How Do I Disable the SELinux Firewall?
Security-Enhanced Linux (SELinux) is a kernel module and security subsystem of Linux.
SELinux minimizes the resources that can be accessed by service processes in the system (the principle of least privilege).
Closure Description
- After the SELinux is disabled, services are not affected.
- SELinux can be disabled temporarily or permanently as required.
Scenario
To use the two-factor authentication function of HSS, you need to permanently disable the SELinux firewall.
Procedure
- Remotely log in to the destination server.
- Huawei Cloud server
- Log in to the ECS console, locate the target server, and click Remote Login in the Operation column to log in to the server. For details, see Login Using VNC.
- Non-Huawei Cloud server
Use a remote management tool (such as PuTTY or Xshell) to connect to the EIP of your server and remotely log in to your server.
- Huawei Cloud server
- Run the shutdown command in the command window.
- Temporarily disable SELinux
Run the following command in the CLI to temporarily disable SELinux:
setenforce 0
After the system is restarted, the SELinux will be enabled again.
- Permanently disable SELinux
- Run the following command in the directory window to edit the config file of SELinux:
vi /etc/selinux/config
- Locate SELINUX=enforcing, press i to enter the editing mode, and change the parameter to SELINUX=disabled.
Figure 1 Editing the SELinux status
- After the modification, press Esc and run the following command to save the file and exit:
:wq
- Run the following command in the directory window to edit the config file of SELinux:
- Temporarily disable SELinux
- Run the permanent shutdown command, save the settings, and exit. Run the following command to restart the server immediately:
shutdown -r now
The permanent shutdown command takes effect only after the server is restarted.
- After the restart, run the following command to verify that SELinux is disabled:
getenforce
Security Configurations FAQs
- How Do I Clear the SSH Login IP Address Whitelist Configured in HSS?
- What Can I Do If I Cannot Remotely Log In to a Server via SSH?
- How Do I Use 2FA?
- What Do I Do If I Cannot Enable 2FA?
- Why Can't I Receive a Verification Code After 2FA Is Enabled?
- Why Does My Login Fail After I Enable 2FA?
- How Do I Add a Mobile Phone Number or Email Address for Receiving 2FA Verification Notifications?
- If I Choose to Use Verification Code for 2FA, How Do I Get the Code?
- Will I Be Billed for Alarm Notifications and SMS?
- How Do I Modify Alarm Notification Recipients?
- Why No Topics Are Available for Me to Choose When I Configure Alarm Notifications?
- Can I Disable HSS Alarm Notifications?
- How Do I Modify Alarm Notification Items?
- How Do I Disable the SELinux Firewall?
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbotmore
