Timeshift recovery with recurrent SELinux Alerts

Hello!

I am by no means an expert on Fedora or Linux and recently I broke my system while trying to install Fedora 37. The thing is that I have a backup of my Fedora 36, made on Timeshift, but when trying to recover the OS, I wasn’t able to log in by any means.

After some research, I found out about Nobara, which is a Fedora based Distro, as far as I understand. Anyways, is actually what I’m looking for but I wanted to make sure that a Backup would actually work a next time because Timeshift has a problem with the root and home files on Fedora (they are not labeled like on Ubuntu, which is needed [“@” instead of “/”]), so while installing I followed diverse installation modes and trying to break the system and recover it.

In the end, the one that kind of worked was this one, where I had to make an advanced custom installation destination with three partitions:

• EFI System Partition with mountpoint /boot/efi
• Boot Partition with btrfs filesystem and mountpoint /boot
• Btrfs Partition, which was encrypted with luks2

On the last partition I had to make two subvolumes:

• Root subvolume named “@” and mountpoint “/”, which seems to be the reason why Timeshift won’t work on Fedora
• Home subvolume named “@home” and mountpoint “/home”

After installing the OS, upgrading everything, installing Timeshift and backing up (I was not able to use btrfs, I don’t know why, so I used Rsync), I applied the commands sudo rm -rf * on the etc file and started with the recovery, which was succesful, with the detail that now when I boot, I get recurrent notifications of SELinux Alerts (can be 1 Alert/sec and about 400 of them) and they stop but after a while it starts again.

While trying to fix each individual Alert I noticed that nothing of what was proposed by SELinux worked and that all of them had one solution in common: the touch /.autorelabel; reboot command, which neither worked…

Does anyone has an idea of how can I make SELinux work properly again? I mean, the system works and also the backups, is just that is extremely annoying to have so much notifications which I don’t really understand about stuff that seem to be working…

I couldn’t find any resource on how to solve many SELinux problems at once…

Thanks a lot!

Although possible, this is not the recommended file system type. Fedora uses ext4 by default for /boot and using btrfs can break spectacularly if the btrfs kernel module is not loaded by grub during boot.

In fact, an install of fedora workstation using the automatic partitioning gives an efi partition at /boot/efi, an ext4 partition at /boot, and 2 btrfs subvolumes named root (at /) and home (at /home).

While I don’t use and never have tried timeshift, I think it has been mentioned here several times with success.

Major SELinux problems can be resolved with the sudo touch /.autorelabel followed by a reboot, or by using sudo restorecon -r -v /. Both will relabel the entire file system according to the current selinux policies in effect: The difference is the first requires a reboot and relabeling is done offline, while the second does the relabeling with the system operating.

The command sudo restorecon -r -v / solved the problem, while sudo touch /.autorelabel didn’t.

To avoid that, I reinstalled the OS with the following partitions:

• EFI System Partition with mountpoint /boot/efi (512 MB)
• Boot Partition with ext4 filesystem and mountpoint /boot (512 MB)
• Btrfs Partition, which was encrypted with luks2

And on the last partition:

• Root subvolume named “@” and mountpoint “/”
• Home subvolume named “@home” and mountpoint “/home”

After that I upgraded, destroyed the system using again sudo rm -rf * on the etc folder and recovered with Timeshift, which worked perfectly, without the SELinux alerts.

Glad you were able to solve the timeshift issue. The test seems to show it worked as well as you wished.