Saturday, February 28, 2015

Oracle Linux disable selinux

Security-Enhanced Linux (SELinux) is a Linux kernel security module that provides a mechanism for supporting access control security policies, including United States Department of Defense–style mandatory access controls (MAC). In some cases running SELinux is a good idea and should certainly be included in server builds for certain customers. However, in some cases it can also be a very big and troublesome security feature you  do not want to be active.

One of the cases where you do not want to have SELinux active is a development or research box. In this case I use the term research box for the machine you might have for yourself to play with and try new things. I do, as most people working with Oracle Linux a lot, have a large set of research boxes in a virtualized manner as well as development machines. All used for a specific task of project and when the project is done the installation is removed.

When you use a machine for this you do most likely do not want to have SELinux in place. Disabling SELinux is a small task.

SELinux is enabled via the configuration file: /etc/selinux/config to disable it simply ensure SELINUX=disabled is set in this file. This should turn of SELinux completely for your Oracle Linux installation.

As stated, SELinux is not a bad choice in secure environments, it can only be a hinder when you are testing new functionality. Understanding SELinux and using it in the right way can be a learning curve, to understand the benefits of SELinux it is good to have a look at the below video which provides an introduction.

No comments: