How Do I Enable SELinux on an ECS Running HCE?
By default, SELinux is disabled on HCE. You can enable SELinux as needed.
Do not run the /etc/selinux/config command to enable SELinux. If you enable SELinux by running this command, login may fail.
Procedure
- Open the configuration file /boot/grub2/grub.cfg and delete selinux=0.
- Run the touch /.autorelabel command.
The /.autorelabel file triggers the OS to relabel all files on the disk during startup. This process may take several minutes. After the relabel operation is complete, the OS automatically restarts for the operation to take effect and deletes the /.autorelabel file to ensure that the relabel operation will not be performed again.
- Open the configuration file /etc/selinux/config, set SELINUX to permissive, and run the reboot command to restart the OS.
- Open the configuration file /etc/selinux/config, set SELINUX to enforcing, and run the reboot command to restart the OS.
- Run the getenforce command to check the SELinux status.
If Enforcing is displayed, SELinux is enabled.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
