[Copiando o comentário de Jace em uma resposta completa]
A auditoria deve primeiro ser ativada na configuração geral. De Kernel do Linux em poucas palavras :
SELinux requires that the networking option be enabled. See the section called “Networking” to enable this.
SELinux also requires that audit be enabled in the kernel configuration. To do this:
General setup
[*] Auditing support
Also, the networking security option must be enabled:
Security options
[*] Enable different security models
[*] Socket and Networking Security Hooks
Now it is possible to select the SELinux option:
Security options
[*] Enable different security models
[*] NSA SELinux Support
There are also a number of individual SELinux options that you might wish to enable. Please see the help for the individual different items for more descriptions on what they do in.
Security options
[*] Enable different security models
[*] NSA SELinux Support
[ ] NSA SELinux boot parameter
[ ] NSA SELinux runtime disable
[*] NSA SELinux Development Support
[*] NSA SELinux AVC Statistics
(1) NSA SELinux checkreqprot default value