diff --git a/sdk_container/src/third_party/coreos-overlay/profiles/coreos/targets/generic/package.use b/sdk_container/src/third_party/coreos-overlay/profiles/coreos/targets/generic/package.use
index ba5b3db9e7..8c6bc7a6df 100644
--- a/sdk_container/src/third_party/coreos-overlay/profiles/coreos/targets/generic/package.use
+++ b/sdk_container/src/third_party/coreos-overlay/profiles/coreos/targets/generic/package.use
@@ -3,6 +3,7 @@
 
 app-admin/rsyslog	-ssl
 app-editors/vim		minimal
+coreos-base/coreos	selinux
 dev-lang/python		-berkdb gdbm
 dev-libs/dbus-glib	tools
 dev-libs/elfutils	-utils
@@ -15,15 +16,18 @@ net-misc/dhcp	        -server
 net-misc/iperf		threads
 net-misc/ntp            caps
 sys-apps/busybox	-pam -selinux
+sys-apps/dbus		selinux
 sys-apps/smartmontools	minimal
 sys-block/parted        device-mapper
 sys-fs/lvm2		-lvm1 -readline
+sys-kernel/coreos-kernel selinux
 sys-libs/ncurses	minimal
 sys-libs/pam        -berkdb
 sys-libs/gdbm		berkdb
 
 # enable journal gateway and container features, avoid pulling in gnutls
-sys-apps/systemd audit importd http nat -ssl
+sys-apps/systemd audit importd http nat -ssl selinux
+
 net-libs/libmicrohttpd -ssl
 
 sys-boot/syslinux       -custom-cflags
diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/dbus/dbus-1.8.16-r1.ebuild b/sdk_container/src/third_party/coreos-overlay/sys-apps/dbus/dbus-1.8.16-r2.ebuild
similarity index 99%
rename from sdk_container/src/third_party/coreos-overlay/sys-apps/dbus/dbus-1.8.16-r1.ebuild
rename to sdk_container/src/third_party/coreos-overlay/sys-apps/dbus/dbus-1.8.16-r2.ebuild
index 874a08c322..6e5dd03c59 100644
--- a/sdk_container/src/third_party/coreos-overlay/sys-apps/dbus/dbus-1.8.16-r1.ebuild
+++ b/sdk_container/src/third_party/coreos-overlay/sys-apps/dbus/dbus-1.8.16-r2.ebuild
@@ -37,9 +37,7 @@ DEPEND="${CDEPEND}
 		>=dev-libs/glib-2.24
 		${PYTHON_DEPS}
 		)"
-RDEPEND="${CDEPEND}
-	selinux? ( sec-policy/selinux-dbus )
-"
+RDEPEND="${CDEPEND}"
 
 DOC_CONTENTS="
 	Some applications require a session bus in addition to the system
diff --git a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-kernel/files/amd64_defconfig-4.1 b/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-kernel/files/amd64_defconfig-4.1
index 6c90ff5f2d..b5d85c9284 100644
--- a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-kernel/files/amd64_defconfig-4.1
+++ b/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-kernel/files/amd64_defconfig-4.1
@@ -923,8 +923,8 @@ CONFIG_SECURITY_NETWORK=y
 CONFIG_SECURITY_NETWORK_XFRM=y
 CONFIG_SECURITY_SELINUX=y
 CONFIG_SECURITY_SELINUX_BOOTPARAM=y
-CONFIG_SECURITY_SELINUX_BOOTPARAM_VALUE=0
-CONFIG_SECURITY_SELINUX_DISABLE=y
+CONFIG_SECURITY_SELINUX_BOOTPARAM_VALUE=1
+CONFIG_SECURITY_SELINUX_DISABLE=n
 # CONFIG_CRYPTO_MANAGER_DISABLE_TESTS is not set
 CONFIG_CRYPTO_CRC32C_INTEL=m
 CONFIG_CRYPTO_SHA1_SSSE3=m