diff --git a/Docker-Compose.ign b/Docker-Compose.ign
index fb15ac9..47a32ff 100644
--- a/Docker-Compose.ign
+++ b/Docker-Compose.ign
@@ -170,7 +170,7 @@
         "name": "setsebool.service"
       },
       {
-        "contents": "[Unit]\nDescription=gVisor Update\nRequire=network-online.target\nBefore=docker.service\n\n[Service]\nWorkingDirectory=/var/roothome\nType=oneshot\nExecStart=/usr/bin/sleep 5\nExecStart=/usr/bin/curl -O https://storage.googleapis.com/gvisor/releases/release/latest/x86_64/runsc\nExecStart=/usr/bin/curl -O https://storage.googleapis.com/gvisor/releases/release/latest/x86_64/runsc.sha512\nExecStart=/usr/bin/curl -O https://storage.googleapis.com/gvisor/releases/release/latest/x86_64/containerd-shim-runsc-v1\nExecStart=/usr/bin/curl -O https://storage.googleapis.com/gvisor/releases/release/latest/x86_64/containerd-shim-runsc-v1.sha512\nExecStart=/usr/bin/sha512sum -c runsc.sha512 -c containerd-shim-runsc-v1.sha512\nExecStart=/usr/bin/rm -f runsc.sha512 containerd-shim-runsc-v1.sha512\nExecStart=/usr/bin/chmod a+rx runsc containerd-shim-runsc-v1\nExecStart=/usr/bin/mv runsc containerd-shim-runsc-v1 /var/usrlocal/bin\n\n[Install]\nWantedBy=multi-user.target\n",
+        "contents": "[Unit]\nDescription=gVisor Update\nRequire=network-online.target\nBefore=docker.service\n\n[Service]\nWorkingDirectory=/var/roothome\nType=oneshot\nExecStart=/usr/bin/sleep 5\nExecStart=/usr/bin/curl -O https://storage.googleapis.com/gvisor/releases/release/latest/x86_64/runsc\nExecStart=/usr/bin/curl -O https://storage.googleapis.com/gvisor/releases/release/latest/x86_64/runsc.sha512\nExecStart=/usr/bin/curl -O https://storage.googleapis.com/gvisor/releases/release/latest/x86_64/containerd-shim-runsc-v1\nExecStart=/usr/bin/curl -O https://storage.googleapis.com/gvisor/releases/release/latest/x86_64/containerd-shim-runsc-v1.sha512\nExecStart=/usr/bin/sha512sum -c runsc.sha512 -c containerd-shim-runsc-v1.sha512\nExecStart=/usr/bin/rm -f runsc.sha512 containerd-shim-runsc-v1.sha512\nExecStart=/usr/bin/chmod a+rx runsc containerd-shim-runsc-v1\nExecStart=/usr/bin/mv runsc containerd-shim-runsc-v1 /var/usrlocal/bin\nExecStart=/usr/bin/chcon system_u:object_r:container_runtime_exec_t:s0 /var/usrlocal/bin/runsc\n\n[Install]\nWantedBy=multi-user.target\n",
         "enabled": true,
         "name": "gvisor-updater.service"
       },
diff --git a/Docker-Compose.yml b/Docker-Compose.yml
index e17aa89..f3dc50a 100644
--- a/Docker-Compose.yml
+++ b/Docker-Compose.yml
@@ -84,6 +84,7 @@ systemd:
         ExecStart=/usr/bin/rm -f runsc.sha512 containerd-shim-runsc-v1.sha512
         ExecStart=/usr/bin/chmod a+rx runsc containerd-shim-runsc-v1
         ExecStart=/usr/bin/mv runsc containerd-shim-runsc-v1 /var/usrlocal/bin
+        ExecStart=/usr/bin/chcon system_u:object_r:container_runtime_exec_t:s0 /var/usrlocal/bin/runsc
 
         [Install]
         WantedBy=multi-user.target
diff --git a/Generic.ign b/Generic.ign
index 5956d4a..7436731 100644
--- a/Generic.ign
+++ b/Generic.ign
@@ -168,7 +168,7 @@
         "name": "setsebool.service"
       },
       {
-        "contents": "[Unit]\nDescription=gVisor Update\nRequire=network-online.target\nBefore=docker.service\n\n[Service]\nWorkingDirectory=/var/roothome\nType=oneshot\nExecStart=/usr/bin/sleep 5\nExecStart=/usr/bin/curl -O https://storage.googleapis.com/gvisor/releases/release/latest/x86_64/runsc\nExecStart=/usr/bin/curl -O https://storage.googleapis.com/gvisor/releases/release/latest/x86_64/runsc.sha512\nExecStart=/usr/bin/curl -O https://storage.googleapis.com/gvisor/releases/release/latest/x86_64/containerd-shim-runsc-v1\nExecStart=/usr/bin/curl -O https://storage.googleapis.com/gvisor/releases/release/latest/x86_64/containerd-shim-runsc-v1.sha512\nExecStart=/usr/bin/sha512sum -c runsc.sha512 -c containerd-shim-runsc-v1.sha512\nExecStart=/usr/bin/rm -f runsc.sha512 containerd-shim-runsc-v1.sha512\nExecStart=/usr/bin/chmod a+rx runsc containerd-shim-runsc-v1\nExecStart=/usr/bin/mv runsc containerd-shim-runsc-v1 /var/usrlocal/bin\n\n[Install]\nWantedBy=multi-user.target\n",
+        "contents": "[Unit]\nDescription=gVisor Update\nRequire=network-online.target\nBefore=docker.service\n\n[Service]\nWorkingDirectory=/var/roothome\nType=oneshot\nExecStart=/usr/bin/sleep 5\nExecStart=/usr/bin/curl -O https://storage.googleapis.com/gvisor/releases/release/latest/x86_64/runsc\nExecStart=/usr/bin/curl -O https://storage.googleapis.com/gvisor/releases/release/latest/x86_64/runsc.sha512\nExecStart=/usr/bin/curl -O https://storage.googleapis.com/gvisor/releases/release/latest/x86_64/containerd-shim-runsc-v1\nExecStart=/usr/bin/curl -O https://storage.googleapis.com/gvisor/releases/release/latest/x86_64/containerd-shim-runsc-v1.sha512\nExecStart=/usr/bin/sha512sum -c runsc.sha512 -c containerd-shim-runsc-v1.sha512\nExecStart=/usr/bin/rm -f runsc.sha512 containerd-shim-runsc-v1.sha512\nExecStart=/usr/bin/chmod a+rx runsc containerd-shim-runsc-v1\nExecStart=/usr/bin/mv runsc containerd-shim-runsc-v1 /var/usrlocal/bin\nExecStart=/usr/bin/chcon system_u:object_r:container_runtime_exec_t:s0 /var/usrlocal/bin/runsc\n\n[Install]\nWantedBy=multi-user.target\n",
         "enabled": true,
         "name": "gvisor-updater.service"
       },
diff --git a/Generic.yml b/Generic.yml
index 25255a7..a8c7d22 100644
--- a/Generic.yml
+++ b/Generic.yml
@@ -102,6 +102,7 @@ systemd:
         ExecStart=/usr/bin/rm -f runsc.sha512 containerd-shim-runsc-v1.sha512
         ExecStart=/usr/bin/chmod a+rx runsc containerd-shim-runsc-v1
         ExecStart=/usr/bin/mv runsc containerd-shim-runsc-v1 /var/usrlocal/bin
+        ExecStart=/usr/bin/chcon system_u:object_r:container_runtime_exec_t:s0 /var/usrlocal/bin/runsc
 
         [Install]
         WantedBy=multi-user.target