First of all, the SELinux, full name security enhanced Linux.selinux is a kernel module for the process, file and other permissions set based on.
Second, the traditional file permissions and account relationship and the policy rules to develop a program to read specific files
1. Traditional file permissions and account relationships: Autonomous access control, DAC
When a process wants to access the file, the system will compare the permissions of the file against the owner/user group of the process and, if checked, can access the file. (depending on the owner of the process and the rwx permissions of the file resource to determine whether there is access capability)
2. Read a specific file in a policy rule-making program: Delegated access control Mac, control mode: Controls whether a process can read a file resource.
How to set up please refer to books or other blogs.
Finally, how to turn off SELinux.
Why should it be closed, as
SELinux supports three modes:
1.enforcing enforcement Mode, which represents SELinux running, starts to limit Domain/type.
2.permissive tolerant mode, on behalf of SELinux is running, only warning does not actually limit domain/type.
3.disabled off mode
Command Introduction
1. View the current status of SELinux, Getenforce
2. Modify the current status of SELinux, Vim/etc/selinux/config
How to turn off SELinux