CentOS / RHEL: Disable or Enable SELinux Policy Modules

How do I disable or enable SELinux policy modules under Red Hat Enterprise Linux running on Dell hardware?

You need to use the semodule command. This command is used to manage SELinux policy modules, including installing, upgrading, listing, disabling and removing modules.

ADVERTISEMENTS

Task: See currently installed modules

Type the following command as the root user:

semodule -l 
semodule -l | more
semodule | less

Sample outputs:

abrt    1.2.0   
accountsd       1.0.0   
ada     1.4.0   
afs     1.5.3   
aiccu   1.0.0   
aide    1.5.0   
aisexec 1.0.0   
amanda  1.12.0  
amavis  1.10.3  
amtu    1.2.0   
apache  2.1.2   
apcupsd 1.6.1   
arpwatch        1.8.1   
asterisk        1.7.1   
audioentropy    1.6.0   
automount       1.12.1  
avahi   1.11.2  
awstats 1.2.0   
bind    1.10.2  
bitlbee 1.2.1   
bluetooth       3.2.2   
....
..
..
 Output truncated
....
..
uuidd   1.0.0   
varnishd        1.1.0   
vdagent 1.0.0   
vhostmd 1.0.0   
virt    1.4.0   
vmware  2.2.0   
vpn     1.12.0  
w3c     1.0.0   
wdmd    1.0.0   
webadm  1.1.0   
webalizer       1.10.0  
wine    1.6.1   
xen     1.9.2   
xfs     1.6.0   
xguest  1.0.1   
zabbix  1.2.0   
zarafa  1.0.0   
zebra   1.10.1  
zosremote       1.1.0   

Task: SELinux disable module

To disable existing module, type:

semodule -d MODULE_NAME_HERE

OR

semodule --disable=MODULE_NAME_HERE

To disable module called webalizer, enter:
# semodule -v -d webalizer
To verify new settings, enter:
# semodule -l | grep webalizer
Sample outputs:

RHEL / CentOS: semodule Command Manage SELinux policy

Fig.01: semodule command disabling SELinux policy module

Task: SELinux enable module

To enable existing module, type:

semodule -e MODULE_NAME_HERE

OR

semodule --enable=MODULE_NAME_HERE

To enable module called webalizer, enter:
# semodule -v -e webalizer
Sample outputs:

Attempting to enable module 'webalizer':
Ok: return value of 0.
Committing changes:
Ok: transaction number 0.
🐧 Get the latest tutorials on SysAdmin, Linux/Unix, Open Source/DevOps topics:
CategoryList of Unix and Linux commands
File Managementcat
FirewallAlpine Awall CentOS 8 OpenSUSE RHEL 8 Ubuntu 16.04 Ubuntu 18.04 Ubuntu 20.04
Network Utilitiesdig host ip nmap
OpenVPNCentOS 7 CentOS 8 Debian 10 Debian 8/9 Ubuntu 18.04 Ubuntu 20.04
Package Managerapk apt
Processes Managementbg chroot cron disown fg jobs killall kill pidof pstree pwdx time
Searchinggrep whereis which
User Informationgroups id lastcomm last lid/libuser-lid logname members users whoami who w
WireGuard VPNCentOS 8 Debian 10 Firewall Ubuntu 20.04

ADVERTISEMENTS
1 comment… add one
  • Ghazan Haider Jul 5, 2013 @ 22:17

    So once the policy modules are disabled, what contexts do the files fall back to?

Leave a Reply

Your email address will not be published.

Use HTML <pre>...</pre>, <code>...</code> and <kbd>...</kbd> for code samples.