0

I'm trying to set SELinux to enforcing on Ubuntu 20.04, and the steps I did are as follow:

  1. Install SELinux = sudo apt-get install policycoreutils selinux-utils selinux-basics -y
  2. Activate SELinux = sudo selinux-activate
  3. Edit /etc/selinux/config and set SELinux to enforcing mode: sudo selinux-config-enforcing
  4. Reboot: sudo reboot

However, upon reboot, the system doesn't seem to boot. Any reasons why? If I removed step 3, the system will boot, but SELinux will be permissive instead of enforcing. Also, I want a permanent change, so setenforce 1 isn't going to cut it.

Ubuntu failing to start services on boot

kayanon
  • 1
  • 1

1 Answers1

1

Please don't ask the same question on different SE sites. i.e. https://askubuntu.com/q/1400490

Mandatory access controls (MAC) in Ubuntu are typically implemented via AppArmor and SELinux appears mostly on RHEL and derivatives, so I'm surprised that that it can actually be installed at all on Ubuntu and not that surprised doing so causes issues.

The normal debugging approach for big SELinux issues is

  • enable SELinux in permissive mode
  • check the system logs for SELinux policy violations
  • fix the application(s) and/or policies

only then set SELinux to full enforcing.

Rob
  • 1,175
  • 1
  • 7