How to Enable or Reinstall SELinux on CentOS
Published on June 17, 2020•Updated on November 21, 2023
Introduction
Security-Enhanced Linux (SELinux) is an enhanced security mechanism at the kernel level. Follow this guide to reinstall SELinux and reset the policy to default settings. If SELinux is not already installed, go directly to step 2.
Perform these steps as a sudo-enabled user, or root. This guide has been tested on:
- CentOS 8
- CentOS 7
- CentOS 6
1. Disable and Remove SELinux
# setenforce 0
# yum remove selinux-policy\*
# rm -rf /etc/selinux/targeted /etc/selinux/config
2. Install SELinux
# yum install selinux-policy-targeted
# yum install selinux-policy-devel policycoreutils
# touch /.autorelabel; reboot
SELinux will detect the /.autorelabel file on reboot, and then relabel all files with the correct SELinux contexts. If you have many files, the instance may be unavailable for a long time. You can monitor the instance from the Vultr Web console.