How to Disable SELinux on RHEL 7/CentOS 7/Oracle Linux 7

Share this Article :

Security-Enhanced Linux (SELinux) is an implementation of security policies for operating systems that provides a mechanism to support and help control access in the linux kernel. On Red Hat Enterprise Linux 7 (RHEL 7), CentOS 7 and Oracle Linux 7 (OL7), SELinux services were installed by default. The following tutorial will show you the basic steps to permanently disable SELinux on RHEL 7, CentOS 7 and OL7.

1. Check SELinux status :

[root@centos7 ~]# sestatus
SELinux status:                 enabled
SELinuxfs mount:                /sys/fs/selinux
SELinux root directory:         /etc/selinux
Loaded policy name:             targeted
Current mode:                   enforcing
Mode from config file:          enforcing
Policy MLS status:              enabled
Policy deny_unknown status:     allowed
Max kernel policy version:      28

2. Open selinux configuration file :

[root@centos7 ~]# vi /etc/sysconfig/selinux

3. Change “SELINUX=enforcing” to “SELINUX=disabled” and save the configuration file :

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
# SELINUXTYPE= can take one of these two values:
#     targeted - Targeted processes are protected,
#     minimum - Modification of targeted policy. Only selected processes are protected.
#     mls - Multi Level Security protection.

4. Reboot the server to take effect :

[root@centos7 ~]# reboot

5. After reboot, you can verify the status of SELinux. Issue “sestatus” command to verify that SELinux permanently disabled:

[root@centos7 ~]# sestatus
SELinux status:                 disabled

Leave a Reply