How To Install SELinux on openSUSE

Install SELinux on openSUSE

In this tutorial, we will show you how to install SELinux on openSUSE. SELinux is a flexible and robust security feature that provides a variety of security policies for the Linux kernel. It operates in three modes: Disabled, Permissive, and Enforcing. In the Disabled mode, SELinux is turned off. The Permissive mode allows operations that violate policy for the sake of logging and debugging, while the Enforcing mode actively denies operations that violate policy. SELinux policies are the set of rules that guide SELinux in enforcing access control. These policies play a crucial role in defining the behavior of system and user applications.

This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of the SELinux on openSUSE.


  • A server running one of the following operating systems: openSUSE.
  • It’s recommended that you use a fresh OS install to prevent any potential issues.
  • You will need access to the terminal to execute commands. openSUSE provides the Terminal application for this purpose. It can be found in your Applications menu.
  • You’ll need an active internet connection to download SELinux and its dependencies.
  • You’ll need administrative (root) access or a user account with sudo privileges.

Install SELinux on openSUSE

Step 1. Before installing SELinux, ensure that your openSUSE system is up-to-date. You can update your system using the following command:

sudo zypper refresh
sudo zypper update

Step 2. Installing SELinux on openSUSE.

To install SELinux, you need to add the necessary repositories. After adding the repositories, use the zypper command to install SELinux:

sudo zypper install selinux-policy selinux-policy-targeted

This command installs the SELinux policy and the targeted policy module, which is the most common policy used in SELinux.

Step 3. Configuring SELinux on openSUSE.

The configuration of SELinux is done through the SELinux configuration file located at /etc/selinux/config. You can edit this file to switch between the different modes of SELinux: disabled, permissive, and enforcing.

To edit the configuration file, use the following command:

sudo nano /etc/selinux/config

In the configuration file, you can set the SELINUX variable to disabled, permissive, or enforcing to set the mode of SELinux. You can also set the SELINUXTYPE variable to targeted to use the targeted policy.

After editing the configuration file, save the changes and exit the editor. Then, reboot your system for the changes to take effect.

Step 4. Working with SELinux Commands.

Several commands are available for managing SELinux. The sestatus command displays the current status of SELinux:


The getenforce command returns the current mode of SELinux:


The setenforce command allows you to temporarily switch between the enforcing and permissive modes:

sudo setenforce 0 # Switch to permissive mode
sudo setenforce 1 # Switch to enforcing mode

Note that changes made with the setenforce command do not persist across reboots. For persistent changes, you need to edit the /etc/selinux/config configuration file.

Step 5. Troubleshooting SELinux.

When SELinux denies an action, it logs an Access Vector Cache (AVC) message. You can use the ausearch utility to find recent AVC messages:

sudo ausearch -m AVC,USER_AVC -ts recent

If you encounter problems with SELinux, start by checking for labeling problems. If a process, file, or directory is labeled with an incorrect SELinux context, it can cause SELinux to deny actions.

Congratulations! You have successfully installed SELinux. Thanks for using this tutorial for installing SELinux on your openSUSE system. For additional or useful information, we recommend you check the official openSUSE website.

VPS Manage Service Offer
If you don’t have time to do all of this stuff, or if this is not your area of expertise, we offer a service to do “VPS Manage Service Offer”, starting from $10 (Paypal payment). Please contact us to get the best deal!


r00t is a seasoned Linux system administrator with a wealth of experience in the field. Known for his contributions to, r00t has authored numerous tutorials and guides, helping users navigate the complexities of Linux systems. His expertise spans across various Linux distributions, including Ubuntu, CentOS, and Debian. r00t's work is characterized by his ability to simplify complex concepts, making Linux more accessible to users of all skill levels. His dedication to the Linux community and his commitment to sharing knowledge makes him a respected figure in the field.
Back to top button