How to temporarily enable / disable SELinux enforcement at runtime?
-
To change modes from permissive (SELinux is running and logging but not controlling permissions) to enforcing (SELinux is running and enforcing policy):
Check the current mode:
# /usr/sbin/sestatus | grep -i mode Current mode: permissive Mode from config file: permissive
To enable, Change the runtime mode to enforcing:
# /usr/sbin/setenforce 1
Verify:
# /usr/sbin/sestatus | grep -i mode Current mode: enforcing Mode from config file: permissive
To disable, To change back to permissive mode and verify:
# /usr/sbin/setenforce 0 # /usr/sbin/sestatus | grep -i mode Current mode: permissive Mode from config file: permissive
© Lightnetics 2024