diff --git a/data/Linux-kernel.yaml b/data/Linux-kernel.yaml
index e6e88b929..81f464aed 100644
--- a/data/Linux-kernel.yaml
+++ b/data/Linux-kernel.yaml
@@ -1,6 +1,7 @@
 ---
 icinga2::globals::package_name: icinga2
 icinga2::globals::service_name: icinga2
+icinga2::globals::selinux_name: icinga2-selinux
 icinga2::globals::service_reload: service icinga2 reload
 icinga2::globals::ido_mysql_package_name: icinga2-ido-mysql
 icinga2::globals::ido_mysql_schema: /usr/share/icinga2-ido-mysql/schema/mysql.sql
diff --git a/data/RedHat-family-7.yaml b/data/RedHat-family-7.yaml
new file mode 100644
index 000000000..d546e3922
--- /dev/null
+++ b/data/RedHat-family-7.yaml
@@ -0,0 +1,2 @@
+---
+icinga2::manage_selinux: "%{facts.os.selinux.enabled}"
diff --git a/data/RedHat-family-8.yaml b/data/RedHat-family-8.yaml
new file mode 100644
index 000000000..d546e3922
--- /dev/null
+++ b/data/RedHat-family-8.yaml
@@ -0,0 +1,2 @@
+---
+icinga2::manage_selinux: "%{facts.os.selinux.enabled}"
diff --git a/manifests/globals.pp b/manifests/globals.pp
index a27a268b1..2bfc82866 100644
--- a/manifests/globals.pp
+++ b/manifests/globals.pp
@@ -11,6 +11,9 @@
 # [*package_name*]
 #   The name of the icinga package to manage.
 #
+# [*selinux_name*]
+#   The name of the icinga selinux package.
+#
 # [*service_name*]
 #   The name of the icinga service to manage.
 #
@@ -99,6 +102,7 @@
   Optional[String]       $ido_mysql_package_name = undef,
   Optional[String]       $ido_pgsql_package_name = undef,
   Optional[String]       $service_reload         = undef,
+  Optional[String]       $selinux_name           = unde,
 ) {
 
   assert_private()
diff --git a/manifests/init.pp b/manifests/init.pp
index f7a8d3f22..d452bc52d 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -19,6 +19,9 @@
 # [*manage_package*]
 #   If set to false packages aren't managed. Defaults to true.
 #
+# [*manage_selinux*]
+#   If set to true the icinga selinux package is installed. Defaults to false.
+#
 # [*manage_service*]
 #   If set to true the service is managed otherwise the service also
 #   isn't restarted if a config file changed. Defaults to true.
@@ -144,6 +147,7 @@
   Boolean                    $enable         = true,
   Boolean                    $manage_repo    = false,
   Boolean                    $manage_package = true,
+  Variant[Boolean, String]   $manage_selinux = false,
   Boolean                    $manage_service = true,
   Boolean                    $purge_features = true,
   Hash                       $constants      = {},
diff --git a/manifests/install.pp b/manifests/install.pp
index 179aa41a0..697169325 100644
--- a/manifests/install.pp
+++ b/manifests/install.pp
@@ -18,6 +18,8 @@
 
   $package_name   = $::icinga2::globals::package_name
   $manage_package = $::icinga2::manage_package
+  $selinux_name   = $::icinga2::globals::selinux_name
+  $manage_selinux = $::icinga2::manage_selinux
   $cert_dir       = $::icinga2::globals::cert_dir
   $conf_dir       = $::icinga2::globals::conf_dir
   $user           = $::icinga2::globals::user
@@ -30,6 +32,13 @@
       ensure => installed,
       before => File[$cert_dir, $conf_dir],
     }
+
+    if str2bool($manage_selinux) {
+      package { $selinux_name:
+        ensure  => installed,
+        require => Package[$package_name],
+      }
+    }
   }
 
   file { [$cert_dir, $conf_dir]: