หน้าเว็บ

Tuesday, March 19, 2013

Enable or Disable SELinux

Command Line

  1. you can edit the /etc/sysconfig/selinux file. This file is a symlink to /etc/selinux/config.
    # This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#       enforcing - SELinux security policy is enforced.
#       permissive - SELinux prints warnings instead of enforcing.
#       disabled - SELinux is fully disabled.
SELINUX=permissive
# SELINUXTYPE= type of policy in use. Possible values are:
#       targeted - Only targeted network daemons are protected.
#       strict - Full SELinux protection.
SELINUXTYPE=targeted

# SETLOCALDEFS= Check local definition changes
SETLOCALDEFS=0
  2. you need to restart the machine for the change to take effect.

NOTE: Changes you make to files while SELinux is disabled may give them an unexpected security label, and new files will not have a label. You may need to relabel part or all of the file system after re-enabling SELinux.

GUI

  1. On the System menu, point to Administration and then click Security Level and Firewall to display the Security Level Configuration dialog box (You need administrator privileges).
  2. Click the SELinux tab.
  3. In the SELinux Setting select either Disabled, Enforcing or Permissive, and then click OK.
  4. If you changed from Enabled to Disabled or vice versa, you need to restart the machine for the change to take effect.
Refer to:redhat.com: Enable or Disable SELinux
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)