Error setting user password after package layering with rpm-ostree #814
Labels
Comments
|
Yep, very likely to be a regression from e8efd1c indeed. Will look. |
|
wow, great test and investigation |
|
@miabbott tracked down the commit based on the info I found. He is a |
miabbott
added a commit
to miabbott/sig-atomic-buildscripts
that referenced
this issue
Apr 26, 2017
I realized that we did not encounter ostreedev/ostree#814 on CAHC, which was odd because we should be building `ostree` from source. The latest CAHC composes seem to be pulling `ostree` from the `atomic7-testing`, so let's just exclude it from the repo.
cgwalters
added a commit
to CentOS/sig-atomic-buildscripts
that referenced
this issue
Apr 26, 2017
* Exclude 'ostree' from atomic7-testing repo I realized that we did not encounter ostreedev/ostree#814 on CAHC, which was odd because we should be building `ostree` from source. The latest CAHC composes seem to be pulling `ostree` from the `atomic7-testing`, so let's just exclude it from the repo. * fixup! Exclude 'ostree' from atomic7-testing repo
|
The root cause here (so to speak) is that a lot of files and directories are labeled Still debugging this; it's pretty interesting that doing:
doesn't trigger the behavior, but it should be the same code path via rpm-ostree layering. |
|
Somehow, |
cgwalters
added a commit
to cgwalters/ostree
that referenced
this issue
Apr 26, 2017
This fixes a regression from: ostreedev#797 which is really due to an underlying bug in libselinux which we're working around: http://marc.info/?l=selinux&m=149323809332417&w=2 We drop the per-policy instance variable, since the SELinux state is *really* per-kernel. Closes: ostreedev#814
|
PR in #815 |
|
The tests are passing again on Fedora Atomic Host Continuous. Awesome work @cgwalters! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I am getting "Authentication token manipulation error" when changing user's password after using rpm-ostree package layering (I was able to change it before package layering) on Fedora Atomic Host Continuous. The logs point to an selinux issue. If I setenforce 0, I am able to change the password. This might be related to e8efd1c
Journal during error:
Test Run Log: log
The text was updated successfully, but these errors were encountered: