2021-05-12 14:32:11
CentOS 7.5關閉FireWall 和SELinux圖文詳解
2020-06-16 16:42:23
1. 環境
CentOS 7.5 ,本人選擇最完整版安裝(workstation選項)
2. 關閉FireWall和SELinux
2.1 FireWall
使用systemctl status firewalld檢視防火牆的狀態,如下(預設開啟)
[linuxidc@localhost ~]$ systemctl status firewalld
// 防火牆狀態
● firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled)
Active: active (running) since 二 2018-11-13 14:40:53 CST; 11min ago
Docs: man:firewalld(1)
Main PID: 821 (firewalld)
Tasks: 2
CGroup: /system.slice/firewalld.service
└─821 /usr/bin/Python -Es /usr/sbin/firewalld --nofork --nopid
11月 13 14:40:51 localhost.localdomain systemd[1]: Starting firewalld - dyna...
11月 13 14:40:53 localhost.localdomain systemd[1]: Started firewalld - dynam...
Hint: Some lines were ellipsized, use -l to show in full.
如果你需要使用FireWall服務(正式環境下),則需要修改它的設定,因為在預設情況下,它會攔截大多數服務請求。具體可以參考設定firewalld服務的基本操作和設定。
如果由於某些原因(比如本文只是需要Linux伺服器來搭建某些服務,不想控制防火牆只開放某些埠)等而不需要FireWall服務,則可以像下面那樣停止並禁用它。
// 關閉服務
[linuxidc@localhost ~]$ systemctl stop firewalld
// 關閉開機自動開啟FireWall服務
[linuxidc@localhost ~]$ systemctl disable firewalld
Removed symlink /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed symlink /etc/systemd/system/dbus-org.Fedoraproject.FirewallD1.service.
2.2 關閉SELinux
可以用getenforce 檢視SELinux的狀態,如下(預設開啟)
[linuxidc@localhost ~]$ getenforce
//開啟狀態
Enforcing
同上,如果你想使用SELinux也可以。但是本人不想那麼麻煩,所以把SELinux也關閉了。
[linuxidc@localhost ~]$ sudo nano /etc/selinux/config
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
// 這裡改變為disabled
SELINUX=disabled
# SELINUXTYPE= can take one of three two values:
# targeted - Targeted processes are protected,
# minimum - Modification of targeted policy. Only selected processes are protected.
# mls - Multi Level Security protection.
SELINUXTYPE=targeted
// 重新啟動使設定生效
[linuxidc@localhost ~]# reboot
3. 一點錯誤
使用root許可權使用者操作
相關文章