How to Disable SE-Linux on CentOS 8

SE-Linux, or Security-Enhanced Linux, is a set of security modules which are loaded in to kernel to improve security on accessing services/files which improve security. 

This article describes How to Disable SE-Linux on CentOS 8.

Step 1: Confirm SE-Linux Current Status: Run the following commands getenforce or sestatus to check SE-Linux current status:

[root@linuxcnf ~]# getenforce Enforcing [root@linuxcnf ~]#

[root@linuxcnf ~]# sestatus SELinux status:                 enabled SELinuxfs mount:                /sys/fs/selinux SELinux root directory:         /etc/selinux Loaded policy name:             targeted Current mode:                   enforcing Mode from config file:          enforcing Policy MLS status:              enabled Policy deny_unknown status:     allowed Memory protection checking:     actual (secure) Max kernel policy version:      31 [root@linuxcnf ~]#

Step 2: Change the Configuration: Modify the SE-Linux configuration file and Change ‘SELINUX=enforcing’ to ‘SELINUX=permissive’ or ‘SELINUX=disabled’ and save the configuration file:

[root@linuxcnf ~]# vi /etc/sysconfig/selinux # This file controls the state of SELinux on the system. # SELINUX= can take one of these three values: #     enforcing - SELinux security policy is enforced. #     permissive - SELinux prints warnings instead of enforcing. #     disabled - No SELinux policy is loaded. SELINUX=disabled # SELINUXTYPE= can take one of these three values: #     targeted - Targeted processes are protected, #     minimum - Modification of targeted policy. Only selected processes are protected. #     mls - Multi Level Security protection. SELINUXTYPE=targeted [root@linuxcnf ~]#

Step 3: Finally, Reboot the system to reflect the changes:

[root@linuxcnf ~]# reboot

Done!!! SE-Linux is disabled successfully.