Introduction

Security-Enhanced Linux (SELinux) is an enhanced security mechanism at the kernel level. Follow this guide to reinstall SELinux and reset the policy to default settings. If SELinux is not already installed, go directly to step 2.

Perform these steps as a sudo-enabled user, or root. This guide has been tested on:

  • CentOS 8
  • CentOS 7
  • CentOS 6

1. Disable and Remove SELinux

# setenforce 0
# yum remove selinux-policy\*
# rm -rf /etc/selinux/targeted /etc/selinux/config

2. Install SELinux

# yum install selinux-policy-targeted
# yum install selinux-policy-devel policycoreutils
# touch /.autorelabel; reboot

SELinux will detect the /.autorelabel file on reboot, and then relabel all files with the correct SELinux contexts.