A Linux administrator is troubleshooting a new application that is failing to start. The administrator suspects an SELinux policy is the cause. To diagnose the problem, the administrator wants to temporarily allow all actions that would normally be denied by SELinux and log these actions for later review. Which of the following commands will achieve this without requiring a system reboot?
Edit /etc/selinux/config and set SELINUX=permissive
The correct command is setenforce 0. This command switches SELinux from the default 'enforcing' mode to 'permissive' mode. In permissive mode, SELinux logs actions that would have been denied but does not actually block them. This change is temporary and does not persist across a reboot. The command setenforce 1 would switch SELinux to 'enforcing' mode, which would continue to block the actions. Editing the /etc/selinux/config file makes the change permanent but requires a system reboot to take effect. The audit2allow command is used to generate SELinux policy rules from existing audit logs; it does not change the SELinux mode.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is SELinux and why is it important?
Open an interactive chat with Bash
What is the effect of switching SELinux to permissive mode with `setenforce 0`?
Open an interactive chat with Bash
How does `audit2allow` differ from `setenforce 0`?
Open an interactive chat with Bash
CompTIA Linux+ XK0-006 (V8)
Security
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
IT & Cybersecurity Package Join Premium for Full Access