Bug 1656529 - unable to log in on arm disk images - no shell: Permission denied
Summary: unable to log in on arm disk images - no shell: Permission denied
Keywords:
Status: CLOSED RAWHIDE
Alias: None
Product: Fedora
Classification: Fedora
Component: systemd
Version: rawhide
Hardware: armhfp
OS: Linux
unspecified
unspecified
Target Milestone: ---
Assignee: systemd-maint
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks: ARMTracker
TreeView+ depends on / blocked
 
Reported: 2018-12-05 17:18 UTC by Paul Whalen
Modified: 2019-02-11 18:56 UTC (History)
12 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2019-02-11 18:56:42 UTC


Attachments (Terms of Use)

Description Paul Whalen 2018-12-05 17:18:07 UTC
Description of problem:
Attempting to log in when using Fedora-Server-armhfp-Rawhide-20181205.n.0-sda.raw.xz ended with:

localhost login: root
Password: 
 -- root: no shell: Permission denied


Version-Release number of selected component (if applicable):
selinux-policy-3.14.3-13.fc30.noarch

How reproducible:
Every time

Steps to Reproduce:
1. Boot recent rawhide arm disk image
2. After completing initial-setup, attempt to log in

Actual results:

ausearch -m avc -ts recent
----
time->Wed Dec  5 11:57:59 2018
type=AVC msg=audit(1544029079.633:221): avc:  denied  { transition } for  pid=1054 comm="(systemd)" path="/usr/lib/systemd/systemd" dev="sda3" ino=7089614 scontext=system_u:system_r:kernel_t:s0 tcontext=unconfined_u:unconfined_r:unconfined_t:s0 tclass=process permissive=1
----
time->Wed Dec  5 11:57:59 2018
type=AVC msg=audit(1544029079.633:222): avc:  denied  { entrypoint } for  pid=1054 comm="(systemd)" path="/usr/lib/systemd/systemd" dev="sda3" ino=7089614 scontext=unconfined_u:unconfined_r:unconfined_t:s0 tcontext=system_u:object_r:root_t:s0 tclass=file permissive=1
----
time->Wed Dec  5 11:58:00 2018
type=AVC msg=audit(1544029080.102:228): avc:  denied  { transition } for  pid=1061 comm="login" path="/usr/bin/bash" dev="sda3" ino=4371206 scontext=system_u:system_r:kernel_t:s0 tcontext=unconfined_u:unconfined_r:unconfined_t:s0 tclass=process permissive=1

Comment 1 Lukas Vrabec 2018-12-12 14:16:37 UTC
Hi All, 

Any idea why login has context kernel_t ? Is there something different on login process for arms? 

Thanks,
Lukas.

Comment 2 Paul Whalen 2019-02-11 18:56:42 UTC
This is no longer an issue on arm disk images. Closing.


Note You need to log in before you can comment on or make changes to this bug.