How Do I Disable the SELinux Firewall?
Security-Enhanced Linux (SELinux) is a kernel module and security subsystem of Linux.
SELinux minimizes the resources that can be accessed by service processes in the system (the principle of least privilege).
Closure Description
- After the SELinux is disabled, services are not affected.
- SELinux can be disabled temporarily or permanently as required.
Scenario
To use the two-factor authentication function of HSS, you need to permanently disable the SELinux firewall.
Procedure
- Remotely log in to the destination server.
- Huawei Cloud server
- Log in to the ECS console, locate the target server, and click Remote Login in the Operation column to log in to the server. For details, see Login Using VNC.
- Non-Huawei Cloud server
Use a remote management tool (such as PuTTY or Xshell) to connect to the EIP of your server and remotely log in to your server.
- Huawei Cloud server
- Run the shutdown command in the command window.
- Temporarily disable SELinux
Run the following command in the CLI to temporarily disable SELinux:
setenforce 0
After the system is restarted, the SELinux will be enabled again.
- Permanently disable SELinux
- Run the following command in the directory window to edit the config file of SELinux:
vi /etc/selinux/config
- Locate SELINUX=enforcing, press i to enter the editing mode, and change the parameter to SELINUX=disabled.
Figure 1 Editing the SELinux status
- After the modification, press Esc and run the following command to save the file and exit:
:wq
- Run the following command in the directory window to edit the config file of SELinux:
- Temporarily disable SELinux
- Run the permanent shutdown command, save the settings, and exit. Run the following command to restart the server immediately:
shutdown -r now
The permanent shutdown command takes effect only after the server is restarted.
- After the restart, run the following command to verify that SELinux is disabled:
getenforce
Security Configurations FAQs
- How Do I Clear the SSH Login IP Address Whitelist Configured in HSS?
- What Can I Do If I Cannot Remotely Log In to a Server via SSH?
- How Do I Use 2FA?
- What Do I Do If I Cannot Enable 2FA?
- Why Can't I Receive a Verification Code After 2FA Is Enabled?
- Why Does My Login Fail After I Enable 2FA?
- How Do I Add a Mobile Phone Number or Email Address for Receiving 2FA Verification Notifications?
- If I Choose to Use Verification Code for 2FA, How Do I Get the Code?
- Will I Be Billed for Alarm Notifications and SMS?
- Why No Topics Are Available for Me to Choose When I Configure Alarm Notifications?
- Can I Disable HSS Alarm Notifications?
- How Do I Modify Alarm Notification Items?
- How Do I Disable the SELinux Firewall?
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.
more