SELinux运行级别init防火墙iptables
Posted
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了SELinux运行级别init防火墙iptables相关的知识,希望对你有一定的参考价值。
SElinux是美国国家安全局对于强制访问控制的实现。
修改配置文件,使关闭SELinux永久生效:(重启生效)
[[email protected] ~]# cat /etc/selinux/config
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=enforcing
# SELINUXTYPE= can take one of these two values:
# targeted - Targeted processes are protected,
# mls - Multi Level Security protection.
SELINUXTYPE=targeted
[[email protected] ~]# sed -i "s#SELINUX=enforcing#SELINUX=disabled#g" /etc/selinux/config
[[email protected] ~]# cat /etc/selinux/config
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of these two values:
# targeted - Targeted processes are protected,
# mls - Multi Level Security protection.
SELINUXTYPE=targeted
[[email protected] ~]# grep =disabled /etc/selinux/config
SELINUX=disabled
临时生效:
[[email protected] ~]# getenforce
Enforcing
[[email protected] ~]# setenforce
usage: setenforce [ Enforcing | Permissive | 1 | 0 ]
[[email protected] ~]# setenforce 0
[[email protected] ~]# getenforce
Permissive
getenforce 检查selinux状态
setenforce 设置selinux状态 1 启用 0 警告,不启用
为了使重启或不重启都生效,以上两种方式都要修改
运行级别:
运行级别有7种,看各种级别:
[[email protected] ~]# tail /etc/inittab
# Default runlevel. The runlevels used are:
# 0 - halt (Do NOT set initdefault to this)
# 1 - Single user mode -->单用户模式
# 2 - Multiuser, without NFS (The same as 3, if you do not have networking)
# 3 - Full multiuser mode -->完全的多用户模式
# 4 - unused
# 5 - X11 -->切换为桌面环境,需要安装了桌面软件包
# 6 - reboot (Do NOT set initdefault to this)
#
id:3:initdefault:
查看运行级别:
[[email protected] ~]# runlevel
N 3
切换运行级别:
[[email protected] ~]# init 6 --->(重启)
关闭linux防火墙的方法:
/etc/init.d/iptables stop==service iptables stop 最好连续执行两遍
或:
[email protected] ~]# chkconfig iptables off
查看防火墙:
[[email protected] ~]# iptables -L -n
以上是关于SELinux运行级别init防火墙iptables的主要内容,如果未能解决你的问题,请参考以下文章
llinux 防火墙(selinux 防火墙firewalld netfilter (iptables))及iptables 规则备份和恢复