Bug 692436
Summary: | Incorrect SELinux labelling of new /run directory prevents system boot | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Kamil Páral <kparal> | ||||||||
Component: | selinux-policy | Assignee: | Miroslav Grepl <mgrepl> | ||||||||
Status: | CLOSED ERRATA | QA Contact: | Fedora Extras Quality Assurance <extras-qa> | ||||||||
Severity: | urgent | Docs Contact: | |||||||||
Priority: | unspecified | ||||||||||
Version: | 15 | CC: | amcnabb, awilliam, bruce, cunio, dwalsh, jbastian, jjardon, madko, marbolangos, mgrepl, mnowak, mschmidt, rdieter, robatino, tflink, thomas.mey, vonbrand | ||||||||
Target Milestone: | --- | Keywords: | Reopened, Triaged | ||||||||
Target Release: | --- | ||||||||||
Hardware: | Unspecified | ||||||||||
OS: | Unspecified | ||||||||||
Whiteboard: | AcceptedBlocker | ||||||||||
Fixed In Version: | systemd-22-1.fc15, selinux-policy-3.9.16-10.fc15 | Doc Type: | Bug Fix | ||||||||
Doc Text: | Story Points: | --- | |||||||||
Clone Of: | Environment: | ||||||||||
Last Closed: | 2011-04-04 19:39:02 UTC | Type: | --- | ||||||||
Regression: | --- | Mount Type: | --- | ||||||||
Documentation: | --- | CRM: | |||||||||
Verified Versions: | Category: | --- | |||||||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||||
Cloudforms Team: | --- | Target Upstream Version: | |||||||||
Embargoed: | |||||||||||
Bug Depends On: | |||||||||||
Bug Blocks: | 657618 | ||||||||||
Attachments: |
|
Description
Kamil Páral
2011-03-31 11:11:14 UTC
Created attachment 489037 [details]
messages
Created attachment 489038 [details]
audit.log
Created attachment 489039 [details]
secure
*** Bug 692137 has been marked as a duplicate of this bug. *** *** Bug 692440 has been marked as a duplicate of this bug. *** *** Bug 692475 has been marked as a duplicate of this bug. *** Better summary. *** Bug 692600 has been marked as a duplicate of this bug. *** systemd-22-1.fc15, selinux-policy-3.9.16-9.fc15 has been submitted as an update for Fedora 15. https://admin.fedoraproject.org/updates/selinux-policy-3.9.16-9.fc15,systemd-22-1.fc15 I have updated to systemd-22-1.fc15 and selinux-policy-3.9.16-10.fc15, and the system still fails to boot. If these updates are working for others, then it may be important to mention that my system has selinux disabled. Discussed during the 2011-04-01 blocker review meeting. One of the release criteria this hits is: after firstboot is completed and on subsequent boots, a system installed according to any of the above criteria (or the appropriate Beta or Final criteria, when applying this criterion to those releases) must boot to a working graphical environment without unintended user intervention. Proposed fix has been pushed to updates, not clear if it fixes the problem. More testing of the proposed update is needed to verify that it does/does not work. Updated to selinux-policy-3.9.16-10.fc15.noarch, systemd-22-1.fc15.x86_64; after relabeling boot went fine. So it works for me. systemd-22-1.fc15, selinux-policy-3.9.16-10.fc15 has been pushed to the Fedora 15 stable repository. If problems still persist, please make note of it in this bug report. Why was this bug closed? I clearly stated that my system still fails to boot. Andrew is it failing to boot in enforcing=0? It still fails to boot if I set enforcing=0 (with the "Failed to load SELinux policy" from bug #692537), but it does boot if I specify selinux=0. (In reply to comment #10) > it may be important to mention that my system has selinux disabled. Very important. This bug affected SELinux-enabled systemds. Broken systems with SELinux disabled using /etc/config/selinux is bug 692573. So I am closing this again. Anyone is still seeing problems booting *with SELinux enabled*, please reopen or file a new bug. That is a different bug then this one, related to systemd, which you found the link to. We are working to fix the labeling of /run which is mostly fixed by this update. systemd-23-1 is supposed to be released tonight to fix the rest of the labeling. In the other bug, it was stated that this one was for the failure to boot, and the other was for the selinux-related error message. I will try to clarify the situation for all who are following the other bug. Both bugs could cause a failure to boot. (In reply to comment #21) > Both bugs could cause a failure to boot. Both indeed do. :) |