How to change SELinux to permissive or disabled mode in Red Hat Enterprise Linux 5.x and 6.x
Environment
- Red Hat Enterprise Linux 5.x with SELinux in enforcing mode
- Red Hat Enterprise Linux 6.x with SELinux in enforcing mode
Issue
- How to disable selinux
Resolution
Note: To disable SELinux with a more invasive method, utilize option 'C' or 'D' Below. This will completely disable SELinux functions including file and process labeling
1. How to do it persistent:
- A. Using the graphical tool
system-config-securitylevel:
The tool system-config-securitylevel may be used to turn SELinux on or off by checking the Enabled tickbox. You will have to select the SELinux tab to see this option. The system must be rebooted for the change to take effect.
- B. Editing the config file:
SELinux may also be disabled by editing /etc/selinux/config or /etc/sysconfig/selinux and by setting the SELINUX value to be SELINUX=Disabled and rebooting the machine.
- C. Passing the proper parameter to the kernel boot options
SELinux may also be disabled by appending the line selinux=0 to the kernel boot options. A GRUB example may be as follows:
title Red Hat Enterprise Linux ES (2.6.18-128.11.1.el5)
root (hd0,0)
kernel /vmlinuz-2.6.18-128.11.1.el5 ro root=/dev/VolGroup00/LogVol00 rhgb quiet selinux=0
initrd /initrd-2.6.18-128.11.1.el5.img
- D. Adding the `selinux=0` to the anaconda's boot options (at install time.) Then installed files do not contain security contexts.
boot: linux selinux=0
You can do it by using the command:
$ getenforce
3. How to change from enforcing mode to permissive without rebooting
If for some reason a reboot is not possible, you can then set SELinux to permissive mode, in this way SELinux prints warnings instead of enforcing. You can do it by using:
$ setenforce 0
And you can set it back to enforcing mode by using:
$ setenforce 1
This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.