setenforceor directly by editing SELinux configuration file.
disabled operational mode does not enforce any security rules or policies as it is simply disable and security checks are done only by traditional Discretionary Access Controls.
Permissive mode allows for testing new deployments as in effect it simply behaves like
disabled operational mode, however it logs any potentially denied access to a relevant log files thus allowing further testing and troubleshooting before the operational mode is switched to
enforcing. Lastly, in the
enforcing mode all security policy rules are enforced. To change SELinux operaitonal mode from enforcing to permissive and vice versa use
setenforce command. Check current operational mode status:
# getenforce Permissive
Toggle from permissive to enforcing:
# setenforce 1 # getenforce Enforcing
setenforce mode only accepts Boolean type 0 or 1 and is capable to change only between permissive or enforcing operation mode. To change SELinux operational mode to disabled, the SELinux
/etc/selinux/config configuration file needs to be amended by setting SELINUX directive to disabled
To allow this change to take effect system reboot is required.