SELinux stands for Security-Enhanced Linux, a set of security modules/policies are going to apply on the machine to increase the overall security of the server. In this, modules have been loaded into kernel while accessing files/services which improves security.
SELinux was introduced in RHEL5, and it is extra secure compared to PAM.
Enforcing – In this mode, the policy will be enforced. SELinux can prevent the system from being accessed by an application.
Permissive – In this mode, the SELinux will allow access, but everything events will be logged.
Disabled – In this mode, the SELinux is disabled.
Check the current status of SELinux.
You can use the below command.
In the above output, you can see SELinux is currently enabled and in Enforcing Mode.
The main reason for disabling SELinux is that some of the applications won’t work expected and may cause the disturbance to the functionality of the application.
You can use the setenforce command to disable SELinux temporarily. This setting will stay until you reboot the machine.
To disable permanently, you will need to edit the
/etc/selinux/config file and change the status from
enforcing to disabled.
Reboot the machine upon modifying the SELinux mode.
Check the SELinux status after reboot.