概述
一、SELinux简介
SELinux 主要作用就是最大限度地减小系统中服务进程可访问的资源(最小权限原则)。
三种工作模式:
1. enforcing:强制模式。违反 SELinux 规则的行为将被阻止并记录到日志中。
2. permissive:宽容模式。违反 SELinux 规则的行为只会记录到日志中。一般为调试用。
3. disabled:禁用 SELinux。
二、操作SElinux
1.查看状态(SELINUX=enforcing)
[root@Mysql8 ~]# cat /etc/selinux/config
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=enforcing
# SELINUXTYPE= can take one of three values:
# targeted - Targeted processes are protected,
# minimum - Modification of targeted policy. Only selected processes are protected.
# mls - Multi Level Security protection.
SELINUXTYPE=targeted2.快速查看状态
[root@Mysql8 ~]# getenforce
Enforcing3.设置状态模式(临时生效,不可禁用模式)
[root@Mysql8 ~]# setenforce 0
[root@Mysql8 ~]# getenforce
Permissive
[root@Mysql8 ~]# setenforce 1
[root@Mysql8 ~]# getenforce
Enforcing
0-->Permissive
1-->Enforcing
注:setenforce 不能disabled禁用SELinux4.设置状态模式(永久生效,可禁用模式)
[root@Mysql8 ~]# vi /etc/selinux/config
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of three values:
# targeted - Targeted processes are protected,
# minimum - Modification of targeted policy. Only selected processes are protected.
# mls - Multi Level Security protection.
SELINUXTYPE=targeted
[root@Mysql8 ~]# reboot
-->SELINUX=disabled/enforcing/permissive 对应不同模式,重启永久生效。最后
以上就是如意发箍为你收集整理的Centos7.6查看/关闭SElinux的全部内容,希望文章能够帮你解决Centos7.6查看/关闭SElinux所遇到的程序开发问题。
如果觉得靠谱客网站的内容还不错,欢迎将靠谱客网站推荐给程序员好友。
本图文内容来源于网友提供,作为学习参考使用,或来自网络收集整理,版权属于原作者所有。
发表评论 取消回复