Bug 1015257

Summary: systemd environment is not updated after locale changes
Product: [Fedora] Fedora Reporter: Rui Matos <tiagomatos>
Component: systemdAssignee: systemd-maint
Status: CLOSED CURRENTRELEASE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 20CC: dominick.grift, dwalsh, johannbg, lnykryn, lvrabec, mgrepl, msekleta, plautrba, systemd-maint, vpavlin, zbyszek
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2013-12-04 00:13:09 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Rui Matos 2013-10-03 18:17:05 UTC 
It seems like selinux allows localectl set-locale to update /etc/locale.conf but doesn't allow systemd to update its own environment at the same time:

Out 03 20:14:47 localhost.localdomain systemd[1]: SELinux policy denies access.
Out 03 20:14:47 localhost.localdomain systemd-localed[1822]: Failed to set locale information: Access denied
Out 03 20:14:47 localhost.localdomain systemd-localed[1822]: Changed locale information.

See https://bugs.freedesktop.org/show_bug.cgi?id=69821 for more context.
Comment 1 Daniel Walsh 2013-10-04 14:46:41 UTC 
Do you have avc's when this happened?
Comment 2 Daniel Walsh 2013-10-04 14:52:25 UTC 
Ok I see the following avc

type=USER_AVC msg=audit(10/04/2013 10:47:50.362:103733) : pid=1 uid=root auid=unset ses=unset  subj=system_u:system_r:init_t:s0 msg='avc:  denied  { reboot } for auid=unset uid=unset gid=unset scontext=system_u:system_r:systemd_localed_t:s0 tcontext=system_u:system_r:init_t:s0 tclass=system  exe=/usr/lib/systemd/systemd sauid=root hostname=? addr=? terminal=?'

Which generated an allow rule that looks like.

allow systemd_localed_t init_t:system reboot;

SHouldn't systemd be asking for a reload rather then reboot?
Comment 3 Daniel Walsh 2013-10-04 14:55:18 UTC 
36920903183484407a13205f003aa02abf69a95b allows the reboot call in git, although i think it would be better to check reload.
Comment 4 Lennart Poettering 2013-10-04 15:08:16 UTC 
Oh, this looks like a copy/paste mistake in systemd. Fixed upstream now:

http://cgit.freedesktop.org/systemd/systemd/commit/?id=a316932f5a627c1ef78f568fd5dfa579f12e76b2
Comment 5 Zbigniew Jędrzejewski-Szmek 2013-12-04 00:13:09 UTC 
This fix was included in F19 and F20 updates a few ago.