diff --git a/build-rootfs.sh b/build-rootfs.sh
index 8da681a..642298a 100755
--- a/build-rootfs.sh
+++ b/build-rootfs.sh
@@ -100,10 +100,10 @@ setfiles \
     -F \
     -m \
     -r /mnt/gentoo \
-    -c /mnt/gentoo/etc/selinux/strict/policy/policy.* \
+    -c /mnt/gentoo/etc/selinux/mcs/policy/policy.* \
     -e /mnt/gentoo/var/db/pkg \
     -e /mnt/gentoo/etc/portage \
-    /mnt/gentoo/etc/selinux/strict/contexts/files/file_contexts \
+    /mnt/gentoo/etc/selinux/mcs/contexts/files/file_contexts \
     /mnt/gentoo
 
 touch /mnt/gentoo/usr
diff --git a/overlay/etc/selinux/config b/overlay/etc/selinux/config
index ba488c2..f4ec7c8 100644
--- a/overlay/etc/selinux/config
+++ b/overlay/etc/selinux/config
@@ -12,4 +12,4 @@ SELINUX=enforcing
 #	mls      - Full SELinux protection with Multi-Level Security
 #	mcs      - Full SELinux protection with Multi-Category Security 
 #	           (mls, but only one sensitivity level)
-SELINUXTYPE=strict
+SELINUXTYPE=mcs
diff --git a/portage/config/target/etc/portage/make.conf/60-selinux.conf b/portage/config/target/etc/portage/make.conf/60-selinux.conf
new file mode 100644
index 0000000..7a12e66
--- /dev/null
+++ b/portage/config/target/etc/portage/make.conf/60-selinux.conf
@@ -0,0 +1,2 @@
+USE="${USE} -unconfined"
+POLICY_TYPES=mcs