[RHEL7] SELinux autorelabeling isn't performed at boot

Solution Verified - Updated -

Issue

  • After creating file /.autorelabel and rebooting, the file still exists and no relabeling was performed

    # touch /.autorelabel
# reboot

    ...

    # ls /.autorelabel
/.autorelabel

  • Service rhel-autorelabel is failing at boot

    # systemctl status rhel-autorelabel
● rhel-autorelabel.service - Relabel all filesystems, if necessary
Loaded: loaded (/usr/lib/systemd/system/rhel-autorelabel.service; enabled; vendor preset: enabled)
Active: failed (Result: exit-code) since XXX
Process: <PID> ExecStart=/usr/lib/systemd/rhel-autorelabel (code=exited, status=208/STDIN)
Main PID: <PID> (code=exited, status=208/STDIN)

XXX systemd[1]: Starting Relabel all filesystems, if necessary...
XXX systemd[582]: Failed at step STDIN spawning /usr/lib/systemd/rhel-autorelabel: Inappropriate ioctl for device
XXX systemd[1]: rhel-autorelabel.service: main process exited, code=exited, status=208/STDIN
XXX systemd[1]: Failed to start Relabel all filesystems, if necessary.
XXX systemd[1]: Unit rhel-autorelabel.service entered failed state.
XXX systemd[1]: rhel-autorelabel.service failed.

Environment

  • Red Hat Enterprise Linux 7
  • selinux
  • serial console

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.