Why you should set SELinux to Permissive mode rather than disabled

Updated -

When SELinux is disabled, SELinux policy is not loaded on the system, SELinux does not enforce any rules, and SELinux does not log Access Vector Cache (AVC) messages. As a result, SELinux does not constrain your system, but also does not protect the system, and you cannot inspect the logs to learn about potential problems.

Red Hat strongly recommends using Permissive mode instead of dis...

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In