I haven't daily driven anything but Linux for 15 years or more. I remember when Xorg was the new kid and XFree86 could destroy your CRT (or so "they" said - I never managed it!) Mind you I also remember #make config taking about 20 minutes.
Advice advocating disabling selinux is very similar to SFC /SCANNOW or "turn off your anti virus". As soon as you see advice like that you do have to wonder at the motive.
A quick broad-brush approach to troubleshooting is fine and could be considered the first stage before a binary search is used to get to the real problem. So you make things safe first and then you switch off something like selinux. Does that work? If yes, then you switch it back on and then do your search within selinux and perhaps bother with reading logs.
You obviously have to support a lot of cough enterprise ... RH based stuff or perhaps Oracle's sufferings.
If you can, call someone's bluff: Insist on a standard. PCI DSS is involved as soon as a payment card is involved - that will soon sort things out. In the UK, we have Cyber Essentials and the plus form. Non UK Europe also has similar standards. The US will have Freedom versions of any standards and the rest of the world will have theirs.
Go in with standards if you can. As soon as you permanently switch off a security mechanism you have failed (yourself and your customer).
Advice advocating disabling selinux is very similar to SFC /SCANNOW or "turn off your anti virus". As soon as you see advice like that you do have to wonder at the motive.
A quick broad-brush approach to troubleshooting is fine and could be considered the first stage before a binary search is used to get to the real problem. So you make things safe first and then you switch off something like selinux. Does that work? If yes, then you switch it back on and then do your search within selinux and perhaps bother with reading logs.
You obviously have to support a lot of cough enterprise ... RH based stuff or perhaps Oracle's sufferings.
If you can, call someone's bluff: Insist on a standard. PCI DSS is involved as soon as a payment card is involved - that will soon sort things out. In the UK, we have Cyber Essentials and the plus form. Non UK Europe also has similar standards. The US will have Freedom versions of any standards and the rest of the world will have theirs.
Go in with standards if you can. As soon as you permanently switch off a security mechanism you have failed (yourself and your customer).
Good luck mate.