Description of problem:
When upgrading to RHEL 6.6, dracut failed to create an initrd, and manual attempts to create an initrd failed with "Failed to install /usr/lib64/libfreebl3.chk". After following the bugzilla workaround to create a dummy file, the resulting initrd panics on boot as follows:
Kernel Panic - not syncing: VFS: Unable to mount root fs on unknown-block(0,0)
Pid: 1, comm: swapper Not tainted 2.6.32-504.3.3.el6.x86_64 #1
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. Update FIPS-enabled system to RHEL 6.6
2. Create initrd manually with dracut after update fails to have done so
3. Attempt to boot with FIPS enabled
Successful upgrade and reboot
(In reply to Allan Voss from comment #0)
> Description of problem:
> When upgrading to RHEL 6.6, dracut failed to create an initrd, and manual
> attempts to create an initrd failed with "Failed to install
> /usr/lib64/libfreebl3.chk". After following the bugzilla workaround to
> create a dummy file, the resulting initrd panics on boot as follows:
> Kernel Panic - not syncing: VFS: Unable to mount root fs on
> Pid: 1, comm: swapper Not tainted 2.6.32-504.3.3.el6.x86_64 #1
> Call Trace:
This kernel message says, that no initramfs was loaded by the kernel. Are you sure, you created the initramfs image correctly? Is your bootloader config correct?
Please provide the output of:
# dracut --debug test.img
This bug should be resolved in RHEL 6.6.z within bug #1182725 and will be resolved in RHEL 6.7 within bug #1182297. Am I getting it right Harald? Thanks!
Reproduced on RHEL-6.6 with nss-softokn-3.14.3-19.el6_6 and nss-softokn-freebl-3.14.3-19.el6_6 updated from RHN.
Verified that dracut from RHEL-6.7-20150506.0 requires nss-softokn-freebl >= 3.14.3-22.el6_6. nss-softokn-freebl-3.14.3-22.el6_6 is available in compose and on RHN already. After nss-softokn-freebl update, dracut was able to successfully buil initramfs and boot in fips mode.
Moving to VERIFIED.
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory, and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.