Centos – set selinux permissive without reboot

You can view the current mode SELinux operates in, by executing the sestatus comman:

# sestatus

You can change the mode by editing the file /etc/selinux/config and change the SELINUX=enforcing line to SELINUX=permissive

# vi /etc/selinux/config

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=permissive
# SELINUXTYPE= can take one of these two values:
# targeted - Targeted processes are protected,
# mls - Multi Level Security protection.
SELINUXTYPE=targeted

By executing once again the sestatus command you ‘ll get the output:

# sestatus

SELinux status: enabled
SELinuxfs mount: /selinux
Current mode: enforcing
Mode from config file: permissive
Policy version: 24
Policy from config file: targeted

My way to change the current mode is to reboot the machine. Today I discovered that you can change the current mode by using the setenforce command.

man pages gives this as usage:

setenforce [ Enforcing | Permissive | 1 | 0 ]

so you can execute

# setenforce 0

to change SELinux currend mode to permissive.

No more reboots and downtime because of selinux!!!

One Reply to “Centos – set selinux permissive without reboot”

Leave a Reply

Your email address will not be published. Required fields are marked *

Prove me that you are not a robot :) * Time limit is exhausted. Please reload the CAPTCHA.