diff --git a/README.md b/README.md
index f6c2171ac0..f8521af69c 100644
--- a/README.md
+++ b/README.md
@@ -23,23 +23,23 @@
 
 <div class="feature-grid">
   <div>
-    <h3>🛠️ Packed to the gills</h3>
-    <p>Expansive range of modes including SOCKS5, HTTP proxy, TCP/UDP forwarding, Linux TProxy - not to mention additional features continually being added.</p>
+    <h3>🛠️ Jack of all trades</h3>
+    <p>Wide range of modes including SOCKS5, HTTP Proxy, TCP/UDP Forwarding, Linux TProxy, TUN - with more features being added constantly.</p>
   </div>
 
   <div>
-    <h3>⚡ Lightning fast</h3>
-    <p>Powered by a custom QUIC protocol, Hysteria delivers unparalleled performance over even the most unreliable and lossy networks.</p>
+    <h3>⚡ Blazing fast</h3>
+    <p>Powered by a customized QUIC protocol, Hysteria is designed to deliver unparalleled performance over unreliable and lossy networks.</p>
   </div>
 
   <div>
     <h3>✊ Censorship resistant</h3>
-    <p>Our protocol is designed to masquerade as standard HTTP/3 traffic, making it very difficult to detect and block without widespread collateral damage.</p>
+    <p>The protocol masquerades as standard HTTP/3 traffic, making it very difficult for censors to detect and block without widespread collateral damage.</p>
   </div>
   
   <div>
     <h3>💻 Cross-platform</h3>
-    <p>We have builds for all major platforms and architectures. Deploy anywhere & use everywhere.</p>
+    <p>We have builds for every major platform and architecture. Deploy anywhere & use everywhere. Not to mention the long list of 3rd party apps.</p>
   </div>
 
   <div>
@@ -48,8 +48,8 @@
   </div>
   
   <div>
-    <h3>🤗 Open standards</h3>
-    <p>We have well-documented specifications and code for developers to contribute and build their own apps.</p>
+    <h3>🤗 Cards on the table</h3>
+    <p>We have well-documented specifications and code for developers to contribute and build their own apps. And a helpful community, too.</p>
   </div>
 </div>
 
diff --git a/scripts/install_server.sh b/scripts/install_server.sh
index 3dae096c0d..b71f07559b 100644
--- a/scripts/install_server.sh
+++ b/scripts/install_server.sh
@@ -60,6 +60,9 @@ HYSTERIA_USER="${HYSTERIA_USER:-}"
 # Directory for ACME certificates storage
 HYSTERIA_HOME_DIR="${HYSTERIA_HOME_DIR:-}"
 
+# SELinux context of systemd unit files
+SECONTEXT_SYSTEMD_UNIT="${SECONTEXT_SYSTEMD_UNIT:-}"
+
 
 ###
 # ARGUMENTS
@@ -176,6 +179,14 @@ systemctl() {
   command systemctl "$@"
 }
 
+chcon() {
+  if ! has_command chcon || [[ "x$FORCE_NO_SELINUX" == "x1" ]]; then
+    return
+  fi
+
+  command chcon "$@"
+}
+
 show_argument_error_and_exit() {
   local _error_msg="$1"
 
@@ -221,6 +232,7 @@ exec_sudo() {
     $(env | grep "^OPERATING_SYSTEM=" || true)
     $(env | grep "^ARCHITECTURE=" || true)
     $(env | grep "^HYSTERIA_\w*=" || true)
+    $(env | grep "^SECONTEXT_SYSTEMD_UNIT=" || true)
     $(env | grep "^FORCE_\w*=" || true)
   )
   IFS="$_saved_ifs"
@@ -236,6 +248,7 @@ detect_package_manager() {
   fi
 
   if has_command apt; then
+    apt update
     PACKAGE_MANAGEMENT_INSTALL='apt -y --no-install-recommends install'
     return 0
   fi
@@ -406,6 +419,30 @@ check_environment_systemd() {
   esac
 }
 
+check_environment_selinux() {
+  if ! has_command chcon; then
+    return
+  fi
+
+  note "SELinux is detected"
+
+  if [[ "x$FORCE_NO_SELINUX" == "x1" ]]; then
+    warning "FORCE_NO_SELINUX=1, we will skip all SELinux related commands."
+    return
+  fi
+
+  if [[ -z "$SECONTEXT_SYSTEMD_UNIT" ]]; then
+    if [[ -z "$FORCE_NO_SYSTEMD" ]] && [[ -e "$SYSTEMD_SERVICES_DIR" ]]; then
+      local _sectx="$(ls -ldZ "$SYSTEMD_SERVICES_DIR" | cut -d ' ' -f 5)"
+      if [[ "x$_sectx" == "x?" ]]; then
+        warning "Failed to obtain SEContext of $SYSTEMD_SERVICES_DIR"
+      else
+        SECONTEXT_SYSTEMD_UNIT="$_sectx"
+      fi
+    fi
+  fi
+}
+
 check_environment_curl() {
   if has_command curl; then
     return
@@ -426,6 +463,7 @@ check_environment() {
   check_environment_operating_system
   check_environment_architecture
   check_environment_systemd
+  check_environment_selinux
   check_environment_curl
   check_environment_grep
 }
@@ -917,6 +955,10 @@ perform_install_hysteria_systemd() {
 
   install_content -Dm644 "$(tpl_hysteria_server_service)" "$SYSTEMD_SERVICES_DIR/hysteria-server.service" "1"
   install_content -Dm644 "$(tpl_hysteria_server_x_service)" "$SYSTEMD_SERVICES_DIR/hysteria-server@.service" "1"
+  if [[ -n "$SECONTEXT_SYSTEMD_UNIT" ]]; then
+    chcon "$SECONTEXT_SYSTEMD_UNIT" "$SYSTEMD_SERVICES_DIR/hysteria-server.service"
+    chcon "$SECONTEXT_SYSTEMD_UNIT" "$SYSTEMD_SERVICES_DIR/hysteria-server@.service"
+  fi
 
   systemctl daemon-reload
 }