How to Disable SELinux on CentOS and Rocky Linux

⌘K
  2. Home
  4. Docs
  6. Security
  8. Operating System
  10. How to Disable SELinux on CentOS and Rocky Linux

Security-Enhanced Linux (SELinux) is a Linux kernel security module that provides a mechanism for supporting access control policies. While SELinux enhances system security, some applications or setups may require it to be disabled. This guide will explain how to disable SELinux on CentOS and Rocky Linux.

Warning

Disabling SELinux reduces the security of your system. Only disable it if absolutely necessary and ensure you have other security measures in place.

Step 1: Check Current SELinux Status

Before disabling SELinux, you should check its current status.

  1. Open a terminal.
  2. Run the following command:sestatusThis will display whether SELinux is enabled, its current mode (enforcing, permissive, or disabled), and configuration details.

Step 2: Temporarily Disable SELinux

If you want to disable SELinux temporarily (for the current session only):

  1. Use the following command to set SELinux to permissive mode:sudo setenforce 0This command changes SELinux to permissive mode but does not disable it entirely.
  2. Verify the change:sestatusThe mode should now be “permissive.”

Step 3: Permanently Disable SELinux

To permanently disable SELinux, you need to modify its configuration file.

  1. Open the SELinux configuration file in a text editor (e.g., nano):sudo nano /etc/selinux/config
  2. Locate the line that begins with SELINUX=. It will look something like this:SELINUX=enforcing
  3. Change the value to disabled:SELINUX=disabled
  4. Save the file and exit the editor.
    • In nano, press Ctrl+O, then Enter to save, and Ctrl+X to exit.
  5. Reboot the system to apply the changes:sudo reboot
  6. After the system restarts, verify that SELinux is disabled:sestatusThe status should indicate that SELinux is disabled.

Additional Notes

  • If you need SELinux in the future, you can re-enable it by editing the configuration file and setting SELINUX=enforcing or SELINUX=permissive, then rebooting the system.
  • Disabling SELinux is not recommended for production environments unless absolutely necessary.

By following these steps, you can successfully disable SELinux on CentOS and Rocky Linux. Always ensure you understand the implications of disabling SELinux and consider alternative solutions before proceeding.