How To Turn off SELinux using command line

last updated in Categories ,

How do I turn off SELinux (Security-Enhanced Linux) under Linux operating systems?

SELinux is an acronym for Security-Enhanced Linux. It is a Linux kernel security feature for access control. SELinux is an implementation of a mandatory access control mechanism in the Linux kernel and was developed by NSA. Security-enhanced Linux is a reference implementation of the Flask security architecture for flexible mandatory access control. It was created to demonstrate the value of flexible mandatory access controls and how such controls could be added to an operating system. This guide shows how to turn off SELinux running on Linux operating systems.

How To Turn off SELinux

Open a command-line terminal (select Applications > Accessories > Terminal), and then type the following command. Alternatively, you can login using ssh to remote system and type the same command. You must be root to type the following command:
# echo 0 >/selinux/enforce
You can also use the setenforce command to effectively disable it, enter:
# setenforce Permissive
# setenforce 0
The above commands will switch off SELinux enforcement temporarily until the Linux box is rebooted.
Ho to turn off SELinux

To Turn off SELinux security features

If you would like to make it permanently, edit the /etc/sysconfig/selinux or /etc/selinux/config file, enter:
# vi /etc/sysconfig/selinux
And set / update it as follows:
Save and close the file. The above will only work in CentOS, Fedora and RedHat Enterprise Linux systems. For all other Linux distros edit your boot loader config file (LILO or GRUB boot loader config file such as /boot/grub/grub.conf). Find the kernel line, append enforcing=0 at the end:

title Red Hat Enterprise Linux Server (2.6.18-194.26.1.el5)
        root (hd0,0)
        kernel /vmlinuz-2.6.18-194.26.1.el5 ro root=LABEL=/ console=tty0 console=ttyS1,19200n8 <span style='color: rgb(255, 0, 0);'>enforcing=0</span>
        initrd /initrd-2.6.18-194.26.1.el5.img

Reboot the Linux server

Finally, reboot the system:
# reboot
Verify that SELinux has been disabled in your system by typing the following two commands:
$ sestatus
$ getenforce



I hope you learned how to turn off SELinux using command line options. For more info see:


Posted by: Vivek Gite

The author is the creator of nixCraft and a seasoned sysadmin, DevOps engineer, and a trainer for the Linux operating system/Unix shell scripting. Get the latest tutorials on SysAdmin, Linux/Unix and open source topics via RSS/XML feed or weekly email newsletter.

Start the discussion at

Historical Comment Archive

8 comment

  1. Your intro has a typo, you put of instead of off.

    How do I turn of SELinux (Security-Enhanced Linux) under Linux operating systems?

    Great website, keep it up.

  2. Is it possible to disable selinux for specific filesystem or directory ? And rest of system will use selinux in enforncing mode.

  3. Have same problem but SELinux is not even installed, Any other ideas to solve this problem?

  4. Thanx! This was *really* helpful post. I had toggled some SELinux boolean values to try to get my CGI scripts working in Apache, and accidentally toggled “secure_mode_policyload” to true. This was a bad mistake, as it meant I had locked-down the machine (I had used the GUI in Gnome).. and of course any attempt to reset it back to zero, was no longer possible. This meant my Linux box was locked down, with no way for even root to change SELinux from “Enforcing” mode! Trying to set policy values gives weird error messages. I had to use Grub editor at boot time, to assert the “enforcing=0” parameter to vmlinuz (kernel startup). Dumb error on my part, but it took a lot of google-searching before I found this post. Using Grub, I put “enforcing=0” on the vmlinuz cmd line (boot parameters), and managed to recover control of my own machine. IMHO, SELinux is toxic, but given nature of modern security breaches, looks like we have to use it. But I still cannot get my CGI scripts to run in Apache, unless I set SELinux to “permissive”, so this saga is not over yet. Thanx for posting this info.

    Still, have a question? Get help on our forum!