anyone running SELinux on amazon EC2?

Thread Tools Search this Thread
Special Forums UNIX and Linux Applications Virtualization and Cloud Computing anyone running SELinux on amazon EC2?
# 1  
Old 08-18-2009
Question anyone running SELinux on amazon EC2?

Has anyone enabled SELinux on Amazon EC2?
I tried to enable SELinux using a CentOS image, and the steps in the following post, but it didn't work!!
Amazon Web Services Developer Community : Has anyone successfully enabled SELinux ...

The steps i took:
1)I started with CentOS 5.3 base image (ami-10b55379)
2) yum install sel*
3) Everything installs correctly, however "sestatus" shows that SELinux is disabled
4) /etc/sysconfig/selinux shows enforcing mode
5) touch /.autorelabel
6) reboot

Even after reboot, "sestatus" shows that SELinux is disabled!!

Any help/suggestions in this matter is quite appreciated.


Last edited by vbe; 08-19-2009 at 11:06 AM.. Reason: rm tags for rule compliance
# 2  
Old 08-19-2009
Please provide the full output from sestatus

What is the type of your filesystem? ext3? SELinux on Fedora/Redhat/Centos depends on filesystems that support extended attributes.

Check that /selinux/disable is not set to 1. Should be 0 or empty.
# 3  
Old 08-19-2009
Here is the output from sestatus:
-bash-3.2# sestatus
SELinux status: disabled

I am using ext3 as the filesystem. The config file shows "CONFIG_EXT3_FS_XATTR=y",
so I assume extended attributes are enabled.

/selinux/disable is empty. Output:

-bash-3.2# ls -l /selinux/
total 0
# 4  
Old 08-19-2009
What happens when you run:
setenforce enforcing

# 5  
Old 08-19-2009
-bash-3.2# setenforce enforcing
setenforce: SELinux is disabled
# 6  
Old 08-21-2009
Back to basics then ....

Have a look at /var/log/dmesg. Do you see the following lines
Security Framework initialized
SELinux: Initializing

Have a look at /etc/sysconfig/selinux/config. Is SELINUX set to enforcing or permissive and SELINUXTYPE set to targeted?

In /var/log/boot.log, do you see a line which shows that auditd started OK?
Login or Register to Ask a Question

Previous Thread | Next Thread

4 More Discussions You Might Find Interesting

1. UNIX and Linux Applications

A little help with seLinux

Situation: installed on Centos6.4 this samba4 package samba4-4.0.1-4.centos6.1.x86_64(wich had the path /usr/share/samba4 /var/lock/samba4,etc) I use selinux so i put in context /var/lock/samba4 -d system_u:object_r:samba_var_t:s0 /var/lock/samba4/.* -- ... (3 Replies)
Discussion started by: Linusolaradm1
3 Replies

2. Virtualization and Cloud Computing

Securing code in Amazon EC2

Hi All, I am facing a problem, regarding code security on EC2. We have created an AMI which contains our code in it, and need to bind the code to the AMI so that no one can take the code out of the AMI. Are there some ways to achieve this ??? (2 Replies)
Discussion started by: akshay61286
2 Replies

3. Virtualization and Cloud Computing

CEP as a Service (CEPaaS) with MapReduce on Amazon EC2 and Amazon S3

Tim Bass 11-25-2008 01:02 PM Just as I was starting to worry that complex event processing community has been captured by RDBMS pirates off the coast of Somalia, I rediscovered a new core blackboard architecture component, Hadoop. Hadoop is a framework for building applications on large... (0 Replies)
Discussion started by: Linux Bot
0 Replies

4. Virtualization and Cloud Computing

Running MySQL on Amazon EC2 with Elastic Block Store

Here is an excellent article on Running MySQL on Amazon EC2 with Elastic Block Store. Amazon Web Services Developer Connection : Running MySQL on Amazon EC2 with Elastic Block Store (0 Replies)
Discussion started by: Neo
0 Replies
Login or Register to Ask a Question