• Home
  • Linux
  • Ubuntu
  • Debian
  • CentOS
  • Linux Commands
  • About Us
  • Donate
TecNStuff
Menu
  • Home
  • Linux
  • Ubuntu
  • Debian
  • CentOS
  • Linux Commands
  • About Us
  • Donate

How to Disable SELinux on CentOS 8

Written by Admin, Updated On December 24, 2019
centos, security
How to Disable SELinux on CentOS 8

SELinux which is known as Security-Enhanced Linux, is a security feature embedded in the Linux kernel. It prevents from performing unauthorized tasks on the Linux system and add an additional security layer. This guide will help you to disable SELinux on CentOS 8.

SELinux policy rules defines that how the users interact with each other, processes and user interactaction with files. When there is no rule explicitly allowing access to an object, such as for a process opening a file, access is denied.

SELinux has three different operation modes:

  • Enforcing – It enforces default policies on the system and allows access based on SELinux policy rules.
  • Permissive – In this mode, policies will not be enforce. Only logs actions which violates when running in enforcing mode.
  • Disabled – This implies that SELinux is turn off. It will not load any policy not log messages.

By default, SELinux is enabled and in enforcing mode in CentOS 8. Usually, it’s recommend to keep it enable for security purpose. However, in some cases, you may be require to disable it or turn it off.

Prerequisites#

You must login as a root user or a user with sudo privileges to change the SELinux mode.

Check SELinux status#

First of all, check the status and the mode in which SELinux is running. Use sestatus and run below command:

sestatus
SELinux status:                 enabled
SELinuxfs mount:                /sys/fs/selinux
SELinux root directory:         /etc/selinux
Loaded policy name:             targeted
Current mode:                   enforcing
Mode from config file:          enforcing
Policy MLS status:              enabled
Policy deny_unknown status:     allowed
Memory protection checking:     actual (secure)
Max kernel policy version:      31

The above output shows that SELinux is enabled by default and in enforcing mode.

Disable SELinux (Temporarily)#

You can temporarily disable SELinux or change mode from targeted to permissive using below command:

sudo setenforce 0

Keep in mind that this changes will remain only for current session only. On reboot it will be reverted as it was.

You can permanently set the SELinux mode to permissive by performing below steps:

Open the /etc/selinux/config file and set the SELINUX mod to permissive:

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
SELINUX=permissive
# SELINUXTYPE= can take one of these three values:
#     targeted - Targeted processes are protected,
#     minimum - Modification of targeted policy. Only selected processes are protected. 
#     mls - Multi Level Security protection.
SELINUXTYPE=targeted

Save file and run the setenforce 0 command to change the SELinux mode for the current session:

Disable SELinux (Permanently)#

Follow the steps given below to disable SELinux on your CentOS 8 system permanently:

Open the /etc/selinux/config file and change the SELINUX value to disabled:

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#       enforcing - SELinux security policy is enforced.
#       permissive - SELinux prints warnings instead of enforcing.
#       disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of these three values:
#     targeted - Targeted processes are protected,
#     minimum - Modification of targeted policy. Only selected processes are protected. 
#     mls - Multi Level Security protection.
SELINUXTYPE=targeted

Save the file and reboot the system:

sudo shutdown -r now

After that, verify the SELinux status by running below command:

sestatus

It should show output as below:

SELinux status:                 disabled

Conclusion#

SELinux an additional layer of security by implementing policies that restrict users on what they can do on a system. However, it is not recommended to disable SELinux on CentOS 8 but you can change the mode to permissive.

If you have any question or suggestion, feel free to comment below.

If our content helps you, please consider buying us a coffee

Thank you for your support.

Share On
Share on Facebook
Share on Twitter
Share on Reddit
Share on Tumblr
 Previous Article How to use apt Command in Linux
Next Article   Sudo Command in Linux

Related Posts

  • How to Install Python 3.9 on CentOS 8

    How to Install Python 3.9 on CentOS 8

    December 31, 2020
  • How to Install GIMP 2.10 on CentOS 8

    How to Install GIMP 2.10 on CentOS 8

    December 30, 2020
  • How to Install Notepad++ on CentOS 8

    How to Install Notepad++ on CentOS 8

    December 26, 2020

Leave a Reply Cancel reply

Popular Posts

  • How to Install Python 3.9 on Debian 10
    How to Install Python 3.9 on Debian 10 December 25, 2020
  • How to Install Php 8 on Debian 10
    How to Install PHP 8 on Debian 10 January 2, 2021
  • How to Install Python 3.9 on CentOS 8
    How to Install Python 3.9 on CentOS 8 December 31, 2020
  • How to Install Php 8 on Ubuntu 20.04
    How to Install PHP 8 on Ubuntu 20.04 December 28, 2020
  • How to Install GIMP on Debian 10
    How to Install GIMP 2.10 on Debian 10 December 27, 2020
© 2020 TecNStuff All rights reserved. This website is using and storing cookies on your browser. By using this website you agree our Privacy Policy.  Follow us -  Twitter | Facebook