View All Products
Compute
Storage
Networking
Databases
Services
Developer Tools
Industries
Pricing
Community
Engage With Us
Community Questions How to compile new kernel in order to turn on SELinux
Log in to Ask a Question

How to compile new kernel in order to turn on SELinux

general

I've get new instance of CentOS 6.5, prepare needed software and by the end, as usual, tried to enable SELinux…

Ok, as I can see, images from Linode don't include SELinux support in kernel. May be in order to reduce clients troubles, I don't know…

As I think I have to build new kernel with SELinux support. Would you advise me how to do it? I've never do it :(

13 Replies

You should not need to compile a custom kernel - the CentOS distribution-provided kernel includes SELinux. Review the Linode guide for instructions on how to use the distribution kernel.

Thank you very much!

Can this also be applied to Centos 7?

I tried once following the Centos 6.5 instructions but I don't think I did it right. Because files end with .debug when I look at the boot directory and I am not sure if I am doing it right.

Thank you.

While Vance is right and you don't have to use a custom compiled kernel, it just so happens that we recently updated our guides on the subject, including one for CentOS 7:

https://www.linode.com/docs/tools-refer … b-centos-7">https://www.linode.com/docs/tools-reference/custom-kernels-distros/custom-compiled-kernel-with-pvgrub-centos-7

EDIT: btw SELINUX is the example option in the guide, so it should have everything you need.

thank you! I will follow the guide right away.

Wow! It takes forever to install this. I mostly prepare a Centos server with all necessary features I need (like SeLinux settings) in max 45 minutes so I like feeling comfortable to be able to make a server ready in an hour or so. It looks this might be a real pain to work with Linode distributions. I wonder why not simply have a minimal default Centos distribution - I am not a total Linux person but I just wonder. I am about to decide switching my Cloud needs to Linode, so this is an important point.

It is still trying to complete "make -j3 bzImage" command. wow.

I followed each line of the guide very carefully and I couldn't make it work for some reason.

The only warning I had was "Cannot find LILO." during "make install". I made a search about it and people says it doesn't matter.

I renamed vmlinuz as vmlinuz-3.19.3-custom as instructed but after completing everything, and rebooting the server, uname gives me back following:

Linux li152-129.members.linode.com 3.19.3 #2 SMP Thu Apr 16 22:18:54 UTC 2015 x8664 x8664 x86_64 GNU/Linux

there is no cutstom suffix. :(

There must be something not included in the guide - for someone who is not 100% linux guy but simply needs SeLinux in the server as stated in the guide.

Perhaps tried 6-7 times now and I can't make it work. Feeling like an idiot.

"uname -a" changes from 3.19.1 to 3.19.3 but it doesn't use my 3.19.3-custom.

Any other suggestion would be great. Thanks.

@smozgur:

"uname -a" changes from 3.19.1 to 3.19.3 but it doesn't use my 3.19.3-custom.

If you get this change that means that you're running the new kernel you compiled. I'm not sure why it's not exactly the output you expect it to be without seeing your system first hand, but if you can log in and uname shows the right kernel version number, then it sounds like it worked. Have you tried setting up SELinux afterwards?

Yes, I changed /etc/selinux/config to enable selinux as permissive. Reboot and it is still disabled. :(

Thank you for the reply by the way :) I am really frustrated so I forgot to say before :)

I really liked Linode but I gave up. This took me 2 days since the initial sign in and a simple cloud server rebuild that would take about 45 minutes just turned on to a nightmare for me because of SELinux and it is not being included in the distro.

Thanks for the replies.

I couldn't have managed getting SELinux work by using any of provided guides. It should be something I don't know and missing.

I was about to move on but I then discovered the most impressive feature of Linode cloud service: upload my own virtual machine! So I built a minimal (default) Centos server in my local computer, uploaded it to my Linode, changed Kernel as necessary (it is still required as I learned by experiencing), then restarted my machine, wow! It works!!!

Just in case, I made a backup as Golden master of my disk, so I wouldn't need to upload again (then I learned, I already have a Clone feature - what a beautiful place is this!).

Now I am happy! I am guessing that Centos installation in Linode doesn't include some SELinux related applications that Minimum Centos includes. So when I built and uploaded my Centos, then after changing Kernel, everything worked!

It is time to create another Linode now! :)

Thanks for the help!

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Log in to Reply
Community Code of Conduct