Good question. the relabling is handled by the  /etc/rc.d/rc.sysinit
script and calls

/sbin/fixfiles -F restore >/dev/null 2>&1

so if anything would have been printed, it is redirected to /dev/null.

- Thomas

Relabeling only sets the filesystem to the defined SELinux labels. It
doesn't change any custom file contexts you've set up.

You can also run:

semanage fcontext -C -l

to see what local file context changes have been made, as well as
looking at the file_contexts.local file.

Then you can remove them if you want to go back to the default config
that came with the distro.
Well, if you want to go back to the default config from when you first
installed the OS, you could back those out. For instance,

setsebool -P httpd_unified 0

will revert the boolean back to the default setting.

But before we go any further, what are you actually trying to
accomplish? Any fcontext changes or boolean changes made were probably
made for a reason. It might make more sense to discover what's been
changed and then determine if that change is appropriate.

As an aside, I learned today that you can also run:

semanage boolean -C -l

to see all the changed booleans. So you can look at the *.local files,
or use the command line. Thanks for asking this question, it made me
learn something new. :-)

Once you've determined what changed, you could change them back to
"factory default" if that's what you're trying to do.

I do recommend that you see what's been changed, then determine if it
makes sense to change it back rather than blindly setting the system
back to defaults.

Thomas
_______________________________________________
selinux mailing list -- ***@lists.fedoraproject.org
To unsubscribe send an email to selinux-***@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/s