What does /.autorelabel do when we reset the password in Red Hat?Does AIX really beat Red Hat Enterprise Linux?What version of Red Hat is used for the Red Hat Certified System Administrator Exam?Why does Red Hat Linux use such an old kernel?Is Red Hat Linux licensedRed Hat Network (RHN) and package updatesRED HAT LOGIN problem with rootCompiling for Red Hat 5.9How should I download Red Hat Enterprise Linux?Red Hat no package realmd availableRed Hat 7 GDM + NIS Only Validates First 7 Characters of Password

Intersection Puzzle

How could indestructible materials be used in power generation?

Short story with a alien planet, government officials must wear exploding medallions

How badly should I try to prevent a user from XSSing themselves?

In 'Revenger,' what does 'cove' come from?

What's the in-universe reasoning behind sorcerers needing material components?

Mathematica command that allows it to read my intentions

How dangerous is XSS?

Should I tell management that I intend to leave due to bad software development practices?

How do I deal with an unproductive colleague in a small company?

Venezuelan girlfriend wants to travel the USA to be with me. What is the process?

What exploit are these user agents trying to use?

What does the expression "A Mann!" means

Am I breaking OOP practice with this architecture?

Zip/Tar file compressed to larger size?

Are there any examples of a variable being normally distributed that is *not* due to the Central Limit Theorem?

What about the virus in 12 Monkeys?

How would I stat a creature to be immune to everything but the Magic Missile spell? (just for fun)

Different meanings of こわい

Watching something be piped to a file live with tail

Is there an expression that means doing something right before you will need it rather than doing it in case you might need it?

Is it possible to create a QR code using text?

Why didn't Boeing produce its own regional jet?

Is there a hemisphere-neutral way of specifying a season?



What does /.autorelabel do when we reset the password in Red Hat?


Does AIX really beat Red Hat Enterprise Linux?What version of Red Hat is used for the Red Hat Certified System Administrator Exam?Why does Red Hat Linux use such an old kernel?Is Red Hat Linux licensedRed Hat Network (RHN) and package updatesRED HAT LOGIN problem with rootCompiling for Red Hat 5.9How should I download Red Hat Enterprise Linux?Red Hat no package realmd availableRed Hat 7 GDM + NIS Only Validates First 7 Characters of Password













4















In RHEL, after we

do an rd.break, and all the procedure, and

do a touch /.autorelabel,

what does the /.autorelabel do?










share|improve this question









New contributor




Sky is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.















  • 3





    have you done any research to try to answer your question?

    – jsotola
    Apr 1 at 3:21















4















In RHEL, after we

do an rd.break, and all the procedure, and

do a touch /.autorelabel,

what does the /.autorelabel do?










share|improve this question









New contributor




Sky is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.















  • 3





    have you done any research to try to answer your question?

    – jsotola
    Apr 1 at 3:21













4












4








4








In RHEL, after we

do an rd.break, and all the procedure, and

do a touch /.autorelabel,

what does the /.autorelabel do?










share|improve this question









New contributor




Sky is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.












In RHEL, after we

do an rd.break, and all the procedure, and

do a touch /.autorelabel,

what does the /.autorelabel do?







rhel






share|improve this question









New contributor




Sky is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.











share|improve this question









New contributor




Sky is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.









share|improve this question




share|improve this question








edited 2 days ago









K7AAY

934928




934928






New contributor




Sky is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.









asked Apr 1 at 3:12









SkySky

241




241




New contributor




Sky is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.





New contributor





Sky is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.






Sky is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.







  • 3





    have you done any research to try to answer your question?

    – jsotola
    Apr 1 at 3:21












  • 3





    have you done any research to try to answer your question?

    – jsotola
    Apr 1 at 3:21







3




3





have you done any research to try to answer your question?

– jsotola
Apr 1 at 3:21





have you done any research to try to answer your question?

– jsotola
Apr 1 at 3:21










1 Answer
1






active

oldest

votes


















7














The rd.break parameter interrupts the boot process before the control is passed over to the kernel. At this point, when you run the passwd command to do the password reset, the associated shadow file (/etc/shadow) is modified with an incorrect SELinux context.
The touch /.autorelabel command creates a hidden file named .autorelabel under the root directory. On the next boot, the SELinux subsystem will detect this file, and then relabel all of the files on that system with the correct SELinux contexts. On large disks, this process can take a good amount of time.



An alternative to the complete relabeling approach is also mentioned in the documentation. First, use the parameters rd.break enforcing=0 when editing the GRUB entry. This will result in the system eventually booting with SELinux set to permissive mode (warn, but do not block). Then, proceed to change the password in the same manner as before. Continue the boot process and allow the system to come up. Once it comes up, run restorecon /etc/shadow to restore the correct SELinux context to the /etc/shadow file. Then, run setenforce 1 to re-enable SELinux and start using the system.






share|improve this answer























    Your Answer








    StackExchange.ready(function()
    var channelOptions =
    tags: "".split(" "),
    id: "106"
    ;
    initTagRenderer("".split(" "), "".split(" "), channelOptions);

    StackExchange.using("externalEditor", function()
    // Have to fire editor after snippets, if snippets enabled
    if (StackExchange.settings.snippets.snippetsEnabled)
    StackExchange.using("snippets", function()
    createEditor();
    );

    else
    createEditor();

    );

    function createEditor()
    StackExchange.prepareEditor(
    heartbeatType: 'answer',
    autoActivateHeartbeat: false,
    convertImagesToLinks: false,
    noModals: true,
    showLowRepImageUploadWarning: true,
    reputationToPostImages: null,
    bindNavPrevention: true,
    postfix: "",
    imageUploader:
    brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
    contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
    allowUrls: true
    ,
    onDemand: true,
    discardSelector: ".discard-answer"
    ,immediatelyShowMarkdownHelp:true
    );



    );






    Sky is a new contributor. Be nice, and check out our Code of Conduct.









    draft saved

    draft discarded


















    StackExchange.ready(
    function ()
    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f509798%2fwhat-does-autorelabel-do-when-we-reset-the-password-in-red-hat%23new-answer', 'question_page');

    );

    Post as a guest















    Required, but never shown

























    1 Answer
    1






    active

    oldest

    votes








    1 Answer
    1






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes









    7














    The rd.break parameter interrupts the boot process before the control is passed over to the kernel. At this point, when you run the passwd command to do the password reset, the associated shadow file (/etc/shadow) is modified with an incorrect SELinux context.
    The touch /.autorelabel command creates a hidden file named .autorelabel under the root directory. On the next boot, the SELinux subsystem will detect this file, and then relabel all of the files on that system with the correct SELinux contexts. On large disks, this process can take a good amount of time.



    An alternative to the complete relabeling approach is also mentioned in the documentation. First, use the parameters rd.break enforcing=0 when editing the GRUB entry. This will result in the system eventually booting with SELinux set to permissive mode (warn, but do not block). Then, proceed to change the password in the same manner as before. Continue the boot process and allow the system to come up. Once it comes up, run restorecon /etc/shadow to restore the correct SELinux context to the /etc/shadow file. Then, run setenforce 1 to re-enable SELinux and start using the system.






    share|improve this answer



























      7














      The rd.break parameter interrupts the boot process before the control is passed over to the kernel. At this point, when you run the passwd command to do the password reset, the associated shadow file (/etc/shadow) is modified with an incorrect SELinux context.
      The touch /.autorelabel command creates a hidden file named .autorelabel under the root directory. On the next boot, the SELinux subsystem will detect this file, and then relabel all of the files on that system with the correct SELinux contexts. On large disks, this process can take a good amount of time.



      An alternative to the complete relabeling approach is also mentioned in the documentation. First, use the parameters rd.break enforcing=0 when editing the GRUB entry. This will result in the system eventually booting with SELinux set to permissive mode (warn, but do not block). Then, proceed to change the password in the same manner as before. Continue the boot process and allow the system to come up. Once it comes up, run restorecon /etc/shadow to restore the correct SELinux context to the /etc/shadow file. Then, run setenforce 1 to re-enable SELinux and start using the system.






      share|improve this answer

























        7












        7








        7







        The rd.break parameter interrupts the boot process before the control is passed over to the kernel. At this point, when you run the passwd command to do the password reset, the associated shadow file (/etc/shadow) is modified with an incorrect SELinux context.
        The touch /.autorelabel command creates a hidden file named .autorelabel under the root directory. On the next boot, the SELinux subsystem will detect this file, and then relabel all of the files on that system with the correct SELinux contexts. On large disks, this process can take a good amount of time.



        An alternative to the complete relabeling approach is also mentioned in the documentation. First, use the parameters rd.break enforcing=0 when editing the GRUB entry. This will result in the system eventually booting with SELinux set to permissive mode (warn, but do not block). Then, proceed to change the password in the same manner as before. Continue the boot process and allow the system to come up. Once it comes up, run restorecon /etc/shadow to restore the correct SELinux context to the /etc/shadow file. Then, run setenforce 1 to re-enable SELinux and start using the system.






        share|improve this answer













        The rd.break parameter interrupts the boot process before the control is passed over to the kernel. At this point, when you run the passwd command to do the password reset, the associated shadow file (/etc/shadow) is modified with an incorrect SELinux context.
        The touch /.autorelabel command creates a hidden file named .autorelabel under the root directory. On the next boot, the SELinux subsystem will detect this file, and then relabel all of the files on that system with the correct SELinux contexts. On large disks, this process can take a good amount of time.



        An alternative to the complete relabeling approach is also mentioned in the documentation. First, use the parameters rd.break enforcing=0 when editing the GRUB entry. This will result in the system eventually booting with SELinux set to permissive mode (warn, but do not block). Then, proceed to change the password in the same manner as before. Continue the boot process and allow the system to come up. Once it comes up, run restorecon /etc/shadow to restore the correct SELinux context to the /etc/shadow file. Then, run setenforce 1 to re-enable SELinux and start using the system.







        share|improve this answer












        share|improve this answer



        share|improve this answer










        answered Apr 1 at 3:43









        HaxielHaxiel

        3,49811021




        3,49811021




















            Sky is a new contributor. Be nice, and check out our Code of Conduct.









            draft saved

            draft discarded


















            Sky is a new contributor. Be nice, and check out our Code of Conduct.












            Sky is a new contributor. Be nice, and check out our Code of Conduct.











            Sky is a new contributor. Be nice, and check out our Code of Conduct.














            Thanks for contributing an answer to Unix & Linux Stack Exchange!


            • Please be sure to answer the question. Provide details and share your research!

            But avoid


            • Asking for help, clarification, or responding to other answers.

            • Making statements based on opinion; back them up with references or personal experience.

            To learn more, see our tips on writing great answers.




            draft saved


            draft discarded














            StackExchange.ready(
            function ()
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f509798%2fwhat-does-autorelabel-do-when-we-reset-the-password-in-red-hat%23new-answer', 'question_page');

            );

            Post as a guest















            Required, but never shown





















































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown

































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown







            Popular posts from this blog

            រឿង រ៉ូមេអូ និង ហ្ស៊ុយលីយេ សង្ខេបរឿង តួអង្គ បញ្ជីណែនាំ

            Crop image to path created in TikZ? Announcing the arrival of Valued Associate #679: Cesar Manara Planned maintenance scheduled April 17/18, 2019 at 00:00UTC (8:00pm US/Eastern)Crop an inserted image?TikZ pictures does not appear in posterImage behind and beyond crop marks?Tikz picture as large as possible on A4 PageTransparency vs image compression dilemmaHow to crop background from image automatically?Image does not cropTikzexternal capturing crop marks when externalizing pgfplots?How to include image path that contains a dollar signCrop image with left size given

            Romeo and Juliet ContentsCharactersSynopsisSourcesDate and textThemes and motifsCriticism and interpretationLegacyScene by sceneSee alsoNotes and referencesSourcesExternal linksNavigation menu"Consumer Price Index (estimate) 1800–"10.2307/28710160037-3222287101610.1093/res/II.5.31910.2307/45967845967810.2307/2869925286992510.1525/jams.1982.35.3.03a00050"Dada Masilo: South African dancer who breaks the rules"10.1093/res/os-XV.57.1610.2307/28680942868094"Sweet Sorrow: Mann-Korman's Romeo and Juliet Closes Sept. 5 at MN's Ordway"the original10.2307/45957745957710.1017/CCOL0521570476.009"Ram Leela box office collections hit massive Rs 100 crore, pulverises prediction"Archived"Broadway Revival of Romeo and Juliet, Starring Orlando Bloom and Condola Rashad, Will Close Dec. 8"Archived10.1075/jhp.7.1.04hon"Wherefore art thou, Romeo? To make us laugh at Navy Pier"the original10.1093/gmo/9781561592630.article.O006772"Ram-leela Review Roundup: Critics Hail Film as Best Adaptation of Romeo and Juliet"Archived10.2307/31946310047-77293194631"Romeo and Juliet get Twitter treatment""Juliet's Nurse by Lois Leveen""Romeo and Juliet: Orlando Bloom's Broadway Debut Released in Theaters for Valentine's Day"Archived"Romeo and Juliet Has No Balcony"10.1093/gmo/9781561592630.article.O00778110.2307/2867423286742310.1076/enst.82.2.115.959510.1080/00138380601042675"A plague o' both your houses: error in GCSE exam paper forces apology""Juliet of the Five O'Clock Shadow, and Other Wonders"10.2307/33912430027-4321339124310.2307/28487440038-7134284874410.2307/29123140149-661129123144728341M"Weekender Guide: Shakespeare on The Drive""balcony"UK public library membership"romeo"UK public library membership10.1017/CCOL9780521844291"Post-Zionist Critique on Israel and the Palestinians Part III: Popular Culture"10.2307/25379071533-86140377-919X2537907"Capulets and Montagues: UK exam board admit mixing names up in Romeo and Juliet paper"Istoria Novellamente Ritrovata di Due Nobili Amanti2027/mdp.390150822329610820-750X"GCSE exam error: Board accidentally rewrites Shakespeare"10.2307/29176390149-66112917639"Exam board apologises after error in English GCSE paper which confused characters in Shakespeare's Romeo and Juliet""From Mariotto and Ganozza to Romeo and Guilietta: Metamorphoses of a Renaissance Tale"10.2307/37323537323510.2307/2867455286745510.2307/28678912867891"10 Questions for Taylor Swift"10.2307/28680922868092"Haymarket Theatre""The Zeffirelli Way: Revealing Talk by Florentine Director""Michael Smuin: 1938-2007 / Prolific dance director had showy career"The Life and Art of Edwin BoothRomeo and JulietRomeo and JulietRomeo and JulietRomeo and JulietEasy Read Romeo and JulietRomeo and Julieteeecb12003684p(data)4099369-3n8211610759dbe00d-a9e2-41a3-b2c1-977dd692899302814385X313670221313670221