You can change the SELinux attribute in your environment
file to modify the SELinux state on the node systems to which you
deploy a topology.
About this task
The following information provides details about supported
options.
Table 1. Summary of support details
| Support options |
Details |
| Supported hypervisor types? |
All |
| Support for post-deployment customization? |
Yes |
| Supported topologies? |
All |
Complete the following steps to customize your environment.
Procedure
- Update the following attributes in your environment file.
The attributes are located in the override_attributes section
of the environment file for the Minimal topology
and in the default_attributes section for other topologies.
- selinux.state
- The default value for this attribute
is nothing. With the default value, the SELinux
state is unchanged for the node systems in your topology. If you have
SELinux enabled on each node system, you can set this attribute to permissive or enforcing to
change your SELinux status on that system. For more information about
SELinux, see the SELinux Project Wiki.
Warning: Since enabling or disabling SELinux requires a system
restart, this attribute cannot be used to enable or disable SELinux
during deployment. If your node system has disabled SELinux, and you
want to use this attribute to change the SELinux status (permissive or enforcing),
you need to first enable SELinux manually before deployment. Otherwise,
the deployment procedure fails. If your node system has enabled SELinux,
and you want to disable it, you must disable SELinux manually before
deployment, and leave this attribute as the default value (nothing).
- When complete, return to the relevant topology
deployment or update process and complete the remaining steps.