SELinux with Rockstor?

roweryan · October 2, 2015, 8:50pm

Any chance of seeing SELinux enabled? Big security win here.

suman · October 3, 2015, 9:28pm

I agree. Can someone try and enable SELinux manually on Rockstor and report back their results, recommendations etc…? That would help speed things up.

roweryan · October 4, 2015, 6:57pm

I will do this soon. It means editing

/etc/sysconfig/selinux

and setting

SELINUX=enforcing

then rebooting. Keep console access because if something goes wrong you want to change it back or run

setenforce 0

to troubleshoot.

duncaninnes · October 30, 2015, 4:08pm

Would you not be better sticking it in Permissive mode and checking all the AVC logging?

roweryan · October 30, 2015, 7:04pm

Not really no, you need it in enforcing mode to create a policy. Permissive mode will show avcs that would not happen in enforcing mode.

jodumont · March 13, 2018, 12:43am

what about this Security Hardening (SELinux)

By doing this, does it break the support ?