> For the complete documentation index, see [llms.txt](https://docs.strongdm.com/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.strongdm.com/admin/networking/selinux.md). # Security-Enhanced Linux If you have SELinux enabled, the StrongDM gateway installation will fail. You'll need to set SELinux in permissive mode on each host before you attempt to deploy a gateway. ### Disable SELinux Security-Enhanced Linux, or [**SELinux**](https://en.wikipedia.org/wiki/Security-Enhanced_Linux), allows you to set access control through policies. 1. Check the SELinux state: `getenforce` If the output is either Permissive or Disabled, you should be set. If the output is enforcing, continue to the next step. 2. There are two ways that you can disable SELinux - either by editing a config file, or by using the setenforce command 1. If editing the config file, Open the `/etc/selinux/config` file (in some systems, the `/etc/sysconfig/selinux` file). 2. Change the line `SELINUX=enforcing` to `SELINUX=permissive`. 3. Save and close the file. 4. Reboot your system 3. If using the setenforce simply run the command `sudo setenforce 0` 4. After performing either of the above methods, check again using `getenforce` ```bash $ getenforce Permissive ``` ### Re-Enable SELinux Once you've deployed a gateway, you'll want to re-enable SELinux. This is just a reverse of the disabling process.. 1. Check the SELinux state: `getenforce` If the output is `Enforcing`, SELinux is already enabled. If the output is Permissive or Disabled, continue to the next step. 2. There are two ways that you can re-enable SELinux - either by editing a config file, or by using the `setenforce` command 1. If editing the config file, Open the `/etc/selinux/config` file (in some systems, the `/etc/sysconfig/selinux` file). 2. Change the line `SELINUX=permissive` to `SELINUX=enforcing`. 3. Save and close the file. 4. Reboot your system 3. If using the `setenforce`, simply run the command `sudo setenforce 1`. 4. After performing either of the above methods, check again using `getenforce` ```bash $ getenforce Enforcing ``` --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter: ``` GET https://docs.strongdm.com/admin/networking/selinux.md?ask=&goal= ``` `ask` is the immediate question: it should be specific, self-contained, and written in natural language. `goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.