Linux如何(永久)关闭SElinux和firewalld防火墙

本文基于Linux上CentOS 7版本进行演示

一.关闭SElinux

1.临时关闭

2.永久关闭

二.关闭防火墙(firewalld服务)

1.查看防火墙状态

2.关闭防火墙


一.关闭SElinux

1.临时关闭

使用setenforce 0命令临时关闭SElinux

[root@sulibao ~]# setenforce 0
setenforce: SELinux is disabled

查看状态是否关闭

[root@sulibao ~]# getenforce 
Disabled

2.永久关闭

(1)修改配置文件/etc/selinux/config

[root@sulibao ~]# vim /etc/selinux/config 

(2)将文件内SELINUX=XX这行改为 SELINUX=disabled或者SELINUX=permissive,然后保存退出,重启生效


# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of three values:
#     targeted - Targeted processes are protected,
#     minimum - Modification of targeted policy. Only selected processes are protected. 
#     mls - Multi Level Security protection.
SELINUXTYPE=targeted

 (3)重启过后使用getenforce查看SElinux状态,为Disabled或permissive即可认为关闭成功

[root@sulibao ~]# getenforce 
Disabled

二.关闭防火墙(firewalld服务)

1.查看防火墙状态

systemctl status firewalld,active为running表示正在运行

[root@sulibao ~]# systemctl status firewalld
● firewalld.service - firewalld - dynamic firewall daemon
   Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled)
   Active: inactive (dead)
     Docs: man:firewalld(1)
[root@sulibao ~]# systemctl restart firewalld
[root@sulibao ~]# systemctl status firewalld
● firewalld.service - firewalld - dynamic firewall daemon
   Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled)
   Active: active (running) since Fri 2023-01-06 13:32:07 CST; 2s ago
     Docs: man:firewalld(1)
 Main PID: 28795 (firewalld)
    Tasks: 2
   CGroup: /system.slice/firewalld.service
           └─28795 /usr/bin/python2 -Es /usr/sbin/firewalld --nofork --nopid

Jan 06 13:32:06 sulibao systemd[1]: Starting firewalld - dynamic firewall daemon...
Jan 06 13:32:07 sulibao systemd[1]: Started firewalld - dynamic firewall daemon.
Jan 06 13:32:07 sulibao firewalld[28795]: WARNING: AllowZoneDrifting is enabled. This is considered an insecure configuration option. It will be removed in a ...ng it now.
Hint: Some lines were ellipsized, use -l to show in full.

2.关闭防火墙

systemctl stop firewalld    此次关闭,下次不关闭

systemctl disable firewalld     禁用,永久关闭

[root@sulibao ~]# systemctl stop firewalld
[root@sulibao ~]# systemctl disable firewalld
Removed symlink /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.

查看firewalld服务状态,active为dead,此时已经永久关闭

[root@sulibao ~]# systemctl status firewalld
● firewalld.service - firewalld - dynamic firewall daemon
   Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; vendor preset: enabled)
   Active: inactive (dead)
     Docs: man:firewalld(1)

你可能感兴趣的:(#,防火墙,WL互传,SElinux,系统,Linux,linux,运维,centos)