http://bugzilla.opensuse.org/show_bug.cgi?id=1204860 Bug ID: 1204860 Summary: Installed selinux on fresh install: no labeling, got locked out Classification: openSUSE Product: openSUSE Tumbleweed Version: Current Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Security Assignee: security-team@suse.de Reporter: opensuse.k1akb@slmail.me QA Contact: qa-bugs@suse.de Found By: --- Blocker: --- I am not sure if this is still an issue, but I want to make sure it is known. I have an issue which *seems to be* described here: # 1199520. I am not sure if this is exactly the same issue/consequence/solution, so I would like to leave this information to be sure. I installed selinux soon after a fresh installation of OpenSUSE Tumbleweed: first installed selinux and the 'targeted' profile, then realized I was missing a component so I installed selinux-targeted-setup. After rebooting, I was locked out of the system, presumably because access to the shell was denied to all users. (At this point no relabeling had taken place.) I could not fix this with 'restorecon -Rv /', because this was an NOOP execution. I am not sure why, I do not know selinux well enough, the command just immediately exits. Then I noticed that '/etc/selinux/.autorelabel' was created -- and still existed -- and moved this to '/' and on next boot the relabeling process started and the issue resolved itself. From then on, I have not encountered any (noticable) issues. -- You are receiving this mail because: You are on the CC list for the bug.