Security-Enhanced Linux (SELinux) is a Linux kernel security module that provides a mechanism for supporting access control security policies, including mandatory access controls (MAC). For more information on SELinux refer to the following:


Chapter 2. Changing SELinux states and modes Red Hat Enterprise Linux 8 | Red Hat Customer Portal

LifeKeeper requires “mmap_low_allowed” to be “on” when SELinux is enabled (enforcing or permissive modes). The LifeKeeper installation script will automatically update this setting when it detects that SELinux is enabled. On upgrade of LifeKeeper, “mmap_low_allowed” will not be automatically updated if the mode is set to permissive. If “mmap_low_allowed” is not enabled then error messages will be logged in /var/log/messages when LifeKeeper commands are executed similar to:

setroubleshoot[17263]: SELinux is preventing /opt/LifeKeeper/bin/lklogmsg from mmap_zero access on the memprotect labeled unconfined_service_t.

!WARNING The LifeKeeper setup utility must be run if SELinux is enabled after LifeKeeper has been installed. This will ensure the SELinux configuration is correct.


Was this helpful?

Yes No
You indicated this topic was not helpful to you ...
Could you please leave a comment telling us why? Thank you!
Thanks for your feedback.

Post your comment on this topic.

Post Comment