You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
In enforce mode if you have a systemd-homed user you lose the ability to use sudo.
The error message by sudo is something like: "user not found in the passwd database". I suspect it is connected to the fact that suddenly: getent passwd username returns no entry.
aa-log:
DENIED unix-chkpwd open owner /etc/machine-id comm=unix_chkpwd requested_mask=r denied_mask=r
DENIED firejail-default ptrace comm=ps requested_mask=readby denied_mask=readby peer=ps
DENIED sudo open owner /etc/machine-id comm=sudo requested_mask=r denied_mask=r
...
DENIED groups open @{run}/systemd/userdb/ comm=groups requested_mask=r denied_mask=r
DENIED su open owner /etc/machine-id comm=su requested_mask=r denied_mask=r
Disabling enforce mode or apparmor fixes the issue. Of course in that case getent passwd username now returns the proper entry for that homed user though NSS(?) / PAM.
The text was updated successfully, but these errors were encountered:
In enforce mode if you have a
systemd-homed
user you lose the ability to usesudo
.The error message by sudo is something like: "user not found in the passwd database". I suspect it is connected to the fact that suddenly:
getent passwd username
returns no entry.aa-log:
Disabling enforce mode or apparmor fixes the issue. Of course in that case
getent passwd username
now returns the proper entry for that homed user though NSS(?) / PAM.The text was updated successfully, but these errors were encountered: