SELinux is an additional layer of security to protect the system. The permission set by users manually is a kind of security control that works at the user's discretion, while SELinux is a mandatory access control for securing the system. Its main role is to protect data when a system service is compromised. SELinux consists of a set of security rules that determine which process can access which files, directories, or ports.