Security Enhanced Linux (SELinux) is a default Linux feature that offers mandatory access controls, using Linux kernel security modules (LSM) along with user-space tools. Starting with Oracle Database 11g Release 2 (11.2), Security Enhanced Linux is supported for Oracle Linux 4, Red Hat Enterprise Linux 4, Oracle Linux 5, and Red Hat Enterprise Linux 5. Security Enhanced Linux is not supported for the Oracle Enterprise Manager 12c Oracle Management Service.
Mandatory access controls, for example Security Enhanced Linux, may be a part of your organizations information security program. If your information security program requires mandatory access controls for the 12c Oracle Management Repository, a best practice is to configure Security Enhanced Linux during the last phase of the Enterprise Manager deployment.
To confirm the status of SELinux, as root type sestatus as shown in the next example.
SELinux status: disabled
The above example shows a host with SELinux disabled.
Security Enhanced Linux can be temporarily set to permissive by typing "echo 0 > /selinux/enforce", as root. Security Enhanced Linux can be re-enabled (enforcing) by typing "echo 1 > /selinux/enforce", as root.
Security Enhanced Linux can be permanently disabled by changing the "SELINUX=enforcing" entry to "SELINUX=disabled" in the "/etc/selinux/config" file. Security Enhanced Linux can be re-enabled by changing the "SELINUX=disabled" entry to "SELINUX=enforcing" in the "/etc/selinux/config" file. A re-boot is required after changing the "SELINUX=” value to enable to new settings.