mirror of
https://github.com/rancher/rancher-docs.git
synced 2026-05-04 12:13:19 +00:00
Andy Pitcher
dae5fda314
- add Rancher Kubernetes Distributions (K3s/RKE2) Self-Assessment and Hardening Guide section - add kubernetes cluster security best practices link to rancher-security section - add k3s-selinux and update selinux-rpm details - remove rhel/centos 7 support Signed-off-by: Andy Pitcher <andy.pitcher@suse.com>
24 lines
1.2 KiB
Markdown
24 lines
1.2 KiB
Markdown
---
|
|
title: SELinux RPM
|
|
---
|
|
|
|
<head>
|
|
<link rel="canonical" href="https://ranchermanager.docs.rancher.com/reference-guides/rancher-security/selinux-rpm"/>
|
|
</head>
|
|
|
|
[Security-Enhanced Linux (SELinux)](https://en.wikipedia.org/wiki/Security-Enhanced_Linux) is a security enhancement to Linux.
|
|
|
|
Developed by Red Hat, it is an implementation of mandatory access controls (MAC) on Linux. Mandatory access controls allow an administrator of a system to define how applications and users can access different resources such as files, devices, networks and inter-process communication. SELinux also enhances security by making an OS restrictive by default.
|
|
|
|
After being historically used by government agencies, SELinux is now an industry standard and enabled by default on SUSE distributions such as SUSE Linux Enterprise 16, openSUSE distributions such as openSUSE Tumbleweed, and RHEL-based OS such as Rocky Linux. To check whether SELinux is enabled and enforced on your system, use `getenforce`:
|
|
|
|
```
|
|
# getenforce
|
|
Enforcing
|
|
```
|
|
|
|
We provide three RPMs (RPM Package Manager) that enable Rancher products to function properly on SELinux-enforcing hosts:
|
|
- [`rancher-selinux`](about-rancher-selinux.md)
|
|
- [`rke2-selinux`](about-rke2-selinux.md)
|
|
- [`k3s-selinux`](about-k3s-selinux.md)
|