It would enhance server security if SEL were configured. Currently, it is disabled, and as found in #241, enabling it breaks the webserver.
SEL is toggled at the kernel commandline; the options are selinux=1 for "enabled" and selinux=0 for "disabled".
Enforcement is enabled with enforcing=1 or disabled with enforcing=0.
These are set and removed by calling grubby: grubby --update-kernel=ALL --args="selinux=1" / grubby --update-kernel=ALL --remove-args="selinux=0".
You can see what your current options are with grubby --info=ALL | grep args, and you can see what you're currently running with cat /proc/cmdline.
It would enhance server security if SEL were configured. Currently, it is disabled, and as found in #241, enabling it breaks the webserver.
SEL is toggled at the kernel commandline; the options are
selinux=1for "enabled" andselinux=0for "disabled".Enforcement is enabled with
enforcing=1or disabled withenforcing=0.These are set and removed by calling
grubby:grubby --update-kernel=ALL --args="selinux=1"/grubby --update-kernel=ALL --remove-args="selinux=0".You can see what your current options are with
grubby --info=ALL | grep args, and you can see what you're currently running withcat /proc/cmdline.