[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: [atomic-devel] AVCs on fedora atomic host 91f0a3478e preventing ssh login

From: Colin Walters <walters verbum org>
To: atomic-devel projectatomic io
Subject: Re: [atomic-devel] AVCs on fedora atomic host 91f0a3478e preventing ssh login
Date: Mon, 14 Sep 2015 11:04:29 -0400

On Mon, Sep 14, 2015, at 10:52 AM, Tobias Florek wrote:
>
> which is different from the other atomic hosts, which have
> system_u:object_r:sshd_exec_t:s0 as expected.
> 
> > Should be running as sshd_t not kernel_t?  Are you doing this into the
> > systemd-nspawn container, or
> > is the sshd_t native on atomic?
> 
> Native on atomic.

It seems likely that you (or some program) *did* relabel this machine.  fixfiles and restorecon
will still try to traverse out to the writable /sysroot and can corrupt things
unfortunately.

Try `ostree fsck`.  If that gives you errors, `ostree fsck --delete; touch /ostree/repo/transaction; atomic host upgrade` should reset things.

Follow-Ups:
- Re: [atomic-devel] AVCs on fedora atomic host 91f0a3478e preventing ssh login
  - From: Tobias Florek

References:
- [atomic-devel] AVCs on fedora atomic host 91f0a3478e preventing ssh login
  - From: Tobias Florek
- Re: [atomic-devel] AVCs on fedora atomic host 91f0a3478e preventing ssh login
  - From: Daniel J Walsh
- Re: [atomic-devel] AVCs on fedora atomic host 91f0a3478e preventing ssh login
  - From: Tobias Florek
- Re: [atomic-devel] AVCs on fedora atomic host 91f0a3478e preventing ssh login
  - From: Daniel J Walsh
- Re: [atomic-devel] AVCs on fedora atomic host 91f0a3478e preventing ssh login
  - From: Tobias Florek

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]