Hi Shivdeep, Are you trying to enable SELinux on the Host OS? We don't change anything that on default Ubuntu. The claimed SELinux seems to be from Android perspective. Regards, Yogesh. From: Singh, Shivdeep <shivdeep.singh(a)intel.com&gt; Sent: Friday, October 16, 2020 1:05 PM To: celadon(a)lists.01.org Subject: [01.org Celadon] Not able to run CIC on ubuntu 18.04 , kerner 5.4 with SELINUX enabled. Hi, Requirement: Run CIC on ubuntu 18.04 with SELINUX enabled. While trying steps at https://01.org/projectceladon/documentation/getting-started/on-container to enable selinux on ubuntu18.04, we find that all cgroups are not mounted hence docker daemon is not able to run. Problem: When SELINUX is enabled on ubuntu18.04, Kernel 5.4.0-51-generic, system version 237, all cgroups are not mounted. The issue seems to be due to systemd and has been listed here(https://github.com/systemd/systemd/issues/7901) Steps to reproduce: * Get a machine with ubuntu 18.04 * Upgrade kernel to 5.4 : sudo apt-get install --install-recommends linux-generic-hwe-18.04 * Get selinux: apt-get install selinux-basics corepolicyutils selinux-policy-default selinux-utils * Enable selinux: sudo selinux-activate , * Reboot and check selinux status: sestatus , it should show enabled * Many cgroups are not seen: mount | grep cgroups , only 2/3 entries seen * Dockerd is not running: sudo docker ps , it will give error * Disable selinux: sudo vim /etc/selinux/config , In this file update: SELINUX=disabled and reboot * Now selinux is disabled, check sestatus: sestatus it should show disabled * Check cgroups: mount | grep cgroups, a list of mounted cgroups will be seen, around 12/13 entries * Check docker: sudo docker ps, it runs properly Note this problem in running docker is not seen in ubuntu 20.04 with SELINUX enabled, it has system version 245. Since the document at https://01.org/projectceladon/documentation/getting-started/on-container, claims CIC support on ubuntu 18.04 with selinux enabled. We want to know if there are some extra steps needed to get it working? We tried on three different machines and we had the same result, docker not running with selinux enabled. Regards, Shivdeep