selinux for sap (#584)

Amrita42 · web-flow · commit abd64edc27b3 · 2025-11-03T15:32:01.000+05:30
* selinux for sap

* tech feedback

* jana's review
diff --git a/DC-SAP-SELinux b/DC-SAP-SELinux
@@ -0,0 +1,15 @@
+# This file originates from the project https://github.com/openSUSE/doc-kit
+# This file can be edited downstream.
+
+MAIN="SELinux.asm.xml"
+# Point to the ID of the <structure> of your assembly
+SRC_DIR="articles"
+IMG_SRC_DIR="images"
+
+PROFOS="sles4sap"
+PROFCONDITION="16.0"
+#PROFCONDITION="suse-product;beta"
+#PROFCONDITION="community-project"
+
+STYLEROOT="/usr/share/xml/docbook/stylesheet/suse2022-ns"
+FALLBACK_STYLEROOT="/usr/share/xml/docbook/stylesheet/suse-ns"
diff --git a/concepts/selinux-modes.xml b/concepts/selinux-modes.xml
@@ -42,7 +42,9 @@
     </listitem>
          </varlistentry>
   </variablelist>
-<para>The default in &productnameshort; &productnumber; is <literal>enforcing</literal> mode.</para>
+
+<para os="sles">The default in &productnameshort; &productnumber; is <literal>enforcing</literal> mode.</para>
+<para> <phrase os="sles4sap"> The default in &productname; &productnumber; is enabled in <literal>permissive</literal> mode, if &sap; patterns are installed. </phrase></para>
   <para>
     For information about switching between &selnx; modes, refer to
     <xref linkend="selinux-switching-modes"/>.
diff --git a/concepts/selinux-policy.xml b/concepts/selinux-policy.xml
@@ -39,4 +39,8 @@
     This allows the administrator to customize policies for different parts of the
     system.
   </para>
+  <para os="sles4sap"><emphasis role="bold">About &selnx; for &productname; &productnumber;</emphasis></para>
+  <para os="sles4sap"> The<literal>selinux-policy-sapenablement</literal> package is for &selnx; policy changes for running &sap;.
+    Currently it sets the settings that are needed, but still sets &selnx; to <literal>permissive</literal> mode.
+    This package is installed by default.</para>
 </topic>
diff --git a/tasks/selinux-packages.xml b/tasks/selinux-packages.xml
@@ -68,6 +68,8 @@
     Advanced policy development requires additional <literal>-devel</literal>
     packages, which can be installed by:
   </para>
+
+
 <screen os="sles;sles4sap">
 &prompt.sudo;<command>zypper install selinux-policy-devel policycoreutils-devel</command>
 </screen>
