1.6.1.3 Ensure SELinux policy is configured - 'SELINUXTYPE'

Information

Configure SELinux to meet or exceed the default targeted policy, which constrains daemons and system software only. Security configuration requirements vary from site to site. Some sites may mandate a policy that is stricter than the default policy, which is perfectly acceptable. This item is intended to ensure that at least the default recommendations are met.

Solution

Edit the /etc/selinux/config file to set the SELINUXTYPE parameter: SELINUXTYPE=ubuntu

See Also

https://workbench.cisecurity.org/files/1867

Item Details

Category: ACCESS CONTROL

References: 800-53|AC-3(3)

Plugin: Unix

Control ID: 808d042ddee574e7f439de6e6a56ff0ee87b24c2d3345d1786c323475e7d3855