How to Disable SELinux Temporarily or Permanently

Linux is regarded as one of the most secure operating systems you can use today, that is because of its illustrious security implementation features such as SELinux (Security-Enhanced Linux).

Disable SELinux in CentOS, RHEL and Fedora

Disable SELinux in CentOS, RHEL and Fedora

For starters, SELinux is described as a mandatory access control (MAC) security structure executed in the kernel. SELinux offers a means of enforcing some security policies which would otherwise not be effectively implemented by a System Administrator.

When you install RHEL/CentOS or several derivatives, the SELinux feature or service is enabled by default, due to this some applications on your system may not actually support this security mechanism. Therefore, to make such applications function normally, you have to disable or turn off SELinux.

Important: If you don’t want to disable SELinux, then you should read the following articles to implement some mandatory access control on files and services to function properly.

Don’t Miss: Setup Mandatory Access Control with SELinux in Linux

Don’t Miss: Implement Mandatory Access Control with SELinux and AppArmor in Linux

In this how-to guide, we shall walk through steps you can follow to check the status of SELinux and also disable SELinux in CentOS/RHEL and Fedora, in case it is enabled.

How Can I Disable SELinux in Linux

The first thing to do is to check the status of SELinux on your system, and you can do this by running the following command:

$ sestatus
Check Status of SELinux

Check Status of SELinux

Next, proceed to disabling SELinux on your system, this can be done temporarily or permanently depending on what you want to achieve.

Disable SELinux Temporarily

To disable SELinux temporarily, issue the command below as root:

# echo 0 > /selinux/enforce

Alternatively, you can use the setenforce tool as follows:

# setenforce 0

Else, use the Permissive option instead of 0 as below:

# setenforce Permissive

These methods above will only work until the next reboot, therefore to disable SELinux permanently, move to the next section.

Disable SELinux Permanently

To permanently disable SELinux, use your favorite text editor to open the file /etc/sysconfig/selinux as follows:

# vi /etc/sysconfig/selinux
SELinux Enforcing Mode

SELinux Enforcing Mode

Then change the directive SELinux=enforcing to SELinux=disabled as shown in the below image.

SELINUX=disabled
Disable SELinux Permanently

Disable SELinux Permanently

Then, save and exit the file, for the changes to take effect, you need to reboot your system and then check the status of SELinux using sestatus command as shown:

$ sestatus
Check SELinux Status

Check SELinux Status

In conclusion, we moved through the simple steps you can follow to disable SELinux on CentOS/RHEL and Fedora. There is nothing much to cover under this topic but additionally, finding out more about SELinux can prove helpful especially for those interested in exploring security features in Linux.

Best Affordable Linux and WordPress Services For Your Business
Outsource Your Linux and WordPress Project and Get it Promptly Completed Remotely and Delivered Online.

If You Appreciate What We Do Here On TecMint, You Should Consider:

  1. Stay Connected to: Twitter | Facebook | Google Plus
  2. Subscribe to our email updates: Sign Up Now
  3. Get your own self-hosted blog with a Free Domain at ($3.45/month).
  4. Become a Supporter - Make a contribution via PayPal
  5. Support us by purchasing our premium books in PDF format.
  6. Support us by taking our online Linux courses

We are thankful for your never ending support.

Aaron Kili

Aaron Kili is a Linux and F.O.S.S enthusiast, an upcoming Linux SysAdmin, web developer, and currently a content creator for TecMint who loves working with computers and strongly believes in sharing knowledge.

Your name can also be listed here. Got a tip? Submit it here to become an TecMint author.

RedHat RHCE and RHCSA Certification Book
Linux Foundation LFCS and LFCE Certification Preparation Guide

You may also like...

4 Responses

  1. 01101001b says:

    This article proved quite useful to me. Thank you!

  2. Mik says:

    Only me have that file in /etc/selinux/ instead?

  3. James Stone says:

    The only thing you left out is why. Why would you do this?

    • Aaron Kili says:

      @James

      This paragraph states the why bit: “When you install RHEL/CentOS or several derivatives, the SELinux feature or service is enabled by default, due to this, some applications on your system may not actually support this security mechanism. Therefore, to make such applications function normally, you have to disable or turn off SELinux.”

Leave a Reply to Mik Cancel reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.