https://bugzilla.novell.com/show_bug.cgi?id=811368 https://bugzilla.novell.com/show_bug.cgi?id=811368#c13 Vitezslav Cizek <vcizek@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO |ASSIGNED InfoProvider|vcizek@suse.com | --- Comment #13 from Vitezslav Cizek <vcizek@suse.com> 2013-06-26 11:23:59 CEST --- (In reply to comment #12)
I do not see what you report, I can boot the system normally.
I see login running as kernel_t, this looks like you didn't relabel the system. Our kernel defaults to apparmour, so selinux isn't enabled. Thus the policy can't relabel the filesystem upon install. You should restart the system, run restorecon -R / and then reboot again to correctly labeled system. You can check the guide at: https://en.opensuse.org/SDB:SELinux
There are two other failures here though: [ 3.605820] type=1400 audit(1371493942.594:3): avc: denied { associate } for pid=369 comm="restorecon" name="xconsole" dev="devtmpfs" ino=6531 scontext=system_u:object_r:xconsole_device_t:s0 tcontext=system_u:object_r:device_t:s0 tclass=filesystem [ 13.577555] type=1400 audit(1371493952.566:4): avc: denied { transition } for pid=1821 comm="login" path="/bin/bash" dev="sda1" ino=535765 scontext=system_u:system_r:kernel_t:s0 tcontext=unconfined_u:unconfined_r:unconfined_t:s0 tclass=process
Are you running up-to-date system? What kernel version do you have?
Factory updated last week, kernel-desktop-3.10.rc4-1.1.x86_64 Currently, the system isn't stuck in a loop, i can get to login prompt, but I keep getting: 2013-06-26T16:58:47.260230+02:00 dhcp88 kernel: [ 5.796749] type=1400 audit(1372258724.120:3): avc: denied { read } for pid=192 comm="systemd-tmpfile" path="/dev/null" dev="devtmpfs" ino=1673 scontext=system_u:system_r:systemd_tmpfiles_t:s0 tcontext=system_u:object_r:device_t:s0 tclass=chr_file 2013-06-26T16:58:47.260264+02:00 dhcp88 kernel: [ 5.951865] type=1400 audit(1372258724.275:4): avc: denied { read } for pid=194 comm="systemd-journal" path="/dev/null" dev="devtmpfs" ino=1673 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:device_t:s0 tclass=chr_file 2013-06-26T16:58:47.260265+02:00 dhcp88 kernel: [ 5.951893] type=1400 audit(1372258724.275:5): avc: denied { write } for pid=194 comm="systemd-journal" path="/dev/null" dev="devtmpfs" ino=1673 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:device_t:s0 tclass=chr_file 2013-06-26T16:58:47.260265+02:00 dhcp88 kernel: [ 5.951897] type=1400 audit(1372258724.275:6): avc: denied { write } for pid=194 comm="systemd-journal" path="/dev/null" dev="devtmpfs" ino=1673 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:device_t:s0 tclass=chr_file 2013-06-26T16:58:47.269962+02:00 dhcp88 kernel: [ 6.077661] type=1400 audit(1372258724.401:7): avc: denied { write } for pid=194 comm="systemd-journal" name="kmsg" dev="devtmpfs" ino=1679 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:device_t:s0 tclass=chr_file 2013-06-26T16:58:47.269963+02:00 dhcp88 kernel: [ 6.107837] type=1400 audit(1372258724.431:8): avc: denied { read write } for pid=194 comm="systemd-journal" name="kmsg" dev="devtmpfs" ino=1679 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:device_t:s0 tclass=chr_file 2013-06-26T16:58:47.269963+02:00 dhcp88 kernel: [ 6.111853] type=1400 audit(1372258724.435:9): avc: denied { read } for pid=194 comm="systemd-journal" name="urandom" dev="devtmpfs" ino=1678 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:device_t:s0 tclass=chr_file 2013-06-26T16:58:47.269965+02:00 dhcp88 kernel: [ 6.137986] type=1400 audit(1372258724.461:10): avc: denied { read } for pid=203 comm="systemd-journal" path="/dev/null" dev="devtmpfs" ino=1673 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:device_t:s0 tclass=chr_file 2013-06-26T16:58:47.269965+02:00 dhcp88 kernel: [ 6.139799] type=1400 audit(1372258724.461:11): avc: denied { write } for pid=203 comm="systemd-journal" path="/dev/null" dev="devtmpfs" ino=1673 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:device_t:s0 tclass=chr_file 2013-06-26T16:58:47.269968+02:00 dhcp88 kernel: [ 6.139818] type=1400 audit(1372258724.463:12): avc: denied { write } for pid=203 comm="systemd-journal" path="/dev/null" dev="devtmpfs" ino=1673 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:device_t:s0 tclass=chr_file So at least /dev/null and /dev/kmsg are getting the default label for /dev files. This prevents journal from starting: systemd[1]: Starting Journal Service... systemd[1]: systemd-journald.service start request repeated too quickly, refusing to start. systemd[1]: systemd-journald.socket got notified about service death (failed permanently: yes) systemd[1]: systemd-journald.socket changed running -> failed systemd[1]: Unit systemd-journald.socket entered failed state. systemd[1]: Job systemd-journald.service/start finished, result=failed systemd[1]: Failed to start Journal Service. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.