SELinux Cookbook
May 20, 2026 · View on GitHub
Important
This cookbook is deprecated. Chef Infra Client 18.0 and later include built-in
selinux_boolean, selinux_fcontext, selinux_install, selinux_login,
selinux_module, selinux_permissive, selinux_port, selinux_state, and
selinux_user resources. New work should use those built-in Chef Infra Client
resources directly.
Open functional reports against this cookbook, including fcontext built-in override behavior, module reinstall behavior, module compilation behavior, and Amazon Linux 2023 package defaults, affect resource behavior that is now owned by Chef Infra Client. Please file follow-up fixes in chef/chef instead of extending this deprecated compatibility cookbook.
Description
The SELinux (Security Enhanced Linux) cookbook provided recipes and custom resources for manipulating SELinux policy enforcement state.
This cookbook is retained only for existing Chef Infra Client 15-17 users that cannot yet move to Chef Infra Client 18 or later. It should not be added to new cookbooks.
SELinux can have one of three settings:
Enforcing
- Watches all system access checks, stops all 'Denied access'
- Default mode on RHEL systems
Permissive
- Allows access but reports violations
Disabled
- Disables SELinux from the system but is only read at boot time. If you set this flag, you must reboot.
Disable SELinux only if you plan to not use it. Use Permissive mode if you just need to debug your system.
Requirements
- Chef 15.3 or higher
Chef Infra Client 18.0 and later provide the SELinux resources directly. Prefer the built-in resources on those releases.
Platform
- RHEL 7+
- CentOS 7+
- Fedora
- Ubuntu
- Debian
Resources
The following resources are provided:
- selinux_boolean
- selinux_fcontext
- selinux_install
- selinux_login
- selinux_module
- selinux_permissive
- selinux_port
- selinux_state
- selinux_user
Maintainers
This cookbook is maintained by the Sous Chefs. The Sous Chefs are a community of Chef cookbook maintainers working together to maintain important cookbooks. If you’d like to know more please visit sous-chefs.org or come chat with us on the Chef Community Slack in #sous-chefs.
Contributors
This project exists thanks to all the people who contribute.
Backers
Thank you to all our backers!
Sponsors
Support this project by becoming a sponsor. Your logo will show up here with a link to your website.