Which SELinux mode is recommended?

Recommended modes:

• Permissive — for initial setup and debugging;
• Enforcing — after policies are properly configured.

Reasoning:

• Suricata, Redis, and custom services require correctly defined rules;
• the project intentionally does not impose automatic SELinux policies.

In production:

• Enforcing + custom policies is the correct approach;
• Permissive is acceptable in isolated or closed environments.