So I set selinux to 'permissive' and rebooted. Took some time and a few interesting messages occured on the serial console like: [ 132.847434] systemd-readahead[302]: open(/etc/selinux/targeted/modules/active/policy.kern) failed: Too many levels of symbolic links Finally get the login prompt and log in on the serial console as root. I then move sshd to a different port. I have been doing this for years and know the selinux secret codes. First I need to: yum install policycoreutils-python Then: semanage port -a -t ssh_port_t -p tcp 745 firewall-cmd --permanent --add-port=745/tcp firewall-cmd --reload vi /etc/ssh/sshd_config <- change port to 745, and that is not the real port number I use. systemctl restart sshd.service After the semanage command I got: [ 310.545666] SELinux: Permission audit_read in class capability2 not defined in policy. [ 310.554040] SELinux: Class binder not defined in policy. [ 310.559671] SELinux: the above unknown classes and permissions will be allowed But I am able to ssh into my server. So are these messages an indicator that things are not right? I of course want to move on the selinux 'targeted' to get this secure. I plan on putting bind on this unit and have it for my testing dns server. Advise?