≡ Menu

CentOS / RHEL: Disable or Enable SELinux Policy Modules

How do I disable or enable SELinux policy modules under Red Hat Enterprise Linux running on Dell hardware?

You need to use the semodule command. This command is used to manage SELinux policy modules, including installing, upgrading, listing, disabling and removing modules.

Task: See currently installed modules

Type the following command as the root user:

semodule -l 
semodule -l | more
semodule | less

Sample outputs:

abrt    1.2.0   
accountsd       1.0.0   
ada     1.4.0   
afs     1.5.3   
aiccu   1.0.0   
aide    1.5.0   
aisexec 1.0.0   
amanda  1.12.0  
amavis  1.10.3  
amtu    1.2.0   
apache  2.1.2   
apcupsd 1.6.1   
arpwatch        1.8.1   
asterisk        1.7.1   
audioentropy    1.6.0   
automount       1.12.1  
avahi   1.11.2  
awstats 1.2.0   
bind    1.10.2  
bitlbee 1.2.1   
bluetooth       3.2.2   
....
..
..
 Output truncated
....
..
uuidd   1.0.0   
varnishd        1.1.0   
vdagent 1.0.0   
vhostmd 1.0.0   
virt    1.4.0   
vmware  2.2.0   
vpn     1.12.0  
w3c     1.0.0   
wdmd    1.0.0   
webadm  1.1.0   
webalizer       1.10.0  
wine    1.6.1   
xen     1.9.2   
xfs     1.6.0   
xguest  1.0.1   
zabbix  1.2.0   
zarafa  1.0.0   
zebra   1.10.1  
zosremote       1.1.0   

Task: SELinux disable module

To disable existing module, type:

semodule -d MODULE_NAME_HERE

OR

semodule --disable=MODULE_NAME_HERE

To disable module called webalizer, enter:
# semodule -v -d webalizer
To verify new settings, enter:
# semodule -l | grep webalizer
Sample outputs:

RHEL / CentOS: semodule Command Manage SELinux policy

Fig.01: semodule command disabling SELinux policy module

Task: SELinux enable module

To enable existing module, type:

semodule -e MODULE_NAME_HERE

OR

semodule --enable=MODULE_NAME_HERE

To enable module called webalizer, enter:
# semodule -v -e webalizer
Sample outputs:

Attempting to enable module 'webalizer':
Ok: return value of 0.
Committing changes:
Ok: transaction number 0.
Share this tutorial on:

Your support makes a big difference:
I have a small favor to ask. More people are reading the nixCraft. Many of you block advertising which is your right, and advertising revenues are not sufficient to cover my operating costs. So you can see why I need to ask for your help. The nixCraft, takes a lot of my time and hard work to produce. If you use nixCraft, who likes it, helps me with donations:
Become a Supporter →    Make a contribution via Paypal/Bitcoin →   

Don't Miss Any Linux and Unix Tips

Get nixCraft in your inbox. It's free:



{ 1 comment… add one }
  • Ghazan Haider July 5, 2013, 10:17 pm

    So once the policy modules are disabled, what contexts do the files fall back to?

Security: Are you a robot or human?

Leave a Comment

You can use these HTML tags and attributes: <strong> <em> <pre> <code> <a href="" title="">


   Tagged with: , , , , , , , , , , , , ,