How to disable/enable SELinux on Ubuntu 22.04 Jammy Jellyfish Linux

The purpose of this tutorial is to cover the step by step instructions to install, enable, and disable SELinux on Ubuntu 22.04 Jammy Jellyfish.

WHAT IS SELINUX?
SELinux, which stands for Security Enhanced Linux, is an extra layer of security control built for Linux systems. The original version of SELinux was developed by the NSA. The biggest contributor at this time is Red Hat.

In this tutorial you will learn:

  • How to install SELinux on Ubuntu 22.04
  • How to enable and disable SELinux on Ubuntu 22.04
Enabled SELinux on Ubuntu 22.04 Jammy Jellyfish Linux
Enabled SELinux on Ubuntu 22.04 Jammy Jellyfish Linux
Software Requirements and Linux Command Line Conventions
Category Requirements, Conventions or Software Version Used
System Ubuntu 22.04 Jammy Jellyfish
Software SELinux
Other Privileged access to your Linux system as root or via the sudo command.
Conventions # – requires given linux commands to be executed with root privileges either directly as a root user or by use of sudo command
$ – requires given linux commands to be executed as a regular non-privileged user

How to disable and enable SELinux on Ubuntu 22.04 step by step instructions



Twitter icon Follow LinuxConfig.org on Twitter for the latest tips and tricks about Linux!


We will start by installing SELinux on Ubuntu 22.04, and then showing how you can enable or disable it.

WARNING
Make sure that you know what you are doing! Ubuntu offers AppArmor as an alternative to SELinux. While SELinux is available on Ubuntu, it is rather in an experimental stage and most likely will beak your system if set to enforcing mode. In case you must use SELinux, make sure to disable AppArmor first. Also set SELinux first to permissive mode and check your logs for potential issues before you enable enforcing mode.

Install and enable SELinux

  1. The first step is to install SELinux. Start by opening a command line terminal and installing the necessary packages with the apt commands below.
    $ sudo apt update
    $ sudo apt install policycoreutils selinux-utils selinux-basics
    
  2. Next, execute the following command with root permissions to enable SELinux on the system.
    $ sudo selinux-activate
    
  3. Next, set SELinux to enforcing mode:
    $ sudo selinux-config-enforcing
    
    Activate SELinux and set to Enforcing mode
    Activate SELinux and set to Enforcing mode
  4. Reboot your system. The relabelling will be triggered after you reboot your system. When finished the system will reboot one more time automatically.
    $ reboot
    




    SELinux Relabelling on Ubuntu 22.04
    SELinux Relabelling on Ubuntu 22.04

  5. Check SELinux status with the following command to ensure that it is in enforcing mode.
    $ sestatus
    

Disable SELinux

  1. To disable SELinux open up the /etc/selinux/config configuration file and change the following line:
    FROM:
    SELINUX=enforcing
    TO:
    SELINUX=disabled
    
  2. Reboot your system for the changes to take effect.
    $ reboot
    
  3. Alternatively you can temporarily put SELinux into permissive mode with the following command.
    $ sudo setenforce 0
    

    Note this change will not survive a reboot, and will flip back to enforcing later. To enable SELinux again just execute:

    $ sudo setenforce 1
    

For more details you can check out our other tutorial on How to disable SELinux.

Closing Thoughts




In this tutorial, we saw how to install SELinux on Ubuntu 22.04 Jammy Jellyfish Linux. We also learned how to enable and disable SELinux. Although Ubuntu comes with AppArmor, it is possible to run SELinux on Ubuntu instead, though it is only appropriate in niche scenarios.