Setting SELinux Mode

Security-Enhanced Linux (SELinux) allows you to set access control through policies. If you are having trouble deploying Runtime or CDH with your policies, set SELinux in permissive mode on each host before you deploy Runtime or CDH on your cluster.

  1. Check the SELinux state:
    getenforce
  2. If the output is either Permissive or Disabled, you can skip this task and continue to Disabling the Firewall to disable the firewall on each host in your cluster. If the output is enforcing, continue to the next step.
  3. Open the /etc/selinux/config file (in some systems, the /etc/sysconfig/selinux file).
  4. Change the line SELINUX=enforcing to SELINUX=permissive.
  5. Save and close the file.
  6. Restart your system or run the following command to disable SELinux immediately:
    setenforce 0
    After you have installed and deployed Runtime or CDH, you can re-enable SELinux by changing SELINUX=permissive back to SELINUX=enforcing in /etc/selinux/config (or /etc/sysconfig/selinux), and then running the following command to immediately switch to enforcing mode:
    setenforce 1

    If you are having trouble getting Cloudera Software working with SELinux, contact your OS vendor for support. Cloudera is not responsible for developing or supporting SELinux policies.