Is it OK to enable SELinux on a PBA-E server or store server?
No, SELinux mode must be set to "permissive," as the "enforcing" mode causes various issues, such as update installation failure, problems with API call execution, store synchronization problems, PBA node registration in POA in PA 6.0 etc.
It is also mentioned in the deployment documentation: http://download.pa.parallels.com/pba/5.5/doc/55981.htm
To disable SELinux, you may follow the instructions from the article https://kb.parallels.com/115626.
List of possible errors from enabled SELinux:
PBA-E services are running, but the login page is not displayed, www.log does not show any records, and there are permission errors in the Apache error log.
API method execution fails with this error:
"System Error. Object is not available inside a server"
The "configure-db.pl" script fails:
[DATE] Execute: '/etc/init.d/postgresql initdb' Initializing database: chown: invalid user: `postgres:postgres' [FAILED] [DATE] [Call stack]: [DATE] 'helper::msystemex' at helper.pm line 574 [DATE] 'helper::msystem' at /usr/local/bm/tools-db/configure_db.pl line 585 [DATE] 'main::postgres_operate' at /usr/local/bm/tools-db/configure_db.pl line 96 [DATE] PWD: /usr/local/bm/tools-db Command '/etc/init.d/postgresql initdb' exited with error code 256 at helper.pm line 576.
Store synchronization fails:
"Synchronization failed with error: Couldn't open counter file. "
- The store is not displayed; an error mentioned above is displayed instead, even though the "templatestore" folder owner and permissions are correct.