There is a Linux kernel module that protects your system from security issues. It allows Linux users to have better control of their systems. It is called SELinux (Security-Enhanced Linux).
With SELinux, administrators, and users specify the policy rules that control how processes running on the system and users interact with each other. Besides, the SELinux also rules the way how users and processes interact with files.
Here at LinuxAPT, as part of our Server Management Services, we regularly help our customers to perform related SELinux queries on Linux systems.
In this context, we shall look into how to disable SELinux on CentOS 7.
By default, SELinux is enabled in enforcing mode on CentOS 7. It's highly recommended to enable the SELinux and keep it running in enforcing mode. However, in some cases, you need to set the SELinux in the permissive mode or disable it.
In order to check whether the SELinux is enabled or not? Let's run the following commands:
$ sudo sestatus
You can simply change the mode of SELinux from enforcing to permissive by running the following command:
$ sudo setenforce 0
The above command only affects the current session. In order to disable the SELinux permanently, you need to edit /etc/selinux/config file:
SELINUX=disabled
Now, reboot your CentOS system then check the SELinux status again:
$ sudo sestatus
This article covers method to permanently disable SELinux on CentOS 7. SELinux, also known as Security-Enhanced Linux, is a security feature embedded in the Linux kernel. SELinux leverages Mandatory Access controls (MAC) to confine users to certain rules and policies and prevents them from performing unauthorized tasks on the Linux system as specified by the IT administrator
To Check SELinux status, simply run the command:
# sestatus