All,

The system is FC5. The kernel is a 'custom' build. The message is:

getsebool: SELinux is disabled

This is /etc/selinux/config:

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - SELinux is fully disabled.
SELINUX=permissive
# SELINUXTYPE= type of policy in use. Possible values are:
# targeted - Only targeted network daemons are protected.
# strict - Full SELinux protection.
SELINUXTYPE=targeted

Why (where) is selinux disabled? How can it be enabled?

Also only one policy appears in the security selinux screen. Where are the parameters kept?

Thanks - Dan

What does the 'sestatus' return?

Also take a closer look at the comments in the /etc/selinux/config file, you are runnning in permissive mode and as such it simply provides informational warning messages. Change the setting in that file to "enforcing" to have it actually running. I'd recommend sticking with the 'targeted' policy rather than using 'strict' mode.

Thanks.

sestatus shows:

SELinux status: disabled

I have several systems. The others have the same policy except for the line:

SETLOCALDEFS=0

- Dan

The other difference is the number of entries in:

/etc/selinux/targeted/modules/active/booleans.local

One system has 1 entry while one has several dozen. How or what makes these entries?

- Dan

To get SElinux enabled, try using 'setenforce 1' to enable selinux while the system is running. If you don't have any issues or AVC warnings, then modify the /etc/selinux/config file and set "SELINUX=enforcing" then reboot.

See http://danwalsh.livejournal.com/3144.html
I believe the "new management infrastructure" he is refering to is the new "semanage" tool that was added as of FC5. Take a look at the SELinux section of the FedoraWiki. There is alot of detail that you'll likely find informative:
http://fedoraproject.org/wiki/SELinux/FC5Features