Session Monitor currently supports the following top-level state of SELinux on a system – enforcing, permissive and disabled. The only supported SELinux type is targeted.

1. Run the command to set the SELinux mode as enforcing and SELinux policy as targeted:

   sed -i -e "s/^SELINUX=.*/SELINUX=enforcing/" /etc/selinux/config

   sed -i -e "s/^SELINUXTYPE=.*/SELINUXTYPE=targeted/" /etc/selinux/config

2. Reboot the system using the command:

   reboot

3. After the reboot, run the command to verify the SELinux status:

   sestatus

   Verify the command output:

   SELinux status:        enabled
   SELinuxfs mount:                /sys/fs/selinux
   SELinux root directory:         /etc/selinux
   Loaded policy name:             targeted
   Current mode:                   enforcing
   Mode from config file:          enforcing
   Policy MLS status:              enabled
   Policy deny_unknown status:     allowed
   Max kernel policy version:      31

4. Install the customized SELinux policy modules for Session monitor using the command:

   cd /opt/oracle/ocsm/
   ./ocsm_ext.sh