https://www.configserverfirewall.com/ubuntu-linux/disable-selinux-ubuntu/

In this tutorial I will explain how to configure SELinux on Ubuntu Operating system. SELinux or Security Enhanced Linux is an additional layer of security services on top of the standard Linux DAC Mechanism and brings further protection to your Linux operating System By denying everything that has not been specifically allowed.

Security Enhanced Linux is an implementation of the Mandatory Access Control Mechanism of the Linux kernel. Mandatory Access Control is an additional layer of security added to top of the standard Discretionary Access Control (User/Group based permissions).

Even though it's has been added to provide additional security to the Linux operating system, most administrators prefer to disable SELinux because without proper configuration, some application will not run when SELinux is enabled.

So how do we disable SELinux on Ubuntu?

There is no need. SELinux is not installed by default in Ubuntu. Security Enhanced Linux is primarily used by the Red Hat based Linux distributions, that includes Red Hat Enterprise Linux, CentOS and Fedora.

Debian based distributions, including Ubuntu do not deliver SELinux by default, instead they use a system called AppArmor for Mandatory Access Control (AppArmor is disabled by default on Ubuntu).

Install SELinux on Ubuntu

The following steps describe how to install and configure SELinux on Ubuntu/Debian.

  1. Install selinux-policy-default and related packages:

    sudo apt-get update
    
sudo apt-get install selinux-basics selinux-policy-default auditd

  2. Run the selinux-activate command:

    sudo selinux-activate

  3. Open the /etc/default/rcS file and set FSCKFIX=yes:

    FSCKFIX=yes

  4. Restart the computer (it will take a while to reboot):

    sudo systemctl reboot

After the system rebooted, run the check-selinux-installation command to make sure that the installation is successful.

Enable and Disable SELinux on Ubuntu

By default SELinux on Ubuntu run in permissive mode. To enable SELinux, Open the /etc/selinux/config file and set SELINUX=enforcing:

SELINUX=enforcing

Then, Save the config file and restart the computer:

sudo systemctl reboot

If you want to permanently disable SELinux, set SELINUX=disabled and restart the computer.

You need to restart your Ubuntu system every time you switch between enforcing and disabled modes permanently.

To view The SELinux status on Ubuntu, Type:

sestatus

To check current running mode, Type:

getenforce

Run setenforce command to switch between Enforcing and Permissive mode without having to restart the computer (Enforcing = 1, Permissive = 0).

setenforce 0

Summary

  • SELinux is a security enhancement for the Linux kernel, and is Originally developed by the National Security Agency's office of Information Assurance as an enhancement to Linux Security.
  • If you use CentOS, Fedora or RHEL, SELinux is enabled by default.
  • Apparmor is the default way of implementing Mandatory Access Control in Debian/Ubuntu based Linux distributions.

How to Disable SELinux in Ubuntu Server/Desktop的更多相关文章

  1. Ubuntu Server 与 Ubuntu Desktop之间的区别

    服务器版本的内核时钟频率由桌面的100hz转为1khz,这一点是为某些服务器应用提供更好的性能和吞吐量. 除此之外,服务器内核支持SMP"对称多处理"(Symmetrical Mu ...

  2. Ubuntu Server VS Ubuntu Desktop区别

    今天有位朋友问我,Ubuntu Server 与 Ubuntu Desktop的区别在哪里!区别如下: SERVER没有GUI SERVER没有一堆的桌面软件 SERVER在编译时使用的参数不一样,会 ...

  3. Ubuntu Server 与 Ubuntu Desktop区别

    今天有位朋友问我,Ubuntu Server 与 Ubuntu Desktop的区别在哪里!区别如下: SERVER没有GUI SERVER没有一堆的桌面软件 SERVER在编译时使用的参数不一样,会 ...

  4. Ubuntu Desktop变为Ubuntu Server服务器版的方法

    去Ubuntu官网看到有好几种版本可以下载,alternate(文本安装).desktop9(桌面).netbook(上网本).server(服务器). 使用server版某个理由: 32位的系统可以 ...

  5. Ubuntu Server : 自动更新

    Ubuntu(16.04/18.04) 默认会每天自动安装系统的安全更新,但是不会自动安装包的更新.本文梳理 Ubuntu 16.04/18.04 系统的自动更新机制,并介绍如何配置系统自动更新所有的 ...

  6. 实战Ubuntu Server上配置LXDE+VNC环境

    1.安装x-window 使用apt-get 安装 xorg sudo apt-get install xorg 如果提示以下内容,就说明需要update下源列表,使用sudo apt-get upd ...

  7. Compiling Xen-4.4 From Source And Installing It On Ubuntu Server (Amd-64)

    First of all, you should install a clean Ubuntu Server (Amd-64) on your server. (Version 14.04 is st ...

  8. Ubuntu Server修改IP、DNS、hosts

    本文记录下Ubuntu Server 16.04修改IP.DNS.hosts的方法 -------- 1. Ubuntu Server 修改IP sudo vi /etc/network/interf ...

  9. Ubuntu Server忘记密码后,单用户模式修改密码进去不了桌面的无奈

    俗话说的好,好记性不如烂笔头.有时候脑子一热,就想不起来之前设置过的密码是什么了.我可怜地忘了我的Ubuntu Server的密码,回忆了n种组合都不行,于是只能进行单用户模式的修改密码了. 以下的操 ...

  10. Ubuntu Server 14.04 LTS(64bit)已安装 weblogic Server 12c(12.1.3) Zip Distribution

    这里说的对Ubuntu Server 14.04 LTS(64bit)已安装weblogic Server 12c(12.1.3) Zip Distribution遇到的问题.至于Windows什么好 ...

随机推荐

  1. USB协议详解第8讲(USB描述符-字符串和语言ID描述符)

    1.字符串描述符相关概念 字符串描述符:首先,字符串描述符就是用字符串描述一个设备的一些属性,毕竟人能看懂的是字符,而不是十六进制,描述的属性包括设备厂商名字.产品名字.产品序列号.各个配置名字.各个 ...

  2. ftrace的trace_options

    ftrace 中的 trace_options 选项用于控制追踪数据的收集和显示方式.你可以通过 /sys/kernel/debug/tracing/trace_options 文件来设置这些选项.每 ...

  3. meltdown 安全漏洞原理是怎么样的?

    Meltdown是2018年初公开的一种严重的计算机安全漏洞,影响了多种处理器,包括英特尔.ARM和某些AMD处理器.其原理基于利用现代CPU的"推测执行"(speculative ...

  4. ARMv8 寄存器

    本文主要介绍 Armv8/v9 指令集架构中常用部分,详细的还是要看 Arm architecture reference manual. ARMv8 架构 ARMv8 架构支持3种指令集: T32, ...

  5. iOS定义常量的两种方式define和FOUNDATION_EXPORT

    FOUNDATION_EXPORT的使用方法: 1.h文件 FOUNDATION_EXPORT NSString * const kTestString; 2.m文件NSString * const ...

  6. 强化学习笔记之【SAC算法】

    强化学习笔记之[SAC算法] 前言: 本文为强化学习笔记第四篇,第一篇讲的是Q-learning和DQN,第二篇DDPG,第三篇TD3 TD3比DDPG少了一个target_actor网络,其它地方有 ...

  7. Spire.Pdf打印PDF文件

    1 /// <summary> 2 /// Spire.Pdf打印PDF文件 3 /// </summary> 4 /// <param name="fileN ...

  8. 3.2 Linux文件系统到底有什么用处?

    Linux 上常见的文件系统是EXT3或EXT4,但这篇文章并不准备一上来就直接讲它们,而希望结合Linux操作系统并从文件系统建立的基础--硬盘开始,一步步认识Linux的文件系统. 1.机械硬盘的 ...

  9. i-MES生产制造管理系统-可视化看板

    可视化看板最主要的目的是为了将生产状况透明化,让大家能够快速了解当前的生产状况以及进度,通过大数据汇总分析,为管理层做决策提供数据支撑,看板数据必须达到以下基本要求: 数据准确--真实反映生产情况 数 ...

  10. CSP2023总结

    CSP2023总结 入门组 比赛开始时,顺序开题. 看完 \(T1\) 后没有立即想出正确解法,有点慌乱,看完 \(T2,T3\) 并思考了一会后过去了大概 \(20\) 分钟,想到了解法便看 \(T ...