regarding to selinux and according to some Hadoop recommendation selinux must be disabled
about selinux – more info in https://www.ibm.com/support/knowledgecenter/STXKQY_BDA_SHR/bl1bda_selinux.htm
we have two options
- login to machine and set selinux
setenforce 0. Or - login to machine and edit
/etc/selinux/configby set SELINUX todisabled
so is there any difference bitten disable SELinux on CentOS 7 temporarily, as setenforce 0, to edit /etc/selinux/config file and set the SELINUX to disabled ?
from documentation we can see "If you are using Hortonworks Data Platform (HDP) in any IBM Spectrum scale release, SELinux must be disabled."
so maybe we should not take a risks and set the selinux to disable and restart the machine , ?
note I assume that set the selinux to disable require machine restart ?
Best Answer
setenforce 0will only temporarily disable SELinux. The next time you reboot the server, selinux will be back on.When you edit
/etc/selinux/config, that makes the change persistent across reboots.Generally speaking, if at all possible, you should keep SELinux turned on.
setenforce 0allows you to troubleshoot issues with the goal of turning it back on (withsetenforce 1).But there are indeed some vendors out there who unfortunately insist on disabling it completely. I personally try to avoid such vendors.