I indeed used YaST
And everybody with an older installation has group āusersā and that was and still is not a problem anyway as long as the home directory is created accordingly:
bruno@LT-B:~> id
uid=1000(bruno) gid=100(users) groups=100(users),458(vboxusers),475(systemd-journal),494(wheel),1000(pipewire)
bruno@LT-B:~>
sooo, what could be the problem?
Who does the cd to my home directory that fails when I log in to a virtual console or gui session?
And who does it during login with su (where it works)?
Remember, a cd to this directory is no problem once Iām logged in. So it is not classic ownership or attributes.
Some security mechanism? I smell selinuxā¦
With selinux=0 in the kernel commandline I can login on console and gui.
I am not familiar with selinux - any hints to enable selinux again but allow this cd are welcome
This seems to be a related line in /var/log/audit/audit.log when a login failed
type=AVC msg=audit(1768774475.870:459): avc: denied { search } for pid=9705 comm="login" name="/" dev="sda3" ino=128 scontext=system_u:system_r:local_login_t:s0-s0:c0.c1023 tcontext=system_u:object_r:unlabeled_t:s0 tclass=dir permissive=0
ok, this did the trick:
sudo -i
touch /.autorelabel
reboot
Thanks!
This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.