Security is an important part of the server. However, small and personal projects can sacrifice a bit of security. In the case of a Linux operating system, many systems are very security heavy. For example, CentOS 7 and RHEL are both considered the safest versions thanks to SELinux multi-level protection system.
However, sometimes the protection policy is too strong to affect daily work. That is why many people feel that some security measures are disabled. In this article, we will show you how to disable SELinux CentOS 7 (disable SELinux).
What is SELinux?
SELinux is a security feature that restricts access to certain modules of the Kernel. CentOS 7 and RHEL deploy it by default to create yet another layer of security on top of the system. It can also be installed on other Linux distributions, Debian. SELinux is managed through rules called policies, which restrict or allow certain applications to access important components of the system.
The problem is that creating these policies is very difficult.
SELinux currently has 3 states:
- Enforcing status blocks all unauthorized access. In this state, SELinux is turned on.
- The Permissive SELinux status will issue a warning. Unlike the first state, this state allows access but displays a warning. prints warnings. Unlike the first state, this state allows unauthorized access but shows a warning
- Disable SELinux status means this feature is disabled and any unauthorized access is possible without any warning being given.
Now that we know how SELinux works, we should know if we should disable it.
Disable SELinux CentOS 7
You can disable SELinux temporarily or permanently. Each has its own benefits. Disabling temporarily will help us know what the system will be like without this security layer. After the device is rebooted, SELinux will be reactivated.
Also, if we deactivate SELinux permanently, we can focus on our small and medium projects faster. One thing to keep in mind is that at this point, most Linux distros have good security policies, so losing a feature will still be acceptable.
In this article, we will show you both ways to disable SELinux CentOS 7.
Disable SELinux temporarily on CentOS 7
First, you need to access the server via SSH. If you are wondering what it is and how to use it, please consult our SSH documentation ! Run the following command:
ssh your-user @ your-server
Also, if you are using CentOS on a personal computer, you only need to open a terminal instead of using SSH
We will then need to check the status of SELinux. Very simple, you just need to use the following command:
It will result in SELinux being activated with enforcing mode
To disable SELinux temporarily, type the following commands:
You can then check the status of SELinux again.
The result will show up that SELinux is in the permissive state, which means we can use the system more easily.
Because it is temporarily disabled, after rebooting, SELinux will be rebooted and activated. The advantage of this method is that you can use it immediately without having to restart the computer.
Disable SELinux permanently on CentOS 7
To permanently disable SELinux CentOS 7, you will need to specify a little configuration file.
First, install nano text editor:
yum install nano
Then edit the SELinux configuration file with the following command:
nano / etc / sysconfig / selinux
We will edit the value of SELINUX. This file has specific instructions and shows what value we can assign. Each value will apply to each SELinux mode
In case we need to disable it completely, you only need to set the value to Disabled .
SELINUX = disabled
Then you need to save this file by pressing CTRL + O and close it by pressing CTRL + X . For it to work properly, we also need to reboot. You can then check the SELinux mode with the following command:
As a result, you will see that SELinux has been disabled in CentOS 7.
SELinux is a great tool for CentOS 7. However, for many people it can be quite annoying and inconvenient. If you feel it is necessary to disable SELinux CentOS to be more convenient, you need to know what the exact risk is and accept it. Understanding the system and controlling what you are doing is the first condition.
In this article, we have shown you how to disable SELinux CentOS 7 temporarily and permanently. We hope this article was helpful for you!Read more :