Hi,
Has anyone enabled SELinux on Amazon EC2?
I tried to enable SELinux using a CentOS image, and the steps in the following post, but it didn't work!!
Amazon Web Services Developer Community : Has anyone successfully enabled SELinux ...
The steps i took:
1)I started with CentOS 5.3 base image (ami-10b55379)
2) yum install sel*
3) Everything installs correctly, however "sestatus" shows that SELinux is disabled
4) /etc/sysconfig/selinux shows enforcing mode
5) touch /.autorelabel
6) reboot
Even after reboot, "sestatus" shows that SELinux is disabled!!
Any help/suggestions in this matter is quite appreciated.
Thanks,
indra
Please provide the full output from sestatus
What is the type of your filesystem? ext3? SELinux on Fedora/Redhat/Centos depends on filesystems that support extended attributes.
Check that /selinux/disable is not set to 1. Should be 0 or empty.
Here is the output from sestatus:
-bash-3.2# sestatus
SELinux status: disabled
I am using ext3 as the filesystem. The config file shows "CONFIG_EXT3_FS_XATTR=y",
so I assume extended attributes are enabled.
/selinux/disable is empty. Output:
-bash-3.2# ls -l /selinux/
total 0
chompy
4
What happens when you run:
setenforce enforcing
-bash-3.2# setenforce enforcing
setenforce: SELinux is disabled
Back to basics then ....
Have a look at /var/log/dmesg. Do you see the following lines
Security Framework initialized
SELinux: Initializing
Have a look at /etc/sysconfig/selinux/config. Is SELINUX set to enforcing or permissive and SELINUXTYPE set to targeted?
In /var/log/boot.log, do you see a line which shows that auditd started OK?