Issue SElinux is still disabled

[Dork]

Server operating system version

CentOS Linux 7.9.2009

Plesk version and microupdate number

Plesk Obsidian Version 18.0.53 Update #2

I changed the entry of /etc/selinux/config
from
SELINUX=permissive
to
SELINUX=enforcing
saved the file and restarted the server, but SELinux is still disabled.

 

[Peter Debik]

What did you do to see the status of SELinux?

 

[Dork]

What did you do to see the status of SELinux?

sestatus

 

[Peter Debik]

Have you tried to run
# setenforce 1
?

What is the output of
# sestatus
after doing that?

 

[Dork]

Have you tried to run
# setenforce 1
?

What is the output of
# sestatus
after doing that?

that doesn't work and say:
setenforce: SELinux is disabled

 

[Peter Debik]

Could you please provide the complete content of your /etc/selinux/config file? I am asking, because SELinux is straight forward to configure, and if it is set to enforcing in that file correctly, after a reboot it must work. I would not know any other way or why it does not work. You can still check your syslog if there are error messages related to SELinux, but probably something is wrong with the configuration file or with the SELinux installation in general.

 

[Dork]

Could you please provide the complete content of your /etc/selinux/config file? I am asking, because SELinux is straight forward to configure, and if it is set to enforcing in that file correctly, after a reboot it must work. I would not know any other way or why it does not work. You can still check your syslog if there are error messages related to SELinux, but probably something is wrong with the configuration file or with the SELinux installation in general.

# This file controls the state of SELinux on the system.
SELINUX=enabled
# SELINUX=permissive
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=enforcing
# SELINUXTYPE= can take one of three values:
# targeted - Targeted processes are protected,
# minimum - Modification of targeted policy. Only selected processes are protected.
# mls - Multi Level Security protection.
SELINUXTYPE=targeted

 

[Kaspar]

# This file controls the state of SELinux on the system.
SELINUX=enabled
# SELINUX=permissive
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=enforcing
# SELINUXTYPE= can take one of three values:
# targeted - Targeted processes are protected,
# minimum - Modification of targeted policy. Only selected processes are protected.
# mls - Multi Level Security protection.
SELINUXTYPE=targeted

You've got the SELINUX varible set twice in the configuration file. Remove the first one: SELINUX=enabled, save file and reboot system.

 

[Dork]

You've got the SELINUX varible set twice in the configuration file. Remove the first one: SELINUX=enabled, save file and reboot system.

OK - but in result:
SELinux status: disabled

 

[Kaspar]

That's weird. Are you running a VPS? The only other thing I can think of is that your provider is running a custom kernel that doesn't support SElinux. Contact them to find out if that's the case and if they can help you enable SElinux.

 

[Dork]

That's weird. Are running a VPS? The only other thing I can think of is that your provider is running a custom kernel that doesn't support SElinux. Contact them to find out if that's the case and if they can help you enable SElinux.

Yes - it's a VPS