next up previous contents
Next: SELinux Contexts Up: SELinux Previous: 設計原由   Contents

啟動、關閉與觀察

  1. SELinux開機啟動模式
    [root@deyu ~]# cat /etc/sysconfig/selinux 
    # This file controls the state of SELinux on the system.
    # SELINUX= can take one of these three values:
    #     enforcing - SELinux security policy is enforced.
    #     permissive - SELinux prints warnings instead of enforcing.
    #     disabled - No SELinux policy is loaded.
    SELINUX=enforcing
    # SELINUXTYPE= can take one of these two values:
    #     targeted - Targeted processes are protected,
    #     mls - Multi Level Security protection.
    SELINUXTYPE=targeted
    
  2. 關察目前SELinux狀態
    [root@deyu ~]# sestatus 
    SELinux status:                 enabled
    SELinuxfs mount:                /selinux
    Current mode:                   enforcing
    Mode from config file:          enforcing
    Policy version:                 24
    Policy from config file:        targeted
    
  3. 改變SELinux模式
    [root@deyu ~]# getenforce 
    Enforcing
    [root@deyu ~]# setenforce 0
    [root@deyu ~]# getenforce 
    Permissive
    [root@deyu ~]# setenforce 1
    [root@deyu ~]# getenforce 
    Enforcing
    



2015-04-13