RHEL 7关闭防火墙及SElinux

Red Hat Enterprise Linux 7关闭防火墙及SElinux

一、关闭防火墙

1. 先查看防火墙状态

[root@db1 ~]#systemctl status firewalld

firewalld.service - firewalld - dynamic firewall daemon

   Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled)

   Active: active (running) since 三 2017-10-11 15:31:32 CST; 2min 20s ago

 Main PID: 809 (firewalld)

   CGroup: /system.slice/firewalld.service

           └─809 /usr/bin/python -Es /usr/sbin/firewalld --nofork --nopid

10月 11 15:32:32 db1 systemd[1]: Started firewalld - dynamic firewall daemon.

2. 关闭防火墙

[root@db1 ~]#systemctl stop firewalld

[root@db1 ~]#systemctl status firewalld

firewalld.service - firewalld - dynamic firewall daemon

   Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled)

   Active: inactive (dead)

10月 11 23:31:18 db1 systemd[1]: Starting firewalld - dynamic firewall dae.....

10月 11 15:31:32 db1 systemd[1]: Started firewalld - dynamic firewall daemon.

10月 11 15:34:54 db1 systemd[1]: Stopping firewalld - dynamic firewall dae.....

10月 11 15:34:55 db1 systemd[1]: Stopped firewalld - dynamic firewall daemon.

3. 查看防火墙服务是否开机启动

[root@db1 ~]#systemctl is-enabled firewalld

enabled  #开启

4. 关闭防火墙开机启动

[root@db1 ~]#systemctl disable firewalld

rm '/etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service'

rm '/etc/systemd/system/basic.target.wants/firewalld.service'

[root@db1 ~]#systemctl is-enabled firewalld

disabled

二、关闭SELinux

1. 查看当前SELinux状态

[root@db1 ~]#getenforce

Enforcing

2. 关闭SElinux

[root@db1 ~]# getenforce 0

[root@db1 ~]# getenforce

Permissive

3. 编辑配置文件

[root@db1 ~]#vim /etc/selinux/config

# This file controls the state of SELinux on the system.

# SELINUX= can take one of these three values:

#     enforcing - SELinux security policy is enforced.

#     permissive - SELinux prints warnings instead of enforcing.

#     disabled - No SELinux policy is loaded.

SELINUX=permissive    #修改此参数

# SELINUXTYPE= can take one of three two values:

#     targeted - Targeted processes are protected,

#     minimum - Modification of targeted policy. Only selected processes are protected. 

#     mls - Multi Level Security protection.

#SELINUXTYPE=targeted  #注释此行

转载于:https://blog.51cto.com/huazhixu123/1971452