how to enable Selinux

I try to enable Selinux from this site,http://wiki.eri.ucsb.edu/sysadm/SELinux , but it didn't work, On linux shell, I tried this command as follows

root@vps# getenforce

Disabled

root@vps#setenforece 1

setenforce: SELinux is disabled

root@vps# getenforce

Disabled

change the file at /etc/sysconfig/selinux from changing SELINUX=enforcing to SELINUX=disabled

reboot, but it didn't work.

On the link instruction, why turn on Selinux need to SELINUX=disabled ?
And how I know selinux is enabled or not ?

Please advise
LVL 1
rwniceingAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

savoneCommented:
Edit  /etc/selinux/config and make sure it is enforcing.

The file should look like this when done:
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
SELINUX=enforcing
# SELINUXTYPE= can take one of these two values:
#     targeted - Targeted processes are protected,
#     minimum - Modification of targeted policy. Only selected processes are protected.
#     mls - Multi Level Security protection.
SELINUXTYPE=targeted


Reboot the system to load selinux.
0
rwniceingAuthor Commented:
Yes  I did,

but when getenforce it still echo

Disabled

I talk to my hosting company said
We use OpenVZ virtualization (most popular VPS virtualization system), which doesn't support selinux for security reasons, i am sorry, but we have no option to enable it.

Is the main reason from the hosting company statement that is why
always get "Disabled" from getenforce ?
0
rwniceingAuthor Commented:
Whatever I try, I always get this

root@vps#setenforece 1

setenforce: SELinux is disabled
0
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

exploitedjCommented:
Ok, the first thing to check is what does sestatus return for the "SELinux status: "

If that line returns disabled that means that you disabled it before a reboot. Think of this like the main breaker on your house. If it is off, the circuit breakers between enforcing and permissive won't mean much.

If that is the case you can set your  /etc/sysconfig/selinux to "SELINUX=enforcing"  then reboot.
The sestatus "SELinux status: " should now return "enabled". Now you can use set enforce to switch between enforcing and permissive.

Permissive is different than Disabled. It is SUPER IMPORTANT to understand how "Disabling" impacts policies relabeling. This is not uncommon and can lead to many headaches. Fedora documentation does a good job describing this. As do Dan Walsh's blogs. He is pretty much "the Man" with SeLinux.

Note - This may not fall into this thread but you typically want to avoid Disabling in SeLinux, even when troubleshooting, as you can undo a lot of policy label changes if you didn't set them properly. Go with Permissive as you gain your footing and if you need to figure out if SElinux is messing something up.
0
rwniceingAuthor Commented:
savone and exploitedj thanks for your reply,  exploitedj ,command result as follows

root@vps [~]# sestatus
SELinux status:                 disabled

Please read this post
http://www.experts-exchange.com/OS/Linux/Q_28516844.html

You agree hosting company has such ability ?
0
exploitedjCommented:
I just commented there and came here to double check that the virtualization was with OpenVZ. Guess so since you are the question asker in both?
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
rwniceingAuthor Commented:
Thanks for all of your reply
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Linux

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.