Introduction
SELinux is an acronym for Security-enhanced Linux. It is a security feature of the Linux kernel. It is designed to protect the server against misconfigurations and/or compromised daemons.
Prerequisites
-
Running Orbit
Enabling SELinux – Enforcing Mode
-
First open the config file in ‘etc/selinux/config’ using a text editor. Modify the ‘SELINUX’ value to permissive like the image below.
-
After enabling SELinux, reboot your system and SELinux will start indexing your files in Permissive Mode. You can check if any actions were denied by SELinux by checking ‘var/log/messages’. Once you have everything sorted out, you can switch to enforcing mode.
-
First open the config file in ‘etc/selinux/config’ using a text editor. Modify the ‘SELINUX’ value to enforcing like the image below.
-
After enabling SELinux, reboot your system. After reboot we can confirm that SELinux was successfully disabled by running ‘getenforce’ which should return disabled like the following image.
Enabling SELinux – Permissive Mode
-
First open the config file in ‘etc/selinux/config’ using a text editor. Modify the ‘SELINUX’ value to permissive like the image below.
-
After enabling SELinux, reboot your system and you should be good to go.
Disabling SELinux
-
First open the config file in ‘etc/selinux/config’ using a text editor. Modify the ‘SELINUX’ value from enabled to disabled like the image below.
-
After disabling SELinux, reboot your system. After reboot we can confirm that SELinux was successfully disabled by running ‘getenforce’ which should return disabled like the following image.