This file controls the state of SELinux on the system.
SELINUX=disabled
enforcing - SELinux security policy is enforced.
permissive - SELinux prints warnings instead of enforcing.
disabled - SELinux is fully disabled.
SELINUX=disabled
SELINUXTYPE= type of policy in use. Possible values are:
targeted - Only targeted network daemons are protected.
strict - Full SELinux protection.
SELINUXTYPE=targeted
SETLOCALDEFS= Check local definition changes
SETLOCALDEFS=0
Doesn't this make my server easier to attack ?
You install and look after a lot of servers, do most of them have
SELinux enabled or disabled?
If I enable SELinux is it likely to mess things up ?
Is this something that can be set in Webmin ?
Can you let me know what you think about SELinux (i.i the questions I asked last week)
Many thanks David.
SELinux is a tool that can improve security, sure. It also has the ability to interfere with shared hosting setups in some cases, so it's often left disabled.
If you choose to enable it, you'd want to spend some time testing your various apps to make sure everything is working as expected.
-Eric