-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 07/19/2013 11:10 AM, Matthew Miller wrote: > So, I haven't changed anything significant in how the F20 cloud images are > generated from how the F19 ones were. But now, when I try to log into one > after booting, cloud-init runs and appears to configure everything, but > sshing in gives > > /bin/bash: Permission denied > Usually means your system is mislabeled. I would bet that sshd is not running as sshd_t. Something went wrong when you built the image. > In the logs: > > Jul 19 14:56:50 localhost sshd[621]: ssh_selinux_change_context: setcon > system_u:system_r:sshd_net_t:s0 from system_u:system_r:kernel_t:s0 failed > with Permission denied [preauth] Jul 19 14:56:51 localhost sshd[621]: > Accepted publickey for fedora from 192.168.77.1 port 40992 ssh2 Jul 19 > 14:56:51 localhost systemd: Starting user-1000.slice. Jul 19 14:56:51 > localhost systemd: Created slice user-1000.slice. Jul 19 14:56:51 localhost > systemd: Starting User Manager for 1000... Jul 19 14:56:51 localhost > systemd: Failed at step PAM spawning /usr/lib/systemd/systemd: Operation > not permitted Jul 19 14:56:51 localhost systemd: Starting Session 1 of user > fedora. Jul 19 14:56:51 localhost systemd-logind: New session 1 of user > fedora. Jul 19 14:56:51 localhost systemd: Started Session 1 of user > fedora. Jul 19 14:56:51 localhost systemd: Started User Manager for 1000. > Jul 19 14:56:51 localhost sshd[621]: pam_unix(sshd:session): session opened > for user fedora by (uid=0) Jul 19 14:56:51 localhost sshd[627]: > ssh_selinux_copy_context: setcon failed with Permission denied Jul 19 > 14:56:51 localhost sshd[627]: Received disconnect from 192.168.77.1: 11: > disconnected by user Jul 19 14:56:51 localhost sshd[621]: > pam_unix(sshd:session): session closed for user fedora Jul 19 14:56:51 > localhost systemd-logind: Removed session 1. Jul 19 14:56:51 localhost > systemd: Stopping user-1000.slice. Jul 19 14:56:51 localhost systemd: > Removed slice user-1000.slice > > Is this a policy bug? Something new which is failing on image build? > Something else? > -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlHptZ4ACgkQrlYvE4MpobNqkwCgsMfVdIRBsEFEqgHb5v00HfR9 jaIAoNw8GUPmVzYZgRgb1yB3JuYjbOzt =jiIb -----END PGP SIGNATURE----- -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux
