https://www.configserverfirewall.com/ubuntu-linux/disable-selinux-ubuntu/

In this tutorial I will explain how to configure SELinux on Ubuntu Operating system. SELinux or Security Enhanced Linux is an additional layer of security services on top of the standard Linux DAC Mechanism and brings further protection to your Linux operating System By denying everything that has not been specifically allowed.

Security Enhanced Linux is an implementation of the Mandatory Access Control Mechanism of the Linux kernel. Mandatory Access Control is an additional layer of security added to top of the standard Discretionary Access Control (User/Group based permissions).

Even though it's has been added to provide additional security to the Linux operating system, most administrators prefer to disable SELinux because without proper configuration, some application will not run when SELinux is enabled.

So how do we disable SELinux on Ubuntu?

There is no need. SELinux is not installed by default in Ubuntu. Security Enhanced Linux is primarily used by the Red Hat based Linux distributions, that includes Red Hat Enterprise Linux, CentOS and Fedora.

Debian based distributions, including Ubuntu do not deliver SELinux by default, instead they use a system called AppArmor for Mandatory Access Control (AppArmor is disabled by default on Ubuntu).

Install SELinux on Ubuntu

The following steps describe how to install and configure SELinux on Ubuntu/Debian.

  1. Install selinux-policy-default and related packages:

    sudo apt-get update
    
sudo apt-get install selinux-basics selinux-policy-default auditd

  2. Run the selinux-activate command:

    sudo selinux-activate

  3. Open the /etc/default/rcS file and set FSCKFIX=yes:

    FSCKFIX=yes

  4. Restart the computer (it will take a while to reboot):

    sudo systemctl reboot

After the system rebooted, run the check-selinux-installation command to make sure that the installation is successful.

Enable and Disable SELinux on Ubuntu

By default SELinux on Ubuntu run in permissive mode. To enable SELinux, Open the /etc/selinux/config file and set SELINUX=enforcing:

SELINUX=enforcing

Then, Save the config file and restart the computer:

sudo systemctl reboot

If you want to permanently disable SELinux, set SELINUX=disabled and restart the computer.

You need to restart your Ubuntu system every time you switch between enforcing and disabled modes permanently.

To view The SELinux status on Ubuntu, Type:

sestatus

To check current running mode, Type:

getenforce

Run setenforce command to switch between Enforcing and Permissive mode without having to restart the computer (Enforcing = 1, Permissive = 0).

setenforce 0

Summary

  • SELinux is a security enhancement for the Linux kernel, and is Originally developed by the National Security Agency's office of Information Assurance as an enhancement to Linux Security.
  • If you use CentOS, Fedora or RHEL, SELinux is enabled by default.
  • Apparmor is the default way of implementing Mandatory Access Control in Debian/Ubuntu based Linux distributions.

How to Disable SELinux in Ubuntu Server/Desktop的更多相关文章

  1. Ubuntu Server 与 Ubuntu Desktop之间的区别

    服务器版本的内核时钟频率由桌面的100hz转为1khz,这一点是为某些服务器应用提供更好的性能和吞吐量. 除此之外,服务器内核支持SMP"对称多处理"(Symmetrical Mu ...

  2. Ubuntu Server VS Ubuntu Desktop区别

    今天有位朋友问我,Ubuntu Server 与 Ubuntu Desktop的区别在哪里!区别如下: SERVER没有GUI SERVER没有一堆的桌面软件 SERVER在编译时使用的参数不一样,会 ...

  3. Ubuntu Server 与 Ubuntu Desktop区别

    今天有位朋友问我,Ubuntu Server 与 Ubuntu Desktop的区别在哪里!区别如下: SERVER没有GUI SERVER没有一堆的桌面软件 SERVER在编译时使用的参数不一样,会 ...

  4. Ubuntu Desktop变为Ubuntu Server服务器版的方法

    去Ubuntu官网看到有好几种版本可以下载,alternate(文本安装).desktop9(桌面).netbook(上网本).server(服务器). 使用server版某个理由: 32位的系统可以 ...

  5. Ubuntu Server : 自动更新

    Ubuntu(16.04/18.04) 默认会每天自动安装系统的安全更新,但是不会自动安装包的更新.本文梳理 Ubuntu 16.04/18.04 系统的自动更新机制,并介绍如何配置系统自动更新所有的 ...

  6. 实战Ubuntu Server上配置LXDE+VNC环境

    1.安装x-window 使用apt-get 安装 xorg sudo apt-get install xorg 如果提示以下内容,就说明需要update下源列表,使用sudo apt-get upd ...

  7. Compiling Xen-4.4 From Source And Installing It On Ubuntu Server (Amd-64)

    First of all, you should install a clean Ubuntu Server (Amd-64) on your server. (Version 14.04 is st ...

  8. Ubuntu Server修改IP、DNS、hosts

    本文记录下Ubuntu Server 16.04修改IP.DNS.hosts的方法 -------- 1. Ubuntu Server 修改IP sudo vi /etc/network/interf ...

  9. Ubuntu Server忘记密码后,单用户模式修改密码进去不了桌面的无奈

    俗话说的好,好记性不如烂笔头.有时候脑子一热,就想不起来之前设置过的密码是什么了.我可怜地忘了我的Ubuntu Server的密码,回忆了n种组合都不行,于是只能进行单用户模式的修改密码了. 以下的操 ...

  10. Ubuntu Server 14.04 LTS(64bit)已安装 weblogic Server 12c(12.1.3) Zip Distribution

    这里说的对Ubuntu Server 14.04 LTS(64bit)已安装weblogic Server 12c(12.1.3) Zip Distribution遇到的问题.至于Windows什么好 ...

随机推荐

  1. 密码学承诺之原理和应用 - Kate多项式承诺

    主页 微信公众号:密码应用技术实战 博客园首页:https://www.cnblogs.com/informatics/ GIT地址:https://github.com/warm3snow 简介 多 ...

  2. 基于乐鑫 ESP32-C3 的 Matter Light 实践

    背景介绍 最近公司在研究 Matter 协议在智能家居领域的市场机会,考虑到易用性和文档支撑等方面,相比较 Telink,产品部门对乐鑫的 Matter-SDK 更感兴趣,因而开展了一些测试工作,毕竟 ...

  3. 宏定义define的用法

    #define read(x) scanf("%d",&x); 这行代码是一个宏定义,使用了 C 语言中的 #define 指令.它的作用是定义一个名为 read 的宏,用 ...

  4. Machine Learning Week_5 Cost Function and BackPropagation

    目录 0 Neural Networks: Learning 1 Cost Function and BackPropagation 1.1 Cost Function 1.2 Backpropaga ...

  5. 【VMware VCF】使用 Offline Bundle Transfer Utility(OBTU)配置 VCF 脱机库。

    VMware Cloud Foundation 环境中,软件包仓库的来源支持两种方式,分别是 Online Depot 和 Offline Depot.第一种方式,是在 VCF 环境能够连接互联网的情 ...

  6. python 爬虫如何爬取动态生成的网页内容

    ---  好的方法很多,我们先掌握一种  --- [背景] 对于网页信息的采集,静态页面我们通常都可以通过python的request.get()库就能获取到整个页面的信息. 但是对于动态生成的网页信 ...

  7. 企业级zabbix监控搭建及邮件报警

    Zabbix简介   Zabbix 是由Alexei Vladishev创建,目前由Zabbix SIA在持续开发和支持.Zabbix 是一个企业级的分布式开源监控方案.Zabbix是一款能够监控各种 ...

  8. 一个专注推荐.Net开源项目的榜单

    大家好,我是编程乐趣,从7月份开始推荐开源项目,已经推荐了接近100个开源项目了,其中绝大部分是有关.Net的开源项目,也受到大家非常多人的喜欢. 由于公众号不方便查询,很多人又想了解更多的开源项目, ...

  9. 2023NOIP A层联测26 T2 competition

    2023NOIP A层联测26 T2 competition tjm 的做法,很抽象. 考场思路 考虑每道题被做过多少次肯定不现实,那么考虑每一道题有多少次没有做出来. 假设某一次可以做出来题 \(x ...

  10. 崖山数据库-监控运维平台-YCM 配置部署详解

    准备工作:操作系统版本:[root@node10 ~]# uname -aLinux node10 3.10.0-1160.el7.x86_64 #1 SMP Mon Oct 19 16:18:59 ...