The command "restorecon -Rv /" _should_ do the same thing as creating the file "/.autorelabel" and rebooting, but the risk to restoring contexts after the system has already booted is that the privileges necessary to restore certain security contexts may have been dropped already.

"setenforce 0" just sets a boolean, AFAIK. It depends on policy whether or not that does or should drop all SELinux enforcement mechanisms at runtime, but only the boot-time relabel is _guaranteed_ to restore _all_ system and user files to the "correct" security context according to the prescribed policy.

On February 5, 2022 12:34:30 AM AKST, Geert Janssens <geert@kobaltwit.be> wrote:
Op vrijdag 4 februari 2022 14:57:10 CET schreef justina colmena ~biz:
Have you tried this?

# touch /.autorelabel && reboot


I didn't exactly run that command but I remember running "restorecon -Rv /" 
which I believe should have the same effect. That didn't fix my issue and it 
possibly even printed errors on the console as well. With the help of Vit 
Mojzis I managed to fix the issue. The problem turned out to be a broken 
custom policy. I don't know what broke it but the system works properly now. 
So I can't go back to reproduce any details other than those I reported in a 
previous reply.

Regards,

Geert


--
Sent from my Android device with K-9 Mail. Please excuse my brevity.