我現在想短期內永久禁用,但似乎沒有什麼對我有用
我嘗試過的步驟
[root@db1e secure]# setenforce 0
[root@db1e secure]# sestatus
SELinux status: enabled
SELinuxfs mount: /sys/fs/selinux
SELinux root directory: /etc/selinux
Loaded policy name: targeted
Current mode: permissive
Mode from config file: disabled
Policy MLS status: enabled
Policy deny_unknown status: allowed
Max kernel policy version: 28
更改 /etc/selinux/config 中的值
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of three two values:
# targeted - Targeted processes are protected,
# minimum - Modification of targeted policy. Only selected processes are protected.
# mls - Multi Level Security protection.
SELINUXTYPE=targeted
然後重啟httpd服務
兩者仍然導致相同的啟用狀態而不是我所期望的禁用狀態..有什麼想法嗎?
答案1
編輯文件後/etc/sysconfig/selinux,要使變更生效,您需要重啟您的系統完全停用 SELinux。您可以setenforce 0將系統置於「寬容」模式,直到重新啟動為止。
確保你更改SELinux=enforcing為SELinux=disabled