security policy is enforced.
#       permissive - SELinux prints warnings instead of enforcing.
#       disabled - SELinux is fully disabled.
SELINUX=disabled
# SELINUXTYPE= type of policy in use. Possible values are:
#       targeted - Only targeted network daemons are protected.
#       strict - Full SELinux protection.
SELINUXTYPE=targeted

This will disable SELinux on your next reboot.

To diable SELinux, without having to reboot, you can use the setenforce command like so:

# setenforce 0

This will revert to enforcing once you reboot

Advertisements
%d bloggers like this: