SElinux是美国国家安全局对于强制访问控制的实现。

修改配置文件，使关闭SELinux永久生效：（重启生效）

[root@wuyike ~]# cat /etc/selinux/config 

# This file controls the state of SELinux on the system.

# SELINUX= can take one of these three values:

#     enforcing - SELinux security policy is enforced.

#     permissive - SELinux prints warnings instead of enforcing.

#     disabled - No SELinux policy is loaded.

SELINUX=enforcing

# SELINUXTYPE= can take one of these two values:

#     targeted - Targeted processes are protected,

#     mls - Multi Level Security protection.

SELINUXTYPE=targeted 

[root@wuyike ~]# sed -i "s#SELINUX=enforcing#SELINUX=disabled#g" /etc/selinux/config 

[root@wuyike ~]# cat /etc/selinux/config 

# This file controls the state of SELinux on the system.

# SELINUX= can take one of these three values:

#     enforcing - SELinux security policy is enforced.

#     permissive - SELinux prints warnings instead of enforcing.

#     disabled - No SELinux policy is loaded.

SELINUX=disabled

# SELINUXTYPE= can take one of these two values:

#     targeted - Targeted processes are protected,

#     mls - Multi Level Security protection.

SELINUXTYPE=targeted 

[root@wuyike ~]# grep =disabled /etc/selinux/config 

SELINUX=disabled

临时生效：

[root@wuyike ~]# getenforce

Enforcing

[root@wuyike ~]# setenforce

usage:  setenforce [ Enforcing | Permissive | 1 | 0 ]

[root@wuyike ~]# setenforce 0

[root@wuyike ~]# getenforce

Permissive

getenforce 检查selinux状态

setenforce 设置selinux状态 1 启用  0 警告，不启用

为了使重启或不重启都生效，以上两种方式都要修改

运行级别：

运行级别有7种，看各种级别：

[root@wuyike ~]# tail /etc/inittab

# Default runlevel. The runlevels used are:

#   0 - halt (Do NOT set initdefault to this)

#   1 - Single user mode    -->单用户模式

#   2 - Multiuser, without NFS (The same as 3, if you do not have networking)

#   3 - Full multiuser mode    -->完全的多用户模式

#   4 - unused

#   5 - X11    -->切换为桌面环境，需要安装了桌面软件包

#   6 - reboot (Do NOT set initdefault to this)

# 

id:3:initdefault:

查看运行级别：

[root@wuyike ~]# runlevel

N 3

切换运行级别：

[root@wuyike ~]# init 6  --->（重启）

关闭linux防火墙的方法：

/etc/init.d/iptables stop==service iptables stop 最好连续执行两遍

或：

root@wuyike ~]# chkconfig iptables off

查看防火墙：

[root@wuyike ~]# iptables -L -n

SELinux、运行级别init、防火墙iptables