Ask Your Question
2

systemd-logind permission to /boot/efi

asked 2018-11-05 10:33:09 -0500

theonlyandy gravatar image

updated 2018-11-05 10:33:35 -0500

I upgraded to F29 some days ago. While trying to figure out issues and cleaning up, I notice a bunch of messages like this in the journal:

Nov 04 15:07:04 schoko systemd-logind[898]: Failed to open file system "/boot/efi": Permission denied

I cannot find anything on Google, so maybe here somebody can tell me if it's normal that logind tries to access /boot/efi?

If so, why is it doing that, and how can I provide it permissions?

Thanks very much.

edit retag flag offensive close merge delete

Comments

It is not normal, and I've never seen it. For me it doesn't make sense either.

villykruse gravatar imagevillykruse ( 2018-11-05 11:38:52 -0500 )edit

I have the same issue. systemd-logind: Failed to open file system "/boot/efi": Permission denied. I did a F29 clean install. My partitions are LVM and LUKS1. I have a separated boot and boot/efi partition.

Dave One gravatar imageDave One ( 2018-11-05 12:29:59 -0500 )edit
1

Found in the sources for systemd:

systemd-logind is accessing /boot/efi in order to find the boot configuration for systemd-boot. The purpose is to find the kernel boot options and check if sleep or hibernations is enabled. For most fedora systems it won't find anything, so eventually it will fall back to read /proc/cmdline.

villykruse gravatar imagevillykruse ( 2018-11-05 16:05:03 -0500 )edit

Thanks @villykruse for that part of the answer. I would have liked to add it to the answer by @cinetbox, but I don't have sufficient rights.

theonlyandy gravatar imagetheonlyandy ( 2018-11-05 16:16:02 -0500 )edit

Can you check following:

  • Do you gen any SELinux errors? Run audit2allow -b.

  • Does systemd-logind run as root? Run ps u $(pidof systemd-logind).

  • What desktop environment do you have? Gnone, kde, xfce, or something else?

villykruse gravatar imagevillykruse ( 2018-11-05 16:46:23 -0500 )edit

1 Answer

Sort by ยป oldest newest most voted
2

answered 2018-11-05 12:29:18 -0500

clnetbox gravatar image

updated 2018-11-07 02:11:35 -0500

This is a bug and the fixed SELinux package is already in testing.
https://apps.fedoraproject.org/packages/selinux-policy
https://bugzilla.redhat.com/show_bug.cgi?id=1645631
It will soon be available in the stable repo, nothing to worry about.

Explanation from @villykruse as requested to be added to this answer by @theonlyandy ... quote :
systemd-logind is accessing /boot/efi in order to find the boot configuration for systemd-boot.
The purpose is to find the kernel boot options and check if sleep or hibernations is enabled.
For most fedora systems it won't find anything, so eventually it will fall back to read /proc/cmdline.

Update 2018-11-07 : selinux-policy 3.14.2-41.fc29 has been pushed to stable - problem is resolved.

edit flag offensive delete link more

Comments

Thanks a bunch for the info. Since you seem to have some insights, could you also provide an answer to why it's trying to access /boot/efi? The bug you mentioned is talking /dev/sda and sdb1. Thx

theonlyandy gravatar imagetheonlyandy ( 2018-11-05 12:57:45 -0500 )edit

@theonlyandy : You're welcome ! :) I've updated the answer with the requested information being provided by @villykruse in his comment under your question - and regarding sdb1 : that is the efi partition on this individual system setup.

clnetbox gravatar imageclnetbox ( 2018-11-06 02:21:34 -0500 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower

Stats

Asked: 2018-11-05 10:33:09 -0500

Seen: 132 times

Last updated: Nov 07 '18