crouton: Creating hwaudio group with GID 18... Password: su: Authentication failure

I’m using ASUS Chromebook Flip with Google Chrome OS 53.0.2773.3.dev and while running following command:

chronos@localhost / $ sudo edit-chroot -all
name: kali-rolling
encrypted: no
Entering /mnt/stateful_partition/crouton/chroots/kali-rolling...
crouton: version 1-20160620130246~master:c39102d9
release: kali-rolling
architecture: armhf
xmethod: xorg
targets: xfce
host: version 8481.2.0 (Official Build) dev-channel veyron_minnie 
kernel: Linux localhost 3.14.0 #1 SMP PREEMPT Fri Jun 24 00:01:48 PDT 2016 armv7l GNU/Linux
freon: yes
Unmounting /mnt/stateful_partition/crouton/chroots/kali-rolling...
name: precise
encrypted: no
Entering /mnt/stateful_partition/crouton/chroots/precise...
Creating hwaudio group with GID 18...
Password: 
su: Authentication failurePassword: 
su: Authentication failure
chronos@localhost / $

I’m being asked for Password

Creating hwaudio group with GID 18...
Password: 
su: Authentication failure

Please advise.

About this issue

Original URL
State: closed
Created 8 years ago
Comments: 29

Commits related to this issue

enter-chroot: Unmount /sys/fs/selinux, remount fake directory Fixes #2655. We first unmount /sys/fs/selinux, which fixes a number of issues (but not all). Then, we create a fake, read-only, /sys/fs... — committed to drinkcat/chroagh by drinkcat 8 years ago

Most upvoted comments

For anyone with an ASUS Flip C100p who’s a total novice and just wants to get something up and running this is what worked for me:

Delete whatever you did that didn’t work

sudo edit-chroot -all

sudo edit-chroot -d (whatever the name of it is)

type the letter y (for ‘yes’) when it asks you to confirm the deletion

Then start fresh:

Download latest crouton here: https://goo.gl/fd3zc
Download the extension here: https://chrome.google.com/webstore/detail/crouton-integration/gcpneefbbnfalgjniomfjknbcgkbijom
sudo sh ~/Downloads/crouton -r trusty -t xfce,extension
Wait patiently with fingers crossed
Give it a username/password when prompted (you get to make these up, they aren’t related to your Google account)
Done!
To launch the GUI type in: sudo startxfce4
To end the chroot simply log out (I can’t seem to get the keyboard shortcut to cycle back and forth to work for me)

Thanks for everyone in the thread who helped out!

GeitHub on Aug 22, 2016

The issue is here:

https://github.com/dnschneid/crouton/blob/5d488fe8ffe603d730bc4f3b889df10a1ff228da/host-bin/enter-chroot#L531

Chrome dev on this device includes Android app support, which enables SELinux enforcing on the system. The linked code makes /sys/fs/selinux read only, which causes some sort of code path in su that falls back to password auth after failing to write to /sys/fs/selinux/access.

Tangentially related, I don’t think this sequence of commands does what’s intended:

mount --make-rshared /sys mount --rbind /sys “$CHROOT/sys” mount --make-rslave “$CHROOT/sys” mount -o remount,ro “$CHROOT/sys/fs/selinux”

On my device, the ro mount flag does propagate to /sys/fs/selinux outside the chroot, similar to what’s described at https://lists.linuxcontainers.org/pipermail/lxc-devel/2015-December/012978.html.

rickyz on Jul 16, 2016

Very frustrating till I found this thread. Thanks for all your help and patience explaining!

Magicode1 on Sep 14, 2016