Hi. Am Samstag, den 17.03.2018, 17:46 +0200 schrieb Berend De Schouwer: > Hi, > > I'm struggling to relabel a root filesystem correctly for SELinux. > > I've got a system where I've had to copy (rsync) / to a new > harddrive. > I then changed the UUIDs in /etc/fstab, and the system is booting > from > the new harddrive. So the labels went missing. > > The system does not allow logins if SELinux is enabled, because > some > files (including systemd-user-session) are labelled incorrectly. > > I've tried various ways to get it back, but fixfiles relabel, > restorecon -vR / require SELinux enabled, and if I enable it I > can't > log in to run restorecon. > > I've tried /.autorelabel but it appears to be ignored. I've > checked > some files with 'ls -laZ'. > > Any ideas? > Berend You could enable SELinux in permissive mode, then relabel the FS and reboot in enforcing mode. This SHOULD work.