The purpose of this tutorial is to cover the step by step instructions to install, enable, and disable SELinux on Ubuntu 22.04 Jammy Jellyfish.
SELinux, which stands for Security Enhanced Linux, is an extra layer of security control built for Linux systems. The original version of SELinux was developed by the NSA. The biggest contributor at this time is Red Hat.
In this tutorial you will learn:
- How to install SELinux on Ubuntu 22.04
- How to enable and disable SELinux on Ubuntu 22.04
|Category||Requirements, Conventions or Software Version Used|
|System||Ubuntu 22.04 Jammy Jellyfish|
|Other||Privileged access to your Linux system as root or via the
# – requires given linux commands to be executed with root privileges either directly as a root user or by use of
$ – requires given linux commands to be executed as a regular non-privileged user
How to disable and enable SELinux on Ubuntu 22.04 step by step instructions
We will start by installing SELinux on Ubuntu 22.04, and then showing how you can enable or disable it.
Make sure that you know what you are doing! Ubuntu offers AppArmor as an alternative to SELinux. While SELinux is available on Ubuntu, it is rather in an experimental stage and most likely will beak your system if set to
enforcingmode. In case you must use SELinux, make sure to disable AppArmor first. Also set SELinux first to
permissivemode and check your logs for potential issues before you enable
Install and enable SELinux
- The first step is to install SELinux. Start by opening a command line terminal and installing the necessary packages with the
$ sudo apt update $ sudo apt install policycoreutils selinux-utils selinux-basics
- Next, execute the following command with root permissions to enable SELinux on the system.
$ sudo selinux-activate
- Next, set SELinux to enforcing mode:
$ sudo selinux-config-enforcing
- Reboot your system. The relabelling will be triggered after you reboot your system. When finished the system will reboot one more time automatically.
- Check SELinux status with the following command to ensure that it is in
- To disable SELinux open up the
/etc/selinux/configconfiguration file and change the following line:
FROM: SELINUX=enforcing TO: SELINUX=disabled
- Reboot your system for the changes to take effect.
- Alternatively you can temporarily put SELinux into
permissivemode with the following command.
$ sudo setenforce 0
Note this change will not survive a reboot, and will flip back to
enforcinglater. To enable SELinux again just execute:
$ sudo setenforce 1
For more details you can check out our other tutorial on How to disable SELinux.
In this tutorial, we saw how to install SELinux on Ubuntu 22.04 Jammy Jellyfish Linux. We also learned how to enable and disable SELinux. Although Ubuntu comes with AppArmor, it is possible to run SELinux on Ubuntu instead, though it is only appropriate in niche scenarios.