臨時關閉
[root@localhost ~]# setenforce 0

臨時開啟
[root@localhost ~]# setenforce 1
Enforcing //開啟狀態
Permissive //關閉狀態

永久關閉
[root@localhost ~]# vim /etc/selinux/config
將SELINUX的值設置為disabled

查看狀態
[root@localhost ~]# getenforce

查看所有設置項
[root@localhost ~]# getsebool -a

查找特定內容,比如zabbix
[root@localhost ~]# getsebool -a|grep zabbix
httpd_can_connect_zabbix --> off
zabbix_can_network --> off

放開防火墻限制
[root@localhost ~]# setsebool -P httpd_can_connect_zabbix on
[root@localhost ~]# setsebool -P zabbix_can_network on
[root@localhost ~]# setsebool -P httpd_can_network_connect on

再次查看
[root@localhost ~]# getsebool -a|grep zabbix
httpd_can_connect_zabbix --> on
zabbix_can_network --> on

查看/home/目錄selinux信息
[root@localhost ~]# ls -Zd /home/
drwxr-xr-x. root root system_u:object_r:home_root_t:s0 /home/

改安全標簽
[root@localhost ~]# chcon -u system_u -t httpd_sys_content_t /home/

如果不知道屬于哪個標簽，查看selinux日志
[root@localhost ~]# tail -f /var/log/audit/audit.log

生成semodule
[root@localhost ~]# cat /var/log/audit/audit.log | grep zabbix_server | grep denied | audit2allow -M zabbix-server_setrlimit
******************** IMPORTANT ***********************
To make this policy package active, execute:

semodule -i zabbix-server_setrlimit.pp

導入semodule
[root@localhost ~]# semodule -i zabbix-server_setrlimit.pp
查看semodule
[root@localhost ~]# semodule -l