Score:0

Ubuntu 20.04 doesn't boot after setting SELinux enforcing

pe flag

I'm trying to set SELinux to enforcing on Ubuntu 20.04, and the steps I did are as follow:

  1. Install SELinux = sudo apt-get install policycoreutils selinux-utils selinux-basics -y
  2. Activate SELinux = sudo selinux-activate
  3. Edit /etc/selinux/config and set SELinux to enforcing mode: sudo selinux-config-enforcing
  4. Reboot: sudo reboot

However, upon reboot, the system doesn't seem to boot. Any reasons why? If I removed step 3, the system will boot, but SELinux will be permissive instead of enforcing. Also, I want a permanent change, so setenforce 1 isn't going to cut it.

Ubuntu failing to start services on boot

Score:1
us flag
Rob

Please don't ask the same question on different SE sites. i.e. https://askubuntu.com/q/1400490

Mandatory access controls (MAC) in Ubuntu are typically implemented via AppArmor and SELinux appears mostly on RHEL and derivatives, so I'm surprised that that it can actually be installed at all on Ubuntu and not that surprised doing so causes issues.

The normal debugging approach for big SELinux issues is

  • enable SELinux in permissive mode
  • check the system logs for SELinux policy violations
  • fix the application(s) and/or policies

only then set SELinux to full enforcing.

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.