我有一个运行 yocto(warrior) 的设备,selinux默认情况下处于启用状态。如果我切换到目标,则无法登录设备multi-user。如果我在模式下更改 selinux permissive,则可以登录,但我得到了Unable to get valid context for root。
详细地讲,
- 一旦设备在图形模式下启动,我就会运行
systemctl isolate multi-user,它会带我进入控制台并输入登录 ID 和密码 - 在提供正确的凭据后,我仍无法登录
- 将 selinux 更改为宽容模式,然后
setenforce 0我就可以登录,但它给了我Unable to get valid context for root
运行这些命令时我没有看到任何违反规则的情况:
- audit2allow-a
- audit2allow-d
- cat /var/log/messages | audit2allow -d
请注意,我没有创建任何用户。所以唯一的用户是root。
编辑 01: 输入登录详细信息时journalctl -f显示错误:Failed to start User Runtime Directory /run/user/0
Oct 22 19:59:08 panther2 systemd[1]: Created slice User Slice of UID 0.
Oct 22 19:59:08 panther2 systemd[1]: Starting User Runtime Directory /run/user/0...
Oct 22 19:59:08 panther2 systemd-logind[532]: New session c8 of user root.
Oct 22 19:59:08 panther2 systemd-user-runtime-dir[1053]: Failed to acquire runtime directory size: Access denied
Oct 22 19:59:08 panther2 systemd[1]: [email protected]: Main process exited, code=exited, status=1/FAILURE
Oct 22 19:59:08 panther2 systemd[1]: [email protected]: Failed with result 'exit-code'.
Oct 22 19:59:08 panther2 systemd[1]: Failed to start User Runtime Directory /run/user/0.
Oct 22 19:59:08 panther2 systemd[1]: Dependency failed for User Manager for UID 0.
Oct 22 19:59:08 panther2 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=user-runtime-dir@0 comm="systemd" exe="/lib/systemd/systemd" hostname=? addr=? terminal=? res=failed'
Oct 22 19:59:08 panther2 systemd[1]: [email protected]: Job [email protected]/start failed with result 'dependency'.
Oct 22 19:59:08 panther2 systemd[1]: Started Session c8 of user root.
Oct 22 19:59:08 panther2 systemd[1]: [email protected]: Succeeded.
Oct 22 19:59:08 panther2 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=getty@tty1 comm="systemd" exe="/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
Oct 22 19:59:08 panther2 systemd[1]: session-c8.scope: Succeeded.
Oct 22 19:59:08 panther2 systemd[1]: [email protected]: Service has no hold-off time (RestartSec=0), scheduling restart.
Oct 22 19:59:08 panther2 systemd[1]: [email protected]: Scheduled restart job, restart counter is at 12.
Oct 22 19:59:08 panther2 systemd-logind[532]: Session c8 logged out. Waiting for processes to exit.
Oct 22 19:59:08 panther2 systemd[1]: Stopped Getty on tty1.
Oct 22 19:59:08 panther2 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=getty@tty1 comm="systemd" exe="/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
Oct 22 19:59:08 panther2 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=getty@tty1 comm="systemd" exe="/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
Oct 22 19:59:08 panther2 systemd[1]: Started Getty on tty1.
Oct 22 19:59:08 panther2 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=getty@tty1 comm="systemd" exe="/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
Oct 22 19:59:08 panther2 systemd[1]: Removed slice User Slice of UID 0.
Oct 22 19:59:08 panther2 systemd-logind[532]: Removed session c8.