View Issue Details
|ID||Project||Category||View Status||Date Submitted||Last Update|
|0000212||AlmaLinux-8||systemd||public||2022-04-10 09:13||2022-04-11 13:52|
|Priority||low||Severity||minor||Reproducibility||have not tried|
|Summary||0000212: systemd permission denied due to assigned context|
|Description||Tried to create a service that executes a binary. The binary was downloaded to /tmp/mybinary/mybinary then moved to /usr/bin/mybinary and its permissions were changed to:|
-rwxr-xr-x. 1 mybinary_user mybinary_user 14049280 Apr 2 02:43 /usr/bin/mybinary
The I created a unit file to execute the "mybinary" by User=mybinary_user Group=mybinary_user
Systemctl was failing with permission denied
systemd: Starting MyBinary...
systemd: mybinary.service: Failed to execute command: Permission denied
systemd: mybinary.service: Failed at step EXEC spawning /usr/bin/mybinary.: Permission denied
systemd: mybinary.service: Control process exited, code=exited status=203
systemd: mybinary.service: Failed with result 'exit-code'.
systemd: Failed to start MyBinary.
But the mybinary_user and root were both able to run the binary.
After a lot of digging around I found out that my issue was similar to this one bug:
I checked my binary had this context output
# ls -Z /usr/bin/mybinary
so I "chcon" the type to from "user_tmp_t" to "bin_t" (same as most of the /usr/bin/* files)
Systemd then was able to run the binary.
I am new to linux so I am not sure if this is expected but I thought I should let you know.
|Tags||No tags attached.|