Your Ultimate Information Platform

The way to set up SELinux on Ubuntu Server 20.04



If you happen to’ve already spent the time studying SELinux, however must deploy Ubuntu as a server working system, you may set up SELinux and be on acquainted floor. Jack Wallen reveals you ways.


Picture: GettyImages/Yuichiro Chino

Ubuntu Server has its personal Necessary Entry Management system, referred to as AppArmor, which has similarities to SELinux, in that they each present instruments to isolate functions from each other, to guard the host system. However how every of those instruments is used is kind of totally different. In reality, simply because you recognize one, does not imply you can instantly use the opposite. That is why you may need to contemplate putting in SELinux on Ubuntu Server. You is perhaps migrating from a Crimson Hat-based distribution and have invested appreciable time studying the best way to use that specific system.

Good factor you may set up SELinux on Ubuntu. 

In reality, it is truly fairly easy, and I will present you the way it’s accomplished. As soon as completed, you can begin working with SELinux on Ubuntu Server in the identical means you probably did when administering your Crimson Hat-based methods.

What you will want

To make this work, you will want a operating occasion of Ubuntu Server 20.04 and a consumer with sudo privileges. That is it. Let’s get to work.

One warning: I extremely suggest you first do that on a take a look at system. And when you’re sure it is going to be just right for you, I’d suggest you put in SELinux on a recent set up of Ubuntu Server after which construct from there.

The way to take away AppArmor

The very first thing to do is take away AppArmor. Log into your Ubuntu Server and cease the service with the command:

sudo systemctl cease apparmor

Now we will take away AppArmor with the command:

sudo apt-get take away apparmor -y

As soon as AppArmor has been eliminated, reboot your system with:

sudo reboot

The way to set up SELinux

Now we will set up SELinux. Again on the terminal window, challenge the command:

sudo apt-get set up policycoreutils selinux-utils selinux-basics -y

When the set up completes, activate SELinux with the command:

sudo selinux-activate

Set SELinux to imposing mode with:

sudo selinux-config-enforcing

Lastly, reboot your system as soon as once more with:

sudo reboot

When the system comes again up, test to ensure SELinux is enabled with the command:


It is best to see one thing like:

SELinux standing:                 enabled
SELinuxfs mount:                /sys/fs/selinux
SELinux root listing:         /and so on/selinux
Loaded coverage identify:             default
Present mode:                   permissive
Mode from config file:          imposing
Coverage MLS standing:              enabled
Coverage deny_unknown standing:     allowed
Reminiscence safety checking:     requested (insecure)
Max kernel coverage model:      31

And that is all there may be to put in SELinux on Ubuntu Server 20.04. If you happen to’re already conversant in this safety system, you may bounce in and begin securing your server.

Additionally see


Leave A Reply

Your email address will not be published.