You can view the current mode SELinux operates in, by executing the sestatus comman:
You can change the mode by editing the file /etc/selinux/config and change the SELINUX=enforcing line to SELINUX=permissive
# vi /etc/selinux/config
# This file controls the state of SELinux on the system. # SELINUX= can take one of these three values: # enforcing - SELinux security policy is enforced. # permissive - SELinux prints warnings instead of enforcing. # disabled - No SELinux policy is loaded. SELINUX=permissive # SELINUXTYPE= can take one of these two values: # targeted - Targeted processes are protected, # mls - Multi Level Security protection. SELINUXTYPE=targeted
By executing once again the sestatus command you ‘ll get the output:
SELinux status: enabled SELinuxfs mount: /selinux Current mode: enforcing Mode from config file: permissive Policy version: 24 Policy from config file: targeted
My way to change the current mode is to reboot the machine. Today I discovered that you can change the current mode by using the setenforce command.
man pages gives this as usage:
setenforce [ Enforcing | Permissive | 1 | 0 ]
so you can execute
# setenforce 0
to change SELinux currend mode to permissive.
No more reboots and downtime because of selinux!!!