I have a device running yocto(warrior) and selinux
is enabled by default. I am unable to login to device if I switch to multi-user
target. If I change selinux in permissive
mode, I am able to login but I get Unable to get valid context for root
.
In elaborative way,
- Once device is up in graphical mode I run
systemctl isolate multi-user
which takes me in console and for login id and password - After giving correct credentials also I am unable to login
- Change selinux to permissive mode by
setenforce 0
and I am able to login but it gives meUnable to get valid context for root
I do not see any rules violation while running these commands:
- audit2allow -a
- audit2allow -d
- cat /var/log/messages | audit2allow -d
Please note that I am not creating any user. so the only user is root
.
Edit 01 :
journalctl -f
shows an error Failed to start User Runtime Directory /run/user/0
at the time of entering login details:
Oct 22 19:59:08 panther2 systemd[1]: Created slice User Slice of UID 0.
Oct 22 19:59:08 panther2 systemd[1]: Starting User Runtime Directory /run/user/0...
Oct 22 19:59:08 panther2 systemd-logind[532]: New session c8 of user root.
Oct 22 19:59:08 panther2 systemd-user-runtime-dir[1053]: Failed to acquire runtime directory size: Access denied
Oct 22 19:59:08 panther2 systemd[1]: [email protected]: Main process exited, code=exited, status=1/FAILURE
Oct 22 19:59:08 panther2 systemd[1]: [email protected]: Failed with result 'exit-code'.
Oct 22 19:59:08 panther2 systemd[1]: Failed to start User Runtime Directory /run/user/0.
Oct 22 19:59:08 panther2 systemd[1]: Dependency failed for User Manager for UID 0.
Oct 22 19:59:08 panther2 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=user-runtime-dir@0 comm="systemd" exe="/lib/systemd/systemd" hostname=? addr=? terminal=? res=failed'
Oct 22 19:59:08 panther2 systemd[1]: [email protected]: Job [email protected]/start failed with result 'dependency'.
Oct 22 19:59:08 panther2 systemd[1]: Started Session c8 of user root.
Oct 22 19:59:08 panther2 systemd[1]: [email protected]: Succeeded.
Oct 22 19:59:08 panther2 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=getty@tty1 comm="systemd" exe="/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
Oct 22 19:59:08 panther2 systemd[1]: session-c8.scope: Succeeded.
Oct 22 19:59:08 panther2 systemd[1]: [email protected]: Service has no hold-off time (RestartSec=0), scheduling restart.
Oct 22 19:59:08 panther2 systemd[1]: [email protected]: Scheduled restart job, restart counter is at 12.
Oct 22 19:59:08 panther2 systemd-logind[532]: Session c8 logged out. Waiting for processes to exit.
Oct 22 19:59:08 panther2 systemd[1]: Stopped Getty on tty1.
Oct 22 19:59:08 panther2 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=getty@tty1 comm="systemd" exe="/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
Oct 22 19:59:08 panther2 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=getty@tty1 comm="systemd" exe="/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
Oct 22 19:59:08 panther2 systemd[1]: Started Getty on tty1.
Oct 22 19:59:08 panther2 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=getty@tty1 comm="systemd" exe="/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
Oct 22 19:59:08 panther2 systemd[1]: Removed slice User Slice of UID 0.
Oct 22 19:59:08 panther2 systemd-logind[532]: Removed session c8.