Bug 175529
Summary: | selinux causes boot failure | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | David Woodhouse <dwmw2> |
Component: | selinux-policy | Assignee: | Daniel Walsh <dwalsh> |
Status: | CLOSED RAWHIDE | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | rawhide | CC: | notting, orion |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2005-12-22 22:38:10 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
David Woodhouse
2005-12-12 13:07:34 UTC
What init, and what policy? I *think* this is because policy is accidentally getting removed. 20051211 rawhide -- SysVinit-2.85-42 and selinux-policy-targeted-2.1.2-1 This is uranus.cambridge.redhat.com; talk to me on irc, or dhowells or pnasrat or one of many others, to find its root password. Same exit happens when booted with init=/bin/bash, btw. Hm, sounds almost kernel-related then. Do older kernels work? Not sure -- I haven't had selinux enabled on a rawhide machine for some time. I'll back down to a kernel before the gcc 4.1 switch and see what happens. Can you boot with enforcing=0? Is this a fresh install? If yes, the install was not builing the policy file successfully and init will blow up if there is no policy file on disk. There is a fix to init to output an error when the policy file does not exist. You can create a new policy file by executing semodule -b /usr/share/selinux/targeted/base.pp I'm seeing this with a fresh install of today's rawhide kernel-2.6.14-1.1777_FC5. Looks like no policy is installed: -bash-3.00# rpm -qa selinux\* -bash-3.00# rpm -qf /etc/selinux/config file /etc/selinux/config is not owned by any package This was a kickstart install. There was no selinux line in the original ks file, but the installed anaconda-ks.cfg does show "selinux --enforcing". Perhaps an anaconda issue? Installing selinux-policy-targeted and running fixfiles relabel has me up and running normally. does a /etc/selinux/targeted/policy/policy.20 file exist? Dan It does now. Date is after I installed selinux-policy-targeted. # ls -l /etc/selinux/targeted/policy/policy.20 -rw-r--r-- 1 root root 653973 Dec 22 12:09 /etc/selinux/targeted/policy/policy.20 So is the system still crashing. I am not seeing this here. I know the /home and /root directories are mislabeled. restorecon -R -v /home /root Should clear that up. Working to get anaconda fixed. System is fine now as indicated in comment #8. Although I am seeing lots of avc: denied messages. I'll deal with those separately. |