SELinux
SELinux是Security-Enhanced Linux的缩写。它是一个Linux内核安全模块,为Linux系统提供了一个实现强制访问控制(MAC)策略的机制。基本上,它提供了一个更高级别的权限管理机制,超出了传统的UNIX权限和访问控制列表(ACL)。
通过配置文件关闭SELinux
修改配置文件
vim /etc/selinux/config
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of three values:
# targeted - Targeted processes are protected,
# minimum - Modification of targeted policy. Only selected processes are protected.
# mls - Multi Level Security protection.
SELINUXTYPE=targeted
设置SELinux成为permissive模式即临时关闭selinux(可不用重启服务器)
setenforce 0
通过命令快速关闭SELinux
setenforce 0
sed -i 's#SELINUX=enforcing#SELINUX=disabled#g' /etc/selinux/config
grep SELINUX=disabled /etc/selinux/config