Step 1: Review Denials in Permissive Mode
sudo ausearch -m avc -ts recentStep 2: Generate Policy Modules
sudo grep "denied" /var/log/audit/audit.log | audit2allow -m mymodule > mymodule.te
sudo audit2allow -a -M mymodule
sudo semodule -i mymodule.ppStep 3: Set Enforcing Mode
sudo setenforce 1Step 4: Make Permanent
sudo nano /etc/selinux/config
SELINUX=enforcingStep 5: Boot with Enforcing
sudo reboot