People find themselves skipping steps of the installation guide's "preparing your system" section, only to discover services do not start and Kolab Groupware is dysfunctional.
I propose a check be introduced that is executed as part of **setup-kolab**, that learns the system configuration and current run-time state, and errors out fatally if the configuration is inappropriate -- pointing out to some information on the subject.
## Implementation Design Considerations
* `/sys/fs/selinux/enforce` does not exist: SELinux disabled (GOOD, however bad).
* `/sys/fs/selinux/enforce` contains 1: SELinux enforces one or the other policy (it doesn't matter which) -> (BAD, however good)
* `/sys/fs/selinux/enforce` contains 0: SELinux does not enforce any policy, but does audit policy violations (GOOD, however bad)
This shall be the first or second item that executing **setup-kolab** checks for, however does not state in which capacity the system may come back up after reboot.
The command `sestatus` could be used, with sample output:
SELinux status: enabled
SELinuxfs mount: /sys/fs/selinux
SELinux root directory: /etc/selinux
Loaded policy name: targeted
Current mode: enforcing
Mode from config file: enforcing
Policy MLS status: enabled
Policy deny_unknown status: allowed
Max kernel policy version: 30
`exec()` and line-by-line parsing should then be used.
We would **NOT** amend the configuration to ensure the Kolab installation is successful and the system's security reduced without the user's explicit (and manual) intervention.