• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer navigation

The Geek Diary

  • OS
    • Linux
    • CentOS/RHEL
    • VCS
  • Interview Questions
  • Database
    • MariaDB
  • DevOps
    • Docker
    • Shell Scripting
  • Big Data
    • Hadoop
    • Cloudera
    • Hortonworks HDP

How to Check whether SELinux is Enabled or Disabled

by admin

Question : How to Check whether SELinux is Enabled or Disabled

Answer :
SELinux gives that extra layer of security to the resources in the system. It provides the MAC (mandatory access control) as contrary to the DAC (Discretionary access control). Before we dive into setting the SELinux modes, let us see what are the different SELinux modes of operation and how do they work. SELinux can operate in any of the 3 modes :

1. Enforced : Actions contrary to the policy are blocked and a corresponding event is logged in the audit log.
2. Permissive : Permissive mode loads the SELinux software, but doesn’t enforce the rules, only logging is performed.
3. Disabled : The SELinux is disabled entirely.

Check the SELinux status

use this command to check current status:

# getenforce
Permissive

The output will be either of the 3 options described above. For more verbose (in the case of permissive), use:

# sestatus
SELinux status:                 enabled
SELinuxfs mount:                /sys/fs/selinux
SELinux root directory:         /etc/selinux
Loaded policy name:             targeted
Current mode:                   permissive
Mode from config file:          permissive
Policy MLS status:              enabled
Policy deny_unknown status:     allowed
Max kernel policy version:      28

To programmatically check the status as a true/false, one way could be:

# selinuxenabled
if [ $? -ne 0 ]
then 
    echo "DISABLED"
else
    echo "ENABLED"
fi

This will return ENABLED or DISABLED.

How to Disable or set SELinux to Permissive mode

Filed Under: Linux

Some more articles you might also be interested in …

  1. LVM error “WARNING: Inconsistent metadata found” – How to resolve in CentOS / RHEL
  2. mknod Command Examples in Linux
  3. mimetype: command not found
  4. airodump-ng – Capture packets and display information about wireless networks (Command Examples)
  5. Command line parameters in shell scripts
  6. How to disable write access to USB devices using “hdparm” tool
  7. lxterminal Command Examples in Linux
  8. How to Create yum Repository in CentOS/RHEL
  9. Understanding The /proc File System
  10. 10 useful cron examples to schedule jobs in Linux

You May Also Like

Primary Sidebar

Recent Posts

  • gml2gv Command Examples
  • glow Command Examples
  • glib-compile-resources Command Examples
  • glances Command Examples

© 2023 · The Geek Diary

  • Archives
  • Contact Us
  • Copyright