diff --git a/defaults/main.yml b/defaults/main.yml
index c95a7ad..284affc 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -13,6 +13,7 @@ k3s_reset: False
 k3s_token: "secure-token"
 k3s_node_ip: "{{ ansible_default_ipv4.address }}"
 k3s_init_log_enabled: False
+k3s_selinux_enabled: False
 
 k3s_server: True
 k3s_server_bind_ip: "0.0.0.0"
diff --git a/molecule/rocky9/converge.yml b/molecule/rocky9/converge.yml
index d4998b1..07cbe87 100644
--- a/molecule/rocky9/converge.yml
+++ b/molecule/rocky9/converge.yml
@@ -13,6 +13,7 @@
       - url: https://docs.projectcalico.org/archive/v3.24/manifests/tigera-operator.yaml
         dest: tigera-operator.yaml
     k3s_init_log_enabled: True
+    k3s_selinux_enabled: True
   pre_tasks:
     - name: Override host variables
       ansible.builtin.set_fact:
diff --git a/templates/etc/rancher/k3s/config.yaml.j2 b/templates/etc/rancher/k3s/config.yaml.j2
index c99ef03..a205217 100644
--- a/templates/etc/rancher/k3s/config.yaml.j2
+++ b/templates/etc/rancher/k3s/config.yaml.j2
@@ -8,6 +8,7 @@ node-ip: "{{ k3s_node_ip }}"
 kubelet-arg:
   {{ __k3s_kubelet_arg | to_nice_yaml(indent=2) | indent(2, False) }}
 {% endif %}
+selinux: {{ k3s_selinux_enabled | bool | lower }}
 
 {% if k3s_server | bool %}
 bind-address: "{{ k3s_server_bind_ip }}"