4. How to temporarily enable / disable SELinux enforcement at runtime?

How to temporarily enable / disable SELinux enforcement at runtime?


  • To change modes from permissive (SELinux is running and logging but not controlling permissions) to enforcing (SELinux is running and enforcing policy):

    Check the current mode:

    # /usr/sbin/sestatus | grep -i mode
Current mode:                   permissive
Mode from config file:          permissive

    To enable, Change the runtime mode to enforcing:

    # /usr/sbin/setenforce 1

    Verify:

    # /usr/sbin/sestatus | grep -i mode
Current mode:                   enforcing
Mode from config file:          permissive

    To disable, To change back to permissive mode and verify:

    # /usr/sbin/setenforce 0
# /usr/sbin/sestatus | grep -i mode
Current mode:                   permissive
Mode from config file:          permissive
linux 595
Log in to reply
 

© Lightnetics 2024