You are not logged in.
- Topics: Active | Unanswered
#26 2012-12-27 16:13:10
- falconindy
- Developer
- From: New York, USA
- Registered: 2009-10-22
- Posts: 4,111
- Website
Re: [SOLVED] after upgrade to systemd only login as root is allowed
I recall seeing sometime ago people having problems with proper mounting and permissions due to your media-automount udev rule. It used to be in the udev or usb storage wiki but was taken out some time ago probably due to the problems caused by it after introduction of systemd.
Rules like this have always been problematic.
Offline
#27 2012-12-27 18:38:44
- frigg
- Member
- From: Germany, Europe
- Registered: 2006-10-30
- Posts: 46
Re: [SOLVED] after upgrade to systemd only login as root is allowed
Your "drilling down" yields nothing of relevance or value. However, looking back...
[root@image1 ~]# ls -la /home total 40 drwxrwx--T 5 root root 4096 Dec 27 07:39 .Why does your /home have these bizzare permissions? Please fix this.
I don't know where the sticky bit came from...
I've disabled the udevrule and changed the permissions of /home to 755. But after a reboot it's all like before:
[root@image1 /]# ls -la
total 77
drwxrwx--T 20 root root 4096 Dec 8 22:42 .
drwxrwx--T 20 root root 4096 Dec 8 22:42 ..
drwxr-xr-x 2 root root 4096 Dec 25 15:46 bin
drwxrwx--T 6 root root 1024 Dec 25 15:44 boot
drwxr-xr-x 17 root root 3100 Dec 27 19:21 dev
drwxr-xr-x 87 root root 12288 Dec 27 07:41 etc
drwxr-xr-x 5 root root 4096 Dec 27 07:39 home
lrwxrwxrwx 1 root root 7 Oct 24 23:03 lib -> usr/lib
drwx------ 2 root root 16384 Sep 10 2007 lost+found
drwxr-xr-x 2 root root 4096 Dec 27 15:39 media
drwxr-xr-x 5 root root 4096 Oct 25 2009 mnt
drwxr-xr-x 7 root root 4096 May 18 2012 opt
dr-xr-xr-x 89 root root 0 Dec 27 19:20 proc
drwxr-x--- 8 root root 4096 Jul 31 20:45 root
drwxr-xr-x 21 root root 520 Dec 27 19:26 run
drwxr-xr-x 2 root root 4096 Dec 25 15:46 sbin
drwxr-xr-x 4 root root 4096 Dec 4 02:02 srv
dr-xr-xr-x 12 root root 0 Dec 27 19:20 sys
drwxrwxrwt 11 root root 220 Dec 27 19:21 tmp
drwxr-xr-x 11 root root 4096 Dec 8 22:42 usr
drwxr-xr-x 14 root root 4096 Dec 8 22:42 var
[root@image1 /]#
[root@image1 /]# cd /home
[root@image1 home]# ls -la
total 40
drwxr-xr-x 5 root root 4096 Dec 27 07:39 .
drwxrwx--T 20 root root 4096 Dec 8 22:42 ..
drwx------ 2 franki franki 4096 Dec 13 21:49 franki
drwxr-xr-x 72 ickstadf ickstadf 12288 Dec 11 21:29 ickstadf
drwx------ 2 root root 16384 Sep 10 2007 lost+found
[root@image1 home]#
[root@image1 home]# findmnt
TARGET SOURCE FSTYPE OPTIONS
/ /dev/sda3 ext3 rw,relatime,data=ordered
├─/proc proc proc rw,nosuid,nodev,noexec,rela
│ └─/proc/sys/fs/binfmt_misc systemd-1 autofs rw,relatime,fd=23,pgrp=1,ti
├─/sys sys sysfs rw,nosuid,nodev,noexec,rela
│ ├─/sys/kernel/security securityfs security rw,nosuid,nodev,noexec,rela
│ ├─/sys/fs/cgroup tmpfs tmpfs rw,nosuid,nodev,noexec,mode
│ │ ├─/sys/fs/cgroup/systemd cgroup cgroup rw,nosuid,nodev,noexec,rela
│ │ ├─/sys/fs/cgroup/cpuset cgroup cgroup rw,nosuid,nodev,noexec,rela
│ │ ├─/sys/fs/cgroup/cpu,cpuacct cgroup cgroup rw,nosuid,nodev,noexec,rela
│ │ ├─/sys/fs/cgroup/memory cgroup cgroup rw,nosuid,nodev,noexec,rela
│ │ ├─/sys/fs/cgroup/devices cgroup cgroup rw,nosuid,nodev,noexec,rela
│ │ ├─/sys/fs/cgroup/freezer cgroup cgroup rw,nosuid,nodev,noexec,rela
│ │ ├─/sys/fs/cgroup/net_cls cgroup cgroup rw,nosuid,nodev,noexec,rela
│ │ └─/sys/fs/cgroup/blkio cgroup cgroup rw,nosuid,nodev,noexec,rela
│ └─/sys/kernel/debug none debugfs rw,relatime
├─/dev dev devtmpfs rw,nosuid,relatime,size=154
│ ├─/dev/shm tmpfs tmpfs rw,nosuid,nodev
│ ├─/dev/pts devpts devpts rw,nosuid,noexec,relatime,g
│ ├─/dev/mqueue mqueue mqueue rw,relatime
│ └─/dev/hugepages hugetlbfs hugetlbf rw,relatime
├─/run run tmpfs rw,nosuid,nodev,relatime,mo
├─/tmp tmpfs tmpfs rw,nosuid,nodev,relatime
├─/home /dev/sda4 ext3 rw,relatime,data=ordered
└─/boot /dev/sda1 ext2 rw,relatime
[root@image1 home]#
[root@image1 home]# su - ickstadf
su: warning: cannot change directory to /home/ickstadf: Permission denied
su: /bin/bash: Permission denied
[root@image1 home]#regards,
frigg
Offline
#28 2012-12-27 18:52:53
- cfr
- Member
- From: Cymru
- Registered: 2011-11-27
- Posts: 7,132
Re: [SOLVED] after upgrade to systemd only login as root is allowed
What do you mean? The permissions for /home are showing as 755 in the above. Is that what you get following reboot? If so, they haven't reverted.
The permissions on /, /boot are also bizarre, though, and should be fixed as well.
CLI Paste | How To Ask Questions
Arch Linux | x86_64 | GPT | EFI boot | refind | stub loader | systemd | LVM2 on LUKS
Lenovo x270 | Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz | Intel Wireless 8265/8275 | US keyboard w/ Euro | 512G NVMe INTEL SSDPEKKF512G7L
Offline
#29 2012-12-27 19:09:38
- falconindy
- Developer
- From: New York, USA
- Registered: 2009-10-22
- Posts: 4,111
- Website
Offline
#30 2012-12-27 20:08:53
- frigg
- Member
- From: Germany, Europe
- Registered: 2006-10-30
- Posts: 46
Re: [SOLVED] after upgrade to systemd only login as root is allowed
Hi falconindy/Dave,
drwxrwx--T 20 root root 4096 Dec 8 22:42 .Every user except root is forbidden from searching every directory in your filesystem -- this explains why polkit and your user are unable to login. Your / MUST be 755.
Your right! I guess my now disbled udev rule changed the permissions of /home, /boot,swap and / from 755 to 1770. As a interesting fact this was never a problem using sysinit mechanism but is erroneous using systemd! For the other readers: 1777 for /tmp is default and these settings is a must have.
Thanks for your analysis and help!!
But now is a question open: how can I transform the udev rule to be systemd compliant? Is there any documentation titled like "transforming udev rules to sytemd"?
As argyllcms in AUR has a udevrule, is there anything critical with this rule?
I've changed the appropriate mountpoints to 775, performed a reboot and now everything runs fine (until now)...
[root@image1 ~]# cd / ; ls -la
total 77
drwxr-xr-x 20 root root 4096 Dec 8 22:42 .
drwxr-xr-x 20 root root 4096 Dec 8 22:42 ..
drwxr-xr-x 2 root root 4096 Dec 25 15:46 bin
drwxr-xr-x 6 root root 1024 Dec 25 15:44 boot
drwxr-xr-x 17 root root 3100 Dec 27 20:35 dev
drwxr-xr-x 87 root root 12288 Dec 27 07:41 etc
drwxr-xr-x 5 root root 4096 Dec 27 07:39 home
lrwxrwxrwx 1 root root 7 Oct 24 23:03 lib -> usr/lib
drwx------ 2 root root 16384 Sep 10 2007 lost+found
drwxr-xr-x 2 root root 4096 Dec 27 15:39 media
drwxr-xr-x 5 root root 4096 Oct 25 2009 mnt
drwxr-xr-x 7 root root 4096 May 18 2012 opt
dr-xr-xr-x 126 root root 0 Dec 27 20:34 proc
drwxr-x--- 8 root root 4096 Jul 31 20:45 root
drwxr-xr-x 23 root root 560 Dec 27 20:37 run
drwxr-xr-x 2 root root 4096 Dec 25 15:46 sbin
drwxr-xr-x 4 root root 4096 Dec 4 02:02 srv
dr-xr-xr-x 12 root root 0 Dec 27 20:34 sys
drwxrwxrwt 13 root root 320 Dec 27 20:36 tmp
drwxr-xr-x 11 root root 4096 Dec 8 22:42 usr
drwxr-xr-x 14 root root 4096 Dec 8 22:42 var
[root@image1 /]#
[root@image1 /]# su - ickstadf
[ickstadf@image1 ~]$
[ickstadf@image1 ~]$ exit
logout
[root@image1 /]#I try to set this subject to [solved], if I find a way to do so...
very best regards,
frigg
Offline
#31 2012-12-27 22:45:50
- falconindy
- Developer
- From: New York, USA
- Registered: 2009-10-22
- Posts: 4,111
- Website
Re: [SOLVED] after upgrade to systemd only login as root is allowed
Please understand that systemd doesn't care about disk permissions any more or less than sysvinit, or any other init system. I don't know why you wish to continue to attempt to draw this conclusion, but I assure you that removing search access to all users but root for your entire filesystem is problematic and has absolutely zero bearing on what PID 1 happens to be at the time.
The far more logical conclusion to draw here is that sometime during your efforts to convert to systemd, you changed these permissions.
Offline
#32 2012-12-27 22:51:04
- cfr
- Member
- From: Cymru
- Registered: 2011-11-27
- Posts: 7,132
Re: [SOLVED] after upgrade to systemd only login as root is allowed
To mark it [solved] edit your first post and add the tag to the subject line.
CLI Paste | How To Ask Questions
Arch Linux | x86_64 | GPT | EFI boot | refind | stub loader | systemd | LVM2 on LUKS
Lenovo x270 | Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz | Intel Wireless 8265/8275 | US keyboard w/ Euro | 512G NVMe INTEL SSDPEKKF512G7L
Offline
#33 2012-12-28 07:30:20
- frigg
- Member
- From: Germany, Europe
- Registered: 2006-10-30
- Posts: 46
Re: [SOLVED] after upgrade to systemd only login as root is allowed
Hi Dave,
Please understand that systemd doesn't care about disk permissions any more or less than sysvinit, or any other init system. I don't know why you wish to continue to attempt to draw this conclusion, but I assure you that removing search access to all users but root for your entire filesystem is problematic and has absolutely zero bearing on what PID 1 happens to be at the time.
The far more logical conclusion to draw here is that sometime during your efforts to convert to systemd, you changed these permissions.
Well, I thinks the permissions changed by my udevrule during the upgrade to systemd. I had never before the disk partitions mounted additionally! under /media. Please have a look to my first findmnt output. I never touched the permissions of the four partitions manually without reverting to it's default.
But now it's the time for me to get more familiar with systemd...
best regards and a hapy new year,
frigg
Offline
#34 2012-12-28 07:33:50
- frigg
- Member
- From: Germany, Europe
- Registered: 2006-10-30
- Posts: 46
Re: [SOLVED] after upgrade to systemd only login as root is allowed
Hi cfr,
To mark it [solved] edit your first post and add the tag to the subject line.
Thank's for the tip.
best regards and a happy new year,
frigg
Offline