SELinux with Rockstor?

Any chance of seeing SELinux enabled? Big security win here.

I agree. Can someone try and enable SELinux manually on Rockstor and report back their results, recommendations etc…? That would help speed things up.

I will do this soon. It means editing


and setting


then rebooting. Keep console access because if something goes wrong you want to change it back or run

setenforce 0

to troubleshoot.

1 Like

Would you not be better sticking it in Permissive mode and checking all the AVC logging?

1 Like

Not really no, you need it in enforcing mode to create a policy. Permissive mode will show avcs that would not happen in enforcing mode.

what about this Security Hardening (SELinux)

By doing this, does it break the support ?