# Setup Selinux

Use the following procedure to permanently change SELinux mode to permissive. When SELinux is running in permissive mode, SELinux policy is not enforced. The system remains operational and SELinux does not deny any operations but only logs AVC messages, which can be then used for troubleshooting, debugging, and SELinux policy improvements. Each AVC is logged only once in this case.

**Prerequisites**

* The `selinux-policy-targeted`, `libselinux-utils`, and `policycoreutils` packages are installed on your system.
* The `selinux=0` or `enforcing=0` kernel parameters are not used.

**Procedure**

1. Open the `/etc/selinux/config` file in a text editor of your choice, for example:

   Copy

   ```
   # vi /etc/selinux/config
   ```
2. Configure the `SELINUX=permissive` option:

   Copy

   ```
   # This file controls the state of SELinux on the system.
   # SELINUX= can take one of these three values:
   #       enforcing - SELinux security policy is enforced.
   #       permissive - SELinux prints warnings instead of enforcing.
   #       disabled - No SELinux policy is loaded.
   SELINUX=permissive
   # SELINUXTYPE= can take one of these two values:
   #       targeted - Targeted processes are protected,
   #       mls - Multi Level Security protection.
   SELINUXTYPE=targeted
   ```
3. Restart the system:

   Copy

   ```
   # reboot
   ```

**Verification**

After the system restarts, confirm that the `getenforce` command returns `Permissive`:

Copy

```
$ getenforce
Permissive
```

### &#x20; <a href="#license-module-initialization-error" id="license-module-initialization-error"></a>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://cookbook.denovolab.com/installation/setup-selinux.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.