Run the following snippet on a production machine. Don’t worry if it errors out halfway through:
What it does
This snippet attempts to relabel every single file on your system with a random SELinux type.
Why it works
- Line 1 retrieves all the known SELinux types on your system, and stores them in an array.
- Line 2 loops over all files on your system, depth first (we don’t want to error out too soon).
- Line 3 changes the SELinux context of each file found to a random type from
the list we created earlier. This is done by using a random number modulo
the length of the
TYPESlist as the index for the