SELinux is required to operate within various compliance landscapes.
P Cluster's AMI creation disables and checks that SELinux is disabled.
https://github.com/aws/aws-parallelcluster-cookbook/blob/develop/cookbooks/aws-parallelcluster-platform/test/controls/disable_selinux_spec.rb
https://aws.amazon.com/blogs/hpc/securing-hpc-on-aws-implementing-stigs-in-aws-parallelcluster/ Suggests that it is possible to operate P Cluster in a compliant environment, with SELinux (as implied by the STIGs).
Is there a reason why SELinux is disabled?
SELinux is required to operate within various compliance landscapes.
P Cluster's AMI creation disables and checks that SELinux is disabled.
https://github.com/aws/aws-parallelcluster-cookbook/blob/develop/cookbooks/aws-parallelcluster-platform/test/controls/disable_selinux_spec.rb
https://aws.amazon.com/blogs/hpc/securing-hpc-on-aws-implementing-stigs-in-aws-parallelcluster/ Suggests that it is possible to operate P Cluster in a compliant environment, with SELinux (as implied by the STIGs).
Is there a reason why SELinux is disabled?