How to Disable SELinux on CentOS

By default in CentOS 7, SELinux is enabled and in enforcing mode.

It is recommended to keep SELinux in enforcing mode, but in some cases, you may need to set it to permissive mode or disable it completely.

In this tutorial, we will show you how to disable SELinux on CentOS 7 systems.


Disable SELinux

You can temporarily change the SELinux mode from targeted to permissive with the following command:

# setenforce 0

However, this change will be valid for the current runtime session only.

To permanently disable SELinux on your CentOS 7 system, follow the steps below:

Open the /etc/selinux/config file and set the SELINUX mod to disabled:

# This file controls the state of SELinux on the system. # SELINUX= can take one of these three values: #       enforcing - SELinux security policy is enforced. #       permissive - SELinux prints warnings instead of enforcing. #       disabled - No SELinux policy is loaded. SELINUX=disabled # SELINUXTYPE= can take one of these two values: #       targeted - Targeted processes are protected, #       mls - Multi Level Security protection. SELINUXTYPE=targeted

Save the file and reboot your CentOS system with:

# shutdown -r now

Once the system boots up, verify the change with the sestatus command:

# sestatus

The output should look like this:

SELinux status:                 disabled

Conclusion

In this tutorial, you learned how to permanently disable SELinux on a CentOS 7 machine.
You may wish to visit the CentOS SELinux guide and learn more about the powerful features of SELinux.