(This is probably not a bug in 'ostree', but I couldn't see any other obvious candidates in the pkg diff...) After upgrading a Rawhide Atomic Host to Rawhide.20170811.n.2, the journal fails to start. This was first noticed when trying to run a Docker image: # docker run --rm docker.io/alpine echo hello /usr/bin/docker-current: Error response from daemon: Failed to initialize logging driver: journald is not enabled on this host. A little investigation showed the journal doesn't after 'Switch Root' which was preceded by the 'ostree-prepare-root': # journalctl -b -e ... Aug 14 15:52:10 localhost systemd[1]: Closed udev Kernel Socket. Aug 14 15:52:10 localhost systemd[1]: Closed udev Control Socket. Aug 14 15:52:10 localhost systemd[1]: Starting Cleanup udevd DB... Aug 14 15:52:10 localhost systemd[1]: Started Cleanup udevd DB. Aug 14 15:52:10 localhost audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=initrd-udevadm-cleanup-db comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? termin Aug 14 15:52:10 localhost audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=initrd-udevadm-cleanup-db comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? termina Aug 14 15:52:10 localhost systemd[1]: Reached target Switch Root. Aug 14 15:52:10 localhost systemd[1]: Starting OSTree Prepare OS/... Aug 14 15:52:10 localhost ostree-prepare-root[562]: Examining /sysroot//ostree/boot.1/fedora-atomic/59de1e7c85dbfe87a22c370f817b5109be5209686f57dcbdea91a23f6196c7fd/0 Aug 14 15:52:10 localhost ostree-prepare-root[562]: Resolved OSTree target to: /sysroot/ostree/deploy/fedora-atomic/deploy/6a7ebd738e870c8bdf5027a445e31d68c78f6ebd5626e9fe41542b99b4eeb334.1 Aug 14 15:52:10 localhost systemd[1]: Started OSTree Prepare OS/. Aug 14 15:52:10 localhost audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=ostree-prepare-root comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? r Aug 14 15:52:10 localhost audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=ostree-prepare-root comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? re Aug 14 15:52:10 localhost systemd[1]: Starting Switch Root... Aug 14 15:52:10 localhost systemd[1]: Switching root. Aug 14 15:52:10 localhost systemd-journald[178]: Journal stopped # rpm-ostree status State: idle Deployments: ● custom:fedora/rawhide/x86_64/atomic-host Version: Rawhide.20170811.n.2 (2017-08-12 07:37:41) Commit: 6a7ebd738e870c8bdf5027a445e31d68c78f6ebd5626e9fe41542b99b4eeb334 custom:fedora/rawhide/x86_64/atomic-host Version: Rawhide.20170807.n.0 (2017-08-07 11:37:53) Commit: ee4e5af6241ed6cd284a32f809291d62973cb596632f2c0acc27be577cf1fdbc # systemctl status systemd-journald ● systemd-journald.service - Journal Service Loaded: loaded (/usr/lib/systemd/system/systemd-journald.service; static; vendor preset: disabled) Active: failed (Result: exit-code) since Mon 2017-08-14 15:52:11 UTC; 9min ago Docs: man:systemd-journald.service(8) man:journald.conf(5) Process: 613 ExecStart=/usr/lib/systemd/systemd-journald (code=exited, status=1/FAILURE) Main PID: 613 (code=exited, status=1/FAILURE) # systemctl --all --failed UNIT LOAD ACTIVE SUB DESCRIPTION ● cloud-init.service loaded failed failed Initial cloud-init job (metadata service crawler) ● systemd-journald.service loaded failed failed Journal Service ● systemd-journald-audit.socket loaded failed failed Journal Audit Socket ● systemd-journald-dev-log.socket loaded failed failed Journal Socket (/dev/log) ● systemd-journald.socket loaded failed failed Journal Socket LOAD = Reflects whether the unit definition was properly loaded. ACTIVE = The high-level unit activation state, i.e. generalization of SUB. SUB = The low-level unit activation state, values depend on unit type. 5 loaded units listed. To show all installed unit files use 'systemctl list-unit-files'. # rpm-ostree db diff ee4e5af6241ed6cd284a32f809291d62973cb596632f2c0acc27be577cf1fdbc 6a7ebd738e870c8bdf5027a445e31d68c78f6ebd5626e9fe41542b99b4eeb334 ostree diff commit old: ee4e5af6241ed6cd284a32f809291d62973cb596632f2c0acc27be577cf1fdbc ostree diff commit new: 6a7ebd738e870c8bdf5027a445e31d68c78f6ebd5626e9fe41542b99b4eeb334 Upgraded: GeoIP 1.6.11-1.fc27.x86_64 -> 1.6.11-3.fc27.x86_64 GeoIP-GeoLite-data 2017.07-2.fc27.noarch -> 2017.08-1.fc27.noarch NetworkManager 1:1.8.2-3.fc27.x86_64 -> 1:1.8.2-3.fc27.2.x86_64 NetworkManager-libnm 1:1.8.2-3.fc27.x86_64 -> 1:1.8.2-3.fc27.2.x86_64 NetworkManager-team 1:1.8.2-3.fc27.x86_64 -> 1:1.8.2-3.fc27.2.x86_64 acl 2.2.52-16.fc27.x86_64 -> 2.2.52-18.fc27.x86_64 atomic 1.18.1-5.fc27.x86_64 -> 1.18.1-7.fc27.x86_64 atomic-registries 1.18.1-5.fc27.x86_64 -> 1.18.1-7.fc27.x86_64 attr 2.4.47-19.fc27.x86_64 -> 2.4.47-21.fc27.x86_64 audit 2.7.7-3.fc27.x86_64 -> 2.7.7-5.fc27.x86_64 audit-libs 2.7.7-3.fc27.x86_64 -> 2.7.7-5.fc27.x86_64 audit-libs-python 2.7.7-3.fc27.x86_64 -> 2.7.7-5.fc27.x86_64 audit-libs-python3 2.7.7-3.fc27.x86_64 -> 2.7.7-5.fc27.x86_64 authconfig 7.0.1-2.fc27.x86_64 -> 7.0.1-4.fc27.x86_64 bash 4.4.12-6.fc27.x86_64 -> 4.4.12-9.fc27.x86_64 bridge-utils 1.5-14.fc26.x86_64 -> 1.5-16.fc27.x86_64 bubblewrap 0.1.8-1.fc27.x86_64 -> 0.1.8-3.fc27.x86_64 bzip2 1.0.6-22.fc26.x86_64 -> 1.0.6-24.fc27.x86_64 bzip2-libs 1.0.6-22.fc26.x86_64 -> 1.0.6-24.fc27.x86_64 checkpolicy 2.6-1.fc26.x86_64 -> 2.7-1.fc27.x86_64 chkconfig 1.10-1.fc27.x86_64 -> 1.10-3.fc27.x86_64 chrony 3.2-0.1.pre1.fc27.x86_64 -> 3.2-0.3.pre1.fc27.x86_64 compat-openssl10 1:1.0.2j-6.fc26.x86_64 -> 1:1.0.2j-8.fc27.x86_64 coreutils 8.27-13.fc27.x86_64 -> 8.27-14.fc27.x86_64 coreutils-common 8.27-13.fc27.x86_64 -> 8.27-14.fc27.x86_64 cracklib 2.9.6-5.fc26.x86_64 -> 2.9.6-7.fc27.x86_64 cracklib-dicts 2.9.6-5.fc26.x86_64 -> 2.9.6-7.fc27.x86_64 criu 3.3-2.fc27.x86_64 -> 3.3-4.fc27.x86_64 cryptsetup 1.7.5-1.fc27.x86_64 -> 1.7.5-3.fc27.x86_64 cryptsetup-libs 1.7.5-1.fc27.x86_64 -> 1.7.5-3.fc27.x86_64 curl 7.54.1-7.fc27.x86_64 -> 7.55.0-1.fc27.x86_64 cyrus-sasl-lib 2.1.26-32.fc27.x86_64 -> 2.1.26-34.fc27.x86_64 dbus-glib 0.108-2.fc26.x86_64 -> 0.108-4.fc27.x86_64 device-mapper 1.02.142-3.fc27.x86_64 -> 1.02.142-4.fc27.x86_64 device-mapper-event 1.02.142-3.fc27.x86_64 -> 1.02.142-4.fc27.x86_64 device-mapper-event-libs 1.02.142-3.fc27.x86_64 -> 1.02.142-4.fc27.x86_64 device-mapper-libs 1.02.142-3.fc27.x86_64 -> 1.02.142-4.fc27.x86_64 device-mapper-persistent-data 0.7.0-0.4.rc6.fc27.x86_64 -> 0.7.0-0.6.rc6.fc27.x86_64 diffutils 3.6-1.fc27.x86_64 -> 3.6-3.fc27.x86_64 docker 2:1.13.1-22.git27e468e.fc27.x86_64 -> 2:1.13.1-25.gitb5e3294.fc27.x86_64 docker-common 2:1.13.1-22.git27e468e.fc27.x86_64 -> 2:1.13.1-25.gitb5e3294.fc27.x86_64 docker-rhel-push-plugin 2:1.13.1-22.git27e468e.fc27.x86_64 -> 2:1.13.1-25.gitb5e3294.fc27.x86_64 dracut 045-18.git20170515.fc27.x86_64 -> 046-2.git20170811.fc27.x86_64 dracut-config-generic 045-18.git20170515.fc27.x86_64 -> 046-2.git20170811.fc27.x86_64 dracut-network 045-18.git20170515.fc27.x86_64 -> 046-2.git20170811.fc27.x86_64 e2fsprogs 1.43.4-2.fc26.x86_64 -> 1.43.5-2.fc27.x86_64 e2fsprogs-libs 1.43.4-2.fc26.x86_64 -> 1.43.5-2.fc27.x86_64 efibootmgr 15-1.fc27.x86_64 -> 15-3.fc27.x86_64 efivar-libs 31-1.fc27.x86_64 -> 31-3.fc27.x86_64 emacs-filesystem 1:25.2-6.fc27.noarch -> 1:25.2-7.fc27.noarch fedora-logos 26.0.1-1.fc27.x86_64 -> 26.0.1-3.fc27.x86_64 file 5.31-5.fc27.x86_64 -> 5.31-7.fc27.x86_64 file-libs 5.31-5.fc27.x86_64 -> 5.31-7.fc27.x86_64 filesystem 3.3-1.fc27.x86_64 -> 3.3-3.fc27.x86_64 findutils 1:4.6.0-12.fc27.x86_64 -> 1:4.6.0-14.fc27.x86_64 fipscheck 1.5.0-1.fc26.x86_64 -> 1.5.0-3.fc27.x86_64 fipscheck-lib 1.5.0-1.fc26.x86_64 -> 1.5.0-3.fc27.x86_64 freetype 2.8-3.fc27.x86_64 -> 2.8-5.fc27.x86_64 fuse 2.9.7-7.fc27.x86_64 -> 2.9.7-9.fc27.x86_64 fuse-common 3.1.0-7.fc27.x86_64 -> 3.1.1-9.fc27.x86_64 fuse-libs 2.9.7-7.fc27.x86_64 -> 2.9.7-9.fc27.x86_64 gawk 4.1.4-3.fc26.x86_64 -> 4.1.4-5.fc27.x86_64 gc 7.6.0-4.fc27.x86_64 -> 7.6.0-7.fc27.x86_64 gdbm 1.13-1.fc27.x86_64 -> 1.13-3.fc27.x86_64 gettext 0.19.8.1-9.fc27.x86_64 -> 0.19.8.1-11.fc27.x86_64 gettext-libs 0.19.8.1-9.fc27.x86_64 -> 0.19.8.1-11.fc27.x86_64 glib-networking 2.50.0-2.fc26.x86_64 -> 2.50.0-4.fc27.x86_64 glib2 2.53.4-4.fc27.x86_64 -> 2.53.5-1.fc27.x86_64 gmp 1:6.1.2-4.fc27.x86_64 -> 1:6.1.2-6.fc27.x86_64 gnupg 1.4.22-1.fc27.x86_64 -> 1.4.22-3.fc27.x86_64 gnupg2 2.1.21-3.fc27.x86_64 -> 2.1.22-1.fc27.x86_64 gnupg2-smime 2.1.21-3.fc27.x86_64 -> 2.1.22-1.fc27.x86_64 gnutls 3.5.14-1.fc27.x86_64 -> 3.5.14-3.fc27.x86_64 gobject-introspection 1.53.4-4.fc27.x86_64 -> 1.53.4-5.fc27.x86_64 gpgme 1.9.0-1.fc27.x86_64 -> 1.9.0-5.fc27.x86_64 grep 3.1-1.fc27.x86_64 -> 3.1-3.fc27.x86_64 grub2 1:2.02-3.fc27.x86_64 -> 1:2.02-6.fc27.x86_64 grub2-efi 1:2.02-3.fc27.x86_64 -> 1:2.02-6.fc27.x86_64 grub2-tools 1:2.02-3.fc27.x86_64 -> 1:2.02-6.fc27.x86_64 grubby 8.40-4.fc26.x86_64 -> 8.40-6.fc27.x86_64 gsettings-desktop-schemas 3.24.0-1.fc27.x86_64 -> 3.24.0-3.fc27.x86_64 guile 5:2.0.14-1.fc26.x86_64 -> 5:2.0.14-3.fc27.x86_64 gzip 1.8-2.fc26.x86_64 -> 1.8-4.fc27.x86_64 hardlink 1:1.3-1.fc27.x86_64 -> 1:1.3-3.fc27.x86_64 hostname 3.18-2.fc26.x86_64 -> 3.18-4.fc27.x86_64 info 6.4-3.fc27.x86_64 -> 6.4-5.fc27.x86_64 initscripts 9.72-1.fc27.x86_64 -> 9.76-1.fc27.1.x86_64 ipcalc 0.2.0-1.fc27.x86_64 -> 0.2.0-3.fc27.x86_64 iproute 4.12.0-1.fc27.x86_64 -> 4.12.0-3.fc27.x86_64 iproute-tc 4.12.0-1.fc27.x86_64 -> 4.12.0-3.fc27.x86_64 iptables 1.6.1-2.fc26.x86_64 -> 1.6.1-4.fc27.x86_64 iptables-libs 1.6.1-2.fc26.x86_64 -> 1.6.1-4.fc27.x86_64 iptables-services 1.6.1-2.fc26.x86_64 -> 1.6.1-4.fc27.x86_64 iputils 20161105-6.fc27.x86_64 -> 20161105-7.fc27.x86_64 iscsi-initiator-utils 6.2.0.874-4.git86e8892.fc27.x86_64 -> 6.2.0.874-6.git86e8892.fc27.x86_64 iscsi-initiator-utils-iscsiuio 6.2.0.874-4.git86e8892.fc27.x86_64 -> 6.2.0.874-6.git86e8892.fc27.x86_64 isns-utils-libs 0.97-3.fc27.x86_64 -> 0.97-5.fc27.x86_64 jansson 2.10-2.fc27.x86_64 -> 2.10-4.fc27.x86_64 json-glib 1.3.2-1.fc27.x86_64 -> 1.3.2-3.fc27.x86_64 kbd 2.0.4-2.fc26.x86_64 -> 2.0.4-4.fc27.x86_64 kbd-legacy 2.0.4-2.fc26.noarch -> 2.0.4-4.fc27.noarch kbd-misc 2.0.4-2.fc26.noarch -> 2.0.4-4.fc27.noarch kernel 4.13.0-0.rc3.git4.1.fc27.x86_64 -> 4.13.0-0.rc4.git4.1.fc27.x86_64 kernel-core 4.13.0-0.rc3.git4.1.fc27.x86_64 -> 4.13.0-0.rc4.git4.1.fc27.x86_64 kernel-modules 4.13.0-0.rc3.git4.1.fc27.x86_64 -> 4.13.0-0.rc4.git4.1.fc27.x86_64 keyutils 1.5.10-1.fc27.x86_64 -> 1.5.10-3.fc27.x86_64 keyutils-libs 1.5.10-1.fc27.x86_64 -> 1.5.10-3.fc27.x86_64 kmod 24-1.fc26.x86_64 -> 24-3.fc27.x86_64 kmod-libs 24-1.fc26.x86_64 -> 24-3.fc27.x86_64 krb5-libs 1.15.1-20.fc27.x86_64 -> 1.15.1-21.fc27.x86_64 less 487-3.fc27.x86_64 -> 487-5.fc27.x86_64 libacl 2.2.52-16.fc27.x86_64 -> 2.2.52-18.fc27.x86_64 libaio 0.3.110-7.fc26.x86_64 -> 0.3.110-9.fc27.x86_64 libarchive 3.3.1-1.fc27.x86_64 -> 3.3.1-3.fc27.x86_64 libassuan 2.4.3-2.fc26.x86_64 -> 2.4.3-6.fc27.x86_64 libatomic_ops 7.4.6-1.fc27.x86_64 -> 7.4.6-3.fc27.x86_64 libattr 2.4.47-19.fc27.x86_64 -> 2.4.47-21.fc27.x86_64 libbasicobjects 0.1.1-30.fc26.x86_64 -> 0.1.1-33.fc27.x86_64 libcap 2.25-5.fc26.x86_64 -> 2.25-7.fc27.x86_64 libcap-ng 0.7.8-3.fc26.x86_64 -> 0.7.8-5.fc27.x86_64 libcgroup 0.41-11.fc26.x86_64 -> 0.41-13.fc27.x86_64 libcollection 0.7.0-30.fc26.x86_64 -> 0.7.0-33.fc27.x86_64 libcom_err 1.43.4-2.fc26.x86_64 -> 1.43.5-2.fc27.x86_64 libcroco 0.6.12-1.fc27.x86_64 -> 0.6.12-3.fc27.x86_64 libcurl 7.54.1-7.fc27.x86_64 -> 7.55.0-1.fc27.x86_64 libdaemon 0.14-11.fc26.x86_64 -> 0.14-13.fc27.x86_64 libdb 5.3.28-24.fc27.x86_64 -> 5.3.28-26.fc27.x86_64 libdb-utils 5.3.28-24.fc27.x86_64 -> 5.3.28-26.fc27.x86_64 libedit 3.1-18.20170329cvs.fc27.x86_64 -> 3.1-20.20170329cvs.fc27.x86_64 libev 4.24-2.fc26.x86_64 -> 4.24-4.fc27.x86_64 libevent 2.0.22-3.fc27.x86_64 -> 2.0.22-6.fc27.x86_64 libffi 3.1-12.fc27.x86_64 -> 3.1-14.fc27.x86_64 libgcc 7.1.1-6.fc27.x86_64 -> 7.1.1-7.fc27.1.x86_64 libgcrypt 1.7.8-1.fc27.x86_64 -> 1.7.8-3.fc27.x86_64 libgomp 7.1.1-6.fc27.x86_64 -> 7.1.1-7.fc27.1.x86_64 libgpg-error 1.27-1.fc27.x86_64 -> 1.27-3.fc27.x86_64 libidn 1.33-2.fc26.x86_64 -> 1.33-4.fc27.x86_64 libini_config 1.3.0-30.fc26.x86_64 -> 1.3.0-33.fc27.x86_64 libksba 1.3.5-3.fc26.x86_64 -> 1.3.5-5.fc27.x86_64 libmetalink 0.1.3-2.fc26.x86_64 -> 0.1.3-4.fc27.x86_64 libmnl 1.0.4-2.fc26.x86_64 -> 1.0.4-4.fc27.x86_64 libmodman 2.0.1-14.fc27.x86_64 -> 2.0.1-16.fc27.x86_64 libndp 1.6-2.fc26.x86_64 -> 1.6-4.fc27.x86_64 libnet 1.1.6-12.fc26.x86_64 -> 1.1.6-14.fc27.x86_64 libnetfilter_conntrack 1.0.6-2.fc26.x86_64 -> 1.0.6-4.fc27.x86_64 libnfnetlink 1.0.1-9.fc26.x86_64 -> 1.0.1-11.fc27.x86_64 libnfsidmap 0.27-1.fc26.x86_64 -> 0.27-3.fc27.x86_64 libnghttp2 1.24.0-3.fc27.x86_64 -> 1.24.0-4.fc27.x86_64 libnl3 3.3.0-1.fc27.x86_64 -> 3.3.0-3.fc27.x86_64 libnl3-cli 3.3.0-1.fc27.x86_64 -> 3.3.0-3.fc27.x86_64 libpath_utils 0.2.1-30.fc26.x86_64 -> 0.2.1-33.fc27.x86_64 libpcap 14:1.8.1-4.fc27.x86_64 -> 14:1.8.1-6.fc27.x86_64 libproxy 0.4.15-2.fc27.x86_64 -> 0.4.15-4.fc27.x86_64 libpsl 0.17.0-2.fc26.x86_64 -> 0.18.0-1.fc27.x86_64 libpwquality 1.4.0-1.fc27.x86_64 -> 1.4.0-3.fc27.x86_64 libref_array 0.1.5-30.fc26.x86_64 -> 0.1.5-33.fc27.x86_64 libreport-filesystem 2.9.1-2.fc27.x86_64 -> 2.9.1-4.fc27.x86_64 libseccomp 2.3.2-3.fc27.x86_64 -> 2.3.2-5.fc27.x86_64 libsecret 0.18.5-3.fc26.x86_64 -> 0.18.5-5.fc27.x86_64 libselinux 2.6-9.fc27.x86_64 -> 2.7-1.fc27.x86_64 libselinux-python 2.6-9.fc27.x86_64 -> 2.7-1.fc27.x86_64 libselinux-python3 2.6-9.fc27.x86_64 -> 2.7-1.fc27.x86_64 libselinux-utils 2.6-9.fc27.x86_64 -> 2.7-1.fc27.x86_64 libsemanage 2.6-4.fc27.x86_64 -> 2.7-1.fc27.x86_64 libsemanage-python 2.6-4.fc27.x86_64 -> 2.7-1.fc27.x86_64 libsemanage-python3 2.6-4.fc27.x86_64 -> 2.7-1.fc27.x86_64 libsepol 2.6-4.fc27.x86_64 -> 2.7-1.fc27.x86_64 libsigsegv 2.11-1.fc26.x86_64 -> 2.11-3.fc27.x86_64 libsolv 0.6.28-5.fc27.x86_64 -> 0.6.28-8.fc27.x86_64 libss 1.43.4-2.fc26.x86_64 -> 1.43.5-2.fc27.x86_64 libssh2 1.8.0-2.fc26.x86_64 -> 1.8.0-4.fc27.x86_64 libstdc++ 7.1.1-6.fc27.x86_64 -> 7.1.1-7.fc27.1.x86_64 libtasn1 4.12-1.fc27.x86_64 -> 4.12-3.fc27.x86_64 libteam 1.27-1.fc27.x86_64 -> 1.27-3.fc27.x86_64 libtool-ltdl 2.4.6-18.fc27.x86_64 -> 2.4.6-20.fc27.x86_64 libunistring 0.9.7-1.fc26.x86_64 -> 0.9.7-3.fc27.x86_64 libunwind 1.2-1.fc27.x86_64 -> 1.2-3.fc27.x86_64 libusb 1:0.1.5-8.fc26.x86_64 -> 1:0.1.5-10.fc27.x86_64 libusbx 1.0.21-2.fc26.x86_64 -> 1.0.21-4.fc27.x86_64 libuser 0.62-7.fc27.x86_64 -> 0.62-9.fc27.x86_64 libutempter 1.1.6-9.fc26.x86_64 -> 1.1.6-11.fc27.x86_64 libverto 0.2.6-10.fc27.x86_64 -> 0.2.6-11.fc27.x86_64 libverto-libev 0.2.6-10.fc27.x86_64 -> 0.2.6-11.fc27.x86_64 libxkbcommon 0.7.1-3.fc27.x86_64 -> 0.7.1-5.fc27.x86_64 libxml2 2.9.4-2.fc26.x86_64 -> 2.9.4-4.fc27.x86_64 libyaml 0.1.7-2.fc26.x86_64 -> 0.1.7-4.fc27.x86_64 linux-atm-libs 2.5.1-17.fc27.x86_64 -> 2.5.1-19.fc27.x86_64 lsof 4.89-5.fc26.x86_64 -> 4.89-7.fc27.x86_64 lua-libs 5.3.4-3.fc27.x86_64 -> 5.3.4-5.fc27.x86_64 lvm2 2.02.173-3.fc27.x86_64 -> 2.02.173-4.fc27.x86_64 lvm2-libs 2.02.173-3.fc27.x86_64 -> 2.02.173-4.fc27.x86_64 lz4-libs 1.7.5-4.fc27.x86_64 -> 1.7.5-6.fc27.x86_64 lzo 2.08-9.fc26.x86_64 -> 2.08-11.fc27.x86_64 make 1:4.2.1-2.fc26.x86_64 -> 1:4.2.1-4.fc27.x86_64 mdadm 4.0-3.fc27.x86_64 -> 4.0-5.fc27.x86_64 mokutil 1:0.3.0-5.fc27.x86_64 -> 1:0.3.0-7.fc27.x86_64 mozjs17 17.0.0-19.fc27.x86_64 -> 17.0.0-21.fc27.x86_64 mpfr 3.1.5-3.fc27.x86_64 -> 3.1.5-5.fc27.x86_64 ncurses 6.0-12.20170722.fc27.x86_64 -> 6.0-13.20170722.fc27.x86_64 ncurses-base 6.0-12.20170722.fc27.noarch -> 6.0-13.20170722.fc27.noarch ncurses-libs 6.0-12.20170722.fc27.x86_64 -> 6.0-13.20170722.fc27.x86_64 net-tools 2.0-0.42.20160912git.fc26.x86_64 -> 2.0-0.44.20160912git.fc27.x86_64 nettle 3.3-2.fc26.x86_64 -> 3.3-5.fc27.x86_64 npth 1.5-1.fc27.x86_64 -> 1.5-3.fc27.x86_64 nss 3.31.0-4.fc27.x86_64 -> 3.32.0-2.fc27.x86_64 nss-altfiles 2.18.1-8.fc26.x86_64 -> 2.18.1-10.fc27.x86_64 nss-pem 1.0.3-3.fc27.x86_64 -> 1.0.3-5.fc27.x86_64 nss-softokn 3.31.0-2.fc27.x86_64 -> 3.32.0-3.fc27.x86_64 nss-softokn-freebl 3.31.0-2.fc27.x86_64 -> 3.32.0-3.fc27.x86_64 nss-sysinit 3.31.0-4.fc27.x86_64 -> 3.32.0-2.fc27.x86_64 nss-tools 3.31.0-4.fc27.x86_64 -> 3.32.0-2.fc27.x86_64 nss-util 3.31.0-2.fc27.x86_64 -> 3.32.0-2.fc27.x86_64 oci-register-machine 0-3.10.gitcbf1b8f.fc27.x86_64 -> 0-5.10.gitcbf1b8f.fc27.x86_64 oci-systemd-hook 1:0.1.10-1.gitfbf3b42.fc27.x86_64 -> 1:0.1.12-1.git1e84754.fc27.x86_64 oci-umount 2:1.13.1-22.git27e468e.fc27.x86_64 -> 2:1.13.1-25.gitb5e3294.fc27.x86_64 oddjob 0.34.4-1.fc26.x86_64 -> 0.34.4-3.fc27.x86_64 oddjob-mkhomedir 0.34.4-1.fc26.x86_64 -> 0.34.4-3.fc27.x86_64 openldap 2.4.45-1.fc27.x86_64 -> 2.4.45-3.fc27.x86_64 openssl 1:1.1.0f-7.fc27.x86_64 -> 1:1.1.0f-9.fc27.x86_64 openssl-libs 1:1.1.0f-7.fc27.x86_64 -> 1:1.1.0f-9.fc27.x86_64 os-prober 1.74-1.fc27.x86_64 -> 1.74-3.fc27.x86_64 ostree 2017.9-3.fc27.x86_64 -> 2017.9-4.fc27.x86_64 ostree-grub2 2017.9-3.fc27.x86_64 -> 2017.9-4.fc27.x86_64 ostree-libs 2017.9-3.fc27.x86_64 -> 2017.9-4.fc27.x86_64 p11-kit 0.23.7-1.fc27.x86_64 -> 0.23.7-3.fc27.x86_64 p11-kit-trust 0.23.7-1.fc27.x86_64 -> 0.23.7-3.fc27.x86_64 pam 1.3.0-3.fc27.x86_64 -> 1.3.0-5.fc27.x86_64 passwd 0.79-10.fc27.x86_64 -> 0.79-12.fc27.x86_64 pcre 8.41-1.fc27.x86_64 -> 8.41-1.fc27.2.x86_64 policycoreutils 2.6-8.fc27.x86_64 -> 2.7-1.fc27.x86_64 policycoreutils-python 2.6-8.fc27.x86_64 -> 2.7-1.fc27.x86_64 policycoreutils-python-utils 2.6-8.fc27.x86_64 -> 2.7-1.fc27.x86_64 policycoreutils-python3 2.6-8.fc27.x86_64 -> 2.7-1.fc27.x86_64 polkit 0.113-13.fc27.x86_64 -> 0.113-15.fc27.x86_64 polkit-libs 0.113-13.fc27.x86_64 -> 0.113-15.fc27.x86_64 polkit-pkla-compat 0.1-8.fc26.x86_64 -> 0.1-10.fc27.x86_64 popt 1.16-10.fc27.x86_64 -> 1.16-11.fc27.x86_64 procps-ng 3.3.10-13.fc26.x86_64 -> 3.3.10-15.fc27.x86_64 protobuf-c 1.2.1-5.fc27.x86_64 -> 1.2.1-7.fc27.x86_64 psmisc 23.1-1.fc27.x86_64 -> 23.1-2.fc27.x86_64 publicsuffix-list-dafsa 20170424-2.fc27.noarch -> 20170809-1.fc27.noarch python-backports 1.0-9.fc26.x86_64 -> 1.0-11.fc27.x86_64 python-rhsm-certificates 1.20.1-2.fc27.x86_64 -> 1.20.1-3.fc27.x86_64 python2-cffi 1.10.0-1.fc27.x86_64 -> 1.10.0-3.fc27.x86_64 python2-setuptools 36.2.0-2.fc27.noarch -> 36.2.0-3.fc27.noarch python2-urllib3 1.21.1-1.fc27.noarch -> 1.22-2.fc27.noarch python3 3.6.2-5.fc27.x86_64 -> 3.6.2-7.fc27.x86_64 python3-PyYAML 3.12-3.fc26.x86_64 -> 3.12-5.fc27.x86_64 python3-cffi 1.10.0-1.fc27.x86_64 -> 1.10.0-3.fc27.x86_64 python3-dbus 1.2.4-6.fc26.x86_64 -> 1.2.4-8.fc27.x86_64 python3-gobject-base 3.24.1-1.fc27.x86_64 -> 3.24.1-3.fc27.x86_64 python3-libs 3.6.2-5.fc27.x86_64 -> 3.6.2-7.fc27.x86_64 python3-libxml2 2.9.4-2.fc26.x86_64 -> 2.9.4-4.fc27.x86_64 python3-markupsafe 0.23-15.fc27.x86_64 -> 0.23-16.fc27.x86_64 python3-rpm 4.13.0.1-41.fc27.x86_64 -> 4.13.90-0.git14002.2.fc27.x86_64 python3-setuptools 36.2.0-2.fc27.noarch -> 36.2.0-3.fc27.noarch python3-urllib3 1.21.1-1.fc27.noarch -> 1.22-2.fc27.noarch qrencode-libs 3.4.4-1.fc27.x86_64 -> 3.4.4-3.fc27.x86_64 readline 7.0-5.fc26.x86_64 -> 7.0-7.fc27.x86_64 rpcbind 0.2.4-7.rc2.fc27.x86_64 -> 0.2.4-7.rc2.fc27.2.x86_64 rpm 4.13.0.1-41.fc27.x86_64 -> 4.13.90-0.git14002.2.fc27.x86_64 rpm-build-libs 4.13.0.1-41.fc27.x86_64 -> 4.13.90-0.git14002.2.fc27.x86_64 rpm-libs 4.13.0.1-41.fc27.x86_64 -> 4.13.90-0.git14002.2.fc27.x86_64 rpm-ostree 2017.7-3.fc27.x86_64 -> 2017.7-7.fc27.x86_64 rpm-ostree-libs 2017.7-3.fc27.x86_64 -> 2017.7-7.fc27.x86_64 rpm-plugin-selinux 4.13.0.1-41.fc27.x86_64 -> 4.13.90-0.git14002.2.fc27.x86_64 rsync 3.1.2-5.fc27.x86_64 -> 3.1.2-7.fc27.x86_64 runc 1:1.0.1-1.gitc5ec254.fc27.x86_64 -> 1:1.0.1-3.gitc5ec254.fc27.x86_64 screen 4.6.1-1.fc27.x86_64 -> 4.6.1-3.fc27.x86_64 sed 4.4-1.fc26.x86_64 -> 4.4-3.fc27.x86_64 selinux-policy 3.13.1-266.fc27.noarch -> 3.13.1-270.fc27.noarch selinux-policy-targeted 3.13.1-266.fc27.noarch -> 3.13.1-270.fc27.noarch setools-console 4.1.0-3.fc27.x86_64 -> 4.1.1-2.fc27.x86_64 setools-python 4.1.0-3.fc27.x86_64 -> 4.1.1-2.fc27.x86_64 setools-python3 4.1.0-3.fc27.x86_64 -> 4.1.1-2.fc27.x86_64 shadow-utils 2:4.5-1.fc27.x86_64 -> 2:4.5-3.fc27.x86_64 shared-mime-info 1.8-3.fc27.x86_64 -> 1.8-5.fc27.x86_64 skopeo 0.1.23-4.git1bbd87f.fc27.x86_64 -> 0.1.23-5.git1bbd87f.fc27.x86_64 skopeo-containers 0.1.23-4.git1bbd87f.fc27.x86_64 -> 0.1.23-5.git1bbd87f.fc27.x86_64 sudo 1.8.20p2-1.fc27.x86_64 -> 1.8.20p2-3.fc27.x86_64 system-python 3.6.2-5.fc27.x86_64 -> 3.6.2-7.fc27.x86_64 system-python-libs 3.6.2-5.fc27.x86_64 -> 3.6.2-7.fc27.x86_64 tar 2:1.29-5.fc27.x86_64 -> 2:1.29-7.fc27.x86_64 tcp_wrappers 7.6-85.fc26.x86_64 -> 7.6-87.fc27.x86_64 tcp_wrappers-libs 7.6-85.fc26.x86_64 -> 7.6-87.fc27.x86_64 teamd 1.27-1.fc27.x86_64 -> 1.27-3.fc27.x86_64 timedatex 0.4-3.fc26.x86_64 -> 0.4-5.fc27.x86_64 trousers 0.3.13-7.fc26.x86_64 -> 0.3.13-9.fc27.x86_64 trousers-lib 0.3.13-7.fc26.x86_64 -> 0.3.13-9.fc27.x86_64 vim-minimal 2:8.0.823-1.fc27.x86_64 -> 2:8.0.885-1.fc27.x86_64 which 2.21-2.fc26.x86_64 -> 2.21-4.fc27.x86_64 xfsprogs 4.12.0-3.fc27.x86_64 -> 4.12.0-4.fc27.x86_64 xz 5.2.3-2.fc26.x86_64 -> 5.2.3-4.fc27.x86_64 xz-libs 5.2.3-2.fc26.x86_64 -> 5.2.3-4.fc27.x86_64 yajl 2.1.0-6.fc26.x86_64 -> 2.1.0-8.fc27.x86_64 zlib 1.2.11-2.fc26.x86_64 -> 1.2.11-4.fc27.x86_64 Removed: ustr-1.0.4-22.fc26.x86_64
Looks like there are multiple SELinux violations happening. Of those relevant to the systemd journal: # dmesg ... [ 254.445137] systemd-journald[1217]: Failed to map sequential number file, ignoring: Permission denied [ 254.447331] systemd-journald[1217]: Failed to open runtime journal: Permission denied # grep 'avc.*denied.*systemd' /var/log/audit/audit.log ... type=AVC msg=audit(1502736524.389:244): avc: denied { create } for pid=1 comm="systemd" scontext=system_u:system_r:init_t:s0 tcontext=system_u:system_r:syslogd_t:s0 tclass=netlink_audit_socket permissive=0 type=AVC msg=audit(1502736524.426:245): avc: denied { map } for pid=1217 comm="systemd-journal" path="/run/systemd/journal/kernel-seqnum" dev="tmpfs" ino=12758 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:syslogd_var_run_t:s0 tclass=file permissive=0 type=AVC msg=audit(1502736524.429:246): avc: denied { map } for pid=1217 comm="systemd-journal" path="/run/log/journal/a2e532e83b9c4a7aa10ff02b78f71424/system.journal" dev="tmpfs" ino=12764 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:syslogd_var_run_t:s0 tclass=file permissive=0 type=AVC msg=audit(1502736524.442:250): avc: denied { create } for pid=1 comm="systemd" scontext=system_u:system_r:init_t:s0 tcontext=system_u:system_r:syslogd_t:s0 tclass=netlink_audit_socket permissive=0 ... type=AVC msg=audit(1502736524.553:270): avc: denied { map } for pid=1221 comm="systemd-journal" path="/run/log/journal/a2e532e83b9c4a7aa10ff02b78f71424/system.journal" dev="tmpfs" ino=12764 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:syslogd_var_run_t:s0 tclass=file permissive=0 ... Temporarily setting permissive mode shows the journal starting: [root@f27-journal journal]# setenforce 0 [root@f27-journal journal]# systemctl start systemd-journald [root@f27-journal journal]# systemctl status systemd-journald ● systemd-journald.service - Journal Service Loaded: loaded (/usr/lib/systemd/system/systemd-journald.service; static; vendor preset: disabled) Active: active (running) since Mon 2017-08-14 18:53:41 UTC; 7min ago Docs: man:systemd-journald.service(8) man:journald.conf(5) Main PID: 1244 (systemd-journal) Status: "Processing requests..." Tasks: 1 (limit: 4915) CGroup: /system.slice/systemd-journald.service └─1244 /usr/lib/systemd/systemd-journald Aug 14 18:53:41 f27-journal.localdomain systemd-journald[1244]: Journal started Aug 14 18:53:41 f27-journal.localdomain systemd-journald[1244]: Runtime journal (/run/log/journal/a2e532e83b9c4a7aa10ff02b78f71424) is 8.0M, max 73.7M, 65.7M free. Let's re-assign this to selinux-policy for now.
This bug appears to have been reported against 'rawhide' during the Fedora 27 development cycle. Changing version to '27'.
I assume POST means this: https://fedoraproject.org/wiki/BugZappers/BugStatusWorkFlow#POST Can we get a link to and upstream pull request or associated patch?
koji build with fix in rawhide: https://koji.fedoraproject.org/koji/taskinfo?taskID=21421917 selinux-policy-3.13.1-274.fc28
and this koji build in f27: https://koji.fedoraproject.org/koji/taskinfo?taskID=21422240 selinux-policy-3.13.1-274.fc27
seems to be fixed now