I just realised that SELinux has been disabled in XenServer 7 - this really isn't acceptable, especially for a hypervisor.
As mentioned by @Tobias Kreidl said in this similar discovery: https://bugs.xenserver.org/browse/XSO-543?focusedCommentId=13450&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-13450 the whole point of XS 7 was to better align with modern standards and closer to CentOS 7, why are things as critical as SELinux being disabled?
This is 2016, not the 1990's where you can get away with disabling core security components of the Linux Kernel.
If there was something that wasn't working with SELinux enabled - fix it! SELinux is not hard these days and it's such an important part of Linux's security framework.