CNIC Information System with Pakdata Cf In Pakistan
4 effective methods to disable se linux temporarily or permanently
1. 4
EffecGve
Methods
to
Disable
SELinux
Temporarily
or
Permanently h`p://www.thegeekstuff.com/2009/06/how-‐to-‐disable-‐selinux...
Home
About
Free
eBook
Archives
Best
of
the
Blog
Contact
4
Effec've
Methods
to
Disable
SELinux
Temporarily
or
Permanently
by
Ramesh
Natarajan
on
June
1,
2009
4 Like 6 Tweet 2
On
some
of
the
Linux
distribuGon
SELinux
is
enabled
by
default,
which
may
cause
some
unwanted
issues,
if
you
don’t
understand
how
SELinux
works
and
the
fundamental
details
on
how
to
configure
it.
I
strongly
recommend
that
you
understand
SELinux
and
implement
it
on
your
environment.
But,
unGl
you
understand
the
implementaGon
details
of
SELinux
you
may
want
to
disable
it
to
avoid
some
unnecessary
issues.
To
disable
SELinux
you
can
use
any
one
of
the
4
different
methods
menGoned
in
this
arGcle.
The
SELinux
will
enforce
security
policies
including
the
mandatory
access
controls
defined
by
the
US
Department
of
Defence
using
the
Linux
Security
Module
(LSM)
defined
in
the
Linux
Kernel.
Every
files
and
process
in
the
system
will
be
tagged
with
specific
labels
that
will
be
used
by
the
SELinux.
You
can
use
ls
-‐Z
and
view
those
labels
as
shown
below.
# ls -Z /etc/
-rw-r--r-- root root system_u:object_r:etc_t:s0 a2ps.cfg
-rw-r--r-- root root system_u:object_r:adjtime_t:s0 adjtime
-rw-r--r-- root root system_u:object_r:etc_aliases_t:s0 aliases
drwxr-x--- root root system_u:object_r:auditd_etc_t:s0 audit
drwxr-xr-x root root system_u:object_r:etc_runtime_t:s0 blkid
drwxr-xr-x root root system_u:object_r:bluetooth_conf_t:s0 bluetooth
drwx------ root root system_u:object_r:system_cron_spool_t:s0 cron.d
-rw-rw-r-- root disk system_u:object_r:amanda_dumpdates_t:s0 dumpdates
Method
1:
Disable
SELinux
Temporarily
To
disable
SELinux
temporarily
you
have
to
modify
the
/selinux/enforce
file
as
shown
below.
Please
note
that
this
se^ng
will
be
gone
a_er
the
reboot
of
the
system.
1
of
7 18
Apr
12
7:24
pm
2. 4
EffecGve
Methods
to
Disable
SELinux
Temporarily
or
Permanently h`p://www.thegeekstuff.com/2009/06/how-‐to-‐disable-‐selinux...
# cat /selinux/enforce
1
# echo 0 > /selinux/enforce
# cat /selinux/enforce
0
You
can
also
use
setenforce
command
as
shown
below
to
disable
SELinux.
Possible
parameters
to
setenforce
commands
are:
Enforcing
,
Permissive,
1
(enable)
or
0
(disable).
# setenforce 0
Method
2:
Disable
SELinux
Permanently
To
disable
the
SELinux
permanently,
modify
the
/etc/selinux/config
and
set
the
SELINUX=disabled
as
shown
below.
One
you
make
any
changes
to
the
/etc/selinux/config,
reboot
the
server
for
the
changes
to
be
considered.
# cat /etc/selinux/config
SELINUX=disabled
SELINUXTYPE=targeted
SETLOCALDEFS=0
Following
are
the
possible
values
for
the
SELINUX
variable
in
the
/etc/selinux/config
file
enforcing
–
The
Security
Policy
is
always
Encoforced
permissive
-‐
This
just
simulates
the
enforcing
policy
by
only
prinGng
warning
messages
and
not
really
enforcing
the
SELinux.
This
is
good
to
first
see
how
SELinux
works
and
later
figure
out
what
policies
should
be
enforced.
disabled
-‐
Completely
disable
SELinux
Following
are
the
possible
values
for
SELINUXTYPE
variable
in
the
/etc/selinux/config
file.
This
indicates
the
type
of
policies
that
can
be
used
for
the
SELinux.
targeted
-‐
This
policy
will
protected
only
specific
targeted
network
daemons.
strict
-‐
This
is
for
maximum
SELinux
protecGon.
Method
3:
Disable
SELinux
from
the
Grub
Boot
Loader
If
you
can’t
locate
/etc/selinux/config
file
on
your
system,
you
can
pass
disable
SELinux
by
passing
it
as
parameter
to
the
Grub
Boot
Loader
as
shown
below.
# cat /boot/grub/grub.conf
default=0
timeout=5
splashimage=(hd0,0)/boot/grub/splash.xpm.gz
hiddenmenu
title Enterprise Linux Enterprise Linux Server (2.6.18-92.el5PAE)
root (hd0,0)
kernel /boot/vmlinuz-2.6.18-92.el5PAE ro root=LABEL=/ rhgb quiet selinux=0
initrd /boot/initrd-2.6.18-92.el5PAE.img
title Enterprise Linux Enterprise Linux Server (2.6.18-92.el5)
root (hd0,0)
kernel /boot/vmlinuz-2.6.18-92.el5 ro root=LABEL=/ rhgb quiet selinux=0
initrd /boot/initrd-2.6.18-92.el5.img
Method
4:
Disable
Only
a
Specific
Service
in
SELinux
–
HTTP/Apache
2
of
7 18
Apr
12
7:24
pm
3. 4
EffecGve
Methods
to
Disable
SELinux
Temporarily
or
Permanently h`p://www.thegeekstuff.com/2009/06/how-‐to-‐disable-‐selinux...
If
you
are
not
interested
in
disability
the
whole
SELinux,
you
can
also
disable
SELinux
only
for
a
specific
service.
For
example,
do
disable
SELinux
for
HTTP/Apache
service,
modify
the
hRpd_disable_trans
variable
in
the
/etc/selinux/targeted/booleans
file.
Set
the
h`pd_disable_trans
variable
to
1
as
shown
below.
# grep httpd /etc/selinux/targeted/booleans
httpd_builtin_scripting=1
httpd_disable_trans=1
httpd_enable_cgi=1
httpd_enable_homedirs=1
httpd_ssi_exec=1
httpd_tty_comm=0
httpd_unified=1
Set
SELinux
boolean
value
using
setsebool
command
as
shown
below.
Make
sure
to
restart
the
HTTP
service
a_er
this
change.
# setsebool httpd_disable_trans 1
# service httpd restart
4 Tweet 2 Like 6
Share
Comment
If
you
enjoyed
this
ar'cle,
you
might
also
like..
1. 50
Linux
Sysadmin
Tutorials
Awk
IntroducGon
–
7
Awk
Print
Examples
2. 50
Most
Frequently
Used
Linux
Commands
(With
Examples)
Advanced
Sed
SubsGtuGon
Examples
3. Top
25
Best
Linux
Performance
Monitoring
and
Debugging
8
EssenGal
Vim
Editor
NavigaGon
Fundamentals
Tools
25
Most
Frequently
Used
Linux
IPTables
Rules
4. Mommy,
I
found
it!
–
15
PracGcal
Linux
Find
Command
Examples
Examples
Turbocharge
PuTTY
with
12
Powerful
Add-‐Ons
5. Linux
101
Hacks
2nd
EdiGon
eBook
Tags:
/boot/grub/grub.conf,
/etc/selinux/config,
/etc/selinux/targeted/booleans,
/selinux/enforce,
Disable
SELinux
on
Fedora,
Disable
SELinux
on
RedHat,
Enable
SELinux,
ls
-‐Z
Command,
SELinux
setenforce
Command,
SELinux
setsebool
Command,
Uninstall
SELinux
{
5
comments…
read
them
below
or
add
one
}
1
Jill
June
1,
2009
at
5:39
pm
3
of
7 18
Apr
12
7:24
pm
4. 4
EffecGve
Methods
to
Disable
SELinux
Temporarily
or
Permanently h`p://www.thegeekstuff.com/2009/06/how-‐to-‐disable-‐selinux...
Thanks…
I’ve
been
using
Ubuntu,
which
is
be`er,
SELinux
or
AppArmor?
2
Ramesh
Natarajan
June
4,
2009
at
12:54
am
@Jill,
Both
SELinux
and
AppArmos
has
it’s
own
advantages.
Please
refer
to
this
comparison
arGcle
that
talks
about
SELinux
vs
AppArmor
3
hirak
August
19,
2009
at
2:34
am
thank
thank
you
very
much
for
this
book
this
book
i
very
use
full
for
me
thank
you
4
ravi
June
15,
2011
at
4:26
pm
this
was
very
useful
to
understand
selinux
concept
in
brief.
5
Nahuel
July
31,
2011
at
3:18
pm
I
have
problems
with
setsebool
httpd_disable_trans 1
"Could not change active booleans: Invalid boolean"
Leave
a
Comment
Name
E-‐mail
Website
NoGfy
me
of
followup
comments
via
e-‐mail
Submit
Previous
post:
3
Books
Giveaway
Winners:
Hacking
Vim,
Ligh`pd
and
Xen
VirtualizaGon
Next
post:
15
Awesome
Google
Search
Tips
and
Tricks
Sign
up
for
our
free
email
newsle`er
you@address.com
Sign Up
RSS
Twi`er
Facebook
Search
4
of
7 18
Apr
12
7:24
pm
5. 4
EffecGve
Methods
to
Disable
SELinux
Temporarily
or
Permanently h`p://www.thegeekstuff.com/2009/06/how-‐to-‐disable-‐selinux...
EBOOKS
POPULAR
POSTS
12
Amazing
and
EssenGal
Linux
Books
To
Enrich
Your
Brain
and
Library
50
UNIX
/
Linux
Sysadmin
Tutorials
50
Most
Frequently
Used
UNIX
/
Linux
Commands
(With
Examples)
How
To
Be
ProducGve
and
Get
Things
Done
Using
GTD
30
Things
To
Do
When
you
are
Bored
and
have
a
Computer
5
of
7 18
Apr
12
7:24
pm
6. 4
EffecGve
Methods
to
Disable
SELinux
Temporarily
or
Permanently h`p://www.thegeekstuff.com/2009/06/how-‐to-‐disable-‐selinux...
Linux
Directory
Structure
(File
System
Structure)
Explained
with
Examples
Linux
Crontab:
15
Awesome
Cron
Job
Examples
Get
a
Grip
on
the
Grep!
–
15
PracGcal
Grep
Command
Examples
Unix
LS
Command:
15
PracGcal
Examples
15
Examples
To
Master
Linux
Command
Line
History
Top
10
Open
Source
Bug
Tracking
System
Vi
and
Vim
Macro
Tutorial:
How
To
Record
and
Play
Mommy,
I
found
it!
-‐-‐
15
PracGcal
Linux
Find
Command
Examples
15
Awesome
Gmail
Tips
and
Tricks
15
Awesome
Google
Search
Tips
and
Tricks
RAID
0,
RAID
1,
RAID
5,
RAID
10
Explained
with
Diagrams
Can
You
Top
This?
15
PracGcal
Linux
Top
Command
Examples
Top
5
Best
System
Monitoring
Tools
Top
5
Best
Linux
OS
DistribuGons
How
To
Monitor
Remote
Linux
Host
using
Nagios
3.0
Awk
IntroducGon
Tutorial
–
7
Awk
Print
Examples
How
to
Backup
Linux?
15
rsync
Command
Examples
The
UlGmate
Wget
Download
Guide
With
15
Awesome
Examples
Top
5
Best
Linux
Text
Editors
Packet
Analyzer:
15
TCPDUMP
Command
Examples
The
UlGmate
Bash
Array
Tutorial
with
15
Examples
3
Steps
to
Perform
SSH
Login
Without
Password
Using
ssh-‐keygen
&
ssh-‐copy-‐id
Unix
Sed
Tutorial:
Advanced
Sed
SubsGtuGon
Examples
UNIX
/
Linux:
10
Netstat
Command
Examples
The
UlGmate
Guide
for
CreaGng
Strong
Passwords
6
Steps
to
Secure
Your
Home
Wireless
Network
Turbocharge
PuTTY
with
12
Powerful
Add-‐Ons
About
The
Geek
Stuff
My
name
is
Ramesh
Natarajan.
I
will
be
posGng
instrucGon
guides,
how-‐to,
troubleshooGng
Gps
and
tricks
on
Linux,
database,
hardware,
security
and
web.
My
focus
is
to
write
arGcles
that
will
either
teach
you
or
help
you
resolve
a
problem.
Read
more
about
Ramesh
Natarajan
and
the
blog.
Support
Us
Support
this
blog
by
purchasing
one
of
my
ebooks.
Bash
101
Hacks
eBook
Sed
and
Awk
101
Hacks
eBook
Vim
101
Hacks
eBook
Nagios
Core
3
eBook
Contact
Us
6
of
7 18
Apr
12
7:24
pm