Hi I have an EC2 instance using ami-7fd4e10b AMI and aki-4deec439 kernel
After doing lots of configuration, I was surprised to find it did not have selinux running.
grep SELINUX /boot/config-`uname -r`
# CONFIG_SECURITY_SELINUX_POLICYDB_VERSION_MAX is not set
# CONFIG_DEFAULT_SECURITY_SELINUX is not set
This suggests to me that a kernel setting is to not boot with selinux, and found a message to that effect in /var/log/messages.
So, added selinux=1 in grub.conf and creating the ./autolabel file
dmesg | grep SELinux
[ 0.004000] SELinux: Initializing.
[ 0.004000] SELinux: Starting in permissive mode
[ 0.061441] SELinux: Registering netfilter hooks
but sestatus still says:
SELinux status: disabled
Any thoughts on how I can fix this - had thought SELinux was pretty standard now and surprised it is not working out of the box.