SELinux is incredibly valuable as part of an overall Linux system security strategy. To sucessfully provision CentOS on our platform, we have disabled SELinux as shown with the
[[email protected] ~]# sestatus SELinux status: disabled
Should your particular CentOS deployment require SELinux, you can easily enable it, as shown here:
yum install selinux-policy selinux-policy-targeted
Once policy is installed, you will want to simply create a file in the
.autorelabel. To activate SELinux you must reboot the device.
shutdown -r now
Upon reaccessing the device, verify that SElinux is infact enable by running
sestatus and you will see an output similar to the following:
[[email protected] /]# sestatus SELinux status: enabled SELinuxfs mount: /sys/fs/selinux SELinux root directory: /etc/selinux Loaded policy name: targeted Current mode: enforcing Mode from config file: enforcing Policy MLS status: enabled Policy deny_unknown status: allowed Max kernel policy version: 31 [[email protected] /]#
NOTE: Should you need to reinstall the OS via our server reinstall feature, you MUST disable SELinux otherwise, the device will fail to reinstall.
To disable simply edit file
disabled and reboot the device. Upon reaccessing the device, you can then proceed with the server reinstall feature.
Was it helpful?