HowTo: Disable SELinux

SELinux is an access control tool that is installed and activated by default in such Linux distributions like RHEL (Red Hat Enterprise Linux), CentOS and Fedora.

If you’ve setup a new system, or installed some new application and it is not working, then you have to check SELinux, because it may be the cause of the problem.

In this article you’ll learn how to check the current status of SELinux, how to disable or enable SELinux temporarily or permanently.

Check the Status of SELinux

Run the following command to check if SELinux is running:

# getenforce

getenforce reports whether SELinux is Enforcing, Permissive, or Disabled.

Disable SELinux Temporarily

The following modifications are temporary and they will be gone after reboot.

Turn OFF SELinux Temporarily

Use the following command to disable SElinux temporarily.

# setenforce 0

Turn ON SELinux Temporarily

Use the following command to enable SElinux temporarily.

# setenforce 1

Disable SELinux Permanently

From the command line, edit the /etc/selinux/config file.

$ cat /etc/selinux/config
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of these two values:
#     targeted - Targeted processes are protected,
#     mls - Multi Level Security protection.
SELINUXTYPE=targeted

Turn OFF SELinux Permanently

Change the SELINUX= line in /etc/selinux/config file to:

SELINUX=disabled

Turn ON SELinux Permanently

Change the SELINUX= line in /etc/selinux/config file to:

SELINUX=enforcing