Description of problem: After upgrading to Fedora 31 the systemd-logind.service does not start. It is not possible to log into the system. Adding "enforcing=0" to the boot parameters works around the problem. The AVC denials reported are: ---- time->Fri Nov 1 09:17:58 2019 type=AVC msg=audit(1572596278.062:93): avc: denied { create } for pid=813 comm="(modprobe)" name="linger" scontext=system_u:system_r:init_t:s0 tcontext=system_u:object_r:systemd_logind_var_lib_t:s0 tclass=dir permissive=1 ---- time->Fri Nov 1 09:17:58 2019 type=AVC msg=audit(1572596278.066:94): avc: denied { mounton } for pid=813 comm="(modprobe)" path="/run/systemd/unit-root/var/lib/systemd/linger" dev="dm-0" ino=23726664 scontext=system_u:system_r:init_t:s0 tcontext=system_u:object_r:systemd_logind_var_lib_t:s0 tclass=dir permissive=1 ---- time->Fri Nov 1 09:17:58 2019 type=AVC msg=audit(1572596278.476:96): avc: denied { mounton } for pid=817 comm="(d-logind)" path="/run/systemd/unit-root/var/lib/systemd/linger" dev="dm-0" ino=23726664 scontext=system_u:system_r:init_t:s0 tcontext=system_u:object_r:systemd_logind_var_lib_t:s0 tclass=dir permissive=1 Version-Release number of selected component (if applicable): selinux-policy-3.14.4-39.fc31.noarch selinux-policy-devel-3.14.4-39.fc31.noarch selinux-policy-minimum-3.14.4-39.fc31.noarch systemd-243-4.gitef67743.fc31.x86_64 The upgrade from Fedora 30 to Fedora 31 removed selinux-policy-targeted and installed selinux-policy-minimum. Was this intentional? Or is this a bug? /etc/selinux/config still says "SELINUXTYPE=targeted". How reproducible: I have updated 2 computers to Fedora 31, and this only happened on one of them. Steps to Reproduce: 1. Not sure what was different between the two computers... Actual results: systemd-logind.service doesn't start with selinux enforcing. Expected results: systemd-logind.service starts with selinux enforcing. Additional info:
*** This bug has been marked as a duplicate of bug 1763449 ***