Sounds like I should just do a fresh install then. Thanks
No need to do a full reinstall, just do a reinstall of systemd-boot.
I donāt think his issue is systemd-boot. His issue is that after he installed Pop!_OS on another drive he can no longer boot into the Windows drive even when he selects the drive Windows is installed on from the motherboardās boot menu. Still think he should try Windowās boot repair utility from the Windowās install media first.
The issue is if he had other drives installed at some point sometimes for some reason Windows will move itās bootloader to a different drive in the system other than the one Windows is installed on. Happens due to updates and I have no idea what Windows does during updates that causes this bug to happen. Have had it happen to several of my machines and sometimes only discovered it when I took my storage drive out to quickly move a bunch of data to only find my machine no longer booted without the storage drive installed. Not 100% sure all the things heās done with the system recently when he did the Pop!_OS install since he hasnāt elaborated.
Sooooā¦
I just god a popup that my Disk Space is running low, and checking FIlelight to see where the hell it went, it turns out my /var/log is getting close to 10gig nowā¦
Well, thatās one thing, but then I also checked journal -b --reverse
and I am getting literall hundreds of thousands of log messages like this:
Nov 02 23:00:19 localhost.localdomain audit[579316]: AVC avc: denied { unlink } for pid=579316 comm="sssd_ssh" name=>
Nov 02 23:00:19 localhost.localdomain audit[579317]: AVC avc: denied { unlink } for pid=579317 comm="sssd_nss" name=>
Nov 02 23:00:19 localhost.localdomain sssd_nss[579317]: Starting up
Nov 02 23:00:19 localhost.localdomain sssd_ssh[579316]: Starting up
Nov 02 23:00:19 localhost.localdomain rsyslogd[1128]: imjournal: rename() failed for new path: '/var/lib/rsyslog/imjour>
Nov 02 23:00:19 localhost.localdomain audit[1128]: AVC avc: denied { unlink } for pid=1128 comm="in:imjournal" name=>
Nov 02 23:00:19 localhost.localdomain rsyslogd[1128]: imjournal: rename() failed for new path: '/var/lib/rsyslog/imjour>
Nov 02 23:00:19 localhost.localdomain audit[1128]: AVC avc: denied { unlink } for pid=1128 comm="in:imjournal" name=>
Nov 02 23:00:19 localhost.localdomain rsyslogd[1128]: imjournal: rename() failed for new path: '/var/lib/rsyslog/imjour>
Nov 02 23:00:19 localhost.localdomain audit[1128]: AVC avc: denied { unlink } for pid=1128 comm="in:imjournal" name=>
Nov 02 23:00:19 localhost.localdomain rsyslogd[1128]: imjournal: rename() failed for new path: '/var/lib/rsyslog/imjour>
Nov 02 23:00:19 localhost.localdomain audit[1128]: AVC avc: denied { unlink } for pid=1128 comm="in:imjournal" name=>
Nov 02 23:00:19 localhost.localdomain audit[579310]: AVC avc: denied { unlink } for pid=579310 comm="sssd_nss" name=>
Nov 02 23:00:19 localhost.localdomain audit[579312]: AVC avc: denied { unlink } for pid=579312 comm="sssd_ssh" name=>
Nov 02 23:00:18 localhost.localdomain audit[579315]: AVC avc: denied { unlink } for pid=579315 comm="sssd_pam" name=>
Nov 02 23:00:18 localhost.localdomain audit[579314]: AVC avc: denied { unlink } for pid=579314 comm="sssd_sudo" name>
Nov 02 23:00:18 localhost.localdomain sssd_nss[579310]: Starting up
Nov 02 23:00:18 localhost.localdomain sssd_ssh[579312]: Starting up
Nov 02 23:00:18 localhost.localdomain audit[579311]: AVC avc: denied { unlink } for pid=579311 comm="sssd_pam" name=>
Nov 02 23:00:18 localhost.localdomain audit[579313]: AVC avc: denied { unlink } for pid=579313 comm="sssd_sudo" name>
Nov 02 23:00:18 localhost.localdomain audit[579309]: AVC avc: denied { read } for pid=579309 comm="sssd_be" name="in>
Nov 02 23:00:18 localhost.localdomain audit[579309]: AVC avc: denied { read } for pid=579309 comm="sssd_be" name="in>
Nov 02 23:00:18 localhost.localdomain audit[579309]: AVC avc: denied { read } for pid=579309 comm="sssd_be" name="pa>
Nov 02 23:00:18 localhost.localdomain audit[579309]: AVC avc: denied { read } for pid=579309 comm="sssd_be" name="pa>
Nov 02 23:00:18 localhost.localdomain sssd_be[579309]: Starting up
And no, Iām not joking about hundreds of thousands. I stopped scrolling at line 70.000 and that was an hour agoā¦
Any idea what the hell this even is or why itās failing? Is it failing to start whatever it is because the disk is getting full and filling the log because of it?
Just while typing this, it filled another 5 MBā¦
edit:
seems this has been going on a couple daysā¦
[tarulia@localhost]~% ls /var/log -lh | grep "G "
-rw-------. 1 root root 1.5G Nov 2 23:34 messages
-rw-------. 1 root root 2.1G Oct 30 16:11 messages-20211024
-rw-------. 1 root root 1.9G Nov 1 01:41 messages-20211031
And for the journal:
[tarulia@localhost]~% ls /var/log/journal/45a1b5f2623c470f8974756d48b6e068 -lh
total 4.1G
-rw-r-----+ 1 root systemd-journal 80M Oct 30 00:02 system@6e6d1adefe5848eda346d9f0ebb3c6f1-000000000060943d-0005cf83130d0471.journal
-rw-r-----+ 1 root systemd-journal 80M Oct 30 02:18 system@6e6d1adefe5848eda346d9f0ebb3c6f1-000000000061c7dc-0005cf84fb16f452.journal
-rw-r-----+ 1 root systemd-journal 80M Oct 30 04:33 system@6e6d1adefe5848eda346d9f0ebb3c6f1-000000000062ff48-0005cf86e2c7c10c.journal
-rw-r-----+ 1 root systemd-journal 80M Oct 30 06:49 system@6e6d1adefe5848eda346d9f0ebb3c6f1-000000000064377e-0005cf88c6189c2b.journal
-rw-r-----+ 1 root systemd-journal 80M Oct 30 09:05 system@6e6d1adefe5848eda346d9f0ebb3c6f1-00000000006565a5-0005cf8aacb8587f.journal
-rw-r-----+ 1 root systemd-journal 80M Oct 30 11:21 system@6e6d1adefe5848eda346d9f0ebb3c6f1-000000000066943b-0005cf8c90da2728.journal
-rw-r-----+ 1 root systemd-journal 80M Oct 30 13:37 system@6e6d1adefe5848eda346d9f0ebb3c6f1-000000000067c203-0005cf8e775643ec.journal
-rw-r-----+ 1 root systemd-journal 80M Oct 30 15:52 system@6e6d1adefe5848eda346d9f0ebb3c6f1-000000000068f04a-0005cf905cffdd91.journal
-rw-r-----+ 1 root systemd-journal 112M Oct 30 23:07 system@6e6d1adefe5848eda346d9f0ebb3c6f1-00000000006a1e8c-0005cf9242104120.journal
-rw-r-----+ 1 root systemd-journal 112M Oct 30 23:08 system@6e6d1adefe5848eda346d9f0ebb3c6f1-00000000006bdce0-0005cf9855bb7be4.journal
-rw-r-----+ 1 root systemd-journal 112M Oct 30 23:09 system@6e6d1adefe5848eda346d9f0ebb3c6f1-00000000006db5a3-0005cf985963fe3d.journal
-rw-r-----+ 1 root systemd-journal 112M Oct 30 23:45 system@6e6d1adefe5848eda346d9f0ebb3c6f1-00000000006f96b0-0005cf985c7f19a2.journal
-rw-r-----+ 1 root systemd-journal 80M Oct 31 02:01 system@6e6d1adefe5848eda346d9f0ebb3c6f1-0000000000714c81-0005cf98dd094172.journal
-rw-r-----+ 1 root systemd-journal 80M Oct 31 03:17 system@6e6d1adefe5848eda346d9f0ebb3c6f1-0000000000727e39-0005cf9ac3f40a06.journal
-rw-r-----+ 1 root systemd-journal 80M Oct 31 05:33 system@6e6d1adefe5848eda346d9f0ebb3c6f1-000000000073b158-0005cf9ca9269c69.journal
-rw-r-----+ 1 root systemd-journal 80M Oct 31 17:56 system@6e6d1adefe5848eda346d9f0ebb3c6f1-000000000074e2f2-0005cf9e9128f0bc.journal
-rw-r-----+ 1 root systemd-journal 80M Oct 31 20:13 system@6e6d1adefe5848eda346d9f0ebb3c6f1-00000000007615d1-0005cfa8f14e5b5a.journal
-rw-r-----+ 1 root systemd-journal 80M Oct 31 22:29 system@6e6d1adefe5848eda346d9f0ebb3c6f1-00000000007747ba-0005cfaadb2487b8.journal
-rw-r-----+ 1 root systemd-journal 80M Nov 1 00:46 system@6e6d1adefe5848eda346d9f0ebb3c6f1-00000000007879b4-0005cfacc317a796.journal
-rw-r-----+ 1 root systemd-journal 88M Nov 1 01:43 system@6e6d1adefe5848eda346d9f0ebb3c6f1-000000000079ab9a-0005cfaeac5c7860.journal
-rw-r-----+ 1 root systemd-journal 104M Nov 1 01:44 system@6e6d1adefe5848eda346d9f0ebb3c6f1-00000000007b3de1-0005cfaf7734b6e0.journal
-rw-r-----+ 1 root systemd-journal 112M Nov 1 01:45 system@6e6d1adefe5848eda346d9f0ebb3c6f1-00000000007d13c9-0005cfaf7b1f35f0.journal
-rw-r-----+ 1 root systemd-journal 112M Nov 1 01:46 system@6e6d1adefe5848eda346d9f0ebb3c6f1-00000000007ef6af-0005cfaf7e32e40f.journal
-rw-r-----+ 1 root systemd-journal 88M Nov 1 03:59 system@6e6d1adefe5848eda346d9f0ebb3c6f1-000000000080db71-0005cfaf813fa9b3.journal
-rw-r-----+ 1 root systemd-journal 80M Nov 1 06:15 system@6e6d1adefe5848eda346d9f0ebb3c6f1-000000000082118d-0005cfb15d97fdc5.journal
-rw-r-----+ 1 root systemd-journal 80M Nov 1 08:31 system@6e6d1adefe5848eda346d9f0ebb3c6f1-00000000008343e3-0005cfb343668f8a.journal
-rw-r-----+ 1 root systemd-journal 80M Nov 1 10:47 system@6e6d1adefe5848eda346d9f0ebb3c6f1-0000000000847324-0005cfb52abd7508.journal
-rw-r-----+ 1 root systemd-journal 80M Nov 1 13:00 system@6e6d1adefe5848eda346d9f0ebb3c6f1-000000000085a0cf-0005cfb710f0a9d7.journal
-rw-r-----+ 1 root systemd-journal 80M Nov 1 15:16 system@6e6d1adefe5848eda346d9f0ebb3c6f1-000000000086d560-0005cfb8ecbec432.journal
-rw-r-----+ 1 root systemd-journal 80M Nov 1 17:31 system@6e6d1adefe5848eda346d9f0ebb3c6f1-00000000008803f6-0005cfbad1689ada.journal
-rw-r-----+ 1 root systemd-journal 80M Nov 1 19:46 system@6e6d1adefe5848eda346d9f0ebb3c6f1-00000000008934ed-0005cfbcb44421f4.journal
-rw-r-----+ 1 root systemd-journal 80M Nov 1 22:02 system@6e6d1adefe5848eda346d9f0ebb3c6f1-00000000008a638a-0005cfbe9a12d9fa.journal
-rw-r-----+ 1 root systemd-journal 80M Nov 2 00:19 system@6e6d1adefe5848eda346d9f0ebb3c6f1-00000000008b958e-0005cfc07efde7ab.journal
-rw-r-----+ 1 root systemd-journal 80M Nov 2 02:35 system@6e6d1adefe5848eda346d9f0ebb3c6f1-00000000008cc750-0005cfc268789ac7.journal
-rw-r-----+ 1 root systemd-journal 80M Nov 2 04:51 system@6e6d1adefe5848eda346d9f0ebb3c6f1-00000000008df8b9-0005cfc4508b764d.journal
-rw-r-----+ 1 root systemd-journal 80M Nov 2 07:07 system@6e6d1adefe5848eda346d9f0ebb3c6f1-00000000008f268d-0005cfc6372af6de.journal
-rw-r-----+ 1 root systemd-journal 80M Nov 2 09:23 system@6e6d1adefe5848eda346d9f0ebb3c6f1-0000000000905474-0005cfc81d0a4d16.journal
-rw-r-----+ 1 root systemd-journal 80M Nov 2 11:36 system@6e6d1adefe5848eda346d9f0ebb3c6f1-0000000000918231-0005cfca02f08157.journal
-rw-r-----+ 1 root systemd-journal 80M Nov 2 13:50 system@6e6d1adefe5848eda346d9f0ebb3c6f1-000000000092b6c9-0005cfcbddfbfcaa.journal
-rw-r-----+ 1 root systemd-journal 80M Nov 2 16:06 system@6e6d1adefe5848eda346d9f0ebb3c6f1-000000000093e87a-0005cfcdbd75b59e.journal
-rw-r-----+ 1 root systemd-journal 80M Nov 2 18:22 system@6e6d1adefe5848eda346d9f0ebb3c6f1-0000000000951831-0005cfcfa2a221a0.journal
-rw-r-----+ 1 root systemd-journal 80M Nov 2 20:37 system@6e6d1adefe5848eda346d9f0ebb3c6f1-00000000009646ff-0005cfd18a02987b.journal
-rw-r-----+ 1 root systemd-journal 80M Nov 2 22:52 system@6e6d1adefe5848eda346d9f0ebb3c6f1-0000000000977e96-0005cfd36d3856a5.journal
-rw-r-----+ 1 root systemd-journal 72M Nov 3 00:35 system.journal
-rw-r-----+ 1 root systemd-journal 24M Oct 29 21:45 user-1000@e9fe74733a294831b0ff8e44725576c2-00000000005f1f78-0005cf813fa46684.journal
-rw-r-----+ 1 root systemd-journal 8.0M Oct 30 00:02 user-1000@e9fe74733a294831b0ff8e44725576c2-00000000006096bc-0005cf8316da6168.journal
-rw-r-----+ 1 root systemd-journal 8.0M Oct 30 02:18 user-1000@e9fe74733a294831b0ff8e44725576c2-000000000061e751-0005cf852da1b0ed.journal
-rw-r-----+ 1 root systemd-journal 8.0M Oct 30 04:33 user-1000@e9fe74733a294831b0ff8e44725576c2-000000000063004b-0005cf86e489996d.journal
-rw-r-----+ 1 root systemd-journal 8.0M Oct 30 06:49 user-1000@e9fe74733a294831b0ff8e44725576c2-0000000000644824-0005cf88e0e7a7ab.journal
-rw-r-----+ 1 root systemd-journal 8.0M Oct 30 09:05 user-1000@e9fe74733a294831b0ff8e44725576c2-000000000065805f-0005cf8ad7b017d2.journal
-rw-r-----+ 1 root systemd-journal 8.0M Oct 30 11:21 user-1000@e9fe74733a294831b0ff8e44725576c2-000000000066ae1f-0005cf8cba7c4b08.journal
-rw-r-----+ 1 root systemd-journal 8.0M Oct 30 13:37 user-1000@e9fe74733a294831b0ff8e44725576c2-000000000067d97f-0005cf8e9d488ae5.journal
-rw-r-----+ 1 root systemd-journal 8.0M Oct 30 15:52 user-1000@e9fe74733a294831b0ff8e44725576c2-000000000068f445-0005cf90636ffb50.journal
-rw-r-----+ 1 root systemd-journal 8.0M Oct 30 23:07 user-1000@e9fe74733a294831b0ff8e44725576c2-00000000006a32f8-0005cf9262e0e54d.journal
-rw-r-----+ 1 root systemd-journal 8.0M Oct 30 23:08 user-1000@e9fe74733a294831b0ff8e44725576c2-00000000006c1abe-0005cf9856353815.journal
-rw-r-----+ 1 root systemd-journal 8.0M Oct 30 23:09 user-1000@e9fe74733a294831b0ff8e44725576c2-00000000006dbfcc-0005cf985977f1d5.journal
-rw-r-----+ 1 root systemd-journal 8.0M Oct 30 23:45 user-1000@e9fe74733a294831b0ff8e44725576c2-00000000006ffc66-0005cf985d27d4a8.journal
-rw-r-----+ 1 root systemd-journal 8.0M Oct 31 02:01 user-1000@e9fe74733a294831b0ff8e44725576c2-000000000071516e-0005cf98e50e83ec.journal
-rw-r-----+ 1 root systemd-journal 8.0M Oct 31 03:17 user-1000@e9fe74733a294831b0ff8e44725576c2-0000000000728858-0005cf9ad43af061.journal
-rw-r-----+ 1 root systemd-journal 8.0M Oct 31 05:33 user-1000@e9fe74733a294831b0ff8e44725576c2-000000000073b911-0005cf9cb5ab1bc8.journal
-rw-r-----+ 1 root systemd-journal 8.0M Oct 31 17:56 user-1000@e9fe74733a294831b0ff8e44725576c2-00000000007509b0-0005cf9ecf24e832.journal
-rw-r-----+ 1 root systemd-journal 8.0M Oct 31 20:13 user-1000@e9fe74733a294831b0ff8e44725576c2-000000000076274d-0005cfa90d57ee62.journal
-rw-r-----+ 1 root systemd-journal 8.0M Oct 31 22:29 user-1000@e9fe74733a294831b0ff8e44725576c2-0000000000774ad1-0005cfaae026b0ec.journal
-rw-r-----+ 1 root systemd-journal 8.0M Nov 1 00:46 user-1000@e9fe74733a294831b0ff8e44725576c2-0000000000787b8a-0005cfacc5ddb1cd.journal
-rw-r-----+ 1 root systemd-journal 8.0M Nov 1 01:43 user-1000@e9fe74733a294831b0ff8e44725576c2-000000000079aeac-0005cfaeb16ebd15.journal
-rw-r-----+ 1 root systemd-journal 8.0M Nov 1 01:44 user-1000@e9fe74733a294831b0ff8e44725576c2-00000000007b92d8-0005cfaf77cccc56.journal
-rw-r-----+ 1 root systemd-journal 8.0M Nov 1 01:45 user-1000@e9fe74733a294831b0ff8e44725576c2-00000000007d3660-0005cfaf7b5c7cad.journal
-rw-r-----+ 1 root systemd-journal 8.0M Nov 1 01:46 user-1000@e9fe74733a294831b0ff8e44725576c2-0000000000801dcd-0005cfaf80114816.journal
-rw-r-----+ 1 root systemd-journal 8.0M Nov 1 03:59 user-1000@e9fe74733a294831b0ff8e44725576c2-000000000080f0ba-0005cfaf96f289b4.journal
-rw-r-----+ 1 root systemd-journal 8.0M Nov 1 06:15 user-1000@e9fe74733a294831b0ff8e44725576c2-00000000008272d1-0005cfb1f81220a4.journal
-rw-r-----+ 1 root systemd-journal 8.0M Nov 1 08:31 user-1000@e9fe74733a294831b0ff8e44725576c2-0000000000835a85-0005cfb367ce02dd.journal
-rw-r-----+ 1 root systemd-journal 8.0M Nov 1 10:47 user-1000@e9fe74733a294831b0ff8e44725576c2-0000000000855fc9-0005cfb6a8001db3.journal
-rw-r-----+ 1 root systemd-journal 8.0M Nov 1 13:00 user-1000@e9fe74733a294831b0ff8e44725576c2-000000000085bcfc-0005cfb73e59a8bc.journal
-rw-r-----+ 1 root systemd-journal 8.0M Nov 1 15:16 user-1000@e9fe74733a294831b0ff8e44725576c2-000000000086e466-0005cfb904a80369.journal
-rw-r-----+ 1 root systemd-journal 8.0M Nov 1 17:31 user-1000@e9fe74733a294831b0ff8e44725576c2-0000000000880a04-0005cfbadb03caa0.journal
-rw-r-----+ 1 root systemd-journal 8.0M Nov 1 19:46 user-1000@e9fe74733a294831b0ff8e44725576c2-0000000000894f48-0005cfbcdeba6ae8.journal
-rw-r-----+ 1 root systemd-journal 8.0M Nov 1 22:02 user-1000@e9fe74733a294831b0ff8e44725576c2-00000000008a7a66-0005cfbebec15196.journal
-rw-r-----+ 1 root systemd-journal 8.0M Nov 2 00:19 user-1000@e9fe74733a294831b0ff8e44725576c2-00000000008b9e33-0005cfc08cdd86c8.journal
-rw-r-----+ 1 root systemd-journal 8.0M Nov 2 02:35 user-1000@e9fe74733a294831b0ff8e44725576c2-00000000008d76d1-0005cfc381c8599d.journal
-rw-r-----+ 1 root systemd-journal 8.0M Nov 2 07:07 user-1000@e9fe74733a294831b0ff8e44725576c2-00000000008f3bd5-0005cfc6591c40be.journal
-rw-r-----+ 1 root systemd-journal 8.0M Nov 2 09:23 user-1000@e9fe74733a294831b0ff8e44725576c2-000000000090783d-0005cfc856c11916.journal
-rw-r-----+ 1 root systemd-journal 8.0M Nov 2 11:36 user-1000@e9fe74733a294831b0ff8e44725576c2-000000000091de4e-0005cfca97208942.journal
-rw-r-----+ 1 root systemd-journal 8.0M Nov 2 13:50 user-1000@e9fe74733a294831b0ff8e44725576c2-000000000092bbd9-0005cfcbe61d1fac.journal
-rw-r-----+ 1 root systemd-journal 8.0M Nov 2 16:06 user-1000@e9fe74733a294831b0ff8e44725576c2-00000000009405f1-0005cfcdeccd6d04.journal
-rw-r-----+ 1 root systemd-journal 8.0M Nov 2 18:22 user-1000@e9fe74733a294831b0ff8e44725576c2-00000000009519a2-0005cfcfa4ea4b35.journal
-rw-r-----+ 1 root systemd-journal 8.0M Nov 2 20:37 user-1000@e9fe74733a294831b0ff8e44725576c2-0000000000965883-0005cfd1a6308611.journal
-rw-r-----+ 1 root systemd-journal 8.0M Nov 2 22:52 user-1000@e9fe74733a294831b0ff8e44725576c2-0000000000977eac-0005cfd36d5ea031.journal
-rw-r-----+ 1 root systemd-journal 16M Nov 3 00:35 user-1000.journal
youāll notice that the system logs are huge and I have no idea what happened there since the only config I changed recently was something related to pulseaudio. I mean 400MB of logs in 4 minutes is seriously impressive. What the actual hell?
Tried the utility you mentioned, didnāt work. Just went ahead and reinstalled Mint and Win10 on one drive at a time
This doesnāt address your underlying problem, butā¦
I imagine you donāt need that. Itās an old rsyslog file which I suppose the systemd journals subsume. On Ubuntu itās been turned off in /etc/rsyslog.d/50-default.conf by being commented out for years now.
Youāve somehow invoked the wrath of SELinux.
Your copy/paste truncated the messages to 120 columns, so itās hard to tell what the problem is.
You can use audit2allow
to fix those errors: 10.3.8.Ā Allowing Access: audit2allow
Thatās sort of what I thought? The only thing I did with SEL recently was turning it off and on for this discussion above
Maybe the editing the config to disable it initially messed with it, although I restored it to what it was
Yeah I noticed that just before I went to bed so I didnāt fix it, well, hereās from the Terminal in Fullscreen, so itās not getting bigger then that
-- Logs begin at Sat 2021-10-30 09:16:54 CEST, end at Wed 2021-11-03 11:45:18 CET. --
Nov 03 11:45:18 localhost.localdomain NetworkManager[1236]: <info> [1635936318.3751] policy: set-hostname: current hostname was changed outside NetworkManager: 'localhost.localdomain'
Nov 03 11:45:18 localhost.localdomain NetworkManager[1236]: <info> [1635936318.3745] policy: set-hostname: current hostname was changed outside NetworkManager: 'localhost.localdomain'
Nov 03 11:45:17 localhost.localdomain rsyslogd[1113]: imjournal: rename() failed for new path: '/var/lib/rsyslog/imjournal.state': Permission denied [v8.2010.0 try https://www.rsyslog.com/e/0 ]
Nov 03 11:45:17 localhost.localdomain audit[1113]: AVC avc: denied { unlink } for pid=1113 comm="in:imjournal" name="imjournal.state" dev="dm-0" ino=1049159 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=fil>
Nov 03 11:45:17 localhost.localdomain audit[8946]: AVC avc: denied { unlink } for pid=8946 comm="sssd_nss" name="nss" dev="dm-0" ino=1048930 scontext=system_u:system_r:sssd_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=sock_file permissive=0
Nov 03 11:45:17 localhost.localdomain sssd_nss[8946]: Starting up
Nov 03 11:45:17 localhost.localdomain audit[8945]: AVC avc: denied { unlink } for pid=8945 comm="sssd_ssh" name="ssh" dev="dm-0" ino=1048888 scontext=system_u:system_r:sssd_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=sock_file permissive=0
Nov 03 11:45:17 localhost.localdomain sssd_ssh[8945]: Starting up
Nov 03 11:45:17 localhost.localdomain audit[8944]: AVC avc: denied { unlink } for pid=8944 comm="sssd_pam" name="pam" dev="dm-0" ino=1048901 scontext=system_u:system_r:sssd_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=sock_file permissive=0
Nov 03 11:45:17 localhost.localdomain audit[8943]: AVC avc: denied { unlink } for pid=8943 comm="sssd_sudo" name="sudo" dev="dm-0" ino=1048898 scontext=system_u:system_r:sssd_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=sock_file permissive>
Nov 03 11:45:15 localhost.localdomain rsyslogd[1113]: imjournal: rename() failed for new path: '/var/lib/rsyslog/imjournal.state': Permission denied [v8.2010.0 try https://www.rsyslog.com/e/0 ]
Nov 03 11:45:15 localhost.localdomain audit[1113]: AVC avc: denied { unlink } for pid=1113 comm="in:imjournal" name="imjournal.state" dev="dm-0" ino=1049159 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=fil>
Nov 03 11:45:15 localhost.localdomain rsyslogd[1113]: imjournal: rename() failed for new path: '/var/lib/rsyslog/imjournal.state': Permission denied [v8.2010.0 try https://www.rsyslog.com/e/0 ]
Nov 03 11:45:15 localhost.localdomain audit[1113]: AVC avc: denied { unlink } for pid=1113 comm="in:imjournal" name="imjournal.state" dev="dm-0" ino=1049159 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=fil>
Nov 03 11:45:15 localhost.localdomain rsyslogd[1113]: imjournal: rename() failed for new path: '/var/lib/rsyslog/imjournal.state': Permission denied [v8.2010.0 try https://www.rsyslog.com/e/0 ]
Nov 03 11:45:15 localhost.localdomain audit[1113]: AVC avc: denied { unlink } for pid=1113 comm="in:imjournal" name="imjournal.state" dev="dm-0" ino=1049159 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=fil>
Nov 03 11:45:15 localhost.localdomain audit[8942]: AVC avc: denied { unlink } for pid=8942 comm="sssd_nss" name="nss" dev="dm-0" ino=1048930 scontext=system_u:system_r:sssd_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=sock_file permissive=0
Nov 03 11:45:15 localhost.localdomain sssd_nss[8942]: Starting up
Nov 03 11:45:15 localhost.localdomain audit[8941]: AVC avc: denied { unlink } for pid=8941 comm="sssd_ssh" name="ssh" dev="dm-0" ino=1048888 scontext=system_u:system_r:sssd_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=sock_file permissive=0
Nov 03 11:45:15 localhost.localdomain sssd_ssh[8941]: Starting up
Nov 03 11:45:15 localhost.localdomain audit[8935]: AVC avc: denied { unlink } for pid=8935 comm="sssd_nss" name="nss" dev="dm-0" ino=1048930 scontext=system_u:system_r:sssd_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=sock_file permissive=0
Nov 03 11:45:15 localhost.localdomain audit[8937]: AVC avc: denied { unlink } for pid=8937 comm="sssd_ssh" name="ssh" dev="dm-0" ino=1048888 scontext=system_u:system_r:sssd_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=sock_file permissive=0
Nov 03 11:45:15 localhost.localdomain audit[8940]: AVC avc: denied { unlink } for pid=8940 comm="sssd_pam" name="pam" dev="dm-0" ino=1048901 scontext=system_u:system_r:sssd_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=sock_file permissive=0
Nov 03 11:45:15 localhost.localdomain audit[8939]: AVC avc: denied { unlink } for pid=8939 comm="sssd_sudo" name="sudo" dev="dm-0" ino=1048898 scontext=system_u:system_r:sssd_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=sock_file permissive>
Nov 03 11:45:15 localhost.localdomain audit[8936]: AVC avc: denied { unlink } for pid=8936 comm="sssd_pam" name="pam" dev="dm-0" ino=1048901 scontext=system_u:system_r:sssd_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=sock_file permissive=0
Nov 03 11:45:15 localhost.localdomain sssd_nss[8935]: Starting up
Nov 03 11:45:15 localhost.localdomain sssd_ssh[8937]: Starting up
Nov 03 11:45:15 localhost.localdomain audit[8938]: AVC avc: denied { unlink } for pid=8938 comm="sssd_sudo" name="sudo" dev="dm-0" ino=1048898 scontext=system_u:system_r:sssd_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=sock_file permissive>
Nov 03 11:45:15 localhost.localdomain audit[8934]: AVC avc: denied { read } for pid=8934 comm="sssd_be" name="initgroups" dev="dm-0" ino=1049281 scontext=system_u:system_r:sssd_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=0
Nov 03 11:45:15 localhost.localdomain audit[8934]: AVC avc: denied { read } for pid=8934 comm="sssd_be" name="initgroups" dev="dm-0" ino=1049281 scontext=system_u:system_r:sssd_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=0
Nov 03 11:45:15 localhost.localdomain audit[8934]: AVC avc: denied { read } for pid=8934 comm="sssd_be" name="passwd" dev="dm-0" ino=1049036 scontext=system_u:system_r:sssd_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=0
Nov 03 11:45:15 localhost.localdomain audit[8934]: AVC avc: denied { read } for pid=8934 comm="sssd_be" name="passwd" dev="dm-0" ino=1049036 scontext=system_u:system_r:sssd_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=0
Nov 03 11:45:15 localhost.localdomain sssd_be[8934]: Starting up
Nov 03 11:45:15 localhost.localdomain audit[8933]: AVC avc: denied { read } for pid=8933 comm="sssd" name="initgroups" dev="dm-0" ino=1049281 scontext=system_u:system_r:sssd_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=0
Nov 03 11:45:15 localhost.localdomain audit[8933]: AVC avc: denied { read } for pid=8933 comm="sssd" name="initgroups" dev="dm-0" ino=1049281 scontext=system_u:system_r:sssd_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=0
Nov 03 11:45:15 localhost.localdomain audit[8933]: AVC avc: denied { read } for pid=8933 comm="sssd" name="passwd" dev="dm-0" ino=1049036 scontext=system_u:system_r:sssd_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=0
Nov 03 11:45:15 localhost.localdomain audit[8933]: AVC avc: denied { read } for pid=8933 comm="sssd" name="passwd" dev="dm-0" ino=1049036 scontext=system_u:system_r:sssd_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=0
Nov 03 11:45:15 localhost.localdomain sssd[8933]: Starting up
Nov 03 11:45:15 localhost.localdomain audit[8933]: AVC avc: denied { write } for pid=8933 comm="sssd" name="nss" dev="dm-0" ino=1048930 scontext=system_u:system_r:sssd_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=sock_file permissive=0
Nov 03 11:45:15 localhost.localdomain audit[8933]: AVC avc: denied { read } for pid=8933 comm="sssd" name="passwd" dev="dm-0" ino=1049036 scontext=system_u:system_r:sssd_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=0
Nov 03 11:45:15 localhost.localdomain audit[8933]: AVC avc: denied { read } for pid=8933 comm="sssd" name="passwd" dev="dm-0" ino=1049036 scontext=system_u:system_r:sssd_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=0
Nov 03 11:45:15 localhost.localdomain rsyslogd[1113]: imjournal: rename() failed for new path: '/var/lib/rsyslog/imjournal.state': Permission denied [v8.2010.0 try https://www.rsyslog.com/e/0 ]
Nov 03 11:45:15 localhost.localdomain audit[1113]: AVC avc: denied { unlink } for pid=1113 comm="in:imjournal" name="imjournal.state" dev="dm-0" ino=1049159 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=fil>
Nov 03 11:45:15 localhost.localdomain systemd[1]: Starting System Security Services Daemon...
Nov 03 11:45:15 localhost.localdomain audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=sssd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
Nov 03 11:45:15 localhost.localdomain audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=sssd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
Nov 03 11:45:15 localhost.localdomain systemd[1]: Stopped System Security Services Daemon.
Nov 03 11:45:15 localhost.localdomain systemd[1]: sssd.service: Scheduled restart job, restart counter is at 162.
Nov 03 11:45:15 localhost.localdomain rsyslogd[1113]: imjournal: rename() failed for new path: '/var/lib/rsyslog/imjournal.state': Permission denied [v8.2010.0 try https://www.rsyslog.com/e/0 ]
Nov 03 11:45:15 localhost.localdomain audit[1113]: AVC avc: denied { unlink } for pid=1113 comm="in:imjournal" name="imjournal.state" dev="dm-0" ino=1049159 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=fil>
Nov 03 11:45:14 localhost.localdomain audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=sssd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=failed'
Nov 03 11:45:14 localhost.localdomain systemd[1]: Failed to start System Security Services Daemon.
Nov 03 11:45:14 localhost.localdomain systemd[1]: sssd.service: Failed with result 'exit-code'.
Nov 03 11:45:14 localhost.localdomain systemd[1]: sssd.service: Main process exited, code=exited, status=1/FAILURE
Nov 03 11:45:14 localhost.localdomain sssd_be[8911]: Shutting down (status = 0)
Nov 03 11:45:14 localhost.localdomain audit[8932]: AVC avc: denied { unlink } for pid=8932 comm="sssd_pam" name="pam" dev="dm-0" ino=1048901 scontext=system_u:system_r:sssd_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=sock_file permissive=0
Nov 03 11:45:14 localhost.localdomain sssd[8910]: Exiting the SSSD. Could not restart critical service [sudo].
Nov 03 11:45:14 localhost.localdomain audit[8931]: AVC avc: denied { unlink } for pid=8931 comm="sssd_sudo" name="sudo" dev="dm-0" ino=1048898 scontext=system_u:system_r:sssd_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=sock_file permissive>
Nov 03 11:45:14 localhost.localdomain NetworkManager[1236]: <info> [1635936314.7453] policy: set-hostname: current hostname was changed outside NetworkManager: 'localhost.localdomain'
Nov 03 11:45:14 localhost.localdomain NetworkManager[1236]: <info> [1635936314.7446] policy: set-hostname: current hostname was changed outside NetworkManager: 'localhost.localdomain'
Nov 03 11:45:11 localhost.localdomain rsyslogd[1113]: imjournal: rename() failed for new path: '/var/lib/rsyslog/imjournal.state': Permission denied [v8.2010.0 try https://www.rsyslog.com/e/0 ]
Nov 03 11:45:11 localhost.localdomain audit[1113]: AVC avc: denied { unlink } for pid=1113 comm="in:imjournal" name="imjournal.state" dev="dm-0" ino=1049159 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=fil>
Nov 03 11:45:10 localhost.localdomain audit[8923]: AVC avc: denied { unlink } for pid=8923 comm="sssd_ssh" name="ssh" dev="dm-0" ino=1048888 scontext=system_u:system_r:sssd_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=sock_file permissive=0
Nov 03 11:45:10 localhost.localdomain audit[8922]: AVC avc: denied { unlink } for pid=8922 comm="sssd_nss" name="nss" dev="dm-0" ino=1048930 scontext=system_u:system_r:sssd_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=sock_file permissive=0
Nov 03 11:45:10 localhost.localdomain sssd_ssh[8923]: Starting up
Nov 03 11:45:10 localhost.localdomain sssd_nss[8922]: Starting up
Nov 03 11:45:10 localhost.localdomain NetworkManager[1236]: <info> [1635936310.8753] policy: set-hostname: current hostname was changed outside NetworkManager: 'localhost.localdomain'
Nov 03 11:45:10 localhost.localdomain NetworkManager[1236]: <info> [1635936310.8747] policy: set-hostname: current hostname was changed outside NetworkManager: 'localhost.localdomain'
Nov 03 11:45:10 localhost.localdomain audit[8921]: AVC avc: denied { unlink } for pid=8921 comm="sssd_pam" name="pam" dev="dm-0" ino=1048901 scontext=system_u:system_r:sssd_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=sock_file permissive=0
Nov 03 11:45:10 localhost.localdomain audit[8920]: AVC avc: denied { unlink } for pid=8920 comm="sssd_sudo" name="sudo" dev="dm-0" ino=1048898 scontext=system_u:system_r:sssd_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=sock_file permissive>
Iāll check that, thanks
Hm but they still seem to be used in some capacity, seeing as the files are new
You can pipe systemd commands to cat
to prevent the truncation to your terminal width. eg.
journalctl -xe | cat
OK so I went through those docs, and as far as I can see, the cause is the same for all of the logs:
Was caused by:
Missing type enforcement (TE) allow rule.
You can use audit2allow to generate a loadable module to allow this access.
Going further I get this:
[tarulia@localhost]~% sudo audit2allow -a
#============= NetworkManager_t ==============
allow NetworkManager_t unlabeled_t:file unlink;
#============= accountsd_t ==============
allow accountsd_t unlabeled_t:file read;
allow accountsd_t unlabeled_t:sock_file write;
#============= alsa_t ==============
allow alsa_t unlabeled_t:file { read unlink };
#============= chkpwd_t ==============
allow chkpwd_t unlabeled_t:file read;
allow chkpwd_t unlabeled_t:sock_file write;
#============= cupsd_t ==============
allow cupsd_t unlabeled_t:file { read unlink };
allow cupsd_t unlabeled_t:sock_file write;
#============= policykit_auth_t ==============
allow policykit_auth_t unlabeled_t:file read;
allow policykit_auth_t unlabeled_t:sock_file write;
#============= policykit_t ==============
allow policykit_t unlabeled_t:file read;
allow policykit_t unlabeled_t:sock_file write;
#============= sssd_t ==============
allow sssd_t unlabeled_t:file read;
allow sssd_t unlabeled_t:sock_file { unlink write };
#============= syslogd_t ==============
allow syslogd_t unlabeled_t:file unlink;
#============= systemd_tmpfiles_t ==============
#!!!! This avc can be allowed using the boolean 'domain_can_mmap_files'
allow systemd_tmpfiles_t unlabeled_t:file map;
The doc suggests opening a bugreport with RedHat, but Iām not sure how useful that is seeing as F33 is pretty much EOL and Iām probably going to reinstall soon-ish anyway.
They also suggest posting the resulting rule to the mailing list for review, but I think Iām going to skip that too as this is hopefully just temporary
edit:
That seems to have done it, although I have no idea what it really did and that bothers me a bit. SEL from the outside looks just like a black hole of insanity and Iām not sure what those policies really doā¦ but anyway, all gonna be good if/when I reinstallā¦
I donāt know if this is really related to Linux, but still Iām gonna try here:
I deployed the linuxserver.io Nextcloud image because itās a bit less hassle than the vanilla one when it comes to setup.
But thereās something thatās bothering me: I canāt see in the Docker logs everything thatās going on in the container such as successful log in, access to linked files and all sorts of stuff.
Itās not the Nextcloud logs, those work just fine and log as usual.
Iāve had a couple issues with this image and the guys that mantain it are not really answering me anymore on Discord so youāre my hope to get to the bottom of this. Thanks!
There might be an option in the docker container, like -e log_level=7
or something like that, to increase the log verbosity. Does the container offer a manual? Or the container that this is derived from? Also keep in mind Iām not a Docker guru, Iāve only used like 2 or 3 docker images.
I donāt like throwing people under the bus, but the linuxserver io images are not documented at all. Iāve been on their Discord and they finally got back to me about the logs. Well made, but you gotta pressure them to get some infos.
Theyāre in a weird folder and are not exposed to Docker. Theyāre the access logs that are substituted with the s6 init logs they use to initialize the various parts of their image.
Iām always curious about such scenariosā¦ if they use s6 or other inits inside an OCI container, then why make it OCI and not LXCā¦ it bamboozles me.
IIRC you need to install gnome-tweaks. Normally the settings should have speed/acceleration but Iāve seen for some devices it wonāt (or it has more than one for the same device wth!?) Normally gnome-tweaks will have the needed bits but the fact you have to install that separately is insane. gnome is a kitchen sink DE and IMO should have all this stuff all the time presented to the user. Even with all the extras itās pales in āoverwhelmingā compared to KDE heh.
Iāve had this problem for quite a while now, I have a Lenovo x230t, setup with dual boot mint 20.1 and win 10. Problem is under linux my bluetooth mouse drops connection after about 10 min and then I need to disable reset the BT adapter to get it to reconnect. It works as it should under windows. I will be shocked if anyone can help me with this Iāve been looking for a solution for over a year now.
If the following helps then your USB BT adapter is going to sleep to save energy and not waking up properly:
sudo modprobe usbcore autosuspend=-1
- unplug and replug your USB BT adapter
(The effect of the command persists until you reboot your machine.)
If it helps, and you wish to make it permanent, you can add usbcore.autosuspend=-1
to the GRUB_CMDLINE_LINUX_DEFAULT
line in /etc/default/grub
.
Note that the above disables autosuspend on ALL USB ports/devices. If your BT adapter is the only thing connected, this may be fine. If you have other things connected, the added power draw may be undesirable on a laptop. (Keep in mind that things like built-in cameras ā if you have one ā are probably also USB devices.)
THE POINT of the above is merely to quickly and easily work out whether or not āUSB Power Managementā is the cause of the problem.
Hey guys,
what is best practise for NFS mount options on wsize
and rsize
and other tweaks nowadays? For my home network, no databases or so. What are you using?
itās not a USB BT adapter itās either on the MOBO or connected through mPCIe as part of the WiFi adapter and the Wifi never drops at the same time that the BT dose or at all for that matter. So there is really no way for me to plug/unplug my BT adapter. I just checked this is what my BT adapter looks like.
Thanks for the image.
That card (Foxconn 60Y3303) is implemented as a USB device:
https://www.thinkwiki.org/wiki/Bluetooth_Daughter_Card_(BDC-4)
So it is still subject to the same Power Management controls as devices you would physically plug into an external USB port.