How To Disable SELinux On RHEL/CentOS Temporarily Or Permanently

This comprehensive Linux guide expects that you run the following commands as root user but if you decide to run the commands as a different user then ensure that the user has sudo access and that you precede each of the privileged commands with sudo

Security-Enhanced Linux (SELinux) is a Linux kernel security module that provides a mechanism for supporting access control security policies, including mandatory access controls. SELinux is a set of kernel modifications and user-space tools that have been added to various Linux distributions.

On the installation of CentOS/RHEL, the SELinux is enabled by default due to which some of the softwares are not supported by the system security mechanism. So, if you want the system to support these softwares, you need to disable SELinux on your system. We will guide you to do so in this tutorial.

Table of Contents

Checking Current Status Of SELinux

You can check the current status of the SELinux by running the command below:

root@codesposts:~$ sestatus

SELinux status:                 enabled
SELinuxfs mount:                /sys/fs/selinux
SELinux root directory:         /etc/selinux
Loaded policy name:             targeted
Current mode:                   enforcing
Mode from config file:          enforcing
Policy MLS status:              enabled
Policy deny_unknown status:     allowed
Max kernel policy version:      31

Disabling SELinux Temporarily

You can run one of the following commands to disable the SELinux temporarily

root@codesposts:~$ echo 0 > /selinux/enforce
OR
root@codesposts:~$ setenforce 0
OR
root@codesposts:~$ setenforce Permissive

This will disable SELinux only for the current session (Temporarily). After a reboot, it will again be enabled automatically.

Disablilng SELinux Permanently

If you want to disable SELinux permanently, you can run the following command to edit /etc/sysconfig/selinux file.

root@codesposts:~$ vi /etc/sysconfig/selinux

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
SELINUX=enforcing
# SELINUXTYPE= can take one of three values:
#     targeted - Targeted processes are protected,
#     minimum - Modification of targeted policy. Only selected processes are protected.
#     mls - Multi Level Security protection.
SELINUXTYPE=targeted

Find SELinux=enforcing in the file and then change it to SELinux=disabled

Then Save and Exit the file. After that, you need to reboot your system.

Verifying The SELinux Status

Run the following command again to verify the status of SELinux on your system.

root@codesposts:~$ sestatus

SELinux status:                 disabled