Some VPS providers (like mine, Vultr) disable SELinux in their OS installers to simplify deployments for their customers. If you’d like to enable SELinux, though, it’s pretty simple – here’s how to get the standard targeted policy running on Vultr’s CentOS 7 base install:

  1. Install the selinux-policy-targeted package. The dependencies for this package will pull in everything else you need and will install an /etc/selinux/config file that enables SELinux.

    $ yum install selinux-policy-targeted

  2. Make sure SELinux is set to enforcing.

    $ setenforce 1

  3. Set SELinux to relabel the filesystem at next boot. This will ensure the default context labels have been applied to the filesystem before SELinux is running.

    $ touch /.autorelabel

Then just reboot the system and SELinux will be active. Note that if you do this on a server that’s already in use you should ensure the SELinux policy is configured to allow your applications to work or you’ll run into problems after rebooting the system.