CentOS / RHEL: Disable or Enable SELinux Policy Modules

by on May 6, 2012 · 1 comment· LAST UPDATED May 6, 2012

in

How do I disable or enable SELinux policy modules under Red Hat Enterprise Linux running on Dell hardware?

You need to use the semodule command. This command is used to manage SELinux policy modules, including installing, upgrading, listing, disabling and removing modules.

Task: See currently installed modules

Type the following command as the root user:

 
semodule -l
semodule -l | more
semodule | less
 

Sample outputs:

abrt    1.2.0
accountsd       1.0.0
ada     1.4.0
afs     1.5.3
aiccu   1.0.0
aide    1.5.0
aisexec 1.0.0
amanda  1.12.0
amavis  1.10.3
amtu    1.2.0
apache  2.1.2
apcupsd 1.6.1
arpwatch        1.8.1
asterisk        1.7.1
audioentropy    1.6.0
automount       1.12.1
avahi   1.11.2
awstats 1.2.0
bind    1.10.2
bitlbee 1.2.1
bluetooth       3.2.2
....
..
..
 Output truncated
....
..
uuidd   1.0.0
varnishd        1.1.0
vdagent 1.0.0
vhostmd 1.0.0
virt    1.4.0
vmware  2.2.0
vpn     1.12.0
w3c     1.0.0
wdmd    1.0.0
webadm  1.1.0
webalizer       1.10.0
wine    1.6.1
xen     1.9.2
xfs     1.6.0
xguest  1.0.1
zabbix  1.2.0
zarafa  1.0.0
zebra   1.10.1
zosremote       1.1.0

Task: SELinux disable module

To disable existing module, type:

 
semodule -d MODULE_NAME_HERE
 

OR

 
semodule --disable=MODULE_NAME_HERE
 

To disable module called webalizer, enter:
# semodule -v -d webalizer
To verify new settings, enter:
# semodule -l | grep webalizer
Sample outputs:

RHEL / CentOS: semodule Command Manage SELinux policy

Fig.01: semodule command disabling SELinux policy module

Task: SELinux enable module

To enable existing module, type:

 
semodule -e MODULE_NAME_HERE
 

OR

 
semodule --enable=MODULE_NAME_HERE
 

To enable module called webalizer, enter:
# semodule -v -e webalizer
Sample outputs:

Attempting to enable module 'webalizer':
Ok: return value of 0.
Committing changes:
Ok: transaction number 0.
TwitterFacebookGoogle+PDF versionFound an error/typo on this page? Help us!

{ 1 comment… read it below or add one }

1 Ghazan Haider July 5, 2013 at 10:17 pm

So once the policy modules are disabled, what contexts do the files fall back to?

Reply

Leave a Comment

Tagged as: , , , , , , , , , , , , ,

Previous Faq:

Next Faq: