Cannot login with selinux on
Ian Puleston
ian at underpressuredivers.com
Sun Jun 5 05:39:00 UTC 2005
Since updating to Kernel 2.6.11-1.1366_FC4, and now 2.6.11-1.1369_FC4, I
haven't been able to login as root or any other user, getting error
message "No shell: permission denied" on login followed by the login
prompt again. This only happens with selinux, and does not happens if I
boot with "selinux=no" - then it works fine and I can login OK. This is
with login from the console after booting to level 3 (no X).
In /var/log/messages I'm seeing the following when this happens:
Jun 1 00:21:45 localhost login(pam_unix)[2704]: session opened for user
ian by (uid=0)
Jun 1 00:21:45 localhost login[2704]: Warning! Could not
relabel /dev/tty1 with user_u:object_r:tty_device_t, not
relabeling.Permission denied
Jun 1 00:21:45 localhost -- ian[2704]: LOGIN ON tty1 BY ian
Jun 1 00:21:45 localhost login(pam_unix)[2704]: session closed for user
ian
And I also see the following in there - don't know if this is relevant:
Jun 1 00:21:28 localhost kernel: audit(1117610487.009:3): avc: denied
{ sys_admin } for pid=2078 comm="consoletype" capability=21
scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t
tclass=capability
Jun 1 00:21:28 localhost kernel: SELinux: initialized (dev rpc_pipefs,
type rpc_pipefs), uses genfs_contexts
Any ideas anyone (other than permanently turning off selinux)?
Ian
>From Ian Puleston:
>
> Now, with the new Kernel, I cannot login in at all. Trying to login as root
> or another user gives an error "no shell" and then back to the login prompt.
>
> Is there any way to get round this other than a full re-install?
>
> Ian
>
More information about the test
mailing list