Session Monitor currently supports the following top-level states of SELinux on a system – enforcing, permissive, and disabled. The only supported SELinux policy type is targeted.

1. Run the command to set the SELinux mode as enforcing and the SELinux policy as targeted:


   


sed -i -e "s/^SELINUX=.*/SELINUX=enforcing/" /etc/selinux/config



   


sed -i -e "s/^SELINUXTYPE=.*/SELINUXTYPE=targeted/" /etc/selinux/config

2. Reboot the system using the command:



   reboot

3. After the reboot, run the command to verify the SELinux status:

   sestatus

   1. Verify the command output. The output should look like this:

      SELinux status: enabled
      SELinuxfs mount: /sys/fs/selinuxSELinux root
      directory: /etc/selinux
      Loaded policy name:targetedCurrent 
      mode: enforcing
      Mode from config file:enforcing
      Policy MLS status: enabled
      Policy deny_unknown status: allowed
      Max kernel policy version:31



4. Install the customized SELinux policy modules for Session Monitor using the command:

   


cd /opt/oracle/ocsm/
   ./ocsm_ext.sh