Uploaded image for project: 'XenServer Org'
  1. XenServer Org
  2. XSO-546

SELinux has been disabled in XenServer 7

    Details

    • Type: Bug
    • Status: Wishlist (View Workflow)
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: 7.0, 7.1, 7.3, 7.4, 7.5, 7.6
    • Fix Version/s: None
    • Component/s: other
    • Environment:

      XenServer release 7.0.0-125380c (xenenterprise)

      Description

      I just realised that SELinux has been disabled in XenServer 7 - this really isn't acceptable, especially for a hypervisor.

      As mentioned by @Tobias Kreidl said in this similar discovery: https://bugs.xenserver.org/browse/XSO-543?focusedCommentId=13450&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-13450 the whole point of XS 7 was to better align with modern standards and closer to CentOS 7, why are things as critical as SELinux being disabled?

      This is 2016, not the 1990's where you can get away with disabling core security components of the Linux Kernel.

      If there was something that wasn't working with SELinux enabled - fix it! SELinux is not hard these days and it's such an important part of Linux's security framework.

      1. Read this: http://stopdisablingselinux.com
      2. Then watch this: https://www.youtube.com/watch?v=MxjenQ31b70
      3. Then go enable SELinux.

        Attachments

          Activity

            People

            • Assignee:
              enzo enzo raso
              Reporter:
              s_mcleod Sam McLeod
            • Votes:
              2 Vote for this issue
              Watchers:
              7 Start watching this issue

              Dates

              • Created:
                Updated: