How To Disable SELinux on CentOS 7

SELinux stands for Security-Enhanced Linux, a set of security modules/policies are going to apply on the machine to increase the overall security of the server. In this, modules have been loaded into kernel while accessing files/services which improves security.

SELinux was introduced in RHEL5, and it is extra secure compared to PAM.

SELinux Modes

Enforcing – In this mode, the policy will be enforced. SELinux can prevent the system from being accessed by an application.

Permissive – In this mode, the SELinux will allow access, but everything events will be logged.

Disabled – In this mode, the SELinux is disabled.

SELinux Status

Check the current status of SELinux.

getenforce

OR

You can use the below command.

sestatus

In the above output, you can see SELinux is currently enabled and in Enforcing Mode.

Disable SELinux

The main reason for disabling SELinux is that some of the applications won’t work expected and may cause the disturbance to the functionality of the application.

Temporary

You can use the setenforce command to disable SELinux temporarily. This setting will stay until you reboot the machine.

setenforce 0

Permanent

To disable permanently, you will need to edit the /etc/selinux/config file and change the status from
enforcing to disabled.

vi /etc/selinux/config

Change From:

SELINUX=enforcing

To:

SELINUX=disabled

Reboot the machine upon modifying the SELinux mode.

reboot

Check the SELinux status after reboot.

getenforce

Conlcusion

That’s All. You have successfully disabled SELinux on CentOS 7. Please share your feeedback in comments section.