SELinux RPM
安全增强型 Linux (SELinux) 是对 Linux 的安全增强。
它由 Red Hat 开发,是 Linux 上 MAC(mandatory access controls,强制访问控制)的实现。系统管理员可以使用 MAC 设置应用程序和用户是如何访问不同资源的,例如文件、设备、网络和进程间的通信。SELinux 还通过默认限制操作系统来增强安全性。
After being historically used by government agencies, SELinux is now an industry standard and enabled by default on SUSE distributions such as SUSE Linux Enterprise 16, openSUSE distributions such as openSUSE Tumbleweed, and RHEL-based OS such as Rocky Linux. To check whether SELinux is enabled and enforced on your system, use getenforce:
# getenforce Enforcing
We provide three RPMs (RPM Package Manager) that enable Rancher products to function properly on SELinux-enforcing hosts: