SELinux 是Linux特有的安全机制。因为这种机制的限制太多,配置也特别繁琐,所以几乎没人真正应用它。安装完系统,我们一般都要把SELinux关闭
1、临时关闭的方法
# setenforce 0
但这只是临时的,要永久关闭需要更改配置文件:“ /etc/selinux/config ”,要把 SELINUX=enforcing 改成 SELINUX=disabled
更改后的内容如下:
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - SELinux is fully disabled.
SELINUX=disabled
# SELINUXTYPE= type of policy in use. Possible values are:
# targeted - Only targeted network daemons are protected.
# strict - Full SELinux protection.
SELINUXTYPE=targeted
更改玩配置文件后,重启系统方可生效。可使用 getenforce 命令查看当前 SELinux 的状态,如下所示
#getenforce
Disabled