Bug 120048 - Recent SELinux package upgrade creates Kernel Panic
Recent SELinux package upgrade creates Kernel Panic
Status: CLOSED DUPLICATE of bug 119981
Product: Fedora
Classification: Fedora
Component: policycoreutils (Show other bugs)
2
i386 Linux
medium Severity high
: ---
: ---
Assigned To: Daniel Walsh
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2004-04-05 11:09 EDT by Brandon Petersen
Modified: 2007-11-30 17:10 EST (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2006-02-21 14:02:25 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)

  None (edit)
Description Brandon Petersen 2004-04-05 11:09:13 EDT
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.6)
Gecko/20040225 Firefox/0.8

Description of problem:
A very recent yum upgrade of SELinux for Fedora Core2 Test2, possibly
policycoreutils, is causing a Kernel Panic during bootup.  I ran 'yum
upgrade' on the morning of April 5, 2004.  It updated the kernel,
SELinux packages and more.

After I attempted to boot, it says:

Enforcing mode requested but no policy loaded. Halted now.
Kernel Panic: Attempted to kill init!



Version-Release number of selected component (if applicable):
policycoreutils

How reproducible:
Always

Steps to Reproduce:
1.  Run 'yum upgrade' on Fedora Core 2 Test 2
2.  Reboot the machine
    

Actual Results:  During the boot process I get:

Enforcing mode requested but no policy loaded. Halted now.
Kernel Panic: Attempted to kill init!

The computer will go no farther and will not completely boot.

Expected Results:  Ability to boot the computer.

Additional info:

I wish I wrote down all the upgrades that occurred, but it was the
updates available on the morning of April 5, 2004.

I am running a Dell Dimension 2100.  It has 196mb of ram, an Intel
Celeron 800mhz.  It uses the Intel 810 video card.
Comment 1 Konstantin Ryabitsev 2004-04-05 12:25:33 EDT
Seeing this, too, identical report.

Also, to resolve the situation I set selinux=permissive in
/etc/sysconfig/selinux, and now I get:

idicon@hagrid:[~]$ id -Z
Sorry, --context (-Z) can be used only on a selinux-enabled kernel.

Which doesn't seem to be an expected behavior.
Comment 2 Daniel Walsh 2004-04-05 14:23:27 EDT
Do you have a selinux=0 in the grub.conf?

This indicates you are booting a kernel with SELinux support turned off.
Of you do not have a policy file installed.

Dan
Comment 3 Konstantin Ryabitsev 2004-04-05 14:25:14 EDT
I noticed that /etc/security/selinux/policy.16 file was apparently
named /etc/security/selinux/policy. (trailing dot, no 16). After
moving it to .16, it worked.
Comment 4 Brandon Petersen 2004-04-05 14:32:46 EDT
Thanks for the info about the policy file, the machine now nearly loads.  

When I boot normally, I now get an unending stream of the following
error message:

audit(1081178872.934:0): avc: denied { write } for pid=1063
exe=/sbin/klogd_name=log dev=hda2 ino=762650
scontext=system_u:system_r:klodg_t tcontext=system_u:object_r:file_t
tclass=sock_file

Brandon Petersen
Comment 5 Miloš Komarčević 2004-04-05 14:37:02 EDT
Me thinks this is a dupe of bug 119981

Boot with enforcing=0, relabel, then reboot normally.
Comment 6 Brandon Petersen 2004-04-05 14:48:11 EDT

*** This bug has been marked as a duplicate of 119981 ***
Comment 7 Red Hat Bugzilla 2006-02-21 14:02:25 EST
Changed to 'CLOSED' state since 'RESOLVED' has been deprecated.

Note You need to log in before you can comment on or make changes to this bug.