vServer with Centos 7.3 SELinux 2.5 don't get active

Nicolas Schreienberger asked:

I get a new vServer with Centos 7.3. and SELinux 2.5.* . I would like to get SELinux to be active to get greater access control over my server, but nothing works. If I check SELinux Mode and enter

getenforce: disabled

or

SELinux status:        disabled

Also I restart the server with shutdown -r now still the same problem.
To check what SELinux packages are installed on your CentOS

rpm -qa | grep selinux
libselinux-python-2.5-6.el7.x86_64
libselinux-utils-2.5-6.el7.x86_64
libselinux-2.5-6.el7.x86_64
selinux-policy-3.13.1-102.el7_3.7.noarch

I already installed more SELinux packages to catch a few more error messages in my logs but all log files are empty.

cat /var/log/messages | grep "SELinux is preventing"
empty feedback also with  | grep "SELinux"

If you look at the SELINUX config file with the command cat, I see that the SELINUX is already set to enforcing not disabled.

Is that a bug or what? I know the Centos 7.3 version is new but I get the vServer with that operation system. I already tried it with my server with 7.1 and all is fine.

And yes I already reboot the server multiple times.

My answer:


Your VPS runs on OpenVZ, a container based “virtualization” which has no support for SELinux.

If you need SELinux, you will need to switch to another hypervisor which supports SELinux in guests, such as Hyper-V, VMware, KVM, Xen, and possibly others.


View the full question and answer on Server Fault.

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.