With:
systemd-220-1.fc23.x86_64
selinux-policy-targeted-3.13.1-127.fc23.noarch
I cannot shut down my Fedora 23 virtual machine. Executing shutdown results in:
# shutdown -h now
Failed to start poweroff.target: Access denied
Broadcast message from root@fedora-23 on pts/2 (St 2015-05-27 15:10:43 CEST):
The system is going down for power-off NOW!
And the system keeps running without terminating anything. The message logs appends these messages:
May 27 15:10:43 fedora-23 audit: USER_AVC pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='avc: denied { start } for auid=0 uid=0 gid=0 path="/usr/lib/systemd/system/poweroff.target" cmdline="shutdown -h now" scontext=system_u:object_r:unlabeled_t:s0 tcontext=system_u:object_r:power_unit_file_t:s0 tclass=service#012 exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
May 27 15:10:43 fedora-23 kernel: audit_printk_skb: 39 callbacks suppressed
May 27 15:10:43 fedora-23 kernel: audit: type=1107 audit(1432732243.601:95): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='avc: denied { start } for auid=0 uid=0 gid=0 path="/usr/lib/systemd/system/poweroff.target" cmdline="shutdown -h now" scontext=system_u:object_r:unlabeled_t:s0 tcontext=system_u:object_r:power_unit_file_t:s0 tclass=service#012 exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
Few days ago, it worked. Unfortunately dnf does not log installed packages, so I cannot guess which update broke the shutdown.
If I switch SELinux into permissive mode or I call "halt --force --power", then the system halts as expected.
I've also relabeled whole file system and regenerated initramfs without any success.
It happens either calling shutdown from an SSH session or from local TTY.
I found dnf log in "dnf history" output. Downgrading systemd from to 219-15.fc23.x86_64 fixes the issue. Upgrading back to 220-1.fc23.x86_64 reproduces the problem.
Comment 2Giulio 'juliuxpigface'
2015-05-30 07:53:19 UTC
I'm facing the same issue on my kvm-qemu guest. Additionally, this bug is still present with systemd-220-3.fc23.x86_64.
With: systemd-220-1.fc23.x86_64 selinux-policy-targeted-3.13.1-127.fc23.noarch I cannot shut down my Fedora 23 virtual machine. Executing shutdown results in: # shutdown -h now Failed to start poweroff.target: Access denied Broadcast message from root@fedora-23 on pts/2 (St 2015-05-27 15:10:43 CEST): The system is going down for power-off NOW! And the system keeps running without terminating anything. The message logs appends these messages: May 27 15:10:43 fedora-23 audit: USER_AVC pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='avc: denied { start } for auid=0 uid=0 gid=0 path="/usr/lib/systemd/system/poweroff.target" cmdline="shutdown -h now" scontext=system_u:object_r:unlabeled_t:s0 tcontext=system_u:object_r:power_unit_file_t:s0 tclass=service#012 exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?' May 27 15:10:43 fedora-23 kernel: audit_printk_skb: 39 callbacks suppressed May 27 15:10:43 fedora-23 kernel: audit: type=1107 audit(1432732243.601:95): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='avc: denied { start } for auid=0 uid=0 gid=0 path="/usr/lib/systemd/system/poweroff.target" cmdline="shutdown -h now" scontext=system_u:object_r:unlabeled_t:s0 tcontext=system_u:object_r:power_unit_file_t:s0 tclass=service#012 exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?' Few days ago, it worked. Unfortunately dnf does not log installed packages, so I cannot guess which update broke the shutdown. If I switch SELinux into permissive mode or I call "halt --force --power", then the system halts as expected. I've also relabeled whole file system and regenerated initramfs without any success. It happens either calling shutdown from an SSH session or from local TTY.