SIMULATION -
SELinux must run in force mode.
SIMULATION -
SELinux must run in force mode.
To ensure that SELinux runs in enforce mode, you need to edit the configuration file that controls the state of SELinux on the system. The correct file to edit is /etc/selinux/config. Inside this file, you will find a line that starts with SELINUX=. Set this line to SELINUX=enforcing. This will ensure that SELinux is in enforcing mode, which means that the SELinux security policy is enforced. If SELinux was previously disabled, a system restart is required for the changes to take effect. To check the current mode of SELinux, you can use the command getenforce.
[root@station ~]# setenforce Enforcing [root@station ~]# getenforce Enforcing [root@station ~]# vi /etc/selinux/config # This file controls the state of SELinux on the system. # SELINUX= can take one of these three values: # enforcing - SELinux security policy is enforced. # permissive - SELinux prints warnings instead of enforcing. # disabled - No SELinux policy is loaded. SELINUX=enforcing
Correct path is vim /etc/selinux/config SELINUX=enforcing
Nope, its: /etc/sysconfig/selinux SELINUX=enforcing If was disabled restart is mandatory. use getenforce to check value
/etc/sysconfig/selinux is a link to /etc/selinux/config
correct path is /etc/selinux/config check the man page
sestatus can also be used to see SELinux settings: Current Mode: shows the current mode, Mode from config file: Shows what mode will be set after reboot.