You are not logged in.

Pages: 1

#1 2020-12-22 21:14:57

marcipan
Member
Registered: 2020-12-22
Posts: 2

systemd-logind and other services broken after upgrade

Hello, today after full system upgrade I could not boot, systemd-logind and other services failed to start. With systemd.debug-shell=1 I was able to see what was going on.
journal show me that failing units are because of 

Dec 22 21:07:12 systemd[2434]: systemd-logind.service: Failed to set up mount namespacing: /run/systemd/unit-root/etc: No such file or directory
Dec 22 21:07:12 systemd[2434]: systemd-logind.service: Failed at step NAMESPACE spawning /usr/lib/systemd/systemd-logind: No such file or directory
Dec 22 21:07:12 systemd[1]: systemd-logind.service: Main process exited, code=exited, status=226/NAMESPACE
Dec 22 21:07:12 systemd[1]: systemd-logind.service: Failed with result 'exit-code'.

Temporary fix was to remove all Protected* and ReadWritePaths basically every hardening restriction
Further experiments with another failed unit systemd-hostnamed, show me what exactly has to be commented out, to be able to start unit.

[Service]
BusName=org.freedesktop.hostname1
CapabilityBoundingSet=CAP_SYS_ADMIN
ExecStart=/usr/lib/systemd/systemd-hostnamed
IPAddressDeny=any
LockPersonality=yes
MemoryDenyWriteExecute=yes
NoNewPrivileges=yes
#PrivateDevices=yes  <--
PrivateNetwork=yes
#PrivateTmp=yes  <--
#ProtectProc=invisible  <--
#ProtectControlGroups=yes <--
#ProtectHome=yes <--
#ProtectKernelLogs=yes <-- 
#ProtectKernelModules=yes <--
#ProtectKernelTunables=yes <--
#ProtectSystem=strict <--
#ReadWritePaths=/etc <--
RestrictAddressFamilies=AF_UNIX
RestrictNamespaces=yes
RestrictRealtime=yes
RestrictSUIDSGID=yes
SystemCallArchitectures=native
SystemCallErrorNumber=EPERM
SystemCallFilter=@system-service sethostname
WatchdogSec=3min

I don't know what is wrong or where to look.
kernel version 5.8.10-arch1-1  ( after downgrade - one of unsuccessfull attemps to fix issue), systemd version 247.2-1
Maybe I should mention that I have root on zfs on dmcryted drive.
Thx for help.

Offline

#2 2020-12-28 20:11:35

marcipan
Member
Registered: 2020-12-22
Posts: 2

Re: systemd-logind and other services broken after upgrade

After few days of weird experiences, I start to suspect zfs as the root cause of problem. There was major version change from zfs 0.8.4 to openzfs 2.0, after downgrading zfs, everythings starts to work as before. Is there someone with similar experience?

Offline

Pages: 1

Board footer

Powered by FluxBB