Bug 968983

Summary: Error runing gnome-shell, error: dconf-CRITICAL: unable to create directory '/run/user/0/dconf'
Product: Red Hat Enterprise Linux 7 Reporter: Jaroslav Škarvada <jskarvad>
Component: selinux-policyAssignee: Miroslav Grepl <mgrepl>
Status: CLOSED NOTABUG QA Contact: BaseOS QE Security Team <qe-baseos-security>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 7.0CC: mmalik
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2013-07-30 15:34:26 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Jaroslav Škarvada 2013-05-30 12:15:17 UTC
Description of problem:
I was unable to run gnome shell for the first time after the installation, the following errors show in the journal:

kvě 30 12:03:59 dhcp-25-243.brq.redhat.com /usr/bin/dbus-launch[3872]: gnome-session[3872]: dconf-CRITICAL: unable to create directory '/run/user/0/dconf': Operace zamítnuta.  dconf will not work properly.
kvě 30 12:03:59 dhcp-25-243.brq.redhat.com gnome-session[3872]: dconf-CRITICAL: unable to create directory '/run/user/0/dconf': Operace zamítnuta.  dconf will not work properly.
kvě 30 12:03:59 dhcp-25-243.brq.redhat.com /usr/bin/dbus-launch[3872]: gnome-session[3872]: dconf-CRITICAL: unable to create directory '/run/user/0/dconf': Operace zamítnuta.  dconf will not work properly.
kvě 30 12:03:59 dhcp-25-243.brq.redhat.com /usr/bin/dbus-launch[3872]: gnome-session[3872]: dconf-CRITICAL: unable to create directory '/run/user/0/dconf': Operace zamítnuta.  dconf will not work properly.

When I switched to permissive mode, the gnome-shell started as expected and the error messages gone.

I saw the related AVCs, but the audit logs were wiped (by another test), so I am unable the provide them. Also I am no more able to reproduce this (also tried rm -rf /run/user/0/dconf). I could try to reinstall the machine later if the problem re-appear. I think the problem was caused by selinux.

Version-Release number of selected component (if applicable):
selinux-policy-3.12.1-46.el7.noarch

How reproducible:
Sometimes, not sure about the reproducer, the following steps trigger it for me

Steps to Reproduce:
1. Install RHEL-7 server, X and gnome-shell
2. Run gnome-shell by startx as root

Actual results:
The above mentioned errors

Expected results:
No errors, gnome-shell start.

Additional info:
I used compose RHEL-7.0-20130529.n.1

Comment 1 Jaroslav Škarvada 2013-05-30 12:17:46 UTC
"Operace zamítnuta." - this mean "operation is not permitted" (ran with czech locale).

Comment 3 Miroslav Grepl 2013-05-30 12:38:53 UTC
Well I guess the problem was with mislabeling. 

Michal, Milos,
are you getting also this with a fresh install?

# ls -lZ /run/user/0/dconf

Comment 4 Jaroslav Škarvada 2013-05-30 21:35:40 UTC
What I exactly did:

I upgraded RHEL-7 Alpha 3 (with no GUI, no X) to the latest compose RHEL-7.0-20130529.n.1 by 'yum upgrade'. Then ran 'yum groupinstall "Server with GUI"'.

Comment 5 Miroslav Grepl 2013-07-30 15:34:26 UTC
Let's open it if we see it again.