Hi Lennart, Thanks for your information. I do not use selinux. Could you please show me how to enable dbus log? I found this thread https://wiki.ubuntu.com/DebuggingDBus, not sure it works but I'll give it a try. BTW, last time when I enable systemd debug systemd.log_level=debug, I found this log systemd[1]: Got message type=method_call sender=:1.183 destination=org.freedesktop.systemd1 object=/org/freedesktop/systemd1 interface=org.freedesktop.systemd1.Manager member=GetUnit cookie=2 reply_cookie=0 error=n/a systemd[1]: Sent message type=method_return sender=n/a destination=:1.183 object=n/a interface=n/a member=n/a cookie=2151 reply_cookie=2 error=n/a This is when I can ssh successfully, when it fails, the Sent message (and maybe Got Message as well, sorry I lost the log, I will update later) has sender and destination is "n/a". Could you please elaborate on this "n/a", can it lead to the Acess denied"? And if dbus-daemon refused access to the unit's runtime data, when I restart dbus, there is no error "Access Denied" anymore. How does restarting dbus relate with Access Denied? If it is permission, I guess even restarting dbus, it still meets Access Denied. Sorry for asking a lot of questions. Thanks a lot, Brs, Naruto On Fri, Mar 1, 2019 at 5:22 PM Lennart Poettering <lennart@xxxxxxxxxxxxxx> wrote: > > On Do, 28.02.19 18:21, Bao Nguyen (baondt@xxxxxxxxx) wrote: > > > Hello everyone, > > > > I am using systemd 228. When the system starts successfully, I tried > > to login to my system via ssh with my one of setting users, and I can > > log in successfully but systemd throws an error message: > > > > "Failed to get unit: Access denied" > > > > When I trace code of systemd, I found the message thrown from the > > method call via sdbus. This is one of function I added in systemd > > source > > > > r = sd_bus_call_method( > > bus, > > "org.freedesktop.systemd1", > > "/org/freedesktop/systemd1", > > "org.freedesktop.systemd1.Manager", > > "GetUnit", > > &error_message, > > &reply_return, > > "s", name_unit); > > if (r < 0) { > > return log_errno(r, "Failed to get unit: %s", > > bus_error_message(&error_message, r)); > > } > > > > But somehow it cannot call GetUnit method from interface > > org.freedesktop.systemd1.Manager with error "Access denied". Could you > > please let me know what the error message of this method call means ? > > Does it relate any to user permission and if any setting permission of > > user can cause the method called via sdbus can not retrieve unit > > object path for a unit name during ssh? > > This means dbus-daemon or selinux refused access to the unit's runtime > data. > > if it's dbus there might be more info in the dbus logs. > > if it's selinux (do you use that?) there might be AVCs... > > Lennart > > -- > Lennart Poettering, Red Hat _______________________________________________ systemd-devel mailing list systemd-devel@xxxxxxxxxxxxxxxxxxxxx https://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: Cannot call GetUnit method with ssh
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- Subject: Re: Cannot call GetUnit method with ssh
- From: Bao Nguyen <baondt@xxxxxxxxx>
- Date: Sat, 2 Mar 2019 14:31:06 +0700
- Cc: systemd Mailing List <systemd-devel@xxxxxxxxxxxxxxxxxxxxx>
- In-reply-to: <20190301102242.GA18942@gardel-login>
- References: <CAOMLVF+A1TifBvVW7HoUSCK=PT_kZxyG3Ls_kQq2DDwPOZMCfQ@mail.gmail.com> <20190301102242.GA18942@gardel-login>
- Follow-Ups:
- Re: Cannot call GetUnit method with ssh
- From: Bao Nguyen
- Re: Cannot call GetUnit method with ssh
- References:
- Cannot call GetUnit method with ssh
- From: Bao Nguyen
- Re: Cannot call GetUnit method with ssh
- From: Lennart Poettering
- Cannot call GetUnit method with ssh
- Prev by Date: Re: Cannot call GetUnit method with ssh
- Next by Date: what does it mean to have exit-code of 251
- Previous by thread: Re: Cannot call GetUnit method with ssh
- Next by thread: Re: Cannot call GetUnit method with ssh
- Index(es):
 |