suseCon2014: TUT7986 - Managing SELinux in SUSE Linux Enterprise Server 12.
##### Enable selinux on SUSE
zypper in selinux-tools selinux-policy
# Examine what need to do to enable SELinux
# Add "security=selinux selinux=1" to the kernel boot parameters and don't forget to update grub using "grub2-mkconfig /boot/grub2/grub.cfg"
pam-config –a --selinux
# Relabel the entire filesystem:
restorecon –R /
# Start the auditing service for messages in /var/log/audit/audit.log
systemctl start auditd
systemctl enable auditd
# Verify current status
AppArmor ("Application Armour") is a Linux kernel security module that allows the system administrator to restrict programs' capabilities with per-program profiles.
It was included in the mainline Linux kernel since version 2.6.36.
AppArmor is offered in part as an alternative to SELinux. SELinux requires a filesystem that supports "security labels", and thus cannot provide access control for files mounted via NFS. AppArmor is filesystem-agnostic.