# Security-Enhanced Linux

If you have SELinux enabled, the StrongDM gateway installation will fail. You'll need to set SELinux in permissive mode on each host before you attempt to deploy a gateway.

### Disable SELinux

Security-Enhanced Linux, or [**SELinux**](https://en.wikipedia.org/wiki/Security-Enhanced_Linux), allows you to set access control through policies.

1. Check the SELinux state: `getenforce` If the output is either Permissive or Disabled, you should be set. If the output is enforcing, continue to the next step.
2. There are two ways that you can disable SELinux - either by editing a config file, or by using the setenforce command
   1. If editing the config file, Open the `/etc/selinux/config` file (in some systems, the `/etc/sysconfig/selinux` file).
   2. Change the line `SELINUX=enforcing` to `SELINUX=permissive`.
   3. Save and close the file.
   4. Reboot your system
3. If using the setenforce simply run the command `sudo setenforce 0`
4. After performing either of the above methods, check again using `getenforce`

   ```bash
   $ getenforce
   Permissive
   ```

### Re-Enable SELinux

Once you've deployed a gateway, you'll want to re-enable SELinux. This is just a reverse of the disabling process..

1. Check the SELinux state: `getenforce` If the output is `Enforcing`, SELinux is already enabled. If the output is Permissive or Disabled, continue to the next step.
2. There are two ways that you can re-enable SELinux - either by editing a config file, or by using the `setenforce` command
   1. If editing the config file, Open the `/etc/selinux/config` file (in some systems, the `/etc/sysconfig/selinux` file).
   2. Change the line `SELINUX=permissive` to `SELINUX=enforcing`.
   3. Save and close the file.
   4. Reboot your system
3. If using the `setenforce`, simply run the command `sudo setenforce 1`.
4. After performing either of the above methods, check again using `getenforce`

   ```bash
   $ getenforce
   Enforcing
   ```


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.strongdm.com/admin/networking/selinux.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.