[SOLVED] `systemctl --user` fails to connect to bus

beroal · 2024-10-27 12:27:04

I'm executing these commands under Sway under greetd.

systemctl --user show-environment

and other commands (`list-units`, `daemon-reload`) show the error

Failed to connect to bus: No medium found

Is it normal?

env

prints

SHELL=/usr/bin/bash
WINDOWID=100606954275440
COLORTERM=truecolor
HISTCONTROL=ignoredups:erasedups
HISTSIZE=10000
I3SOCK=/run/user/1001/sway-ipc.1001.2502.sock
GRADLE_HOME=/usr/share/java/gradle
XCURSOR_SIZE=24
XDG_SEAT=seat0
PWD=/home/user
LOGNAME=user
XDG_SESSION_TYPE=wayland
MOTD_SHOWN=pam
HOME=/home/user
LANG=ru_RU.UTF-8
SWAYSOCK=/run/user/1001/sway-ipc.1001.2502.sock
WAYLAND_DISPLAY=wayland-1
ALACRITTY_SOCKET=/run/user/1001/Alacritty-wayland-1-11603.sock
PYTHONPATH=/home/user/.-hb/prg/python/lib:/home/user/.-hc/prg/python/lib:
TERM=alacritty
USER=user
DISPLAY=:0
SHLVL=1
XDG_VTNR=1
XDG_SESSION_ID=4
XDG_RUNTIME_DIR=/run/user/1001
DEBUGINFOD_URLS=https://debuginfod.archlinux.org
SMLNJ_HOME=/usr/lib/smlnj
PATH=/home/user/.-hb/prg/bin:/usr/lib/smlnj/bin:/usr/local/sbin:/usr/local/bin:/usr/bin:/usr/lib/jvm/default/bin:/usr/bin/site_perl:/usr/bin/vendor_perl:/usr/bin/core_perl
ALACRITTY_LOG=/tmp/Alacritty-11603.log
HISTFILESIZE=10000
HG=/usr/bin/hg
MAIL=/var/spool/mail/user
ALACRITTY_WINDOW_ID=100606954275440
_=/usr/bin/env

so `XDG_RUNTIME_DIR` is set correctly. I had no need to execute these command before and don't know how to debug further.

I got to these commands when troubleshooting XDG desktop portals according to the Wiki article.

Last edited by beroal (2024-10-28 18:08:19)

mpan · 2024-10-27 13:28:50

No, it’s not. Your environment variables miss `DBUS_SESSION_BUS_ADDRESS`. This suggests DBus was never started.⁽¹⁾

This should be done automatically by the pam_systemd module, when it starts your user’s systemd instance. See systemd/user article.
____
⁽¹⁾ Less likely that it was started, but your programs are not running as its children.

Last edited by mpan (2024-10-27 13:29:16)

beroal · 2024-10-27 16:54:20

mpan wrote:

Less likely that it was started, but your programs are not running as its children.

Thank you for the answer. What exactly is that DBus program?

beroal · 2024-10-27 17:22:45

Greetd runs as a system systemd service. My shell runs as a grandchild of Sway.

   2297     0 greetd (enforce)                greetd
   2539     0 greetd (enforce)                 \_ /usr/bin/greetd --session-worker 12
   2600  1001 sway (enforce)                       \_ sway --config /etc/sway/user-config

Here is the only process tree of `systemd --user` for my user:

    PID   UID LABEL                           COMMAND
   2567  1001 unconfined                      /usr/lib/systemd/systemd --user
   2569  1001 unconfined                       \_ (sd-pam)
   2650  1001 unconfined                       \_ /usr/bin/dbus-broker-launch --scope user
   2651  1001 unconfined                       |   \_ dbus-broker --log 4 --controller 10 --machine-id 46146c156a7243ed9c5014ae6003bdc5 --max-bytes 100000000000000 --max-fds 25000000000000 --max-matches 5000000000
   2672  1001 xdg-desktop-portal (enforce)     \_ /usr/lib/xdg-desktop-portal
   2679  1001 dbus-accessibility (enforce)     \_ /usr/lib/at-spi-bus-launcher
   2697  1001 dbus-accessibility (enforce)     |   \_ /usr/bin/dbus-broker-launch --config-file=/usr/share/defaults/at-spi2/accessibility.conf --scope user
   2700  1001 dbus-accessibility (enforce)     |       \_ dbus-broker --log 4 --controller 9 --machine-id 46146c156a7243ed9c5014ae6003bdc5 --max-bytes 100000000000000 --max-fds 6400000 --max-matches 5000000000
   2688  1001 xdg-document-portal (enforce)    \_ /usr/lib/xdg-document-portal
   2711     0 xdg-document-portal//fusermount (enforce)  |   \_ fusermount3 -o rw,nosuid,nodev,fsname=portal,auto_unmount,subtype=portal -- /run/user/1001/doc
   2689  1001 gvfsd (enforce)                  \_ /usr/lib/gvfsd
   5908  1001 gvfsd-http (enforce)             |   \_ /usr/lib/gvfsd-http --spawner :1.14 /org/gtk/gvfs/exec_spaw/0
   6147  1001 gvfsd-trash (enforce)            |   \_ /usr/lib/gvfsd-trash --spawner :1.14 /org/gtk/gvfs/exec_spaw/1
   6170  1001 gvfsd-network (enforce)          |   \_ /usr/lib/gvfsd-network --spawner :1.14 /org/gtk/gvfs/exec_spaw/2
   2699  1001 xdg-permission-store (enforce)   \_ /usr/lib/xdg-permission-store
   2716  1001 gvfsd-fuse (enforce)             \_ /usr/lib/gvfsd-fuse /run/user/1001/gvfs -f
   2732  1001 unconfined                       \_ /usr/lib/xdg-desktop-portal-wlr
   2763  1001 pipewire (enforce)               \_ /usr/bin/pipewire
   2764  1001 wireplumber (enforce)            \_ /usr/bin/wireplumber
   3528  1001 at-spi2-registryd (enforce)      \_ /usr/lib/at-spi2-registryd --use-gnome-session
   6129  1001 gvfs-udisks2-volume-monitor (enforce)  \_ /usr/lib/gvfs-udisks2-volume-monitor
   6179  1001 dconf-service (enforce)          \_ /usr/lib/dconf-service

Last edited by beroal (2024-10-27 17:23:37)

seth · 2024-10-27 19:24:50

https://wiki.archlinux.org/title/Sway#Starting

ps aux | grep -E '(dbus|seat)'
pacman -Qs polkit
pacman -Qikk systemd pambase
cat /etc/pam.d/greetd

beroal · 2024-10-27 19:35:53

seth,

dbus        2282  0.0  0.0   7208  3404 ?        Ss   21:00   0:00 /usr/bin/dbus-broker-launch --scope system --audit
dbus        2283  0.0  0.0   5052  3044 ?        S    21:00   0:00 dbus-broker --log 4 --controller 9 --machine-id 46146c156a7243ed9c5014ae6003bdc5 --max-bytes 536870912 --max-fds 4096 --max-matches 16384 --audit
user        2552  0.0  0.0   6812  3216 ?        Ss   21:00   0:00 /usr/bin/dbus-broker-launch --scope user
user        2553  0.0  0.0   4332  2468 ?        S    21:00   0:00 dbus-broker --log 4 --controller 10 --machine-id 46146c156a7243ed9c5014ae6003bdc5 --max-bytes 100000000000000 --max-fds 25000000000000 --max-matches 5000000000
user        2592  0.0  0.0   6812  3356 ?        S    21:00   0:00 /usr/bin/dbus-broker-launch --config-file=/usr/share/defaults/at-spi2/accessibility.conf --scope user
user        2593  0.0  0.0   4096  2336 ?        S    21:00   0:00 dbus-broker --log 4 --controller 9 --machine-id 46146c156a7243ed9c5014ae6003bdc5 --max-bytes 100000000000000 --max-fds 6400000 --max-matches 5000000000
pulse       5123  0.0  0.0   6812  3240 ?        Ss   21:02   0:00 /usr/bin/dbus-broker-launch --scope user
pulse       5124  0.0  0.0   4096  2428 ?        S    21:02   0:00 dbus-broker --log 4 --controller 10 --machine-id 46146c156a7243ed9c5014ae6003bdc5 --max-bytes 100000000000000 --max-fds 25000000000000 --max-matches 5000000000
root       11407  0.0  0.0   9392  5936 tty2     S+   21:29   0:00 grep -E (dbus|seat)

local/polkit 125-1
    Application development toolkit for controlling system-wide privileges
local/polkit-qt5 0.200.0-1
    A library that allows developers to access PolicyKit API with a nice Qt-style API
local/polkit-qt6 0.200.0-1
    A library that allows developers to access PolicyKit API with a nice Qt-style API

Name            : systemd
Version         : 256.7-1
Description     : system and service manager
Architecture    : x86_64
URL             : https://www.github.com/systemd/systemd
Licenses        : LGPL-2.1-or-later  CC0-1.0  GPL-2.0-or-later  MIT-0
Groups          : None
Provides        : nss-myhostname  systemd-tools=256.7  udev=256.7
Depends On      : systemd-libs=256.7  acl  libacl.so=1-64  bash  cryptsetup  libcryptsetup.so=12-64  dbus  dbus-units  kbd  kmod  hwdata  libcap  libcap.so=2-64  libgcrypt  libxcrypt
                  libcrypt.so=2-64  libidn2  lz4  pam  libelf  libseccomp  libseccomp.so=2-64  util-linux  libblkid.so=1-64  libmount.so=1-64  xz  pcre2  audit  libaudit.so=1-64
                  openssl  libcrypto.so=3-64  libssl.so=3-64
Optional Deps   : libmicrohttpd: systemd-journal-gatewayd and systemd-journal-remote [installed]
                  quota-tools: kernel-level quota management
                  systemd-sysvcompat: symlink package to provide sysvinit binaries [installed]
                  systemd-ukify: combine kernel and initrd into a signed Unified Kernel Image
                  polkit: allow administration as unprivileged user [installed]
                  curl: systemd-journal-upload, machinectl pull-tar and pull-raw [installed]
                  gnutls: systemd-journal-gatewayd and systemd-journal-remote [installed]
                  qrencode: show QR codes [installed]
                  iptables: firewall features [installed]
                  libarchive: convert DDIs to tarballs [installed]
                  libbpf: support BPF programs [installed]
                  libpwquality: check password quality
                  libfido2: unlocking LUKS2 volumes with FIDO2 token [installed]
                  libp11-kit: support PKCS#11 [installed]
                  tpm2-tss: unlocking LUKS2 volumes with TPM2 [installed]
Required By     : base  chromium  cups  greetd  gvfs  libcolord  libgudev  libpulse  lxqt-session  mdadm  media-player-info  mkinitcpio  netctl  pacman  rtkit  systemd-sysvcompat  vte3
                  xdg-desktop-portal  xdg-user-dirs
Optional For    : None
Conflicts With  : nss-myhostname  systemd-tools  udev
Replaces        : nss-myhostname  systemd-tools  udev
Installed Size  : 32.46 MiB
Packager        : Christian Hesse <eworm@archlinux.org>
Build Date      : Tue Oct 8 18:47:49 2024
Install Date    : Sun Oct 27 02:57:13 2024
Install Reason  : Installed as a dependency for another package
Install Script  : Yes
Validated By    : Signature

warning: systemd: /var/log/journal (GID mismatch)
systemd: 1547 total files, 1 altered file
Name            : pambase
Version         : 20230918-2
Description     : Base PAM configuration for services
Architecture    : any
URL             : https://www.archlinux.org
Licenses        : GPL-3.0-or-later
Groups          : None
Provides        : None
Depends On      : None
Optional Deps   : None
Required By     : pam
Optional For    : None
Conflicts With  : None
Replaces        : None
Installed Size  : 2.68 KiB
Packager        : David Runge <dvzrv@archlinux.org>
Build Date      : Thu Aug 15 11:00:08 2024
Install Date    : Thu Sep 12 11:36:17 2024
Install Reason  : Installed as a dependency for another package
Install Script  : No
Validated By    : Signature

pambase: 8 total files, 0 altered files

#%PAM-1.0

auth       required     pam_securetty.so
auth       requisite    pam_nologin.so
auth       include      system-local-login
account    include      system-local-login
session    include      system-local-login

beroal · 2024-10-27 19:42:21

In a text virtual terminal, `DBUS_SESSION_BUS_ADDRESS` is set to `unix:path=/run/user/1001/bus` and `systemctl --user` works. Under Sway,

> DBUS_SESSION_BUS_ADDRESS=unix:path=/run/user/1001/bus LANG=C systemctl --user list-units
Failed to connect to bus: No medium found

P. S. I use AppArmor, but it doesn't show any denied access, and `systemctl` is executed in the complain mode anyway.

seth · 2024-10-27 20:16:59

DBUS_SESSION_BUS_ADDRESS=foo LANG=C systemctl --user list-units

still works for me, the problem will be the missing session integration.
You're not running seatd and you're getting session integration via getty, so the problem is greetd.

Try to run "systemctl --user import-environment" but that won't extend outside the current shell.
Then elaborate on your greetd setup, what greeter, how is sway started.

beroal · 2024-10-27 21:41:24

Try to run "systemctl --user import-environment" but that won't extend outside the current shell.

> DBUS_SESSION_BUS_ADDRESS=unix:path=/run/user/1001/bus LANG=C systemctl --user import-environment
Failed to connect to bus: No medium found

“/etc/systemd/system/greetd.service”:

[Unit]
Description=Greeter daemon
After=systemd-user-sessions.service plymouth-quit-wait.service
After=getty@tty1.service
Conflicts=getty@tty1.service

[Service]
Type=simple
ExecStart=greetd
IgnoreSIGPIPE=no
SendSIGHUP=yes
TimeoutStopSec=30s
KeyringMode=shared
Restart=never
RestartSec=1
StartLimitBurst=5
StartLimitInterval=30
RestartPreventExitStatus=1

[Install]
Alias=display-manager.service

systemctl -n 40 status greetd

● greetd.service - Greeter daemon
     Loaded: loaded (/etc/systemd/system/greetd.service; enabled; preset: disabled)
     Active: active (running) since Sun 2024-10-27 23:28:57 EET; 45s ago
 Invocation: 7ac8fc52d3fc46e2b8e209a3c8f3aa98
   Main PID: 8545 (greetd)
      Tasks: 1 (limit: 16586)
     Memory: 1.9M (peak: 3.9M)
        CPU: 389ms
     CGroup: /system.slice/greetd.service
             └─8545 greetd

окт 27 23:28:57 beroal systemd[1]: Started Greeter daemon.
окт 27 23:28:57 beroal greetd[8545]: config: Config { file: ConfigFile { terminal: ConfigTerminal { vt: Specific(1), switch: true }, general: ConfigGeneral { source_profile: true, runfile: "/run/greetd.run", service: "greetd" }, default_session: ConfigSession { command: "sway --debug --verbose --config=/etc/sway/wlgreet-config", user: "greeter", service: "greetd-greeter" }, initial_session: None }, internal: ConfigInternal { session_worker: 0 } }
окт 27 23:28:57 beroal greetd[8546]: config: Config { file: ConfigFile { terminal: ConfigTerminal { vt: None, switch: false }, general: ConfigGeneral { source_profile: true, runfile: "/run/greetd.run", service: "greetd" }, default_session: ConfigSession { command: "", user: "", service: "" }, initial_session: None }, internal: ConfigInternal { session_worker: 11 } }
окт 27 23:28:57 beroal greetd[8546]: pam_systemd_home(greetd:account): New sd-bus connection (system-bus-pam-systemd-home-8546) opened.
окт 27 23:28:57 beroal greetd[8546]: pam_unix(greetd:session): session opened for user greeter(uid=972) by greeter(uid=0)
окт 27 23:28:57 beroal greetd[8546]: pam_systemd(greetd:session): New sd-bus connection (system-bus-pam-systemd-8546) opened.
окт 27 23:28:59 beroal greetd[8584]: config: Config { file: ConfigFile { terminal: ConfigTerminal { vt: None, switch: false }, general: ConfigGeneral { source_profile: true, runfile: "/run/greetd.run", service: "greetd" }, default_session: ConfigSession { command: "", user: "", service: "" }, initial_session: None }, internal: ConfigInternal { session_worker: 12 } }
окт 27 23:28:59 beroal greetd[8584]: pam_systemd_home(greetd:auth): New sd-bus connection (system-bus-pam-systemd-home-8584) opened.
окт 27 23:29:03 beroal greetd[8584]: pam_unix(greetd:session): session opened for user user(uid=1001) by user(uid=0)
окт 27 23:29:03 beroal greetd[8584]: pam_systemd(greetd:session): New sd-bus connection (system-bus-pam-systemd-8584) opened.
окт 27 23:29:04 beroal greetd[8584]: pam_systemd(greetd:session): Failed to set ambient capabilities, ignoring: Operation not permitted

“/etc/greetd/config.toml”:

[terminal]
# The VT to run the greeter on. Can be "next", "current" or a number
# designating the VT.
vt = 1

# The default session, also known as the greeter.
[default_session]

# `agreety` is the bundled agetty/login-lookalike. You can replace `$SHELL`
# with whatever you want started, such as `sway`.
command = "sway --debug --verbose --config=/etc/sway/wlgreet-config"

# The user to run the command as. The privileges this user must have depends
# on the greeter. A graphical greeter may for example require the user to be
# in the `video` group.
user = "greeter"

“/etc/sway/wlgreet-config”:

exec "wlgreet --command 'sway --config /etc/sway/user-config'; swaymsg exit"
include /etc/sway/config.d/*

seth · 2024-10-27 22:01:42

What does your /etc/greetd/environments look like?
See the tail of https://daemon.pizza/posts/greetd-sway-alpine/

However, before that (workaround): do you have more luck w/ https://wiki.archlinux.org/title/Greetd#agreety instead of wlgreet resp. dbus-daemon-units instead of dbus-broker-units?

beroal · 2024-10-28 07:02:06

seth wrote:

What does your /etc/greetd/environments look like?
See the tail of https://daemon.pizza/posts/greetd-sway-alpine/
However, before that (workaround): do you have more luck w/ https://wiki.archlinux.org/title/Greetd#agreety instead of wlgreet resp. dbus-daemon-units instead of dbus-broker-units?

> ls -a /etc/greetd
.  ..  config.toml

beroal · 2024-10-28 07:02:53

May this error be the culprit?

greetd[8584]: pam_systemd(greetd:session): Failed to set ambient capabilities, ignoring: Operation not permitted

beroal · 2024-10-28 07:11:27

seth wrote:

What does your /etc/greetd/environments look like?
See the tail of https://daemon.pizza/posts/greetd-sway-alpine/

From the documentation I infer that “/etc/greetd/environments” is read by gtkgreet and is not read by wlgreet.

seth · 2024-10-28 07:21:33

Never used greetd, but wiki says https://wiki.archlinux.org/title/Greetd#wlgreet says "Follow the steps required to set up gtkgreet" *shrug*

https://man.archlinux.org/man/core/man- … en#Ambient
Is this the hardened kernel?

seth wrote:

do you have more luck w/ https://wiki.archlinux.org/title/Greetd#agreety instead of wlgreet resp. dbus-daemon-units instead of dbus-broker-units?

beroal · 2024-10-28 08:24:52

seth wrote:

https://man.archlinux.org/man/core/man- … en#Ambient
Is this the hardened kernel?

As far as I remember, not.

> pacman -Q linux
linux 6.11.5.arch1-1

beroal · 2024-10-28 08:29:42

Switching to agreety didn't change the error. BTW, it made it easier to debug.

I found

  deny capability dac_read_search,
  deny capability dac_override,

in my AppArmor profile for greetd. Now the `DBUS_SESSION_BUS_ADDRESS` variable is set. However, the error

Failed to connect to bus: No medium found

remains. Probably, AppArmor again.

Last edited by beroal (2024-10-28 08:30:04)

beroal · 2024-10-28 12:55:51

I localized the error to the following. If I log into a text terminal and execute `systemctl`, it works. If I execute `systemctl` in a bash script (“/usr/local/bin/bash-test”) under an AppArmor profile, it doesn't.

“/usr/local/bin/bash-test”

#!/bin/sh
systemctl --user show-environment

“/etc/apparmor.d/bash-test”

abi <abi/3.0>,

include <tunables/global>

profile bash-test /usr/local/bin/bash-test flags=(complain) {
  /usr/local/bin/bash-test mr,
  /usr/bin/bash ix,
  /dev/tty{,@{int}} rw,
  /usr/bin/systemctl Ux,
}

cat /var/log/audit/audit.log | grep apparmor

type=AVC msg=audit(1730119422.474:37370): apparmor="DENIED" operation="file_mmap" class="file" info="Failed name lookup - disconnected path" error=-13 profile="unix-chkpwd" name="" pid=53145 comm="unix_chkpwd" requested_mask="r" denied_mask="r" fsuid=0 ouid=0FSUID="root" OUID="root"
type=AVC msg=audit(1730119423.197:37371): apparmor="DENIED" operation="file_mmap" class="file" info="Failed name lookup - disconnected path" error=-13 profile="unix-chkpwd" name="" pid=53145 comm="unix_chkpwd" requested_mask="r" denied_mask="r" fsuid=0 ouid=0FSUID="root" OUID="root"
type=AVC msg=audit(1730119425.874:37372): apparmor="DENIED" operation="file_mmap" class="file" info="Failed name lookup - disconnected path" error=-13 profile="unix-chkpwd" name="" pid=53146 comm="unix_chkpwd" requested_mask="r" denied_mask="r" fsuid=0 ouid=0FSUID="root" OUID="root"
type=AVC msg=audit(1730119426.597:37373): apparmor="DENIED" operation="file_mmap" class="file" info="Failed name lookup - disconnected path" error=-13 profile="unix-chkpwd" name="" pid=53146 comm="unix_chkpwd" requested_mask="r" denied_mask="r" fsuid=0 ouid=0FSUID="root" OUID="root"
type=AVC msg=audit(1730119435.964:37386): apparmor="ALLOWED" operation="open" class="file" profile="bash-test" name="/etc/ld.so.cache" pid=53170 comm="bash-test" requested_mask="r" denied_mask="r" fsuid=1020 ouid=0FSUID="test58" OUID="root"
type=AVC msg=audit(1730119435.964:37387): apparmor="ALLOWED" operation="open" class="file" profile="bash-test" name="/usr/lib/libreadline.so.8.2" pid=53170 comm="bash-test" requested_mask="r" denied_mask="r" fsuid=1020 ouid=0FSUID="test58" OUID="root"
type=AVC msg=audit(1730119435.964:37388): apparmor="ALLOWED" operation="file_mmap" class="file" profile="bash-test" name="/usr/lib/libreadline.so.8.2" pid=53170 comm="bash-test" requested_mask="rm" denied_mask="rm" fsuid=1020 ouid=0FSUID="test58" OUID="root"
type=AVC msg=audit(1730119435.964:37389): apparmor="ALLOWED" operation="open" class="file" profile="bash-test" name="/usr/lib/libc.so.6" pid=53170 comm="bash-test" requested_mask="r" denied_mask="r" fsuid=1020 ouid=0FSUID="test58" OUID="root"
type=AVC msg=audit(1730119435.964:37390): apparmor="ALLOWED" operation="file_mmap" class="file" profile="bash-test" name="/usr/lib/libc.so.6" pid=53170 comm="bash-test" requested_mask="rm" denied_mask="rm" fsuid=1020 ouid=0FSUID="test58" OUID="root"
type=AVC msg=audit(1730119435.964:37391): apparmor="ALLOWED" operation="open" class="file" profile="bash-test" name="/usr/lib/libncursesw.so.6.5" pid=53170 comm="bash-test" requested_mask="r" denied_mask="r" fsuid=1020 ouid=0FSUID="test58" OUID="root"
type=AVC msg=audit(1730119435.964:37392): apparmor="ALLOWED" operation="file_mmap" class="file" profile="bash-test" name="/usr/lib/libncursesw.so.6.5" pid=53170 comm="bash-test" requested_mask="rm" denied_mask="rm" fsuid=1020 ouid=0FSUID="test58" OUID="root"

`unix_chkpwd` denies are emitted when I log in. I don't see how the profile can contain any `deny` rule.

seth · 2024-10-28 13:21:19

in my AppArmor profile

There we go, I guess disabling apparmor fixes it?

Check /etc/apparmor.d/unix-chkpwd

beroal · 2024-10-28 15:33:28

seth wrote:

in my AppArmor profile
There we go, I guess disabling apparmor fixes it?

Actually, purging the profile from the kernel with the following command fixes it.

apparmor_parser -R /etc/apparmor.d/bash-test

seth · 2024-10-28 15:55:09

That seems a side-effect?
But to be clear, you're now getting a proper session and session dbus?

beroal · 2024-10-28 18:07:39

seth wrote:

That seems a side-effect?
But to be clear, you're now getting a proper session and session dbus?

Running programs without profiles makes AppArmor useless, so it's not a proper solution.

I found a proper fix. In my AppArmor profile for “/usr/local/bin/bash-test”, `systemctl` is executed with environment variable scrubbing.

  /usr/bin/systemctl Ux,

This caused

Failed to connect to bus: No medium found

After replacing the rule with

  /usr/bin/systemctl ux,

`systemctl` works.

I still don't understand which environment variable was scrubbed. The set of environment variables printed by `printenv` and the set of environment variables scrubbed (“sysdeps/generic/unsecvars.h” in glibc) do not intersect.

Thanks to everybody for the help.

Arch Linux

#1 2024-10-27 12:27:04

[SOLVED] `systemctl --user` fails to connect to bus

#2 2024-10-27 13:28:50

Re: [SOLVED] `systemctl --user` fails to connect to bus

#3 2024-10-27 16:54:20

Re: [SOLVED] `systemctl --user` fails to connect to bus

#4 2024-10-27 17:22:45

Re: [SOLVED] `systemctl --user` fails to connect to bus

#5 2024-10-27 19:24:50

Re: [SOLVED] `systemctl --user` fails to connect to bus

#6 2024-10-27 19:35:53

Re: [SOLVED] `systemctl --user` fails to connect to bus

#7 2024-10-27 19:42:21

Re: [SOLVED] `systemctl --user` fails to connect to bus

#8 2024-10-27 20:16:59

Re: [SOLVED] `systemctl --user` fails to connect to bus

#9 2024-10-27 21:41:24

Re: [SOLVED] `systemctl --user` fails to connect to bus

#10 2024-10-27 22:01:42

Re: [SOLVED] `systemctl --user` fails to connect to bus

#11 2024-10-28 07:02:06

Re: [SOLVED] `systemctl --user` fails to connect to bus

#12 2024-10-28 07:02:53

Re: [SOLVED] `systemctl --user` fails to connect to bus

#13 2024-10-28 07:11:27

Re: [SOLVED] `systemctl --user` fails to connect to bus

#14 2024-10-28 07:21:33

Re: [SOLVED] `systemctl --user` fails to connect to bus

#15 2024-10-28 08:24:52

Re: [SOLVED] `systemctl --user` fails to connect to bus

#16 2024-10-28 08:29:42

Re: [SOLVED] `systemctl --user` fails to connect to bus

#17 2024-10-28 12:55:51

Re: [SOLVED] `systemctl --user` fails to connect to bus

#18 2024-10-28 13:21:19

Re: [SOLVED] `systemctl --user` fails to connect to bus

#19 2024-10-28 15:33:28

Re: [SOLVED] `systemctl --user` fails to connect to bus

#20 2024-10-28 15:55:09

Re: [SOLVED] `systemctl --user` fails to connect to bus

#21 2024-10-28 18:07:39

Re: [SOLVED] `systemctl --user` fails to connect to bus

Board footer