dbus-broker.service `Failed to set up mount namespacing: /run/systemd/unit-root/dev: Read-only file system`

[HuijingHei]

I build coreos based on centos stream9 locally. When run live image, dbus-broker.service start failed as Failed to set up mount namespacing: /run/systemd/unit-root/dev: Read-only file systm, is there any workaround/comment for this? And when run installed OS, no such issue. Thanks!

$ rpm -q selinux-policy dbus-broker
selinux-policy-34.1.37-1.el9.noarch
dbus-broker-28-5.el9.x86_64

[root@localhost ~]# systemctl status dbus-broker.service | cat
× dbus-broker.service - D-Bus System Message Bus
     Loaded: loaded (/usr/lib/systemd/system/dbus-broker.service; enabled; vendor preset: enabled)
     Active: failed (Result: exit-code) since Wed 2022-07-27 12:25:08 UTC; 1min 4s ago
   Duration: 22.776s
TriggeredBy: × dbus.socket
       Docs: man:dbus-broker-launch(1)
    Process: 1083 ExecStart=/usr/bin/dbus-broker-launch --scope system --audit (code=exited, status=226/NAMESPACE)
   Main PID: 1083 (code=exited, status=226/NAMESPACE)
        CPU: 0

Jul 27 12:25:08 localhost.localdomain systemd[1]: Starting D-Bus System Message Bus...
Jul 27 12:25:08 localhost.localdomain systemd[1083]: dbus-broker.service: Failed to set up mount namespacing: /run/systemd/unit-root/dev: Read-only file systm
Jul 27 12:25:08 localhost.localdomain systemd[1083]: dbus-broker.service: Failed at step NAMESPACE spawning /usr/bin/dbus-broker-launch: Read-only file system
Jul 27 12:25:08 localhost.localdomain systemd[1]: dbus-broker.service: Main process exited, code=exited, status=226/NAMESPACE
Jul 27 12:25:08 localhost.localdomain systemd[1]: dbus-broker.service: Failed with result 'exit-code'.
Jul 27 12:25:08 localhost.localdomain systemd[1]: Failed to start D-Bus System Message Bus.
Jul 27 12:25:08 localhost.localdomain systemd[1]: dbus-broker.service: Start request repeated too quickly.
Jul 27 12:25:08 localhost.localdomain systemd[1]: dbus-broker.service: Failed with result 'exit-code'.
Jul 27 12:25:08 localhost.localdomain systemd[1]: Failed to start D-Bus System Message Bus.

[dvdhrm]

Jul 27 12:25:08 localhost.localdomain systemd[1083]: dbus-broker.service: Failed to set up mount namespacing: /run/systemd/unit-root/dev: Read-only file systm
Jul 27 12:25:08 localhost.localdomain systemd[1083]: dbus-broker.service: Failed at step NAMESPACE spawning /usr/bin/dbus-broker-launch: Read-only file system

This is a bit confusing, but these messages are generated by systemd, not by dbus-broker. That's why it says systemd[1083]: at the start of the line. I recommend taking this up to the systemd issue-tracker to get help.

I think this is about systemd being unable to prepare the dbus-broker unit before spawning the service. I wonder, though, why anything below /run is a read-only file-system. This sounds like some misconfiguration, or maybe systemd setting up mount-trees in /run, but someone tripping over.

If there is any input needed from dbus-broker developers, let me know! But I don't think this is in any way related to the dbus-broker code-base, sorry.

[HuijingHei]

Thanks @dvdhrm for your reply! I am also confused and will post this to systemd

[HuijingHei]

Test with rhel9 and upgrade to systemd-250.8-1.fc36.x86_64, can not reproduce the issue

[HuijingHei]

https://bugzilla.redhat.com/show_bug.cgi?id=2111863 track the issue

[dvdhrm]

Thanks for filing the report. This might really be an issue fixed in upstream systemd, but never backported.

[HuijingHei]

Close this as this is systemd issue