在安装Cobbler和Puppet时须要关闭selinux,可是一般状况下载安装完CentOS7后,默认状况下SElinux是启用状态,html
以下所示:linux
[csharp] view plaincopyhtm
- [root@rdo ~]# sestatus
- SELinux status: enabled
- SELinuxfs mount: /sys/fs/selinux
- SELinux root directory: /etc/selinux
- Loaded policy name: targeted
- Current mode: enforcing
- Mode from config file: enforcing
- Policy MLS status: enabled
- Policy deny_unknown status: allowed
- Max kernel policy version: 28
一、若是要临时关闭,能够执行three
[cpp] view plaincopyci
- setenforce 0
此时的状态以下get
[html] view plaincopyit
- [root@rdo ~]# sestatus
- SELinux status: enabled
- SELinuxfs mount: /sys/fs/selinux
- SELinux root directory: /etc/selinux
- Loaded policy name: targeted
- Current mode: permissive
- Mode from config file: enforcing
- Policy MLS status: enabled
- Policy deny_unknown status: allowed
- Max kernel policy version: 28
二、若是要永久关闭,能够修改配置文件/etc/selinux/config,将SELINU置为disabled。io
[html] view plaincopysed
- [root@rdo ~]# cat /etc/selinux/config
-
- # This file controls the state of SELinux on the system.
- # SELINUX= can take one of these three values:
- # enforcing - SELinux security policy is enforced.
- # permissive - SELinux prints warnings instead of enforcing.
- # disabled - No SELinux policy is loaded.
- #SELINUX=enforcing
- SELINUX=disabled
- # SELINUXTYPE= can take one of three two values:
- # targeted - Targeted processes are protected,
- # minimum - Modification of targeted policy. Only selected processes are protected.
- # mls - Multi Level Security protection.
- SELINUXTYPE=targeted
修改该配置文件也能够执行下面的命令来完成配置
[html] view plaincopy
- sed -i '/SELINUX/s/enforcing/disabled/' /etc/selinux/config
修改完成后,保存重启,重启后状态以下:
[html] view plaincopy
- [root@rdo ~]# sestatus
- SELinux status: disabled