Is selinux required

A new install on Centos7 with selinux is giving a issue apon running install script.

Disabling SELINUX Temporarily
sed: cannot rename /etc/selinux/sedsEkhpk: Operation not permitted

I have not seen this on other installs, can I use Centos7 without selinux ?

I reinstalled server without selinux but still have the same issue with install script.

SELINUX it is already disabled
sed: cannot rename /etc/selinux/sed0WTF6z: Operation not permitted

Hopefully someone can say if this install method is ok as I made changes to the script.

Install Centos7 without selinux

checked status
[root@xxxxxxxxx ~]# sestatus
SELinux status: disabled

/etc/selinux/config looks like this

This file controls the state of SELinux on the system.

SELINUX= can take one of these three values:

enforcing - SELinux security policy is enforced.

permissive - SELinux prints warnings instead of enforcing.

disabled - No SELinux policy is loaded.


SELINUXTYPE= can take one of three values:

targeted - Targeted processes are protected,

minimum - Modification of targeted policy. Only selected processes are protected.

mls - Multi Level Security protection.


Changed to this
set -e

#Clean Yum Cache
yum clean all
rm -rf /var/cache/yum

#Download the VitalPBX’s repo
rm -rf /etc/yum.repos.d/vitalpbx.repo
wget -P /etc/yum.repos.d/

#Install SSH Welcome Banner
rm -rf /etc/profile.d/
wget -P /etc/profile.d/
chmod 644 /etc/profile.d/

#Intall other required dependencies
yum -y install epel-release php

Clean Cache Again

yum clean all
rm -rf /var/cache/yum

#Install MariaDB (MySQL)
yum install MariaDB-server MariaDB-client MariaDB-common MariaDB-compat mariadb-connector-odbc -y
systemctl enable mariadb
rm -rf /etc/my.cnf.d/vitalpbx.cnf
wget -P /etc/my.cnf.d/
systemctl start mariadb

Install VitalPBX pre-requisites

yum -y install $(cat pack_list)

Enable and Start Firewall

systemctl enable firewalld
systemctl start firewalld

Clean Cache Again

yum clean all
rm -rf /var/cache/yum

Install completed as normal and system gui shows all is working.

Try executing sudo su before running the script. Probably, you were not logged in as root.

I did not try sudo su but i was logged in as root.

selinux is disabled so i removed those lines from the script and it worked. do you think this should work Ok.

I think the issue is with the install script. I created a new server at Vultr with Centos7 64bit as I have done for many vitalpbx installs, but now script has errors ?

[root@Test ~]# chmod +x
[root@Test ~]# ./
Disabling SELINUX Temporarily
sed: cannot rename /etc/selinux/sed5nIK7B: Operation not permitted
[root@Test ~]# sudo su ./
su: user ./ does not exist
[root@Test ~]# sudo ./
Disabling SELINUX Temporarily
sed: cannot rename /etc/selinux/sedoAb1OZ: Operation not permitted
[root@Test ~]#

[root@Test ~]# cd /etc/selinux/
[root@Test selinux]# ls
config final semanage.conf targeted tmp
[root@Test selinux]# ls -l
total 20
-rw-r–r–. 1 root root 538 Feb 9 06:39 config
drwx------. 2 root root 4096 Mar 27 18:29 final
-rw-r–r–. 1 root root 2321 Oct 30 2018 semanage.conf
drwxr-xr-x. 7 root root 4096 Mar 27 18:29 targeted
drwxr-xr-x. 2 root root 4096 Oct 30 2018 tmp
[root@Test selinux]#

Is it possible for the Vitalpbx team to verify this script as I need to put a new server into production.

The SELINUX stuff is certainly throwing and error for some odd reason, just tested myself as well. For now, disable SELINUX manually and comment out the SELINUX part of the current script and try to run it again. The rest of the script should run without issue.

Where are you hosting the PBX? I usually test the script with D.O.

Hosting is at Vultr with Centos7 64bit

I have run script with out selinux part noted above and it seem to work fine, as it’s going into production I wanted verification it would be ok.

It could be some restriction from Vultr. Disabling the Selinux manually, and commenting out the line that disables the Selinux from the script, should be enough.

Thank you, I will continue on and add license’s if I have a problem I will report back.

Vultra offers a server build without selinux so I used that and did the modified install script.