I have run into this problem reported a few times on bugzilla.redhat.com. 1763449 – selinux prevents writing to /var/lib on silverblue rebase reboot
This was closed as notabug but the solution proposed does not work. It refers to ‘unlabled’ or ‘default’ file contexts but the problem file is labeled tcontext=system_u:object_r:systemd_logind_var_lib_t:s0 tclass=dir permissive=1
Restorecon must just restore it to what it already is.
Bottom line is I cannot boot into Silverblue 31 without enforcing=0.
Any ideas on this? I don’t want to wipe out my system for some selinux problem!
I encountered this same issue, and of course I couldn’t run restorecon on rootfs because…Silverblue.
My disgusting “fix” was to let the boot fail, then reboot into rescue mode and run journalctl -b-1 | grep -A20 'Starting Login' | audit2allow -M mylogind, then semodule -i mylogind. Terrible, but the system now boots in enforcing mode until I find a better fix.
Awesome! Thanks for the suggestion! Would be nice if there was a bug to track!
Addendum: I do have my system back up… albeit with problems running the f30 containers and toolboxes. I also did run restorecon on /var/lib and this didn’t fix the problem and didn’t seem to create any issues either. Strange that the comment on my rh bug report says do a restorecon on files with default_t and unlabeled_t but the problems are on a file(s) that are already labeled. Anyway hopefully this will get solved in Silverblue.
I’m having troubles with booting into rescue mode.
I’m using an old USB live image with Fedora 23.
When the menu appears I press Esc to enter the boot> prompt, then I type linux rescue and I’m bounced back to initial menu, as if nothing happened… I’ve tried also the command inst.rescue, but it has the same result.
Searching on Google doesn’t help much, as most of results refer to older versions of Fedora.
If I look up current documentation I can find this page, where I read that Troubleshooting menu should contain a Rescue a Fedora system item. That’s not the case for the image I’m using. I guess I’ll have to download a f30 image.
Today I tried booting into rescue mode using a f31 live.
I don’t see any Rescue a Fedora system item under Troubleshooting. However, this time the command ‘linux rescue’ starts the system in rescue mode, but it fails because I don’t have a password for the root user.
So I had to boot again normally and set the root password with passwd root.
Then I booted again into rescue mode using the live. Same problem. I guess it’s some kind of issue with ostree.
I tried also the workaround described here, but I could not boot the new ref adding enforcing=0 as boot option at startup.
I’m sick of this. I guess Silverblue is not for me.