From: "Justin M. Forbes" <jforbes(a)fedoraproject.org&gt; From https://www.paul-moore.com/blog/d/2020/06/linux_v57.html "Deprecate setting “/sys/fs/selinux/checkreqprot” to 1. This flag was originally created to deal with legacy userspace and the READ_IMPLIES_EXEC personality flag. We changed the default from 1 to 0 back in Linux v4.4 and now we are taking the next step of deprecating it, at some point in the future we will take the final step of rejecting 1." Signed-off-by: Justin M. Forbes <jforbes(a)fedoraproject.org&gt; --- .../common/generic/CONFIG_SECURITY_SELINUX_CHECKREQPROT_VALUE | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/redhat/configs/common/generic/CONFIG_SECURITY_SELINUX_CHECKREQPROT_VALUE b/redhat/configs/common/generic/CONFIG_SECURITY_SELINUX_CHECKREQPROT_VALUE index 47810c7e452a..9fefaf319b27 100644 --- a/redhat/configs/common/generic/CONFIG_SECURITY_SELINUX_CHECKREQPROT_VALUE +++ b/redhat/configs/common/generic/CONFIG_SECURITY_SELINUX_CHECKREQPROT_VALUE @@ -1 +1 @@ -CONFIG_SECURITY_SELINUX_CHECKREQPROT_VALUE=1 +CONFIG_SECURITY_SELINUX_CHECKREQPROT_VALUE=0 -- 2.26.2