How To Check SELinux Status (NO GUI)
Is it possible to run a command on the CLI to check the status of SELinux w/o having to run "system-config-securitylevel"?
|
cat /etc/sysconfig/selinux
|
Thanks!
I also found the command Code:
sestatus Thank you! |
Quote:
setenforce 0 'to disable setenforce 1 'to enable Very practical on a production server when you can't edit /etc/selinux/config and reboot the machine. Cheers, |
Quote:
|
No, setenforce is only valid up until the next boot (ie once you reboot the status will revert to system settings)
|
Quote:
1-Edit /etc/selinux/config and set the SELINUX variable to 'disabled' 2-Use the setenforce command to disable on-the-fly With solution 1, your changes are permanent but only effective if you reboot the machine. With solution 2, your changes are NOT permanent but effective immediately. Hope this clears it up :-). |
opinion
Ondough my opinion is selinux in grub is disabled by setting enforcing 0
my thinking say's to me it is Verry important, for to no sure reasons to set Code:
SELINUX=permissive Code:
SELINUXTYPE=# strict - Full SELinux protection. selinux takes a "long" time to relable the whole system whit a cup of coffee 8) Quote:
Code:
| ?!><!? | Quote:
|
To quickly check if SELinux is running use the following command.
Quote:
|
well it is such a hell to get vmware working again that i considert disabeling selinux fully
getenforce Disabled but relabeling is not an option on the disable option??? ??? ??? reboot is not relabeling!? i say to myself this is a forced way to MUST use SELinux remove selinux or you try yum remove akonadi or selinux? it try's to remove half the system!?? |
and what is national rational doing internationaly?
|
Quote:
Why would you want to disable or remove SELinux in the first place? It's put on the systems for a reason - to protect your data. I would first recommend simply learning the basics and keep your boxes running in "enforcing mode". If you absolutely *MUST* disable SELinux you can do so like this. The SELinux config file is here: Quote:
Quote:
* Please note * You don't have to relabel the OS once you disable SELinux and reboot. The system would automatically have to relabel the FS if you were to turn SELinux back on and reboot. Albeit if you *MUST* relabel the entire FS, I suggest using the trick similar to "forcefsck". Run this command and reboot: Quote:
|
Ok yankyou
|
Quote:
|
Quote:
Code:
getenforce |
All times are GMT -5. The time now is 05:25 AM. |