Which command is used to set SELinux to enforcing mode without rebooting the system?

Setting SELinux to enforcing mode without rebooting the system can be accomplished through the command setenforce 1. This command dynamically changes the SELinux mode to "enforcing," which means that SELinux enforcement rules will be applied to processes and files on the system. In enforcing mode, any violations of SELinux policies will be blocked and logged, enhancing the security posture of the system.

This command is especially useful for administrators who want to implement stricter security without requiring a system restart, which could lead to downtime.

The alternative options provided do not accomplish this task in the same way. For instance, setenforce 0 puts SELinux in permissive mode, allowing violations but logging them instead of enforcing the rules. The command echo 1 > /selinux/enforce is not valid for setting the enforcing mode and would likely result in an error if issued. The enforce --enable command does not exist in standard SELinux command options and is not recognized by SELinux utilities. Thus, setenforce 1 is the correct and effective command for this action.