Anyone here know much about selinux?
All I know is that when I used to provision Oracle Linux VM’s (in an Oracle VM for x86 cluster) - I used to set it to disabled… and SELINUXTYPE=minimum… That was on OEL 5 and 6 (basically RHEL 5 and 6, whether RHEL kernel or UEK kernel).
Now I’ve noticed on OEL 7 (pretty much RHEL 7), if you want “minimum” you have to install an RPM to support it - and if you don’t - you can’t reconnect (or even login via console) - you have reboot and go to the console and append grub kernel load option “selinux=0”… You’d a thunk someone’d be “kind” enough to mention this as a comment in /etc/selinux/config, but no… PITA
And I barely know what it’s even for… some kinda application level firewall / ACL doohicky? I guess I should know, but in most cases, and also colleagues confirm this, we just disable/minimalise it so it doesn’t get in the way of getting work done
It’s actually pretty unobtrusive on Debian/Ubuntu (I’ve NEVER had to tweak it on DEB distros), but seems a bit “in your face” on RPM distros…