Editing Security-Enhanced Linux (section)

==Adoption==
[[File:SELinux sestatus screenshot.png|thumb|upright=1.4|<code>sestatus</code> showing status of SELinux in a system (openSUSE Tumbleweed)]]
SELinux has been implemented in [[Android (operating system)|Android]] since version 4.3.<ref>{{cite web | title=Security-Enhanced Linux in Android | access-date=2016-01-31 | publisher=Android Open Source Project | url=https://source.android.com/security/selinux/ | archive-date=4 January 2018 | archive-url=https://web.archive.org/web/20180104113527/https://source.android.com/security/selinux/ | url-status=live }}</ref>

Among free community-supported Linux distributions, [[Fedora (operating system)|Fedora]] was one of the earliest adopters, including support for it by default since Fedora Core 2. Other distributions include support for it such as [[Debian]] as of version 9 Stretch release<ref>{{cite web|url=https://wiki.debian.org/SELinux|title=SELinux|work=debian.org|access-date=23 August 2016|archive-date=13 August 2020|archive-url=https://web.archive.org/web/20200813103319/https://wiki.debian.org/SELinux|url-status=live}}</ref> and [[Ubuntu (operating system)|Ubuntu]] as of 8.04 Hardy Heron.<ref>{{cite web|url=https://ubuntu-tutorials.com/2008/03/18/how-to-install-selinux-on-ubuntu-804-hardy-heron/|title=How To Install SELinux on Ubuntu 8.04 "Hardy Heron"|work=Ubuntu Tutorials|access-date=23 August 2016|archive-date=5 July 2017|archive-url=https://web.archive.org/web/20170705102909/https://ubuntu-tutorials.com/2008/03/18/how-to-install-selinux-on-ubuntu-804-hardy-heron/|url-status=live}}</ref> As of version 11.1, [[SUSE Linux|openSUSE]] contains SELinux "basic enablement".<ref>{{cite web |url=https://news.opensuse.org/2008/08/20/opensuse-to-add-selinux-basic-enablement-in-111/ |title=openSUSE News |date=20 August 2008 |access-date=23 August 2016 |archive-date=28 September 2020 |archive-url=https://web.archive.org/web/20200928155140/https://news.opensuse.org/2008/08/20/opensuse-to-add-selinux-basic-enablement-in-111/ |url-status=live }}</ref> [[SUSE Linux Enterprise]] (SLE) 11 features SELinux as a "technology preview".<ref>{{cite web |url=https://www.novell.com/linux/releasenotes/x86_64/SUSE-SLED/11/#02 |title=Release Notes for SUSE Linux Enterprise Desktop 11 |publisher=[[Novell]] |access-date=2013-02-06 |archive-date=13 March 2016 |archive-url=https://web.archive.org/web/20160313095523/http://www.novell.com/linux/releasenotes/x86_64/SUSE-SLED/11/#02 |url-status=live }}</ref>

SELinux is popular in systems based on [[Linux containers]], such as [[Container Linux by CoreOS|CoreOS Container Linux]] and rkt.<ref>{{cite web|url=https://coreos.com/os/docs/latest/selinux.html|title=SELinux on CoreOS|work=CoreOS Docs|access-date=15 December 2016|archive-date=26 September 2018|archive-url=https://web.archive.org/web/20180926032756/https://coreos.com/os/docs/latest/selinux.html|url-status=live}}</ref> It is useful as an additional security control to help further enforce isolation between deployed containers and their host.

SELinux is available since 2005 as part of [[Red Hat Enterprise Linux]] (RHEL) version 4 and all future releases. This presence is also reflected in corresponding versions of derived systems such as [[CentOS]], [[Scientific Linux]], [[AlmaLinux]] and [[Rocky Linux]]. The supported policy in RHEL4 is targeted policy which aims for maximum ease of use and thus is not as restrictive as it might be. Future versions of RHEL are planned to have more targets in the targeted policy which will mean more restrictive policies. RHEL version 5 introduced [[multilevel security]] (MLS) policy for servers only. Fedora Linux 10 introduced a minimum policy, designed for certain platforms such as low-memory devices and [[Virtual machine|virtual machines]].<ref>{{Cite web |title=SELinux/Policies - Fedora Project Wiki |url=https://fedoraproject.org/wiki/SELinux/Policies |access-date=2025-02-14 |website=[[Fedora Linux|Fedora Project]] Wiki |archive-date=11 February 2025 |archive-url=https://web.archive.org/web/20250211201338/https://fedoraproject.org/wiki/SELinux/Policies |url-status=live }}</ref>

openSUSE Tumbleweed transitioned from [[AppArmor]] to SELinux for new installation since 11 February 2025, upcoming SLE/openSUSE Leap 16 will be shipped with SELinux by default as well.<ref>{{Cite web |last=Gompa |first=Neal |date=2025-02-13 |title=Re: Announcement: SELinux as default MAC system on new Tumbleweed installations - openSUSE Factory |url=https://lists.opensuse.org/archives/list/factory@lists.opensuse.org/message/3JUSAOAXUWDXG4BSU3CEKY4Z3QUMI2US/ |access-date=2025-02-14 |website=openSUSE Mailing Lists |language=en |archive-date=18 February 2025 |archive-url=https://web.archive.org/web/20250218131724/https://lists.opensuse.org/archives/list/factory@lists.opensuse.org/message/3JUSAOAXUWDXG4BSU3CEKY4Z3QUMI2US/ |url-status=live }}</ref> openSUSE/SLE adopted RHEL/Fedora policies for its SELinux implementation although with some differences.<ref>{{Cite web |title=Portal:SELinux/Differences to fedora policy - openSUSE Wiki |url=https://en.opensuse.org/Portal:SELinux/Differences_to_fedora_policy |access-date=2025-02-15 |website=[[openSUSE]] Wiki}}</ref> AppArmor is retained for existing Tumbleweed and SLE/openSUSE Leap 15.x installation (users can manually migrate their existing installation to SELinux). AppArmor is also available as install-time selection for users who prefer it.<ref>{{Cite web |last=DeMaio |first=Douglas |date=2025-02-13 |title=Tumbleweed Adopts SELinux as Default |url=https://news.opensuse.org/2025/02/13/tw-plans-to-adopt-selinux-as-default/ |access-date=2025-02-13 |website=openSUSE News |language=en}}</ref>