Page 1 of 1

SELinux not working by default (from the start)

Posted: 2019/03/29 14:24:48
by dst4
I have not been working with Linux / Centos for a while and I am not sure why SELinux is not working on a system that I have (the newest Centos 7, 64-bit).

1) I have the needed symlink and the config is set to Enforcing / Targeted.

2) The contents of /proc/cmdline are "root=/dev/sda2 ro" (just this and nothing else, one line).

As far as I've been reading the forum and other sites these are the two aspects that I should check.

I am not sure what other steps I could take and why it does not work.

Thanks.

Re: SELinux not working by default (from the start)

Posted: 2019/03/29 14:34:36
by TrevorH
Show the output from ls -la /etc/sysconfig/selinux /etc/selinux/config and also from getenforce and uname -a

Re: SELinux not working by default (from the start)

Posted: 2019/03/29 15:01:28
by dst4
http://prntscr.com/n4p3zd

http://prntscr.com/n4p4sa

Also (and thanks a lot for the info), as a secondary thing "yum install firewalld" - "No package firewalld available"

Re: SELinux not working by default (from the start)

Posted: 2019/03/29 15:13:13
by stevemowbray
That is not a CentOS kernel so you'll have to ask whoever you got it from.

Re: SELinux not working by default (from the start)

Posted: 2019/03/29 15:22:55
by dst4
cat /etc/centos-release shows:

CentOS release 6.10 (Final)

Re: SELinux not working by default (from the start)

Posted: 2019/03/29 15:33:23
by TrevorH
That's an OVH kernel I think and they do not build them with selinux support. It might have grsecurity (or not) but since it's not our kernel we cannot support it. I believe OVH have or used to have, a document telling how to install a standard CentOS kernel.

It's not a CentOS kernel and you'll need to ask OVH for support (or whoever your hoster is).

Oh, and firewalld is CentOS 7 not 6. On 6 it's just plain iptables. Moved to the CentOS 6 equivalent forum.