Turn on/off:temporarily turn off:echo 0 >/selinux/enforceturn back on:
echo 1 >/selinux/enforceAlerting:A number of SELinux alerts are suppressed by design. Unfortunately, on occasion we need to see these alerts to troubleshoot our applications.On CentOS we can enable complete auditing by running: semodule -b /usr/share/selinux/targeted/enableaudit.ppWhen you no loner need complete auditing you should restore the system to its previous state to prevent the audit.log from filling up with unnecessary alerts: semodule -b /usr/share/selinux/targeted/base.ppSee http://danwalsh.livejournal.com/11673.html for details. |
Home > unix/linux >