Security-Enhanced Linux
If you have SELinux enabled, the strongDM gateway installation will fail. You'll need to set SELinux in permissive mode on each host before you attempt to deploy a gateway.
Disable SELinux
Security-Enhanced Linux, or SELinux, allows you to set access control through policies.
- Check the SELinux state:
$ getenforce
If the output is either Permissive or Disabled, you should be set. If the output is enforcing, continue to the next step. - There are two ways that you can disable SELinux - either by editing a config file, or by using the setenforce command
- If editing the config file, Open the
/etc/selinux/config
file (in some systems, the/etc/sysconfig/selinux
file). - Change the line
SELINUX=enforcing
toSELINUX=permissive
. - Save and close the file.
- Reboot your system
- If editing the config file, Open the
- If using the setenforce simply run the command
$ sudo setenforce 0
- After performing either of the above methods, check again using
getenforce
$ getenforcePermissive
Re-Enable SELinux
Once you've deployed a gateway, you'll want to re-enable SELinux. This is just a reverse of the disabling process..
- Check the SELinux state:
$ getenforce
If the output isEnforcing
, SELinux is already enabled. If the output is Permissive or Disabled, continue to the next step. - There are two ways that you can re-enable SELinux - either by editing a config file, or by using the
setenforce
command- If editing the config file, Open the
/etc/selinux/config
file (in some systems, the/etc/sysconfig/selinux
file). - Change the line
SELINUX=permissive
toSELINUX=enforcing
. - Save and close the file.
- Reboot your system
- If editing the config file, Open the
- If using the
setenforce
, simply run the command$ sudo setenforce 1
. - After performing either of the above methods, check again using
getenforce
$ getenforceEnforcing