In this chapter, you learned how to manage SELinux. I certainly hope that you have a much fuller understanding of the mechanism involved. The aim of SELinux is to protect a system, especially where network-facing services are involved. Disabling or setting the Permissive mode for SELinux is, in general, the wrong approach. With this, you should now be be able to choose the correct solution.

In the next chapter, we will look at the new firewalling mechanism included on RHEL 7 and the improvements made from the standard IPtables mechanism used in the past. Again, we hope that we can convince you of the benefits of firewalld and keep the service enabled.