Re: fixfiles / restorecon with selinux disabled
Hi.
Am Samstag, den 17.03.2018, 17:46 +0200 schrieb Berend De Schouwer:
Hi,
I'm struggling to relabel a root filesystem correctly for SELinux.
I've got a system where I've had to copy (rsync) / to a new
harddrive.
I then changed the UUIDs in /etc/fstab, and the system is booting
from
the new harddrive. So the labels went missing.
The system does not allow logins if SELinux is enabled, because some
files (including systemd-user-session) are labelled incorrectly.
I've tried various ways to get it back, but fixfiles relabel,
restorecon -vR / require SELinux enabled, and if I enable it I can't
log in to run restorecon.
I've tried /.autorelabel but it appears to be ignored. I've checked
some files with 'ls -laZ'.
Any ideas?
Berend
You could enable SELinux in permissive mode, then relabel the FS and
reboot in enforcing mode. This SHOULD work.
Regards,
Dirk
--
Dirk Gottschalk
Paulusstrasse 6-8
52064 Aachen
Tel.: +49 1573 1152350
Attachments:
- signature.asc (application/pgp-signature — 833 bytes)
- smime.p7s (application/x-pkcs7-signature — 4.5 KB)