selinux 安全开启与关闭

 

修改/etc/sysconfig/selinux,将SELINUX设定为disable, 使用命令setenforce 0让selinux配置文件生效。
/etc/sysconfig/selinux配置文件
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#       enforcing - SELinux security policy is enforced.
#       permissive - SELinux prints warnings instead of enforcing.
#       disabled - SELinux is fully disabled.
SELINUX=enforcing

# enforcing 改为disabled
# SELINUXTYPE= type of policy in use. Possible values are:
#       targeted - Only targeted network daemons are protected.
#       strict - Full SELinux protection.
SELINUXTYPE=targeted

Linux核心参数(Kernel Parameter)
或者在/boot/grub/menu.lst中修改核心参数后加上： selinux=0 （停止） 或 selinux=1 (开启）
/boot/grub/menu.lst配置文件
# grub.conf generated by anaconda
# Note that you do not have to rerun grub after making changes to this file
# NOTICE:  You do not have a /boot partition.  This means that
#          all kernel and initrd paths are relative to /, eg.
#          root (hd0,0)
#          kernel /boot/vmlinuz-version ro root=/dev/hda1
#          initrd /boot/initrd-version.img
#boot=/dev/hda
default=0
timeout=5
splashimage=(hd0,0)/boot/grub/splash.xpm.gz
hiddenmenu
title CentOS (2.6.9-78.EL)
       root (hd0,0)
       kernel /boot/vmlinuz-2.6.9-78.EL ro root=LABEL=/ rhgb quiet selinux=0
       initrd /boot/initrd-2.6.9-78.EL.img
 
检查SELinux当前况态
[root@info bash]# getenforce
Disabled

最后我发现修改了，并不能立即生效，我重启后才生效。