Description of problem: Shutdown and Reboot options in LXDE doesn't work after update to Fedora 19. I've updated with fedup, and now Shutdown and Reboot buttons in LXDE shutdown menu do nothing. I can only reboot or shutdown from terminal. Version-Release number of selected component (if applicable): lxpanel 0.5.12 Steps to Reproduce: 1. Install Fedora 18 with LXDE. 2. Update to Fedora 19 with fedup. 3. Try to shutdown or reboot from menu.
I'me experiencing the same issue, I guess it's SELinux-related...after a failed shutdown journalctl says: systemd[1]: SELinux policy denies access. console-kit-daemon[606]: Failed to issue method call: Access denied I don't know how to fix it, but as temporary workaround you can put SELinux into permissive mode
The AVC for this is..... type=USER_AVC msg=audit(1373698327.629:499): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='avc: denied { start } for auid=-1 uid=0 gid=0 path="/usr/lib/systemd/system/poweroff.target" scontext=system_u:system_r:consolekit_t:s0 tcontext=system_u:object_r:power_unit_file_t:s0 tclass=service exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
What version of selinux-policy-targeted is this?
selinux-policy-targeted-3.12.1-62.fc19
Also, just tested with selinux-policy-targeted-3.12.1-63.fc19 from koji. Same results.....as expected.
Fixed in selinux-policy-3.12.1-64.fc19 I just checked in a fix for this into git. b283fc8eb9f76eb33e51552ff7fc95c4c9a37577
Still fails..... I was ssh'd into the system and tried a shutdown. The terminal output..... [root@f18x audit]# rpm -qa | grep ^selinux selinux-policy-doc-3.12.1-64.fc19.noarch selinux-policy-devel-3.12.1-64.fc19.noarch selinux-policy-targeted-3.12.1-64.fc19.noarch selinux-policy-3.12.1-64.fc19.noarch [root@f18x audit]# Broadcast message from root@f18x (Tue 2013-07-16 15:58:09 CST): The system is going down for power-off NOW! [root@f18x audit]# cat audit.log type=SERVICE_START msg=audit(1373961485.437:471): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg=' comm="upower" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' type=USER_AVC msg=audit(1373961489.309:472): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='avc: denied { start } for auid=-1 uid=0 gid=0 path="/usr/lib/systemd/system/poweroff.target" scontext=system_u:system_r:consolekit_t:s0 tcontext=system_u:object_r:power_unit_file_t:s0 tclass=service exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?' And no shutdown occurred.
selinux-policy-3.12.1-65.fc19 has been submitted as an update for Fedora 19. https://admin.fedoraproject.org/updates/selinux-policy-3.12.1-65.fc19
That new version does fix the issue..... I have one question. During the update process I saw... Updating : selinux-policy-3.12.1-65.fc19.noarch 1/8 Updating : selinux-policy-doc-3.12.1-65.fc19.noarch 2/8 Updating : selinux-policy-targeted-3.12.1-65.fc19.noarch 3/8 *** Updating : selinux-policy-devel-3.12.1-65.fc19.noarch 4/8 I don't recall ever seeing "***" during an update. What is the meaning?
Confirmed. It fixes the issue....
(In reply to Ed Greshko from comment #7) > Still fails..... > > I was ssh'd into the system and tried a shutdown. The terminal output..... > > [root@f18x audit]# rpm -qa | grep ^selinux > selinux-policy-doc-3.12.1-64.fc19.noarch > selinux-policy-devel-3.12.1-64.fc19.noarch > selinux-policy-targeted-3.12.1-64.fc19.noarch > selinux-policy-3.12.1-64.fc19.noarch > [root@f18x audit]# > Broadcast message from root@f18x (Tue 2013-07-16 15:58:09 CST): > > The system is going down for power-off NOW! > > > [root@f18x audit]# cat audit.log > type=SERVICE_START msg=audit(1373961485.437:471): pid=1 uid=0 > auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg=' > comm="upower" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? > res=success' > type=USER_AVC msg=audit(1373961489.309:472): pid=1 uid=0 auid=4294967295 > ses=4294967295 subj=system_u:system_r:init_t:s0 msg='avc: denied { start } > for auid=-1 uid=0 gid=0 path="/usr/lib/systemd/system/poweroff.target" > scontext=system_u:system_r:consolekit_t:s0 > tcontext=system_u:object_r:power_unit_file_t:s0 tclass=service > exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?' > > > And no shutdown occurred. #============= consolekit_t ============== #!!!! This avc is allowed in the current policy allow consolekit_t power_unit_file_t:service start; You need to install the latest version.
Package selinux-policy-3.12.1-65.fc19: * should fix your issue, * was pushed to the Fedora 19 testing repository, * should be available at your local mirror within two days. Update it with: # su -c 'yum update --enablerepo=updates-testing selinux-policy-3.12.1-65.fc19' as soon as you are able to. Please go to the following url: https://admin.fedoraproject.org/updates/FEDORA-2013-13172/selinux-policy-3.12.1-65.fc19 then log in and leave karma (feedback).
Fixed after updating selinux-policy from updates-testing.
selinux-policy-3.12.1-65.fc19 has been pushed to the Fedora 19 stable repository. If problems still persist, please make note of it in this bug report.