Selinux - centos - missing /etc/selinux/config
I am trying to check if my selinux is disabled/enabled and can't find its config file, why its like that and what should I do to disable it.
sestatus
will tell you if SELinux is enabled, as well as a few other characteristics.
To change the SELinux to disable you can use the below command:
setenforce 0
While this does not replace the config file it will put SELinux into permissive mode until the next reboot, meaning that SELinux is running and logging but not actually controlling permissions.
You can as well try the command:
/usr/bin/system-config-securitylevel-tui
To totally disable it.
The following command:
yum provides /etc/selinux/config
will tell you which package does the file belong to and whether the package has been installed. Normally it would be some selinux-policy
package.
If it wasn't installed you can install it with yum install
.
If it is reported as installed but is absent in the filesystem then something is very wrong with the system.
Open the file using following cmd
vi /etc/sysconfig/selinux
and go to the insert mode by pressing i
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# disabled - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=enforcing
# SELINUXTYPE= can take one of these two values:
# targeted - Targeted processes are protected,
# mls - Multi Level Security protection.
SELINUXTYPE=targeted
change enforcing into disabled and save and quit.