1255238 – shutdown ignoring time argument in Fedora 23 Alpha Cinnamon Spin

Note: This is a public test instance of Red Hat Bugzilla. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback at bugzilla.redhat.com.

Bug 1255238 - shutdown ignoring time argument in Fedora 23 Alpha Cinnamon Spin

Summary: shutdown ignoring time argument in Fedora 23 Alpha Cinnamon Spin

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	selinux-policy
Sub Component:
Version:	23
Hardware:	x86_64
OS:	Linux
Priority:	high
Severity:	high
Target Milestone:	---
Assignee:	Vit Mojzis
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	1279928
TreeView+	depends on / blocked

Reported:	2015-08-20 05:18 UTC by steveboss111
Modified:	2016-07-11 09:24 UTC (History)
CC List:	16 users (show)
Fixed In Version:	selinux-policy-3.13.1-155.fc23
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Clones:	1279928 (view as bug list)
Environment:
Last Closed:	2015-11-26 20:57:37 UTC
Type:	Bug
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Bugzilla	1287592	0	unspecified	CLOSED	SELinux is preventing systemd-logind from create access on the file .#nologinjBMWRN	2022-05-16 11:32:56 UTC

Internal Links: 1287592

Description steveboss111 2015-08-20 05:18:32 UTC

Description of problem: When entering shutdown -P 01:20 using gnome-terminal as user it prompts to be root. Sudo shutdown -P 01:20 shuts down immediately. 


Version-Release number of selected component (if applicable):


How reproducible: always


Steps to Reproduce:
1. open gnome-terminal in Fedora 23 Alpha Cinnamon spin
2. type shutdown -P time
3. hit enter

Actual results: system shuts down immediately


Expected results: system issues message and then shuts down at the specified time


Additional info:

Comment 1 steveboss111 2015-08-20 05:47:29 UTC

journalctl reveals 

systemd-logind[684]: Failed to save information about scheduled shutdowns: Permission denied 

for each instance in which I tested this and it failed.

Perhaps related: why does it demand root to shutdown? Fedora normally allows user to use shutdown without sudo or root login.

Comment 2 Jan Synacek 2015-08-26 11:43:35 UTC

On my rawhide machine, systemd gets blocked by selinux:

Aug 26 13:37:43 rawhide-systemd-virt audit[425]: AVC avc:  denied  { lock } for  pid=425 comm="systemd-logind" path="/run/utmp" dev="tmpfs" ino=18859 scontext=system_u:system_r:systemd_logind_t:s0 tcontext=system_u:object_r:initrc_var_run_t:s0 tclass=file permissive=0
Aug 26 13:37:43 rawhide-systemd-virt audit[425]: AVC avc:  denied  { create } for  pid=425 comm="systemd-logind" name=".#scheduledJrCTA4" scontext=system_u:system_r:systemd_logind_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=file permissive=0
Aug 26 13:37:43 rawhide-systemd-virt systemd-logind[425]: Failed to save information about scheduled shutdowns: Permission denied
Aug 26 13:37:43 rawhide-systemd-virt systemd-logind[425]: Creating /run/nologin, blocking further logins...
Aug 26 13:37:43 rawhide-systemd-virt audit[425]: AVC avc:  denied  { create } for  pid=425 comm="systemd-logind" name=".#nologinrU6C4v" scontext=system_u:system_r:systemd_logind_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=0
Aug 26 13:37:43 rawhide-systemd-virt systemd-logind[425]: Failed to create /run/nologin: Permission denied


Could you please verify that, in your case, you are seeing similar AVC messages in the system log?

Comment 3 Jan Synacek 2015-08-26 11:44:41 UTC

I didn't mention this, but "setenforce 0" works around the problem.

Comment 4 steveboss111 2015-08-26 15:32:15 UTC

Aug 17 00:50:51 localhost.localdomain audit[1]: USER_AVC pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='Unknown permission start for class system exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
Aug 17 00:50:51 localhost.localdomain audit[1]: USER_AVC pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='Unknown permission start for class system exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
Aug 17 00:50:51 localhost.localdomain audit[1]: USER_AVC pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='Unknown permission start for class system exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
Aug 17 00:52:46 localhost.localdomain audit[1]: USER_AVC pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='Unknown permission start for class system exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
Aug 17 00:52:46 localhost.localdomain audit[1]: USER_AVC pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='Unknown permission start for class system exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
Aug 17 00:52:46 localhost.localdomain audit[1]: USER_AVC pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='Unknown permission start for class system exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
Aug 17 01:52:25 localhost.localdomain audit[1]: USER_AVC pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='Unknown permission start for class system exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
Aug 17 01:52:25 localhost.localdomain audit[1]: USER_AVC pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='Unknown permission start for class system exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
Aug 17 01:52:25 localhost.localdomain audit[1]: USER_AVC pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='Unknown permission start for class system exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
Aug 17 01:54:18 localhost.localdomain audit[1]: USER_AVC pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='Unknown permission start for class system exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
Aug 17 01:54:18 localhost.localdomain audit[1]: USER_AVC pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='Unknown permission start for class system exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
Aug 17 01:54:18 localhost.localdomain audit[1]: USER_AVC pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='Unknown permission start for class system exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
Aug 17 01:59:57 localhost.localdomain dbus[1434]: avc:  received policyload notice (seqno=2)
Aug 17 01:59:57 localhost.localdomain dbus[1276]: avc:  received policyload notice (seqno=2)
Aug 17 01:59:57 localhost.localdomain dbus[1233]: avc:  received policyload notice (seqno=2)
Aug 17 01:59:57 localhost.localdomain dbus[630]: avc:  received policyload notice (seqno=2)
Aug 17 02:00:39 localhost.localdomain audit[1]: USER_AVC pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='avc:  received policyload notice (seqno=2)
Aug 17 02:26:44 localhost.localdomain audit[464]: AVC avc:  denied  { sys_ptrace } for  pid=464 comm="systemd-sysctl" capability=19  scontext=system_u:system_r:systemd_sysctl_t:s0 tcontext=system_u:system_r:systemd_sysctl_t:s0 tclass=capability permissive=0
Aug 17 02:26:48 localhost.localdomain audit[590]: AVC avc:  denied  { sys_ptrace } for  pid=590 comm="systemd-sysctl" capability=19  scontext=system_u:system_r:systemd_sysctl_t:s0 tcontext=system_u:system_r:systemd_sysctl_t:s0 tclass=capability permissive=0
Aug 17 02:26:48 localhost.localdomain kernel: audit: type=1400 audit(1439792808.067:60): avc:  denied  { sys_ptrace } for  pid=590 comm="systemd-sysctl" capability=19  scontext=system_u:system_r:systemd_sysctl_t:s0 tcontext=system_u:system_r:systemd_sysctl_t:s0 tclass=capability permissive=0
Aug 17 02:26:57 localhost.localdomain audit[1]: USER_AVC pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='Unknown permission start for class system exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
Aug 17 02:26:57 localhost.localdomain audit[1]: USER_AVC pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='Unknown permission start for class system exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
Aug 17 02:26:57 localhost.localdomain audit[1]: USER_AVC pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='Unknown permission start for class system exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
Aug 17 02:29:14 localhost.localdomain audit[1]: USER_AVC pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='Unknown permission start for class system exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
Aug 17 02:29:14 localhost.localdomain audit[1]: USER_AVC pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='Unknown permission start for class system exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
Aug 17 02:29:14 localhost.localdomain audit[1]: USER_AVC pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='Unknown permission start for class system exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
Aug 17 02:48:10 localhost.localdomain audit[1]: USER_AVC pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='Unknown permission start for class system exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
Aug 20 00:58:07 localhost.localdomain audit[440]: AVC avc:  denied  { sys_ptrace } for  pid=440 comm="systemd-sysctl" capability=19  scontext=system_u:system_r:systemd_sysctl_t:s0 tcontext=system_u:system_r:systemd_sysctl_t:s0 tclass=capability permissive=0
Aug 20 00:58:12 localhost.localdomain audit[587]: AVC avc:  denied  { sys_ptrace } for  pid=587 comm="systemd-sysctl" capability=19  scontext=system_u:system_r:systemd_sysctl_t:s0 tcontext=system_u:system_r:systemd_sysctl_t:s0 tclass=capability permissive=0
Aug 20 00:58:24 localhost.localdomain audit[1]: USER_AVC pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='Unknown permission start for class system exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
Aug 20 00:58:24 localhost.localdomain audit[1]: USER_AVC pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='Unknown permission start for class system exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
Aug 20 00:58:24 localhost.localdomain audit[1]: USER_AVC pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='Unknown permission start for class system exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
Aug 20 00:59:26 localhost.localdomain audit[1]: USER_AVC pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='Unknown permission start for class system exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
Aug 20 00:59:26 localhost.localdomain audit[1]: USER_AVC pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='Unknown permission start for class system exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
Aug 20 00:59:26 localhost.localdomain audit[1]: USER_AVC pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='Unknown permission start for class system exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
Aug 20 01:00:24 localhost.localdomain audit[666]: AVC avc:  denied  { create } for  pid=666 comm="systemd-logind" name=".#scheduledd1IFUj" scontext=system_u:system_r:systemd_logind_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=file permissive=0
Aug 20 01:01:02 localhost.localdomain kernel: audit: type=1400 audit(1440046860.487:48): avc:  denied  { sys_ptrace } for  pid=461 comm="systemd-sysctl" capability=19  scontext=system_u:system_r:systemd_sysctl_t:s0 tcontext=system_u:system_r:systemd_sysctl_t:s0 tclass=capability permissive=0
Aug 20 01:01:00 localhost.localdomain audit[461]: AVC avc:  denied  { sys_ptrace } for  pid=461 comm="systemd-sysctl" capability=19  scontext=system_u:system_r:systemd_sysctl_t:s0 tcontext=system_u:system_r:systemd_sysctl_t:s0 tclass=capability permissive=0
Aug 20 01:01:04 localhost.localdomain audit[590]: AVC avc:  denied  { sys_ptrace } for  pid=590 comm="systemd-sysctl" capability=19  scontext=system_u:system_r:systemd_sysctl_t:s0 tcontext=system_u:system_r:systemd_sysctl_t:s0 tclass=capability permissive=0
Aug 20 01:01:14 localhost.localdomain audit[1]: USER_AVC pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='Unknown permission start for class system exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
Aug 20 01:01:14 localhost.localdomain audit[1]: USER_AVC pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='Unknown permission start for class system exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
Aug 20 01:01:14 localhost.localdomain audit[1]: USER_AVC pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='Unknown permission start for class system exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
Aug 20 01:01:32 localhost.localdomain audit[1]: USER_AVC pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='Unknown permission start for class system exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
Aug 20 01:01:32 localhost.localdomain audit[1]: USER_AVC pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='Unknown permission start for class system exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
Aug 20 01:01:32 localhost.localdomain audit[1]: USER_AVC pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='Unknown permission start for class system exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
Aug 20 01:18:59 localhost.localdomain audit[657]: AVC avc:  denied  { read } for  pid=657 comm="systemd-logind" name="utmp" dev="tmpfs" ino=15117 scontext=system_u:system_r:systemd_logind_t:s0 tcontext=system_u:object_r:initrc_var_run_t:s0 tclass=file permissive=0
Aug 20 01:18:59 localhost.localdomain audit[657]: AVC avc:  denied  { read } for  pid=657 comm="systemd-logind" name="utmp" dev="tmpfs" ino=15117 scontext=system_u:system_r:systemd_logind_t:s0 tcontext=system_u:object_r:initrc_var_run_t:s0 tclass=file permissive=0
Aug 20 01:18:59 localhost.localdomain audit[657]: AVC avc:  denied  { create } for  pid=657 comm="systemd-logind" name=".#scheduledqzwxJS" scontext=system_u:system_r:systemd_logind_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=file permissive=0
Aug 20 01:19:40 localhost.localdomain audit[469]: AVC avc:  denied  { sys_ptrace } for  pid=469 comm="systemd-sysctl" capability=19  scontext=system_u:system_r:systemd_sysctl_t:s0 tcontext=system_u:system_r:systemd_sysctl_t:s0 tclass=capability permissive=0
Aug 20 01:19:40 localhost.localdomain kernel: audit: type=1400 audit(1440047980.626:49): avc:  denied  { sys_ptrace } for  pid=469 comm="systemd-sysctl" capability=19  scontext=system_u:system_r:systemd_sysctl_t:s0 tcontext=system_u:system_r:systemd_sysctl_t:s0 tclass=capability permissive=0
Aug 20 01:19:44 localhost.localdomain audit[588]: AVC avc:  denied  { sys_ptrace } for  pid=588 comm="systemd-sysctl" capability=19  scontext=system_u:system_r:systemd_sysctl_t:s0 tcontext=system_u:system_r:systemd_sysctl_t:s0 tclass=capability permissive=0
Aug 20 01:19:55 localhost.localdomain audit[1]: USER_AVC pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='Unknown permission start for class system exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
Aug 20 01:19:55 localhost.localdomain audit[1]: USER_AVC pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='Unknown permission start for class system exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
Aug 20 01:19:55 localhost.localdomain audit[1]: USER_AVC pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='Unknown permission start for class system exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
Aug 20 01:20:05 localhost.localdomain audit[1]: USER_AVC pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='Unknown permission start for class system exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
Aug 20 01:20:05 localhost.localdomain audit[1]: USER_AVC pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='Unknown permission start for class system exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
Aug 20 01:20:05 localhost.localdomain audit[1]: USER_AVC pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='Unknown permission start for class system exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
Aug 20 01:20:46 localhost.localdomain audit[684]: AVC avc:  denied  { read } for  pid=684 comm="systemd-logind" name="utmp" dev="tmpfs" ino=16573 scontext=system_u:system_r:systemd_logind_t:s0 tcontext=system_u:object_r:initrc_var_run_t:s0 tclass=file permissive=0
Aug 20 01:20:46 localhost.localdomain audit[684]: AVC avc:  denied  { read } for  pid=684 comm="systemd-logind" name="utmp" dev="tmpfs" ino=16573 scontext=system_u:system_r:systemd_logind_t:s0 tcontext=system_u:object_r:initrc_var_run_t:s0 tclass=file permissive=0
Aug 20 01:20:46 localhost.localdomain audit[684]: AVC avc:  denied  { create } for  pid=684 comm="systemd-logind" name=".#scheduledrtdZS7" scontext=system_u:system_r:systemd_logind_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=file permissive=0
Aug 20 01:22:30 localhost.localdomain kernel: audit: type=1400 audit(1440048150.479:50): avc:  denied  { sys_ptrace } for  pid=439 comm="systemd-sysctl" capability=19  scontext=system_u:system_r:systemd_sysctl_t:s0 tcontext=system_u:system_r:systemd_sysctl_t:s0 tclass=capability permissive=0
Aug 20 01:22:30 localhost.localdomain audit[439]: AVC avc:  denied  { sys_ptrace } for  pid=439 comm="systemd-sysctl" capability=19  scontext=system_u:system_r:systemd_sysctl_t:s0 tcontext=system_u:system_r:systemd_sysctl_t:s0 tclass=capability permissive=0
Aug 20 01:22:33 localhost.localdomain audit[562]: AVC avc:  denied  { sys_ptrace } for  pid=562 comm="systemd-sysctl" capability=19  scontext=system_u:system_r:systemd_sysctl_t:s0 tcontext=system_u:system_r:systemd_sysctl_t:s0 tclass=capability permissive=0
Aug 20 01:22:45 localhost.localdomain audit[1]: USER_AVC pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='Unknown permission start for class system exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
Aug 20 01:22:45 localhost.localdomain audit[1]: USER_AVC pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='Unknown permission start for class system exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
Aug 20 01:22:45 localhost.localdomain audit[1]: USER_AVC pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='Unknown permission start for class system exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
Aug 20 01:23:50 localhost.localdomain audit[1]: USER_AVC pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='Unknown permission start for class system exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
Aug 20 01:23:50 localhost.localdomain audit[1]: USER_AVC pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='Unknown permission start for class system exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
Aug 20 01:23:50 localhost.localdomain audit[1]: USER_AVC pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='Unknown permission start for class system exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
Aug 20 03:34:27 localhost.localdomain audit[464]: AVC avc:  denied  { sys_ptrace } for  pid=464 comm="systemd-sysctl" capability=19  scontext=system_u:system_r:systemd_sysctl_t:s0 tcontext=system_u:system_r:systemd_sysctl_t:s0 tclass=capability permissive=0
Aug 20 03:34:27 localhost.localdomain kernel: audit: type=1400 audit(1440056067.486:51): avc:  denied  { sys_ptrace } for  pid=464 comm="systemd-sysctl" capability=19  scontext=system_u:system_r:systemd_sysctl_t:s0 tcontext=system_u:system_r:systemd_sysctl_t:s0 tclass=capability permissive=0
Aug 20 03:34:32 localhost.localdomain audit[612]: AVC avc:  denied  { sys_ptrace } for  pid=612 comm="systemd-sysctl" capability=19  scontext=system_u:system_r:systemd_sysctl_t:s0 tcontext=system_u:system_r:systemd_sysctl_t:s0 tclass=capability permissive=0
Aug 20 03:34:42 localhost.localdomain audit[1]: USER_AVC pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='Unknown permission start for class system exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
Aug 20 03:34:42 localhost.localdomain audit[1]: USER_AVC pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='Unknown permission start for class system exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
Aug 20 03:34:42 localhost.localdomain audit[1]: USER_AVC pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='Unknown permission start for class system exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
Aug 20 03:35:01 localhost.localdomain audit[1]: USER_AVC pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='Unknown permission start for class system exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
Aug 20 03:35:01 localhost.localdomain audit[1]: USER_AVC pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='Unknown permission start for class system exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
Aug 20 03:35:01 localhost.localdomain audit[1]: USER_AVC pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='Unknown permission start for class system exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
Aug 26 11:01:33 localhost.localdomain kernel: audit: type=1400 audit(1440601287.496:50): avc:  denied  { sys_ptrace } for  pid=478 comm="systemd-sysctl" capability=19  scontext=system_u:system_r:systemd_sysctl_t:s0 tcontext=system_u:system_r:systemd_sysctl_t:s0 tclass=capability permissive=0
Aug 26 11:01:27 localhost.localdomain audit[478]: AVC avc:  denied  { sys_ptrace } for  pid=478 comm="systemd-sysctl" capability=19  scontext=system_u:system_r:systemd_sysctl_t:s0 tcontext=system_u:system_r:systemd_sysctl_t:s0 tclass=capability permissive=0
Aug 26 11:01:31 localhost.localdomain audit[622]: AVC avc:  denied  { sys_ptrace } for  pid=622 comm="systemd-sysctl" capability=19  scontext=system_u:system_r:systemd_sysctl_t:s0 tcontext=system_u:system_r:systemd_sysctl_t:s0 tclass=capability permissive=0
Aug 26 11:01:45 localhost.localdomain audit[1]: USER_AVC pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='Unknown permission start for class system exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
Aug 26 11:01:45 localhost.localdomain audit[1]: USER_AVC pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='Unknown permission start for class system exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
Aug 26 11:01:45 localhost.localdomain audit[1]: USER_AVC pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='Unknown permission start for class system exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
Aug 26 11:02:08 localhost.localdomain audit[1]: USER_AVC pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='Unknown permission start for class system exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
Aug 26 11:02:08 localhost.localdomain audit[1]: USER_AVC pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='Unknown permission start for class system exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
Aug 26 11:02:08 localhost.localdomain audit[1]: USER_AVC pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='Unknown permission start for class system exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'

Comment 5 Rob 2015-11-05 09:52:30 UTC

Same issue in Fedora 23 final version. 

command "shutdown -h 17:00" but it shutdowns immediately, setting setenforce 0 is a workaround, definitely is a selinux policy problem.

Comment 7 Vit Mojzis 2015-11-11 14:34:24 UTC

https://github.com/fedora-selinux/selinux-policy/commit/278db282fc299d63fc65dd5ceb2755ae35772019
https://github.com/fedora-selinux/selinux-policy/commit/e8b47663ab68ae38a80da83965fd8f901dd8d4f1
https://github.com/fedora-selinux/selinux-policy/commit/04bb898e69498c9c51746e12081e0c6fcd2ef342
https://github.com/fedora-selinux/selinux-policy/commit/02f981d4a2d0d483e0c91dcc1fe7f4af4d3f79f4

Comment 8 Fedora Update System 2015-11-20 13:15:25 UTC

selinux-policy-3.13.1-155.fc23 has been submitted as an update to Fedora 23. https://bodhi.fedoraproject.org/updates/FEDORA-2015-0d84d6c75f

Comment 9 Fedora Update System 2015-11-22 14:25:39 UTC

selinux-policy-3.13.1-155.fc23 has been pushed to the Fedora 23 testing repository. If problems still persist, please make note of it in this bug report.
If you want to test the update, you can install it with
$ su -c 'dnf --enablerepo=updates-testing update selinux-policy'
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2015-0d84d6c75f

Comment 10 Fedora Update System 2015-11-26 20:56:49 UTC

selinux-policy-3.13.1-155.fc23 has been pushed to the Fedora 23 stable repository. If problems still persist, please make note of it in this bug report.

Comment 11 steveboss111 2015-11-27 02:31:40 UTC

SELinux is preventing systemd-logind from create access on the file .#nologingImpUU.

*****  Plugin catchall (100. confidence) suggests   **************************

If you believe that systemd-logind should be allowed create access on the .#nologingImpUU file by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# grep systemd-logind /var/log/audit/audit.log | audit2allow -M mypol
# semodule -i mypol.pp

Additional Information:
Source Context                system_u:system_r:systemd_logind_t:s0
Target Context                system_u:object_r:var_run_t:s0
Target Objects                .#nologingImpUU [ file ]
Source                        systemd-logind
Source Path                   systemd-logind
Port                          <Unknown>
Host                          localhost.localdomain
Source RPM Packages           
Target RPM Packages           
Policy RPM                    selinux-policy-3.13.1-155.fc23.noarch
Selinux Enabled               True
Policy Type                   targeted
Enforcing Mode                Enforcing
Host Name                     localhost.localdomain
Platform                      Linux localhost.localdomain 4.2.6-301.fc23.x86_64
                              #1 SMP Fri Nov 20 22:22:41 UTC 2015 x86_64 x86_64
Alert Count                   1
First Seen                    2015-11-26 21:28:16 EST
Last Seen                     2015-11-26 21:28:16 EST
Local ID                      8000412c-d9ff-40d9-8934-2c3a86bf3f2e

Raw Audit Messages
type=AVC msg=audit(1448591296.182:509): avc:  denied  { create } for  pid=643 comm="systemd-logind" name=".#nologingImpUU" scontext=system_u:system_r:systemd_logind_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=0


Hash: systemd-logind,systemd_logind_t,var_run_t,file,create

Comment 12 Jan Synacek 2015-12-02 11:52:57 UTC

Yes, this is a separate issue. See bug #1287592.

Note You need to log in before you can comment on or make changes to this bug.