Selinux still a problem for F31 rebase

I have run into this problem reported a few times on bugzilla.redhat.com. https://bugzilla.redhat.com/show_bug.cgi?id=1763449
This was closed as notabug but the solution proposed does not work. It refers to ‘unlabled’ or ‘default’ file contexts but the problem file is labeled tcontext=system_u:object_r:systemd_logind_var_lib_t:s0 tclass=dir permissive=1
Restorecon must just restore it to what it already is.

Bottom line is I cannot boot into Silverblue 31 without enforcing=0.

Any ideas on this? I don’t want to wipe out my system for some selinux problem!

I encountered this same issue, and of course I couldn’t run restorecon on rootfs because…Silverblue.

My disgusting “fix” was to let the boot fail, then reboot into rescue mode and run journalctl -b-1 | grep -A20 'Starting Login' | audit2allow -M mylogind, then semodule -i mylogind. Terrible, but the system now boots in enforcing mode until I find a better fix.

Awesome! Thanks for the suggestion! Would be nice if there was a bug to track!

Addendum: I do have my system back up… albeit with problems running the f30 containers and toolboxes. I also did run restorecon on /var/lib and this didn’t fix the problem and didn’t seem to create any issues either. Strange that the comment on my rh bug report says do a restorecon on files with default_t and unlabeled_t but the problems are on a file(s) that are already labeled. Anyway hopefully this will get solved in Silverblue.