Looking at more closer at my SELinux settings (Fedora 29 Atomic), I found this:

---------- semanage login -l

Login Name SELinux User MLS/MCS Range Service

__default__ unconfined_u s0-s0:c0.c1023 * root system_u s0:c0.c1023 * -------------------------------------

I can’t remember if I did the change, but following RedHat or Fedora documentation, root should be an unconfined user, right? So I did the change this way: ----------------------------------------------------- # semanage login -m -s unconfined_u -rs0:c0.c1023 root # semanage login -l ... root unconfined_u s0:c0.c1023 * # id -Z unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 ---------------------------------------------------------- Fine. Now let's list the root directory:

-------------------------------------------- # pwd /var/roothome # ls -alZ .... -rw-r--r--. 1 root root system_u:object_r:admin_home_t:s0 18 May 28 2018 .bash_logout -rw-r--r--. 1 root root system_u:object_r:admin_home_t:s0 193 May 28 2018 .bash_profile -rw-r--r--. 1 root root system_u:object_r:admin_home_t:s0 231 May 28 2018 .bashrc .... -------------------------------------------------

I thus wanted to change system_u to unconfined_u (Do I need to do it?)

------------------------------------------------------- # semanage fcontext -m -t admin_home_t -s unconfined_u "/var/roothome(/.*)?" ValueError: File context for /var/roothome(/.*)? is not defined # semanage fcontext -a -t admin_home_t -s unconfined_u "/var/roothome(/.*)?" # cat /etc/selinux/targeted/contexts/files/file_contexts.local .... /var/roothome(/.*)? unconfined_u:object_r:admin_home_t:s0 <-- sounds OK # restorecon -R -v /var/roothome # ls -alZ ... -rw-r--r--. 1 root root system_u:object_r:admin_home_t:s0 193 May 28 2018 .bash_profile -rw-r--r--. 1 root root system_u:object_r:admin_home_t:s0 231 May 28 2018 .bashrc ... ----------------------------------------------------- No changes. Why? Do I need to change to unconfined user, and if yes, how?

Thank you for help.