Noticed when trying a yum update got an odd error:
The '/etc/shadow.rpmnew' error seems to be the issue, and so I started there.Running transaction
Updating : setup-2.8.71-10.el7.noarch 1/2
Error unpacking rpm package setup-2.8.71-10.el7.noarch
error: unpacking of archive failed on file /etc/shadow.rpmnew: cpio: rename
Verifying : setup-2.8.71-10.el7.noarch 1/2
setup-2.8.71-9.el7.noarch was supposed to be removed but is not!
Verifying : setup-2.8.71-9.el7.noarch 2/2
This file normally does not (yet) exist
So I first as root tried to see if the file system would allow me to create it at all.
Something was blocking me from creating any filename beginning with /etc/shadow# echo > shadow.rpmnew
-bash: shadow.rpmnew: Permission denied
I tried a few of the obvious things, but nothing worked so far.
There is plenty of disk space and the / disk is a simple xfs mounted with no special options. (ie nothing like 'noroot' )
selinix is disabled.
lsattr /etc/shadow returns "---------------- /etc/shadow"
I disabled the anti-virus McAfee.
Any attempt to do any sort of editing (chmod, vi or over writing) of /etc/shadow fails with permission denied. (even the over-ride read-only option in 'vi' fails)
One thing that DID work was changing a test users password with the passwd command, that did update the shadow file.
Seeing the passwd cmd working I tested if the suid bit was an issue and put together a quicky c program with root suid and that also got permission denied.
I know selinux is disabled, but it really feels like something very selinix like is disabling access to /etc/shadow(*) and this is keeping yum from completing.
Any ideas?