[Bug 1563354] [NEW] systemd-tmpfiles-setup.service fails after switching SELinux to enforcing

Andreas Florath 1563354 at bugs.launchpad.net
Tue Mar 29 14:34:00 UTC 2016 

Public bug reported:

After switching SELinux to enforcing, the systemd-tmpfiles-setup.service
failed:

Mar 29 16:12:42  systemd-tmpfiles[546]: [/usr/lib/tmpfiles.d/var.conf:14] Duplicate line for path "/var/log", ignoring.
Mar 29 16:12:42  systemd-tmpfiles[546]: Unable to fix SELinux security context of /var: Permission denied
Mar 29 16:12:42  systemd-tmpfiles[546]: Unable to fix SELinux security context of /var/log: Permission denied
Mar 29 16:12:42  systemd-tmpfiles[546]: Unable to fix SELinux security context of /var/lib: Permission denied
Mar 29 16:12:42  systemd-tmpfiles[546]: Unable to fix SELinux security context of /home: Permission denied
Mar 29 16:12:42  systemd-tmpfiles[546]: Unable to fix SELinux security context of /srv: Permission denied
Mar 29 16:12:42  systemd-tmpfiles[546]: Unable to fix SELinux security context of /var/lib/systemd: Permission denied
Mar 29 16:12:42  systemd-tmpfiles[546]: Unable to fix SELinux security context of /var/lib/systemd/coredump: Permission denied
Mar 29 16:12:43  systemd-tmpfiles[546]: Unable to fix SELinux security context of /var/cache: Permission denied
Mar 29 16:12:43  systemd[1]: systemd-tmpfiles-setup.service: Main process exited, code=exited, status=1/FAILURE
Mar 29 16:12:43  systemd[1]: Failed to start Create Volatile Files and Directories.
Mar 29 16:12:43  systemd[1]: systemd-tmpfiles-setup.service: Unit entered failed state.
Mar 29 16:12:43  systemd[1]: systemd-tmpfiles-setup.service: Failed with result 'exit-code'.

No further AVC or audit.log is logged. When manually setting 'setenforce
0' and starting this service, it obviously works fine.

My environment:

# lsb_release -rd
Description:	Ubuntu Xenial Xerus (development branch)
Release:	16.04

(Build  / packages from last night)

# apt-cache policy systemd
systemd:
  Installed: 229-3ubuntu1
  Candidate: 229-3ubuntu1

If you need more infos, please drop a short note.

** Affects: systemd (Ubuntu)
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1563354

Title:
  systemd-tmpfiles-setup.service fails after switching SELinux to
  enforcing

Status in systemd package in Ubuntu:
  New

Bug description:
  After switching SELinux to enforcing, the systemd-tmpfiles-
  setup.service failed:

  Mar 29 16:12:42  systemd-tmpfiles[546]: [/usr/lib/tmpfiles.d/var.conf:14] Duplicate line for path "/var/log", ignoring.
  Mar 29 16:12:42  systemd-tmpfiles[546]: Unable to fix SELinux security context of /var: Permission denied
  Mar 29 16:12:42  systemd-tmpfiles[546]: Unable to fix SELinux security context of /var/log: Permission denied
  Mar 29 16:12:42  systemd-tmpfiles[546]: Unable to fix SELinux security context of /var/lib: Permission denied
  Mar 29 16:12:42  systemd-tmpfiles[546]: Unable to fix SELinux security context of /home: Permission denied
  Mar 29 16:12:42  systemd-tmpfiles[546]: Unable to fix SELinux security context of /srv: Permission denied
  Mar 29 16:12:42  systemd-tmpfiles[546]: Unable to fix SELinux security context of /var/lib/systemd: Permission denied
  Mar 29 16:12:42  systemd-tmpfiles[546]: Unable to fix SELinux security context of /var/lib/systemd/coredump: Permission denied
  Mar 29 16:12:43  systemd-tmpfiles[546]: Unable to fix SELinux security context of /var/cache: Permission denied
  Mar 29 16:12:43  systemd[1]: systemd-tmpfiles-setup.service: Main process exited, code=exited, status=1/FAILURE
  Mar 29 16:12:43  systemd[1]: Failed to start Create Volatile Files and Directories.
  Mar 29 16:12:43  systemd[1]: systemd-tmpfiles-setup.service: Unit entered failed state.
  Mar 29 16:12:43  systemd[1]: systemd-tmpfiles-setup.service: Failed with result 'exit-code'.

  No further AVC or audit.log is logged. When manually setting
  'setenforce 0' and starting this service, it obviously works fine.

  My environment:

  # lsb_release -rd
  Description:	Ubuntu Xenial Xerus (development branch)
  Release:	16.04

  (Build  / packages from last night)

  # apt-cache policy systemd
  systemd:
    Installed: 229-3ubuntu1
    Candidate: 229-3ubuntu1

  If you need more infos, please drop a short note.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1563354/+subscriptions

More information about the foundations-bugs mailing list