Difference between revisions of "SELinux"
Jump to navigation
Jump to search
(Created page with "see http://fedoraproject.org/wiki/SELinux Category:System Administration Category:Security") |
|||
| Line 1: | Line 1: | ||
| − | see http://fedoraproject.org/wiki/SELinux | + | see |
| + | * http://fedoraproject.org/wiki/SELinux | ||
| + | * http://www.nsa.gov/research/selinux/ | ||
| + | |||
| + | |||
| + | == Turning Off SELinux == | ||
| + | Temporarily turn off SELinux | ||
| + | <source lang="bash"> | ||
| + | echo 0 > /selinux/enforce | ||
| + | </source> | ||
| + | The file itself will be empty, but you'll see something in <code>/var/log/messages</code> | ||
| + | <pre> | ||
| + | dbus: avc: received setenforce notice (enforcing=0) | ||
| + | </pre> | ||
| + | |||
| + | Of course you can also turn it back on with "1" instead of "0". | ||
| + | |||
| + | This temporary change will not persist through a system reboot. You need to modify <code>/etc/selinux/config</code> to make permanent changes. | ||
| + | |||
| + | Annoyingly, if you check to see if selinux is enabled, it reports "enabled" even when it's temporarily disabled!? | ||
| + | |||
| + | <source lang="bash"> | ||
| + | selinuxenabled && echo enabled || echo disabled | ||
| + | </source> | ||
[[Category:System Administration]] | [[Category:System Administration]] | ||
[[Category:Security]] | [[Category:Security]] | ||
Latest revision as of 11:37, 2 April 2014
see
Turning Off SELinux[edit | edit source]
Temporarily turn off SELinux
echo 0 > /selinux/enforce
The file itself will be empty, but you'll see something in /var/log/messages
dbus: avc: received setenforce notice (enforcing=0)
Of course you can also turn it back on with "1" instead of "0".
This temporary change will not persist through a system reboot. You need to modify /etc/selinux/config to make permanent changes.
Annoyingly, if you check to see if selinux is enabled, it reports "enabled" even when it's temporarily disabled!?
selinuxenabled && echo enabled || echo disabled
