The term “SELinux” is an acronym for Security-Enhanced Linux, and it is defined as a mechanism that is implemented within the Linux based systems for providing an advanced level of security that is essentially based on policy rules. By following these rules, an administrator can allow or deny access to a certain object for any specified user. It means that the security of your Linux based systems relies heavily on this mechanism.
This mechanism works on three different modes of operation, i.e., Enforcing, Permissive, and Disabled. The first two modes work when you have enabled the SELinux mechanism, whereas the “Disabled” mode obviously works if your SELinux has been disabled. Also, the “Enforcing” mode works by applying all the policy rules that are written for SELinux, whereas the “Permissive” mode allows you to add new rules to the security policy.
However, at times, the rules defined in the SELinux security policy are so strict that they start causing trouble with your routine tasks, i.e., they might cause a hindrance in an important task that you are trying to perform. In this situation, you may prefer to turn off SELinux till the time you perform that task and then turn it on again once you are done. That is why today, we would like to share with you the method of turning off SELinux on CentOS 8.
Method of Turning off SELinux on CentOS 8
Turning off, SELinux is formally referred to as “Disabling SELinux.” So, for disabling SELinux on CentOS 8, you will have to execute the appended steps:
Step # 1: Checking the Status of SELinux on CentOS 8
First, you will be launching the terminal in CentOS 8, which is also shown in the image below:
Now you need to check the status of SELinux on CentOS 8. This step is mandatory so that you may know if SELinux is currently running on your system or not. You can check the status of SELinux on CentOS 8 by running the following command in your terminal:
In our case, SELinux was enabled on our CentOS 8 system. Its “enabled” status is Illustrated in the following picture shown:
By seeing this status, you will immediately get to know that SELinux is currently enabled, which means that you can attempt to disable it now.
Step # 2: Opening the SELinux Configuration File on CentOS 8
For disabling SELinux on CentOS 8, you need to tweak its configuration file. For that, you first need to use any text editor of your choice to open the configuration file. The configuration file of SELinux can be accessed on CentOS 8 by executing the appended command in the terminal:
$ sudo nano /etc/selinux/config
We have tried to open the SELinux configuration file with the nano editor while providing the root user privileges.
As soon as you hit the Enter key after typing this command in your terminal, the SELinux configuration file will open up with your specified editor in the above-mentioned command. Our SELinux configuration file is shown in the image below:
Step # 3: Editing the SELinux Configuration File on CentOS 8
After opening the SELinux configuration file in CentOS 8, you need to edit it now. You have to locate the variable named “SELinux” and change its value to “disabled,” as highlighted in the following image:
Once you make this modification, you are supposed to close your SELinux configuration file after saving it. Doing this will cause your SELinux to disable on your CentOS 8 system; however, these changes will not take effect immediately. For making these changes to take effect, you will have to execute step no 4.
Step # 4: Restarting the CentOS 8 System
Now you need to reboot your system, which can either be done through the CentOS 8 GUI or through the CLI. Below we will state the command for rebooting your CentOS 8 system via the terminal:
The “-r” flag along with the shutdown command is used to restart or reboot your CentOS 8 system, whereas the “now” keyword indicates that the said operation will be performed just now without any delay. After running this command, you will need to wait for a few seconds until your system is rebooted, after which you can proceed with the next step.
Step # 5: Verifying whether SELinux has been turned off or not on CentOS 8
Although we have performed all the steps of turning off SELinux on CentOS 8 up till now, however, we are still unsure about whether SELinux has actually been disabled or not. To verify this, we need to check the status of SELinux once again by running the following command in our terminal:
Since now your SELinux has been successfully turned off. Therefore, you will be able to see the “disabled” status this time, as highlighted in the image shown below:
As we have already mentioned in the introduction of this article that the security of your Linux system relies heavily on SELinux. That is why it is highly recommended for you to keep it enabled all the time to avoid any unwanted security disasters. Although this method teaches you the way of turning off or disabling SELinux on your CentOS 8 system and is very effective as well, however, we would still like to advise you that as soon as you get done with the task that you intended to perform after disabling SELinux, you should immediately re-enable it. This can simply be done by changing the value of the “SELinux” variable in the SELinux configuration file to “enforcing” instead of “disabled” and rebooting your system after making this modification.