How To Disable or Enable Selinux Temporarily or Permanently?

I have fedora desktop. I want to run some services but I get error about selinux. How can I disable selinux?

Selinux is a security mechanism used generally linux systems. It has support from linux kernel. Selinux create context for specified services, applications and users. Prevent these to access unrelated or unsecure part of the linux systems. In this tutorial we will look how to disable and enable selinux temporary or persistently.

Get Status Of SELinux

Before enabling or disabling selinux status listing current status is very useful. We can use sestatus command which will show wether selinux is enabled or disabled.

Get Status Of SELinux
Get Status Of SELinux

If the sestatus is not installed we can install it in Ubuntu, Debian, Kali, Mint with the following command.

$ sudo apt install policycoreutils

Disable SELinux Temporarily

We can disable SELinux in two mode. We can disable SELinux temporarily with the setenforce command . This type of command will be effective up to reboot. After reboot configured settings will be effective.

$ setenforce 0
Disable SELinux Temporarily
Disable SELinux Temporarily

Disable SELinux Persistently

We can disable SELinux persistenly by changing /etc/selinux/config 

Open file with nano. We need to be root to edit this file.

$ nano /etc/selinux/config

We will se following lines. To disable SELinux SELINUX=disabled 

After this please reboot the system.

# This file controls the state of SELinux on the system. 
# SELINUX= can take one of these three values: 
#     enforcing - SELinux security policy is enforced. 
#     permissive - SELinux prints warnings instead of enforcing. 
#     disabled - No SELinux policy is loaded. 
# SELINUXTYPE= can take one of three two values: 
#     targeted - Targeted processes are protected, 
#     minimum - Modification of targeted policy. Only selected processes are protected. 
#     mls - Multi Level Security protection. 

Enable SELinux Temporarily

We can enable SELinux temporarily which will effect up to reboot with setenforce 1 command which is the reverse of disable command.

$ setenforce 1

Enable SELinux Persistently

Similar to the disable we will change above configuration file SELINUX=enforcing

LEARN MORE  Linux "X11 Connection Rejected Because of Wrong Authentication" Error and Solution


How To Disable or Enable Selinux Temporarily or Permanently Infografic

Leave a Comment