PolicyKit not working on krillin
Bug #1365886 reported by
Robert Ancell
This bug report is a duplicate of:
Bug #1365095: Greeter not asking for pin code in image 11 (krillin).
Edit
Remove
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
lightdm (Ubuntu) |
New
|
Undecided
|
Unassigned | ||
policykit (Ubuntu) |
New
|
Undecided
|
Unassigned | ||
systemd (Ubuntu) |
New
|
Undecided
|
Unassigned | ||
ubuntu-system-settings (Ubuntu) |
New
|
Undecided
|
Unassigned |
Bug Description
(based on what mterry said - please replace with more accurate information).
PolicyKit is failing to work (?) on krillin. This seems to have been triggered by the update to lightdm 1.11.8. It does not occur in 1.11.7. It seems to happen on every boot. It does not occur on other systems like mako or the desktop.
The cause of PolicyKit failing appears to be the session is lacking the correct cgroups for this. These cgroups are set by logind/systemd.
To post a comment you must log in.
From #ubuntu-devel
[23:23] <mterry> robert_ancell, poke -- I think lightdm 1.11.8 is causing problems on krillin devices paste.ubuntu. com/8254607/ phablet: /# cat /proc/`pidof unity8`/cgroup /user.slice/ user-32011. slice/session- c1.scope /user.slice/ user-32011. slice/session- c1.scope user.slice/ user-32011. slice/session- c1.scope paste.ubuntu. com/8254652/ phablet: /# cat /proc/`pidof unity8`/cgroup systemd: /user.slice/ user-32011. slice/session- c1.scope /user.slice/ user-32011. slice/session- c1.scope /user.slice/ user-32011. slice/session- c1.scope user.slice/ user-32011. slice/session- c1.scope
[23:23] <robert_ancell> mterry, oh, rsalveti said it was working
[23:23] <rsalveti> which problems?
[23:24] <mterry> robert_ancell, rsalveti: I'm seeing that cgroups aren't being set for the user session correctly, so a lot of policykit requests are failing
[23:24] <robert_ancell> mterry, you have a lightdm.log?
[23:24] <mterry> robert_ancell, uh hold on just flashed
[23:24] <robert_ancell> 1.11.7 would have those problems
[23:25] <rsalveti> right, the issue I had got fixed with 1.11.8
[23:26] <robert_ancell> So, anyone want to send me a krillin? :)
[23:26] <mterry> Interesting. I'm not seeing the problem with 1.11.7
[23:27] <robert_ancell> mterry, it was a crash triggered by a race, so you might not have seen it
[23:28] <mterry> robert_ancell, well the failure is reliable with 1.11.8 (only on krillin)
[23:28] <robert_ancell> So I suppose your issue is different, though they both sounds related to logind
[23:37] <siretart> cjwatson: now, they were all straight rebuilds
[23:38] <siretart> cjwatson: btw, libav now migrated to debian/testing
[23:51] <robert_ancell> mterry, are you getting a log?
[23:51] <mterry> robert_ancell, yeah sorry had problems
[23:51] <robert_ancell> np
[23:51] <robert_ancell> just checking :)
[00:02] <mterry> robert_ancell, http://
[00:02] <mterry> worth the wait!
[00:03] <robert_ancell> mterry, hmm, so that log looks good. There's definitely a logind session open and we activated it
[00:04] <robert_ancell> mterry, have you tried running loginctl and checking everything looks happy there?
[00:04] <mterry> robert_ancell, it does yes
[00:04] <mterry> robert_ancell, it's a cgroup thing as far as I can tell
[00:04] <mterry> root@ubuntu-
[00:04] <mterry> 4:name=systemd:/
[00:04] <mterry> 3:freezer:
[00:04] <mterry> 2:cpuacct:
[00:04] <mterry> 1:cpu:/
[00:05] <robert_ancell> mterry, right, but the cgroups are all set by pam_systemd aren't they?
[00:05] <robert_ancell> mterry, have you confirmed 1.11.7 works fine?
[00:05] <mterry> robert_ancell, it does for me yes
[00:06] <mterry> let me try downgrading on this same image to double confirm
[00:09] <robert_ancell> mterry, can you get a lightdm.log from 1.11.7 so we can diff
[00:09] <mterry> robert_ancell, yup, downgrading works fine
[00:10] <robert_ancell> there's just nothing significant in the diff in how we interact with PAM... very odd...
[00:10] <mterry> robert_ancell, http://
[00:10] <mterry> and more relevantly:
[00:10] <mterry> root@ubuntu-
[00:10] <mterry> 4:name=
[00:10] <mterry> 3:freezer:
[00:10] <mterry> 2:cpuacct:
[00:10] <mterry> 1:cpu:/
[00:11] <robert_ancell> mterry, that's on a good run?
[00:1...