Description of problem: chsh -s ___ root always fails Version-Release number of selected component (if applicable): glibc-2.14.90-12.x86_64 How reproducible: every time Steps to Reproduce: (first ensure you have installed dash) 1. chsh -s /bin/dash root 2. 3. Actual results: chsh: setpwnam failed: Permission denied Shell *NOT* changed. Try again later. Expected results: No failure and exit status = 0 Additional info:
is this another result of the groups problem with -12? test with -12.999, thanks!
Adam, No, this is different. I confirmed that this bug persists when I install -12.999 on rawhide (both before and after reboot), but not on F16. It is due to SELinux policy, so I've adjusted the component. -=-------------------------------- SELinux is preventing /usr/bin/chsh from create access on the file ptmptmp. ***** Plugin catchall_labels (83.8 confidence) suggests ******************** If you want to allow chsh to have create access on the ptmptmp file Then you need to change the label on ptmptmp Do # semanage fcontext -a -t FILE_TYPE 'ptmptmp' where FILE_TYPE is one of the following: passwd_file_t, pcscd_var_run_t, krb5_host_rcache_t. Then execute: restorecon -v 'ptmptmp'
Jim I can not get this to happen on my box. The chsh is completing correctly. What is ptmptmp? Is this a file in /etc?
Hi Dan, I built a new rawhide VM yesterday, starting from F16-beta and upgrading from there. Thus maybe I have a slightly newer version of glibc? I was using both -12, and later, -12.999 from koji. yes, chsh works by writing a temporary file, /etc/ptmptmp, and then replacing /etc/passwd atomically.
Fixed in selinux-policy-3.10.0-40.2.fc17.noarch