No boot after guid

Hello,

I’ve been doing pretty good at finding answers without asking for the last year and a half, but I finally screwed up.

I was setting up a new workstaion install, I use 3 user profiles in a group. Multiple hard drives, I use one for the 3 users to read/write/execute, basically fulltime access whenever needed.

I Set up a new directory (vault) for the mountpoint, chmod, had access with the 3 users, all good except user 1 (all users) couldn’t create say a new folder/file inside a folder created by another user, delete was only thing that worked properly.

So I tried and failed at setting guid, I only checked it with the user setting it up, not right or maybe it was and all I needed to do was reboot. I deleted the directory, and now no boot.

TTY’d, created the directory back in, didn’t boot. There is 2 new files, .hcwd and .autorelabel, I was going to delete them, but decided to wait and ask.

Thanks in advance,
Lizzy

Hello @lizzy ,
This could be a selinux thing. Perhaps you have to relabel the file contexts for the Group the users belong.

Yes, I searched those files, selinux, I have no idea about.

I’ll search again on how to relabel.

I created backups of those 2 files and deleted them, not problem.

I’m fairly new to linux, but I did it with my laptop 2yrs ago, and my notes don’t have relabel etc. I think it’s because I deleted the directory.

Thanks for reply Stephan

—EDIT/ADDON—
Went TTY file snooping, Selinux is disabled, also on laptop.

It really shouldn’t be. Fedora is one of the early adopters of selinux. It should always be able to be run in enforcing mode under normal use.

I threw the white flag, first time. With it a one day install, 10hrs searching, tty on 4k, I yanked a copy of /home, popped my edited iso in (my programs, not defaults), install, swapped /homes, fully funtional in 30mins.

I will search a bit more selinux, always learning.

Thanks again Stephen

99.9% of the time I have no problems with selinux.
I run it in enforcing mode full time and it automatically labels files and directories with the proper context.

When switching from disabled to either permissive or enforcing the only requirement would be to initially relabel the selinux context for the entire system.
The steps would be to

  1. edit /etc/selinux/config and set SELINUX=permissive and SELINUXTYPE=targeted`

  2. reboot

  3. run the command sudo fixfiles onboot
    or
    run the command sudo restorecon -RF /
    Either command will restore the selinux context across the entire file system. The first does so during boot and must complete before it will finish booting. The second does so while the system is running and must be allowed to complete before doing a shutdown or reboot.

  4. after step 3 completes it is simple to edit the /etc/selinux/config file again and set SELINUX=enforcing then reboot.

At this point selinux should be in enforcing mode and should keep the file system context properly labeled for you. (Permissive mode also keeps things properly labeled but does not enforce the policies.

1 Like

You’re welcome @lizzy ,
Should try what @computersavvy is suggesting. User isolation is something that is part of Fedora for some time.