https://www.configserverfirewall.com/ubuntu-linux/disable-selinux-ubuntu/

In this tutorial I will explain how to configure SELinux on Ubuntu Operating system. SELinux or Security Enhanced Linux is an additional layer of security services on top of the standard Linux DAC Mechanism and brings further protection to your Linux operating System By denying everything that has not been specifically allowed.

Security Enhanced Linux is an implementation of the Mandatory Access Control Mechanism of the Linux kernel. Mandatory Access Control is an additional layer of security added to top of the standard Discretionary Access Control (User/Group based permissions).

Even though it's has been added to provide additional security to the Linux operating system, most administrators prefer to disable SELinux because without proper configuration, some application will not run when SELinux is enabled.

So how do we disable SELinux on Ubuntu?

There is no need. SELinux is not installed by default in Ubuntu. Security Enhanced Linux is primarily used by the Red Hat based Linux distributions, that includes Red Hat Enterprise Linux, CentOS and Fedora.

Debian based distributions, including Ubuntu do not deliver SELinux by default, instead they use a system called AppArmor for Mandatory Access Control (AppArmor is disabled by default on Ubuntu).

Install SELinux on Ubuntu

The following steps describe how to install and configure SELinux on Ubuntu/Debian.

  1. Install selinux-policy-default and related packages:

    sudo apt-get update
    
sudo apt-get install selinux-basics selinux-policy-default auditd

  2. Run the selinux-activate command:

    sudo selinux-activate

  3. Open the /etc/default/rcS file and set FSCKFIX=yes:

    FSCKFIX=yes

  4. Restart the computer (it will take a while to reboot):

    sudo systemctl reboot

After the system rebooted, run the check-selinux-installation command to make sure that the installation is successful.

Enable and Disable SELinux on Ubuntu

By default SELinux on Ubuntu run in permissive mode. To enable SELinux, Open the /etc/selinux/config file and set SELINUX=enforcing:

SELINUX=enforcing

Then, Save the config file and restart the computer:

sudo systemctl reboot

If you want to permanently disable SELinux, set SELINUX=disabled and restart the computer.

You need to restart your Ubuntu system every time you switch between enforcing and disabled modes permanently.

To view The SELinux status on Ubuntu, Type:

sestatus

To check current running mode, Type:

getenforce

Run setenforce command to switch between Enforcing and Permissive mode without having to restart the computer (Enforcing = 1, Permissive = 0).

setenforce 0

Summary

  • SELinux is a security enhancement for the Linux kernel, and is Originally developed by the National Security Agency's office of Information Assurance as an enhancement to Linux Security.
  • If you use CentOS, Fedora or RHEL, SELinux is enabled by default.
  • Apparmor is the default way of implementing Mandatory Access Control in Debian/Ubuntu based Linux distributions.

How to Disable SELinux in Ubuntu Server/Desktop的更多相关文章

  1. Ubuntu Server 与 Ubuntu Desktop之间的区别

    服务器版本的内核时钟频率由桌面的100hz转为1khz,这一点是为某些服务器应用提供更好的性能和吞吐量. 除此之外,服务器内核支持SMP"对称多处理"(Symmetrical Mu ...

  2. Ubuntu Server VS Ubuntu Desktop区别

    今天有位朋友问我,Ubuntu Server 与 Ubuntu Desktop的区别在哪里!区别如下: SERVER没有GUI SERVER没有一堆的桌面软件 SERVER在编译时使用的参数不一样,会 ...

  3. Ubuntu Server 与 Ubuntu Desktop区别

    今天有位朋友问我,Ubuntu Server 与 Ubuntu Desktop的区别在哪里!区别如下: SERVER没有GUI SERVER没有一堆的桌面软件 SERVER在编译时使用的参数不一样,会 ...

  4. Ubuntu Desktop变为Ubuntu Server服务器版的方法

    去Ubuntu官网看到有好几种版本可以下载,alternate(文本安装).desktop9(桌面).netbook(上网本).server(服务器). 使用server版某个理由: 32位的系统可以 ...

  5. Ubuntu Server : 自动更新

    Ubuntu(16.04/18.04) 默认会每天自动安装系统的安全更新,但是不会自动安装包的更新.本文梳理 Ubuntu 16.04/18.04 系统的自动更新机制,并介绍如何配置系统自动更新所有的 ...

  6. 实战Ubuntu Server上配置LXDE+VNC环境

    1.安装x-window 使用apt-get 安装 xorg sudo apt-get install xorg 如果提示以下内容,就说明需要update下源列表,使用sudo apt-get upd ...

  7. Compiling Xen-4.4 From Source And Installing It On Ubuntu Server (Amd-64)

    First of all, you should install a clean Ubuntu Server (Amd-64) on your server. (Version 14.04 is st ...

  8. Ubuntu Server修改IP、DNS、hosts

    本文记录下Ubuntu Server 16.04修改IP.DNS.hosts的方法 -------- 1. Ubuntu Server 修改IP sudo vi /etc/network/interf ...

  9. Ubuntu Server忘记密码后,单用户模式修改密码进去不了桌面的无奈

    俗话说的好,好记性不如烂笔头.有时候脑子一热,就想不起来之前设置过的密码是什么了.我可怜地忘了我的Ubuntu Server的密码,回忆了n种组合都不行,于是只能进行单用户模式的修改密码了. 以下的操 ...

  10. Ubuntu Server 14.04 LTS(64bit)已安装 weblogic Server 12c(12.1.3) Zip Distribution

    这里说的对Ubuntu Server 14.04 LTS(64bit)已安装weblogic Server 12c(12.1.3) Zip Distribution遇到的问题.至于Windows什么好 ...

随机推荐

  1. C# 新语法 switch 的简单写法

    // C# 中的新语法 switch 的简写 string str = "123"; string res = str switch { "1" => & ...

  2. wpf之样式

    在Window.Resources中书写样式 : <Window.Resources> <Style TargetType="Button" > </ ...

  3. iotdb时序数据库常见使用命令

    docker 安装IOTDB核心代码: #docker启动 docker run -d -p 6667:6667 -p 31999:31999 -p 8181:8181 --name some-iot ...

  4. CentOS7.4 安装 11204 ASM GI 组件时:ohasd failed to start

    前段时间某客户要求在CENTOS7上部署Oracle 11.2.0.4 single instance && ASM存储,遇到一个比较头疼的问题,好在已经处理完了. 在图形化执行安装程 ...

  5. 在使用asm包进行动态类加载的时候的打包问题

    如图所示,开发时使用的jdk包下面的asm包,在进行打包时提示asm包不存在,打包方式使用如下: 目前提供两种解决方案: 1:修改打包方式,将jdk的包也打进去: <plugin> < ...

  6. docker bulid tag push到自己的docker hub 仓库

    -t(或 --tag)参数:用于给构建的镜像指定标签(tag).标签的格式通常是 [仓库名/][用户名/]镜像名:版本号 -f(或 --file)参数: 指定构建镜像所使用的 Dockerfile 的 ...

  7. GPU 环境搭建指南:使用 GPU Operator 加速 Kubernetes GPU 环境搭建

    本文主要分享如何使用 GPU Operator 快速搭建 Kubernetes GPU 环境. 1. 概述 上一篇文章 GPU 使用指南:如何在裸机.Docker.K8s 等环境中使用 GPU 分享了 ...

  8. 2023NOIP A层联测16 T3 货物运输

    2023NOIP A层联测16 T3 货物运输 题目描述说这是一个仙人掌图,通常将问题转换为环和树的问题在使用圆方树来解决. 树解法 令 \(a_i=s_i-\frac{\sum s_i}{n}\) ...

  9. Spring源码学习 ------ IoC——AOP

    一直想抽空把Spring源码拿来读读,但真正去做这件事的时候发现不简单,Spring发展这么多年,它的规模已不是一个一般的开源框架所能比的,它的主要架构和流程不是非常清晰,很难抓到要害,但有一点可以肯 ...

  10. 想学习建个网站?WAMP Server助你在Windows上快速搭建PHP集成环境

    我想只要爬过几天网的同学都会知道PHP吧,异次元的新版本就是基于PHP的WordPress程序制造出来的,还有国内绝大部分论坛都是PHP的哦.据我所知很多同学都想要试着学习一下PHP,无奈要在Wind ...