If you’re using RedHat or CentOS Linux distros (or sporting a Fedora Linux desktop), you probably have SELinux enabled by default. SELinux is a Security-Enhanced Linux – a framework for securely managing processes, users and files on your RedHat OS.
Confirm current SElinux mode
Just run the getenforce command to see what the story is. Most likely it will say “Enforcing” which is really good – means your OS is under solid protection:
[root@rhel8 ~]# getenforce
Enforcing
Temporarily Disable SELinux
If you need to disable SELinux just for a few minutes to debug some issue (mind you, there are better ways to debug than disabling SELinux!), you should use the setenforce command:
[root@rhel8 ~]# setenforce 0
As you can see, getenfore will now report that your system is running in a Permissive mode – not very safe:
[root@rhel8 ~]# getenforce
Permissive
IMPORTANT: This change won’t survive a reboot, so next time you restart your system it will come back with SELinux enabled and enforcing again.
Permanently Disable SELinux
If you’re serious about disabling SELinux altogether, you’ll have to do two things:
Update /etc/selinux/config file (change SELINUX=enforcing to SELINUX=disabled)
I'm a principal consultant with Tech Stack Solutions. I help with cloud architectrure, AWS deployments and automated management of Unix/Linux infrastructure. Get in touch!
SELinux
