Toggling SELinux modes (Permanently) [reboot require]

          SELinux mode can be set permanently using either of below methods :
          1. editing /etc/selinux/config file
          2. editing kernel boot options


          Step 5: Editing /etc/selinux/config file
          to set SELinux to permissive, set the below line in the file /etc/selinux/config to :



          [root@sun ~] vi /etc/selinux/config
          ....
          SELINUX=permissive
          ...
          Similarly the mode can be set to enforcing/disable by setting the mode in the same line.


          Step 6:  editing kernel boot options

          Edit the kernel boot line and append enforcing=0 to the kernel boot options. For example:


          title Red Hat Enterprise Linux AS (2.6.9-42.ELsmp)
          root (hd0,0)
          kernel /vmlinuz-2.6.9-42.ELsmp ro root=LABEL=/ rhgb quiet enforcing=0
          initrd /initrd-2.6.9-42.ELsmp.img
          Reboot the server.


          [root@sun ~] # shutdown -r now
          Forcing reboot on changing mode
          We can force a reboot on changing the selinux mode :
          [root@sun ~] # setsebool secure_mode_policyload on























                                                       S. Pradhan
                             (MCA, MBA-IT, BCA, CCNA, MCSA 2012, RHCE, ETHICAL HACKING)
                                             Email Id:-spradhan.iiht@gmail.com
                                                           92