我现在想在短期内永久禁用,但似乎没有什么对我有用
我尝试过的步骤
[root@db1e secure]# setenforce 0
[root@db1e secure]# sestatus
SELinux status: enabled
SELinuxfs mount: /sys/fs/selinux
SELinux root directory: /etc/selinux
Loaded policy name: targeted
Current mode: permissive
Mode from config file: disabled
Policy MLS status: enabled
Policy deny_unknown status: allowed
Max kernel policy version: 28
更改 /etc/selinux/config 中的值
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of three two values:
# targeted - Targeted processes are protected,
# minimum - Modification of targeted policy. Only selected processes are protected.
# mls - Multi Level Security protection.
SELINUXTYPE=targeted
然后重新启动 httpd 服务
两者仍然导致相同的状态,即启用而不是禁用,这是我所期望的。有什么想法吗?
答案1
编辑文件后/etc/sysconfig/selinux
,为了使更改生效,您需要重启让系统完全禁用 SELinux。您可以setenforce 0
让系统进入“宽容”模式,直到重新启动。
确保你更改SELinux=enforcing
为SELinux=disabled