1, Preparations

1.1 server preparation

Operating system: centos 7.x

1.2. Install the text editing tool nano

# yum -y install nano

2, Turn off SELinux

2.1. View SELinux status

2.1.1. First method: view SELinux status

# /usr/sbin/sestatus

SELinux status:                 enabled
SELinuxfs mount:                /sys/fs/selinux
SELinux root directory:         /etc/selinux
Loaded policy name:             targeted
Current mode:                   enforcing
Mode from config file:          enforcing
Policy MLS status:              enabled
Policy deny_unknown status:     allowed
Max kernel policy version:      31

2.1.2. Second method: view SELinux status

# getenforce

Enforcing

2.2. Temporarily shut down SELinux

# setenforce 0

2.2.1. The first method to view SELinux status after temporary shutdown

# /usr/sbin/sestatus

SELinux status:                 enabled
SELinuxfs mount:                /sys/fs/selinux
SELinux root directory:         /etc/selinux
Loaded policy name:             targeted
Current mode:                   permissive    //Notice this is permission
Mode from config file:          enforcing
Policy MLS status:              enabled
Policy deny_unknown status:     allowed
Max kernel policy version:      31

2.2.2. The second method to view SELinux status after temporary shutdown

# getenforce

Permissive

2.2.3. SELinux can be opened again after temporary shutdown

# setenforce 1

2.3. Permanently shut down SELinux

2.3.1 modify the configuration file / etc/sysconfig/selinux

# nano /etc/sysconfig/selinux

SELinux = forcing changed to selinux=disabled

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
# Do you want to change it to disabled
SELINUX=disabled   
# SELINUXTYPE= can take one of three values:
#     targeted - Targeted processes are protected,
#     minimum - Modification of targeted policy. Only selected processes are protected.
#     mls - Multi Level Security protection.
SELINUXTYPE=targeted

2.3.2 new configuration takes effect after restart

# reboot

2.3.3. The first method to view SELinux status after temporary shutdown

# /usr/sbin/sestatus

SELinux status:                 disabled

2.3.4. The second method to view SELinux status after temporary shutdown

# getenforce

Disabled

3, Turn off firewall

3.1. View firewall status

# systemctl status firewalld

When the firewall is on, it is shown as follows

● firewalld.service - firewalld - dynamic firewall daemon
   Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled)
//This line is the remark I added ↓↓ note the active (running) here 
   Active: active (running) since Wed 2020-01-01 17:05:47 CST; 9s ago
     Docs: man:firewalld(1)
 Main PID: 6787 (firewalld)
   CGroup: /system.slice/firewalld.service
           └─6787 /usr/bin/python2 -Es /usr/sbin/firewalld --nofork --nopid

Jan 01 17:05:47 iZuf65lq1u9ra1ohnf5kebZ systemd[1]: Starting firewalld - dynamic firewall daemon...
Jan 01 17:05:47 iZuf65lq1u9ra1ohnf5kebZ systemd[1]: Started firewalld - dynamic firewall daemon.

3.2 turn off the firewall

# systemctl stop firewalld

3.3. View status after closing

# systemctl status firewalld

● firewalld.service - firewalld - dynamic firewall daemon
   Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled)
   Active: inactive (dead)
     Docs: man:firewalld(1)

Jan 01 17:05:47 iZuf65lq1u9ra1ohnf5kebZ systemd[1]: Starting firewalld - dynamic firewall daemon...
Jan 01 17:05:47 iZuf65lq1u9ra1ohnf5kebZ systemd[1]: Started firewalld - dynamic firewall daemon.
Jan 01 17:11:58 iZuf65lq1u9ra1ohnf5kebZ systemd[1]: Stopping firewalld - dynamic firewall daemon...
Jan 01 17:11:58 iZuf65lq1u9ra1ohnf5kebZ systemd[1]: Stopped firewalld - dynamic firewall daemon.

3.4. Turn off the firewall and start up automatically

# systemctl disable firewalld.service

3.5 turn off the firewall and check the firewall status after startup

# systemctl status firewalld

● firewalld.service - firewalld - dynamic firewall daemon
   Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; vendor preset: enabled)
   Active: inactive (dead)
     Docs: man:firewalld(1)

Jan 01 17:05:47 iZuf65lq1u9ra1ohnf5kebZ systemd[1]: Starting firewalld - dynamic firewall daemon...
Jan 01 17:05:47 iZuf65lq1u9ra1ohnf5kebZ systemd[1]: Started firewalld - dynamic firewall daemon.
Jan 01 17:11:58 iZuf65lq1u9ra1ohnf5kebZ systemd[1]: Stopping firewalld - dynamic firewall daemon...
Jan 01 17:11:58 iZuf65lq1u9ra1ohnf5kebZ systemd[1]: Stopped firewalld - dynamic firewall daemon.