如果要恢復執行SELinux則可以執行# setenforce1這條命令會把SELinux設定成Enforcing模式2.把SELinux永久設定為Permissive模式這裡需要講一下Permissive和Enforcing模式的區別。SELinux有三種模式:Enforcing, Permissive and Disable.Enforcing模式就是應用SELinux所設定的Policy,所有違反Policy的規則(Rules)都會被SELinux拒絕Permissive和Enforcing的區別就在於它還是會遵循SELinux的Policy,但是對於違反規則的操作只會予以記錄而並不會拒絕操作Disable 顧名思義就是完全禁用SELinux如果要永久設定為Permissive模式,我們就要修改SELinux的配置檔案/etc/sysconfig/selinux (在RHEL5下這是一個symbolic link to /etc/selinux/conf)# This file controls the state of SELinux on thesystem.# SELINUX= can take one of these threevalues:# enforcing - SELinux security policy isenforced.# permissive - SELinux prints warnings instead ofenforcing.# disabled - SELinux is fully disabled.SELINUX=enforcing#SELINUXTYPE= type of policy in use. Possible values are:# targeted -Only targeted network daemons are protected.# strict -Full SELinux protection.SELINUXTYPE=targeted修改SELINUX=permissive,然後重新啟動就可以了
如果要恢復執行SELinux則可以執行# setenforce1這條命令會把SELinux設定成Enforcing模式2.把SELinux永久設定為Permissive模式這裡需要講一下Permissive和Enforcing模式的區別。SELinux有三種模式:Enforcing, Permissive and Disable.Enforcing模式就是應用SELinux所設定的Policy,所有違反Policy的規則(Rules)都會被SELinux拒絕Permissive和Enforcing的區別就在於它還是會遵循SELinux的Policy,但是對於違反規則的操作只會予以記錄而並不會拒絕操作Disable 顧名思義就是完全禁用SELinux如果要永久設定為Permissive模式,我們就要修改SELinux的配置檔案/etc/sysconfig/selinux (在RHEL5下這是一個symbolic link to /etc/selinux/conf)# This file controls the state of SELinux on thesystem.# SELINUX= can take one of these threevalues:# enforcing - SELinux security policy isenforced.# permissive - SELinux prints warnings instead ofenforcing.# disabled - SELinux is fully disabled.SELINUX=enforcing#SELINUXTYPE= type of policy in use. Possible values are:# targeted -Only targeted network daemons are protected.# strict -Full SELinux protection.SELINUXTYPE=targeted修改SELINUX=permissive,然後重新啟動就可以了