Bug 220124
Summary: | LSPP: Cannot log into the system after a kickstart install | ||||||
---|---|---|---|---|---|---|---|
Product: | Red Hat Enterprise Linux 5 | Reporter: | Kylene J Hall <kylene> | ||||
Component: | basesystem | Assignee: | Phil Knirsch <pknirsch> | ||||
Status: | CLOSED NOTABUG | QA Contact: | |||||
Severity: | high | Docs Contact: | |||||
Priority: | medium | ||||||
Version: | 5.0 | CC: | iboverma, kweidner, linda.knippers, rvokal, sgrubb | ||||
Target Milestone: | --- | ||||||
Target Release: | --- | ||||||
Hardware: | s390x | ||||||
OS: | Linux | ||||||
Whiteboard: | |||||||
Fixed In Version: | Doc Type: | Bug Fix | |||||
Doc Text: | Story Points: | --- | |||||
Clone Of: | Environment: | ||||||
Last Closed: | 2006-12-19 19:38:34 UTC | Type: | --- | ||||
Regression: | --- | Mount Type: | --- | ||||
Documentation: | --- | CRM: | |||||
Verified Versions: | Category: | --- | |||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
Cloudforms Team: | --- | Target Upstream Version: | |||||
Embargoed: | |||||||
Attachments: |
|
Description
Kylene J Hall
2006-12-19 00:21:21 UTC
Created attachment 143969 [details]
Kickstart used to create the issue.
FYI: I tried an install again with Klaus's latest release of the lspp rpm. This time I noticed that the kickstart attempts to make sure that the service irqbalance will be running in runlevel 3 however no such service exists. On other platforms this is a part of the irqbalance package which does not exist for this build of s390x I don't know if that is intentional or not, and if not intentional if it could be affecting this but thought I would add the information. Requested info from Klaus: this affects both console (x3270) and ssh login. I cannot post the contents of any avc messages or logs because I have no way to log into the machine at all. Sorry I forgot to mention, this also does not work with enforcing=0 You might need to start the machine in single user mode to get to the logs. We need to see the logs to figure out the problem. To start in single user, when the grub menu comes up, press "e" to edit, go to the kernel line and press "e" again, add a "S" to the end of the line, press "enter", then type "b" to boot. Unfortunately the s390/Series Z machines use the "zipl" boot loader which (last time I used it) did not support any mechanism at all to supply arguments at boot time :-( I've asked Kylie to edit /etc/selinux/config from a rescue Linux system, or in a shell escape during the postinstall phase of the installation, and to try removing polyinstantiation and the require_auditd"loginuid option in the /etc/pam.d/* entries. Since she's out today, I'll see if I can access the machine. I found the problem, the system had pam-0.99.6.2-3.5.el5 installed (from the latest RHEL5 snapshot), but the current kickstart script requires a newer PAM library that supports the "level" keyword in /etc/security/namespace.conf. (This is documented as a prerequisite for the ks script.) From /var/log/secure : Dec 19 13:03:36 rheal3a login: pam_namespace(login:session): Parsing config file /etc/security/namespace.conf Dec 19 13:03:36 rheal3a login: pam_namespace(login:session): Illegal method Dec 19 13:03:36 rheal3a login: pam_namespace(login:session): Error processing conf file line /tmp Dec 19 13:03:36 rheal3a login: Cannot make/remove an entry for the specified session Please close the bug, the login failure was due to the incompatible packages. Closing bug as requested. |