How to disable SELinux on CentOS 8

SELinux, also known as security-enhanced Linux, is a security feature embedded in the Linux kernel. SELinux uses mandatory access control (MAC) to restrict users to certain rules and policies and prevent them from performing unauthorized tasks on Linux systems as specified by the IT administrator. SELinux has 3 different modes:

Enforce -This is the default installation of SELinux during installation. It enforces default policies on the system, records actions and denies access to certain services.

Allowed -In this mode, policies are not enforced, but violations are logged and warnings are triggered.

disabled -As the name implies, this means that SELinux is closed and the security policy will no longer protect the server.

Now that you know what SELinux is and the various modes you can configure, let’s see how to disable SELinux on CentOS 8.

SELinux is enabled by default Enforce Enter the mode after a fresh installation. It is generally recommended to keep it enabled for security reasons. However, in some cases it may be necessary to disable or turn it off. Let’s see how to disable SELinux on CentOS 8.

1) Check SELinux status

First, let’s first check the status of SELinux. To do this, simply run the following command:

# sestatus

Sample output

How to disable SELinux on CentOS 8

From the output above, we can clearly see that it is enabled by default and is in force mode.

2) Temporarily disable SELinux

To temporarily disable SELinux or set SELinux status from target to allowed, run the following command:

# sudo setenforce 0

Disable SELinux temporarily

Additionally, you can use Permissive Option instead of 0 as shown

# sudo setenforce Permissive

Disable SELinux temporarily

3) Disable permanently

SELinux configuration file is located /etc/selinux/config path. To disable SELinux, open the configuration file and set SELINUX Parameter disabled. So, open the configuration file

vim /etc/selinux/config

Group SELINUX to disabled As follows.

Disable SELinux on CentOS 8

Save and exit the configuration file.

3) Restart CentOS 8 system

For the changes to take effect, reboot the system with any command shown below

# reboot
# shutdown -r now
# init 6

4) Verify SELinux status

Once the system has successfully restarted, now check the status of SELinux to confirm that it is indeed disabled.

# sestatus

Sample outputSELinux disables

Big! We have successfully disabled SELinux on CentOS 8.

in conclusion

SELinux provides security for your system and uses policies that restrict what users can do on the system. Essentially, disabling SELinux is not a good idea, but in some cases requires disabling SELinux. In this guide, we demonstrated how to disable SELinux on CentOS 8.

Also read:

  • How to use the SEMANAGE command with a SELinux policy
Sidebar