Description of problem: chsh -s ___ root always fails
Version-Release number of selected component (if applicable):
How reproducible: every time
Steps to Reproduce: (first ensure you have installed dash)
1. chsh -s /bin/dash root
chsh: setpwnam failed: Permission denied
Shell *NOT* changed. Try again later.
No failure and exit status = 0
is this another result of the groups problem with -12? test with -12.999, thanks!
No, this is different.
I confirmed that this bug persists when I install -12.999 on rawhide (both before and after reboot), but not on F16.
It is due to SELinux policy, so I've adjusted the component.
SELinux is preventing /usr/bin/chsh from create access on the file ptmptmp.
***** Plugin catchall_labels (83.8 confidence) suggests ********************
If you want to allow chsh to have create access on the ptmptmp file
Then you need to change the label on ptmptmp
# semanage fcontext -a -t FILE_TYPE 'ptmptmp'
where FILE_TYPE is one of the following: passwd_file_t, pcscd_var_run_t, krb5_host_rcache_t.
restorecon -v 'ptmptmp'
Jim I can not get this to happen on my box. The chsh is completing correctly. What is ptmptmp? Is this a file in /etc?
I built a new rawhide VM yesterday, starting from F16-beta and upgrading from there. Thus maybe I have a slightly newer version of glibc? I was using both -12, and later, -12.999 from koji.
yes, chsh works by writing a temporary file, /etc/ptmptmp, and then replacing /etc/passwd atomically.
Fixed in selinux-policy-3.10.0-40.2.fc17.noarch