In this tutorial, we will show you how to disable SELinux on CentOS 7. For those of you who didn’t know, Security-Enhanced Linux (SELinux) is a Linux feature that provides the mechanism for supporting access control security policies. By default, when you installed the Linux operation system, The SELinux service is enabled, As some software does not support SELinux that the state is enabled, So you need to disable or turn off the SELinux config.
This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘
sudo‘ to the commands to get root privileges. I will show you step-by-step turning off or disabling SELinux on a CentOS 7.
- A server running one of the following operating systems: CentOS 7.
- It’s recommended that you use a fresh OS install to prevent any potential issues.
non-root sudo useror access to the
root user. We recommend acting as a
non-root sudo user, however, as you can harm your system if you’re not careful when acting as the root.
Disable SELinux on CentOS 7
Step 1. First, we need to see how SELinux is configured, issue the
### sestatus SELinux status: enabled SELinuxfs mount: /sys/fs/selinux SELinux root directory: /etc/selinux Loaded policy name: targeted Current mode: enforcing Mode from config file: enforcing Policy MLS status: enabled Policy deny_unknown status: allowed Max kernel policy version: 28
Step 2. Open SELinux configuration file.
$ nano /etc/sysconfig/selinux
Change “SELINUX=enforcing” to “SELINUX=disabled” and save the configuration file:
# This file controls the state of SELinux on the system. # SELINUX= can take one of these three values: # enforcing - SELinux security policy is enforced. # permissive - SELinux prints warnings instead of enforcing. # disabled - No SELinux policy is loaded. SELINUX=disabled # SELINUXTYPE= can take one of these two values: # targeted - Targeted processes are protected, # minimum - Modification of targeted policy. Only selected processes are protected. # mls - Multi Level Security protection. SELINUXTYPE=targeted
Step 3. Rebooting your Linux system to take effect.
After reboot, you can verify the status of SELinux. Issue “
sestatus” command to verify that SELinux permanently disabled:
### sestatus SELinux status: disabled
Congratulations! You have successfully disabled SELinux. Thanks for using this tutorial to disable SELinux CentOS 7 system. For additional help or useful information, we recommend you check the official CentOS website.